Operational risk appetite specifically addresses tolerance for risks arising from people, processes, systems, and external events, distinct from market or credit risk appetites. It is expressed through metrics such as maximum acceptable operational losses, service disruption thresholds, error rates, compliance violation limits, and customer complaint levels. Clear operational risk appetite statements guide business decisions, control investments, and contingency planning. A payment processor might define operational risk appetite as zero tolerance for data breaches affecting cardholder information, maximum 99.95% system availability, and operational losses not exceeding 5% of annual revenue.