The Evidence Guide specifies the evidence required to demonstrate achievement in the unit of competency as a whole. It must be read in conjunction with the Unit descriptor, Performance Criteria, the Range Statement and the Assessment Guidelines for the Public Sector Training Package.

Units to be assessed together

Pre-requisite units that must be achieved prior to this unit:Nil

Co-requisite units that must be assessed with this unit:Nil

Co-assessed units that may be assessed with this unit to increase the efficiency and realism of the assessment process include, but are not limited to:

PSPETHC601B Maintain and enhance confidence in public service

PSPGOV601B Apply government systems

PSPGOV602B Establish and maintain strategic networks

PSPLEGN601B Manage compliance with legislation in the public sector

PSPMNGT602B Manage resources

PSPMNGT604B Manage change

PSPMNGT605B Manage diversity

PSPMNGT609B Formulate business strategies

PSPMNGT611A Manage evaluations

PSPMNGT612A Review and improve business performance

PSPMNGT613A Develop partnering arrangements

PSPMNGT614A Facilitate knowledge management

PSPPOL603A Manage policy implementation

Overview of evidence requirements

In addition to integrated demonstration of the elements and their related performance criteria, look for evidence that confirms:

the knowledge requirements of this unit

the skill requirements of this unit

application of the Employability Skills as they relate to this unit (see Employability Summaries in Qualifications Framework)

management of risk in a range of (2 or more) contexts (or occasions, over time)

Resources required to carry out assessment

These resources include:

legislation, policy, procedures and protocols relating to risk management

Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised

Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised

other national and international standards relating to risk management such as SIRCA 8001:2003

case studies and workplace scenarios to capture the range of risk management situations likely to be encountered

Where and how to assess evidence

Valid assessment of this unit requires:

a workplace environment or one that closely resembles normal work practice and replicates the range of conditions likely to be encountered when managing risk, including coping with difficulties, irregularities and breakdowns in routine

management of risk in a range of (2 or more) contexts (or occasions, over time)

Assessment methods should reflect workplace demands, such as literacy, and the needs of particular target groups, such as:

people with disabilities

people from culturally and linguistically diverse backgrounds

Aboriginal and Torres Strait Islander people

women

young people

older people

people in rural and remote locations

Assessment methods suitable for valid and reliable assessment of this competency may include, but are not limited to, a combination of 2 or more of:

case studies

portfolios

projects

questioning

scenarios

authenticated evidence from the workplace and/or training courses

For consistency of assessment

Evidence must be gathered over time in a range of contexts to ensure the person can achieve the unit outcome and apply the competency in different situations or environments

This section describes the essential skills and knowledge and their level, required for this unit.

Skill requirements

Look for evidence that confirms skills in:

applying legislation, regulations and policies relating to risk management

researching and analysing the wider context affecting the organisation

assessing and evaluating risks

monitoring and reviewing risks and risk treatments

using communication and consultation with a diverse range of stakeholders

applying problem solving using conceptual and reasoning skills

using formal language and style for written plans

engaging in discussion using exchange of complex oral information

using a variety of words and language structures to explain complex, formal documents and assisting others to apply them in the workplace

responding to diversity, including gender and disability

applying procedures relating to occupational health and safety and environment in the context of risk management

Knowledge requirements

Look for evidence that confirms knowledge and understanding of:

legislation, regulations, policies, procedures and guidelines relating to risk management

Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised

international standards such as SIRCA 8001:2003

Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised

risk management cycle

the relationship of risk to context - how the context may define the risks

the importance of consultation and communication at every stage of the risk management cycle

legal requirements related to the activity

whole-of-life considerations

approval processes

range of evaluation methodologies

the diversity of risks in the public sector

equal employment opportunity, equity and diversity principles

public sector legislation such as occupational health and safety and environment in the context of risk management

The Range Statement provides information about the context in which the unit of competency is carried out. The variables cater for differences between States and Territories and the Commonwealth, and between organisations and workplaces. They allow for different work requirements, work practices and knowledge. The Range Statement also provides a focus for assessment. It relates to the unit as a whole. Text in bold italics in the Performance Criteria is explained here.

Business unit may refer to:

a program

sub-program

cost centre

area

division

branch

production unit or section located within the organisation

Organisational context may include:

the organisation, how it is organised, and its capabilities

any official resources, including physical areas and assets, that are vital to the operation of the organisation

key operational elements and services of the organisation

any major projects

Strategic and risk management context may include:

the relationship between the organisation and the environment in which it operates

the organisation's functions:

political

operational

financial

social

legal

commercial

the various stakeholders and clients

Stakeholders may include:

employees

managers

volunteers

unions

financial managers

self-insurers

clients

suppliers

contractors

service providers

community organisations

the public

Risk management:

is a logical and systematic process of identifying, analysing, evaluating, treating, and monitoring risks related to any strategy plan, process, program or procedure that will enable the organisation to minimise losses and maximise opportunities

may be considered in relation to an organisation's:

people

assets and physical environment

reputation and image

legal issues

business continuity

finances

may include written procedures to ensure staff know:

what

how

when, and

by whom, action is to be taken to treat risks in the organisation

Risk evaluation criteria are:

used to rank risks and decide whether they are acceptable or not

affected by:

legal requirements

perceptions of internal/external stakeholders

cost-benefit analysis, for example, cost of risk management being less than financial cost if the risk occurred

Legislation, policy and procedures may include:

Commonwealth and State/Territory legislation relating to risk management

national and international codes of practice and standards, such as SIRCA 8001:2003

the organisation's risk management policies and practices

codes of conduct/codes of ethics

Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised

Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised

professional standards for risk management, for example CPRM - certified practising risk manager

jurisdictional policies, guidelines and web sites, for example www.riskmanagement.qld.gov.au

Sources of risk may include:

human behaviour

technology/technical issues

occupational health and safety

legal

political

property/equipment

environmental

financial/market

natural events

Risks may be:

internal

external

random

real

perceived

Risks may include:

physical injury or death

failure of machinery or equipment

breaches of security

fraud

litigation

client dissatisfaction

unfavourable publicity

Analysis of risks includes:

likelihood of risks:

almost certain

likely

possible

unlikely

rare

consequences of risks:

insignificant

minor

moderate

major

catastrophic

current control measures

Documentation of analysis may include:

table showing all risks, any existing controls, likelihood of occurring, consequences and subsequent level of risk

Level of risk may be:

low, treated with routine procedures

moderate, with specific responsibility allocated for the risk, and monitoring and response procedures implemented

high, requiring action, as it has potential to be damaging to the organisation

extreme, requiring immediate action, as the potential could be devastating to the organisation

Methods/techniques/ tools may include:

computer modelling

sensitivity analysis

structured interviews

statistical data

questionnaires

fault trees

analysis of consequences - loss of money, time, labour, intangibles

Acceptable risks are:

those which an organisation has determined have the least potential for harm

not necessarily insignificant

Risks may be acceptable because:

the risk level is so low that it does not warrant spending time and money to treat it

the risk is low and the benefits outweigh the cost of treating it

the opportunities presented are much greater than the threat

Unacceptable risks are:

those which an organisation has determined have the most potential for harm

Options for treating risks may include:

avoiding the risk, for example, by terminating the activity or conducting it in another way (these actions may have different risks attached)

controlling the risk, by reducing the likelihood of the risk occurring, the consequences of the risk, or both

transferring the risk, for example, by arranging insurance, contracting some or all of the activity to another organisation or person, etc

retaining the risk, and making contingency plans/funds allocation for covering any loss or other negative effect from the risk

Risk management plan may include:

sources of risk and risk events

analysis of risks - likelihood, consequences and risk levels

prioritised list of unacceptable risks

treatment options selected

person/s responsible for implementing treatment options

resources required

performance measures

timeframe for implementation

timetable for review of plan

Evaluation methodology may include:

observations

physical inspections

incident reports

questionnaires

interviews with stakeholders

regular reviews of risk treatment procedures

repeat of the risk management process