D3

myeazyassignment

4bsbrsk501-slides.pptx

Home >Business & Finance homework help >Operations Management homework help >D3

BSBRSK501 Manage risk

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Topic 1: Establish the risk context

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Establish the risk context

Before conducting or implementing any form of risk management, you must establish your risk context.

Discuss why this is important and how this could be done.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Understand types of risks

Commercial relationships

Economic circumstances

Human behaviour

Individual activities

Legislation

Management activities

Natural events

Political

Technology

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Understand categories of risks

Property-centred risks

Personnel-centred risks

Market-centred risks

Operation-centred risks

Legislation-centred risks

Governance-centred risks

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

The process for managing risks

Communicate and consult.

Establish the context.

Identify the risks.

Analyse the risks.

Address the risk.

Monitor and review the system.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Determine the scope for risk management processes

Identify the scope, such as the stakeholders involved and the time frame.

Ask questions such as:

‘How is the organisation structured?’

‘What is the purpose of the risk management process?’

‘What business projects, units or areas will be examined?’

What else could you ask?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Identify stakeholders and their issues

Internal stakeholders:

Owners

Employees

Managers

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Identify stakeholders and their issues cont’d …

External stakeholders:

Suppliers

Society

Government

Creditors

Stakeholders

Customers

Discuss consultation and prioritisation.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Review the context

Context can include:

Political

Legal

Economic

Social

Technological

Policy

How can you go about understanding each context?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Review existing arrangement

Ask:

How do your existing internal mechanisms address the current environment?

How is policy influencing the processes and procedures?

What are the strengths and weaknesses of these mechanisms?

Identify strengths and weaknesses.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Document critical success factors, goals and objectives

Critical success factors include:

scope

stakeholders

resources

goals.

Set SMART goals, and document outcomes and objectives.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Obtain support for risk management activities

Who should you communicate with about the risk management processes?

What should you communicate?

How should you communicate?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Topic 2: Identify risks

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Identify risks

What do you need to be able to do to identify risks?

Who is responsible for identifying risks?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Identify parties for consultation

Who should you consult about:

finance

sales and marketing

security

equipment

safety

personal

legal

politics?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Strategies for consultation

Contact participants by formal letter, mail or telephone.

Explain the scope of the risk management.

Describe the expertise they can offer.

Arrange a forum for their contribution such as a one-on-one meeting, interview discussion, a focus group or a public consultation meeting.

Ask participants to bring along or send you relevant documents that justify their points of view.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Research risks

Research methods include:

using and analysing statistics

consulting other business areas

analysing previous activities and experience

conducting market research

consulting the public

conducting a literature review.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Generate a list of potential risks

Prepare a draft list of the risks that stakeholders and your research have identified that apply to your scope.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Tools and techniques for generating a list of potential risks

Brainstorm

Use fishbone diagrams

Use flow charts

Use scenario analysis

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

A fishbone diagram

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

A flow chart

Steps in property management would involve:

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Screening the potential tenants

Signing them to a lease

Making regular property inspections

Scenario analysis steps

Prepare basic scenario on a whiteboard; for example, releasing a new product on the market.

Form the basic storyline, develop participants and plot a course of action.

Identify major actions and a ‘safe’ route, where no risks are encountered. For example, releasing a new product may include a product launch, advertising blitz, free samples.

Tease out potential deviations from the planned ‘safe’ route (unforeseen incidents or contingencies) by brainstorming, and adding these ideas and suggestions along the pathway.

Interpret the scenario once it’s finished to develop a checklist.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Gain approval for the project plan

You have now researched and identified a number of potential risks that apply to your scope.

How can you simplify and manage data for presentation?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Topic 3: Analyse risks

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Analyse risks

What does it mean to analyse the risk?

How could this be done?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Assess the likelihood of risks occurring

Likelihood is usually expressed in terms of:

probability (the chance that when a risk exists, a consequence will follow)

frequency of exposure to the risk (how often and for how long the source of the risk exists)

a combination of both.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Analysing the level of risk

To analyse risks, you need to work out the likelihood of it happening (frequency or probability) and the consequences it would have (the impact) of the risks you have identified. This is referred to as the level of risk, and can be calculated using this formula:

level of risk = consequence x likelihood

Level of risk is often described as low, medium, high or very high.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Level	Consequence	Description
4	Severe	Financial losses greater than $50,000
3	High	Financial losses between $10,000 and $50,000
2	Moderate	Financial losses between $1000 and $10,000
1	Low	Financial losses less than $1000

Consequences scale example

Note: Ratings vary for different types of businesses.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Types of analysis

Qualitative analysis

Semi-qualitative analysis

Quantitative analysis

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Qquqqqqd

Three risk elements that concern project management:

Schedule – will the project be completed within the planned timeframe?

Cost – will the project be completed within the allocated budget?

Performance – will the output from the project satisfy the business and technical goals of the project?

Where possible, these risks should be quantified to enable the project team to develop effective mitigation strategies for the risks, or to include appropriate contingencies in the project estimate.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Risk rating	Description	Action
12-16	Severe	Needs immediate corrective action
8-12	High	Needs corrective action within 1 month
4-8	Moderate	Needs corrective action within 3 months
1-4	Low	Does not currently require corrective action

Risk rating table example

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Qualitative analysis

A: Extremely likely (expected)

B: Likely (probable)

C: Possible

D: Unlikely (unexpected)

E: Rare

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Rating system for semi-qualitative analysis

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Quantitative analysis

Likelihood of illness from a risk

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

For every 50,000 units of a food product packaged at the site, 2,500 have been found to be incorrectly sealed.

Therefore, there is a five per cent risk of exposure to illness.

Statistical analysis can thereafter determine how many people exposed to the unsealed product actually become ill.

The incorrect seals lead to the potential risk of customers becoming unwell.

Consequence scale

1. Insignificant

2. Minor

3. Moderate

4. Major

5. Catastrophic

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Determine likelihood and level of impact

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Determine the frequency of exposure to the risk

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Risk evaluation and prioritising

To prioritise well, take into account the:

controls already in place

cost consequences of managing risks or leaving them untreated (in terms of resources as well as health and safety)

benefits and opportunities presented by the risks

risks to be borne by stakeholders.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Topic 4: Select and implement treatments

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Establish the risk content

This step is extremely important, as a wrongly applied or unsuitable treatment can cost your organisation time and money. Discuss why and how.

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Select the most appropriate options for treating risks

Should you:

avoid the risk

change the likelihood

change the consequences?

Release 1 (Aspire Version 1.2) © Aspire Training & Consulting

Analyse the control measures

Ask:

Is the treatment option feasible?

What is the cost of implementing the control measure?

Are there any benefits to be gained by not reducing the risk?

What resources are needed to control the risk?

Does the treatment mean more risks are identified or does it lead to additional benefits?

Is the control measure sustainable or is it a short-term fix?

Are there rare but severe risks that need to be treated regardless of cost?

Select risk treatments

Options may be influenced by:

the priority of the risk

the cost and other resources available

the timeliness required in addressing the risk

legal implications

sustainability of controls

stakeholder sentiment and preferences.

Examples of risk treatment measures

How would you decrease risk of the following situations?

Increased competition

Declining demand for products or services

Expenditure over budget

Inadequate IT system

High staff turnover

Litigation

Develop a risk treatment action plan

What risk areas have been identified?

What are the identified risks?

What are the risk levels?

What actions are required?

Who is taking responsibility?

What are the time lines?

How will you monitor the processes?

Develop the action plan

Research examples of risk treatment action plans.

Document the plan.

Ensure the document is correct and current

Documents must be current and accurate to:

communicate risk management activities with all stakeholders, participants and employees

facilitate ongoing process monitoring and evaluation of the risk management strategy

provide an accountability mechanism that supports the organisation’s corporate plan

provide an audit trail for the follow-up of key actions identified in the action plan.

Retain documents

Documents that may need to be retained include:

Risk assessments

Risk management plans

Insurance cover forms

Incident report forms

Litigation records

Alliances

Contracts and memoranda of understanding

Training records

Storage options

Investigate what storage options are available to you.

Communicate, implement and monitor a risk treatment action plan

Implement the plan

Communicate strategies

Overcome difficulties

Monitor the plan

Evaluate the risk management process

Evaluations can be:

goal-based

process-based

outcomes-based.

Methods for conducting evaluations

Questionnaires, surveys and checklists

Interviews

Documentation reviews

Observation

Focus groups

Case studies

Likelihood Table

The following can be used as a guide for determining likelihood. However this tool

has limitations as likelihood and frequency of events tend to vary between

disciplines and functional areas.

Level Likelihood Expected or actual frequency experienced

1 Rare

May only occur in exceptional circumstances; simple process; no

previous incidence of non-compliance

2 Unlikely

Could occur at some time; less than 25% chance of occurring; non-

complex process &/or existence of checks and balances

3 Possible

Might occur at some time; 25 – 50% chance of occurring; previous

audits/reports indicate non-compliance; complex process with extensive

checks & balances; impacting factors outside control of organisation

4 Likely

Will probably occur in most circumstances; 50-75% chance of

occurring; complex process with some checks & balances; impacting

factors outside control of organisation

5 Almost

certain

Can be expected to occur in most circumstances; more than 75%

chance of occurring; complex process with minimal checks & balances;

impacting factors outside control of organisation