The risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events. This includes fraud events, security issues, and external events, including natural disasters and political events.

This relates to the internal requirements of a business, extending to the cultural, structural, and people issues associated with the effective operation of the business.

This relates to a business’s ability to consistently manage its day-to-day operations and delivery of services and products. It includes risks related to service delivery (including customer service, product and service delivery, poor response to customer complaints, etc.), clients, products and business practices (documentation, disclosure advisory, product flaws or inadequate specifications, improper business or market practices), and processes and controls (failed transaction processing, vendor and supplier miscommunication or processing, process control failures, inadequate or failed related documentation).

This extends to the equipment utilized for the operations and conduct of the business. It includes the general operations of the equipment, maintenance, appropriateness, depreciation, safety, and upgrade.

This includes the management of equipment, finances, resources, technology, time frames, and people associated with the management projects. It extends to internal operational projects, projects relating to business development, and external projects, such as those undertaken for clients.

This category includes compliance with legal requirements, such as legislation, regulations, standards, codes of practice, and contractual requirements. This category also extends to compliance with additional ‘“rules,’” such as policies, procedures, or expectations, which may be set by contracts, customers, or the social environment.

This includes the overall security of the business premises, assets, and people, and extends to security of information, intellectual property, and technology.

This is associated with risks due to external events such as physical damage due to natural disasters and effects of non-natural disasters and events.