Lecture Risk Management 1 Work Book Lect

BSB41015 CERTIFICATE IV IN HUMAN RESOURCES
BSB42015 CERTIFICATE IV IN LEADERSHIP AND

MANAGEMENT
Resource
Risk Management
Management 1
BSBRSK401 Identify Risk and Apply Risk Management Processes
2
This workbook has been designed for use in conjunction with

information and materials provided at lecture and tutorial
sessions.
Students should attend all timetabled sessions so they can
obtain all subject information. Students should read and
understand all materials provided.
Information that is available in digital form is not included in
this workbook in the interest of the environment.
Publisher: Young Rabbit Pty Ltd

(A.C.N. 003 381 182) trading as
Australian Pacific College
Ground Floor, 189 Kent Street
Sydney NSW 2000
Australia
Tel: (02) 9251 7000
Edition: 6th Edition
Release date: May 2017
The publisher owns the copyright in this
publication. All rights reserved.
No part of this publication may be reproduced
by any process without the prior written
permission of Young Rabbit Pty Ltd.
2017 Young Rabbit Pty Ltd

Australian Pacific College
Lower Ground, 189 Kent Street

Kent St Campus (CBD)
Sydney NSW 2000
P (61 2) 9251 7000
F (61 2) 9251 7575
Web: www.apc.edu.au
CRICOS Provider: Young Rabbit Pty Ltd 01331F
ABN: 28 003 381 182
RTO PROVIDER: 90396
Front page cover: APC Image
WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

BSB41015 CERTIFICATE IV IN HUMAN RESOURCES and BSB42015 CERTIFICATE IV IN LEADERSHIP AND MANAGEMENT
RISK MANAGEMENT 1_V6.5
iii
Contents
Unit of Competency........................................................................................... iv
BSBRSK401 Identify Risk and Apply Risk Management Processes.................. iv
Grading System................................................................................................ iv
Assessment 1.................................................................................................... v
Assessment 2................................................................................................... vi
Legend............................................................................................................. vii
1. Identify risks.................................................................................................. 1
Activity 1.1..............................................................................................................7
Activity 1.2............................................................................................................11
Activity 1.3............................................................................................................14
2. Analyse and evaluate risks.......................................................................... 15
Activity 2.1............................................................................................................17
Activity 2.2............................................................................................................20
Activity 2.3............................................................................................................23
3. Treat risks................................................................................................... 24
Activity 3.1............................................................................................................27
Activity 3.2............................................................................................................30
Activity 3.3............................................................................................................32
Activity 3.4............................................................................................................34
Activity 3.5............................................................................................................36
4. Monitor and review effectiveness of risk treatment/s................................. 37
Activity 4.1............................................................................................................39
Activity 4.2............................................................................................................41
Activity 4.3............................................................................................................43
Appendix Tables........................................................................................... 44

iv
UNIT OF COMPETENCY
BSBRSK401 Identify Risk and Apply Risk
Management Processes
Elements
1. Identify risks
2. Analyse and evaluate risks
3. Treat risks
4. Monitor and review effectiveness of risk treatment/s
For further information on the Units of Competency, please visit

www.training.gov.au, or refer to your Course Outline booklet.
GRADING SYSTEM
High Distinction (HD) 85% and above
Distinction (D) 75-84%
Credit (Cr) 65-74%
Pass (P) 50-64%
Not yet competent (NYC) Below 50%

v
ASSESSMENT 1
BSB41015
Certificate IV in Human Resources
Course Name
BSB42015
Certificate IV in Leadership and Management
Subject/module Risk Management 1
Part A: Written or Oral Questions

Assessment method
Part B: Written Assessment
Due date Session 5
Weighting 50%
BSBRSK401
Units of Competency
Identify Risk and Apply Risk Management Processes
Instructions
1. Assessments should be completed as per your trainers instructions.
2. Assessments must be submitted by the due date to avoid a late
submission penalty.
3. Plagiarism is copying someone elses work and submitting it as your
own. You must write your answers in your own words or appropriately
reference your sources. A mark of zero will be given for any assessment
or part of an assessment that has been plagiarised.
4. A list of references must be included.
5. You may discuss your assessments with other students, but submitting
identical answers to other students will result in a failing grade. Your
answers must be yours alone.
6. Your trainer will advise whether the assessment should be digitally
uploaded or submitted in hard copy. Assessments that are digitally
uploaded should be saved in pdf format.
7. You must pass both assessments in the subject to pass the subject.

vi
ASSESSMENT 2
BSB41015
Certificate IV in Human Resources
Course Name
BSB42015
Certificate IV in Leadership and Management
Subject/module Risk Management 1
Part A: Written or Oral Questions

Assessment method
Part B: Written or Oral Questions
Due date Session 8
Weighting 50%
BSBRSK401
Units of Competency
Identify Risk and Apply Risk Management Processes
Instructions
1. Assessments should be completed as per your trainers instructions.
2. Assessments must be submitted by the due date to avoid a late
submission penalty.
3. Plagiarism is copying someone elses work and submitting it as your
own. You must write your answers in your own words or appropriately
reference your sources. A mark of zero will be given for any assessment
or part of an assessment that has been plagiarised.
4. A list of references must be included.
5. You may discuss your assessments with other students, but submitting
identical answers to other students will result in a failing grade. Your
answers must be yours alone.
6. Your trainer will advise whether the assessment should be digitally
uploaded or submitted in hard copy. Assessments that are digitally
uploaded should be saved in pdf format.
7. You must pass both assessments in the subject to pass the subject.

vii
LEGEND
Not all ICONS are used in this workbook
Research/Investigate
This tells you to go and find out some information
Activity/Provide notes
This indicates that you need to take notes and/or complete
an exercise/activity in this workbook
Reference material/manuals
This means you should look to sample of organisations
policies and procedures or to some other learning material,
resources to complete this exercise/activity.
Think
Take some time to think about the information and record
your own ideas
Talk
Talk to your peers, colleagues swap ideas.
Reading
Selected extra reading requirements.
You
Sydney Ferries
Youtube
Selected Youtube requirements.
Tube

1
1. IDENTIFY RISKS
What is risk management?
Risk management is the ability to identify risk and be able to use counter-
measures to prevent or minimise that risk. This is usually used in the context of
business for financial risk but can also be used for other situations where risk
needs to be assessed and managed, such as project management and for health
and safety.
Applying risk management processes in any organisation is an integral part
of any managers role. Managers need to be able to identify risks, hazards
and other situations that can cause harm to the business or people within the
business.
Staff members need to be safe at all times in the workplace and part of the
duty of care rests with their manager in ensuring they are in a safe working
environment. If a risk is present, management needs to take action to remove or
eliminate it for the safety of staff members.
So what is risk?
A risk is an event, activity, a situation or problem that could impact on
organisational objectives.
TYPES OF RISK
Risks take many forms and they can be classified in various ways. Some risks
can be anticipated, while others a business has little control over.
Risks can be classified into five types:
ff Strategic protection of intellectual property, loss of a major account,
competitor coming into the market, pursuing or not pursuing a new
opportunity
ff Compliance failure to comply with a regulation or standard, breach of
contract, responding to the introduction of new legislation
ff Financial increase in interest rates, non-payment by a customer, foreign
exchange movement, managing bad debts
ff Operational breakdown of major equipment causing production delays,
data security, theft, fire, dealing with hazardous chemical or materials, key
employee leaving
ff Market or environmental external risks that a company has little control
over such as major storms or natural disasters, global financial crisis,
changes in government legislation or policies.
Many risks fall into different types so there is not a hard and fast rule when
classifying risks. For instance, a change in government legislation or polices
could also impact on compliance. Or, movement in foreign exchange might
hinder a companys ability to sell internationally, thus impacting on its strategy.
Putting risks into different types can help with formulating a risk management
plan.
2
Managing risk in your organisation

To manage risk, organisations must follow risk management standards.
According to Australian/New Zealand standard AS/NZS ISO 31000:2009, Risk
Management has seven processes.

3
1) Establishing a context for risk management in your organisation

This includes:
ff clarifying the vision, mission and goals of your organisation
ff identifying the wider environment within which your organisation operates
ff setting the scope and objectives for the risk management process
ff identifying how risks will be measured
ff identifying what will be involved in the risk assessment process.
2) Communicating risk management to your organisations
Good communication and consultation is essential for risk management and
attempts to:
ff improve peoples understanding of risks and the risk management processes
ff ensure all relevant stakeholders are heard
ff ensure that everyone is clear on their roles and responsibilities.
3) Identifying risks in your organisation
The aim is to develop a comprehensive list of the sources of risks and their
consequences. There is not one right way to do this. Some strategies are:
ff brainstorming at a staff meeting
ff brainstorming with stakeholders with relevant knowledge and experience
ff systematic analysis, eg, flow charting systems and processes
ff development of what if scenarios
ff researching relevant data, such as injury rates, insurance claims, death
rates, etc.
4) Analysing risks in your organisation
Some of the key questions in analysing the risks are:
ff What is the likelihood of the risk?
ff What is the consequence?
ff What is the level of risk (combination of likelihood and consequence)?
ff What factors affect the likelihood or consequences?
ff What is the level of uncertainty?
ff What are the limitations to the analysis?
Similar questions can be asked in relation to opportunities (ie risks with positive
consequences):
ff What is the likelihood of the opportunity?
ff What is the consequence?
ff What is the level of opportunity/risk (combination of likelihood and
consequence)?

4
5) Evaluating risks in your organisation

Some of the key questions in risk evaluation are:
ff What are acceptable levels of risk?
ff What are intolerable levels of risk?
ff Does the risk need treatment?
ff What are the priorities for treatment of risks?
6) Treating risks in your organisation
To effectively treat risks one needs to understand how risks arise. Some of the
ways that risks are treated are:
ff Contingency planning (ie plan in advance for an event that may happen so as
to minimise any negative effects should it happen)
ff Sharing the risk eg when entering into contracts with other service providers
specifying they share the risk, use of waivers
ff Transfer the risk, eg, through insurance
ff Avoiding the risk, eg, no longer undertake the activity
ff Financing the risk eg, setting funds aside to pay for the consequences
ff Reducing the risk, eg, through changing work practices
In treating risks there will be trade offs between costs and benefits. One will
have to make a judgement that the cost of reducing the risk is worth the benefit
of the reduced risk.
Key question: What is acceptable risk?
7) Monitoring and reviewing risks in your organisation
Risk management is an ongoing process:
ff the risk management process needs monitoring
ff the effects of risk treatments need to be monitored and reviewed to ensure
they are adequate and effective
ff new risks need to be scanned for.
To be able to assess potential risk with a situation, you will need to understand
the context of that risk in relation to your needs and the outcomes that you
want to achieve. You should look to assess how any risk will affect you, your
organisation and any other party involved both the negative and positive
outcomes.

5
1.1 Identify the context for risk management

Context for risk may include:
ff Any related projects or organisations
ff Any resources, including physical assets, which are vital to operations
ff Key operational elements and service of the organisation
ff Organisation or project, how it is organised and its capabilities
ff Own role and responsibilities in relation to overall project or organisation
design.
The potential risk may come from the consequence of any actions taken, or it
may come from outside influences that arise and are beyond your control, such
as a competitor starting up a business nearby which takes away some of your
client-base.
The risk may have negative consequences but if the risk is managed correctly it
could bring fantastic gains. It will depend upon your/your organisations ability
to plan, assess and manage the risk as to the outcome you may achieve. All
businesses need to manage risk in their ventures and with the correct processes
make successful decisions and take appropriate actions.
Your risk may be neutral, negative or positive:
ff Neutral risk will be minimal and have no impact
ff Negative (the hazard) risk can be detrimental and cause losses/failure
ff Positive (the opportunity) risk will be of benefit.
At all costs you should avoid negative risks and look to prevent this by taking
preventative measures.
Australian and international standards for risk management

ISO 31000 is the international standard for risk management and helps
organisations in their risk analysis and assessment.
Applies to business activities such as:
ff Planning
ff Management operations
ff Communications.
By following ISO 31000, organisations can look to improve their business
operations, governance and increase stakeholder confidence through minimising
losses. It also focuses on health and safety in the workplace, provides tools to
help in decision-making for pro-active management. Organisations can look to
improve their compliance with relevant legislation and become better equipped
to identify the potential threats and also the opportunities.
For further information on business standards, see the BSI (British Standards
Institute) website, they provide recognised business standards throughout many
countries, including Australia: http://www.bsigroup.com/en-AU/ (access date:
19.03.2015)

6
Note: The AS/NZS ISO 31000 (dated from 2009) is an adoption of the
International standard ISO 31000 and supersedes the AS/NZS 4360 standard for
Australia and New Zealand. The joint Australia/New Zealand committee OB-007
decided to use this instead of revising the AS/NZS 4360 standard so that a more
unified international standard on risk management could be promoted.
A duty of care
All organisations have a duty of care towards their staff and should put
measures in place to prevent all possible causes of injury from occurring at their
premises. All physical risks need to be assessed and counter-measures made to
ensure the work place is a safe environment for all that work or visit there.
All staff should also follow the correct action to ensure the safety of themselves
and also of their colleagues; no member of staff should put themselves
or another person at risk from any hazard. Your organisation should put
procedures in place to ensure all members of staff are aware of the safety
requirements and provide any training that may be necessary.

7
Activity 1.1
1. What is risk management?
2. What can risk be categorised as?
3. What is the name of the current Australian standards in place for risk
management?

8
4. What is the name of the international standards in place for risk

management?
5. What is a duty of care?

9
1.2 Identify risks using tools, ensuring all

reasonable steps have been taken to identify all
risks
Identify the risks
Produce a list of the potential sources of risk and the consequences of
these. There are various ways that this can be done and it depends upon your
resources as to which method will work best.
You can brainstorm potential risks in a team/staff meeting, taking the time to
listen to all contributions however small or unrelated they may seem at the
time. By considering other viewpoints, you are more likely to build up a bigger
picture of potential risks. Each individuals experiences and expertise will expose
thoughts on risk that should be considered. It may also be worth brainstorming
with other trusted contacts, such as stakeholders (see section 2.1 in this unit
for more information on stakeholders), so that a broader understanding can be
made.
You can also make a systematic analysis of the situation to expose any risks.
This could involve compiling data on all aspects and the use of flow charts/
tables to show the information at hand. From gathering all viable information,
you can look at potential situations or projections that may arise. This will give
you a better understanding of the risk involved.
Try looking at the various outcomes of the situation to work through each risk
scenario. This will prepare you for the different courses of action that may
be needed and will help you to plan ahead. It may also be useful to research
any relevant data with other assured sources, such as insurance claims or
performance figures of those involved.
Questions that managers may need to ask themselves:
ff What can be impacted by the business itself?
ff What outside factors play a part in stopping business?
ff What is the environment of the business?
ff How dangerous is this environment?
ff Who could be impacted within the business
ff What external forces does the business depend on?
ff Who are the stakeholders in the business?
ff How much does the business depend on them to continue?

10
Tools to identify risks

Documentation is essential in assisting you in the process of identifying risk.
It will help you to assess the impact and likelihood of risk occurring. Seeing
information on paper is a valuable way to make it real. To identify risks you can
use risk identification forms in Table 1 in Appendix.
Make sure you use staff resources to help you identify risk; you could bring
together a team of experienced people to work on identifying and assessing the
risk, or even bring in a consultant with expertise in risk management.
Your organisation/place of work can also look at its own business operations
to expose possible risks. Use checklists and testing procedures with work and
prioritise risks by developing a system of scale to evaluate high and low risks,
such as a numerical scoring system.
Risks may include:
ff Commercial and legal relationships
ff Economic circumstances and scenarios
ff Human behaviour
ff Individual activities
ff Management activities and controls
ff Natural events
ff Political circumstances
ff Positive risk
ff Technology technological issues
ff Hazards in the workplace such as:
physical hazards
biological hazards
ergonomic hazards
psychological hazards.

11
Activity 1.2
1. List four risks that may occur.
2. What is the strategy of risk assumption?
3. Name two other risk strategies?

12
1.3 Document identified risks in accordance

with relevant policies, procedures, legislation and
standards
Record the risks
Look at all the risks that you have identified and make sure that these are
clearly documented. These risks should be checked against your organisations
policies and procedures, and also any legislation that will affect your business
activities. Any risks or risk management that go against legal requirements and
organisational procedures should be avoided.
Policies, procedures, legislation and standards

Anti-discrimination legislation and ethical principles
In Australia, the following anti-discrimination laws apply:
ff Age Discrimination Act 2004
ff Australian Human Rights Commission Act 1986
ff Disability Discrimination Act 1992
ff Racial Discrimination Act 1975
ff Sex Discrimination Act 1984.
You must follow these laws in all aspects of your work. You cannot discriminate
against individuals based on characteristics like age, gender, disability and race
and you must afford everyone equal opportunities. Full details about these Acts
can be found at www.humanrights.gov.au (access date: 19.03.2015).
Codes of practice
Codes of practice are the guidelines that should be followed to ensure best
practice is performed. It depends on the nature of your business industry as to
what these may include but they will be common-sense practices that abide by
moral and ethical codes. Most organisations will have their own guidelines for
working practices which will incorporate the correct codes of practice.
Privacy laws
The main aspect of confidentiality requirements is The Privacy Act. This is an
Australian law that came into force in 1988 and governs how organisations
handle personal information about people, whether staff, clients or customers,
etc.
The Privacy Act comprises of 13 Privacy Principles that legally must be
adhered to and also, as explained by the Office of the Australian Information
Commissioner (OAIC) website:
ff Regulates the collection, storage, use, disclosure, security and disposal of
individuals tax file numbers
ff Permits the handling of health information for health and medical research
purposes in certain circumstances, where researchers are unable to seek
individuals consent
13
ff Allows the information commissioner to approve and register enforceable

app codes that have been developed by an app code developer, or developed
by the information commissioner directly
ff Permits a small business operator, who would otherwise not be subject to
the Australian privacy principles (apps) and any relevant privacy code, to opt-
in to being covered by the apps and any relevant app code
ff Allows for privacy regulations to be made.
Further information on the Privacy Act can be found on the Office of the
Australian Information Commissioner (OAIC) website: https://www.oaic.gov.au/
privacy-law/privacy-act/
Environmental issues
It will depend upon the nature of your business as to how much environmental
issues will impact your place of work. All businesses should be aware of
the environmental legislation that exists in each state/territory and that
may affect their business industry. Further information can be found at the
Australian Government Business website: https://www.business.gov.au/info/run/
environmental-management
Work health and safety
Workplace Health and Safety (WHS) legislation replaced Occupational Health
and Safety (OHS) legislation in 2011.
WHS legislation stipulates that employers must provide their staff with:
ff Safe premises
ff Safe machinery and materials
ff Safe systems of work
ff Information, instruction, training and supervision
ff A suitable working environment and facilities.https://www.business.gov.au/
info/run/workplace-health-and-safety
WHS is in place to regulate businesses in their assessment, identification and

control of hazards within the workplace. This includes hazardous substances
and any appropriate licensing and permits that may be required. Employees are
also obliged to ensure that they work safely and do not endanger the safety of
their colleagues, clients and others.
How WHS affects your work in health will vary according to your job role and
your industry. In order to work safely and legally in your role you should have
been trained to do so by your organisation, as this is a legal requirement. Where
you identify possible or actual WHS breaches in your planned responses, they
will need to be reviewed and amended to be compliant immediately before they
are used again.

14
Activity 1.3
1. What laws are included in Anti-discrimination legislation?
2. With regards to Workplace Health and Safety (WHS) legislation, what

should employers provide their staff with?
3. When did WHS legislation come into force, and what did it replace?

15
2. ANALYSE AND EVALUATE RISKS

2.1 Analyse and document risks in consultation
with relevant stakeholders
Communication risks with stakeholders
Stakeholders refer to any individual, group or organisation that has an interest
in an organisations business. This interest stems from the fact that decisions
made within that business will have an impact directly upon them. The level of
impact will depend upon the association with that business.
Stakeholders may include:
ff Contractors
ff Employees
ff Financial managers
ff Insurance agents
ff Managers
ff Public
ff Shareholders
ff Service providers
ff Suppliers
ff Unions
ff Volunteers.
Analyse the potential risk

To analyse the risk, you need to look at the probability of the risk happening and
create a risk control plan to manage this. Look at the documentation gathered
for assessing your risk management and if you need to clarify any further points,
make sure this is done so all the information can be looked at.
Questions to ask when analysing the risks:
ff What influences affect the possible risk occurring?
ff What is the probability of the risk occurring?
ff What is the consequence of that risk?
ff What is the level of risk (probability and consequence combined)?
ff What happens if the risk/consequence occurs?
ff Have all relevant stakeholders been consulted?
ff What is the time-frame for producing the plan?
ff What considerations have been made for a contingency plan?
ff Who is responsible for which tasks?
ff What limitations are there with your risk analysis which could affect your
predictions?
Read the risk management plan with the team members involved and look at

16
the feasibility of the plan and at the required changes. Remember to include
industry regulations in your requirements and discuss options with the team.
Review and make changes to the plan as needed and communicate your
findings to all staff members and any relevant stakeholders. You may only need
to discuss the key points to the majority of your stakeholders, as it may not be
appropriate to discuss the in-depth business operations of your organisation.
Risk analysis consultations

You should consult with the appropriate stakeholders on your analysis as they
can add perspective and alternative views on what the risks may be. Remember,
with their own interest in the success of the business, they will want the venture
to succeed.
Consultations with stakeholders should be performed in-line with legal
requirements and as courtesy to those who have an interest in your business. It
allows you to inform them of any potential major changes with your business and
enables you to record their thoughts and feedback. This also provides evidence
of other viewpoints which should be documented clearly and thoroughly.
Voting on business decisions
In some situations, a consultation and voting process may be needed with your
stakeholders who have a share/ownership interest in your business (such as
shareholders or directors). You will need to allow time for a voting procedure to
occur and should make sure that all organisational and legal requirements are
performed alongside this. A voting system will inform your stakeholders of any
major business needs and will allow you to explain why such action is needed
and the benefits to them.
Meetings
With other stakeholders, you may find that a meeting is the best method to
consult them on your proposed changes and the risks involved. This can be
formal or informal depending upon the stakeholder. For example, a meeting
with a union representative would be formal and minutes of the meeting
should be taken and recorded carefully. Whereas meetings with suppliers or
contractors would be semi-formal depending upon the relationship that you
have established with them.
Workshops/focus groups
For any stakeholders that are informal in their relationship, you may find that
a workshop or focus group will work well for your consultation. If you have
volunteers that help you, or need to inform the public of your proposals and
potential risks this would allow a more informal discussion-based meeting to
occur.

17
Activity 2.1
1. What are stakeholders?
2. Name four possible types of stakeholders.
3. List three questions that may be asked when analysing the risks.

18
2.2 Undertake risk categorisation and determine

level of risk
Risk categorisation
To help you with categorising the particular risk that may affect you, you should
be aware that this categorisation must be relevant to you and your organisation.
You may start with a set categorisation chart, but invariably to make this work
accurately, you should bespoke this to suit your needs every time you come to
need a risk categorisation, adding as many levels as needed.
Construct a system of scale to help you determine how likely a threat or
opportunity will be. You could use the categorisation, as below, or choose a
numerical system instead, for example 1-5 (1 being low risk and 5 being high
risk). By using a category for the likelihood of the risk against a category of the
consequences of the risk, you can build a clearer picture on each one.
Risk categorisation may include (see Table 2):
ff Likelihood of risks:
almost certain
likely
possible
unlikely
rare
ff Consequences of risks:
insignificant
minor
moderate
major
catastrophic
current control measures.
Both a worded or numerical categorisation will achieve a rating system that
you can use with each risk to determine its impact. Fine-tune the categories
as much as you need to, so you can accurately assign the risk level and look at
preventing any negative consequences.
The level of risks

Once you have identified the level of risk for each one, you can look at the
importance of how this may affect your organisation and plan the best course of
action. The potential impact upon your business needs to be seen.
Level of risk may include:
ff Low, treated with routine procedures
ff Moderate, with specific responsibility allocated for the risk, and monitoring
and response procedures implemented
ff High, requiring action, as it has potential to be damaging to the organisation
or project
19
ff Extreme, requiring immediate action, as it has potential to be devastating to

the organisation or project.
Risk matrix
A risk matrix categorisation provides an overview of the potential risks within a
table format to show areas of concern and any priorities that need to be worked
on. This is a useful way to assess any probabilities of risk.
As in the example below, this template risk matrix shows how to evaluate risk
level..
Example: you may decide the likelihood of a fire is unlikely (a score of 2) but
the consequences are catastrophic (a score of 5). Using the tables and formula
above, a fire therefore has a risk rating of 10 (i.e. 2 x 5 = 10) means High.
Analyse of risk level Quantitative (risk rating table example)
Risk rating Description Action

16-25 Extreme Needs immediate corrective action
8-16 High Needs corrective action within 1 month
4-8 Moderate Needs corrective action within 3 months
1-4 Low Does not currently require corrective action
In order for a risk matrix to be successfully used, you should design a specific
matrix for your particular needs and carefully monitor individual risks through
the project. If not used correctly the matrix will not give you a clear indication of
risk.

20
Activity 2.2
1. What is a risk categorisation?
2. What is a risk matrix?
3. How does a risk categorisation help you?

21
2.3 Document analysis processes and outcomes

Risk management processes
Having a risk management process to follow and implement is important to the
success of your organisation and duty of care to staff. By making an analysis
of each area you can make careful documentation to maintain clear progress
towards the outcomes you are aiming to achieve.
This documentation can be used for your evaluation process and for reference
throughout your project. It will show the steps that you have taken and the
achievements you have made so far. It will also cover you for any legal or
organisational requirements and the need for keeping records.
A risk assessment
A risk assessment can be carried out for many reasons and it ensures that
safety is reviewed and maintained. With change comes the need to meet
organisational guidelines and procedures and a risk assessment provides
the opportunity to check your list of requirements and to make sure you are
following the correct policies in place for your business.
You may want to make a risk assessment on:
ff Changes to equipment and new technology used at your workplace
ff An accident or incident that happens at your business
ff Implementing a change in working procedures
ff Security requirements for the protection of your premises
ff Changes to staff resourcing.
Identifying hazards
A hazard is the threat of potential injury, harm to a person, property,
environment; it is also the threat of damage to your business, be it profits,
reputation or inadequate working practices. This provides the opportunity for
other organisations to step in and take a share of your business, which further
damages your organisations ability to bounce back.
You may want to seek advice from:
ff Technical and industry experts
ff Insurance assessors
ff WHS representatives
ff Professional associations
ff Colleagues and peers.
Businesses that plan and document their risk management, and review this
regularly for effective management of risks, are better placed for successful
operations. By staying alert and ahead of any risks, they take the necessary
preventative actions to divert negative impacts. Only the unforeseen risks will be
the hazards that are difficult to control and if any occur, the organisation will be
in a better position to deal with these.

22
It will be the organisations that do not plan careful risk management or take
responsibility for the continual monitoring of their risk management that will
have uncertain outcomes.
Documentation
Your organisation will need to keep records for legal requirements and for any
future analysis needs. All incidents of risk need to be documented so that future
occurrences of risk can be avoided and your organisational systems can be
improved to better handle such situations.
Templates and copies of forms should be made available to staff for their use
and clear procedures should be explained so that all employees follow the
correct documentation processes. You may have forms for risk assessment,
incidents/accidents, risk monitoring, risk matrix, risk register (See Table 5)
Risk register
A risk register will help you to review your risk measures and to communicate
progress to other personnel. The register documents the risk details, the
current position of each risk and the effects each has had. Carrying out risk
tasks should be a daily routine for any project manager and will keep you on
top of both current risks and any new situations of risk that may arise through a
project.
A risk register includes:
ff Risk descriptions
ff Ownership issues of risk
ff Basic analysis for cause and effect.
This will enable you to track the risks involved and to moderate tasks as
required. It will also allow you to update the status of the risks so that the
information is current to all.
Look to see if the risk result has disappeared as a result of the treatment plans
performed or if a new risk has emerged as a result. It is helpful to log any new
risks and needs that evolve over time.

23
Activity 2.3
1. Name three things that you may want to make a risk assessment on.
2. Who could you seek advice form when identifying the hazards of a risk?
3. Why should your organisation keep records?

24
3. TREAT RISKS
3.1 Determine appropriate control measures for
risks and assess for strengths and weaknesses
Using control measures
From all of your documentation and analysis you will in a position to determine
the control measures needed for your recognised risks. If you need to do this in
consultation, make sure everyone involved has the facts at hand and can give a
true response to help you decide upon the correct measures for control.
Control measures may include:
ff Hierarchy of controls:
reduction in likelihood of risks
reduction of consequences of risks
retention of risks
risk aversion
transfer of responsibility of risks.
Risk management strategies

Risk management is a two-stage process; identify the risk and control the risk.
Develop a strategy that will encompass your needs and help you control any
situations of risk. By planning and understanding what you need to look out for,
you can be in a place of power from the start.
There are different approaches to manage risk and these include:
ff Risk assumption this strategy lets the other party know that there is an
element of risk involved, for example, building a new hotel that is scheduled
to be open for business by a certain date. If the hotelier is aware that this
may not be completed in time, he/she cannot expect to take issue if this is
delayed.
ff Risk avoidance this strategy looks to avoid the risk by not taking the course
of action that could cause any negative impact to occur, for example, not
using an unknown manufacturer to make your products.
ff Risk retention this strategy accepts the potential risk because the
successful outcome far outweighs the negatives.
ff Risk transfer this strategy shares the risk by either using another party to
take on some of the risk for example, using a supplier to source difficult to
find parts or by using an insurance policy to cover the risk.
As with all risk management, you should look to increase the risk opportunities
for positive gains and minimise the threats to your business operations.
To help you control situations where risk is a possibility you may want to:
ff Check likelihood of the risk against organisational objectives
ff Check if the risk relates to your organisations mission statement

25
ff Evaluation of WHS meeting notes/minutes

ff Evaluation of incident and accident reports
ff Forecast of financial and economic situations
ff Use key performance indicators
ff Ensure risk is checked against organisational policies and procedures and
relevant legislation.
The success of a business project will rely upon the correct assessment of
business opportunities, analysis and evaluation of the situation, and forward
planning for the best course of action. This encourages a confident approach to
decision-making and carrying out working tasks. You should plan to revisit risks
regularly throughout your work to control what may occur and to create any
necessary contingency plans.
Strengths and weaknesses of your business operations

As part of your risk management, you will need to assess the capabilities of your
organisation and whether you have the resources and the level of experience
required. Make an open assessment and look at the strengths and weaknesses
of your business.
Strengths may include:
ff Experienced personnel with excellent training
ff Good resources available
ff Thorough analysis of risk management
ff Backing from your insurance agents/financial managers.
Weaknesses may include:
ff Lack of overall project management
ff Unassigned roles of responsibility with risk management
ff Poor resources available
ff Limited budget.
S.W.O.T analysis
A strengths, weaknesses, opportunities and threats (S.W.O.T.) analysis can be
used to evaluate measures in place for addressing potential risks. Strengths
and weaknesses refer to internal factors within your organisation these are
the elements that need to be assessed and controlled before looking at the
remaining factors. Opportunities and threats are the factors that you will come
against to optimise your opportunities and to eliminate/minimise the threats;
you need to plan your tasks accordingly.
This can be a useful tool to keep you on track and to help you readjust any
strategies or to redirect your objectives along the way.

26
Example S.W.O.T. analysis table:
Strengths Weaknesses
ff Budget allocated ff Project will take a long time to
ff Market experience complete
ff Established team and resources ff Costs may increase
ff Environmental impact
Opportunities Threats
ff Project will guarantee jobs ff Consumer market close to
ff Financial gain saturation
ff Possible expansion of organisation ff Longevity of outcome unsure
ff Delays in meeting deadlines
Gather all the information that you need to start making decisions on the next
steps. Without all the information at hand, making decisions will be difficult
and could prove to be incorrect for your organisations needs. Never assume
anything, find the information that you need and make sure it is from trusted and
approved sources.
The following highlights some of the steps you may need to take when looking to
make decisions:
ff Identify the issues and determine initial risks
ff Analyse the situation to understand what information you have, what you will
need and how you can get this
ff Use a S.W.O.T. analysis to determine if further investigation are plausible
ff Identify all scenarios and options available (brainstorm with colleagues and
anyone else who can help)
ff Select the best option and develop a risk analysis and contingency plan
ff Implement the decision and document steps taken to get to this point.

27
Activity 3.1
1. Within the control measures, what are the hierarchy of controls?
2. What is a S.W.O.T. analysis?

28
3.2 Identify control measures for all risks

Controlling risks
Put measures in place to control the risks that you have found. Identify which
methods of control are needed for the governance and operations of your
organisation, in order to bring about the success you would like. Make sure
the objectives are clear and established within your operations, that work is
effectively carried out to deadlines, and ensure the required resources and staff
are available.
Porters Five Forces
The Porters Five Forces model allows you to look at where power lies in a
business situation and how it may affect your organisation. This helps you to
assess your risk position in the market and the potential to make profits by
looking at the factors that can be changed to put the balance in your favour.
1. Supplier power this depends upon your reliance upon using suppliers and
how many suppliers can offer you what you need. The fewer options you have,
the more dependent you are upon the supplier and their costs may increase.
2. Buyer power this depends upon your buyers, whether or not they are
willing to pay what you charge for your products/services. If there are other
opportunities for your buyers to choose different organisations, the weaker
your position will be and your prices could be driven down.
3. Competitive rivalry this depends upon how many competitors you have and
how comparative their products/services are. The less others offer the same
as you, the better your position will be.
4. Threat of substitution if your products/services can be substituted for
alternative products/services by other organisations, this will weaken your
strength in the market.
5. Threat of new entry if the market is easy to enter and competitors can
easily establish themselves, this will weaken your organisations growth and
profits. If the industry you are in has many obstacles to entry this will protect
the market.
Threat of new
entry
Supplier Competitive Buyer

power rivalry power
Threat
of
substitution

29
Measures you can take

To control risk measures, you could:
ff Look to using technology, e.g. you could use risk management software
to monitor risk, or perform evaluations and compile your results into
spreadsheets for reviewing
ff Confer regularly with those that see your progress, e.g. with your accountant/
accounts department or project managers
ff Prioritise goals, focus on tasks and complete these before taking the next
step forwards.
A risk plan will highlight the concerns that you have, but will need to present a
feasible course of action. The correct approval procedures will need to be taken
and it must fall within budget to work.
A sample risk action plan template:
Description of identified risk:
Potential impact of risk: Comments on the risk:
Recommendations: Proposed action:
Staff involved and responsibilities assigned:
Resources needed:
Timelines: Deadlines:
Required reports: Frequency of reports:
Authorised by: Date:
Implementation comments:

30
Activity 3.2
1. What are the five forces named in the Porters Five Forces model?
2. How can a risk plan help you?

31
3.3 Refer risks relevant to whole of organisation

or having an impact beyond own work
responsibilities and area of operation to others as
per established policies and procedures
When you identify risks that may impact upon others within your organisation,
you should make sure you report this to the relevant persons so that all who
need to know can be made aware of the risks involved. Make sure you follow
policies and procedures as required by your organisation.
Similarly, if you are aware of any risks that will have an impact on other areas
within your organisation but not your own, you should also report this to the
relevant persons so that they know and can respond accordingly. They may
already be aware of this risk impact but you should always check this in case
they have not. By reporting this, you could prevent a negative outcome from
happening.
Provide the evidence of your risk findings so that all information is at hand and
can be addressed with the person involved (with the required urgency).
You could inform others of risks at:
ff Conferences and meetings
ff Presentations
ff Training and inductions
ff Performance reviews
ff Mentoring or coaching sessions.
You could also let staff know via internal communications such as email, on the
intranet, in newsletters and on staff notice boards. Management are responsible
for communicating risk management and the processes involved within the
workplace. They need to make sure that staff are allowed to take on relevant
roles of responsibility with risk management, which is suitable to their skillset.
Staff should be encouraged to participate in creating processes as this will help
them to take ownership and work towards building a sound structure for risk
management.
Ownership of the risks

Establishing ownership of the risks is very important. You may be in overall
control of the project or managing just a small part of it. Whatever your
involvement, make sure that you know the level of responsibility that is expected
of you, and of all others involved. This way you will know who to talk to if any
issues of risk arise, and similarly so will the others involved.
If one part of the project is not carried out because ownership is either vague,
or has not been assigned to anyone, then the project may fail as a consequence.
For example, if a contractor is awaiting payment but his invoice has not been
passed to your accounts department, or your accounts department are unaware
of the importance, serious delays in making payment could jeopardise work
schedules and the relationship with your contractor.
32
Activity 3.3
1. How could you inform others of risks?
2. Why is ownership of the risks important?

33
3.4 Choose and implement control measures for

own area of operation and/or responsibilities
Handing out responsibility
If you are managing others through the work/project that requires risk
management, you should clearly define the roles of responsibility. Check that
your colleagues or team understand what is required of them and make sure
that all communications are fluent and occur often so that everyone knows the
level of progress.
Staff will need to know that risk management processes go further than their
own job role; it impacts everyone in the workplace and is also about managing
risks with the organisation itself and reaching set objectives. The knowledge
that all staff will affect the organisations end business should help promote
accountability of actions and more effective work practices.
The following model empowers staff decision-making skills:
Above the line behaviour: ff Accountability

ff Responsibility
ff Ownership
Below the line behaviour: ff Excuses
ff Denial
ff Blaming others
Staff should be encouraged to operate on above the line principles for decision-
making. This helps staff to work better within their roles and responsibilities.
Below the line behaviour often comes from a lack of security in the job role,
undefined expectations, or a lack of self-esteem and belief in ones experience
and skills. Good management of staff should empower and provide a secure
environment for staff to work in and use above the line behaviour.
Choose methods to minimise the risk

Look at the methods that will work best to control the risk you have identified.
With experience within your own area of operation you should be well-placed to
make decisions to do this. Check against your risk analysis to ensure you have
remembered all parts. You could refer to your risk categorisation work to check
the levels of risk so that you can clearly see the best ways to control this.
Be systematic in carrying out your tasks, and carefully monitor your control
measures. A process of escalation is essential in prioritising urgent matters.
If this is not a part of your organisational guidelines and procedures, look to
implementing this. By escalating matters of importance, it ensures that serious
issues are dealt with quickly, further preventing problems from compounding.

34
Activity 3.4
1. What are the above the line behaviours?
2. What does good management of staff promote?

35
3.5 Prepare and implement treatment plans

A risk treatment plan is part of the risk management process to eliminate the
negative risks and to look at promoting the opportunities, or positive risks.
The person(s) responsible for the treatment plan(s), if different to the project
manager, will need to confer with the project manager to ensure that work is
completed as and when expected.
Treatment plans should include:
ff An overview of your risk management needs
ff Planning your response to dealing with situations of risk, which will either
be:
avoiding the risk
lessening the risk
transferring the risk
accepting the risk
ff Documentation of the plan which may include:
an outline of the approach being used to deal with the risk
the responsibilities assigned
if the risks will be internal or external
information on stakeholders involvement with the risk
any approval/organisational processes involved.
When looking at the treatment plan, make sure you factor in suitable timings to
deal with your solutions to risk. These will need to be appropriate to the purpose,
for example, for a high rated risk it would not be appropriate to have a solution
time of 18 months.
You may also need to consider:
ff Maintaining budgets in consideration to any treatment plans
ff Availability of any additional resources
ff Communicating any treatment plans to other parties, such as company
directors, staff, stakeholders, clients or industry bodies.
Operational risks
There are many ways that a business could incur risks in the workplace. Always
be on the lookout for potential situations of hazard. Along with health and safety
aspects, other business operational risks may occur.
These include:
ff Economic shifts
ff Financial crisis
ff Import/export problems
ff Capital finance
ff Product failure
ff Information systems
ff Cash-flow difficulties
ff Issues with investors/borrowed capital.
36
Activity 3.5
1. What are the responses to risk that you could take when formulating your
treatment plan?
2. List three operational risks that you may encounter.

37
4. MONITOR AND REVIEW EFFECTIVENESS OF

RISK TREATMENT/S
4.1 Regularly review implemented treatment/s
against measures of success
4.2 Use review results to improve the treatment
of risks
Review treatment
Monitor the treatment plans after they are carried out to check that the course
of action is working as hoped and has benefited the measure of risk in your
favour.
You should check:
ff Error rates are reduced
ff Accidents and incidents are reduced
ff Quality is increased
ff Profits increase
ff Feedback from staff members and any others involved
ff Positive results from key performance indicators
ff Risk management processes are being implemented as required.
Measures of success
Measures of success may include:
ff Costs
ff Reductions in impact
ff Reductions in likelihood
ff Reductions in occurrence.
Recognise the results gained

It is important to communicate to all staff that accurate and valid records are
needed for all risk management processes, including any reviews of treatments
made for risks and the outcomes.
Reviews need to be performed regularly and should contain all relevant
personnel contributions. They need to be clear on the facts and be accessible by
all who are, and want to be, involved in the risk management process. A review
can be used to further implement changes and to improve processes. Reviews
should be made with stakeholders and relevant staff.
Room for improvement

Organisations need to be aware that change is a constant factor and the need
for reviews and monitoring processes are essential. There is always the room

38
to make improvements and it helps to keep ahead of the changes within the
business market.
PDCA cycle
Dr William Edward Demings PDCA model (plan, do, check and act) shows
a cycle of repetition for determining where and when a change, update or
improvement in a process may be needed.
1. Plan 2. Do
ff Planning ahead (analysing and ff Executing the plan
predicting results) ff Taking steps to control the plan
ff Identifying customer expectations ff Trialling the changes
ff Identifying improvements ff Monitoring and evaluating the plan
ff Developing possible solutions
ff Developing action plans
ff Planning the improvement
3. Check 4. Act
ff Checking the actual outcomes ff Taking action to improve the
ff Comparing results with intended process
outcomes ff Developing a new plan for
ff Identifying quality improvements improvements to be achieved
ff Identifying further opportunities
for improvement

39
Activity 4.1
1. Name three successes that you may be looking for when monitoring your
treatment plan.
2. What does a risk register help you to do?
3. What does PDCA stand for in Dr William Edward Demings PDCA model?

40
4.3 Provide assistance to auditing risk in own area

of operation
Auditing is the process of making an unbiased examination of all data,
statements, records, operations and performance on a specific area within an
organisation. This is done so that all the facts of a situation can be exposed
and made available to those that need to know them. All elements should be
accounted for and understood for what they are and what they have been able to
achieve within the designated parameters.
It allows a business to check on their business performance and shows who
is accountable for which areas/tasks; For example, a financial audit within an
organisation requires that all accounts, within a certain period of time, need to
be correctly matched to the financial activities of that organisation.
Auditing risk
In respect to auditing risk with other business activities, an audit will enable you
to gather all the relevant information from an activity performed so that you can
look back over what you have done. It allows you to look at the successful parts
and at the other areas that did not work so well and could have been improved
upon. It is an opportunity to review all relevant information.
By analysing the previous tasks in the audit, you can look at taking alternative
decisions and paths for your current project needs or for any future activities.
Your audit could include looking at:
ff The purpose of the work needed
ff The chosen strategy to fulfil the work
ff Risk management processes used
ff The strengths and weaknesses of your team
ff Resources for the project
ff Timescales
ff Activities that produced good results
ff Tasks that could have been improved
ff Any changes in your risk management
ff Decision-making processes.

41
Activity 4.2
1. What is an audit?
2. Name four possible areas that you may want to include in your audit for
risk.

42
4.4 Monitor and review management of risk in

own area of operation
Monitoring risk
Make sure that you monitor risks on a continual basis. Changes can occur as
work progresses and your initial risk management strategy or processes may
need adjusting over time.
It is prudent to make risk management a part of your regular work with your
team and make time to discuss this at team meetings. Look to integrate risk
management processes within your area of operation and encourage a working
environment that seeks to maximise the opportunities and diminishes the risks.
Record your findings in a format that highlights any issues in a concise manner
and makes it easy to focus on the points required.
You could monitor your information as below:
Monitoring Suggested
Risk Who is involved
options improvements
Your responsibility
Managers should be responsible for providing correct and accurate information
to all staff on areas of risk and this should be checked to ensure it is supplied
from a trusted source. Confidentiality of information should also be respected;
never pass on information that is subject to privacy status. Always check on
confidentiality clearance before disclosing information.
All information on your risk management processes and results should be
current and regularly monitored and reviewed for changes. Your reviews will
help you to establish good practices and also to determine what works well and
what doesnt work well in future work.
Risk management needs to be at an effective level to prevent any sudden and
unexpected changes within your work area and also within your organisation. To
achieve the successful results you would like, make risk management a priority.

43
Activity 4.3
1. Why should you monitor risk management already in place?
2. Where should your information for your risk management come from?
3. What should you do if any information is confidential?

APPENDIX TABLES
Table 1: Risk Identification Form
Areas of impact
Source of risks Assets Revenue Cost People Community Performance Timing Environment Intangibles
Commercial and
legal
Economic
Human behaviour
44
Natural events

Political
Technology
Management

activity & control
Individual activity
Organisational
behaviour
45
Table 2: Risk Assessment Risk Categorisation - LIKELIHOOD

Level Descriptor Probablity
5 Almost certain 90% chanceof occurence
4 Likely Between 50% and 90% chanceof occurence
3 Possible Between 10% and 50% chanceof occurence
2 Unlikely Between 3% and 10% chanceof occurence
1 Rare Between <3% chanceof occurence
Table 3: Risk Assessment Risk Categorisation - IMPACT/CONSEQUENCE

Level Descriptor Example of Detail Description
1 Insignificant Low financial loss, no disruption to capability, no
impact on community standing
2 Minor Medium financial loss, minor disruption to
capability, minor impact on community standing
3 Moderate High financial loss, some ongoing disruption to
capability, modest impact on community standing
4 Major Major financial loss, ongoing disruption to
capability, major impact on community standing
5 Catastrophic Mission critical financial loss, permanent
disruption to capability, and ruinous impact on
community standing
Table 4: Risk assessment : Likelihood/Consequences matrix

Consequences
Likelihood
Insignificant Minor Moderate Major Catastrophic
Almost
High High Extreme Extreme Extreme
certain
Likely Moderate High High Extreme Extreme
Possible Low Moderate High Extreme Extreme
Unlikely Low Low Moderate High Extreme
Rare Low Low Moderate High High

Table 5: Risk Treatment Plan
Activity Date:
Review
Risk priority Possible Preferred Risk rating Result of cost/ Person Timetable for How will this risk
order from the treatment options after benefit analysis responsible for implementation and the treatment
Risk Register options treatment A: Accept implementation options be
B: Reject of option monitored
46

47
Level of risk Risk priority

Likelihood
rating
Consequence
rating
of existing
Adequacy
controls
Date:
Consequences
Risk
Risk Register
Activity
Review
Ref

BSB41015 Certificate IV in Human Resources
10 subjects
1. Presentation Skills
2. Basic Documents
3. Risk Management 1
4. Complex Documents
5. Effective Leadership
6. HR Functions
7. Manage WHS Operations
8. Industrial Relations Procedures
9. Staff Recruitment
10. Performance Processes HUMAN RESOURCES
APC also offers the following courses:
ACCOUNTING BUSINESS HOSPITALITY INFORMATION TECHNOLOGY HUMAN RESOURCES
MANAGEMENT MARKETING TOURISM PROJECT MANAGEMENT CHILDCARE
f BSB20115 Certificate II in Business f BSB61215 Advanced Diploma of Program

f BSB20215 Certificate II in Customer Management
Engagement f BSB41015 Certificate IV in Human
f BSB30115 Certificate III in Business Resources
f BSB42015 Certificate IV in Leadership and f BSB50615 Diploma of Human Resources
Management Management
f BSB51915 Diploma of Leadership and f BSB60915 Advanced Diploma of
Management Management (HR)
f BSB61015 Advanced Diploma of f FNS40615 Certificate IV in Accounting
Leadership and Management f FNS50215 Diploma of Accounting
f BSB42415 Certificate IV in Marketing and f FNS60215 Advanced Diploma of
Communication Accounting
f BSB52415 Diploma of Marketing and f ICT50815 Diploma of Systems Analysis
Communication and Design
f BSB61315 Advanced Diploma of Marketing f SIT30616 Certificate III in Hospitality
and Communication f SIT50416 Diploma of Hospitality
f 10118NAT Diploma of Social Media Marketing Management
f BSB30515 Certificate III in Business f SIT30216 Certificate III in Travel
Administration (International f SIT50116 Diploma of Travel and Tourism
Education) Management
f BSB41515 Certificate IV in Project f CHC30113 Certificate III in Early Childhood
Management Practice Education and Care
f BSB51415 Diploma of Project Management f 10005NAT Certificate IV in Communicative
TESOL
For further information on APC courses please see Student Services, email info@apc.edu.au with
your enquiry, or visit our website at www.apc.edu.au
2017 Australian Pacific College
Head Office:
Lower Ground, 189 Kent Street
Kent St Campus (CBD)
Sydney NSW 2000
P (61 2) 9251 7000
F (61 2) 9251 7575
Web: www.apc.edu.au
#NAME?
1732

Lecture Risk Management 1 Work Book Lect

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lecture Risk Management 1 Work Book Lect

Uploaded by

Copyright:

Available Formats

BSB41015 CERTIFICATE IV IN HUMAN RESOURCES

BSB42015 CERTIFICATE IV IN LEADERSHIP AND

This workbook has been designed for use in conjunction with

Publisher: Young Rabbit Pty Ltd

2017 Young Rabbit Pty Ltd

Lower Ground, 189 Kent Street

Front page cover: APC Image

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

2. Analyse and evaluate risks

4. Monitor and review effectiveness of risk treatment/s

For further information on the Units of Competency, please visit

Distinction (D) 75-84%

Credit (Cr) 65-74%

Pass (P) 50-64%

Not yet competent (NYC) Below 50%

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

Subject/module Risk Management 1

Part A: Written or Oral Questions

Due date Session 5

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

Subject/module Risk Management 1

Part A: Written or Oral Questions

Due date Session 8

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

Managing risk in your organisation

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1) Establishing a context for risk management in your organisation

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

5) Evaluating risks in your organisation

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1.1 Identify the context for risk management

Australian and international standards for risk management

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1. What is risk management?

2. What can risk be categorised as?

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

4. What is the name of the international standards in place for risk

5. What is a duty of care?

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1.2 Identify risks using tools, ensuring all

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

Tools to identify risks

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1. List four risks that may occur.

2. What is the strategy of risk assumption?

3. Name two other risk strategies?

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1.3 Document identified risks in accordance

Policies, procedures, legislation and standards

ff Allows the information commissioner to approve and register enforceable

WHS is in place to regulate businesses in their assessment, identification and

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1. What laws are included in Anti-discrimination legislation?

2. With regards to Workplace Health and Safety (WHS) legislation, what

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

2. ANALYSE AND EVALUATE RISKS

Analyse the potential risk

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

Risk analysis consultations

WORKBOOK | 2017 YOUNG RABBIT PTY LTD, AUSTRALIAN PACIFIC COLLEGE

1. What are stakeholders?