OM Operational Risk Management [Versions from October 2007 to 31 December 2019]
- OM-A Introduction
- OM-B General Guidance and Best Practice
- OM-1 International Guidance and Best Practice
- OM-2 General Requirements
-
OM-3 Outsourcing
- OM-3.1 Introduction
- OM-3.2 Supervisory Approach
- OM-3.3 Prior Approval Requests
- OM-3.4 Risk Assessment
- OM-3.5 Outsourcing Agreement
- OM-3.6 Contingency Planning for Outsourcing Arrangements
- OM-3.7 Internal Audit Outsourcing
- OM-3.8 Intragroup Outsourcing
- OM-3.9 Outsourcing of Functions Containing Customer Information
- OM-4 Electronic Money and Electronic Banking Activities
-
OM-5 Business Continuity Planning
- OM-5.1 Introduction
- OM-5.2 General Requirements
- OM-5.3 Board and Senior Management Responsibilities
- OM-5.4 Developing a Business Continuity Plan
- OM-5.5 BCP – Recovery Levels&Objectives
- List of Contacts and Responsibilities
- OM-5.6 Detailed Procedures for the BCP
- OM-5.7 Vital Records Management
- OM-5.8 Other Policies Standards, and Processes
- OM-5.9 Maintenance, Testing and Review
- OM-5.10 Cyber Security Risk Management
-
OM-6 Security Measures for Banks
- OM-6.1 Physical Security Measures for Retail Banks
- OM-6.2 Internet Security for all Banks
- OM-6.3 ATM Security Measures: Hardware/Software for Retail Banks
- OM-6.4 ATM Security Measures: Physical Security for Retail Banks
- OM-6.5 ATM Security Measures: Additional Measures for Retail Banks
- OM-6.6 Cyber Security Measures
- OM-7 Books and Records
- OM-8 Qualitative Aspects
- Appendix OM-1