Scenario analysis has always been central to operational risk. The ability to imagine “what if,” assess potential impacts, and test resilience across processes and controls is what prepares organizations for the unexpected. But scenario analysis is slow when everything starts with a blank page. That’s why SureStep partnered with a client to combine IBM OpenPages 9.1 Scenario Analysis with OpenAI’s GPT-5 models—and in the process, redefined how teams approached the exercise.
Our client, a large financial institution, wanted to refresh its operational risk scenarios. Workshops often struggled to get beyond generic risks, and the time spent drafting scenarios limited how many could be meaningfully assessed. To break the cycle, we used GPT-5 to pre-populate the discussion.
We began by curating a set of current headlines and regulatory alerts relevant to their business: cyber breaches at peer institutions, sanctions-driven supply chain shocks, and reputational risks linked to ESG reporting. Feeding this into GPT-5, we asked the model to generate draft scenarios aligned to the client’s industry. The model returned several structured examples, each including event drivers, potential impact pathways, and considerations for controls.
From there, we imported four selected scenarios into OpenPages Scenario Analysis as the workshop baseline. Instead of starting with an empty screen, participants could see draft scenarios already documented and ready for discussion. Their role was to refine and validate—confirming which were most relevant, adjusting assumptions, and aligning them to the organization’s risk appetite.
The real innovation came in how we used the Scenario Result object. For each of the four scenarios, we pre-generated draft results by team—Technology, Compliance, Business Lines, and Operations—so that each group came to the workshop with its own perspective ready for review. This meant that instead of debating hypotheticals, each team could open its child record under the Scenario Analysis object and see a GPT-generated draft of likely impacts specific to its domain.
For example:
- The Technology team’s Scenario Result outlined likely system outages and cyber vulnerabilities.
- The Compliance team’s draft focused on sanctions enforcement and potential fines.
- Business Lines saw reputational exposure and customer trust risks.
- Operations reviewed supply chain disruptions and continuity challenges.
In practice, this transformed the workshop. Within hours, the group moved from four draft scenarios to a full set of results per team. Discussions were deeper because they started with something tangible, not a blank sheet. And OpenPages captured it all in structure—scenarios, results, and links back to risks and controls.
The outcome for our client was clear: faster workshops, richer discussion, and broader coverage of emerging threats. By pairing IBM OpenPages with GPT-5, they were able to scale their scenario analysis program without scaling the effort.
This approach demonstrates the future of operational risk. AI can generate the sparks, governance systems provide the structure, and risk experts bring the judgment. The result is scenario analysis that is not just faster, but smarter.
.webp)
-1.jpg)
.jpg)
.jpeg)
