Why I Pursued the Operational Risk Management (ORM) Certification—And How It Helped Me Grow

Last year I learned about the Operational Risk Management (ORM) certification offered by Professional Risk Managers’ International Association (PRMIA). This seemed like a great way to complement my strategy and program management skills with deeper knowledge of the subject matter. It was not exactly ideal timing for me as I was in the middle of a renovation from hell, planning a destination wedding, along with the standard workload from the regular day job. As the saying goes, “when it rains, it pours.”

While I had my doubts and was still recovering from mild PTSD from the PMP certification a few years ago, lo and behold by July 2023 I was an ORM certificate holder. I am glad that this was something I could prioritize as it has proven beneficial in my professional development. Below is more information on the certification and how it helped me.

Let me begin with a little introduction and why I signed up…

With a background in Management Consulting, I worked with a variety of financial institutions and projects (fun fact: my first client was BNY!). These included horizontal strategic programs such as developing target operating models, mobilizing 15+ workstreams of transformation across multiple lines of businesses, location strategy, activity-based costing through standardized business process taxonomies, etc. They also included more vertical areas of focus such as re-engineering and revamping specific capabilities i.e. Helpdesk, Client Onboarding, and Vendor Management, managing large systems migrations, and resolution and recovery planning based on a Service Company model to name a few. I also worked for start-up firms to help them operationalize their capabilities efficiently and effectively. So, as you can tell, my experience is vast and varied, making me a bit of a “jack of all trades.”

In December 2020, I joined BNY working in the 2nd Line of Defense. While my core competencies were sufficient to work within my existing role, I knew I had to develop a better understanding of the Operational Risk discipline to continue adding value.

Now, having taken on an expanded role to help streamline and improve our Operational Risk framework and processes, this coursework has proven invaluable. It helped me understand the theory of risk management and the expected results from a successful risk management process. It has also enhanced my understanding of the key elements of Operational Risk and how they interconnect and has given further credence to the role of 2nd Line as a challenge function within the larger context of corporate governance.

What the ORM Certification Taught Me

The ORM certification turned out to be a game-changer, not only for my role at BNY but for my overall professional development. Here are a few of the key takeaways that helped elevate my contributions:

• Operational Risk is still relatively young in comparison to Credit and Market Risk, but it’s quickly gaining significance, particularly in industries bound by Basel II capital regulations. Learning how this field has evolved gave me a new perspective on its importance and applications.
• Everyone is a risk manager. Whether you’re in the 1st or 2nd line of defense, operational risks—stemming from failed processes, systems, or external events—touch every part of an organization. This certification helped me recognize how pervasive these risks are and how they impact daily operations.
• Quantifying operational risk is a challenge. One of the most eye-opening lessons was the difficulty in establishing baselines for operational risk. Unlike Credit or Market Risk, there’s no easy way to measure the losses avoided by proper operational controls. As such, finding both qualitative and quantitative ways to express the value of risk management became a new focus for me.
• Risk management isn’t just theory; it’s corporate governance. This certification solidified my understanding of how 2nd Line functions act as a critical challenge within the larger framework of corporate governance. I gained more tools to push for better accountability and standards, making our programs more robust.

Who Should Consider the ORM Certification?

If you’re a professional with a generalist skillset—someone who’s worn multiple hats in business operations, risk, or strategy—you might find the ORM certification particularly valuable. Here’s why:

• You’ll gain deep insight into the mechanics of risk management, from risk assessments and control evaluations to identifying issues and implementing action plans.
• You’ll learn how to manage risks in real-world scenarios, with case studies that demonstrate what happens when operational risks are ignored or improperly managed.
• You’ll sharpen your understanding of regulatory frameworks, including Basel II and Operational Risk Capital calculations, which are essential for navigating compliance-heavy industries like finance.

Ultimately, the ORM certification was a great investment for me. It strengthened my ability to identify, manage, and mitigate risks within a large financial institution and positioned me to continue making meaningful contributions as an Operational Risk leader.

If you’re thinking about expanding your skillset, especially in a field as critical as risk management, I highly recommend looking into this certification. Whether you’re a seasoned professional or looking to deepen your expertise, it’s a solid step towards greater professional growth.