Learner Guide
This learner guide is copyright protected and belongs to:
BSBRSK501
MANAGE RISK
Developed by Enhance Your Future Pty Ltd 2
BSBRSK501 Manage risk Version 2
Developed by Enhance Your Future Pty Ltd 3
BSBRSK501 Manage risk Version 2
T A B L E O F C O N T E N T S
TABLE OF CONTENTS............................................................................................................................... 3
COURSE INTRODUCTION ........................................................................................................................ 6
ABOUT THIS GUIDE ..................................................................................................................................................................... 6
ABOUT THIS RESOURCE ..................................................................................................................................................... 6
ABOUT ASSESSMENT ............................................................................................................................................................ 6
ELEMENTS AND PERFORMANCE CRITERIA ...................................................................................... 9
REQUIRED SKILLS AND KNOWLEDGE ................................................................................................ 10
KNOWLEDGE EVIDENCE .......................................................................................................................................................... 10
PERFORMANCE EVIDENCE ....................................................................................................................................................... 10
PRE-REQUISITES ....................................................................................................................................... 11
TOPIC 1 – ESTABLISH RISK CONTEXT .................................................................................................. 12
REVIEW ORGANISATIONAL PROCESSES, PROCEDURES AND REQUIREMENTS FOR
UNDERTAKING RISK MANAGEMENT .................................................................................................. 12
OUTLINE ORGANISATIONAL POLICIES, PROCEDURES AND PROCESSES FOR RISK MANAGEMENT .......................... 12
THE LEGISLATIVE AND REGULATORY CONTEXT OF THE ORGANISATION IN RELATION TO RISK MANAGEMENT
....................................................................................................................................................................................................... 14
Anti-Discrimination and Equal Employment Opportunity (EEO) ......................................................................................... 14
Consumer Protection, Fair Trading and Trade Practices ........................................................................................................... 15
Employ.
2. Developed by Enhance Your Future Pty Ltd 2
BSBRSK501 Manage risk Version 2
Developed by Enhance Your Future Pty Ltd 3
BSBRSK501 Manage risk Version 2
T A B L E O F C O N T E N T S
TABLE OF
CONTENTS............................................................................
................................................... 3
COURSE INTRODUCTION
...............................................................................................
......................... 6
ABOUT THIS GUIDE
...............................................................................................
...................................................................... 6
ABOUT THIS RESOURCE
...............................................................................................
...................................................... 6
ABOUT ASSESSMENT
...............................................................................................
............................................................. 6
ELEMENTS AND PERFORMANCE CRITERIA
...................................................................................... 9
3. REQUIRED SKILLS AND KNOWLEDGE
...............................................................................................
. 10
KNOWLEDGE EVIDENCE
...............................................................................................
........................................................... 10
PERFORMANCE EVIDENCE
...............................................................................................
........................................................ 10
PRE-REQUISITES
...............................................................................................
........................................ 11
TOPIC 1 – ESTABLISH RISK CONTEXT
...............................................................................................
... 12
REVIEW ORGANISATIONAL PROCESSES, PROCEDURES
AND REQUIREMENTS FOR
UNDERTAKING RISK MANAGEMENT
...............................................................................................
... 12
OUTLINE ORGANISATIONAL POLICIES, PROCEDURES
AND PROCESSES FOR RISK MANAGEMENT
.......................... 12
THE LEGISLATIVE AND REGULATORY CONTEXT OF THE
ORGANISATION IN RELATION TO RISK MANAGEMENT
...............................................................................................
...............................................................................................
4. ......... 14
Anti-Discrimination and Equal Employment Opportunity (EEO)
......................................................................................... 14
Consumer Protection, Fair Trading and Trade Practices
...............................................................................................
............ 15
Employment and Industrial Relations
...............................................................................................
........................................ 16
Environment and
Sustainability..........................................................................
...................................................................... 18
Financial Services
...............................................................................................
...................................................................... 18
Occupational Health and Safety (OHS)
...............................................................................................
.................................... 19
Privacy
............................................................................... ................
....................................................................................... 20
THE PURPOSE AND KEY ELEMENTS OF CURRENT RISK
MANAGEMENT STANDARDS
................................................ 21
DETERMINE SCOPE FOR RISK MANAGEMENT PROCESS
.............................................................. 22
THE SCOPE DOCUMENT AND ITS COMPONENTS
...............................................................................................
................... 23
RISK ASSOCIATED WITH PROJECT MANAGEMENT
...............................................................................................
................ 24
5. IDENTIFY INTERNAL AND EXTERNAL STAKEHOLDERS
AND THEIR ISSUES ........................ 25
REVIEW POLITICAL, ECONOMIC, SOCIAL, LEGAL,
TECHNOLOGICAL AND POLICY
CONTEXT
...............................................................................................
.................................................... 26
SPECIFIC RISK AREAS
...............................................................................................
.................................................................. 26
REVIEW STRENGTHS AND WEAKNESSES OF EXISTING
ARRANGEMENTS ............................... 31
CONDUCTING A SWOT ANALYSIS
...............................................................................................
.......................................... 31
DOCUMENT CRITICAL SUCCESS FACTORS, GOALS OR
OBJECTIVES FOR AREA INCLUDED
IN SCOPE
...............................................................................................
..................................................... 34
OBTAIN SUPPORT FOR RISK MANAGEMENT ACTIVITIES
............................................................. 36
CREATING A SUPPORTIVE WORK ENVIRONMENT
...............................................................................................
................. 36
INDIVIDUAL OR TEAM APPROACH
..................................................................................... ..........
6. ........................................... 37
THE IMPORTANCE OF TRAINING
...............................................................................................
............................................. 38
COMMUNICATE WITH RELEVANT PARTIES ABOUT THE
RISK MANAGEMENT PROCESS
AND INVITE PARTICIPATION
...............................................................................................
................ 40
TOPIC 2 - IDENTIFY RISKS
...............................................................................................
....................... 42
INVITE RELEVANT PARTIES TO ASSIST IN THE
IDENTIFICATION OF RISKS.......................... 42
Developed by Enhance Your Future Pty Ltd 4
BSBRSK501 Manage risk Version 2
RESEARCH RISKS THAT MAY APPLY TO SCOPE
............................................................................... 44
USE TOOLS AND TECHNIQUES TO GENERATE A LIST OF
RISKS THAT APPLY TO THE
SCOPE, IN CONSULTATION WITH RELEVANT PARTIES
................................................................ 45
RISK IDENTIFICATION TECHNIQUES
7. ...............................................................................................
...................................... 45
PROCESS CHARTING
...............................................................................................
................................................................... 46
Scenario analysis
............................................................................. ..................
........................................................................ 47
BENCHMARKING SIMILAR ORGANISATIONS AND
ACTIVITIES
...........................................................................................
47
TOPIC 3 - ANALYSE RISKS
...............................................................................................
........................ 49
ASSESS LIKELIHOOD OF RISKS OCCURRING
.................................................................................... . 49
ASSESS IMPACT OR CONSEQUENCE IF RISKS OCCUR
..................................................................... 50
EVALUATE AND PRIORITISE RISKS FOR TREATMENT
................................................................... 51
TOPIC 4 - SELECT AND IMPLEMENT TREATMENTS
....................................................................... 55
DETERMINE AND SELECT MOST APPROPRIATE OPTIONS
FOR TREATING RISKS ................ 55
KEY OUTCOMES STEPS
...............................................................................................
............................................................... 55
8. Identify treatment options
...............................................................................................
........................................................... 55
DEVELOP AN ACTION PLAN FOR IMPLEMENTING RISK
TREATMENT .................................... 58
SAMPLE RISK TREATMENT ACTION PLAN
...............................................................................................
............................... 59
COMMUNICATE RISK MANAGEMENT PROCESSES TO
RELEVANT PARTIES ............................ 60
COMMUNICATION FACTORS SUCH AS LANGUAGE AND
LITERACY
................................................................................... 60
DIVERSITY OF WORKERS
...............................................................................................
........................................................... 60
ENSURE ALL DOCUMENTATION IS IN ORDER AND
APPROPRIATELY STORED ..................... 62
STORAGE OF WHS/OHS
INFORMATION......................................................................
........................................................ 62
IMPLEMENT AND MONITOR ACTION PLAN
.................................................................................... 63
EVALUATE RISK MANAGEMENT PROCESS
........................................................................................ 66
SUMMARY
...............................................................................................
10. ABOUT THIS GUIDE
This resource covers the unit BSBRSK501 Manage risk.
This unit describes the performance outcomes, skills and
knowledge required to manage risks in
a range of contexts across the organisation or for a specific
business unit or area.
This unit addresses the management of the risk across the
organisation or within a business unit
or area. It does not assume any given industry setting.
This unit applies to individuals who are working in positions of
authority and are approved to
implement change across the organisation, business unit,
program or project area. They may or
may not have responsibility for directly supervising others.
ABOUT THIS RESOURCE
This resource brings together information to develop your
knowledge about this unit. The
information is designed to reflect the requirements of the unit
and uses headings to makes it
easier to follow.
11. Read through this resource to develop your knowledge in
preparation for your assessment. You
will be required to complete the assessment tools that are
included in your program. At the back
of the resource are a list of references you may find useful to
review.
As a student it is important to extend your learning and to
search out text books, internet sites,
talk to people at work and read newspaper articles and journals
which can provide additional
learning material.
Your trainer may include additional information and provide
activities. Slide presentations and
assessments in class to support your learning.
ABOUT ASSESSMENT
Developed by Enhance Your Future Pty Ltd 7
BSBRSK501 Manage risk Version 2
12. Throughout your training we are committed to your learning by
providing a training and
assessment framework that ensures the knowledge gained
through training is translated into
practical on the job improvements.
You are going to be assessed for:
activities that apply to your
workplace.
y to recognise common principles and actively use
these on the job.
You will receive an overall result of Competent or Not Yet
Competent for the assessment of this
unit. The assessment is a competency based assessment, which
has no pass or fail. You are either
competent or not yet competent. Not Yet Competent means that
you still are in the process of
understanding and acquiring the skills and knowledge required
to be marked competent. The
assessment process is made up of a number of assessment
methods. You are required to achieve
13. a satisfactory result in each of these to be deemed competent
overall.
All of your assessment and training is provided as a positive
learning tool. Your assessor will
guide your learning and provide feedback on your responses to
the assessment. For valid and
reliable assessment of this unit, a range of assessment methods
will be used to assess practical
skills and knowledge.
Your assessment may be conducted through a combination of
the following methods:
The assessment tool for this unit should be completed within the
specified time period following
the delivery of the unit. If you feel you are not yet ready for
assessment, discuss this with your
14. trainer and assessor.
To be successful in this unit you will need to relate your
learning to your workplace. You may be
required to demonstrate your skills and be observed by your
assessor in your workplace
Developed by Enhance Your Future Pty Ltd 8
BSBRSK501 Manage risk Version 2
environment. Some units provide for a simulated work
environment and your trainer and
assessor will outline the requirements in these instances.
Developed by Enhance Your Future Pty Ltd 9
BSBRSK501 Manage risk Version 2
E L E M E N T S A N D P E R F O R M A N C E
C R I T E R I A
1. Establish risk context 1.1 Review organisational processes,
procedures and requirements for
15. undertaking risk management
1.2 Determine scope for risk management process
1.3 Identify internal and external stakeholders and their issues
1.4 Review political, economic, social, legal, technological and
policy
context
1.5 Review strengths and weaknesses of existing arrangements
1.6 Document critical success factors, goals or objectives for
area
included in scope
1.7 Obtain support for risk management activities
1.8 Communicate with relevant parties about the risk
management
process and invite participation
2. Identify risks 2.1 Invite relevant parties to assist in the
identification of risks
2.2 Research risks that may apply to scope
2.3 Use tools and techniques to generate a list of risks that
apply to the
scope, in consultation with relevant parties
16. 3. Analyse risks 3.1 Assess likelihood of risks occurring
3.2 Assess impact or consequence if risks occur
3.3 Evaluate and prioritise risks for treatment
4. Select and implement
treatments
4.1 Determine and select most appropriate options for treating
risks
4.2 Develop an action plan for implementing risk treatment
4.3 Communicate risk management processes to relevant parties
4.4 Ensure all documentation is in order and appropriately
stored
4.5 Implement and monitor action plan
4.6 Evaluate risk management process
Developed by Enhance Your Future Pty Ltd 10
BSBRSK501 Manage risk Version 2
R E Q U I R E D S K I L L S A N D
K N O W L E D G E
17. This describes the essential knowledge and skills and their level
required for this unit.
KNOWLEDGE EVIDENCE
To complete the unit requirements safely and effectively, the
individual must:
management standards
organisation in relation to risk
management
risk management.
PERFORMANCE EVIDENCE
Evidence of the ability to:
scope and context of the
risk management process including:
o Stakeholder analysis
o Political, economic, social, legal, technological and policy
context
o Current arrangements
o Objectives and critical success factors for the area included in
18. scope
o Risks that may apply to scope
identify and assess risks,
determine appropriate risk treatment actions and priorities and
explain the risk
management processes
an to treat risks
process
Developed by Enhance Your Future Pty Ltd 11
BSBRSK501 Manage risk Version 2
P R E - R E Q U I S I T E S
This unit must be assessed after the following pre-requisite
unit:
There are no pre-requisites for this unit.
19. Developed by Enhance Your Future Pty Ltd 12
BSBRSK501 Manage risk Version 2
T O P I C 1 – E S T A B L I S H R I S K
C O N T E X T
REVIEW ORGANISAT IONA L PROCESSES, P ROCE DU
RES AND
REQUIREMENTS FOR UND ERTAKING RISK MANAGE
MENT
Most organisations are exposed to some level of risk. Some of
these risks are consistent across
organisations, and some are organisation-specific. Risks may
relate to:
20. OUTLINE ORGANISATION AL POLICIES, PROCEDU RES
AND PROCESSES
FOR RISK MANAGEMENT
Before beginning a project to manage the various risks to which
your organisation is exposed, it
is important to take the time to review your organisation’s risk
management policies, procedures
and processes. Read the following definitions:
within an organisation should
undertake a task in a certain way
workers within an organisation
should undertake the task
undertake to achieve a
particular outcome; processes for different tasks, including
those related to risk
Developed by Enhance Your Future Pty Ltd 13
21. BSBRSK501 Manage risk Version 2
management, may be outlined in your organisation’s
procedures, or they may exist as
separate documents
You must be familiar with where your organisation’s risk
management policies, procedures and
processes are stored – for example, they are often located in
soft-copy on a shared computer
drive, or in hard-copy in folders in a main office, etc. You must
know how to access these key
documents, and how you are expected to apply them in your
work – and in particular, when
assessing risk, and when planning to manage risk.
Your organisation’s policies, procedures and processes for risk
management will provide you
with the following types of important information:
ll you about the risks associated with specific
areas or the organisation as a
whole, and these should be included in your risk management
assessment. They may also
provide information on how risks change over time, in response
22. to different
circumstances and events in your organisation
for risk management
strategies, along with specifying cost effectiveness versus
acceptable risk; knowing this
information means you can keep the risk management project in
line within the
company’s guidelines and objectives
activities undertaken in your
organisation, and the impacts these had on organisational risk
When reviewing risk management procedures you should also
look for specific formatting
requirements for contingency plans. Areas such as emergency
services (Ambulance, Fire, SES
and Police departments) often create contingency plans for
different potential emergencies. They
always follow the same format in all of their plans. This allows
the reader of the plan to quickly
find the information that they need.
23. If you need to implement contingency plans, then following
standard formats may save time.
People will not have to search for information or understand the
format before implementing
their part of the plan the only thing they need to do is open the
plan to the section they need,
and find what they are looking for.
If there are other risk management assessments that have been
done in parallel parts of the
organisation, you may need to consider accessing a copy of
them in order to help you with the
new plan. Often, the risk management plans created for other
areas of the company can be
adapted to suit your needs. This also provides for a cost saving
to the company, because it means
Developed by Enhance Your Future Pty Ltd 14
BSBRSK501 Manage risk Version 2
work already done does not need to be repeated.
Your organisation’s policies, procedures and processes for risk
24. management should also provide
you with a great deal of information about how your final
documentation should be filed, who
should receive copies, where they should be located, and how
they should be distributed. All are
important factors in a risk management project.
THE LEGISLATIVE AND REGULATORY CONTEXT O F THE
ORGANISATION IN RELA TION TO RISK MANAGEM ENT
In your role, it is important that you are familiar with the
legislation and regulations which apply
to your organisation in relation to risk management. Working
within legislation and regulations is
essential to reducing the risks to which your organisation is
exposed, and it can also assist you to
identify strategies to effectively manage risks.
There may be particular pieces of legislation and regulations
that apply in the organisation /
industry or the State / Territory where you work. If this is the
case, it is essential that you
familiarise yourself with this – for example: by reading about it
online (e.g. on the Federal
25. Register of Legislation), or by speaking with relevant people
(e.g. your work supervisor /
organisation manager, legal professionals, etc.). Read the
following about some more general
legislation / regulations which may apply to you:
ANTI-DISCRIMINATION AND EQUAL EMPLOYMENT
OPPORTUNITY (EEO)
Discrimination refers to the unjust or prejudicial treatment of a
person on the grounds of a point
of difference (e.g. race, colour / ethnicity, gender, sexual
preference, age, physical or mental
disability, marital status, family / carer responsibilities,
pregnancy, religion, political opinion,
national extraction, social origin, etc.). Under a range of
legislation, discrimination is illegal in
Australia. Read the following:
Over the past 30 years the Commonwealth Government and the
state and territory governments have introduced laws to
help protect people from discrimination and harassment.
The following laws operate at a federal level and the Australian
Human Rights Commission has statutory responsibilities
under them:
26. The following laws operate at a state and territory level, with
state and territory equal opportunity and anti-discrimination
agencies having statutory responsibilities under them:
Developed by Enhance Your Future Pty Ltd 15
BSBRSK501 Manage risk Version 2
– Discrimination Act 1991
– Anti-Discrimination Act 1977
– Anti-Discrimination Act 1996
– Anti-Discrimination Act 1991
– Equal Opportunity Act 1984
– Anti-Discrimination Act 1998
– Equal Opportunity Act 2010
27. – Equal Opportunity Act 1984.
Commonwealth laws and the state/territory laws generally
overlap and prohibit the same type of discrimination. As both
state/territory laws and Commonwealth laws apply, you must
comply with both. Unfortunately, the laws apply in slightly
different ways and there are some gaps in the protection that is
offered between different states and territories and at a
Commonwealth level. To work out your obligations you will
need to check the Commonwealth legislation and the state or
territory legislation in each state in which you operate.1
A concept closely associated with anti-discrimination is equal
employment opportunity.
Diversity in the workplace means having employees from a
wide range of backgrounds. This can include having employees
of different ages, gender, ethnicity, physical ability, sexual
orientation, religious belief, work experience, educational
background, and so on.
In Australia, national and state laws cover equal employment
opportunity and anti-discrimination in the workplace.
You're required by these laws to create a workplace free from
discrimination and harassment. It's important that as an
28. employer, you understand your rights and responsibilities under
human rights and anti-discrimination law. By putting
effective anti-discrimination and anti-harassment procedures in
place in your business you can improve productivity and
increase efficiency.1
Equity and diversity principles state that all people must be
treated equally and fairly, regardless
of diversity such as gender, disability, etc. This applies also in
relation to employment. All States
and Territories in Australia have equal employment acts; you
should familiarise yourself with
those which apply to you in your role.
CONSUMER PROTECTION, FAIR TRADING AND TRADE
PRACTICES
Australian consumer laws protect consumers in relation to the
products and services they
purchase. They require people / organisations selling products
and services to utilise fair trading
/ fair trade practices. Under the Australian consumer laws,
organisations have a responsibility to
offer guarantees on the products and services they sell. Read the
following:
29. Products must be of acceptable quality, that is:
1 Australian Human Rights Commission, 2017.
Developed by Enhance Your Future Pty Ltd 16
BSBRSK501 Manage risk Version 2
Acceptable quality takes into account what would normally be
expected for the type of product and cost. Products must also:
n, on packaging
and labels, and in promotions or advertising
and for any purpose that you made known to the
business before purchasing
30. take the goods away or prevent you from using them
nce, condition
and quality, such as life time guarantees and money
back offers
reasonable time after purchase unless you were told otherwise
Services must:
and skill or technical
knowledge and taking all necessary steps to avoid loss and
damage
business had agreed to
agreed end date2
There are some exceptions to these guarantees; you can read
more about these on the Australian
Competition and Consumer Commission’s (ACCC) website.
In some circumstances when an organisation has failed in
relation to its responsibilities when
31. selling a product or service, a customer may be entitled to a
refund or an exchange. To refund a
customer means to return the money they have paid for the
product or service they are
dissatisfied with. To exchange means to provide the customer
with another product or service to
replace the one they are dissatisfied with.
EMPLOYMENT AND INDUSTRIAL RELATIONS
The Australian national workplace relations system establishes
a safety net of minimum terms
and conditions of employment, and a range of other workplace
rights and responsibilities. Read
…
Manage risk
BSBRSK501A
Student Workbook
33. form or by any means, electronic, mechanical,
photocopying, or otherwise, without written permission from
the publisher, Innovation and Business Industry Skills
Council Ltd (‘IBSA’).
Use of this work for purposes other than those indicated above,
requires the prior written permission of IBSA. Requests
should be addressed to Products and Services Manager, IBSA,
Level 11, 176 Wellington Pde, East Melbourne VIC, 3002
or email [email protected]
‘Innovation and Business Skills Australia’, ‘IBSA’ and the
IBSA logo are trade marks of IBSA.
Disclaimer
Care has been taken in the preparation of the material in this
document, but, to the extent permitted by law, IBSA and
the original developer do not warrant that any licensing or
registration requirements specified in this document are
either complete or up-to-date for your State or Territory or that
the information contained in this document is error-free
or fit for any particular purpose. To the extent permitted by law,
IBSA and the original developer do not accept any
liability for any damage or loss (including loss of profits, loss
of revenue, indirect and consequential loss) incurred by any
person as a result of relying on the information contained in this
document.
The information is provided on the basis that all persons
accessing the information contained in this document
undertake responsibility for assessing the relevance and
accuracy of its content. If this information appears online, no
responsibility is taken for any information or services which
may appear on any linked websites, or other linked
information sources, that are not controlled by IBSA. Use of
versions of this document made available online or in other
34. electronic formats is subject to the applicable terms of use.
To the extent permitted by law, all implied terms are excluded
from the arrangement under which this document is
purchased from IBSA, and, if any term or condition that cannot
lawfully be excluded is implied by law into, or deemed to
apply to, that arrangement, then the liability of IBSA, and the
purchaser’s sole remedy, for a breach of the term or
condition is limited, at IBSA’s option, to any one of the
following, as applicable:
(a) if the breach relates to goods: (i) repairing; (ii) replacing;
or (iii) paying the cost of repairing or replacing, the goods;
or
(b) if the breach relates to services: (i) re-supplying; or (ii)
paying the cost of re-supplying, the services.
Published by: Innovation and Business
Industry Skills Council Ltd
Level 11
176 Wellington Pde
East Melbourne VIC 3002
Phone: +61 3 9815 7000
Fax: +61 3 9815 7001
e-mail: [email protected]
www.ibsa.org.au
First published: June 2010
Print version: 1.0
Release date: June 2010
Printed by: Fineline Printing
35. 130 Browns Road
Noble Park VIC 3174
ISBN: 978-1-921749-76-6
Stock code: RSK501ACL
Table of Contents
Introduction
...............................................................................................
..............1
Features of the training program
.....................................................................1
Structure of the training program
....................................................................1
Recommended reading
....................................................................................1
Section 1 – Introduction to Risk
............................................................................2
What skills will you need?
................................................................................2
Understand risk and risk management
...........................................................2
Establish the context
36. ..................................................................................... 10
Understand importance of relevant legislation
............................................ 13
Section summary
...........................................................................................
27
Further reading
...............................................................................................
27
Section checklist
............................................................................................
27
Section 2 – Identifying Risk
................................................................................. 28
What skills will you need?
............................................................................. 28
Review the external environment
................................................................. 29
Determine strengths and weaknesses
......................................................... 32
Review and document objectives
................................................................. 34
Identify risks
...............................................................................................
.... 35
37. Research
...............................................................................................
.......... 42
Involve others in risk identification
............................................................... 46
Section summary
...........................................................................................
48
Further reading
...............................................................................................
48
Section checklist
............................................................................................
48
Section 3 – Analysing and Evaluating Risk
........................................................ 49
What skills will you need?
............................................................................. 49
Determine likelihood of risk
.......................................................................... 50
Assess consequence of risk
.......................................................................... 52
Evaluate and prioritise risk
............................................................................ 54
Determine risk treatment options
................................................................. 57
38. Develop an action plan for treating risks
..................................................... 64
Section summary
...........................................................................................
78
Further reading
...............................................................................................
78
Section checklist
............................................................................................
78
Section 4 – Treating Risk
.................................................................................... 79
What skills will you need?
............................................................................. 79
Implement the risk action plan
..................................................................... 79
Monitor the risk action plan
.......................................................................... 88
Evaluate the risk management process
....................................................... 93
Section summary
40. Page 1 of 100
Introduction
Features of the training program
The key features of this program are:
– Self paced learning activities to
help you to
understand key concepts and terms. The Student Workbook is
broken
down into several sections.
-led sessions (FLS) – Challenging and interesting
learning
activities that can be completed in the classroom or by distance
learning
that will help you consolidate and apply what you have learned
in the
Student Workbook.
– Summative assessments where you can
apply your
new skills and knowledge to solve authentic workplace tasks
and
problems.
Structure of the training program
This Training Program introduces you to the concepts of
identifying risk and how
to then apply the appropriate risk management strategies. You
will develop the
skills and knowledge in the following topic areas.
1. Introduction to Risk (SW Section 1/FLS Session 1).
42. Council Ltd
Section 1 – Introduction to Risk
Before you can undertake risk management, there a number of
key concepts that
you must understand. This chapter will define risk and risk
management, and help
you establish the context in which risk management takes place.
Scenario: Preparing for risk management
You have recently been successful in securing the job of
operations manager for
a chain of shoe repair stores with ten outlets. Your previous
experience was in
sales management and more departmental areas of management
but never as
the operations manager of a chain of stores.
You note that one of your specific responsibilities is to manage
the risks that are
likely to happen in this particular organisation. Before
attempting to identify the
organisation’s risks, you first take time to review the concepts
of risks, risk
management and the context that risk will be applied to. From
your previous
roles, you are very aware of the risks of non-compliance with
relevant laws, and
so you decide to also review the legislative framework in which
this organisation
operates.
What skills will you need?
In order to work effectively as a risk manager you must be able
43. to:
Understand risk and risk management
What is risk?
Risk is inevitable. It is a natural part of our physical, social,
financial and
competitive environments. It is defined as the chance of
something happening
that will have an impact on objectives or goals being achieved.
It is measured in
terms of consequence and likelihood. Organisations must decide
on a daily basis
whether various risks are or are not worth taking, for example,
when making
decisions regarding investment or the health and safety of
employees. For some,
the ability to manage risk better than anyone else becomes a
valuable resource
that they use for their own advantage.
In business, there is a strong correlation between risk and
reward. For example,
investing in the share market is riskier than investing in
Government Bonds, so as
a consequence of the risks involved, share markets traditionally
offer the higher
returns.
Only an estimated 10% of all risks are actually unforeseeable.
46. Valuable resources that can be affected by risk are not just
financial. In today’s
business environment, the loss of reputation or brand value can
have far greater
impact on the organisation’s viability than the loss of some
investment funds.
Other valuable resources that need to be considered in any loss
evaluation
caused by risk are detailed below.
•workers, intellectual capital, skills, experience and
capabilities, levels of trust, managerial skills, firm‐specific
practices and procedures, innovation and creativity
technical and scientific skills
Human
• cash, investments, shares, capacity to raise equity,
borrowing capacity
Financial
•plant, equipment, state‐of‐the‐art machinery, equipment
and electronics, land, buildings, vehicles, furniture, facilities
Physical
•patents, copyrights, trademarks , trade secrets, software
Intellectual property
•evaluation and control systems, effective strategic planning
processes, outstanding customer service, excellent product
development capabilities, innovativeness of products and
services, ability to hire, motivate, and retain human capital,
48. Strategic resources
Many people understand the impact of an unfavourable event on
tangible assets,
but often overlooked is the impact that adverse events can have
on the
organisation’s intangible assets. All the resources listed above
are valuable, but
some resources take on an even more important role in an
organisation because
they become strategic. They are classified as being strategic
because they give
the business its competitive advantage. To qualify as strategic
they need to be:
•
That is, unique or in very short supply. For example, personnel
who
are leading experts in their field, and bring knowledge or skills
that are
not widely available.
Rare
•
That is, hard to copy due to expense or time required to acquire,
For
example, the brand recognition associated with a long‐establish
ed
organisation or product.
Difficult to imitate
50. Risk types
Risk identification is proactive. If you’re looking for them you
will soon find them
when discussing activities with team members, observing the
workplace
environment, reading reports and analysing results. Over the
broad spectrum,
risks can be categorised in various ways, for example:
Risks can be grouped into two types:
– those risks that will definitely occur at some point
in time, for
example, employee sick days.
– those that may occur at some point in time, for
example, an
employee being injured in the workplace.
Rare
Difficult to
imitate
52. 2.
3.
What is Risk Management?
Risk management is an essential part of good management and
corporate
governance. It is a set of tools and processes that are used to
avoid, reduce or
control the risks that are likely to adversely affect the valuable
and strategic
resources of an organisation. Basically it is the process of
identifying and
categorising potential risk and then defining actions to mitigate
these risks.
Risk management processes should enhance decision-making
and facilitate
continuous improvement in performance of the organisation.
Studying and
identifying risk should not inhibit action, but instead help you
54. AS/NZS 4360:2004 – Risk Management
The Australian/New Zealand Standard AS/NZS 4360:2004 –
Risk Management
provides a guide for managing risk.
The objective of this standard is to provide guidance to enable
public, private or
community enterprises, groups and individuals to achieve:
-making and
planning
variability
-active rather than re-active management
confidence and trust
56. io
n
an
d
co
ns
ul
ta
tio
n
M
onitor and review
Throughout this workbook we will be referring to AS/NZS
4360:2004 – Risk
Management Standards and following the processes outlined in
it for the
management of risk.
The risk management process
For the purpose of this workbook, the risk management process
will be shown in
the following way.
57. Figure 3: Risk management process
AS/NZ 4360: 2004 views the analysis and evaluation of risk as
two separate
elements and so outlines seven elements in the risk management
process.
– Determine the scope of the project,
both internally
and externally. Establish the criteria by which a risk may be
evaluated.
fy risks – Recognise potential hazards, which may
prevent, diminish,
or delay the organisational or project objectives.
– Identify what the consequence and likelihood
of the risk
taking place.
– Compare the potential rewards with the
potential adverse
outcomes including the likelihood of each. This allows
decisions to be
made regarding the priority and action required to manage the
risk.
– The process of selecting which risks are to be
managed and
taking measures to limit the result of highest priority.
59. able to achieve
those goals while balancing costs, benefits and opportunities.
This provides the
overall context in which risk management takes place. It is also
essential that you
understand the nature of any decisions that need to be made so
that your process
can inform and implement those decisions effectively.
In practical terms, the scope of a risk management process can
apply to:
partment
Risk management can be applied to the internal or external
environments of an
organisation, or both. The internal environment encompasses
the operations and
inner workings of the organisation, while the external
environment includes the
political, economic, social, legal, and technological factors
affecting the business.
These are explored in more detail in Section 2 of this workbook.
Learning activity: Risk process scope
Review the scenario in Appendix 3 and identify the three
criteria defining the
scope of the risk management task assigned by Jeff Harding to
you as the newly
61. Stakeholders
Once you have identified the scope of risk analysis and
management, you must
identify the stakeholders: individuals, a group of people, or an
organisation, that
can be affected by the risks or implementation of the risk
management process.
Identification of stakeholders is an essential step in risk
management. It
determines who should be involved in the formulation of the
risk management
plan, and who you should communicate with regarding
implementation of risk
management strategies and actions.
Identification of stakeholders includes identifying anyone
impacted by the risk,
and documenting relevant information regarding their interests,
involvement,
and impact on the effectiveness of the risk management process.
Learning activity: Communicating with stakeholders
Jeff believed that it would be useful to involve the store
managers in gathering
information about risks associated with their stores and has
asked you to
prepare an email. Complete an email in the space below making
sure that you
stay within the scope of the task.
63. Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner
Scanned with CamScanner