Risk profile

What's your risk profile? What kinds of risks are you carrying and how serious are they? If everything else looks good but your risks are high, you might not be in as good a shape as you think.

In an orgaizational review, you willneed to identify and manage risks in various contexts across the organization or for a specific business unit. Risks may include those relating to:

  • commercial relationships
  • economic circumstances and scenarios
  • human behaviour
  • individual activities
  • legislation
  • OHS
  • change
  • management activities and controls
  • natural events
  • political circumstances
  • technology
  • etc.

Go though the strategic risk assessment form.

As you go through these questions, remember that different parts of the organization will probably wok with different risk areas. For example, a CFO will work with financial and probity risks. The board and CEO look at strategic business risks.

  1. Who are the the internal and external stakeholders in your risk management system. What issues are they bringing up?
  2. Invite them to participate in managing risk and get their support. (They will normally expect to participate according to their particular roles.)
  3. How does your organization identify and manage risk? How effective is the system? does it cover all necessary risk areas?
  4. What aspects of your organization and timeframes does your organization look at for managing risk? What should be the scope?
  5. What is the political, economic, social, legal, technological and policy context?
  6. What are the strengths and weaknesses of your existing arrangements?
  7. Review your core risk management document. It must at least include risk management for:
    1. OHS
    2. Strategic risks affecting your organization, with criteria and structures to provide guidance on balancing risk, costs, benefits and opportunities
    3. Financial risk
    4. All products or services
    5. Risks associated with change, e.g. new projects, emerging issues
  8. Check that you have suitable contingency plans in place for all major risks. This will usually include adequate insurance cover.

About risk (Opens new window)

Questions

  1. Explain your organization's policies, procedures strategy for managing risk.
  2. What procedures do you have for on-going identification of risk?
  3. Give an overview of the operations of organization. Indicate the main risks for each part.
  4. In OHS, explain what you do to make reasonable adjustments in the workplace for people with a disability.
  5. What kinds of insurance are available to your organization? Which ones do you need and which ones don't you need. Explain your answer?
  6. Why would you choose one insurance provider over another?
  7. Explain what you have done to address the four requirements of the national standard in risk management (AS/NZS 4360:2004)? (Establish the context, identify risks, assess risks, treat risks.)