Reduce your risk …
Increase your prosperity
Risk Management
Risk Assessment
Risk Audit and Compliance
Establishing Risk Management
Effective risk management requires a risk framework which imbeds risk management processes within existing business processes and
within the minds and activities of all staff, at all levels. A sound risk framework, together with robust risk management systems
and processes not only contributes to good governance, it provides protection for management, directors and office holders in the
event of adverse outcomes. Provided an appropriate risk framework is established and industry standards adhered to, protection
occurs on two levels.
Firstly, adverse outcomes of risk events may not be as frequent and or severe as they might otherwise have been.
Secondly, those who are accountable for risk management are able to demonstrate they have exercised an appropriate level of due
diligence in managing risk. The later being most useful at a judicial inquiry or court case, whereby organisations and individuals
are held to account after a serious loss event, such as one involving the loss of life or financial loss through theft or fraud.
To establish effective risk management, the first step is to evaluate the risk management needs and risk management practices that
already exist within the organisation. The evaluation serves to identify any risk management gaps and anomalies across the
organisation and establish the foundation to develop a risk framework, risk management policy, risk management plan and the necessary
supporting arrangements. The risk management plan will detail strategies for incorporating risk management into the systems,
processes and practices of the organisation. The same principles apply to organisations of all types and sizes, whether pubic,
private, not-for-profit or large or small.
Evaluating risk management needs
Management practices and processes which include elements of risk management will already exist in many organisations. In light of
the risk management needs of the organisation and its context, a critical review and assessment of existing risk management
processes will deliver a structured understanding of the:
- Characteristics and effectiveness of the existing risk management systems, processes and practices;
- Consistency and degree of integration of risk management across the organisation and the scope of the risk framework and risk types considered;
- Risk management systems and processes that require modification and / or expansion;
- Constraints likely to limit full integration of risk management systems and processes;
- Applicable legislative and or compliance requirements which require risk management consideration; and
- Resource constraints impacting effective implementation of risk management throughout the business.