Name : Chan Pui Pui

Student ID : MEI 1343

BSBRSK501 - Assessment Task 1

1. Outline the key purpose of risk management standards. Include an example of a risk
management standard in your answer.

The key purpose of risk management is to build a specific set of strategic processes
which contains an organisation’s aspirations and objectives and can be used to identify
risks and reduce risks through best practices

Example: ISO 31000 is an international standard published in 2009 that provides

principles and guidelines for effective risk management. It outlines a generic approach
to risk management, which can be applied to different types of risks (financial, safety,
project risks) and used by any type of organization. The standard provides a uniform
vocabulary and concepts for discussing risk management. It provides guidelines and
principles that can help to undertake a critical review of your organization’s risk
management process.

2. Outline the AS/NZS ISO 31000: 2009 Risk Management Principles and Guidelines and
each of the 11 principles.

The AS/NZS ISO 31000: 2009 Risk Management Principles was adopted to replace the
previous Australian and New Zealand risk management standard AS/NZS 4360:2004 in
Nov 2019. It provides Fund Member agencies with principles and general guidelines to
be followed when setting up risk management frameworks and programs.

11 principles:
1. Risk management creates and protects value
Risk management contributes to the demonstrable achievement of objectives and
improvement of performance in.

2. Risk management is an integral part of all organizational processes

Risk management is not a stand-alone activity that is separate from the main activities
and processes of the organization. Risk management is part of the responsibilities of
management and an integral part of all organizational processes, including strategic
planning and all project and change management processes.

3. Risk management is part of decision making

Risk management helps decision makers make informed choices, prioritize actions and
distinguish among alternative courses of action.

4. Risk management explicitly addresses uncertainty

Risk management explicitly takes account of uncertainty, the nature of that uncertainty,
and how it can be addressed.
Name : Chan Pui Pui
Student ID : MEI 1343
5. Risk management is systematic, structured and timely
A systematic, timely and structured approach to risk management contributes to
efficiency and to consistent, comparable and reliable results.

6. Risk management is based on the best available information

The inputs to the process of managing risk are based on information sources such as
historical data, experience, stakeholder feedback, observation, forecasts and expert
judgement.

7. Risk management is tailored

Risk management is aligned with the organization's external and internal context and
risk profile.

8. Risk management takes human and cultural factors into account

Risk management recognizes the capabilities, perceptions and intentions of external
and internal people that can facilitate or hinder achievement of the organization's
objectives.

9. Risk management is transparent and inclusive

Appropriate and timely involvement of stakeholders and, in particular, decision makers
at all levels of the organization, ensures that risk management remains relevant and up-
to-date.

10. Risk management is dynamic, iterative and responsive to change

Risk management continually senses and responds to change. As external and internal
events occur, context and knowledge change, monitoring and review of risks take place,
new risks emerge, some change, and others disappear.

11. Risk management facilitates continual improvement of the organization

Organisations should develop and implement strategies to improve their risk
management maturity alongside all other aspects of their organization.

3. Outline the requirement under WHS legislation to manage risks.

The WHS Act and Regulations require persons who have a duty to ensure health and
safety to ‘manage risks’ by eliminating health and safety risks so far as is reasonably
practicable, and if it is not reasonably practicable to do so, to minimise those risks so far
as is reasonably practicable.
Name : Chan Pui Pui
Student ID : MEI 1343
4. Outline the factors that must be taken into account in determining risk control
measures for hazardous manual tasks as stated in the model Work Health and Safety
Regulations 2011.

Work Health and Safety Regulations

The factors including:
• Postures, movements, forces and vibrations associated with dangerous manual
tasks;
• Duration and frequency of dangerous manual tasks;
• Workplace environmental conditions may affect dangerous manual tasks or
workers performing the tasks;
• Work area design; workplace layout;
• The working system used; and
• The nature, size, weight or number of persons, animals or things involved in
dangerous manual tasks.

5. Outline the purpose of risk management policies and procedures in the workplace.

The purpose of organizational policies and procedures for risk management is to ensure
every worker a safe place to work. Some jobs do come with some risk, but each
employer must utilize organizational policies and procedures for risk management to
insure that the amount of risk for the employee is as low as possible.

6. List three examples of the impact of risks for a workplace if risks are not identified or
actioned.
• Financial loss
Every one of the preceding 6 consequences leads to some sort of financial
loss, be it in the form of fines, lost sales, or even lower share values.

• Loss of reputation
This consequence of ignoring risk management is similar to customer
dissatisfaction, but its impact is more significant since it usually involves
nefarious activities within an organization instead of a mere mishap.

• Fine
Not having a formal risk management process in place puts your
organization at risk of fines or sanctions from federal, state and even
industry-specific regulatory bodies.
Name : Chan Pui Pui
Student ID : MEI 1343
7. Outline step by step procedures that companies can use for analysing risks.

Step1: Identify risks, i.e. anything that may create harm.

As an employer, you have a duty to assess the health and safety risks faced by their
workers. You must systematically check for possible physical, mental, chemical and
biological hazards

Step2: Analyse the risk

Once risks are identified you determine the likelihood and consequence of each risk.
You develop an understanding of the nature of the risk and its potential to affect
project goals and objectives.

Step3: Evaluate the risk

You evaluate or rank the risk by determining the risk magnitude, which is the
combination of likelihood and consequence. You make decisions about whether the risk
is acceptable or whether it is serious enough to warrant treatment.

Step4: Manage the risk

This is also referred to as Risk Response Planning. During this step you assess your
highest ranked risks and set out a plan to treat or modify these risks to achieve
acceptable risk levels. How can you minimize the probability of the negative risks as
well as enhancing the opportunities? You create risk mitigation strategies, preventive
plans and contingency plans in this step.

Step5: Monitor and Review the risk

This is the step where you take your Project Risk Register and use it to monitor, track
and review risks.

8. Outline three sources of information that a company could use to gather information
on potential risks.
• Suppliers
Such as issues within their business or industry resulting in failure or interruptions
to the supply chain of products or raw materials

• legislation
Such as insurance issues, resolving disputes, contractual breaches, non-compliance
with regulations, and liabilities

• market research
Such as changes in consumer preference and increased competition
Name : Chan Pui Pui
Student ID : MEI 1343
9. Outline three examples of tools or techniques that a company could use to identify risks
as part of a risk assessment process.

An interview is conducted with project participants, stakeholders, experts to identify

risks
• Root causes are determined for the identified risks. These root causes are further
used to identify
• additional risks
• Swot analysis- Strengths and weaknesses are identified for the project and thus, risk
are determined.
• Conducting brainstorming through staff meetings
• Using checklists to identify the types of risks that might be present.

10. Outline five options that a company could take to control risks.
• Avoiding the risk
• Reducing the risk
• Transferring the risk
• Financing the risk
• Retaining the risk

11. Explain five procedures that a company could use to minimise risk. 
• implementation of policies and procedures
• quality and compliance processes
• staff induction, ongoing training and performance management
• ongoing monitoring of risk
• continuous improvement processes