BSBOPS504

BSBOPS504
Manage Business Risk

Learner Guide
EDUCATION TRAINING & EMPLOYMENT AUSTRALIA
Table of Contents
Unit of Competency ............................................................................................................................. 4

Application ........................................................................................................................................... 4
Performance Criteria ........................................................................................................................... 5
Foundation Skills .................................................................................................................................. 6
Assessment Requirements................................................................................................................... 7
1. Establish risk context........................................................................................................................ 9
1.1 – Evaluate organisational processes, procedures and requirements and determine scope for risk
management process ............................................................................................................................ 10
Business risk ....................................................................................................................................... 10
Organisational processes ................................................................................................................... 11
Organisational procedures................................................................................................................. 12
Organisational requirements ............................................................................................................. 12
Scope for risk management process .................................................................................................. 12
Activity 1A .......................................................................................................................................... 14
1.2 – Review strengths and weaknesses of existing arrangements ....................................................... 15
Existing arrangements ....................................................................................................................... 15
Strengths ............................................................................................................................................ 15
Weaknesses ....................................................................................................................................... 15
Activity 1B .......................................................................................................................................... 17
1.3 – Document critical success factors, goals and objectives for area included in scope .................... 18
Scope of business risk ........................................................................................................................ 18
Importance of documenting the process........................................................................................... 18
Importance of communication .......................................................................................................... 19
Activity 1C .......................................................................................................................................... 20
1.4 – Communicate risk management process to relevant stakeholders .............................................. 21
Identify relevant stakeholders ........................................................................................................... 21
Communicate risk management process ........................................................................................... 22
Activity 1D .......................................................................................................................................... 24
2. Identify risks .................................................................................................................................. 25
2.1 – Invite stakeholders to assist in the identification of risks ............................................................. 26
Stakeholder contributions ................................................................................................................. 26
Activity 2A .......................................................................................................................................... 28
Disclaimer: Once this document is removed from the owner drive or printed this document is no longer controlled.
Document Name BSBOPS504 Company name Issued: Nov 2021 Ver 1.1
Learner Guide ETEA
Authorised by QMC CRICOS # 02925E RTO # 5089 Review: 24 months
©Education Training & Employment Australia Pty Ltd ABN: 62085390692 Page 1 of 66
2.2 – Research risks that may apply to scope ........................................................................................ 29

Confirm scope .................................................................................................................................... 29
Research risks .................................................................................................................................... 29
Activity 2B .......................................................................................................................................... 32
2.3 – Document risks that apply to the scope, in consultation with relevant parties ........................... 33
Use effective language ....................................................................................................................... 33
Importance of shared knowledge ...................................................................................................... 34
Activity 2C .......................................................................................................................................... 35
3. Analyse risk .................................................................................................................................... 36
3.1 – Assess likelihood of risks occurring ............................................................................................... 37
Simple formula ................................................................................................................................... 37
Risk assessment ................................................................................................................................. 38
Activity 3A .......................................................................................................................................... 39
3.2 – Assess impact or consequence if risks occur................................................................................. 40
Assessing the impact or consequence of risk .................................................................................... 40
Controlling risk ................................................................................................................................... 41
Insuring risk ........................................................................................................................................ 41
Activity 3B .......................................................................................................................................... 42
3.3 – Evaluate and prioritise risks for treatment ................................................................................... 43
Evaluate risks ..................................................................................................................................... 43
Prioritise risks for treatment .............................................................................................................. 43
Activity 3C .......................................................................................................................................... 45
4. Select and implement treatements ................................................................................................ 46
4.1 – Determine and select from options for treating risks ................................................................... 47
Determine available options .............................................................................................................. 47
Select option for treating risks ........................................................................................................... 47
Activity 4A .......................................................................................................................................... 49
4.2 – Develop action plan for implementing risk treatment.................................................................. 50
Developing an action plan ................................................................................................................. 50
Activity 4B .......................................................................................................................................... 52
4.3 – Communicate risk management processes to relevant parties .................................................... 53
Keeping relevant parties updated...................................................................................................... 53
Why effective communication is essential ........................................................................................ 53
Activity 4C .......................................................................................................................................... 55
4.4 – Implement action plan according to organisational policies and procedures .............................. 56
Learner Guide ETEA
Organisational policies and procedures............................................................................................. 56

Tailoring your action plan to the relevant policies and procedures .................................................. 56
Activity 4D .......................................................................................................................................... 59
4.5 – Monitor and evaluate risk management process ......................................................................... 60
Monitoring ......................................................................................................................................... 60
Evaluating .......................................................................................................................................... 60
Reflection ........................................................................................................................................... 61
Activity 4E .......................................................................................................................................... 63
Summative Assessments........................................................................................................................ 64
References ............................................................................................................................................. 65
Learner Guide ETEA
Unit of Competency
Application
This unit describes skills and knowledge required to manage business risks in a range of contexts across
an organisation or for a specific business unit or area in any industry setting.
The unit applies to individuals who are working in positions of authority and who are approved to
implement change across the organisation, business unit, program or project area. They may or may not
have responsibility for directly supervising others.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Unit Mapping Information
Supersedes and is equivalent to BSBRSK501 Manage risk.
Unit Sector
Business Competence – Business Operations.
Learner Guide ETEA
Performance Criteria
Element Performance Criteria
Elements describe the Performance criteria describe the performance needed to
essential outcomes. demonstrate achievement of the element.
1. Establish risk context 1.1 Evaluate organisational processes, procedures and

requirements and determine scope for risk management
process
1.2 Review strengths and weaknesses of existing arrangements
1.3 Document critical success factors, goals and objectives for
area included in scope
1.4 Communicate risk management process to relevant
stakeholders
2. Identify risks 2.1 Invite stakeholders to assist in the identification of risks

2.2 Research risks that may apply to scope
2.3 Document risks that apply to the scope, in consultation with
relevant parties
3. Analyse risks 3.1 Assess likelihood of risks occurring

3.2 Assess impact or consequence if risks occur
3.3 Evaluate and prioritise risks for treatment
4. Select and implement 4.1 Determine and select from options for treating risks
treatments 4.2 Develop action plan for implementing risk treatment
4.3 Communicate risk management processes to relevant
parties
4.4 Implement action plan according to organisational policies
and procedures
4.5 Monitor and evaluate risk management process
Learner Guide ETEA
Foundation Skills
This section describes language, literacy, numeracy and employment skills incorporated in the
performance criteria that are required for competent performance.
Reading:
! Synthesises a variety of relatively complex texts
! Gathers, interprets and analyses textual information from a range of sources to identify relevant
information.
Writing:
! Develops textual material and organises content in a manner that is effectively documents risks
management analysis and assessment priorities and processes.
Oral communication:
! Participates in interactions with stakeholders using questioning and listening to elicit opinions,
and to confirm and clarify understanding.
Numeracy:
! Uses numerical tools to assess risk and uses numerical data to review plans.
Teamwork:
! Selects appropriate conventions and protocols when communicating with stakeholders about
risk management
! Consults and negotiates with stakeholders about risk management processes and outcomes.
Planning and organising:
! Sequences and schedules a range of routine and complex activities, monitors implementation,
evaluates processes and manages relevant communication
! Systematically analyses information to decide on appropriate risk management treatments
! Refers to organisational processes, procedures and requirements when making decisions about
risk management.
Technology:
! Uses digital technologies and systems to access information, document plans and communicate
with others.
Learner Guide ETEA
Assessment Requirements
Performance Evidence
The candidate must demonstrate the ability to complete the tasks outlined in the elements,
performance criteria and foundation skills of this unit, including evidence of the ability to:
! Lead at least one risk management process for an organisation or work area.
In the course of the above, the candidate must:
! Analyse information from a range of sources to identify the scope and context of the risk
management process, including:
o stakeholder analysis
o political, economic, social, legal, technological and policy context
o current arrangements
o objectives and critical success factors for the area including scope
o risks that may apply to scope
! Consult and communicate with stakeholders to identify and assess risks, determine appropriate
risk treatment actions and priorities and explain the risk management processes
! Develop and implement an action plan to treat risks
! Monitor and evaluate the action plan and risk management process
! Maintain documentation.
Learner Guide ETEA
Knowledge Evidence
The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements,
performance criteria and foundation skills of this unit, including knowledge of:
! Legislative and regulatory context of the organisation in relation to risk management
! Organisational policies, procedures and processes for risk management, including document
storage
! Types of business risks
! Options for treating risks
! Risk management process
! Purpose and key elements of current risk management standards
! Tools and techniques to identify risks to scope risk management processes.
Assessment Conditions
Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions
are typical of those in a working environment in this industry.
This includes access to:
! Legislation, regulations, standards and codes relating to risk management
! Workplace documentation and resources relating to risk management.
Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and
training legislation, frameworks and/or standards
Links
Companion Volume Implementation Guide is found on VETNet -

https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=11ef6853-ceed-4ba7-9d87-4da407e23c10
Learner Guide ETEA
1. Establish risk context

1.1. Evaluate organisational processes, procedures and requirements and determine scope for risk
management process
1.2. Review strengths and weaknesses of existing arrangements
1.3. Document critical success factors, goals and objectives for area included in scope
1.4. Communicate risk management process to relevant stakeholders
Learner Guide ETEA
1.1 – Evaluate organisational processes, procedures and requirements and

determine scope for risk management process
By the end of this chapter, the learner should be able to:
! Evaluate organisational processes, procedures, and requirements
! Determine scope for risk management process.
Business risk
According to a 2018 survey by the University of South Australia, 25% of businesses fail due to the lack of
leadership, poor financial management, and/or no planning for potential risk. (unisa.edu.au) The
importance of a competent and robust management team will ensure that risks can be identified,
assessed and managed in a timely, professional and competent way, giving the business every chance of
success.
For this unit, we will clarify that business risk is any factor that threatens a business’s ability to meet its
objectives and achieve the required financial goals. As a person with authority, it will be your
responsibility to identify risk to your business, assess the level of damage the risk can have and
ultimately, reduce the effects of risk in the most efficient and effective way.
One of the most important steps you can take in managing business risk is to understand what the
influencing factors are. From here, you can seek to manage them accordingly by setting contingency
strategies and action plans that will help your business grow and flourish.
You will find that there will be a whole range of different risks that can affect a business’s success.
Mostly, they can be industry-related, but will also include more common risks that any business can
face, regardless of its size.
Common risks can include:

! Changes in customer taste or demand
! Competition
! Changes in the current economic climate
! Changes in government regulations
! Poor leadership
! Poor financial management
! Poor record-keeping
! Operational issues
! Compliance issues
! Health and safety issues.
Learner Guide ETEA
Organisational processes
Most established companies will have their own processes in place when dealing with risks. A risk
management process should be used to ensure that risks can be identified and managed quickly and
effectively, eliminating unnecessary costs and delays, and helping to reduce the overall impact on a
company. An organisational risk management process will usually follow a generic order. This will
outline the steps that need to be taken to manage risk effectively.
There are six steps that you can typically take during this process:
! Identify risk
! Evaluate and assess risk
! Respond to risk
! Report and monitor risk
! Identify contingencies and recovery planning
! Review your risk management approach.
Risks within business cannot be avoided and must be addressed immediately to minimise the impact on
your organisation. Ignoring them or assuming that someone else will take action could cause long-term
and costly damage to the company. Any signs of risk should be noted, details recorded, including who
will take responsibility and action plans put in place with immediate effect. Holding a position of
influence too will give you the ability to adopt suitable approaches, protecting your company from any
potential risk and demonstrating that you can think on your feet and take action accordingly.
To help you identify risk, you can:

! Assess the different sources that could lead to problems
! Don’t wait to act – you should never wait just to see if an issue becomes a risk or not;
you should have a plan in place in case risk to business becomes apparent
! Make it everyone’s responsibility – it shouldn’t just be management taking

responsibility for the identification of risk. If staff are trained to deal with risk within
their own department, it will make it easier to manage across the whole company
! Be aware of industry-specific risk – if other similar companies have identified possible

risks before, it is likely that it could happen in your organisation too
! Create a record of identified risks – this will help you be more prepared to review and
detect future risks.
Learner Guide ETEA
Organisational procedures
Organisational procedures will outline the ‘rules’ that you will need to follow to minimise the impact of
risk to the company and the staff.
Organisational procedures can include:

! Ensuring equipment is fit for purpose
! Implementation of staff training
! Ensuring staff have clear guidelines to follow for every task
! Regular building inspections
! Confidentiality and privacy regulations
! Clear guidelines for disciplinary measures
! Incident reporting
! Emergency procedures.
Organisational requirements
Every organisation will have to follow legislative, regulatory, and organisational requirements, to
operate with the law. These requirements will be in place to ensure that all activities within the
company do not result in harm or loss to others.
Examples of legislative and regulatory requirements can be extensive and industry-specific, so you
would need to make yourself aware of those requirements that are relevant to your industry.
However, examples can include:

! Occupational health and safety
! Trading standards
! Data protection
! Operational standards.
Scope for risk management process

The scope will be determined by the context of the risk. This means that you will need to establish the
boundaries of the risks by clarifying how far the risk extends. Once you have established this, it will
enable you to measure and assess the risk impact within the specific area. Remember, risks are
uncertainties that affect your company’s achievements and goals, and it essential that you finalise how
far these risks will affect the different areas of your business.
Learner Guide ETEA
Establishing the scope of risk will allow you to:

! Establish the extent of the risk
! Estimate costs involved
! Estimate time required to manage risk
! Encompass all the work required to minimise the effect of the risk.
Learner Guide ETEA
Activity 1A
Learner Guide ETEA
1.2 – Review strengths and weaknesses of existing arrangements

! Review the strengths and weaknesses of existing arrangements.
Existing arrangements
Taking a closer look at the existing arrangements within your organisation would be the best place to
start when reviewing and analysing the effectiveness of risk management. This will give you the
opportunity to determine how well the arrangements are working and what you will need to do to
improve them.
The three main points you should focus on are:

! Areas that are working well
! The areas that are weak and need immediate attention
! The areas most likely to cause a threat.
Strengths
The strengths of your company’s risk management arrangements should be based on what has worked
well in the past and continues to work well.
To help ensure strengths are maintained, you could:

! Analyse decision making at all levels
! Ensure consistency of reporting potentials risks
! Set tasks that are likely to succeed
! Ensure all staff are accountable at each level
! Ensure training is comprehensive and often
! Ensure consistency of action plans and objectives
! Ensure company is protected from major losses by insurance
! Ensure you have a consistent approach to reinforce company

culture.
Weaknesses
If there are weaknesses with the current arrangements, you must act immediately to minimise the
potential damage that the risks can cause. Monitoring the current arrangements will help you identify
areas of weakness more quickly because if they are left or ignored, the more likely damage will occur.
To help you manage this, you can insist on clear communication and feedback from decision-makers
within your organisation and relevant stakeholders. This would ensure that all involved parties are in
regular contact, updating each other regularly and holding meetings more often to ensure that
consistency is maintained.
Learner Guide ETEA
If you keep on top of the decisions being made at each level, whilst monitoring behaviour and actions, it
will ensure that areas of weakness can be caught early, actions can be taken, and the effects can be
minimised.
Minimise weaknesses by improving the culture of organisation

A positive culture with your organisation is essential when managing risk. All staff need to be working
together on the same page and engaged in the same goals and objectives because this will directly link
to the company achievements in risk management.
Most companies will have policies and procedures that govern the behaviour, actions and decision-
making of staff to meet the requirements of risk management. The policies and procedures in place
should support and help staff make the right decisions, and these guidelines should be available for all
staff to access regularly and consistently.
To help you do this, you can:

! Make sure there are clear expectations regarding behaviour, actions and decision
making with your company
! Ensure you have the appropriate resources to allow staff to manage risk, e.g. sufficient
time and budgets
! Ensure positive and respectful relationships are kept with stakeholders.
Reduce the threats

Being able to reduce the threats to your business must always be based on awareness. If you are aware
of all the potential risks that could affect your business, you will be ready either by having capital that
will allow you to weather a storm or by having a clear plan and contingency in place that will help you
roll with the punches that potential risks could bring.
Learner Guide ETEA
Activity 1B
Learner Guide ETEA
1.3 – Document critical success factors, goals and objectives for area included in
scope
! Identify the importance of documenting critical success factors, goals and objectives
included in scope.
Scope of business risk

We briefly looked at scope in chapter 1.1, but to clarify, the scope is the set of boundaries that will
define the extent of risk to your business. It will help you identify what areas need your attention and
help you establish a specific action plan to deal with risk in the most effective way. You will not want to
waste time and resources dealing with more issues than necessary, so the most effective way to deal
with risk, would be to direct your attention on the specific issue, using your time and resources in the
most effective and efficient way.
Importance of documenting the process

Documenting the process will ensure you have consistency between the relevant people involved, a
point of reference to inform further decisions and ultimately, help you and others highlight the areas
that require immediate action. This will ensure that minimal damage will occur because you will be
carefully monitoring the process and identifying the constraints and limitations with the scope that
could affect the outcomes.
Documenting the process will help you track:
! Any actions that you have taken that have been

successful
! The goals that you would like to achieve at each

stage of the process
! The main objective that you would like to

achieve.
The scope of the risk should be monitored in terms of:

! The potential range of damage
! The costs involved
! Time and labour requirements.
Documenting the risk management process will help you maximise the potential for success and help
you to minimise the chances of the risk causing a negative impact on your company. You will always
want to aim to identify the opportunities available to enhance the likelihood of successful outcomes,
and documenting each stage of risk management will provide you with reasonable assurance that the
risk management process is working.
Learner Guide ETEA
Your risk management process should be documented as:

! The scope of the risk, e.g., the boundaries that you are working within
! The procedures you need to take to manage the risk
! The roles and responsibilities of relevant staff involved
! The evaluation of the risk in terms of:
o what could happen
o when this could happen
o where this could happen
o how this could happen
! The estimation of the level of

damage if the risk occurred
! Details on how to treat the risk in terms of:
o time
o money
o labour.
Importance of communication
During this process, it would be extremely important to communicate the information and progress to
the relevant people. The people involved should be aware of the decisions being made and actions
required to either prevent the risk from happening or to treat the risk to limit the damage it could
cause. Sharing information will help you achieve consistency within your business, will help you to stay
organised, and will help you to identify the priorities that will keep the process on track.
Without effective communication between employees and stakeholders, risk management can be
delayed, missed or performed incorrectly, and in your role, you will be a key person in ensuring the
process is managed effectively. The management decisions and information will need to be shared at
different times; this will determine how risk management is planned and carried out across the
organisation.
Learner Guide ETEA
Activity 1C
Learner Guide ETEA
1.4 – Communicate risk management process to relevant stakeholders

! Identify relevant stakeholders
! Communicate risk management process.
Identify relevant stakeholders

When you are dealing with risks to your business, it is vital to seek contributions from a range of
internal and external sources. This means consulting individuals, departments, and professionals, both
internal and external to the organisation.
A stakeholder is a person or party that has an interest in the company and can either affect or be
affected by the business. Consider each of the following in turn and how you would communicate the
risk management process.
Internal stakeholders (entities within the business) include:

! Management
! Staff members
! Board of directors
! Investors.
External stakeholders (entities not within the business) include:

! Business partners
! Communities
! Governments
! Customers
! Suppliers
! Contractors
! Investors
! Advisers
! Trade unions
! Charities.
Learner Guide ETEA
To communicate with internal and external stakeholders, you may arrange:

! Face-to-face meetings
! Conference calls, Skype, and FaceTime sessions
! Online meetings using Zoom, Microsoft Teams, etc.
! Phone calls
! Correspondence via instant messaging services, such as WhatsApp
! Email correspondence
! To attend conferences, workshops, seminars, and lectures.
Communicate risk management process

Taking steps to accurately communicate the potential risks will be essential to ensure the long-term
success of relationships with all relevant parties. Stakeholders will be keen for you to update them
regularly, and it would be crucial to have their approval when making decisions and taking any required
actions. You will also want to ensure that the communication is consistent and transparent, ensuring
trust and confidence are maintained at all times.
Stakeholder opinion can be a valuable asset to any risk management process because they can provide
you with valuable opinions, important resources and support that can help influence the process in the
most effective way.
If you regularly engage with your stakeholders from the beginning, their expectations of your risk
management will create confidence and trust. If you are able to communicate with the right individual
at the right time, it will ensure the process stays on track and accurately flag up risks in the early stages.
This will help you make more informed decisions on actions such as role allocation, time and cost
estimations and so forth.
There are many ways in which you can communicate and update stakeholders. These can include:
! Presentations
! Meetings
! Emails
! Informal conversations
! Newsletters
! Posters and notices.
However you choose to share a risk management process,

you must always communicate in a way that is clear for everyone, allowing individuals the time to ask
questions, and answering those questions as satisfactorily as possible. This is where you must select or
adjust your communication style to maintain the effectiveness of interaction and build and maintain
engagement consistent with organisational requirements.
Learner Guide ETEA
Unify your team

Nowadays, risk management does not have to remain in one location. With the use of current
technology, you are able to communicate with stakeholders across the world. By taking the necessary
steps to communicate risk, you will be able to equip your stakeholders with the most up-to-date
information, giving them the ability to respond quickly and effectively. Updating regularly will help
reduce confusion and help enhance problem-solving skills for all relevant parties.
Unifying your team will help:

! Boost awareness
! Provide a support network that could span the

globe
! Encourage innovation
! Consistency.
Learner Guide ETEA
Activity 1D
Learner Guide ETEA
2. Identify risks
2.1. Invite stakeholders to assist in the identification of risks
2.2. Research risks that may apply to scope
2.3. Document risks that apply to the scope, in consultation with relevant parties
Learner Guide ETEA
2.1 – Invite stakeholders to assist in the identification of risks

! Invite stakeholders to assist in the identification of risks.
Stakeholder contributions
Stakeholders will each have a specific role, either within or external to the organisation and will bring
skills and attributes in a variety of different ways. Do remember that communication is a two-way
process, and you should always make it a priority to invite the relevant individuals or parties to
contribute to the risk management process that will directly involve them. This will give you a broad
perspective of the risk and help you identify the areas that will be most affected.
Consultation and involvement will encourage relevant opinions from stakeholders and will help identify
and determine the exact nature of a problem. Encouraging stakeholders to view risks in an objective
way will help you gain a balanced and unprejudiced view of the matter, helping you to build strong and
honest relationships with people that can help you manage risk within your business. There would be no
one else more suitable to help you develop a risk strategy than someone who is being directly impacted
by the issue.
To encourage stakeholders to participate, you could:

! Ask for their expert judgement
! Arrange brainstorming sessions
! Report issues regularly in a

consistent way
! Gather relevant data regularly
! Create shared checklists or

spreadsheets.
There are many positive aspects of inviting stakeholders to assist you in the identification of risk. If you
can manage the process successfully, you will be able to secure ‘buy-in’ and support from your
stakeholders, and it will put more ideas on the table and involve various perspectives from relevant and
expert personnel, increasing your chances of success when you are faced with any business risk.
Stakeholder influence
Do bear in mind that when consulting stakeholders and inviting them to help you identify risk, they will
each bring their own interests to the problem, and they may not always align with your objectives. The
primary goal will be to find a middle ground when dealing with issues and ensure that individual
perspectives are considered, and stakeholder interests and expectations are managed accordingly. The
most important aspect of stakeholder input is making sure that the communication is respectful and
reaches the goals and objectives in a fair and honest way.
Learner Guide ETEA
Monitor stakeholder contributions

It would be essential to monitor and evaluate stakeholder participation to establish how well they have
understood and contributed to the risk management process. This should be an integral part of the
evaluation for you, ensuring that the process is going in the right direction, and you are on target to
reach your objectives. You can do this by asking yourself specific questions that will give
more insight into their contributions.
Some evaluation questions could be:

! Which strategy worked best when involving stakeholders?
! How successful were you in keeping stakeholders involved?
! Did the stakeholders provide support? If so, how useful was

it?
! Did stakeholder contributions improve the process?
Involving stakeholders can be a large part of ensuring you achieve success when
dealing with business risk. It will be important to understand the nature of their interest in the risk in
order to gain effective participation and support. If you gain the knowledge of these situations, you will
be better placed to keep the process on target, address any concerns you may find along the way and
demonstrate that risk management is more successful if everyone involved is working from the same
page.
Learner Guide ETEA
Activity 2A
Learner Guide ETEA
2.2 – Research risks that may apply to scope

! Identify how to research risks that may apply to scope.
Confirm scope
Confirming the scope of any risk is one of the most important steps you will take in risk management. If
you are unaware of the boundaries of the risk, it will not matter how efficient you are; you will not be
able to contain the risk effectively.
Being aware of the parameters will allow you to allocate the right amount of time, resources, effort and
budget to meet the requirements of the process. To help you identify the scope, you will need to
understand the ‘what’ and ‘why’ of the issues you are faced with, enabling you to see the bigger picture.
To confirm scope:
! Identify the ‘needs’ of the risk:
o ask yourself what you need to do to resolve the problem
! Confirm the objectives:
o setting clear goals that are specific, measurable and realistic
! Develop a clear description:
o this means outlining the features of the

risk clearly so they are understandable
for everyone involved
! Have clear expectations:
o make sure that all relevant parties will be

satisfied with the end result
! Identify constraints:
o be aware of the limitations or roadblocks that could affect the outcome.
Research risks
When you are dealing with business risk, you must acknowledge that risk is going to happen. By
planning carefully, you can begin the process of identifying, monitoring and dealing with risk effectively.
To take the necessary steps, you will need to understand how risks can be identified in the first place.
Risks can come in many forms, but in business, there are generally four main areas of risk which are
strategic, compliance, financial and operational.
Strategic risk
Strategic risk is the potential for outside influences to threaten your ability to execute a specific
business strategy. Strategic risk can happen at any time, and you must be able to react in real-time.
Learner Guide ETEA
For example:
! Economic risk
o any economic conditions that can affect your business strategy
! Competition risk
o changes to consumer demand, competitor prices wars or losing ground if

competitors are more innovative
! Regulatory risk
o new government regulations that can affect your business strategies
! Political risk
o political events and conditions that can impact your business strategies.
Compliance risk
Compliance risk is the potential for losses to the business in terms of legal penalties due to failure to
comply with the law.
Examples of this can be:

! Workplace health and safety
! Corrupt practices
! Process risk, such as accounting

process failure
! Quality of goods or services
! Social responsibility, such as keeping your workforce safe.
Financial risk
Financial risk relates to how a company manages sales, revenue, and debt. To be financially viable, a
company needs to demonstrate that it can function as a profitable enterprise. Financial risk is
commonplace and comes in many sizes, affecting all parties involved. You should make financial risk an
absolute priority because a business will fail without a healthy cash flow.
Financial risk is vast but can include:

! Poor financial management
! Flawed financial reasoning
! Internal or external corruption
! Credit risk
! Cost overruns
! Flawed investment opportunities.

Learner Guide ETEA
Operational risk
Operational risks will be connected with the systems or processes of the business.
For example:
! Human error
! Technological error
! Insufficient processes
! Process error
! Quality risk.
Learner Guide ETEA
Activity 2B
Learner Guide ETEA
2.3 – Document risks that apply to the scope, in consultation with relevant
parties
! Identify ways to document risks in consultation with relevant parties.
Use effective language

The main objective when documenting risk is making it clear, understandable and effective.
Stakeholders and other relevant parties will be busy, and your aim should be to use a common language
so everyone will be able to communicate efficiently and effectively, preventing confusion and
misunderstanding.
Some of relevant parties involved could be from diverse backgrounds, so the importance of
documenting risk appropriately and effectively is essential. The language you choose should help
everyone involved identify relevant issues simply and quickly in order to begin the process of minimising
or eliminating the risk as far as possible. The language should be familiar to everyone involved, you
should use not terminology that some will be confused by, and you must use vocabulary that can be
clearly understood.
Choosing the most effective language will ensure you remain knowledgeable, respectful and
professional at all times and adjusting your communication will ensure you demonstrate the values of
your organisation and follow the rules and policies that govern your actions and behaviour.
Effective language should be:

! Specific
! Concise
! Familiar
! Precise and clear
! Constructive
! Appropriately formal.
Documenting responsibility
When dealing with risk, it is essential that everyone involved is working from the same page. This means
ensuring that there is consistency in the practices of the relevant parties, creating a clear picture of
responsibility for specific decision-making and actions necessary by all involved.
To encourage and support responsibility, you can supply the relevant parties will the necessary tools to
manage risk effectively within their own department.
Learner Guide ETEA
These can be:

! Shared guidelines for risk management
! Open communication
! Providing adequate resources
! Communicate clear roles and responsibilities
! Help relevant parties to take control.
Do bear in mind that the occurrence of any business risk would be

considered risk management failure. There is no such thing as a one-cause risk. Failure will always be a
combination of different factors because all activities are organisationally linked. However, once you
have outlined the tools to manage risk, you will be able to place responsibility on specific personnel in
specific departments, helping the risk to be shared. This will enable the team to bring different
perspectives and opinions together in the hope of minimising the risk, or eradicating the risk
completely.
From there, your will be able to safely assume that the documentation of risk management has done its
job by alerting relevant parties to the risk, documenting who is responsible for taking the appropriate
action and sharing the outcomes in prevention of the risk.
Importance of shared knowledge

Communicating effectively with stakeholders will require you to listen carefully to their point of view,
values, beliefs, and feedback. Creating a relationship of trust and shared knowledge in order to deal
with challenges that risks bring should be your main focus throughout the process.
Benefits of stakeholder perspectives include:

! Enables you to make more informed decisions
! Leads to greater satisfaction for all involved
! Improves chances of damage limitation
! Promotes open communication.
When consulting with relevant stakeholders, you will want to encourage open styles of discussions,
creating a greater breadth of knowledge that leading to better problem-solving.
Understanding stakeholder points of view will inform risk management, ensuring a commitment and a
‘buy-in’ to the challenges being faced.
Learner Guide ETEA
Activity 2C
Learner Guide ETEA
3. Analyse risk
3.1. Assess likelihood of risks occurring
3.2. Assess impact or consequence if risks occur
3.3. Evaluate and prioritise risks for treatment
Learner Guide ETEA
3.1 – Assess likelihood of risks occurring

! Identify how to assess likelihood of risks occurring.
Simple formula
Once you have identified risk, you will need to establish the likelihood of the risk occurring. Determining
this will help you predict possible outcomes and take the necessary measures to reduce the impact on
your organisation. There are many ways you could assess risk, and whichever format you choose, it will
be important to use consistency. However, for the purpose of this unit, we will use a simple winning
formula that can be used for any business risk, large or small.
This would be:

! Low chance
! Moderate chance
! High chance.
To help you assess the likelihood of risk occurring, you could look at
past practices of your organisation to determine if the risk has occurred
previously. If this is the case, you could gain valuable insight into how the risk was managed by
collecting data and opinions of those involved. Shared knowledge of risk is always going to be the best
way to ensure you are prepared for risks and have adequate defences in place to minimise the damage
the risk could cause.
You could also research competitors to establish if they have experienced risks on similar projects. If you
are able to find relevant information on how the risk was managed, it will give valuable data to help you
prevent the risk from happening to your project. Once you are able to establish the circumstances and
data that relate to risk, you will then be able to base your assessment on the probability of the risk
occurring in your own organisation.
Stakeholder perspectives
If you find that you do not have the opportunity to gain sufficient data to help you assess risk, you could
consider the experiences and opinions of your relevant stakeholders and estimate the likelihood of risks
occurring together.
You could arrange brainstorming sessions to rate the probability of specific risks, which will help you
make more informed decisions on the steps to take to reduce the impact.
To help you do this, you could:

! Be clear on the specific risk
! Collect the opinions of as many stakeholders as possible
! Ensure you are consistent in your chosen measurement of risk.
Stakeholder involvement is a critical part of the process of assessing risk. It will ensure that everyone
involved feels their opinions and perspectives are valued and heard, and this will help you gain valuable
Learner Guide ETEA
insight into specific situations, enabling you to develop an assessment strategy that will help you
determine the likelihood of a risk occurring.
Trust and engagement will help support your desire to assess risk and gather relevant examples and
explanations of risk assessment.
Risk assessment
Being able to assess the likelihood of a risk occurring will provide you with a structured and unified
approach that can be utilised with a form or size of risk.
Your risk assessment strategy will help you become actively aware of the potential outcomes of
assessing the likelihood of risk before it occurs and help you identify the steps required to protect your
organisation and relevant stakeholder's investments.
Risk assessment should be:

! Methodical
! Recorded
! Documented
! Regularly reviewed.
Always be mindful to discuss and document the use of your assessment strategy and arrange meetings
and discussion sessions to check progress and actions taken so far. Good, clear and consistent practice
will ensure that risk assessment becomes an integral part of your ability to manage and contain business
risk.
Learner Guide ETEA
Activity 3A
Learner Guide ETEA
3.2 – Assess impact or consequence if risks occur

! Identity strategies to assess the impact or consequence of risk occurring.
Assessing the impact or consequence of risk

Once you have identified the likelihood of a risk occurring, you will need to assess the consequences if
the risk actually occurs. This means establishing the level of impact the could result from this and
determining how you will respond. To help you understand this more clearly, we can assess the impact
or consequence in a simple, easy-to-understand way.
For example:
! Minor risks that cause little concern
! Moderate risks that require your attention but would be seen as an inconvenience
! High risks that require your immediate attention.
Most organisations will recognise that all risks will have more than one consequence. That means you
will have to consider and be prepared for multiple impacts if the risk occurs.
For example:
! Minor risks could include:
o human risk – first aid required
o financial – losses of up to $1000
o operations – minor disruption to your business
! Moderate risks
o human risk – results in minor injury and loss of productivity
o financial –losses of between $1000 - $10.000
o operations – results in slowdown or interruption
! High risks
o human risk – results in severe injuries or death
o financial –losses of $10.000 - $50.000+
o operations – results in major breakdown or business trading stoppage.
Learner Guide ETEA
Controlling risk
Controlling risk means doing everything you can to protect your company’s staff, assets and earnings in
the most efficient and effective way. You can do this by planning your steps carefully to determine the
most appropriate method, accepting that risks will happen but finding workable and practical solutions
to minimise the impact on your business.
Examples of risk control:

! Regular inspections
! Equipment maintenance
! Wearing PPE
! Financial planning and contingencies
! Testing
! Audits
! Policies
! Data backups
! Communication
! Staff training.
Insuring risk
It would be important to note here that insuring your company against high loss risk is the most
appropriate and effective action you can take to safeguard your business. When you do insure your
company against risk, you must never assume that the best scenario will happen. Always be prepared
for the worst outcome, so there are never any unexpected events that could impact your business in a
negative way.
Business insurance is a necessity in the prevention and management of business risk.
Learner Guide ETEA
Activity 3B
Learner Guide ETEA
3.3 – Evaluate and prioritise risks for treatment

! Identify ways to evaluate and prioritise risks for treatment.
Evaluate risks
Once you are aware of the risks involved in your business and the level of impact on your day-to-day
activities they may have, you will need to evaluate and prioritise them in order of treatment. When you
prioritise risk, the criteria that you will refer to will depend on your organisation’s risk management
strategies; outlining the way that risks are identified, managed and treated. These criteria will
determine in which order the risks will need treatment due to the level of damage they could cause.
For example:
! Internal policies, procedures, goals and objectives
! Vested interest of stakeholders
! Legal requirements of industry
! Your company’s ability to cover financial losses
! Impact of company reputation
! Ability to continue to operate.
It is important to note that these criteria are examples, and your organisation’s
criteria will relate specifically to your industry. You will need to ensure that you are
aware of your own organisation’s risk evaluation strategy when prioritising risk, as it will be based on
your organisation’s level of risk exposure and the level of damage that your business could endure.
Prioritise risks for treatment

Once you have a clear criterion that you can use to evaluate the risks associated with your own
business, you can then start to prioritise them in order to reduce the impact. Damage limitation is
essential when dealing with business risks, and knowing how to prioritise them will ensure that you
protect your company’s assets, finances and personnel in the best possible way.
Prioritising risk is mainly industry-specific, and you must ensure that you are aware of all the risks
associated with your own organisation.
For example, mining industries will prioritise the health and safety of personnel as this industry is more
likely to experience human fatalities. According to www.safeworkaustralia.gov.au the mining industry
has the third highest fatality rate, with an average of nine workers dying each year. This will be a
completely different priority to the computer industry, whose priority will more likely be ensuring that
data is kept safe and backed up with the avoidance of cyber-attacks and data breaches.
(Website accessed 17/03/2021)
Learner Guide ETEA
Other prioritising factors could be:

! Quality
! Financial
! Social
! Legal
! Production
! Environmental
! Technological
! Physical.
By carrying out the evaluation and prioritising of risks affecting your business, you will have to ability
to recognise the following:
! The severity of the risk
! Whether any existing control measures are effective
! Actions needed to be taken to mitigate the risk
! How urgently the action needs to be taken care of.
Source: Identify, assess and control hazards | Safe Work Australia
(Accessed 17/03/2021)
Learner Guide ETEA
Activity 3C
Learner Guide ETEA
4. Select and implement treatements

4.1. Determine and select from options for treating risks
4.2. Develop action plan for implementing risk treatment
4.3. Communicate risk management processes to relevant parties
4.4. Implement action plan according to organisational policies and procedures
4.5. Monitor and evaluate risk management process
Learner Guide ETEA
4.1 – Determine and select from options for treating risks

! Identify how to determine available options
! Select option for treating risk.
Determine available options

Once you have established which risks you will need to prioritise, you will then be able to determine the
available options you have to deal with the risk in the most effective way. You will want to ensure that
your options align with the damage that the risk can cause. For example, If you found there was a
security data breach within your organisation, you would not shut all the computers down in the
company and send everyone home; you would ensure that your security software was up-to-date,
improve password security and mitigate the potential risk as much as possible.
You should always aim to differentiate between the risks that have the greatest chance of causing
damage to your business which will require active management, as opposed to those that will have a
low impact and will not require your attention. There are some typical, basic approaches when selecting
options for risk that you can refer to.
These are:
! Avoid
! Accept
! Share
! Mitigate
! Prevent
! Transfer
! Reduce.
Select option for treating risks

The treatment of risk is the action that you will choose to take to minimise or eliminate the risk that you
face. An example of this would be installing a fire alarm to minimise the risk of fire within a building or
wearing the appropriate PPE before you handle hazardous substances. You can only choose the most
effective option for treatment if you understand fully the risk you are facing.
To help you do this, you can:

! Ensure you choose the right option in terms of available manpower
! Ensure you have adequate resources to carry out your chosen option
! Communicate effectively with all relevant parties
! Ensure your timing is accurate for the option
Learner Guide ETEA
! Ensure all relevant parties are able to implement and monitor the risk effectively
! Review the option chosen regularly through meetings and discussions with relevant
parties.
Develop options further

Developing your options further will help you choose the most viable and effective option available to
you.
This can include:

! Brainstorming with relevant parties to:
o remove source of risk
o share the risk
o choose to accept the risk
o acknowledge all perspectives and opinions
! Planning and implementing should include:
o your reasons
o accountability
o required actions
o constraints
o performance measures
o the schedule
! Evaluate by:
o assigning responsibility
o monitoring closely
o reviewing often
o communicate honestly and openly
! Take further action if required by:
o reassessing
o deciding if residue risk is acceptable.
Learner Guide ETEA
Activity 4A
Learner Guide ETEA
4.2 – Develop action plan for implementing risk treatment

! Identify how to develop an action plan for implementing risk treatment.
Developing an action plan

It is important to remember that business will always face risk whether it be financial, legal, physical,
environmental, political or human. Being prepared for risk is the most effective action you can take to
ensure the success of your organisation, and this can be encapsulated within an action plan that will
help you manage and implement risk treatment.
An action plan will give you the tools to help you mitigate or reduce the effect of a risk, and it will help
you ascertain which risks to prioritise. For example, one organisation may be more concerned about
environmental or political risk, while another will be more concerned about the legal risks they face.
The priority of risk will have influenced your strategies to deal with risk so far and will define your action
plan too.
Make a list
Be clear from the beginning about what you want to include in your action plan. Even the smallest detail
can make a huge difference in how the risk is treated because something that appears minor at the start
may, in fact, become a greater risk as time passes.
Make sure you include every important detail, and then you will be able to evaluate them properly. For
example, you could outline all the cost implications that relate to the risk and the factors that will
determine your contingencies, so you get a clear picture of a situation as much as you can.
Prioritise risk
Note down in order each risk that you need to prioritise. Base this assumption on the level of impact the
risk will have and how likely it is to occur.
Available resources
Make sure you clearly define what resources you will need to trigger your action plan. This should
include a timeline of specific points and roles of personnel. Ensure you make all the relevant parties
aware of your action plan so you can deploy the personnel to undertake actions at any given time. The
availability of resources will also determine whether the points within your action plan can be executed,
so planning ahead will help you ensure that this will not cause unnecessary details or interruptions to
your plan.
Learner Guide ETEA
Communication
Communication should be the key feature of an action plan because making sure you maintain clear,
honest and open communication with stakeholders and other relevant parties, is essential for the
success of the risk treatment. You must explain the timeframes, the responsibilities of the personnel,
and the actions required to treat the risk, making everyone aware of the details throughout the process.
Roles and responsibilities

It is important to establish the roles and responsibilities of the personnel who will be working to treat
risk. Again communication is key, and you will need to make sure that everyone is clear on who is
responsible for each action. Once this has been established, it will prevent any confusion within the
team, and everyone will be working from the same page.
Relevant personnel can include:

! Project managers
! Team members
! Internal stakeholders
! External stakeholders.
The specifics
To clarify, the action plan should list all the specifics relating to your overall objective that will help you
treat risk to your business.
It should include:
! The main aim of the action plan
! A list of all actions that need to be taken
! A list of all the resources you will need
! A clear timeline of the actions required
! Who will be responsible for each specific action
! A clear focus on priorities
! An outline for regular meetings with relevant parties
! A tool to track the progress of your action plan.
Learner Guide ETEA
Activity 4B
Learner Guide ETEA
4.3 – Communicate risk management processes to relevant parties

! Identify ways to communicate the risk management processes to relevant parties.
Keeping relevant parties updated

Sharing ideas and information relating to your action plan with relevant stakeholders will be crucial in
the success of the risk management process. This is because everyone involved needs to be clear about
the details of risk management and must have up-to-date information that will enable them to help and
support the process.
Working through an action plan to treat risk without effective communication with stakeholders, will
almost certainly cause further problems along the way.
These can include:

! Absence of valuable perspectives and opinions
! Misunderstanding
! Deterioration of workplace relationships
! Frustration
! Anxiety
! Loss of production
! Loss of trust
! Unresolved conflict.
Why effective communication is essential

Most risks that businesses face can be dealt with effectively if everyone involved is working from the
same page and the communication channels are always available and open for individual input.
When you use open and honest communication, it will give everyone involved the feeling that you have
integrity and authenticity in your actions. It will encourage the recipients to respect your opinion and
will lead to a mutual understanding and effective collaboration.
Leading a risk management process has a lot of responsibility, and people will look to you for guidance
and support. The way you deal with a situation will determine whether the outcome will be successful
because even with the best-laid plans, if you lead a risk management process where people are
confused and unaware, it will never have to opportunity to be successful.
The ability to communicate with all the relevant parties effectively will allow you to reach your goals by
focusing clearly on the specific aspects, being open on the areas that are failing and collaborating to
meet the challenges that risk management brings.
Learner Guide ETEA
Effective risk management communication must include:

! Clear explanations of the chances of risk impacting the business in specific ways
! A list of priorities and the solutions for each
! A plan to help relevant parties deal with their fears and uncertainties they may feel
regarding risk
! A plan of how expectations of short and long term risk will be managed
! A plan to improve the understanding of all relevant parties, including the

comprehension of risk management terminology
! A plan to educate relevant managers to improve decision-making
! A plan to create a culture of transparency that enable all relevant parties to have
questions addressed
! A plan to nurture your risk management credibility by offering training to relevant

parties
! A plan to deal with any potential conflicts or clashes of interests between relevant
parties.
Learner Guide ETEA
Activity 4C
Learner Guide ETEA
4.4 – Implement action plan according to organisational policies and procedures

! Identify how to implement action plan according to organisational policies and
procedures.
Organisational policies and procedures

When addressing risk in the workplace, it is vital that you only take action within the requirements of
your organisation and relevant legislation. This means acting in accordance with organisational policies
and procedures, observing protocol, working in line with social, ethical and business standards, and
observing specific state/territory and federal laws.
To ensure you are aware of such policies, procedures and legislation, you could:
! Check with senior authority figures before you act
! Consult relevant departments
o e.g., HR, Accounts, Personnel
! Familiarise yourself with state/territory and federal

legislation
! Seek advice and recommendations from external

individuals and organisations
o e.g., trade unions, charities, employee advice bureaus.
Failure to work within the requirements of the organisation and/or failure to observe the law could land
you and your organisation in big trouble.
Tailoring your action plan to the relevant policies and procedures

Tailoring your action plan will ensure it is ‘auditable’, and you will be able to measure whether your
action plan meets the obligations of the relevant policies and procedures that it will follow. Ensure you
are clear in your explanations to all the relevant parties and your business has the time and resources to
carry out the actions that it stipulates.
Make your action plan realistic

When implementing an action plan, you must ensure that your goals are realistic. If you are not honest
about the realistic capabilities of the action plan or set the bar too high, you will be far more likely to
fail.
You can make your action plan more realistic by:

! Ensuring you are following the organisational policies and procedures at all times
! Brainstorm ideas with relevant stakeholders to gain the expectations of those who
have a vested interest in the plan
! Be specific about the detail to avoid confusion
Learner Guide ETEA
! Research your ideas fully to gain all the relevant detail of risk and how it could affect
your business
! Be committed to your action plan. If you are not committed, you can’t expect others to
be
! Consider all the limitations and obstacles that could prevent your actions plan from
being successful
! Revise often. Don’t just assume that the action plan is working. Make sure you
regularly revisit to check on progress.
Make policies and procedures available to all

It is really important to be transparent throughout the whole process of risk management. This will
ensure that everyone involved knows what is governing the decision-making and actions of the
treatment of risk.
The availability of the relevant policies and procedures is important to ensure:

! Everyone is clear on the expectations
! Illustrates accountability
! Ensures that everyone knows where they stand
! Ensures that the action plan is compliant with the law.
This list is by no means exhaustive but does set out the reasons why it is
really important that everyone is clear about the necessity for the action plan to be compliant with the
organisational obligations.
Be consistent
Being consistent is really important to enable you to gain the trust of your stakeholders and all relevant
parties. It will prevent conflicting, unclear or confusing information circulating within your organisation
and will encourage those around you to trust you and look to you for guidance.
It is true that people will pay more attention to your actions than they will to what you say, so it is
essential to outline the rules which you follow and governs your behaviour and the actions you take to
protect your own company.
Consistency demonstrates:
! Trust
! Predictability
! Personal responsibility
! Dedication.
Source: Step-by-Step: How to implement effective policies and procedures - Health & Safety Handbook
(healthandsafetyhandbook.com.au)
Learner Guide ETEA
(Accessed 17/03/2021)
Learner Guide ETEA
Activity 4D
Learner Guide ETEA
4.5 – Monitor and evaluate risk management process

! Identify the importance of monitoring and evaluating the process of risk management.
Monitoring
Monitoring is something that you should do continuously throughout the whole risk management
process and must take place at each level within your organisation. It will govern the requirements and
the actions that all parties will need to take and will ensure that nothing gets missed along the way.
Monitoring the progress of your action plan will involve collecting relevant information and data that
will help to inform your decisions and answer any questions about the effectiveness of your plan.
Monitoring will ensure you can gather feedback on:

! Performance of the risk treatment
! Recognising deviation
! The impact that the risk treatment is having
! Whether the resources are being utilised
! Recognises shortages of resources
! Whether all relevant actions are being taken
! Whether the action plan is on track.
Evaluating
While the monitoring of your action plan will be ongoing and often, the evaluation will critically examine
whether your action plan has been successful. It will involve collecting and analysing the information
and data you have and enable you to pull out the characteristics and outcomes regarding the
effectiveness of whether it has met the objectives.
There are two types of evaluation:

! Formative
! Summative.
Formative evaluation
Formative evaluation can come in many forms but will ultimately provide you will the information and
data to decide what areas are working well and which areas need to improve during the ongoing
process of your action plan to treat risk.
Formative evaluation will provide you with a gauge of how the action plan is developing at a specific
moment. This will enable you to make necessary adjustments or changes according to meet the needs
of the risk treatment.
Learner Guide ETEA
There are numerous methods you can use to formatively evaluate the treatment of risk with the
relevant parties.
These can include:

! Questionnaires
! Feedback
! Brainstorming sessions
! Presentations
! Meetings.
Summative evaluation
Summative evaluation will help you to sum up the information and data that you collect from your
action plan. You will complete a summative evaluation at the end of the timeframe of the action plan to
assess whether the objectives and goals have been met and will determine if the overall performance of
the risk treatment has been successful.
Reflection
Once the action plan has concluded, you will be able to reflect on the experience of managing business
risk. Reflection will give you the knowledge and experience of how your action plan has helped you and
your business deal with the risk and give you the opportunity to apply the positives gained to situations
that you may experience in the future.
Gibbs' Reflective Cycle (Graham Gibbs 1988)

This model was developed to give structure to learning from experiences. It offers a framework for
examining experiences, and given its cyclic nature, lends itself particularly well to repeated experiences,
allowing you to learn and plan from things that either went well or didn’t go well. This would work
extremely well in the management of business risk.
It covers six stages:

! Description of the experience:
! Feelings and thoughts about the experience
! Evaluation of the experience, both good and bad
! Analysis to make sense of the situation
! Conclusion about what you learned and what you could

have done differently
! Action plan for how you would deal with similar situations in the future, or general
changes you might find appropriate.
This is just one model of reflection. Test it out and see how it works for you. If you find that only a few
of the questions are helpful for you, focus on those. However, by thinking about each stage, you are
more likely to engage critically with your learning experience in managing business risk.
Learner Guide ETEA
Source: Gibbs' Reflective Cycle | The University of Edinburgh
(Accessed 17/03/21)
Learner Guide ETEA
Activity 4E
Learner Guide ETEA
Summative Assessments
At the end of your Learner Workbook, you will find the Summative Assessments.
This includes:
! Skills Activity
! Knowledge Activity
! Performance Activity.
This holistically assesses your understanding and application of the skills, knowledge and performance
requirements for this unit. Once this is completed, you will have finished this unit and be ready to move
onto the next one – well done!
Learner Guide ETEA
References
These suggested references are for further reading and do not necessarily represent the contents of
this unit.
Websites
Gibbs’ reflective cycle:
https://www.ed.ac.uk/reflection/reflectors-toolkit/reflecting-on-experience/gibbs-reflective-cycle
Identifying, assessing, and controlling hazards:
https://www.safeworkaustralia.gov.au/risk
Implementing policies and procedures:
https://healthandsafetyhandbook.com.au/bulletin/step-by-step-how-to-implement-effective-policies-
and-procedures/
Reasons for business failure:
https://www.unisa.edu.au/Media-Centre/Releases/2018/new-study-reveals-why-australian-smes-fail/
Safe Work Australia:
www.safeworkaustralia.gov.au
All references accessed on and correct as of 17/03/21, unless otherwise stated.
Learner Guide ETEA

BSBOPS504

Uploaded by

Copyright:

Available Formats

You might also like

BSBOPS504

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BSBOPS504

Uploaded by

Copyright:

Available Formats

BSBOPS504

Manage Business Risk

Unit of Competency ............................................................................................................................. 4

2.2 – Research risks that may apply to scope ........................................................................................ 29

Organisational policies and procedures............................................................................................. 56

Unit Mapping Information

Supersedes and is equivalent to BSBRSK501 Manage risk.

Business Competence – Business Operations.

1. Establish risk context 1.1 Evaluate organisational processes, procedures and

2. Identify risks 2.1 Invite stakeholders to assist in the identification of risks

3. Analyse risks 3.1 Assess likelihood of risks occurring

! Synthesises a variety of relatively complex texts

Planning and organising:

! Systematically analyses information to decide on appropriate risk management treatments

In the course of the above, the candidate must:

o political, economic, social, legal, technological and policy context

o risks that may apply to scope

! Develop and implement an action plan to treat risks

! Legislative and regulatory context of the organisation in relation to risk management

! Types of business risks

! Options for treating risks

! Risk management process

! Purpose and key elements of current risk management standards

! Tools and techniques to identify risks to scope risk management processes.

This includes access to:

! Legislation, regulations, standards and codes relating to risk management

! Workplace documentation and resources relating to risk management.

Companion Volume Implementation Guide is found on VETNet -

1. Establish risk context

1.2. Review strengths and weaknesses of existing arrangements

1.4. Communicate risk management process to relevant stakeholders

1.1 – Evaluate organisational processes, procedures and requirements and

! Determine scope for risk management process.

Common risks can include:

! Changes in the current economic climate

! Changes in government regulations

! Poor financial management

! Health and safety issues.

! Evaluate and assess risk

! Report and monitor risk

! Identify contingencies and recovery planning

! Review your risk management approach.

To help you identify risk, you can:

! Make it everyone’s responsibility – it shouldn’t just be management taking

! Be aware of industry-specific risk – if other similar companies have identified possible

Organisational procedures can include:

! Implementation of staff training

! Ensuring staff have clear guidelines to follow for every task

! Regular building inspections

! Confidentiality and privacy regulations

! Clear guidelines for disciplinary measures

However, examples can include:

Scope for risk management process

Establishing the scope of risk will allow you to:

! Estimate costs involved

! Estimate time required to manage risk

1.2 – Review strengths and weaknesses of existing arrangements

The three main points you should focus on are: