This unit addresses the management of the risk across the organisation or within a business unit or area. It does not assume any given industry setting.

This unit applies to individuals who are working in positions of authority and are approved to implement change across the organisation, business unit, program or project area. They may or may not have responsibility for directly supervising others.

ELEMENT

PERFORMANCE CRITERIA

1. Establish risk context

1.1. Review organisational processes, procedures and requirements for undertaking risk management

1.2. Determine scope for risk management process

1.3. Identify internal and external stakeholders and their issues

1.4. Review political, economic, social, legal, technological and policy context

1.5. Review strengths and weaknesses of existing arrangements

1.6. Document critical success factors, goals or objectives for area included in scope

1.7. Obtain support for risk management activities

1.8. Communicate with relevant parties about the risk management process and invite participation

2. Identify risks

2.1. Invite relevant parties to assist in the identification of risks

2.2. Research risks that may apply to scope

2.3. Use tools and techniques to generate a list of risks that apply to the scope, in consultation with relevant parties

3. Analyse risks

3.1. Assess likelihood of risks occurring

3.2. Assess impact or consequence if risks occur

3.3. Evaluate and prioritise risks for treatment

4. Select and implement treatments

4.1. Determine and select most appropriate options for treating risks

4.2. Develop an action plan for implementing risk treatment

4.3. Communicate risk management processes to relevant parties

4.4. Ensure all documentation is in order and appropriately stored

4.5. Implement and monitor action plan

4.6. Evaluate risk management process

Required skills

communication and literacy skills to consult and negotiate, to prepare communications about risk management, and to encourage stakeholder involvement

organisational and management skills to plan and implement risk management processes

problem-solving and innovation skills to find practical ways to manage identified risks.

Required knowledge

AS/NZS 4360:2004 Risk management.

legislation, codes of practice and national standards, for example:

duty of care

company law

contract law

environmental law

freedom of information

industrial relations law

privacy and confidentiality

legislation relevant to organisation's operations

legislation relevant to operation as a business entity

organisational policies and procedures, including:

risk management strategy

policies and procedures for risk management

overall operations of organisation

reasonable adjustment in the workplace for people with a disability

types of available insurance and insurance providers.

The Evidence Guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package.

Overview of assessment

Critical aspects for assessment and evidence required to demonstrate competency in this unit

Evidence of the following is essential:

risk management plan which includes a detailed stakeholder analysis, explanation of the risk context, critical success factors, identified and analysed risks, and treatments for prioritised risks

details of monitoring arrangements for risk management plan and an evaluation of the risk management plan's efficacy in treating risks

knowledge of relevant legislation, codes of practice and national standards.

Context of and specific resources for assessment

Assessment must ensure:

access to workplace documentation.

Method of assessment

A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit:

direct questioning combined with review of portfolios of evidence and third party workplace reports of on-the-job performance by the candidate

observation of presentations

oral or written questioning to assess knowledge of risk management policies and procedures

review of documented critical success factors, and goals or objectives for area

review of risks prioritised for treatment

evaluation of action plan for implementing risk treatment

evaluation of documentation communicating risk management processes to relevant parties.

Guidance information for assessment

Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended, for example:

financial management units, governance units, human resource management units, or technology units.

The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.

Risks may include those relating to:

commercial relationships

economic circumstances and scenarios

human behaviour

individual activities

legislation

management activities and controls

natural events

political circumstances

technology

Scope may apply to:

given project

specific business unit or area

specific functional such as:

financial management

OHS

governance

external environment

internal environment

whole organisation

Relevant parties may include:

all staff

internal and external stakeholders

senior management

specific teams or business units

technical experts

Research may include:

data or statistical information

information from other business areas

lessons learned from other projects or activities

market research

previous experience

public consultation

review of literature and other information sources

Tools and techniques may inlcude:

brainstorms

checklists

fishbone diagrams

flowcharts

scenario analysis

Likelihood may refer to:

probability of a given risk occurring, such as:

very likely

likely

possible

unlikely

rare

Impact or consequence may refer to:

significance of outcomes if the risk occurs, such as:

disastrous

severe

moderate impact

minimal impact

Evaluation of risks includes:

considering the likelihood of the risk occurring

considering the impact of the risk

determining which risks are most significant and are therefore priorities for treatment

Options may include:

avoiding the risk

changing the consequences

changing the likelihood

retaining the risk

sharing the risk with a third party

Action plans should include:

what actions are required

who is taking responsibility

time lines

monitoring processes

Unit sector

Management and Leadership - Management

This unit contains employability skills.