This message was posted by a user wishing to remain anonymous
Hello all,
I'm having trouble defining strategic risk and fully understanding how it affects each vendor. The description that I have is this - Strategic risk is the risk arising from adverse business decisions, or the failure to implement appropriate business decisions in a manner that is consistent with the institution's strategic goals. The use of a third party to perform banking functions or to offer products or services that do not help the financial institution achieve corporate strategic goals and provide an adequate return on investment exposes the financial institution to strategic risk.
The options that I have are -
0 - N |
0 - N/A |
Not applicable |
1 - L |
1 - LOW |
There is little to no discernable strategic risk |
2 - M |
2 - MEDIUM |
The vendor may impact the growth of the Bank |
3 - H |
3 - HIGH |
Decisions by the vendor have a high potential of strategic risk to the Bank |
Does anyone else have a different definition or examples for how I can more easily rate each vendor in this category? I'm not sure where the description from above came from and it confuses me a bit.
On another note, does Data transmission risk encompass more than just electronic data transmissions? For example, our courier service. Would the fact that they are transporting potentially sensitive documents raise their data transmission risk or would they have no data transmission risk because they don't transmit electronically?
If you have a really great risk grade legend (definition of the risk and how each risk level is defined) that you would be willing to share that would also be very helpful.
Thank you in advance for your input!