Professional Documents
Culture Documents
12 - BSBOPS504 Appendix B - Risk Management Policy and Procedure
12 - BSBOPS504 Appendix B - Risk Management Policy and Procedure
12 - BSBOPS504 Appendix B - Risk Management Policy and Procedure
Endurance Group
Risk Management Policy
Policy
Endurance CrossFit understands that the adoption of a strategic and formal approach to risk management
will improve decision-making while enhancing outcomes and accountability for the organisation. The aim of
this Risk Management process is to manage the risks involved in all activities undertaken by the company
while maximising opportunities and minimising adversity for all involved. A risk management process also
provides a system for the setting of priorities when there are competing demands on limited resources of
staff.
Endurance CrossFit believes that effective risk management requires the following tasks:
A strategic focus.
Forward thinking and active approaches to management.
Balance between the cost of managing risk and the anticipated benefits and
Contingency planning in the event that mission critical threats are realised.
Endurance CrossFit will maintain procedures to provide the organisation with a systematic view of the risks
faced in the course of its administrative and business activities. This will require Endurance CrossFit to:
Identify Risks: the identification of what, why and how specific events could affect Endurance
CrossFit and its operations.
Analyse Risks: the determination and the analysis of the risks in terms of the potential consequence
and how likely those consequences are to occur. Consequence and likelihood are combined to
produce an estimated level of risk (Risk Rating).
Treat Risks: the development and implementation of specific risk management plans through its
policies, procedures and standards to manage these risks. Lower priority risks may be accepted and
monitored.
Monitor and Review: the monitoring and review of the risk management system and any changes
that might affect it. Monitoring and reviewing occurs concurrently throughout the risk management
process.
Communication and Consultation: the ensuring of applicable communication and consultation with
internal and external stakeholders will occur at each stage of the risk management process.
The owners are jointly accountable for ensuring that the risk management system is implemented and
maintained. The Executive Management team will review and monitor each risk management situation to
ensure all potential issues are addressed in accordance with the risk management system devised.
Identify Risks
Revi
on &
Cons
nito
mun
Com
and
icati
tion
Mo
ulta
ew
r
Analyse Risks
Version: 1.0 – Jan 2022 Gen Institute Pty Ltd © Page 1 of 4
BSBOPS504
Gather information that relates to the potential risk factor. This may consist of what can happen, why and
how it can happen. This information may impact on one or more of the following areas:
The Executive Management team are responsible for conducting and executing risk management evaluations
on potential issues that may affect the business. This includes and is not limited to the identification and
categorising of the potential risk (refer to the Risk Rating and Risk Criteria tables for more information).
The Executive Management team will develop and implement specific risk management plans through its
policies, procedures and standards to manage these risks. All treatment schedules and action plans will be
documented to ensure compliance and adherence to the risk management process and will include the
following information
Risk Category
Risk Factors
Proposed Action
Person/s Responsible
Resources Needed
Date of Completion
Frequency of Review / Monitoring
As part of its risk management process Endurance CrossFit has developed the below tables - Risk Rating
(Table 1) and Risk Criteria (Table 2) in determining the level and impact of risk to the company.
Low I1 Unlikely P1
Medium I2 Likely P2
High I3 Certain P3
Low This can be managed by developing Unlikely Not expected, but there is a
policies and procedures to combat issue. possibility it may occur.
Medium This could affect the day to day Likely There is a strong possibility the
operations and requires policies and event will occur.
procedures to be altered / amended.
High Immediate attention is required by Certain The event will occur or has
Executive Management team. occurred.
Applying controls
Hard controls may include document trails, reconciliation, physical control over assets, authority for
approvals etc. Soft controls may include ethics, competence, culture, communication, leadership, integrity
etc. The effectiveness of a control should be rated in a subsequent risk assessment.
• Poor – control is not addressing the risk (High risk level is not changing)
• Fair – control is addressing the risk, but is not considered effective
• Good – control effective in addressing risk (risk level is considered acceptable)
Endurance CrossFit has developed a risk management plan to ensure the compliance and continuity of
running its operations are not affected.
Endurance CrossFit also acknowledges that risk management is a dynamic process as risks are always
changing, and understands that it will need to have a thorough monitoring and review system in place for all
its current and future strategic operations.
_______________