Risk Management Standards And WHS Legislation – Explained

Key Purpose of Risk Management Standards and An Example of FERMA

The key purpose of risk management standard is to formulation of a uniform management strategy of different types of risks which business organisations encounter while operating in the market. Sadgrove (2016) point out in this respect that the risk management standards are set up according different international standards. An example of one risk management standard is the Federation of European Risk Management Associations (FERMA) which is accepted in the EU nations (Ferma.eu, 2019). Thus, it is evident that risk management bodies of commercial organisations standards attribute the top management certain standards which they can incorporate in their organisational risk management standards. This ensures that the risk management strategies made by companies are of international standard and enable the organisations to mitigate or at least reduce the risk in which total eradication is not feasible (Barafort, Mesquida & Mas, 2017).

The following are the eleven principles of AS/NZS ISO 31000:2009 risk management principles and guidelines:

A powerful and strategically formed risk management strategy enable organisations management of risks by continuous monitoring and reviewing of their processes in place. The monitoring and review also cover fixed assets like plant and machinery, furniture and land and building to recognise any defect in them which is likely to cause risks. This paves ways for taking of appropriate risk management strategies to manage future risks (Finance.gov.au, 2019).

Risk management should be made an integral component of the organisational business strategies. The making of the risk management strategies must be placed under the supervision of the apex management and directors.

The management boards must constitute risks in all the decisions that they make. For example, while making financial decisions and marketing decisions, the management boards should take into account financial and marketing risks respectively (Iso.org, 2019).

The risk management standards should take into account the future uncertainties which the lead to risks in explicit manners while making strategies. For example, while making financial decisions, the management should take into account the market uncertainties like future economic breakdowns which might affect the returns the company would generate from the market.

The risk management strategies should be systematic, well-structured and timely. This once again points out that the risk management should be carried out under the supervision of the apex management as mentioned in the second and third principles.

The risk management strategies formed by the management committees formed should be based on the best information and data available.

AS/NZS ISO 31000:2009 Risk Management Principles and Guidelines

The risk management strategies of the organisations must be tailored according to the needs of the respective organisations. For example, the risk management strategies of the retail sector companies should be tailored according to needs of the particular sector.

The risk management strategies of the organisations should take into account the human and organisational cultural factors.

The risk management strategies should transparent and made taking into consideration the requirements of the stakeholders. The stakeholders included while making risk management strategies should include both internal and external stakeholders.

The risk management strategies should be dynamic, iterative and responsible to the business requirements of the companies concerned.

The risk management strategies should facilitate continuous improvement in the organisations concerned. For example, the financial risks management strategies should be aimed to reduce the financial risks which business organisations may encounter in the market. The aim of the strategies should be reducing the financial risks and ensuring higher returns to the companies on perpetual basis.

The commercial organisations as per the Model WHS laws require to appoint an officer who would be in charge of the safety of the workplace. The officer can be given be designations like first aid officer, health and safety officer and administrator in charge. The volunteers may also participate in the decision making regarding risk management which should necessarily financial implications on the organisations concerned.

The business organisations must take into account their size, the industry the company operates in and the potential risks the company faces in deciding the risk control measures hazardous manual tasks according to requirement under model Work Health and Safety Regulations 2011 (Safeworkaustralia.gov.au, 2019)

The purpose of the risk management policies is to identify the risks business organisations face in the market and take appropriate measures to mitigate or at least reduce them.

Risk which are not identified or dealt with efficient have several impacts on the concerned workplace. For example, if a supply chain risk goes unrecognised, it leads to loss of productivity. The company concerned is not able to deliver finished products on time which leads to revenue risks. Secondly, the clients with which the company has entered into contracts may take legal action claiming refund of the advance amount which they have paid. This would cause legal risks to the company. Thirdly, the company concerned may lose its customers to its competitors, thus suffering competitive risks. Thus, it is evident from the discussion that an unidentified supply chain risk results in revenue risks, legal risks and financial risks.

Requirements under WHS Legislation to Manage Risk

The following are the steps which companies can take to analyse risks:

1. The management can continuously communicate with the stakeholders.
2. The company can form a continuous chain of communication across the hierarchy which would enable the lower level employees to communicate risks with their upper level employees.
3. The top management must integrate the knowledge gained from the lower level employees to form risk management strategies.
4. The top management must gain the participation of all the employees in implementation of the risk management strategies identified.
5. The management must review and monitor the risk management strategies in place.
6. The management must amend the risk management strategies if required.

The three sources from which companies can gain information about risks are suppliers, customers and its marketing department employees.

The companies can use financial reports, customer feedbacks and market survey analysis as three tools to identify risks as a component of the risk management process.

The four options which companies can take to control risks are:

1. Forming a dedicated risk management department.
2. Training the employees
3. Installation of modern software to manage risks.
4. Hold continuous meetings with stakeholders like investors and suppliers to identify the risks.

The four procedures which the companies can use to minimise risks are:

The management of the company should gain knowledge about the risks from lower level staffs and external stakeholders like customers.

The management of the companies in presence of all the departmental heads should hold meetings to analyse the potential impacts of the risks. This analysis would lead to the formation of risk management strategies.

The apex management implement the risk management strategies by directing and managing the organisational hierarchy.

The apex management must monitor the risks and take steps to amend the risk management policies in line to adapt to the newly emerging risks.

The expansion of NatureCare Products would face several risks. The first risk which the company would face in the path of expansion across Australia is competitive risk. This is because the company is planning to expand in the form of retail outlets to sell organic skincare products. This would bring the company into direct competition with the established organic products marketing companies already possessing retail outlets the main target cities which NatureCare aims to enter namely Sydney, Brisbane and Melbourne. This would create market risks for NatureCare. The next risk which is evident is revenue risks. The established organic skincare products selling retail chains due to their already established position in the markets of Sydney, Melbourne and Brisbane may poach customers for NatureCare. It can also be interpreted that NatureCare would have to lose its customers to its competitors which would cause generation of lower revenue, thus causing revenue risks. The third risk which the company would be facing would be capital risks. This is because falling revenue would result in the company losing its investors owing waning power to give high returns to investor. This situation would give rise to capital risks. The fourth risks which the company would face would technological risks. This is because, owing to the simultaneous ecommerce, third party and retail distribution of products would necessitate the company embrace new advanced technology, thus rendering the existing technology redundant and resulting in technological risks.

Factors to Consider in Determining Risk Control Measures for Hazardous Manual Tasks

The risk management process of the company should consist of identification of risks by the employees including lower level employees. This is followed by reporting to the risks to the managers who in turn report the risks identified to the apex management. The apex management executives analyse the risks identified and form strategies to mitigate or at least reduce the risks. The employees irrespective of designations participate in the risk management strategies implementation process. This is followed by continuous monitoring and review of the risk management strategy to ensure alignment with the business needs of the company.

The key factors of PESTLE analysis and their impact on the risk management process of NatureCare:

Political and legal factors:

The political factors like stability of the government have great impact on the risk management policies. This is because a stable government makes laws and policies which forms the base of the decision making policies of the companies, including their risk management policies.

Social-economic:

The socio-economic factors like rising income of consumers in the society have a very impact impact on the businesses, especially for lifestyle related goods like organic skincare products. This is because organic skincare products are costlier than inorganic skincare products. Higher income among the consumers means higher disposable income to buy these products. Thus, lower income means loss of customers to businesses selling lower price products. Thus it is evident that socio-economic factors have great impacts on the risk management.

The technological and environmental factors have great importance in risk management. As far as NatureCare is concerned, the company manufactures high-end skincare products. Thus means that company has to integrate modern science with organic skincare to form the high quality products. This enables it to offer high quality to customers, generate high revenue and manage revenue risks. The organic products are environment friendly, thus enabling in managing environmental risks.

Scope of assessment:
Critical success factors:
Internal & external stakeholders:
Risk	Consequences	Severity Rating	Likelihood Rating	Treatment or control methods	Priority rating (high, medium or low) Order of priority
competitive risk	Losing market position	Very high	High	Marketing of products	Very high
revenue risks	Losing customers to competitors and lower returns to investors	Very high	Moderate	Marketing of products	High
technological risks	New technology rendering existing technology redundant	High	Low	Innovation and technological advancements	Moderate
Capital risks	Lower capital generation	High	Low	Marketing and higher revenue generation	Low
Environmental risks	Higher environmental pollution penalties	High	Low	Sustainable business operations	High

The internal stakeholders would be employees, management and the managers. The external stakeholders would be customers, investors, suppliers and governments.

Strengths:

1. Financially strong
2. Already present on ecommerce and health food shop network.
3. Innovative products.
4. Business expansion using retail chain establishments.

Weaknesses:

1. Weaker financial positions compared to international organic companies.
2. Narrower market presence.

The critical success factors would be expanding revenue base and market presence. The rising demand for organic products would also be among the critical success factors.

To: official email id of the CEO

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the risks which have been identified with relation to the retail chain expansion of M/s NatureCare. The risk analysis has succeeded in uncovering five risks in the matter namely, revenue risks, capital risks, environmental risks, technological risk and market risks. It would be prudent to point out that your kind attention in the matter would be required to embark on further actions to manage the risks identified. Hence, keeping the above matter in light, your feedback and approval is highly anticipated to proceed with the project.

Purpose of Risk Management Policies and Procedures in the Workplace

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

To: official email id of the team members

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the risks which have been identified with relation to the retail chain expansion of M/s NatureCare. The risk analysis has succeeded in uncovering five risks in the matter namely, revenue risks, capital risks, environmental risks, technological risk and market risks. It would be prudent to point out that your kind attention in the matter would be required to embark on brainstorming for taking further actions to manage the risks identified. Hence, keeping the above matter in light, your presence and participation is highly anticipated to proceed with the project. The anticipated time would be February 23, 2019 at 10 am in the morning.

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

The risk management policy of NatureCare would be explained and the risks identified would be discussed at length. The chair person should seek ideas from the attendees and agree on the most important risks to be included in the risk management plan.

Scope of assessment:
Critical success factors:
Internal & external stakeholders:
Risk	Consequences	Severity Rating	Likelihood Rating	Treatment or control methods	Priority rating (high, medium or low) Order of priority
competitive risk	Losing market position	Very high	High	Marketing of products	Very high
revenue risks	Losing customers to competitors and lower returns to investors	Very high	Moderate	Marketing of products	High
technological risks	New technology rendering existing technology redundant	High	Low	Innovation and technological advancements	Moderate
Capital risks	Lower capital generation	High	Low	Marketing and higher revenue generation	Low
Environmental risks	Higher environmental pollution penalties	High	Low	Sustainable business operations	High
Supply chain risks	Low productivity and risks 2	Moderate	Moderate	Strong procurement strategies	Moderate

To: official email id of the CEO

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the risks which have been identified with relation to the retail chain expansion of M/s NatureCare. The risk analysis has succeeded in uncovering five risks in the matter namely, revenue risks, capital risks, environmental risks, technological risk and market risks. It would be prudent to point out that your kind attention in the matter would be required to embark on further actions to manage the risks identified. Hence, keeping the above matter in light, your feedback and approval is highly anticipated to proceed with the project.

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

The staff of NatureCare can be imparted training in various ways. They can be provided class room training, on-job training and simulation. The employees should also attend seminars tp expand their knowledge base.

1. Undertake an inspection of head office:

An inspection of the head office would be undertaken.

1. Develop a customer questionnaire:

Questions	1	2	3	4	5	6	7	8	9	10
Media plays a very important role in marketing.
Media decides purchase decision of customers
Quality decides value creation
Pricing is very important for customer satisfaction.
Aftersales services are important
Recommendations from friends and families matter in making purchase decisions
You recommend others to use products you are satisfied with.

Sending email to the CEO:

To: official email id of the CEO

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the staff training options and questionnaire to measure customer satisfaction which have been suggested with relation to the retail chain expansion of M/s NatureCare. The risk analysis has succeeded in uncovering the risks of lack of employee competence and customer satisfaction.  It would be prudent to point out that your kind attention in the matter would be required to embark on further actions to manage the risks identified. Hence, keeping the above matter in light, your feedback and approval is highly anticipated to proceed with the project.

Impacts of Risks if Not Identified or Actioned

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

The risks would be monitored as per the leadership of the apex management. The memos like sales memos would be reviewed.

To: official email id of the CEO

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the staff training options and questionnaire to measure customer satisfaction which have been suggested with relation to the retail chain expansion of M/s NatureCare. The risk analysis has succeeded in uncovering the risks of lack of employee competence and customer satisfaction.  It would be prudent to point out that your kind attention in the matter would be required to embark on further actions to manage the risks identified. Hence, keeping the above matter in light, your feedback and approval is highly anticipated to proceed with the project.

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

The risk control measures in this case would training of managers, motivating of the staff and increasing the salaries of the managers.

To: official email id of the CEO

From: Sender’s official email id

Subject: Risk management project of expansion of M/s NatureCare Products to open retail chain

Dear Sir/Madam,

I would like to introduce you to the current HR risks which M/s NatureCare is facing owing resignation of experienced managers. I consider it extremely important to bring into your notie that the grounds of resignation as mentioned by the managers were excessive work pressure, lack of training and low salaries. It would be prudent to point out that your kind attention in the matter would be required to embark on further actions to manage the HR risks identified. Hence, keeping the above matter in light, your feedback and approval is highly anticipated to proceed with the project.

Regards,

…………..(stamp and sign)

…………………(Name)

…………………………(designation)

The risks management process was very effective.

The project was difficult due to resigning of the key managers. This was because the loss of managers led to loss of talent and knowledge. The staff input was helpful. It can confidently be mentioned that all the risks have been identified.

The current risk management measures of NatureCare are not sufficient to guide future business expansion projects. This was become the risk assessor could not identify the HR which was caused by managers resigning. The risk led to loss of talent and knowledge.

The principles were consistent with AS/NZS ISO31000:2009 policies.

The two recommended risk management processes would be appointment of a risk management officer and risk management training of the employees

References:

Barafort, B., Mesquida, A. L., & Mas, A. (2017). Integrating risk management in IT settings from ISO standards and management systems perspectives. Computer Standards & Interfaces, 54, 176-185.

Ferma.eu. (2019). Retrieved from https://www.ferma.eu/about/about-ferma

Finance.gov.au. 2019. Retrieved from https://www.finance.gov.au/sites/default/files/COV_216905_Risk_Management_Fact_Sheet_FA3_23082010_0.pdf

Iso.org. (2019). Retrieved from https://www.iso.org/standard/43170.html

Sadgrove, K. (2016). The complete guide to business risk management. Routledge.

Safeworkaustralia.gov.au. (2019). Retrieved from https://www.safeworkaustralia.gov.au/law-and-regulation/model-whs-laws#model-whs-act