Risk Management Assessment

1. What are three ways that research can be conducted for risk-related issues? For each way, briefly describe how it may be done.

Three ways that research can be conducted is through:
1. Primary data collection techniques. Data collected this way is unique to the organisation and is not publicly available unless the researcher chooses to publish it. Some methods of primary data collection include focus groups, interviews and surveys . 2. Secondary data collection is data that is collected by someone other than the user and can be sourced from research that already exists including published reports, case studies and statistical reseach organisations. 3. By involving others. Involving others in the risk related research can provide for a broader view, rather than just one persons opinion. Some ways to involve others include encouraging feedback, active listening and effective questioning.

2. Fishbone checklists and brainstorming are both tools that can be used in risk management. Describe each of these and when they would best be used.

Fishbone diagrams are an effictive way to analyse complex problems. The fishbone diagram encourages a systematic approach to identiying risks and goes beyond the usual obvious causes of the problem. Some benefits of a fishbone diagram include: It provides a visual image of the problem and potential categories of causes It allows various categories of causes to be explored.

Identifies root causes to issues.
It encourages creativity through a brainstorming process.

Brainstorming is a technique that can be carried out by an individual or a group and is an effictive way to find a conclusion for a specific problem. Brainstorming usually forms around the: Who?
What?
Why?
When?
Where?
How?

3. What are the five stages of risk likelihood? Briefly describe each one.

1. Rare – highly unlikely, it could happen, but probably never will. 2. Unlikely – there is a slight possibility that it could happen at some time. 3. Possible – the event might occur at some time

4. Likely – there is a strong possibility that the event will occur 5. Almost certain – the event is expected to occur

4. List and give an example description for each of the five levels of consequence for risk.

1. Insignificant – minimal or no consequence, may be as simple as basic first aid needed, public awareness may exist, but there is no public concern. 2. Minor – no serious consequence, breach of internal procedures, news in local media 3. Major – Considerable consequences, breach of licence, breach of legislation, damage to reputation. 4. Catastrophic – Extreme consequence – death or serious injury, damage to reputation on an international level, long-term environmental damage

5. What needs should be considered when treating risk? List and describe three treatments that could be considered.

Reduce the Likelihood of the risk – this can be done by preventative maintenance, audit programs, policies and procedures, training of staff etc. Transfer the risk – this involves another party bearing or sharing some of the risk with the use of things such as contracts, insurance and outsourcing. Avoid the risk – where practical do not proceed with any activities that may generate a risk.

6. What should be included in a risk action plan? Describe the key inclusions and briefly the type of information included with each inclusion.

Things to be included in the risk action plan include:
The risk – what is the risk in question
Risk rating – what rating is given to the risk (low, moderate, medium, high, extreme) Treatment activity or controls – suggestions as to how the risk could be treated and controled Roles and responsibilities for those involved – who is responsible for managing the risk Timeline – basis timeline for how long it will take to contain the risk Monitoring arrangements – times for how often the risk is to be monitored

7. How does the AS/NZS ISO 31000:2009 Risk management – principles and guidelines standard assist organisations to reduce risk?

The AS-NZS ISO 31000:2009 provides principles and generic guidelines on how to manage risk. It is not specific to any one organisation and can be used by any public, private or community organisation. It only provides generic guidelines and the risk management plan of an organisation will need to take into account the specific organisation.

8. For each of the pieces of legislation listed, describe the intent of each and how it could impact on the process of managing risk.

Privacy law – the Privacy Act 1988 regulatates the handling of private information about individuals WHS regulations – these regulations are in place to ensure a safe work environment for all employees Contract law – is any law or regulation that has the objective to ensure that certain promises relating to a contract are kept and enforcable by law.

9. Name and give an example for three adjustments that can be made in the workplace to assist a person with a disability.

adjustments to work premises, equipment or facilities – including providing additional equipment or facilities, eg. Providing wheelchair access to all areas of the premises adjustments to work related communications including making available information in an accessible form or format eg. Providing all written communication in braile form for the blind. providing training to co-workers or supervisors eg. Provide training that will help employees to assist those with disabilities

10. List two types of insurance an organisation could consider purchasing, and for each type, describe the risks covered by the insurance and the benefit to the organisation.

Building & Contents insurance – this protects the company against damage or destruction by causes stated in the insurance policy such as fire and flood. It also protects the company against theft. Public liability insurance – Covers the orgasations responsibility to pay compensation to persons other than employees who may suffer injury or damage to their property