Add to collection(s) Add to saved
  1. Business
  2. Finance

but - Home

advertisement 
BSBRSK501B Manage Risk
Assessment tool 3 (AT3): Project (s)
Project 1
This project entails you planning, conducting and evaluating risk management program for an
organisation. For the purpose of this project, the term ‘organisation’ can refer to a small business,
work team or division in a large organisation, sporting group, or family. Complete each of the
sections below in as much detail as is possible.
Part 1 – Plan for enterprise risk management:

Describe the organisations current risk management policies, procedures and processes and
comment on the strengths and weaknesses of these arrangements.
The chosen risk management policy was created in July of 2011; it refers back quite heavily to
AS/NZS 4801:2001 being the Australian standard. It details on its involved contents, document
history, amendment and approval table procedure, description and scope of document,
responsibility charts, triggers, definitions, references, legal references, activity descriptions being
hazard identification etc.
Reviewing the procedure and the way it is mapped out is quite easy for anyone to follow, whether in
the event of a risk or just during an audit the procedures allows for easy efficient use. The only
weakness I can find is that the responsibilities chart is not detailed enough, it does not advise where
or how to find the relevant person responsible for the application of that hazard.

Describe the scope for risk management process that you will conduct – explain why you
decided upon this scope
The risk management process conducted will;




Establish a Risk management plan
Establish a Risk register
Appoint a Risk manager
Develop a Risk management & communication strategies
After establishing a risk management strategy containing all the above elements the following would
be measures;


Ensure that monitoring of adherence in accordance with the relevant OH&S legislation
Ensuring that assessing the risks involved and developing appropriate controls to either
eliminate or minimise the identified risks.
The scope was chosen as there are clear monitoring points to refer back to relevant national and
state standards, which can be easily referable and therefore make the risk management process
more efficient and effective within the chosen organisation.
BSBRSK501B Manage Risk

Discuss the impact that each of the following has on the organisations approach to risk
management:
- Political environment
Due to the organisations industry being heavily governed by the government there chance of
organisational change is medium to high. For example the First Home Owners Grant being
abolished in July of 2012 has impacted the industry and this organisation sales and cash flow in
the last 12 months which has resulted in staff loses and company down turn.
- Economic climate
Due to recent economic recession and population under spending the company have a high risk
with the current economic climate. This is because if people are not spending money on the little
things required in everyday life then they will surely not purchase a new home or available land.
- Social factors
Some example of Social risk factors would include unemployment, homelessness,
physical/mental disability, financial destitution, divorces, lack of basic education & population
health problems. The main social factor that could potentially harm the organisation is financial
destitution as it impacts a large portion of the business.
- Legal factors
As any organisation is governed by legality the construction industry relies quite heavily upon it,
for example complying with Australian standard 4801, DCP levy’s, council requirements,
attorneys, building commission, HIA, solicitors, surveyors and the general public taking legal
action against the organisation. Due to this it can impact the industry very heavily due to the
heavy reliance upon all of those risks.
- Technological advancements
As the market changes and technology evolves the construction company is starting to find that
they rely very heavily on technology to allow the particular projects to keep moving in the office
& out on site. It is also vital for scheduling, payments, client contact, customer service etc. Using
on site tablets or laptops as well as in office computers they have to be heavily secured with
passwords, firewalls, anti-virus protection & relevant locking mechanisms.
- Policy context
Due to recent staff lose the organisation has had to involve and evolve there policies and
procedures to remove the risk of an audit. This involves updating all the current policies as well
as creating new ones for procedures such as OH&S, IT policies, Email, Bullying, Sexual
harassment and so on. All staff is to be made aware of these policies via email and placing them
on a network drive for staff accessibility.
BSBRSK501B Manage Risk

Document critical success factors, goals or objectives for area included in scope
Reviewing the organisation and the success of the risk management scope I would say the critical
success factor is “Successfully merging the construction and handover of a superior product”. This is
the company’s strong success factor in the market at the moment; they provide a superior product
to clients by merging the construction and handover procedure into 1 team which enables quality
homes at a quicker rate of construction.
The main objective which is clear within the risk management policy scope is; “To increase profit
margin & customer experience”.
The organisation seems to have 3 main goals;
1. To reduce and identify the situations and events associated primarily with Watersun Homes
building activities that could give rise to the potential of injury & illness.
2. Removing the scope of hazard in stages of the construction including but not limited to
design changes, on site changes, introduction of new or modified processes or plant and
equipment, customer service experience and profit margins.
3. Elimination of hazards that are grouped as physical, ergonomic, economic, chemical,
environmental & biological.

Identify each of the internal and external stakeholder groups for each make a list of their
issues
Internal Stakeholders
Directors, Senior Management, COO, General Manager, senior management team, office staff,
supervisors on site, board committee members & customer service
External Stakeholders
Local Authority, councils, Providers, customers, suppliers, labourers, trades, funders, quality
assessors, banks, debtors, surveyors, attorneys & government
Internal Stakeholder issues
Monetary (Making sure they are paid on time by the organisation), success of the company in the
competitive market, personal wellbeing and health issues, preventing injury, completion of a project
that can enable company success which in turn provides personal satisfaction.
External Stakeholder issues
Monetary (Making sure they are paid on time by the organisation, success of the company they are
being paid by to ensure future work, and organisation doesn’t encroach on federal or national laws,
paying loans and debts on time, having a strong financial asset backing.
BSBRSK501B Manage Risk

Discuss how you will communicate with each of the stakeholder groups, include details of:
- key messages
- delivery strategies
- how you will encourage input / participation
To internal & external stakeholders of the company I would provide an article that is distributed via
email and company handout. This email and handout would provide information to the target
audience being the employees of the organisations and external stakeholders with the view to
approach the relevant risk management, the benefits of email and handout is the organisation can
then know that all employees received the message and are aware of the message and email to
external so they are aware and keep track of who has received it.
To input participation I would request that the stakeholders complete a feedback survey at the end
of the key message that is delivered via email. The survey would encourage stakeholder
participation via there active feedback as it makes them aware that there view is looked at and
actioned by the board of directors.

Describe what level and type of support you need in order for your risk management plan to
be effective and discuss the strategies that you will use in order to obtain that support
To have an effective risk management plan I will need to define a certain person as the risk
champion. This person will be able to promote management plans benefits back to the directors or
board of management as well as its possible flaws and how the organisation can overcome them.
Then I will need this particular risk champion to raise awareness to all the stakeholders in different
ways relevant to their status within the organisation of the current risks, for example;
Sitting with the CEO of an organisation to discuss the scope of the risk management plan or
discussing with employees regarding possible future risks or present risks during a team meeting.
With the support obtained via awareness to stakeholders of all types the risk champion can then
develop a business case. Sitting with the board of directors the risk champion will convey the risks
that need to be managed, the background of the current risk management strategy related to each
organisational risk, the business benefits, the options considered to each risk being beneficial or
rejectable, the expected costs and the consequences of not adopting the proposed future risk
management plan.
BSBRSK501B Manage Risk
Part 2 – Identify the risks:

Using a SWOT diagram, identify the risks that face the company
Strengths
A small personnel team that can concentrate on
the important aspects of building & construction
Wide availability to different projects &
developers which increases sales and cash flow
Single storey construction specialists but with
more inclusions at a cheaper rate
Opportunities
Due to economic downturn & limited single
storey sales the organisation can now branch out
into different developments
Financial backing with the government
accreditation which can enable the company to
provide clients with small deposit homes
The construction of disability homes and make it
a special division of the business as no one in the
market has looked into that field of work

Weaknesses
Customer service is severe lacking
Cash flow availability which limits payments to
suppliers and trades but also finances
Not enough speciality knowledge in projects
which limits the organisations building capacity
to take on challenging profit filled work
Threats
The competition is branching out into the project
and medium density division and due to their
finance backing & marketing resources it can
become a large problem
Cash flow problems which limit our payments to
suppliers & trades is making them no longer
work for the organisation
Limited knowledge being a large weakness which
restricts the company taking on larger jobs, our
own internal stakeholders is a threat
Research these risks and provide any necessary background / further detail
These risks were actually determined by performing a SWOT analysis at the organisation, as well as
researching the company’s website and current risk assessment plan.

Make a list of the other tools and techniques you could use in order to generate a list of risks
that apply to the scope
The other techniques you could use for a scope are the following;
1. Fishbone Diagram: Also referred to as the cause and effect diagram or the Ishiwaka
diagram this is an effective tool for determining the risks occurred and not the history or
symptoms of a risk.
2. Process Mapping: Gathering information a model can be constructed of the activities
that take place during the risk process. A very useful communication tool to the involved
team as it allows them to map the ICOR (Input, output, controls & resources)
3. Process Flowcharting: A great visual tool to establish why the current process operates
the way it does and also to conduct an objective analysis to identify potential risks.
BSBRSK501B Manage Risk
4. Force Field Analysis: Created by American social psychologist Kurt Lewin this process
allows an organisation or team to identify the forces that affect the process and risks. It
assesses the forces preventing making the change and create a plan to overcome them.
5. Checklists: A good tool for raw data and enabling to structure data with a purpose, to
collect facts in the most efficient way yet and the most effective way. There are
confirmation sheets, process distribution, frequency sheets & defect location sheets.
6. Scenario Analysis: Using analysis tools to predict possible future events and then
considering alternative possible scenarios for that set risk. White it can be a demanding
exercise due to no one being able to predict the future it does have benefits to analyse
any possible outcome.
7. Markov Chains: A mathematical concept to risk solution that examines probabilities,
time, process or system spenditure and the expected transitions between states.
BSBRSK501B Manage Risk
Part 3 – Analyse the risks:

Assess the likelihood of the risks occurring
To assess the risks we need to determine the probability of them occurring by placing them into 5
different categories being rare, unlikely, possible, likely and very likely for example below;
Risk
Complete loss of company
revenue
Vulnerability in organisational
product knowledge
External sources stealing via
technological means
Information systems crashing
on employees
Spending money on extras to
site that could be avoided

Heading
Likelihood
Rare
0 – 5%
Unlikely
6 – 20%
Possible
21 – 40%
Likely
41 – 80%
Very Likely
81 – 100%
Assess the impact or consequence if risks occur
If any of the risks occur that are above 40% and higher the company can go into possible
receivership or shut down as they can greatly put the company at huge risk. Risk being either
through profit, employee loss, sustainability, and organisation revealed secrets and many more.

Depict the risks on a risk matrix
MEDIUM
Incident at a worksite
HIGH
Worksafe shutting down a site
CRITICAL
Loss of cash flow & profits
LOW
New marketing sales release
date pushed back
MEDIUM
Employee knowledge in
company product
HIGH
Government abolishment of
the FHOG bonus
LOW
Director away with illness
LOW
Payments to suppliers are
delayed
MEDIUM
Air conditioning unit effecting
staff members with illness
BSBRSK501B Manage Risk

Evaluate and prioritise risks for treatment
By reviewing the above risk matrix we can see that the most critical of all risks is a complete loss of
company cash flow & profits, the reason this is the most critical to address and make as a priority is
that if the organisation loose profit then the company will shut down. After this the 2 highest to
address is worksafe shutting down a production high end site and the federal government abolishing
the first home owners grant, again these 2 are tied into cash flow which will greatly affect the
business putting us at risk of bankruptcy.
Part 4 – Select and implement treatments:

Determine the most appropriate options for treating the top 3 risks that you have identified
The top 3 risks I have identified are;
1. Loss of sales and cash flow to the business
Treatment for this risk would be to avoid the risk. Trying to avoid this risk by creating
possible new finance options to prospective clients that would allow them to provide part
payments upfront and then balance on completion for a small deposit. Also creating possible
contingency plans to reduce costs during construction of large end projects.
2. Worksafe shutting down a large project
Treatment for this risk would be to share the risk. To share this risk we would have to create
on site daily toolbox meetings with all trades, from there all trades or suppliers are advised
of the practicing OH&S procedures and that if any regulations are broken it will be acted on
them and not the company.
3. Government abolishing the FHOG bonus
Treatment for this risk would be to retain the risk. Unfortunately this risk cannot be avoided
by the organisation or the industry as it is a ruling from the federal government, reduction of
the risk is not possible as we have no control, sharing the risk is not possible as it’s not
something we can share with suppliers or trades so all the organisation can do is retain it
and possibly create plans that will not impact the business to much due to that abolishment.
BSBRSK501B Manage Risk

Develop an action plan for implementing those risk treatments
Firstly we must set the goals for each risk, the goal must be specific, measureable, achievable, and
realistic and be able to be tracked in time, it must be SMART.
1. Loss of sales and cash flow to the business
To reduce possible loss of sales and cash flow the organisation must increase profits within
the next financial year, reduce expenditure, company overheads and increase productivity.
2. Worksafe shutting down a large project
To reduce or eliminate this risk of worksafe shutting down a site which in turn affects cash
flow the organisation must take measures to ensure that worksafe procedures are adhered
too and all work sites are a safe environment.
3. Government abolishing the FHOG bonus
By creating marketing campaigns and greater exposure of the organisation we can be sure
we provide a stable product and produce quality without reduction of possible sales.
Now that the goals have been determined for each risk a plan must be put into action that will
provide us the necessary steps, methods, processes and timeframes suitable to complete our goal.
For example below is an action plan that can be used for risk 1;
Loss of sales and cash flow to the business
Action to be
By whom
By when
taken
Working group
Sales Manager
June
established
Resources
KPI
Sales team
Sales team
established and
understanding of
the meeting
SWOT analysis
taken on the
organisation
Best possible
practice identified
Sales team to
discuss solutions
Working party
June
Meeting room
Research
conducted
Working party
July
Draft policy
Working party
August
Final policy
Director
September
Internet, past
history, other
companies
Computers and
other sales staff
Nil
Draft policy
written
Final policy
approved and
placed into
practice
BSBRSK501B Manage Risk

Explain how you will communicate the action plan information to the relevant parties
I would communicate the action plan to the relevant parties with an in house meeting; this
meeting will have a chairperson being the risk champion who is aware of the full scope of the
risk and in extension the action plan. This risk champion should have the following qualities;
1.
2.
3.
4.
5.
6.
7.
8.
9.
Be balanced and honest to the relevant parties and all involved
Focus on the specific issue/risk
Pay attention to what the audience already knows
Be tailored to the specific needs of the audience
Place the risk in the appropriate context to the most relevant parties involved
Contain the specific information related to the risk
Be respectful in tone and recognise that people have views and opinions
Be honest about the limits of data and research
Consider and address the broader social dynamics of the risk
Once the risk champion can portray the above characteristics during the meeting than the action
plan can be provided to all relevant parties who can then walk away with a clear and concise
understanding of their involvement in the risk treatment.

What documentation is needed and how will it be completed and stored
The following documentation should be completed and stored for risk documentation;
1.
2.
3.
4.
5.
6.
7.
Meeting agenda
Meeting minutes
Research papers & documents
Task of duties to the working party of the risk management process
Duty description for all members involved
Old procedure
New updated policy & procedure
Once all the above documentation has been read, completed and accurately kept it can be stored on
a public network drive as well as having a hard copy available with a backup on hard & soft copies
availably ready. The documentation will be kept up to date by the risk champion or governed OH&S
employee who will update the records at every meeting, conversation, new documentation or any
situation that will amend the policy & procedures.
BSBRSK501B Manage Risk

Describe the steps that you will take to implement your risk management action plan
The following 7 steps will be applied to implement my risk management plan;
1.
2.
3.
4.
5.
6.
7.
Establish a context for the risk management in my organisation
Communicate the risk management plan to the organisation stakeholders
Identify the risks
Analyse the risks
Evaluate the risks
Treat the risks
Monitor and review the risks
Once the above 7 steps have been done within the organisation then the action management plan
has been fulfilled, now the organisation can move forward making sure the risk management plan
put in place is working and achieving the goal.

Discuss how you will monitor the action plan to ensure that it meets its identified goals
There are 3 types of monitoring for an action plan;’
1. Ongoing daily monitoring by all personnel whom will ensure continuous monitoring that is
embedded into daily methods of working.
2. Line management review at designated points of time which can be driven by a risk profile
spanning the managers control levels.
3. An internal or external audit perhaps during an annual business planning session performed
by a third party or stakeholder.
By performing constant reviewing and monitoring of the action plan the organisation can have daily
and perhaps annually review sessions that can ensure there goals are achieved. Also they are able to
see changes in circumstances when they happen in real time via either internal or external sources
which can then trigger a review of the action plan.
The review though should be broad enough that it will encompass the risk implications of all
activities, products, services of the organisation and the changing environment. This can ensure that
the goals of the action plan can be effectively met all the way through the monitoring process.
BSBRSK501B Manage Risk

Explain how you will evaluate the process that you have used to manage these risks
To evaluate the entire process the selected auditor whether they be a manager, OH&S manager,
OH&S committee or an independent auditor they must evaluate the entire enterprise wide risk
management process and not just the nominated action plan. The audit process can be conducted
by the chosen auditor on a 3 year annually basis or more frequently depending on the organisation
and the risks they face.
The nominated person’s job is to determine the following;
1.
2.
3.
4.
The current risk identification process is comprehensive
The process to assigning severity and likelihood ratings is appropriately designated
Processes in place are sufficient enough to control all risks
Process and procedures are followed as intended
Related documents
MM Assignment briefing - Jun-Sep 2013
MM Assignment briefing - Jun-Sep 2013
Unit G620
Unit G620
Corresponding Members Form
Corresponding Members Form
New membership application form - The International Humanist and
New membership application form - The International Humanist and
Font Graphics Colour - Classroom Multimedia
Font Graphics Colour - Classroom Multimedia
Group Membership Form - The Voluntary Network
Group Membership Form - The Voluntary Network
Arts Development UK Organisational membership application form
Arts Development UK Organisational membership application form
Preparing a Records Management Plan (RMP)
Preparing a Records Management Plan (RMP)
What is your role in the organisation?
What is your role in the organisation?
Environmental Policy - Global Infrastructure
Environmental Policy - Global Infrastructure
Download
advertisement