In the context of managing operational risk within a bank, the CEO has reported on various actions and principles implemented to align with regulatory requirements. Which of the following actions and principles are consistent with the bank's operational risk management framework and comply with the governance guidelines set forth by Basel II and Basel III for operational risk?

Exam-Like

The bank considers identification and management of risk as the second line of defense

16.1%

The bank considers independent review and audit of the risk processes and systems as the third line of defense

67.7%

The bank includes damaged reputation due to a failed merger in its measurement of operational risk

12.9%

The bank excludes destruction by fire or other external catastrophes from its measurement of operational risk

3.2%

Financial Risk Manager Part 2