Operational risk means a risk arising from external factors, technology, or the deficient functioning of personnel, organisation or processes. A field requiring special attention is data security including securing both documents and IT systems. Equal focus is given to developing and continuously testing operative business continuity plans. Periodic audits by external cybersecurity experts have also spurred improvements in operative processes.
The principles of operational risk management are implemented in daily operations. Incidence of risk events and close calls are compiled and reported to management. The State Treasury monitors risk factors and events regularly and makes risk assessments.