Establishing Model Risk Management
http://ccro.org © Copyright 2025, CCRO. All rights reserved. 8
platforms (e.g., the Expected Shortfall function in pyRisk). Vendor models create unique risks
and should be subject to reasonable oversight and control.
2.6. Model Life Cycle
The term “model life cycle” refers to the various stages of activities that a model goes through
as it progresses from conception and development to validation and deployment and
eventually to deprecation. The model life cycle includes more than the traditional development,
testing, validation, and deployment phases common for IT applications and systems. Rather, it
considers broader model governance expectations through all stages in the life of a model. It
starts with the need or intent to have a model and involves documenting the rationale behind
selected data, processing techniques, and output components. A model requires thorough
testing, verification, and challenge during the model validation phase. It also includes model
change controls, upgrades, and end-of-life processes.
Proper model life cycle management is an iterative process, as summarized below:
Figure 3: Model Life Cycle Management
1. Identification &Inventory: The processes and platforms by which all model-like tools
are identified and inventoried before use, classified as models or EUC, and reported to
management.
1. Identification &
Inventory
2. Development
3. Validation
4. Implementation 5. Usage
6. Back-testing &Ongoing
Performance Monitoring
7. Periodic Review &
Revalidation
http://ccro.org © Copyright 2025, CCRO. All rights reserved. 8
platforms (e.g., the Expected Shortfall function in pyRisk). Vendor models create unique risks
and should be subject to reasonable oversight and control.
2.6. Model Life Cycle
The term “model life cycle” refers to the various stages of activities that a model goes through
as it progresses from conception and development to validation and deployment and
eventually to deprecation. The model life cycle includes more than the traditional development,
testing, validation, and deployment phases common for IT applications and systems. Rather, it
considers broader model governance expectations through all stages in the life of a model. It
starts with the need or intent to have a model and involves documenting the rationale behind
selected data, processing techniques, and output components. A model requires thorough
testing, verification, and challenge during the model validation phase. It also includes model
change controls, upgrades, and end-of-life processes.
Proper model life cycle management is an iterative process, as summarized below:
Figure 3: Model Life Cycle Management
1. Identification &Inventory: The processes and platforms by which all model-like tools
are identified and inventoried before use, classified as models or EUC, and reported to
management.
1. Identification &
Inventory
2. Development
3. Validation
4. Implementation 5. Usage
6. Back-testing &Ongoing
Performance Monitoring
7. Periodic Review &
Revalidation
