BSBRSK501B
Manage risk

This unit describes the performance outcomes, skills and knowledge required to manage risks in a range of contexts across the organisation or for a specific business unit or area.

Application

This unit addresses the management of the risk across the organisation or within a business unit or area. It does not assume any given industry setting.

This unit applies to individuals who are working in positions of authority and are approved to implement change across the organisation, business unit, program or project area. They may or may not have responsibility for directly supervising others.

Prerequisites

Not applicable.

Elements and Performance Criteria

1. Establish risk context

1.1 Review organisational processes, procedures and requirements for undertakingriskmanagement

1.2 Determinescopefor risk management process

1.3 Identify internal and external stakeholders and their issues

1.4 Review political, economic, social, legal, technological and policy context

1.5 Review strengths and weaknesses of existing arrangements

1.6 Document critical success factors, goals or objectives for area included in scope

1.7 Obtain support for risk management activities

1.8 Communicate withrelevant partiesabout the risk management process and invite participation

2. Identify risks

2.1 Invite relevant parties to assist in the identification of risks

2.2 Researchrisks that may apply to scope

2.3 Usetools and techniquesto generate a list of risks that apply to the scope, in consultation with relevant parties

3. Analyse risks

3.1 Assesslikelihoodof risks occurring

3.2 Assessimpact or consequenceif risks occur

3.3 Evaluateand prioritise risks for treatment

4. Select and implement treatments

4.1 Determine and select most appropriateoptionsfor treating risks

4.2 Develop anaction planfor implementing risk treatment

4.3 Communicate risk management processes to relevant parties

4.4 Ensure all documentation is in order and appropriately stored

4.5 Implement and monitor action plan

4.6 Evaluate risk management process

Required Skills

Required skills

communication and literacy skills to consult and negotiate, to prepare communications about risk management, and to encourage stakeholder involvement

organisational and management skills to plan and implement risk management processes

problemsolving and innovation skills to find practical ways to manage identified risks.

Required knowledge

AS/NZS ISO 31000:2009 Risk Management - Principles and Guidelines

legislation, codes of practice and national standards, for example:

duty of care

company law

contract law

environmental law

freedom of information

industrial relations law

privacy and confidentiality

legislation relevant to organisation’s operations

legislation relevant to operation as a business entity

organisational policies and procedures, including:

risk management strategy

policies and procedures for risk management

overall operations of organisation

reasonable adjustment in the workplace for people with a disability

types of available insurance and insurance providers.

Evidence Required

The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package.

Overview of assessment

Critical aspects for assessment and evidence required to demonstrate competency in this unit

Evidence of the following is essential:

risk management plan which includes a detailed stakeholder analysis, explanation of the risk context, critical success factors, identified and analysed risks, and treatments for prioritised risks

details of monitoring arrangements for risk management plan and an evaluation of the risk management plan’s efficacy in treating risks

knowledge of relevant legislation, codes of practice and national standards.

Context of and specific resources for assessment

Assessment must ensure:

access to workplace documentation.

Method of assessment

A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit:

direct questioning combined with review of portfolios of evidence and third party workplace reports of onthejob performance by the candidate

observation of presentations

oral or written questioning to assess knowledge of risk management policies and procedures

review of documented critical success factors, and goals or objectives for area

review of risks prioritised for treatment

evaluation of action plan for implementing risk treatment

evaluation of documentation communicating risk management processes to relevant parties.

Guidance information for assessment

Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended, for example:

financial management units, governance units, human resource management units, or technology units.

Range Statement

The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.

Risksmay include those relating to:

commercial relationships

economic circumstances and scenarios

human behaviour

individual activities

legislation

management activities and controls

natural events

political circumstances

technology.

Scopemay apply to:

given project

specific business unit or area

specific functional such as:

financial management

OHS

governance

external environment

internal environment

whole organisation.

Relevant partiesmay include:

all staff

internal and external stakeholders

senior management

specific teams or business units

technical experts.

Researchmay include:

data or statistical information

information from other business areas

lessons learned from other projects or activities

market research

previous experience

public consultation

review of literature and other information sources.

Tools and techniquesmay include:

brainstorms

checklists

fishbone diagrams

flowcharts

scenario analysis.

Likelihoodmay refer to:

probability of a given risk occurring, such as:

very likely

likely

possible

unlikely

rare.

Impact or consequencemay refer to:

significance of outcomes if the risk occurs, such as:

disastrous

severe

moderate impact

minimal impact.

Evaluationof risks includes:

considering the likelihood of the risk occurring

considering the impact of the risk

determining which risks are most significant and are therefore priorities for treatment.

Optionsmay include:

avoiding the risk

changing the consequences

changing the likelihood

retaining the risk

sharing the risk with a third party.

Action plansshould include:

what actions are required

who is taking responsibility

time lines

monitoring processes.

Sectors

Management and Leadership – Management

Employability Skills

This unit contains employability skills.

Licensing Information

No licensing, legislative, regulatory or certification requirements apply to this unit at the time of endorsement.