Operational risk is inherent to all processes: product development, daily facilities maintenance, systems upkeep and upgrades, etc. Given all businesses have daily operations, all organizations are vulnerable to operational risk as well. By extension, every organization should also have a sound operational risk management software program. However individual organizations choose to understand operational risk, whether that be synonymous to enterprise risk or as focused mostly on processes, people and systems risks, it is always a very broad category.
On the other hand, operational risk is more specific for financial institutions such as banks and bank holding companies (BHCs – corporations that control one or more banks) who experience heightened operational risk through financial risks and tools such as financial models. Financial institutions must manage an additional subset of operational risk that organizations in other industries don’t: model risk. This results from the possibility that financial models (which simulate and test for a variety of financial situations and market conditions) stop functioning correctly. However, organizations across all industries can benefit from leveraging operational risk frameworks.