RSK2602
Assignment 1
Semester 2
DUE 20 August 2025
, SECOND SEMESTER ASSESSMENT 1
Due date 20 August 2025
Question 1 — True/False (state + full motivation)
1.1 Operational failures caused by staff are driven by error, fraud and data theft.
Answer: True.
Motivation: Operational failures that originate with staff commonly result from
unintentional human error (mistakes, incorrect data entry, procedural lapses), intentional
misconduct (fraud, theft, collusion) and insider data theft or misuse of information.
These three causes are well-recognized drivers of staff-related operational loss. Note:
the list is not exhaustive staff-caused failures can also arise from poor training,
negligence, inadequate supervision, collusion with third parties, or incentive structures
that encourage risky behaviour. Effective mitigation includes segregation of duties,
access controls, staff vetting, training and monitoring.
1.2 Technology and systems are examples of external drivers of operational risk
management.
Answer: False.
Motivation: Technology and systems are typically internal drivers of operational risk
(i.e., internal processes, IT systems, application failures, and system design). External
drivers refer to events or forces outside the organisation (natural disasters, economic
shocks, third-party/vendor failures, regulatory change, external fraud). A failure in in-
house IT or a third-party hosted system can create operational risk, but the
systems/technology themselves are classified as internal sources of operational risk.
1.3 Operational risk is the risk of loss arising from human error, management
failure and fraud or shortcomings in systems or controls. This would include
strategic and reputational risk.
Answer: False.
Motivation: The first clause correctly describes operational risk (losses from people,
processes, systems or external events consistent with Basel / standard definitions).
1|Page
Assignment 1
Semester 2
DUE 20 August 2025
, SECOND SEMESTER ASSESSMENT 1
Due date 20 August 2025
Question 1 — True/False (state + full motivation)
1.1 Operational failures caused by staff are driven by error, fraud and data theft.
Answer: True.
Motivation: Operational failures that originate with staff commonly result from
unintentional human error (mistakes, incorrect data entry, procedural lapses), intentional
misconduct (fraud, theft, collusion) and insider data theft or misuse of information.
These three causes are well-recognized drivers of staff-related operational loss. Note:
the list is not exhaustive staff-caused failures can also arise from poor training,
negligence, inadequate supervision, collusion with third parties, or incentive structures
that encourage risky behaviour. Effective mitigation includes segregation of duties,
access controls, staff vetting, training and monitoring.
1.2 Technology and systems are examples of external drivers of operational risk
management.
Answer: False.
Motivation: Technology and systems are typically internal drivers of operational risk
(i.e., internal processes, IT systems, application failures, and system design). External
drivers refer to events or forces outside the organisation (natural disasters, economic
shocks, third-party/vendor failures, regulatory change, external fraud). A failure in in-
house IT or a third-party hosted system can create operational risk, but the
systems/technology themselves are classified as internal sources of operational risk.
1.3 Operational risk is the risk of loss arising from human error, management
failure and fraud or shortcomings in systems or controls. This would include
strategic and reputational risk.
Answer: False.
Motivation: The first clause correctly describes operational risk (losses from people,
processes, systems or external events consistent with Basel / standard definitions).
1|Page
