Risk is usually defined as the possibility of a loss or injury created by an activity or by a person. Risk management frameworks attempt to identify, assess, measure risk, and then develop countermeasures to mitigate its impact. This typically does not aim to eliminate risk for there is little opportunity without some degree of risk. The banking and insurance industries are addressing operational risk in a major way with new capital adequacy accords known, respectively, as Basel II and Solvency II. This is no academic exercise, requiring institutions to reserve capital to cover their operational risks. The Basel Committee of the Bank for International Settlements (BIS) and the Solvency Committee of the International Association of Insurance Supervisors (IAIS) define operational risk as the risk of losses resulting from inadequate or failed internal processes, people and systems or from external events. Although designed for financial institutions, this definition should be applicable for any industry, institution, or individual. A basic operational risk framework can be deployed by all organizations. Organizations can scale this framework according to their capabilities and requirements, including more sophisticated risk management tools. This chapter further highlights the framework for operational risk.