Operational Risk Management Certification

Operational Risk Defined

• Operational risk is the risk of loss that may originate from employee error, neglect or carelessness. For example, a sales and billing associate ignores management's instructions and does not require a customer to pay for goods before shipping them. The company may suffer operational losses if the customer fails to pay after six months or files for bankruptcy. Operational risk also may cause losses due to technological malfunction. If a corporation's computer systems or software are dysfunctional, the firm may be unable to operate until the glitch is fixed.

Education

• Operational risk management certification programs may vary, depending on the industry and the sponsoring organization. However, most programs require candidates to hold a four-year college degree in accounting, risk management, auditing or finance. A candidate with a liberal arts background may qualify if she has practical experience in a field related to risk management such as financial accounting or auditing.

Experience

• A candidate seeking certification in operational risk management needs a minimum of two years of relevant experience. This experience may be directly in operational risk or in a related field. A certification program such as the certified internal auditor (CIA) program or the certified public accountant (CPA) requires an applicant to work under the guidance of a senior operational risk manager to meet experience requirements.

Examination

• A risk management certification tests a candidate's knowledge in a variety of topics. The examination may cover risk management tools and operational audit standards. To illustrate, an exam may test an applicant's ability to apply generally accepted auditing standards (GAAS) to ensure that "controls" are adequate and functional. A "control" is a set of instructions that a company's senior management put into place to prevent losses due to operational risks. Alternatively, an examination topic may cover risk management tools such as risk and control self-assessment (RCSA) documents.

Types of Certificates

• Types of operational risk management certificates may vary, depending on the industry, professional field and business requirements. An applicant may demonstrate expertise in risk management tools by receiving the certified internal auditor (CIA) or the certified public accountant (CPA) designation. The Institute of Internal Auditors (IIA) manages the CIA license, where as state accounting boards issue CPA certificates. A candidate also may become familiar with risk control techniques and receive the certified management accountant (CMA) license, which is administered by the Institute of Management Accountants (IMA).