BSBRSK501

Risk assessment

Name of the student

Name of the course

Student ID

Date

1|Page
 Table of contents

Question and Answers.................................................................................................................................4

Question 1: The current risk management standard in Australia............................................................4
Question 2: The key principles for the current risk management standard............................................4
Question 3: Purposes of the present risk management standard...........................................................5
Question 4: Briefly explain the elements in the risk management process.............................................5
Question 5: The relationship between the legislative instruments and WHS, Environmental law and
Industrial relations...................................................................................................................................5
Question 6: The importance of procedures and policies in the risk management system and the
purpose of each document......................................................................................................................6
Question 7: Contents of a risk management policy, procedures and processes......................................6
Assessment task part B................................................................................................................................7
Task one..................................................................................................................................................7
Task two..................................................................................................................................................8
Risk assessment matrix........................................................................................................................8
Email to team members..........................................................................................................................9
Task three..............................................................................................................................................10
Task four................................................................................................................................................11
References.................................................................................................................................................13

2|Page
 List of tables

Table 1 Risk assessment matrix...................................................................................................................8

3|Page
Question and Answers

Question 1: The current risk management standard in Australia

The Australian standards for risk management have been improved after including the new ISO
and TQM standards in their risk management systems. The Australian standards for risk
management include the standards for AS 4360:2004 that are currently adopted and used by
the businesses. The standard provides a generic level of guideline for managing risks inside the
businesses. The elements of the risk management process are applicable in the economic and
the industrial sectors. The designing and implementation of the risk management system are
influenced by the changing needs of the organisation mainly the objectives, services and
products. Some other risk management standards adopted by the Australian risk management
systems include the HB 436 laws that provide the basic risk management guidelines in relation
with the AS/NZS 4360 business standards. These standards provide the guidelines for designing
the risk management systems and also for designing the supporting strategies because these
standards contain the essence from the AS 4360 laws (Australian council, 2014).

Question 2: The key principles for the current risk management standard
The key principles for managing the risk management standards revolve around the principles
of risk identification, risk analysis, risk control and risk financing. The concepts of risk
identification revolve around the identification of the internal and the external level of risks
inside the business. The concept of risk analysis explains the categories for controlling and
managing the risks. The impact and the occurrence of the identified risks are explained in the
risk analysis segment. The risk control is the element inside the risk management process
explaining the strategies of mitigation explaining about the solutions for controlling and
handling these risks. Risk financing is explained as the amount of resources required for
developing a risk management standard and system inside the workplace (Bezis, 2014).

Question 3: Purposes of the present risk management standard

The purpose of the risk management system inside the workplace is to identify and explore the
potential problems present inside the system before they occur impacting on different level of
business operations and systems. The purpose of the risk management standard is to handle
the activities that can be planned before the risks are expected to occur and impact on the
business operations. The purpose of the risk management standard inside the workplace is to
identify the potential solutions or mitigation strategies that can help to control the potential
risks or threats in the business. Risk management is a continuous looking approach that is an
important part of the business because it addresses the issues that can endanger the business
objectives. The adoption of a risk management standard allows the business to develop a

4|Page
strong level of commitment because the business is prepared for any unexpected risks or
threats (Torabi, Giahi and Sahebjamnia, 2016).

Question 4: Briefly explain the elements in the risk management process

The key elements present inside the risk management process revolved around the elements of
process, integration, culture and infrastructure. The key elements in the risk management
process explain the process for risk management which means the overall structure adopted by
the company for handling the risks and for identifying the risks. The element of integration
explains the different principles and concepts of risk management to be included in the risk
management structure. The element of culture in the risk management process explains the
internal culture of the company and how the culture is used for the risk management process.
The element of the infrastructure inside the risk management process explains the structure
adopted by the company. These elements are present inside the risk management process
because these elements help in developing the strategies, operating philosophies,
organisational structure, etc. (Jagodzińska, 2018).

Question 5: The relationship between the legislative instruments and WHS, Environmental law
and Industrial relations
The legislative instruments are explained as the laws and policies that are designed by the
higher authorities under which companies and individuals need to work. These legislative
instruments are connected with every business process and business environment. The world
health and safety business requirements, the environmental laws in Australia and the Industrial
relations are all connected with the legislative instruments. This relationship is strong and direct
because the WHS requirements are also designed around the risk management and quality
assessment standards that are designed by the international agencies (Jiang, Yu, Hailey, Ma and
Yang, 2016).

Question 6: The importance of procedures and policies in the risk management system and the
purpose of each document
The importance of the policies and procedures inside the risk management system are there to
ensure the safety of the workplace. Some jobs come with due risks and employers need to use
the desired set of policies and procedures for developing the risk management standards. The
well-defined procedures, processes and policies are there to analyse the target state and
existing state outlining the current requirements. For instance, the organisation has
documented the process for declining the IT access for the employee who is leaving the
workplace. This process is present inside the procedure alongside the processes including the
technologies and monitoring activities. The policies and procedures present inside the risk
management system help in developing a structured system (Jagodzińska, 2018).

5|Page
Question 7: Contents of a risk management policy, procedures and processes
The contents present inside the risk management policy, processes and procedures are
connected with the culture and structure of the company. The risk management process is
designed as the processes and culture for the systematic application for the procedures,
policies and practices for establishing the context for analysing and identifying the risks. The key
principles for managing the risk management standards revolve around the principles of risk
identification, risk analysis, risk control and risk financing. The concepts of risk identification
revolve around the identification of the internal and the external level of risks inside the
business.

6|Page
Assessment task part B

Task one
Hello to all team members,

This email is generated for discussing about some important points that will be
discussed inside the meeting. The risks that are the major concern of the stakeholders will be
addressed inside the meeting so we can have an agenda for the meeting. Upon the basic
discussion we have come upon some major concerns that are associated with increasing
operational costs, the resistance to change, the decrease in the overall motivation of the
employees and the costs associated with training. The risk management policy and procedure
will help in supporting the risk management and identification process because the new policy
will be connected with the new risks and the objectives designed around the new risk
assessment plan. The new risk assessment plan will include the contingency plans and the
strategies that will be developed for mitigating the large and small risks. The meeting will also
discuss on the alternative options that need to be included in the process of risk assessment.
The risk assessment process can be completed with the help of internal expert help or we can
hire an external risk assessor or risk manager for handling the entire situation. The alternative
option of giving more power to the employees is also present that will help in improving the
objective setting and strategy development as well. We are also conducting this meeting so we
can sort out the different strategies and contingency plans for treating these risks. A lot of
opinions and feedbacks have been coming since the last few weeks from the team members.
The official meeting will be conducted for analysing different suggestions for treating the risks
that have been identified by the stakeholders in the business. The costs incurred for the small
meeting will be allocated in the official office budget because this meeting is important for
analysing the overall risk assessment plan for the business. The budget allocated for analysing
different treatments for the risks will also be discussed and the main concern of the
stakeholders for improved operational costs will also be addressed because some of the
treatments state new systems and the adoption of different training systems. The risks
identified are highly dangerous in terms of impacting the overall business operations and the
motivation level of the employees. Inside the meeting, we will discuss the status of the
consequences for these risks because we need to treat these risks for getting effective level of
business operations. The macro environmental factors have an impact on our business but they
will not have a direct level of impact on our business and we will address these elements inside
the meeting. The meeting will address the legislative level and the political level of impact on

7|Page
the risks and the business. The priority risks to be considers include the risks associated with
the employees and the overall cost increase. The idea on how the risks will be reduced and
what consequences will be observed will be addressed inside the meeting and we will also
discuss on the outcomes of the consequences as well. The external factors like the economic,
legal and political factors associated with the company and the risks will be discussed. The
internal factors including the legal, economics and technological will also be addressed. The
meeting will address all these aspects including the most important risks and the treatment for
these risks will also be discussed inside the meeting. I am requesting all members to attend this
meeting so they are part of the new risk assessment framework and we will also address the
business performance and the consequences of the risks and the impact of the treatments we
have addressed. Kindly check the supporting documents attached with this email.

Kind regards,

XYZ

Task two

Risk assessment matrix

LIKELIHOOD CONSEQUENCES
Risks Insignificant Minor Moderate Major Catastrophic
Certain The risk of High Medium Low High High
slipping on
the floor
Likely The risk of High Medium High High High
conflicts
from the
change
Moderate The risk of Medium High -- -- --
turnover
increase
Unlikely The risk of High -- -- Low Medium
decrease in
the
motivation
Rare The risk of Low -- Medium High Low
increasing
the
operational
costs
Table 1 Risk assessment matrix

8|Page
Email to team members
Dear team members,

After the discussion and the meeting I would like to inform you that we have
made some changes in the risk assessment plan and on the basis of this plan we have made the
assessments and we will now discuss these changes in the new meeting. The documentation
required for the new meeting will be addressed in the meeting and we will identify the
treatments and the actions that will be taken for the risk assessment plan. The discussion has
addressed the issue of decrease in the motivation of the employees because employees have
been an important part of the risk assessment plan. The changes made in the risk assessment
plan are based on the costs allocated for the risk assessment plan. It has been decided that risk
manager will be hired for the risk assessment plan. The risk manager will undertake
investigation on the subject and will analyse the internal and the external environment of the
company. The analysis of the internal and the external environment will be based on the
research conducted by the risk manager. It has also been decided that coaching and on-the-job
training will be used for the employees that are lacking and believe that the new system is
challenging. Some suggestions were also presented in respect with internal conflicts among the
team members regarding the allocation of the budget. The stakeholders have presented views
that a balanced budget will be given for all the employees so they can enjoy the respective
financial independence and they can also avoid the conflicts they have with their team
members. All these aspects have been discussed inside the risk assessment and a new risk
assessment matrix has also been developed and this matrix is attached in this email as well. The
risk assessment matrix will be discussed in the new session and it is a request to all the team
members for attending the new session. Kindly check the supporting documents attached with
this email.

Kind regards,

XYZ

Task three
 Assessment on the risks: The risks that were identified inside the meetings were
associated with increasing operational costs, the resistance to change, the decrease in
the overall motivation of the employees and the costs associated with training. The risk
management policy and procedure will help in supporting the risk management and
identification process because the new policy will be connected with the new risks and
the objectives designed around the new risk assessment plan. After careful discussion

9|Page
 and analysis a risk assessment plan was devised analysing the controlling measures and
the treatment for managing and controlling these risks. Two structured and formal
meetings were conducted for analysing the risks and also for understanding the
strategies and treatment measures for these risks.
 Analysis on the treatment options: The analysis on the treatment options is direct
because the treatment for the risks was designed by the suggestions and the feedback
presented by the team members. The risk assessment has remained positive because
the company hired an external manager who was given the responsibility of handling
the risks. The internal conflicts reduced and the treatments for controlling the risks have
also given positive reviews. However, the external risk manager has introduced a new
system that has not been accepted by the team members. Change resistance has been
observed from the employees and the treatment for handling the change has not been
managed.
 Assessment on the sufficiency of the risk controls: The sufficiency in the risk controls and
the layers developed by the risk manager for controlling and handling the internal level
of business performance has been positive. The overall reviews and the feedback
presented by the risk assessor and the risk manager have remained positive. The risk
manager has developed strong connections with the top managers of the business. The
connections with the top managers have improved the internal level of work related
performance and also improved the employee relations. The control adopted for
handling the employees has provided positive feedback and the employees have also
given good reviews.
 Analysis of the risk assessment: Overall, the risk assessment plan has remained positive
for the business because this plan has undertaken a good source of information
internally and the employees are feeling more connected with the workplace. During
the risk assessment plan the concerns of the employees were addressed and on the
basis of these concerns the company has developed a strong level of risk assessment
framework that was revised twice because the feedback was incorporated inside the
risk assessment matrix.
 Revised risk assessment: On the basis of the revised risk assessment actions were taken
and they had given positive feedback overall in the business resulting in creating
positive outcomes for the business. After careful discussion and analysis a risk
assessment plan was devised analysing the controlling measures and the treatment for
managing and controlling these risks.

Task four
Dear team members,

10 | P a g e
 After the discussion and the meeting we have explored the outcomes from the risk
assessment plan and the strategies that were undertaken during the risk assessment plan. We
undertook the first meeting for addressing the most common concerns and the outcomes from
these concerns in the business. The risks that are the major concern of the stakeholders will be
addressed inside the meeting so we can have an agenda for the meeting. Upon the basic
discussion we have come upon some major concerns that are associated with increasing
operational costs, the resistance to change, the decrease in the overall motivation of the
employees and the costs associated with training. The risk management policy and procedure
will help in supporting the risk management and identification process because the new policy
will be connected with the new risks and the objectives designed around the new risk
assessment plan. The new risk assessment plan will include the contingency plans and the
strategies that will be developed for mitigating the large and small risks. The agreed treatments
for the risk assessment plan were based on the mitigation of the existing risks with the help of
new framework, adoption of risk manager and allocation of effective budget in each
department. This has helped in exploring the risks and also in determining the treatments for
these risks. The date and the scope decided for the follow up risk assessment plan was
12august where we discussed on the consequences and outcomes of the risk assessment plan.
The sufficiency in the risk controls and the layers developed by the risk manager for controlling
and handling the internal level of business performance has been positive. The overall reviews
and the feedback presented by the risk assessor and the risk manager have remained positive.
The risk manager has developed strong connections with the top managers of the business.
Upon meeting and careful analysis it has been identified that the risk assessment framework
and the risk assessment plan has provided positive outcomes in business. Overall, the risk
assessment plan has remained positive for the business because this plan has undertaken a
good source of information internally and the employees are feeling more connected with the
workplace. During the risk assessment plan the concerns of the employees were addressed and
on the basis of these concerns the company has developed a strong level of risk assessment
framework that was revised twice because the feedback was incorporated inside the risk
assessment matrix. All these aspects have been discussed inside the risk assessment framework
and the risk assessment plan. The overall outcomes of the plan have been positive and the
team is committed that they will design a significant system for the coming months as well
which will be used for effectively analysing and understanding the risk assessment plan. Kindly
check the supporting documents attached with this email.

Kind regards,

XYZ

11 | P a g e
References
Australian council. (2014).Risk Management Framework Polic. [online] Available at:
https://www.australiacouncil.gov.au/workspace/uploads/files/risk-management-policy-
framewo-544f3b1beeb16.pdf.

Bezis, J.N. (2014). Integrating Portfolio Risk Management into the ERM Framework. SSRN
Electronic Journal.

Jagodzińska, N. (2018). Key changes to the ISO 9001, ISO 14001, ISO 27001 management
standards in the approach to the organizational context including risk management. Transport
Economics and Logistics, 78, pp.103–112.

Jiang, T., Yu, P., Hailey, D., Ma, J. and Yang, J. (2016). The Impact of Electronic Health Records
on Risk Management of Information Systems in Australian Residential Aged Care
Homes. Journal of Medical Systems, 40(9).

Rehacek, P. (2017). Risk management standards for project management. International Journal

of Advanced and Applied Sciences, 4(6), pp.1–13.

Torabi, S.A., Giahi, R. and Sahebjamnia, N. (2016). An enhanced risk assessment framework for
business continuity management systems. Safety Science, 89, pp.201–218.

12 | P a g e