Analyzing Information And Implementing Risk Management Process

Scope and Context of the Risk Management Process

The five steps of implementation of AS/NZS ISO 31000:2009 Risk Management includes:

Step 1: Changing the paradigm for risk and risk management- This helps in taking a top-down approach to the risk management so that it becomes a key component of an organisation to determine its objectives.

Step 2: Take stock- The risk management framework is designed so that it suits the internal and external contexts of organisations.

Step 3: Evaluate maturity- It is necessary to ensure that the treatment of the risks are effective. It is necessary to ensure goals, targets and benchmarks are used.

Step 4: Develop plan to start- It provides strategies so that management can be engaged in the risk process as it can help in increasing success of the program.

Step 5: Develop plan to keep it going- The risk management need to be embedded into business processes so that management can be accountable.

Act: Act aims to ensure that WHS is managed in an effective manner. It is enacted by the legislations of a country and possesses the force of law. It aims not to affect the operations of a State or Territory Act.

Regulations: Regulations provide structure within a statutory framework and details to implement legislation. The statutory and legal authorities enact it. It may or not be enforced by the law (Berkenkotter and Huckin 2016).

Code of practise: Code of practise is enacted by an organisation or by the legal authorities. Violating a code of practise may not be subjected to any legal actions. It is guidance so that organisational policies can be maintained. For example, code of practise based on WHS Act 2011 is the Work Health and Safety Approved Codes of Practise 2011.

3. Organisation’s policies and procedures regarding risk management

The organisational policies and procedures regarding the risk management are based on the implementation of the policies of the WHS Act 2011. The risk management process of the organisation consists of identifying hazards, assessing risks and implementing risk control measures such as hierarchy of control. The implementation of the WHS Code of Practise 2011 aims to provide practical guidance for the employers and the employees so that they can meet the duty of care and provide safety for the people. At the same time, checking the laws of the State and Territory is essential so that the policies regarding risk can be applied.

The risk management to incorporate disabled employees and customers need to be based on the facilities and opportunities provided to the people. For example, in the case of disabled employee, dangerous equipments such as conveyors, sharp bladed equipments and so on should not be kept in a close proximity. At the same time, works that are light and does not require much physical effort can be reduced from the. For customers that are wheel chair bound, a ramp can be provided so that they do not have to wait in the car or outside the stores. This can provide encouragement and satisfaction to the customers and ensure that the loyalty of the customers is maintained.

Consulting with and Communicating with Relevant Stakeholders

In order to ensure that the risk management plan is monitored properly, the application of Deming’s PDCA cycle can help the organisations. According to Bocken et al. (2014), the PDCA cycle consists of four steps that can help an organisation to maintain the quality of products and ensure that no risk exists within the organisation.

Plan: It is necessary to change once an opportunity has been identified.

Do: Organisations can implement small-scale changes as a part of experiment.

Check: Analysing data from small scale that has been implemented.

Act: Implement the change tactics on a large scale once it has been successful.

At the same time, other processes can be the six sigma, lean method and total quality method. These can help in increasing the involvement of the employees and provide measurement opportunities for remaining within the system.

The risk management plan can be communicated to the relevant stakeholders with the help of email or by conducting meetings. According to Bohnsack, Pinkse and Kolk (2014), the relevant stakeholders of a company usually comprises of the employees, customers and the Government. In the case of employees, meeting can be held that provides proper knowledge about the adoption and execution of management plan. Ideas can be generated about the improvement of the plans and the manner in which the organisation can be kept safe. The customers and the Government officials can be provided with email detailing the risk management plan and the methods that are used to mitigate any threat in the business.

The scenario that needs to be analysed is a safety risk that require the application of effective risk management technique. Risk is considered as a probability of threat agent that exploits the vulnerability of a business and results in its imbalance. An example can be considered in which employees have been provided with the required training regarding the duty of care. It was explained that the duty of care started once the working hours began to commence. However, despite this, the existence of a ditch in the tarmac at the main entrance was not reported. With excessive rainfall and over use of the tarmac a crack was formed that resulted in the death of an employee and his son. This mainly occurred due to the lack of common sense of the people and the ignorance.

The legal framework that is to be implied in this situation is the WHS Act 2011. The framework was introduced in the Victorian workplace however many organisations did not take the required initiative to introduce the new practises in the workplace. The form of risk was non-compliance with the people and the initiative taken by the Government with the implementation of the risk provided opportunity to both the organisations and the employees to maintain a safe workplace. The WHS framework comprises of both the State and Territory of the country along with the Commonwealth legislation. Therefore, relevant standards need to be applied so that the Governance of the country can be exploited. The analysis of the internal as well as the external environment is considered in the application of the legal framework.  

Developing and Implementing an Action Plan to Treat Risks

The standard that can be applied in this case is the AS/NZS 4360:2004, which aims to advance and improve the risk management practises within an organisation. The improvement is made up to a point that makes the rectified strategies a benchmark for the organisations, one that can be used in the future. The evaluation of the practises of the organisation can be made based on the uncertainty of objectives. The risk identified need to be aligned with the ISO 31000 so that the chances of something happening may have an impact on the objective of an organisation (DaSilva and Trkman 2014).

The area of risk that is identified in the scenario can be relationship between the employees and the employers and that between the organisation and the customers. This is mainly because the employers may mistrust the employees for not doing their job in a proper manner. The people have reported the ditch to the employers and the same message has been communicated to the employees overlooking the risky areas. Despite this, action has not been taken and the areas of the risk in this case are mainly based on the strained relationship between the employees and the employers. At the same time, the customers may be at risk particularly if any disabled customer walks in through the main gate. As seen from the case study, the accident that occurred to the employee and the son could have occurred to any customer.

The risk applicable in this case is the safety risk. This is because the existence of the ditch at the entrance of the organisation is a risk factor in itself. The employees and the employers need to be responsible so that the negligence can be avoided and proper precautions are taken against the risk. The safety risk was at a level that may have caused serious concerns for the employees. The fact that proper precautions were not taken suggests that the employees and the employers do not have enough responsibility. At the same time, the fact that the company may be suffering from financial risk can be possible given the evidence that the level of negligence was extreme. The failure to repair the damaged area suggests that the organisation may be suffering at a loss of employees as well as the relevant finances for the repair of the damage.

The people responsible for the risk are the employees as well as the employees. As stated by Habermas (2015) the employees and the employers are the main stakeholders of an organisation and it is important that they take full responsibility about the organisation. The employees and the employers need to ensure that equipments used in the organisations are checked and upgraded regularly. At the same time, any construction work that is done need to be checked for any damage or leakage. At the same time, it is also the responsibility of the employees and the employers to ensure that the responsibility provided to them are undertaken in a proper manner. Specialised employees such as engineers need to be consulted in order to ensure that proper fixing of the problem takes place.

Monitoring and Evaluating the Action Plan and Risk Management Process

The internal stakeholders of the organisation include:

Employees: The employees need to be protected from the risks by providing them with proper training. The objective of the employees is to communicate and follow the guidance provided by the employers.

Internal investors: According to Hovland and Lumsdaine (2017), the internal investors are the employees of an organisation. The objective of the internal investors is to ensure that facilities within the organisations are maintained in a proper manner.

Management: The objective of the management is to ensure that they provide support to the employees by maintaining a balance between the demands made by the employees and the budget that the organisation possesses.

The external stakeholders of the organisation include:

Customers: Customers purchase the goods and services that an organisation manufactures or sells. The objective of the customers is to ensure that proper feedback is provided to the organisations so that it can help in maintaining the satisfaction of the customers.

Suppliers: The objective of the suppliers is to ensure that the products sold by them are free of risks.

Creditors: The objective of the creditors is to ensure that the organisations are protected by all the legislative requirements so that it can meet the requirements of the law.

Government: It is the duty as well as the objective of the Government to ensure that industry laws are applied and taxes are paid at the correct time to avoid any complications.

Political system: The political system plays an important role as the rules and the Government creates regulations related to the law.  The encouragement and support required for the business activities are provided by the political system.

Economic system: The economic system consists of factors such as the allocation, consumption, distribution and production of resources. At the same time, the manner in which information is obtained is influenced by the economic factors (Martins, Rindova and Greenbaum 2015).

Social system: The social system consists of attitudes, behaviours and ideas that are influenced by the human beings. One of the inspiring factors that can be derived from the social system is that the incentive structure that is provided in different organisations are influenced from it.

Technological system: In the modern world, technology plays an important role so that productivity can be maintained. Purchasing and upgrading technology can help in the development of organisations.

Strength · Have a proper risk assessment system · Support and loyalty of the staffs · Adopts a continuous risk management process	Weakness · Lacks risk mitigation tactics · Casual attitude of the employees · Financial risks
Opportunity · Encourage the employees · Promote a safe working environment · Ensure legal laws are maintained	Threat · Competitors · Not maintaining proper safety standards · Duty of care needs to be defined

Table 1: SWOT analysis

(Created by author)

The Critical Success Factors (CSF) of the organisation includes the structuring and designing of the organisation, communication and the organisational culture. According to Mehrabian (2017), the importance and essence of risk management require the completion of five activities such as top management support, participation of the employees, cultural imperative and pattern of measurement. The CSF correlates with the pattern of values, ideas and thoughts that help in supporting the risk management factors of the organisation. Hence, the critical factors can help in managing the knowledge transfer that is required so that exchange of information can help people to act together in an organisation. The demonstration of the employees based on adhering to the rules can help in ensuring safety procedures of the organisation. 

The Five Steps of Implementation of AS/NZS ISO 31000:2009 Risk Management

The internal and external stakeholders can be informed about the changes in party by using mediums such as emails or conducting meetings. It is important for organisations to ensure that every decision taken be communicated with the stakeholders so that decision can be managed in a proper manner. The risk management activities, management support and commitment, actions undertaken need to be discussed with the stakeholders so that proper guidelines can be obtained. External stakeholders such as the customers, suppliers, creditors and Government can be notified about the changes by using emails. At the same time, the internal stakeholders can be notified by conducting meeting as the employees, managers and the internal investors form an essential part of the organisation.

Other research that needs to be conducted in this case consists of identifying the potential threats to the environment and ensuring that the vision is shared among the employees. The focus need to be shifted towards the financial aspects of the organisation so that in future employees can come up with prompt solution regarding fixing any damage. A good form of management is required to be maintained so that consultation with the employees can be done regarding the decisions that are undertaken by the management. Work place and safety officers need to be placed in areas that so that representation of the industries can be well defined.

Risk identified: Major accident due to failure to repair the ditch
Consequences	Level of risk
5. Fatality	High	Extreme	Extreme	Extreme	Extreme
4. Major injury	High	High	Extreme	Extreme	Extreme
3. Moderate injury	Medium	Medium	High	High	Extreme
2. Minor injury	Low	Low	Medium	High	High
1. Negligible injury	Low	Low	Low	Medium	High
	E Highly unlikely	D Unlikely	C Possible	B Likely	A Very Likely
	Likelihood

Table 2: Risk analysis

(Created by author)

The likelihood of the problem to occur in the future is extreme. This is mainly because with the passage of time the ditch can be more vulnerable. The fact that the ditch is situated at the entrance may cause the problem to reoccur in the future. Therefore, the ditch is constantly exposed to the hazards that may occur. Due to the likelihood of the risk the chances of sustaining injury is extreme. This may cause huge problem while entering the organisation as cars as well as people may suffer while passing the ditch. Hence, the increased chances of more accidents are more likely to occur in the future. Therefore, mitigation methods need to be adopted in the future.

The consequences of the risk to may be fatal, serious or negligible. The consequence is that the ditch may cause serious problems to the health of the people that may be extreme. The consequences can lead to fatality, as has been the case of the employee driving in the ditch with his son. At the same time, serious injury may cause an employee to be handicapped as medical attention is required. This may cause a significant time off from work and may cause potential failure to improve on productivity. Therefore, it can be said that the consequences of the risk can provide negativity among the people and the organisation. However, the chances of the consequence being negligible are highly unlikely.

Legal Framework of WHS Act 2011

The evaluation of risks for treatment can be done by analysing the risk and ensuring that proper mitigating methods are adopted. The evaluation can be done based on the number of times accidents have occurred and on the likely consequences that may occur. The prioritising of risk can be done based on the fatality of the collapsed ditch. For example, the fatal manner in which the ditch can cause death among an individual can be considered as the top most priority so that loss of employees may be prevented. At the same time, the evaluation can be done by analysing the mitigation techniques that can be used to prevent the cause of the fatality. Mitigation technique such as warning sign can be placed at the entrance to make people aware of the ditch.

Negative consequence		Positive consequence
-H	-H	-H	-M		M	H	H	H
-H	-H	-M	-M		M	M	H	H
-H	-M	-M	-L		L	M	M	H
-M	-M	-L	-L		L	L	M	M
Fatality	Major	Minor	Negligible	Likelihood	Fatality	Major	Minor	Negligible

Table 3: Risk priority

(Created by author)

The risk priority table shows that the risk requires high planning from the senior members to capture and prepare for opportunities that exist. It is the duty of the managers to ensure that the fatality of the risk be mitigated so that the entrance to the organisation can be made smooth. At the same time, the minor occurrence of the risk to occur can be minimised, as without proper analysis, the risk cannot be mitigated.

The opportunities that exist in this case consist of providing training to the employees about the fatality that may be caused if the ditch is not fixed. Hence, it can be said that a high opportunity can be presented in the case that require proper planning from the managers. The future planning need to be done based on the likelihood of the risk occurring in the future. At the same time, it is also necessary that the opportunities that may arise be prepared for and captured so that any opportunities of fatality and minor occurrence of risk can be mitigated. Thus, strategies can be developed based on the ability to minimise risks in the future.

The techniques that can be used to minimise risks can be in the form of controlling employees from being exposed to the risks, not making changes so that new hazards can be created and ensure that employees work in a safe working environment. It is necessary that the managers implement high-level risk before implementing and investing in low and medium level risk (Saebi and Foss 2015).  At the same time, it is also necessary that elimination of hazards is effective in controlling the measurement of hazards. The elimination includes removing trip hazards and unwanted chemicals so that hazards can be prevented in the organisation.

Standard AS/NZS 4360:2004

The risk action plan that needs to be maintained needs to be based on the organisational culture. The organisation needs to maintain the risk management plan so that the action plan provides opportunities to review the risk management process. Risk management is important for the organisations as it provides organisations with legal support and ensures that employees are provided with a safe working environment. The risk management objective of organisations includes identifying individual tasks in areas so that technological and financial risk can be mitigated. The responsible people for covering the risk action plan includes the managers and the employees as the risk need to be identified by these people and applied that provides opportunities to organisations.

The documentation that needs to be maintained for proper identification of risk includes a risk register, names and personal data of the employees and the employers, licence, insurance agencies and so on. These documents are important for maintaining records scope and probability of the cost and timing required for the implementation of the action. Actions need to vary depending upon the type of risk and based on the variance in actions, the documents require maintenance. The level of risk that has been controlled by the organisation need to be provided in the documents provided so that proper assistance can be obtained during searching of any relevant information related to the concerned risk.

The reasons for carrying these documents include analysing the progress of the organisation and maintaining proper records. As stated by Scarborough (2016) one of the most important aspects of maintaining a risk register is that it provides an analysis of the likelihood of the risks that are to occur along with the consequences. The rate at which the risk can be mitigated provides an analysis of the implemented plan of action required for mitigating the risk. Therefore, maintaining the risk documents can help in monitoring and reviewing the activities that are undertaken by the organisations and at the same time help in understanding the importance of risk management in an organisation.

The action plan need to be implemented based on the analysis of the risk factors and the likely consequence that may occur. The steps required for the implementation of the action plan involve analysing the possible consequences of the risk. This is one of the most important steps in the implementation as without proper analysis of the risk involved, it can be difficult for organisations to predict and undertake any mitigation technique that is required in the company. At the same time, it is also necessary that the options available for implementing the mitigation techniques also provide scope of improvement. Therefore, analysing the techniques in terms of its benefits and drawbacks is required for implementing the action plan in a proper manner. The next step is to provide suitable training to the person responsible for overlooking the affairs of the organisation. This can help in ensuring that specialised people are involved while analysing the risk and mitigating it.  

Safety Risk

The frequency of communication with the stakeholders needs to be done at regular intervals so that the implementation and the action plan can be applied properly. The stakeholders need to be aware of the type of mitigation technique that is adopted in the organisation so that proper suggestion can be provided to the managers for mitigating the technique. Communication need to be maintained in a manner that provides ideas and information about every action that is being taken in the organisation. Hence, communication within a space of 6 months need to be undertaken so that every strategy is analysed and decisions related to the implementation of the plan are provided.

Therefore, the evaluation of the case can be done by the application of tools such as brainstorming. According to Alikaj, Nguyen and Ning (2016), brainstorming helps in gathering various ideas so that problems related to the case can be mitigated in a proper manner. With the help of the brainstorming method employees can come up with innovative method that can help in solving the problem related to the damaged ditch in the organisation.

References

Alikaj, A., Nguyen, C.N. and Ning, W., 2016. The combined effect of firm external and internal factors on corporate social responsibility and firm performance. International Management Review, 12(2), p.20.

Arthur, W., 2015. Internal factors in evolution: the morphogenetic tree, developmental bias, and some thoughts on the conceptual structure of evo-devo. In Conceptual Change in Biology (pp. 343-363). Springer, Dordrecht.

Becker, S.P., Leopold, D.R., Burns, G.L., Jarrett, M.A., Langberg, J.M., Marshall, S.A., McBurnett, K., Waschbusch, D.A. and Willcutt, E.G., 2016. The internal, external, and diagnostic validity of sluggish cognitive tempo: A meta-analysis and critical review. Journal of the American Academy of Child & Adolescent Psychiatry, 55(3), pp.163-178.

Berkenkotter, C. and Huckin, T.N., 2016. Genre knowledge in disciplinary communication: Cognition/culture/power. Routledge.

Bocken, N.M., Short, S.W., Rana, P. and Evans, S., 2014. A literature and practice review to develop sustainable business model archetypes. Journal of cleaner production, 65, pp.42-56.

Bohnsack, R., Pinkse, J. and Kolk, A., 2014. Business models for sustainable technologies: Exploring business model evolution in the case of electric vehicles. Research Policy, 43(2), pp.284-300.

Braybrooke, D., 2014. Meeting needs. Princeton University Press.

Brunswicker, S. and Vanhaverbeke, W., 2015. Open innovation in small and medium?sized enterprises (SMEs): External knowledge sourcing strategies and internal organizational facilitators. Journal of Small Business Management, 53(4), pp.1241-1263.

Butchart, S.H., Clarke, M., Smith, R.J., Sykes, R.E., Scharlemann, J.P., Harfoot, M., Buchanan, G.M., Angulo, A., Balmford, A., Bertzky, B. and Brooks, T.M., 2015. Shortfalls and solutions for meeting national and global conservation area targets. Conservation Letters, 8(5), pp.329-337.

DaSilva, C.M. and Trkman, P., 2014. Business model: What it is and what it is not. Long range planning, 47(6), pp.379-389.

Dinnie, K., 2015. Nation branding: Concepts, issues, practice. Routledge.

Habermas, J., 2015. Communication and the Evolution of Society. John Wiley & Sons.

Horgan, T., 2017. From supervenience to superdupervenience: Meeting the demands of a material world. In Supervenience (pp. 113-144). Routledge.

Hovland, C.I. and Lumsdaine, A.A., 2017. Experiments on mass communication. Princeton University Press.

Johnson, C.E., 2017. Meeting the ethical challenges of leadership: Casting light or shadow. Sage Publications.

Long, S.P., Marshall-Colon, A. and Zhu, X.G., 2015. Meeting the global food demand of the future by engineering crop photosynthesis and yield potential. Cell, 161(1), pp.56-66.

Martins, L.L., Rindova, V.P. and Greenbaum, B.E., 2015. Unlocking the hidden value of concepts: a cognitive approach to business model innovation. Strategic Entrepreneurship Journal, 9(1), pp.99-117.

Mehrabian, A., 2017. Nonverbal communication. Routledge.

Saebi, T. and Foss, N.J., 2015. Business models for open innovation: Matching heterogeneous open innovation strategies with business model dimensions. European Management Journal, 33(3), pp.201-213.

Scarborough, N.M., 2016. Essentials of entrepreneurship and small business management. Pearson.