You are on page 1of 4

Risk Management


South West Victoria SEAL Inc. is committed to minimising risk in all its operations in order to maximise the efficiency and
effectiveness of its programs and services; these include minimising risks in the area of contracts, theft and fraud, loss of
income, business interruption, health and safety, human resources and compliance. Risk management is about asking the
following questions:

•What can go wrong?
•What are the consequences if something does go wrong?
•What can we do to prevent it going wrong?

These procedures describe the processes that South West Victorian SEAL Inc. will use to monitor, mitigate and minimise
risk in its operations. In 2012 a revised development system was put in place using the table below to assist in developing
the register and its policy and procedure

Developing South West Victorian SEAL INC. Risk Management
# Requirement Done Who/What
1 Has the CoM and executive expressed their support for a Risk Y CoM, QKnet,
Management programme? \Y\quality

2 Have you identified a person who will be responsible for implementing Y CEO
risk management?
3 Does the risk manager, or equivalent, have reasonable access to staff Y CEO
and management across the organisation?
4 Have you defined categories of risk relevant to your organisation and Y CoM, CEO
5 Do your risk categories reflect all operational risk areas of the business Y CoM, CEO,
as well as more strategic risk categories? QKnet

6 Is there a clear organisational strategy (or objectives) articulated for the Y Policy and
organisation? Procedure

7 Have you defined and agreed a Likelihood scale to assess the potential Y CoM, CEO
for the risk to occur throughout the organisation?
8 Have you defined and agreed a Consequence scale to help assess risk Y Policy and
impacts across the organisation? Procedure
9 Does your Consequence scale describe both financial and non-financial Y Policy and
impacts? Procedure

10 Does your Risk management framework consider the effectiveness of Y Policy and
controls or risk treatments? Procedure

11 Is there an agreed template or format for recording risk (a risk register)? Y QKnet,

12 Has a risk policy been defined? Y QKnet


taken from the following categories: Contracts. Theft and Fraud. is as follows: Committee of Management – The CoM has ultimate responsibility for ensuring appropriate management of risk by South West Victorian SEAL Inc. while “old” risks that have been adequately treated or no longer apply should be left on the register for historical purposes. The register will record: •the area of risk. Business Interruption. CEO unacceptable? 19 Is there an agreed format/ template for reporting on risk? Y QKnet. training and service operations of South West Victorian SEAL Inc. all staff approved the Risk Policy/ Strategy? 15 Do job descriptions of key stakeholders include responsibilities Y Consultant for risk management? hired P Macdonald 16 Is a formal project management methodology used to manage projects? Y QTS 17 Is a mechanism in place to identify.13 Does the organisation have a documented risk management strategy? Y QKnet 14 Has the Risk Committee (or equivalent) and the CoM reviewed and Y CoM. with assistance from the CoM and QTS will develop and maintain a risk management register for the operations of South West Victorian SEAL Inc. Monitoring and reviewing the Risk Management Register: The CEO with assistance from the CoM and QTS (Quality training and support) is responsible for monitoring and updating the Risk Management Register on a regular basis (generally monthly). Compliance •details of the actual risk exposure •any risk mitigation currently being undertaken or controls currently in place •a risk rating (as per the table below) •any further proposed risk mitigation activities and the target date for completing these •any additional resources required to complete the risk mitigation •this register is stored on a restricted network drive and backed up off site to minimise risk to itself. assess. Health and Safety. record and monitor risks on Y QKnet projects? 18 Has the organisation agreed what types and levels of risk are Y CoM. The Risk Management register will be reported to the CoM of Management bi-annually (generally March and September). Chief Executive Officer – The CEO is responsible for ensuring that a risk management system is established. \Y 20 Is there a process and/or template where staff and the Executive can Y All staff record new risks? Scope: This procedure applies to all business. New risks should be added over time. staff member is responsible for the effective management of risk. Y:\QKnet\2016\procedures\riskmanv1. implemented and maintained in accord with this policy All staff – Every South West Victorian SEAL Inc. Such risks will be marked as “A” for adequately controlled. including the identification of potential risks The CEO. Human Resources. Loss of Income.docx . Responsibilities: Responsibility for risk management within South West Victorian SEAL Inc.

Risk Management Register.Risk Management ratings The following ratings are used in the South West Victorian SEAL Inc. lost •Short •Long •Death or requiring First time hospitalisation hospitalisation permanent Aid •Transient and full recovery or incomplete incapacity •Minor pollution. environmental harm of services or •Minor loss of term recovery harm. frequent monitoring and monthly reporting Significant risk Active management. Probability/Consequences 1 – Insignificant 2 – Minor 3 – Moderate 4 – Major 5 – Catastrophic •Less than $10K •$10 – 50 K loss •$50 . manage through routine procedures. review annually Y:\QKnet\2016\procedures\riskmanv1. regular monitoring and quarterly reporting Moderate risk Manage through specific response procedures. development of detailed treatment plans. long-term •Major adverse reputation services or possible recovery impact on reputation •Unfavourable •Significant business (total impact on adverse impact closure > 3 days) business and on business and and reputation reputation reputation 5 – Almost certain 5 10 15 20 25 Expected to occur in most circumstances 4 – Likely 4 8 12 16 20 Will quite commonly occur 3 – Moderate 3 6 9 12 15 May occur occasionally 2 – Unlikely 2 4 6 8 10 Could occur infrequently 1 – Rare 1 2 3 4 5 May occur in exceptional circumstances Management of risk Level Management response High risk Active management. some mid. development of additional risk plans.$500 K •More than loss •Medical loss loss $500 K loss •Injury treatment. periodic monitoring and b-annual reporting Low risk No major concern.docx .$250 K •$250 . •Significant recovery •Long-term pollution effective environmental •Significant environmental •Almost no loss remediation harm.

Quality Assurance Quality Systems 5 Further action CoM Member Describe any further action to control or mitigate the risk.) Quality Systems Training Manager 3 Assess risk CoM Member Assess the risk. Quality Assurance Quality Systems 2 Identify risk CoM Member Identify the general area of risk (see categories above) and describe the nature of the CEO risk. CEO Quality Assurance Quality Systems Quality Document References: Committee of Management Fiduciary Duties: Policy -SWS-CoM Confidentiality Policy: Policy -SWS-Human Resources Environment Policy: Policy -SWS-Administration Fiduciary Duty Policy: Policy -SWS-CoM Records Management: Policy -SWS-Quality Risk Management: Policy -SWS-Corporate Services Records Management: Procedure -SWS-Quality References to Standards and Legislation: NVR Part 3 2012: Essential standards for continuing registration 18: SNR 18 The RTO has governance arrangements NVR Part 3 2012: Essential standards for continuing registration 20: SNR 20 Compliance with legislation NVR Part 3 2012: Essential standards for continuing registration 21: SNR 21 Insurance NVR Part 3 2012: Essential standards for continuing registration 22: SNR 22 Financial management Other Information: AS/NZS ISO 31000-2009 Risk Management – Principles and Guidelines Y:\QKnet\2016\procedures\riskmanv1. the movement of students around the South West Victorian SEAL Quality Assurance Inc. CEO Quality Assurance Quality Systems 4 Current controls CoM Member Indicate any current controls and whether the risk is adequately or inadequately CEO controlled. factoring in the probability and the likelihood of the event occurring.docx . and any additional CEO resources required Quality Assurance Quality Systems 6 Mitigation timeline CoM Member Allocate a timeline for the control or mitigation of the risk. (For example. car park is a Health and Safety risk for pedestrians and other cars.Procedure: Step Responsibilities Links 1 Allocate number CoM Member Allocate a unique number to each risk (aim for no more than 30 active risks on the CEO register).