Google Links

Follow the links below to find material targeted to the unit's elements, performance criteria, required skills and knowledge

Elements and Performance Criteria

1. Identify risks and develop risk evaluation criteria
   • Identify risks in organisational processes and procedures following standards for risk management as indicated by regulators
   • Identify implications of risk factors to organisation and create evaluation criteria
2. Assess current risk exposure
   • Apply applicable risk assessment tools, establish probability and assess potential consequence of risk in an organisation
   • Conduct spot checks and determine quality of data
   • Identify mitigating effect of existing controls and use evaluation criteria to assess exposure to risk
   • Compare risk exposure levels against risk appetites of organisation, and identify and report unacceptable residual risks
   • Review and critically analyse risk appetite monitoring process and document findings
3. Prepare probability assessment
   • Analyse issues related to risk using measurement criteria
   • Identify issues arising from measurement assessment and determine the risk probability
   • Rank and summarise threats and risk issues as a risk map
   • Provide risk map to appropriate stakeholders
4. Review and report breached issues and incidents
   • Report issues and incidents on risk profile to business according to organisational policies and procedures
   • Determine reporting requirements of issues and incidents to regulators

Performance Evidence

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

conduct a risk assessment of at least two risks for an organisation.

In the course of the above the candidate must communicate and consult with appropriate external and internal stakeholders.

---

Knowledge Evidence

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

key features and purpose of standards for risk management as indicated by regulators

systematic issues, trends and emerging risks

risk management principles, practices and terminology

organisational policy, procedures and operational guidelines relating to risk assessment

key features of evaluation criteria including risk exposure and tolerance levels

methods for developing measurement criteria

residual risk levels for the industry

risk appetite levels for the industry

incident assessment and analysis including:

root cause analysis

remediation plans

methods for prioritising risks, including preparing risk maps and conducting risk analysis

risk consequences for the organisation

methods for mapping threat summaries and ranking risk issues

roles of internal and external stakeholders in risk management.

---