Presentation is loading. Please wait.

Presentation is loading. Please wait.

10 Identify risk and apply risk management processes BSBRSK401.

Published byAugustus Conley Modified over 5 years ago

Similar presentations

Presentation on theme: "10 Identify risk and apply risk management processes BSBRSK401."— Presentation transcript:

1 10 Identify risk and apply risk management processes BSBRSK401

2 About the unit This unit describes the skills and knowledge required to identify risks and to apply established risk management processes to a defined area of operations that are within the responsibilities and obligations of the role. It applies to individuals with a broad knowledge of risk analysis or project management who contribute well developed skills in creating solutions to unpredictable problems through analysis and evaluation of information from a variety of sources. They may have responsibility to provide guidance or to delegate aspects of these tasks to others. In this unit, risks applicable within own work responsibilities and area of operation, may include projects being undertaken individually or by a team, or operations within a section of the organisation.

3 Risk is… Risk management is defined in the standard (AS/NZS 4360:2004) as "the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analysing, assessing, treating, monitoring and communicating".

4 IDENTIFY – EVALUATE – TREAT – MONITOR - REVIEW
Key words IDENTIFY – EVALUATE – TREAT – MONITOR - REVIEW

5 Identify risks

6 Risk context Risk is everywhere, some risks are obvious and some not so. Establishing/identifying context defines the basic parameters within which risks must be managed and sets the scope for the rest of the risk management process.

7 Consider When you think of where to look for risk, in addition to the above you must also consider the following: Technology (new, changing, old) Political factors Legislation Behaviour of consumers and the market place ( trends, fads) Management: controls, procedures, activities Natural events (weather: drought, storms,floods) Competitors Commercial relationships Terrorism Staff/people (what happens if CEO leaves/injured?)

8 Types of risk Commercial and legal relationships
Economic circumstances and scenarios Financial risk Human behaviour Natural events Political circumstances Terrorism Technology and technological issues Reputational risk Product liability Strategic management Work health and safety

9 Tools to identify risk Inspection Consultation
Safety and management audits Testing Scientific and technical evaluation Industry currency Collection and evaluation of material Expert advice Seeking government or regulatory information and help Networking Benchmarking

10 Using tools Tools are specific
They look at cause and effect in relation to the risk This can be either from: a cause to effect perspective, where you identify the outcome of possible causes, or an effect to cause perspective, where you look back from a worst case scenario to its possible causes.

11 Document identified risks
Follow and abide by: Policies Procedures Legislation Risk management plan Use: Legislated forms Organisatonal processes Risk registers

12 Analyse and evaluate risks

13 Key words Due diligence Qualitative risk analysis Quality
Quantitative risk analysis

14 Sources of risk changes in the external environment (natural, political, social, economic) problems or deficiencies in business processes or systems inadvertent or deliberate errors and mistakes inadequate information flow or breakdowns in the flow of information that supports the business processes facilities or equipment that are not suited to the job lack of training management actions – or inaction – or dysfunction, for example leadership/management style, communication abilities, etc inappropriate or unrealistic performance expectations lack of incentives insufficient resources lack of planning.

15 Analysing risk By analysing the causes of risk, it should be possible to develop forward-looking risk indicators that will tell you of impending risk events

16 Assessing risks Once you have identified a risk or a number or series of risks, you need to analyse the risks so that you know: how likely it is that the risk/s will occur – its probability what consequences will be if the risk does occur – its impact.

17 Probability of risk You can look at the probability, or likelihood of a risk event actually occurring as being on a continuum from ‘Almost certain’ (level A) to ‘Rare’ (level E) as described in the table below. Sample Probability Table of Definitions Level Descriptor Description A Almost certain % Is expected to occur in most circumstances B Likely % Will probably occur in most instances C Possible % Might occur at some time D Unlikely % Could occur at some time E Rare % May occur only in exceptional circumstances

18 Impact of risk Impact itself can be assessed in terms of its effect on: time cost quality Sample Consequences (Impact) Table of Definitions Level Descriptor Example detail description 1 Insignificant No service impact; low financial loss 2 Minor Minimal disruption to service capability; medium financial loss 3 Moderate Interruptions to service delivery; high financial loss 4 Major Loss of service capability; major financial loss 5 Catastrophic Loss of business continuity; huge financial loss

19 Risk analysis Risk analysis is sometimes called risk assessment. It is a step by step process. Risk analysis needs to consider the following: What can go wrong? How likely is it that it can go wrong? What are the consequences if it does go wrong?

20 Qualitative vs Quantitative
Quantitative data is information about quantities; that is, information that can be measured and written down with numbers. Some examples of quantitative data are your height, your shoe size, and the length of your fingernails. Qualitative data is information about qualities; information that can't actually be measured. Some examples of qualitative data are the softness of your skin, the grace with which you run, and the color of your eyes.

21 Qualitative vs Quantitative
Some differences between qualitative and quantitative data. The age of your children (Quantitative)   The number of hairs on your head (Quantitative)   The number of coins in your pocket (Quantitative) The softness of a fur coat (Qualitative)   The color of the ocean (Qualitative)  

22 Risk control plan To create an effective risk control plan you should consider the following: Causes of the risk Potential consequences of the risk The likelihood of the risk occurring

23 Risk analysis systems Most risk analysis systems use two measures:
Consequences – the potential severity of the impact of the risk event. Impact could be cost, time, people or quality. Likelihood – the probability of the risk event happening. An overall risk rating is determined by multiplying the consequences by the likelihood. Each risk is considered and scored against both measures.

24 Consequence rating Rating Score Description Insignificant 1
Negligible loss. Consequences easily dealt with Minor 2 Noticeable impact. Minimal damage Moderate 3 Moderate damage. Manageable scale of loss Major 4 Large-scale damage. High loss or restriction Catastrophic 5 Widespread damage. Business objectives severely compromised. Huge financial loss.

25 Likelihood rating Rating Score Description Rare 1
Risk may occur only in exceptional circumstances Unlikely 2 Risk is less than likely during normal operations Possible 3 Risk event is as likely as not Likely 4 Risk event is more likely than not in most circumstances Almost Certain 5 Risk event is expected to occur in most circumstances

26 Risk prioritsation

27 Risk analysis documentation
You must maintain records of your analysis processes and outcomes in order to meet organisational, insurance, quality accreditation and legislative requirements. This could include your: identification and analysis or risks recommendations for change actions to control and monitor risk. Use a risk register to allocate an overall risk and priority rating.

28 Document processes and outcomes
Document management is important It may be part of due diligence procedures Due diligence is a formatted or sometimes regulated process of risk assessment and identification Documents should be easy to understand, use and apply Documents should be available to all people who need to access them Documents should be updated to reflect changes

29 Treat risks

30 Key words Assumption of risk SWOT analysis

31 Determine and assess control systems
Once the risk has been identified, there are two general approaches that you can choose from to begin the decision making process. Control the risk - That is, take ownership of it, and directly implement strategies to take the risk and deal with it. Transfer the risk - That is, remove the risk from the organisation or the process within the organisation.

32 SWOT analysis Conduct a SWOT analysis to determine the best control measure When analysing the best control measures for risk, the SWOT questions become: What are the strengths of this control measure? What are the weaknesses of this control measure? What are the opportunities provided by using this control measure? What are the threats involved in using this control measure?

33 Common approaches Elimination/reduction management Assumption of risk
Transfer risk Changing processes Delaying Sharing risk Spread and minimise locations of the risk

34 Control

35 Risk control measures Avoid the risk
Reduce the likelihood/consequences of the risk Transfer or share the responsibility of the risk Retain the risk

36 Monitor risks Risk is not static Risk must be monitored Failure to monitor risk can cause significant problems within organisation For example, insurance regulatory authorities failed to continue to monitor FAI Insurance and HIH Insurance, causing significant damage when both organisations imploded.

37 Treatment plans The activity Risk events
Evaluation and analysis of the risks Risk rankings Selected treatment options Identification of the relevant personnel Resource allocation Measures of performance Estimate time for completion Review

38 Sample risk treatment plan

39 Monitor and review effectiveness of treatments

40 Key words Risk audit process Quality

41 Review treatments Establish a constant review process
Risk is a continuing and ever present factor As part of your continued risk management program, your constant reviews should ask: Have the chosen risk treatments and solutions been implemented as planned? Is the treatment or solution working? Are there any new or additional issues or problems?

42 Using review results You should examine all results—documentary, verbal, process results, increased or change production values or rates—as part of the risk process Regular, effective identification, recording and reporting of risk will only continue if there is return communication from those assessing the management process. Risk management as a cultural aspect of an organisation will die unless it is fed by positive, supportive and communicated responses from you as the leader/manager, in conjunction with the senior management or executive management of the organisation.

43 Assist in audits Ways to assist in the constant review/audit process
Effective upwards and downwards communication Support organisational culture Document risks and feedback Use established policies, procedures and systems Communicate with senior leaders/managers

44 Great Work! For more detailed information on this topic please see the
“Learner Resource” located in the topic’s section of the Moodle.

Download ppt "10 Identify risk and apply risk management processes BSBRSK401."

Similar presentations

The Risk Management Process (AS/NZS 4360, Chapter 3)

The Risk Management Process (AS/NZS 4360, Chapter 3)
More than OH&S. Definitions of Risk Risk is virtually anything that threatens or limits the ability of a community or non-profit organisation to achieve.

More than OH&S. Definitions of Risk Risk is virtually anything that threatens or limits the ability of a community or non-profit organisation to achieve.
Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.

Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.
COMP8130 and COMP4130 Adrian Marshall Verification and Validation Risk Management Adrian Marshall.

COMP8130 and COMP4130 Adrian Marshall Verification and Validation Risk Management Adrian Marshall.
The Australian/New Zealand Standard on Risk Management

The Australian/New Zealand Standard on Risk Management
Project Based Risk Management Defusing a potential ticking time bomb

Project Based Risk Management Defusing a potential ticking time bomb
The Risk Management Process

The Risk Management Process
1 Risk management and Investigation Peter Roberts

1 Risk management and Investigation Peter Roberts
Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.

Project Risk Management Risk Mitigation. Risk Management  The prime objective of risk management is to minimize the impact and probability of the occurrence.
Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.

Irish League of Credit Unions, 2012 W E L O O K A T T H I N G S D I F F E R E N T L Y Risk Management for Credit Unions September 2013 Risk Management.
PRM 702 Project Risk Management Lecture #28

PRM 702 Project Risk Management Lecture #28
Www.bluevisions.com.au Risk Management & Liability Informa Brownfield Hospital Development Summit 23-24 June 2009.

Risk Management & Liability Informa Brownfield Hospital Development Summit June 2009.
Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.

Project Risk Management. The Importance of Project Risk Management Project risk management is the art and science of identifying, analyzing, and responding.
Equity Housing Group Risk Management. 05 August 2002 © MazarsEquity Housing Group: Risk Management 2 Agenda Introduction: what is Risk Management? The.

Equity Housing Group Risk Management. 05 August 2002 © MazarsEquity Housing Group: Risk Management 2 Agenda Introduction: what is Risk Management? The.
Chapter 11: Project Risk Management

Chapter 11: Project Risk Management
Managing Risks During Tendering and Contract Procurement Tanya Jackson, Principal Consultant.

Managing Risks During Tendering and Contract Procurement Tanya Jackson, Principal Consultant.
Manage operational risk

Manage operational risk
Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.

Risk Management Project Management Digital Media Department Unit Credit Value : 4 Essential Learning time : 120 hours.
Chapter 11: Project Risk Management

Chapter 11: Project Risk Management
Project Management Learning Program 19 – 30 April 2010, Mekong Institute, Khon Kaen, Thailand Assumptions and Risk.

Project Management Learning Program 19 – 30 April 2010, Mekong Institute, Khon Kaen, Thailand Assumptions and Risk.

Similar presentations

Ads by Google