Section 1- Annexure 3 Risk Management Jan 2013 Procedure

Page 1

RISK MANAGEMENT PROCEDURE Section 1 – Annexure 3 Date of Issue: January 2013 Date of Review: January 2015

Risk Management Procedure Strategic risks will generally relate, but not be limited to the general function and objectives of the organisation including: 

Overall client service delivery

Management of other stakeholder expectations (including organisational relationships)

Organisational and business development opportunities

Asset and resource management.

Operational risks will generally relate, but not be limited to the day to day operations of the organisation including: 

Staff and individual service management

Staff recruitment, training and education

Community engagement

Maintenance of assets and equipment

Managing of resources

Financial and budget management

Information management and technology

Corporate governance and Legal Compliance

Contracting and purchasing

Responsibilities 

The BINSA COM, Executive Officer (EO) and staff are to be competent in the application of BINSA’s Risk Management Policy, and are accountable for the delivery of the policy within their areas of responsibility.

Specifically the responsibility for the management of risk is as follows: 

The COM is responsible for the organisational co-ordination of the Risk Management Policy and system, whilst Staff at all levels are responsible for the application of the risk management system

The EO is responsible to ensure that risk management is integrated into all policies, procedures, training and other relevant documents

The EO and COM are required to promote a culture where managing risk is an accepted responsibility of each employee

All staff are required to be aware of the risks associated with their position and work environment and follow BINSA policy and procedure in relation to risk management.

G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 1 - Governance\Section 1- Annexure 3 Risk Management Jan 2013 Procedure.doc

Page 1 of 5


As part of the organisation’s risk management structure BINSA has adopted the following as policy to support comprehensive and relevant contextual risk management by: 

Allowing only four permissible options when managing risk through: 1.

Avoiding the risk entirely by eliminating the risk producing activity

2.

Implementing steps to reduce the risk to an acceptable level that is consistent with BINSA’s risk management standards (i.e. appropriate treatment plan that mitigates the impact of the risk should it occur, or lowering the likelihood of it occurring)

3.

Transferring some of the risk to a third party (e.g. financing the risk through insurance, or by outsourcing)

4.

Make a conscious and documented decision to formally accept the risk by an appropriate delegated authority based on the size and type of risk.

Formally identifying, assessing, analysing, prioritising and considering treatments for all significant risk issues potentially impacting on the organisation

Building risk management practices into the organisation’s strategic planning process.

Complying with all relevant legislation and statutory requirements

Managing risk with practical responses that achieve a balance between cost and anticipated benefits

Developing and maintaining an organisational wide risk management system relevant to all areas of operation and remaining current with the changing needs and activities of the organisation

Developing and maintaining organisational procedure in relation to BINSA’s policy on risk management and accepted risk management standards

Ensuring that members of the COM have an appropriate understanding of relevant risk management issues for the organisation and are in a position to confidently make informed strategic and business decisions based on risk assessment

Ensuring that the EO and COM are competent and have appropriate knowledge in the area of risk management both at strategic and operational levels

Ensuring that staff are familiar with, and competent in the application of BINSA’s Risk Management Policy and Procedure, and are accountable for the policy within their areas of responsibility

Ensuring that all project work is managed in line with BINSA’s Risk Management process

Promoting a culture and awareness of risk management with staff, and across the organisation

Reviewing BINSA’s Risk Management system on a periodic basis to ensure ongoing relevance and capabilities.

Risk management process – Committee of Management level The COM will fulfil its strategic oversight of risk management by: 

Proactively identifying and addressing risks that arise from its role (eg succession planning, conflict of interest, strategic planning) and from COM meetings

Supporting the EO to implement organisation-wide risk management

Ensuring the risk management framework and strategies are consistent with recognised business, ethical and professional standards.

G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 1 - Governance\Section 1- Annexure 3 Risk Management Jan 2013 Procedure.doc

Page 2 of 5


A Risk Register will be developed and maintained by the EO The EO will report on progress and control measures to the COM on an annual basis. The COM will: 

Report on the organisation’s risk management performance in its Annual Report

Make provision for identified risk controls in the preparation of the annual budget

Include risk management as part of its strategic and business planning processes.

Risk management system – Operational level The EO will lead and promote a culture of risk awareness and continual improvement across the organisation. In addition the EO will: 

Ensure the integration of risk management into all aspects of BINSA operations and services

Design and implement a risk management system consisting of: 1. A risk register containing a. Identification b. Likely impact c. Likely occurrence d. Adequacy of existing measures and any additional risk reduction measures e. Responsibility and action taken 2. An annual report of progress and control measures to the COM 3. Processes for staff to identify and report risks 4. Demonstrated commitment to staff training and education regarding risk management and organisational expectations

Ensure that major business initiatives will only proceed after a risk assessment is undertaken

Newly identified risks will be reported to the COM as identified.

Staff responsibilities 

Maintain an awareness of the risks that relate to their area of responsibility

Actively support and contribute to risk management initiatives

Advise the EO of risk issues they believe require attention

Report possible and potential risks identified through the established organisational reporting systems

Embrace a culture of risk awareness and continual improvement.

G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 1 - Governance\Section 1- Annexure 3 Risk Management Jan 2013 Procedure.doc

Page 3 of 5


Areas for Risk Management at BINSA Fraud Risk / Transaction Card/Credit Card/Petrol Card Usage Refer to the Governance Policy: Delegation of Authority – Procurement Section / Authorisation to incur expenditure. Social Media All defamatory postings will be removed by BINSA’s Web Coordinator at the direction of the EO. Defamatory postings include, but are not limited to, those that are: racist, sexist, threatening, insulting, unlawful and threatening to another’s privacy. Other (See Risk Register) 

Financial risk management including ongoing and new sources of funding to support operations, fraud/manipulation of accounts, taxation, insurance

Legal Risk Management including release of confidential information, EO’s liability, contracts

Environmental including waste management

Occupational Health and Safety including unsafe work practices, occupationally induced stress

Information technology including loss and corruption of data, software/hardware failure

Human Resources including staff shortages, industrial relations issues, discrimination and harassment

Political including change of government and policy, budget allocation, community pressure

Risk to be considered because of the particular client group.

The aim of analysing the risk is to separate the minor acceptable risks from the major risks and to provide strategies to minimise the risk from occurring and to ensure that the initiative is successful. Assessment and Management The Risk Management Planning session(s) will determine: 

What can happen

What is the real effect

Determination of likelihood / consequence

Prioritisation of risks

Identification and evaluation of risk mitigation strategy options

Re-prioritisation of risks

Establishment of Risk Management Plans

Preparation of the Risk Management summary documents using the Risk Assessment Format.

Complaints Management BINSA recognises that complaints management is integral to risk management. All issues and complaints will be dealt with as per the Grievance and Complaints Policy (staff and clients), (refer to Section 2 - Client Policies No 6).

G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 1 - Governance\Section 1- Annexure 3 Risk Management Jan 2013 Procedure.doc

Page 4 of 5


Any issues that are deemed to have a likelihood of risk will be dealt with using the Risk Assessment Format. Monitoring Risk Management will form part of the regular agenda for COM meetings and staff meetings to review risk management plan summaries and monitor progress. Definitions The following definitions, unless otherwise specified are taken from AS/NZS 4360:1999. Risk: “the chance of something happening that will have an impact upon objectives”. It is measured in terms of consequences and likelihood. Risk Acceptance: “an informed decision to accept the consequences and the likelihood of a particular risk” The Management Committee may from time to time determine and review financial and other levels of acceptable risk. Risk Analysis: “a systematic use of available information to determine how often specified events may occur and the magnitude of their consequences”. Risk Avoidance: “an informed decision not to become involved in a risk decision”. Risk Reduction: “a selective application of appropriate techniques and management principles to reduce either likelihood of an occurrence or its consequences, or both”. Risk Transference: “shifting the responsibility or burden for loss to another party through legislation, contract, insurance or other means”. Risk Treatment: “selection and implementation of appropriate options for dealing with risk”. Residual Risk: “the remaining level of risk after risk treatment measures has been taken”. Risk Control: “that part of risk management which involves the implementation of policies, standards, procedures and physical changes to eliminate or minimise adverse risks”. Risk Management Process: “the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risk”. Risk Evaluation: “the process used to determine risk management priorities by comparing the level of risk against predetermined standards, target risk levels of other criteria”. See Annexure 3a for BINSA RISK ASSESSMENT FORMAT and BINSA RISK REGISTER 2013-2015.

G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 1 - Governance\Section 1- Annexure 3 Risk Management Jan 2013 Procedure.doc

Page 5 of 5


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.