BSBRSK501

Manage risk
Learners Workbook
 Table of
Contents
Table of Contents........................................................................................1
Candidate Details........................................................................................2
Assessment – BSBRSK501: Manage risk..............................................................2
Competency Record to be completed by Assessor...............................................3

Learner Workbook Activity answers.................................................................9

Activity 1A....................................................................................................................... 9
Activity 1B..................................................................................................................... 10
Activity 1C..................................................................................................................... 11
Activity 1D..................................................................................................................... 12
Activity 1E..................................................................................................................... 13
Activity 1F...................................................................................................................... 14
Activity 1G..................................................................................................................... 15
Activity 2A..................................................................................................................... 16
Activity 2B..................................................................................................................... 17
Activity 2C..................................................................................................................... 18
Activity 3A..................................................................................................................... 19
Activity 3B..................................................................................................................... 20
Activity 4A..................................................................................................................... 21
Activity 4B..................................................................................................................... 22
Activity 4C..................................................................................................................... 23
Activity 4D..................................................................................................................... 24
Activity 4E..................................................................................................................... 25
Activity 4F...................................................................................................................... 26
Summative Assessments..............................................................................27
Section A: Skills Activity................................................................................................28

Section B: Knowledge Activity (Q & A)..........................................................................29

Section C: Performance Activity....................................................................................30

Candidate Details

Assessment – BSBRSK501: Manage risk

Please complete the following activities and hand in to your trainer for marking. This forms
part of your assessment for BSBRSK501: Manage risk.
Name: ____
Address: _________________________
_____________________________________________________________
Email: _____ _______________________________
Employer: ______

Declaration
I declare that no part of this assessment has been copied from another person’s work with
the exception of where I have listed or referenced documents or work and that no part of
this assessment has been written for me by another person.
Signed: ____________________________________________________________
Date: ____27/03/2021______________________________________________

If activities have been completed as part of a small group or in pairs, details of the
learners involved should be provided below:

This activity workbook has been completed by the following persons and we acknowledge
that it was a fair team effort where everyone contributed equally to the work completed.
We declare that no part of this assessment has been copied from another person’s work
with the exception of where we have listed or referenced documents or work and that no
part of this assessment has been written for us by another person.
Learner 1: _
Signed: ____________________________________________________________
Learner 2: _ ________________________________________________
Signed: ____________________________________________________________
Learner 3: __ ______________________________________________
Signed:
____________________________________________________________
Learner 4: __ ___________________________________
Signed:
____________________________________________________________
Competency Record to be completed by Assessor
Learner Name: _______________________________________________________

Date of Assessment: _______________________________________________________

The learner has been assessed as competent in the elements and performance criteria and the evidence
has been presented as:

Assessor Initials
Authentic
Valid
Reliable
Current
Sufficient

earner is deemed: COMPETENT NOT YET COMPETENT (Please circle)

If not yet competent, date for re-assessment:

____________________________________

Comments from Trainer / Assessor:

__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
__________________________________________________________________________
________________________________________

Assessor Signature:
________________________________________________________
Observation/demonstration
Throughout this unit, the learners will be expected to show their
competency of the elements through observations or
demonstrations. As trainer/assessor, you will compile a list of
demonstrations that you recognise the learners will need to complete, or
tasks to be observed. Any required observations and demonstrations
will need to be completed, as well as the activities found in the Learner
Workbook.

An explanation of observations and demonstrations:

Observation is on-the-job

The observation will usually require:

 Performing a work based skill or task

 Interaction with colleagues and/or customers.

Demonstration is off-the-job

A demonstration will require:

 Performing a skill or task that is asked of you

 Undertaking a simulation exercise.

You will need to inform each learner which one of the above
they will be required to do. The observation/demonstration
will cover one of the unit’s elements.

The observation/demonstration will take place either in the workplace or

the training environment, depending on the task to be undertaken and
whether it is an observation or demonstration. As trainer/assessor,
you will ensure each learner is provided with the correct equipment
and/or materials to complete the task. Learners should also be
informed on how long they have to complete the task.

Learners should be able to demonstrate the skills, knowledge and

performance criteria required for competency in this unit, as seen in
the Learner Guide.
Learner Workbook Activity
Complete the following activities individually or in a group (as applicable to the specific activity
and the assessment environment).

Activity 1A
Estimated Time 20-30 Minutes
Objective To provide you with an opportunity to review organisational processes,
procedures and requirements for undertaking risk management in accordance
with current risk management standards.
Provide a brief overview of your organisation’s (or an example
organisation’s) current risk management practices and how these meet
organisational needs. (Approximately 150-200 words.)

Ans: Risk management practices are really important for an organisation to

meet its organisational needs. So, it is important to analyse the risk
management practices. In simple words, risk management is the
identification of risks in advance, analysing them and taking the required
precautionary methods to stop them from advancing further.

My current organisation is Bunnings Warehouse which is under

Wesfarmers group. Wesfarmers is committed for identification, monitoring
and management if material financial and non-financial risks associated
within its business activities. Wesfarmers believes in positive culture, such
as honesty, transparency, fairness, integrity, constructive challenge and
accountability being the elements for effective risk management and
awareness. Management is responsible for the day-to-day compliance and
controlling at a divisional level. Senior management reinforces and
remodels the key behaviours required for maintain strong risk culture.
During this process, any risk issues are reported to the Board. Divisional
Managing Directors are responsible for assessing the risk management
outcomes in their respective divisions. In addition, divisional audit and risk
committee work closely with each division to ensure that the Board has
access to the timely information about emerging and existing risks for each
division. They also provide a dedicated forum for facilitating constructive
debate and challenge regarding operational risk management.

The risk management framework is reviewed on annual basis by the Board

to satisfy itself that the organisational needs are met as intended and is
operating regardless of the risk appetite set by the Board [ CITATION
Wes201 \l 3081 ].
Activity 1B
Estimated Time 20 Minutes
Objective To provide you with an opportunity to determine scope for risk
management
process.
For your organisation (or an example organisation), provide the details of two
areas within the business and the requirements under these that require
risk management (e.g. work health and safety).

Ans: The two areas within the organisation that require risk management
are:
i) Workplace health and safety: As Bunnings consists of heavy
packages, there is a risk of high injuries. The daily use of
machineries to lift the pallets with heavy objects increases the
chance of physical injuries. Also, they are kept as top stock which
increases the risk of falling of the objects if the height and weight
of the bay is not maintained.

ii) Safe working environment: Although there is continuous

monitoring for safe working environment for the employees and
customers, due to harsh weather conditions, there might be
incidents occurring. As the areas for bins, gases and deliveries are
open, in harsh weather conditions, there is a risk of objects
moving from one place to another and harming the nearby
person. For example, in windy season, the storage boxes and
plastics are flown away, and they might injure the person working
in the area.
Activity 1C
Estimated Time 20 Minutes
Objective To provide you with an opportunity to identify internal and external
stakeholders and their issues.
At your workplace (or an example workplace) list the stakeholder types/groups
and an issue for each.

Ans: The stakeholders for the organisation with their

corresponding issues are:
a) Employees-These are people employed in an organisation for wages
or salary, especially at non-executive level. These people have direct
impact risks. Issue: unregulated working hours
b) Shareholders– These are people who are interested in their dividends
and capital growth of their shares invested in an organisation. Issue:
Financial instability of the organisation
c) Middle and senior management-This include people in intermediate
management and executive management they are also interested in
their job security, prospects and pay. Issue: Financial stability
d) Owners and directors-Owners include shareholders in an organisation
while directors are appointed by shareholders to manage the
business on their behalf. Issue: changes to business legislation
e) Government – especially the Inland Revenue and the Customs and
Excise who will be collecting tax from them. Issue: changes to
business legislation
f) Banks or financiers which include other financial organisations
lending money to the business. Issue: changes to business legislation
g) Customers and consumers-These are people who benefit from the
organisation through getting their services or goods. Issue: Poor
customer service
h) Community-Society within the organisation operates.
i) Environment-This is the location within which the organisation is
situated and surroundings. Issue: Work area ergonomics
Activity 1D
Estimated Time 20 Minutes
Objective To provide you with an opportunity to understand about reviewing
political,
economic, social, legal, technological and policy context.
How do the following affect risk management in the workplace:

 Political: Political aspect and an organisation’s business are

intertwined. Any changes in the political atmosphere can result in
the changes of the policies of the organisation.

 Economic: Changes in the economic structure in a country can

directly affect the risk management of a workplace. For instance:
any changes in the taxation policy can result in the positive or
negative social performance of a company.

 Social: The aspects can also affect the risk management in certain
way which includes the health of the employees and their social
situation

 Legal: the legal aspects that can affect the risk management include
but are not limited to meeting the compliances, fulfilling the terms
of contracts, and alleged briberies.

 Technological: The latest technological advancements and changes in

the features of the machinery, can add on to the additional expenses
for an organization to increase its efficiency.

 Policy: The policies incorporated in an organization’s can sometimes

lay a mandatory procedure for the improving the operating
performance and complying with the other procedures laid by the
organization.
Activity 1E
Estimated Time 20-30 Minutes
Objective To provide you with an opportunity to review strengths and weaknesses
of
existing arrangements.
For your workplace (or an example workplace), assess the strengths
and weaknesses of the existing risk management process for one area
of business (e.g. financial or operations).

Ans: The STRENGTHS of the existing risk management process in operations

of business at the workplace:
 Very well trained and experienced personnel in each department.
 Property insurance of every products. So, our insurers back us
completely when it comes to claiming for the loses without any fuss.
 Loyal customers who do not turn their back even when products are
switched, or they buy the faulty products.
 Good training materials provided to the employees.
 Free advice and trainings for DIY to the customers.

The WEAKNESSES of the operations of our organization are:

 Lack of appropriate trainings to the newly recruited staffs which
sometimes lead to safety incidents.
 Customers sometimes associate the self-service and thus perceive
that the service provided the organisation is not up to the mark which
might lead to negative branding.
Activity 1F
Estimated Time 15 Minutes
Objective To provide you with an opportunity to document critical success factors,
goals
or objectives for area included in scope.
Following on from Activity 1E, identify three critical success factors that can
help achieve good risk management.

Ans: The three critical success factors that can help in achieving good risk
management:
1. A good health and safety protocol is important at my workplace
currently, because of the issues relating safety of our workers.
2. A good equipment technology is another CSF that will help in
achieving good risk management.
3. Training to the staff about avoiding the risks is also a CSR.
Activity 1G
Estimated Time 50 Minutes
Objective To provide you with an opportunity to obtain support for risk management
activities; and communicate with relevant parties about the risk management
process and invite participation.
As a role play, perform the following as a learner group activity:

In groups of approximately 5 people, take turns to represent the

risk assessment manager holding a group discussion with a group of
stakeholders (e.g. managers, colleagues, employees, etc.).
(Discussions may last approximately 10-20minutes for each turn.)

As risk assessment manager, you will need to choose an area of risk

management and seek support and participation from your stakeholders
to assist in risk management activities. Provide information on the support
that you will need and how your stakeholders can participate.

Ans: The scenario for this role play is a warehouse. As the role play advises
to choose an area of risk management and represent as risk assessment
manager, I am representing as the manager in this scenario, Jeetendra as
operation manager, Niyati as support co-ordinator, Nabina as lifestyle co-
ordinator and Mohsin as supervisor.

Summi: Hello everyone. As you all are aware that we have taken up a new
risk management policy and procedure to reduce the financial loss we are
facing each day. As we had many incidents in the past due to failure in
effectively implementing the correct safety procedures in the checkout
system and with lack of team members in each aisle, the organisation went
through massive loss this year. So, the board of directors decided to change
the policy and procedures. Please be ensured to follow the new policy very
strictly and I believe that each and everyone will actively participate to help
minimise the risks.

Jeetendra: With the recent stocktake report, we have undergone a huge loss
in our stocks this year compared to last year. There were many products
missing from our records which we suspect have been stolen. So, it is really
important for us to remind our team to provide exceptional customer service
to our customers as that is the motto of the company and also to keep the
stock up to date in regard to their relevant aisles.

Niyati: I have also communicated with my team to keep an eye in all the
returns that we get. As our policy is to accept each kind of return, however,
there were certain patterns with the customers returning the product.
Specially, with the power garden products and tools, the returned products
were missing batteries in them. In providing an exchange to these kinds of
products have also led to loss as the suppliers are hesitating to take the
products back.

Summi: In regard to this, I hope you all have been notified that our new
policy now accepts the returns of the products that have been purchased 1
year back. However, with the power garden tools, the warranties in them are
specified in the original box itself and the customers have to sign up with
that relevant company to claim their warranties on that specific product. The
product box itself explains the warranties. However, I want everyone,
especially Niyati being a support co-ordinator to inform your team members
of this change. The team member at the registers should notify the
customers that they compulsory need to sign up with the supplier company
to claim their warranty for more than a year. If the products go faulty within
a year of purchase, we will take the accountability. So, I want everyone to
inform your team members of this change.

Nabina: Also, I think it would be a good idea to organise a feedback session

for all team members. It can just be a simple feedback to be written on a
sheet of paper in regard to what they think about the new policy and what
can be further done to improve. As different people have different views, we
can gather more different ideas.

Summi: That is a very good idea Nabina. We can even reward the team
members who come up with the best ideas. This way we can increase the
participation. I would like you to take in charge of this activity. Please also
upload this information in our ‘Workplace’ app so that everyone in the
organisation knows about this.

Mohsin: As we have team meetings fortnightly, I will bring this issue in the
meeting as well. I was also thinking of encouraging our team to use the
recovery app to record the recoveries that they have come through and at
each meeting, we can allocate a loss prevention champion and reward the
with a gift card. This way we can increase the recoveries.

Summi: That is indeed very thoughtful. Thank you Mohsin. As you are the
supervisor of overall all the departments, I would also like you to prepare a
loss prevention report gathered from the app fortnightly. Please also include
the improvement happened each week. I hope everyone is aware of the new
policy and making your team members aware as well. I expect each of you to
support the organisation in minimising the loss by completing your assigned
tasks. Thank you all for your valuable input and I hope to get such great ideas
from you every time as always.
Activity 2A
Estimated Time 20 Minutes
Objective To provide you with an opportunity to invite relevant parties to assist
in the
identification of risks.
Write a script that you can use to invite a specific stakeholder group to
assist in risk identification. Provide details of the risk area and the
requirements that the stakeholder group will need to fulfil.

Ans:

Hi,
My name is Summi Shrestha. As the operating manager, I am writing to
invite you to assist me and my team in risk identification as you have been
identified as a stakeholder with interests and experience relevant to the risk
identification.
The area of risk identification is the operational area in which we are
planning to go on with the operational risks.

Your involvement could include participation and engagement in the risk

identification process. A confirmation of participation from you would be
greatly appreciated as we want to ensure that you are in receipt of the
communication. Also, we want your assistance in raising concerns and
finding the areas that are yet to be recognized.
Activity 2B
Estimated Time 20 Minutes
Objective To provide you with an opportunity to research risks that may apply to
scope.
Choose a scope (or area) of risk management in the workplace and
perform a brief research of the risks that may be involved. List five
risks that you have found.

Ans: Operational Risk Management refers to the validation and improvement

of the reliability and effectiveness of business operations in a comprehensive
manner.

The scope of operational risk management expands but not confined to the
day to day running of the business and the organization as a whole.
The risks that were found while going on with the operational risk
management are:
1. Storage of heavy pallets as the top stock without maintaining the safe
height and bay weight.
2. Continuous health and safety concerns of the workers.
3. Non-compliance with the required set PPEs such as using gloves while
cutting the boxes, pulling trolleys.
4. Regulatory risks in which taking care of all the necessary regulations
usually delay the delivery being given to the customers.
5. In our case, the poor weather conditions also fall under the category
of operational risks as we are a warehouse and harsh weather
obstructs the deliveries of the goods coming into the store and hence
effective supply to the customers.
Activity 2C
Estimated Time 20 Minutes
Objective To provide you with an opportunity to use tools and techniques to generate
a
list of risks that apply to the scope, in consultation with relevant
parties.
As a role play activity in the learning group, perform the following:

For a risk area of your choice, discuss in small groups (approximately 5-8
people) the methods, tools and techniques that you can use to identify
the risks.

Ans:
Goal: Zero drowning cases
Risk Manager Summi
Business Operation Manager Mohsin
Marketing Executive Niyati
Online sea warning, direction and Jeetendra
navigation operator
Online trainer Nabina

Summi: Hello everyone. Thank you for joining this session today. As you
know that Nelson Boat Hire is in the verse of its expansion for hire. However,
according to the surveys conducted as a part of our data gathering process,
we came to know that most of our clients are tourists who come with their
families and do not know our local area. There are high chances that they are
not the good swimmers. So, it is our duty to make them feel safe and prevent
any incident that might happen in the future. So, our main objective will be
to have zero cases of drowning incidents. Today we have gathered here to
discuss the risks associated with this expansion and what tools and
techniques can be used to manage and identify them.

Mohsin: To start with, let us first use qualitative analysis to assess the risk of
drowning. Let us gather the probability of drowning according to the age
groups and classify them as either high, moderate or low. Following up,
when we have gathered enough data, risk assessment can be performed
through quantitative method so that we can quantify the risk exposure and
also determine the size of cost and schedule contingency that many be
required. A scoring table can be used as well.
 0.05 0.20 0.40 0.65 0.95
PROBABIL
ITY OF
OCCUREN 0.10 ≤ 0.25 ≤ 0.70 ≤
CE 0<P< 0.25 ≤ P <
P< P< P<
0.10 0.45
0.25 0.45 0.95

NEGLIGI MEDIU SIGNIFIC Niyati: SWOT Analysis can be

LOW HIGH other method for identifying the
BLE M ANT
risks. We can perform SWOT
analysis together with
brainstorming techniques to help
Occure Occure discover and document the
Occure
nce is nce is potential risks. Let us follow the
nce is
rather Occurenc very following steps for that:
Occurenc unlikely
unlikely e is rather likely
e is very and
and likely and and Step 1: Identify the SWOT
unlikely may not
may not may not may not analysis resource(s). It is
DESCRIPT and is be
be be be important to work with
ION generally entirely
entirelly entirelly entirelly our on-site lifeguards and
controlled controll
controll controlled controll navigation operator to get
by ed by
ed by by ed by the number of incidents
following followin
followin following followin that have occurred in the
existing g
g existing g past and also the
process, existing
existing process, existing frequency of occurrence
procedure process
process procedure process since they will have a
s and ,
, s and , better sense of this
plans procedu
procedu plans procedu matter.
res and
res and res and  Step 2: Identify and list
plans
plans plans Organizational Strengths
and Weaknesses using
brainstorming. These are
INTERNAL - things for which we have control over.
 Step 3: Derive Opportunities associated with our goals and Threats
that could harm the project. These are EXTERNAL – outside of
business direct ability to control.

Jeetendra: In addition to what my colleagues have said, I would also

suggest performing Hazard and Operability (HAZOP) study. The goal of this
study would be to identify all the potential situations that might cause
hazards to our customers including the environmental hazard which will
help us in improving the operability of our system. We can consider 4 basic
steps in this process.
- Forming a HAZOP team
- Identifying the elements
- Considering variations in operating parameters
- Identifying any hazards or failure points.
This can also be ongoing, working to improve the process as we move along.

Nabina: We can also use scenario analysis to evaluate the risk. Let us
create scenarios and identify potential problems and also prepare different
ways to handle them. For example, one of the major risks is drowning for
which we can get more life jackets and provide each person the life jacket
when they hire the boat. By doing this, the outcomes will be visible given
the different scenarios and so will be the paths that lead to them from the
current situation, giving the room for scope to refine and adjusting the
plans accordingly.
Summi: Thank you guys for all your thoughts. As you all have suggested, let
us make our technique past-focused, present-focused and future-focused. I
hope you all will work on the methods and techniques you have provided
and collaborate with each other. Please reach out for any help you may
require in the process. Thank you for your time and contribution today.
Activity 3A
Estimated Time 15 Minutes
Objective To provide you with an opportunity to know how to assess likelihood of
risks
occurring; and assess the impact or consequence if risks occur.
1. Name three analysis techniques that you can use to
determine the likelihood of risks occurring?
Ans: The three analysis techniques that can be used to determine the
likelihood of risks occurring are:
i) Statistical analysis: This technique focuses on analysing through
the data, facts and figures to provide evidence of past situations.
The statistical analysis, however, does not provide any
information on the variables or influences that may have resulted
the outcomes.

ii) Casual analysis: This type of analysis focuses on the root cause of
the risks to figure out why something has, or, is repeatedly
happening. This helps to change or eliminate the future
occurrences of the risks.

iii) Consequence analysis: This type of analysis helps in identifying

the consequences of taking actions or in making decisions.

2. Provide a system of scale that you can use to show the impact of
risks.
Ans: A risk matrix can be used to show the impact of the risks which
provides an overview of the potential risks and also highlights the areas
of concern and any priorities that need to be worked on. A specific matrix
is a must which is designed to meet the particular needs of the project
and the risks are cautiously monitored. The levels of the risk matrix can
be as follows:
Keys:
L – low risk
LM – low/medium risk
M – medium risk
MH – medium/high risk
H – high risk.
Activity 3B
Estimated Time 15 Minutes
Objective To provide you with an opportunity to assess and prioritise risks for
treatment.
1. What are the hierarchy of controls?
Ans: The hierarchy of controls is a step-by-step process to eliminate or
reduce the risks in the workplace. It ranks the risk controls from the
highest level of protection and reliability through to the lowest
protection and reliability. It helps an organization in prioritising the risks
and managing them. It is a method for choosing risk control measures
that can be used by employees at every level of a company. Eliminating
the hazard and risk is the highest level while reducing the risk through
the use of protective personal equipment (PPE) is the lowest level.

The hierarchy of controls from highest to lowest level are:

i) Elimination
ii) Substitution
iii) Isolation
iv) Engineering controls
v) Administration controls
vi) Personal protective equipment (PPE)

2. How can these help to prioritise risks for treatment?

Ans: The hierarchy of control has six different levels of control measures; the
most effective measure is placed at the top of the hierarchy and the least
effective is at the bottom. It helps employers fulfill their Occupational Health
and Safety Act responsibilities. The employers are first instructed to
eliminate the risks and hazards by hierarchy of controls. If the risks cannot be
eliminated, they must work through the hierarchy and the most effective
controls should be selected.
Activity 4A
Estimated Time 15 Minutes
Objective To provide you with an opportunity to determine and select most
appropriate
options for treating risks.
1. Name three risk control strategies that you can use.

Ans: Risk control strategies are essential to resolve the issues of the risk.
However, the strategies depend on the type of risks involved. The three risk
control strategies that can be used are:
- Stop the risk: This strategy focuses on taking away or eliminating the
process/ element that is causing the risk.
- Treat the risk: This strategy focuses on stopping the action that is
causing the risk and instead changing this action to include controls
for risk elimination.
- Transfer the risk: This strategy highlights on shifting the element of
risk elsewhere.

2. Name three factors that may affect risk treatments.

Ans: The three factors that may affect risk treatments are:
- Expenditure and budgets
- Organisational and management needs and priorities
- Resource requirements
Activity 4B
Estimated Time 15 Minutes
Objective To provide you with an opportunity to understand how to develop an
action
plan for implementing risk treatment.
List five things that may be included in an action plan for risk
treatment.
Ans: The five things that might be included in an action plan for risk
treatment are:
i) Hierarchy of controls
ii) Treatment options
iii) Likelihood of risk occurring
iv) Monitoring options
v) Person(s) responsible
Activity 4C
Estimated Time 30 Minutes
Objective To provide you with an opportunity to communicate risk management
processes to relevant parties.
As a role play activity in the learning group, perform the following in
pairs:

Take turns to explain the risk management process, using verbal and, if
required, non-verbal techniques (e.g. non-verbal may include use of a chart or
diagram).

Ans:
Summi: Hello everyone. Thank you all for gathering here today in
such a short notice. As we have already identified and analysed the
risks in our previous meeting, there are steps taken to mitigate those
risks. However, I have received feedback from some of the staffs that
there were unaware of these steps. So, I gathered you all to discuss
the communication steps. I hope to have a great and valuable
contribution from you all as before.

Nabina: I was amazed to hear that the risk management processes

were not communicated properly. It is really important that the risk
management processes be communicated clearly with all the
necessary details. If the information is not provided correctly, the
person responsible might lack the direction and duties may not be
carried out properly. As communication is an important aspect in risk
management process, dissemination of clear and concise information
to all the stakeholders with up-to-date information is required.

Summi: That is so true Nabina. So, Mohsin what are your thoughts
on this?

Mohsin: Well, communication is really an integral part for any

project to be successful. I believe that verbal communication would
be effective in our case as the communication needs to occur within
the company itself first. As verbal communication occurs through
verbally communicating with people, it is expected to be
professional, courteous and respectful. It is also important to
understand the social and cultural differences and address the
audience accordingly as our company is diverse. The use of language
and terminology are expected to be appropriate and understandable.

Niyati: I completely agree with Mohsin. To communicate within the

company, we can use verbal form of communication to all our staffs
and even to our stakeholders. There are also some factors which we
should be considerate such as listening to the audiences, engaging
with them, facilitating open discussion platforms, acknowledging the
contribution and performing negotiation to arrive at mutually
acceptable outcomes. The risks can be informed to others in
presentations, trainings and inductions, conferences and meetings,
performance reviews, mentoring or coaching sessions. We can start
with conference sessions for all staffs. We can specify a date for
compulsory attendance of all staffs and provide our risk assessment
process. This way we can get feedback from the audience as well.

Summi: That’s a good idea Niyati. Please workout in your

departments to schedule the conference sessions on a day suitable
for everyone. What are your thoughts Jeetendra?

Jeetendra: I think non-verbal communication is also equally

important as verbal communication. No matter how much we try to
inform everyone, there might be some staffs and stakeholders who
will be left out in the process. Although non-verbal communication
does not involve direct talking to the people, the use of appropriate
language is still mandatory. As non-verbal communication uses
writings such as emails, letters, reports etc., body language and
gestures and visual presentations, the meaning of these
communication techniques might differ from culture to culture and
between social groups. So, care and appreciation should be shown to
the audience. When writing reports or compiling information, simple
plain English will help understand every targeted audience.

Summi: Hmm… that’s a really good point Jeetendra. After hearing all
these, I think we should adapt both of the forms of communication
so that everyone is informed of the risk management process.
However, as you all mentioned, let’s be mindful of different kinds of
audiences we have and address them accordingly both verbally as
well as non-verbally. Let’s start by being accountable for your own
departments to circulate the communication. Does anyone want to
add anything or any comments?

Mohsin, Nabina, Niyati, Jeetendra: Sounds good to us.

Summi: Well then, let’s stick to this plan. If you need any help, please
let me know. Thank you all for your time and valuable contribution.
You all have a good day.
Activity 4D
Estimated Time 20 Minutes
Objective To provide you with an opportunity to understand that all
documentation
should be in order and appropriately stored.
Why should you keep documentation of the risk management process
and activities and how should you store this information?

Ans: Documenting the results of risk management process Is an essential

step as following them in the future helps in preventing and minimising the
impact of hazards. Documentation is required to keep records for legal
requirement as well as for any future analysis. Documenting the risk
management process also helps in avoiding any future risks and for better
handling of the situations in the future.

This information can be stored in paper or electronically according to the

organisational policies and procedures. The records should be stored in such
a way that all the relevant stakeholders can access them when required.
Copies should also be made available to all the staffs for maintaining the
correct documentation process.
Activity 4E
Estimated Time 15 Minutes
Objective To provide you with an opportunity to understand the need to implement
and
monitor the action plan.
1. How can an action plan help in managing risk and what should you
include in one?
Ans: An action plan helps to identify the potential risks that a business might
face and also outlines the strategies on tackling those problems. The action
plan helps in eliminating the negative risks and promote positive risks. An
action plan provides guidance to deal with hazards and deals. It is created to
ensure that right actions are carried out when required in a timely manner.

An action plan should include:

- Overview of risk management needs
- Response to dealing with the risk
- Documentation of the plan which may include approach being used,
responsibilities assigned, information on stakeholders involved and
any approval or organisational process involved.

2. Name three things you should monitor when implementing plans.

Ans: The three things that should be monitored when implementing plans
are:
1. The hierarchy of control
2. Training the relevant employees in the execution of the action
plan.
3. Making sure that the employees stick to the plan.
Activity 4F
Estimated Time 15 Minutes
Objective To provide you with an opportunity to know how to evaluate the risk
management process.
1. When should you evaluate risk controls?

Ans: In order to reduce the potential harmful impact of hazards, the risk
controls should be evaluated continuously and regularly. This helps in
reviewing and improving the risk management process leading to efficient
and effective processes. Evaluation of risk controls should be done:
- At the outset of new projects
- When there is a change in working practice or business
- When there is a change or addition to the types of equipment,
systems and processes in use
- When a new premise or new working area is introduced.

2. Name three things you should consider when evaluating implemented

risk controls.

Ans: When evaluating the implemented risk, the three things that should be
considered are:
1. The advantages and disadvantages of using each measure

2. Looking for the most effective control measure.

3. Affordable control measures.

Summative Assessments
The summative assessments are the major activities designed to assess the learner’s skills,
knowledge and performance, as required to show competency in this unit. These activities should
be completed after finishing the Learner Guide. These should be completed as stated under
the trainer/assessor instructions.

Skills, knowledge and performance may be termed as:

 Skills – skill requirements, required skills, essential skills, foundation skills

 Knowledge – knowledge requirements, required knowledge, essential

knowledge, knowledge evidence

 Performance – evidence requirements, critical aspects of assessment, performance

evidence.

Section A: Skills Activity

The Skills Activity is designed to be a series of demonstrative tasks that should be assessed by
observation (by the assessor or third party, depending on the circumstances).

It will demonstrate all of the skills required for this unit of competency, and observation
should be recorded in the relevant section of the Observations/Demonstrations document.

Section B: Knowledge Activity (Q & A)

The Knowledge Activity is designed to be a verbal questionnaire where the assessor asks the
learner a series of questions to confirm their competency for all of the required knowledge in
the unit of competency.

Section C: Performance Activity

The Performance Activity is designed to be a practical activity performed either in the workplace or a
simulated environment. The learner should demonstrate the required practical tasks for the unit of
competency and be observed by the assessor and/or third party, as applicable to the situation.

The observation should be recorded in the relevant section of the Observations/Demonstrations

document.

Note: The learner should have completed written answers, portfolios or any evidence of
competency should be attached to the learner workbook.
Summative Assessments answer guide

Section A: Skills Activity

Objective: To provide you with an opportunity to show you have the required skills for this unit.

This activity will enable you to demonstrate the following skills:

 Reading
 Writing
 Oral communication
 Numeracy
 Navigate the world of work
 Interact with others
 Get the work done

Answer the activity in as much detail as possible, considering your organisational requirements.

1. As a workplace activity (or simulated workplace activity) review your current risk
management policy to ensure it is appropriate to your current organisation’s risk
management needs. As part of your review, you should:

 Identify the main aspects and how this is used within procedures
The main aspect of the risk management policy of my organization is establishing a positive culture in
the workplace as my organisation believes that positive culture is the key to establishing an effective
risk management framework. Promoting the positive cultural action such as honesty, integrity, fairness
and accountability, the organisation communicates its values to all the employees. As my current
organisation is a warehouse, there is a high risk of physical injuries. The organisation’s main value is
ensuring safe and healthy work environment to all its team members and customers. So, ‘safety’
becomes a part of everyday values and actions and not an extra task.

To ensure safety in the workplace, each and every team member is provided trainings regarding the
safety risks that can occur during the work duration. Training and documentations are also made
available on what can be done to minimise the risks and how they can be handled effectively if the risks
occur. If required, help or assistance are made available to everyone. All these trainings are a part of
recruitment policies and procedures. On top of that, wearing personal protective equipments,
conducting periodic checklist inspections are a part of daily operational activities which helps in
minimising the risk of physical and on-site injuries.

 How others follow current policy and procedures and how easy/applicable this is to needs
Each and every employee working in the organisation are liable to follow the policies and procedures.
Many trainings are available on the intranet and there is also regular monitoring of the safety
responsibilities by the managers. Posters, templates and fun ideas are encouraged throughout the
store. Safety champions are recognised each month and awarded for their good job. Recently, mobile
app has also been introduced where trainings and development can be done through the app itself
anywhere anytime. So, each and every team member are updated with the current safety policies and
are applying to their daily tasks.

 Write a report to show your findings and/or conclusions.

 Findings and conclusion: As everyone in the organisation are aware of the behaviours, decisions and
attitudes that are expected, supported and valued by the company, the injuries rate is decreasing every
month. Not only the values are acknowledged, but everyone also takes accountability of their own
actions which reflects that they understand why they need to do it. Every hazard are looked proactively
and risks are managed before they cause any harm. In conclusion, it can be said that there is effective
communication and risk management policies in my organisation.

2. Following on from question 1, perform an analysis of the risk assessment tools

and technologies available for use by those in your organisation and produce a
second report to show your findings.
Ans: Bunnings Warehouse executes a strong risk culture framework to evaluate the
risk management of the company. In this framework, all the materials risks are
evaluated and assessed along with the cultural risks. The organisation recognises that
risk is a part of doing business and the organisation is committed to identifying,
monitoring and managing the material risks associated to the business activities.

The main tools and technologies used for risk assessment are the surveys within the
employees of the organisation, stakeholders and also the feedback from the
customers and team members. Hazard and Operability (HAZOP) study is also
performed to identify the current risks and monitor them accordingly. The risk
management framework is reviewed annually to satisfy the operational criteria set by
the organisation and the organisation is operating with due regard to the risk
appetite set by the committee. Based on the report, strategies are put in place for
effective and efficient operation of the organisation.

With the data generated from the surveys and HAZOP study, it has shown that the
frequency of injury rate is decreasing each month. Customers as well as employees
are satisfied with the safety instructions that organisation has put in place.
Technologies such as mobile app, trainings on the intranet, demo video learning
sessions, interactive sessions have played a great role in creating awareness to the
employees. Bunnings’s methods meet the Global Risk Management Standard
ISO31000, and the effective strategies make an organisation successful.

3. Consult with your relevant manager/stakeholder to discuss your reports in order to

confirm understanding and to discuss the need for any changes (if applicable).
Ans: Risk management strategies is not done by a single individual. The strategies are accomplished
when everyone in the organisation is on the same page and values the strategies. So, every strategy
should be discussed with the managers or relevant stakeholders in order to finalise if the tools and
techniques being used are correct and the strategies developed liaise with the organisational needs.

The above findings when shown to the manager, she not only agreed to my findings but only
mentioned that the surveys and feedback we are getting from our team members are overwhelming.
Awarding the employees who value the organisation’s policies have left a positive impact on everyone
and they are encouraged to work together on it. Despite all these strategies, there are still some
unavoidable risks and management is working together to minimise the risks.

This activity will need to be observed by the trainer/assessor or third party, and all
observations recorded in the observations and demonstrations checklist document.
 Section B: Knowledge Activity (Q & A)
Objective: To provide you with an opportunity to show you have the required knowledge
for this unit.

The answers to the following questions will enable you to demonstrate your knowledge of:

 The purpose and key elements of current risk management standards

 The legislative and regulatory context of the organisation in relation to risk management
 Organisational policies, procedures and processes for risk management

Answer each question in as much detail as possible, considering your organisational

requirements for each one.

1. What are risk management standards and what are the key elements of these?
Ans: Risk management standards are the set of specific strategic processes that starts with the objectives
and aspirations of the organisation. These standards are used for identification of the risks and reducing
the risks with the help of methods, techniques and relevant solutions. Bunnings figured out that the risks
arising are the material risks. So, the organisation designed strategies in collaboration with all the relevant
stakeholders to manage the risk. The standards help and guide the organisation in carrying out the risk
management processes in a systematic way making with compliant with the organisational policies and
standards. Risks faced by the organisation is managed on an enterprise level with the risk management
framework so that all material risks can be identified, assessed and reduced with the relevant facts and
figures.

The key elements of risk management standards are:

 Identify the risk: The organisation’s risks are identified and prioritise providing quality inputs to decision makers
for formulating effective risk responses. Attributes such as impact of the risk, likelihood, velocity and persistence
are taken into consideration.

 Source the risk: Once the risks are identified, the source of the risks are also traced. If the sources are identified,
risk metrics are easier to design.

 Measure the risk: Quantitative and qualitative risk measures are applied as all the risks are not quantifiable. Some
of the methodologies that can be used are risk rating, cost analysis, stress testing, sensitivity analysis etc.

 Evaluate the risk: The risks are prioritised, and the appropriate risk response is chosen. The four categories of risk
response are: avoid, accept, reduce and transfer.

 Mitigate the risk: Any gaps in the risk management are identified and the gaps are improved to implement the risk
response.

 Monitor the risk: Continuous monitoring is required for risk management processes to be effective. Dashboards
and scorecard reporting can be used to address specific needs.

2. For your organisation, describe the legislative and regulatory needs to fulfil risk management.

Ans: The legislative and regulatory needs to fulfill risk management for Bunnings focuses on its
stakeholders that must be taken into consideration while developing the risk management process. The
legislative and regulatory requirements are as follows:   
o The environment, health and safety, privacy, employment opportunity legislation dealing with all these
factors. So, the company decides to focus on these factors and evaluate the regulations and follow
legislative norms.

o Business permits, land planning, traffic management, safety standards, community interaction, operating
procedures, management procedures.

o Bunnings focuses on the sustainability approach by effective governance structure, constructive with the
stakeholders and show accurate report on the material issues. The company board maintains external
issues as well as the internal issues by focusing on these reports. HSE committee (health, safety, and
environment) focuses on leadership, and provide support where required.

o The members of the Board of Wesfarmers are accountable for the management of sustainability issues and
the responsibility is under Bunnings’s warehouse committee.

o Bunnings’s assurance function, including Internal Audit, plays a key role in reviewing the effectiveness of
Bunning’s compliance and control systems, including risk management.

3. What do organisational policies and procedures for risk management provide?

Ans: The policy is a course of actions and guidelines to be followed whereas the procedures are the essence of
the policy which outlines what needs to be done to complete the policy. Policies establish guidelines, best
practices and boundaries at the business. Some of the policies that my organisation follows are code of
conduct, health and safety policy, quality policy, environmental policy, risk management policy, continuous
disclosure policy, diversity policy etc. The organisational policy guidelines are formulated and adapted by
the organisation to reach its long-term goals and achieve the objectives which are beneficial to the
organisation. Policies allow employees to identify what the organisation expects from them. The
procedures for risk management helps in identifying the risk factors, analyse them and prioritise them.
After the risks have been analysed and prioritised, risks are evaluated, treated and monitored.

The purpose of organisational policies and procedures for risk management is to ensure that everyone has
access to a safe working environment in the workplace. Every job comes with a risk. However, every
employee must utilise the organisational policies and procedures for risk management to ensure that the
risk is as much low as possible. They provide a roadmap for day-to-day business activities and also ensure
compliance with laws and regulations providing guidance for decision-making and streamlining the internal
processes within the organisation.
 Section C: Performance Activity
Objective: To provide you with an opportunity to demonstrate the required performance
elements for this unit.

This activity will enable you to demonstrate the following performance evidence:

 Analyse information from a range of sources to identify the scope and context of
the risk management process including:
o stakeholder analysis
o political, economic, social, legal, technological and policy context
o current arrangements
o objectives and critical success factors for the area included in scope
o risks that may apply to scope
 Consult and communicate with relevant stakeholders to identify and assess risks,
determine appropriate risk treatment actions and priorities and explain the risk
management processes
 Develop and implement an action plan to treat risks
 Monitor and evaluate the action plan and risk management process
 Maintain documentation

Answer the activity in as much detail as possible, considering your organisational requirements.

1. As a workplace activity (or a simulated workplace activity) perform a risk assessment of

one area/aspect in the workplace, this should include:

 Using a risk management process

 Identifying the objectives of managing the risk area
 Gathering information from a variety of sources
 Considering any political, economic, social, legal, policy, technological factors applicable
 An analysis of the relevant stakeholders involved
 Determining the risks
 A look at current treatments/processes in place
 The critical success factors that can help achieve objectives.

Ans: The main objective of the risk assessment is to analyse the areas which are affected by the risk factors.
The risks highly affect the reputation of the organisation if they are not resolved on time. So, it is necessary
that the organisation follows risk management processes which are listed below:
1) Identify the risk
2) Source the risk
3) Measure the risk
4) Evaluate the risk
5) Mitigate the risk
6) Monitor the risk

Bunnings being a warehouse, the quality of the materials is very important. If quality goods are not
supplied from the suppliers and they are sold to the customers, it hampers the reputation of the company.
There won’t be estimated profit to operate the business smoothly. This then directly affects the employees
as well their working hours and also the wages they are getting. So, information should be gathered on
such risks to evaluate them and eliminate them if required. The effective way to gather information is by
performing surveys and getting customer feedback and reviews of the product. This can be conducted
online or through forms distributed within the store or through questionnaires as well.
The political, economic, social, legal and technologies factors should be considered while performing risk
assessment as they determine the level of risks as well. The risks are analysed by the relevant stakeholders
or shareholders based on the information gathered. As not only the reputation of the organisation is
affected, but also the shareholders’ and investors’ investment are at risk. So, the evaluation method should
include current resolving tools and techniques which can also assist in predicting the future risks.

2. Following on from your initial information gathering and analysis, consult with the
relevant stakeholders to discuss and determine the risks, the likelihood of these
occurring, the consequences of these, and to formulate risk treatment plans. You
should also inform them of the risk management process.

Ans: After gathering or collecting information, discussion and evaluation is performed with the relevant
stakeholders to determine the risk and also to analyse the cases or the issues they might face in the future.
The organization will always take into account the stakeholders’ as they are the ones mostly affected by
the risks. It can also be said they help the company economically, socially or politically.

As there are different departments in the warehouse, lately the power garden section was found to
generate less budget than estimated. Also, there were many returns from that department; especially the
battery operated lawn mowers. This was categorised as high priority as the department is the highest
revenue generating department and negative feedback on the product means loss to the organisation.

While going through all the return slips and the feedback customers were giving, a specific brand lawn
mower was found be faulty. This was not only in the products that was delivered in a single batch, but
continuously happened to occur in different batches. So, there was a high possibility that it will happen in
the future as well. To solve this issue, different hierarchy of controls were used along with the risk
treatment.
- Firstly, the records were documented including the customer feedback- administration controls
- All the lawn mowers of that specific brands were then isolated, and the supplier was notified of the
issue.
- After the supplier agreed on taking the products back, the lawn mowers were completely
eliminated from the store and labelled as a ‘quit’ item which means that they were not going to be
sold in the store anymore.
- The lawn mower was then substituted with another brand which provides the same features as the
eliminated lawn mower.

So, in this risk management process, the risk was identified first (low revenue in power garden
department) followed by identification of the source (faulty lawn mower). The risk was measured to be
high as the department generated high revenue and loss in the department means loss in the business. The
risk was then evaluated (contacted the supplier for returns of the products, isolated and eliminated),
mitigated (the purchase amount was returned by the supplier) and monitored (the substituted product
was continuously reviewed).

3. From questions 1 and 2, develop an action plan to treat the risks and implement this.
You should monitor and evaluate this over a period of time (as decided with your
trainer/assessor) and complete your reporting and recording requirements to
document your work to organisational requirements.
 Ans: Risk action plan

Description of identified situation of risk:

Power garden department generating less revenue than the allocated budget.
Potential impact of the risk: Comments on the risk:
Negative risk resulting in loss of Customers returning the product
revenue after single use due to
malfunctioning of the mower.
Recommendations: Proposed action:
- Isolate the product and not to sell -Discuss with management team
to the customers until further - Contact the supplier and discuss
anlaysis is done. the issue

Staff involved and responsibilities assigned:

-Receptionist to collect the feedback from the customers.
-Power garden team members to isolate all the Ozito battery operated lawn mowers.
-Power garden coordinator to contact the supplier and discuss the issue.

Timeliness:
2 weeks
Required reports:
Product information report
Survey data
Budget report
Authorised by: L. Oliver (Operation Date: 30/03/2021
Manager)
Implementation comments: (To be confirmed)

Risk treatment plan:

Risk Hierarchy of Treatment Likelihood of Monitoring Person(s)

control(s) options risk occurring options responsible
Customer Administration Documenting High Ensure to L. Smith
providing the feedback provide
negative and forwarding relevant
review on the to the relevant information to
product department the customers
as to look for
other options
as there is
variety of lawn
mowers
Supplier not Isolation The products High Ensure that the Power garden
acknowledging Elimination are kept on isolated department.
their Substitution isolation, product is not
manufacturing eliminated sold to the
fault once the customers.
supplier agrees
and substituted
with another
product.
This activity will need to be observed by the trainer/assessor or third party, and all
observations recorded in the observations and demonstrations checklist document.
.