Site MapContact Us
 Developing Treatments 

Define risk treatment objectives

The purpose of establishing risk treatment objectives is to ensure that development of risk control options meet organisational needs, will effectively manage the risk and will be sustainable.

The design of risk treatment strategies is only effective when based on a sound understanding of the source of risk and how each risk could arise. A sound understanding of the causes of each risk event and the underlying factors that influence the effectiveness of risk treatment measures are the keys to developing a successful risk treatment strategy.

Risk treatment objectives address:

  • Risks that are to be treated.
  • The causes, sources or events being targeted for risk treatment.
  • The aim of the risk treatment measures - what each risk control must do, when it must do it, where it is applied and how it controls the risk.
  • Performance requirements in terms of effectiveness, efficiency, reliability and availability.

Determine performance requirements

The objectives establish what the risk treatment strategy is required to achieve.  It may also be useful and appropriate to include certain performance requirements and how performance will be monitored, measured and reported.

Conduct gap analysis

A gap analysis will include a review of existing risk treatment strategies, specific risk controls and identified vulnerabilities in light of the risk, its sources and potential risk events.

Develop risk treatment options

Identification and development of risk treatment options involves making decisions on the high level risk management approach (to avoid, reduce, share or retain) and the risk control measures most effective in achieving risk treatment objectives, thereby reducing the level of risk. Legislation and standards can often dictate minimum risk treatment requirements for particular types of risk, such as safety. In such circumstances, a review of existing guides and regulatory requirements will be required.

Evaluate treatment options

A common cause of failure or ineffectiveness of risk treatment strategies is the approach of treating each risk in isolation. The treatment of a risk in one area may significantly increase the exposure to risk in another area. Consideration of the causal factors of risks and the interaction of risks with each other is paramount in evaluating risk treatment strategies. When evaluating risk treatment options, questions should be asked for each option under consideration to investigate conflicts in this regard.

Cost Benefit Analysis

Cost benefit analysis provides an objective process for comparing the costs and benefits of the risk without treatment and the comparable costs and benefits of the risk once treated. It informs the prioritising of feasible risk treatment options. Consideration may be taken of the:

  • Benefits arising from the reduction in likelihood and or consequences of the risk.
  • Benefits such as reduced insurance premiums, improved management and staff confidence and enhanced reputation.
  • Costs of implementing and maintaining the risk control.
  • Costs arising if the risk was to be realised including direct costs and indirect costs. Indirect costs are often overlooked and may comprise loss of productivity, business disruption, increase in staff attrition, diversion of management attention, damage to reputation and loss of brand value.

Complete detailed design

Both the practicality and maintainability of risk treatments is considered during the detailed design stage. Involving those who will ultimately be affected by the control (end users) in the design of risk treatment strategies is the most effective way to achieve practical and sustainable risk solutions. This process ensures risk treatment options are ?fit for purpose', are acceptable to those who will be ultimately responsible for, or involved in implementation (end users) and increases the likely effectiveness and sustainability of the risk controls.

Design Review

The purpose of the design review is to verify the detailed design of the risk treatments are 'fit for purpose' prior to implementation. It can be a simple checking process or a formal and structured multi-disciplinary review.  The review will verify the design of the risk treatments:

  • Satisfy the risk treatment objectives.
  • Satisfy performance requirements.
  • Can be implemented within the current environment and with currently available resources.
  • Provides for maintenance and sustainability.
  • Do not introduce new risks or create vulnerability in other existing or proposed risk controls.

Communicate and implement

Successful implementation of risk treatment strategies will depend to a large extent on the level of consultation and communication carried out throughout the risk assessment process, in particular the risk treatment design stage. Dependent on the level of change imposed by the introduction of the new or modified risk controls, a change management plan and or communications plan may be required.
 
 
Site Mailing List  Sign Guest Book  View Guest Book 


Site Powered By
    Turnkey Website Solutions
    Online web site design