After establishing a risk management strategy containing all the above elements
the following would be measures;
The scope was chosen as there are clear monitoring points to refer back to
relevant national and state standards, which can be easily referable and
Discuss the impact that each of the following has on the organisations
approach to risk management:
- Political environment
Due to the organisations industry being heavily governed by the government
there chance of organisational change is medium to high. For example the
First Home Owners Grant being abolished in July of 2012 has impacted the
industry and this organisation sales and cash flow in the last 12 months which
has resulted in staff loses and company down turn.
- Economic climate
Due to recent economic recession and population under spending the
company have a high risk with the current economic climate. This is because
if people are not spending money on the little things required in everyday life
then they will surely not purchase a new home or available land.
- Social factors
Some example of Social risk factors would include unemployment,
homelessness, physical/mental disability, financial destitution, divorces, lack
of basic education & population health problems. The main social factor that
could potentially harm the organisation is financial destitution as it impacts a
large portion of the business.
- Legal factors
As any organisation is governed by legality the construction industry relies
quite heavily upon it, for example complying with Australian standard 4801,
DCP levys, council requirements, attorneys, building commission, HIA,
solicitors, surveyors and the general public taking legal action against the
organisation. Due to this it can impact the industry very heavily due to the
heavy reliance upon all of those risks.
- Technological advancements
As the market changes and technology evolves the construction company is
starting to find that they rely very heavily on technology to allow the
particular projects to keep moving in the office & out on site. It is also vital for
scheduling, payments, client contact, customer service etc. Using on site
tablets or laptops as well as in office computers they have to be heavily
secured with passwords, firewalls, anti-virus protection & relevant locking
mechanisms.
- Policy context
Due to recent staff lose the organisation has had to involve and evolve there
policies and procedures to remove the risk of an audit. This involves updating
Discuss how you will communicate with each of the stakeholder groups,
include details of:
- key messages
- delivery strategies
- how you will encourage input / participation
To internal & external stakeholders of the company I would provide an article that
is distributed via email and company handout. This email and handout would
provide information to the target audience being the employees of the
organisations and external stakeholders with the view to approach the relevant
risk management, the benefits of email and handout is the organisation can then
know that all employees received the message and are aware of the message
and email to external so they are aware and keep track of who has received it.
To input participation I would request that the stakeholders complete a feedback
survey at the end of the key message that is delivered via email. The survey
would encourage stakeholder participation via there active feedback as it makes
them aware that there view is looked at and actioned by the board of directors.
Describe what level and type of support you need in order for your risk
management plan to be effective and discuss the strategies that you will
use in order to obtain that support
To have an effective risk management plan I will need to define a certain person
as the risk champion. This person will be able to promote management plans
benefits back to the directors or board of management as well as its possible
flaws and how the organisation can overcome them.
Then I will need this particular risk champion to raise awareness to all the
stakeholders in different ways relevant to their status within the organisation of
the current risks, for example;
Weaknesses
Customer service is severe lacking
Cash flow availability which limits
payments to suppliers and trades but
also finances
Not enough speciality knowledge in
projects which limits the organisations
building capacity to take on
challenging profit filled work
Threats
The competition is branching out into
the project and medium density
division and due to their finance
backing & marketing resources it can
become a large problem
Cash flow problems which limit our
payments to suppliers & trades is
making them no longer work for the
organisation
Heading
Likelihood
Rare
0 5%
Unlikely
6 20%
Possible
21 40%
Likely
41 80%
Very Likely
81 100%
HIGH
Worksafe shutting down
a site
MEDIUM
Employee knowledge in
company product
CRITICAL
Loss of cash flow &
profits
HIGH
Government abolishment
of the FHOG bonus
LOW
Payments to suppliers
are delayed
MEDIUM
Air conditioning unit
effecting staff members
with illness
Sales team to
discuss
solutions
Research
conducted
Working party
June
Meeting room
Working party
July
Draft policy
Working party
August
Final policy
Director
September
Internet, past
history, other
companies
Computers
and other
sales staff
Nil
KPI
Sales team
established
and
understanding
of the meeting
SWOT analysis
taken on the
organisation
Best possible
practice
identified
Draft policy
written
Final policy
approved and
placed into
Explain how you will communicate the action plan information to the
relevant parties
I would communicate the action plan to the relevant parties with an in house
meeting; this meeting will have a chairperson being the risk champion who is
aware of the full scope of the risk and in extension the action plan. This risk
champion should have the following qualities;
1.
2.
3.
4.
5.
6.
7.
8.
9.
Once the risk champion can portray the above characteristics during the meeting
than the action plan can be provided to all relevant parties who can then walk
away with a clear and concise understanding of their involvement in the risk
treatment.
What documentation is needed and how will it be completed and stored
The following documentation should be completed and stored for risk
documentation;
1.
2.
3.
4.
5.
6.
7.
Meeting agenda
Meeting minutes
Research papers & documents
Task of duties to the working party of the risk management process
Duty description for all members involved
Old procedure
New updated policy & procedure
Once all the above documentation has been read, completed and accurately kept
it can be stored on a public network drive as well as having a hard copy available
with a backup on hard & soft copies availably ready. The documentation will be
kept up to date by the risk champion or governed OH&S employee who will
update the records at every meeting, conversation, new documentation or any
situation that will amend the policy & procedures.
Describe the steps that you will take to implement your risk management
action plan
The following 7 steps will be applied to implement my risk management plan;
1.
2.
3.
4.
5.
6.
7.
Once the above 7 steps have been done within the organisation then the action
management plan has been fulfilled, now the organisation can move forward
making sure the risk management plan put in place is working and achieving the
goal.
Discuss how you will monitor the action plan to ensure that it meets its
identified goals
There are 3 types of monitoring for an action plan;
1. Ongoing daily monitoring by all personnel whom will ensure continuous
monitoring that is embedded into daily methods of working.
2. Line management review at designated points of time which can be driven
by a risk profile spanning the managers control levels.
3. An internal or external audit perhaps during an annual business planning
session performed by a third party or stakeholder.
By performing constant reviewing and monitoring of the action plan the
organisation can have daily and perhaps annually review sessions that can
ensure there goals are achieved. Also they are able to see changes in
circumstances when they happen in real time via either internal or external
sources which can then trigger a review of the action plan.
The review though should be broad enough that it will encompass the risk
implications of all activities, products, services of the organisation and the
changing environment. This can ensure that the goals of the action plan can be
effectively met all the way through the monitoring process.
Explain how you will evaluate the process that you have used to manage
these risks
To evaluate the entire process the selected auditor whether they be a manager,
OH&S manager, OH&S committee or an independent auditor they must evaluate
the entire enterprise wide risk management process and not just the nominated
action plan. The audit process can be conducted by the chosen auditor on a 3
year annually basis or more frequently depending on the organisation and the
risks they face.
The nominated persons job is to determine the following;
1. The current risk identification process is comprehensive
2. The process to assigning severity and likelihood ratings is appropriately
designated
3. Processes in place are sufficient enough to control all risks
4. Process and procedures are followed as intended