Part A – Written or Oral Questions

1. When identifying the risks, why should you do the following:

• Identify the context for risk management
In order to better understand and deal with any potential risks in a workplace, it is important to
understand the context, that is to say, the environment in which they exist. Identifying the context
for risk management includes:
 Identifying the wider environment in which an organization operates;
 Setting the scope and objectives for the risk management process;
 Identifying how risks will be measured;
 And identifying what will be involved in the risk assessment process;
It is important to determine the risk context because it will help identifying the risks which are
applicable for this context.

• Identify risks using tools, ensuring all reasonable steps have been taken
to identify all risks
To identify risks using tools means to produce a list of the potential sources of risk and the
consequences of these.Identifying risks using tools helps us to predict the various outcomes of the
situation to work through in each case scenario. This will prepare us for the different courses of
action that may be needed and will help us to always be one step ahead.
There are many ways that this can be done, and it depends upon the resources available as to
which method will work better. Some of them are:
 Brainstorming potential risks in a team/staff meeting, trusted contacts, such as
stakeholders so that a broader understanding can be made;
 Systematic analysis of the situation to expose any risks. This could involve compiling data
on all aspects and the use of flow charts/tables to show the information at hand.
From gathering all viable information and ensuring all steps have been taken in the process, we
can look at potential situations or projections that may arise. This will give us a better under-
standing of the risk involved. It may also be useful to research any relevant data with other
assured sources, such as insurance claims or performance figures of those involved.

• Document identified risks in accordance with relevant policies,

procedures, legislation and standards?
Documentation is essential in assisting us on the process of identifying risks. It will help assess the
impact and likelihood of a risk occurring. Seeing information on paper is a valuable way to make it
real.
Once all the risks have been clearly documented, they should be checked against the
organisation’s policies and procedures, and also any legislation that will affect business activities.
Any risks or risk management that goes against legal requirements and organizational procedures
should be avoided.

2. When analysing and evaluating the risks, why should you do the following:
• Analyse and document risks in consultation with relevant stakeholders
Stakeholders refer to any individual, group or organisation that has an interest in an organisation’s
business. This interest stems from the fact that decisions made within that business will have an
impact directly upon them. The level of impact will depend upon the association with that
business.
Managers should consult with the appropriate stakeholders on their analysis as they can add
perspective and alternative views on what the risks may be.Consultation with stakeholders allows
us to inform them of any potential major changes with your business and enables us to record
their thoughts and feedback. This also provides evidence of other viewpoints which should be
documented clearly and thoroughly.

• Undertake risk categorisation and determine level of risk

Identification of risk sources provides a basis for examining changing situations over time to
uncover circumstances that impact the ability of the project to meet its objectives. Establishing
categories for risks provides a mechanism for collecting and organizing risks as well as ensuring
appropriate study and management for those risks that can have more serious consequences. This
categorisation must be relevant to the organisation.
You can start with a set categorisation chart, but invariably to make this work accurately, you
should bespoke this to suit your needs every time you come to need a risk categorisation, adding
as many levels as needed. Both a worded or numerical categorisation will achieve a rating system
that you can use with each risk to determine its impact.
Once you have identified the level of risk for each one, you can look at the importance of how this
may affect your organisation and plan the best course of action.

• Document analysis processes and outcomes?

Having a risk management process to follow and implement is important to the success of an
organisation and duty of care to staff. By making an analysis of each area we can make careful
documentation to maintain clear progress towards the outcomes you are aiming to achieve.
This documentation can be used for any evaluation process and for reference throughout a
project. It will show the steps that you have taken and the achievements we have made so far. It
will also cover us for any legal or organisational requirements and the need for keeping records.
The organisation will need to keep records for legal requirements and for any future analysis
needs. All incidents of risk need to be documented so that future occurrences of risk can be
avoided, and our organisational systems can be improved to better handle such situations.

Part B – Written Assessment

Take an example of a situation of risk that you have previously managed in
the workplace, or have been involved with, and explain your risk management
processes and treatment plan for the risk.

You should also Include the following in your answer:

1. Details of the risk situation;
2. Who you needed to communicate with during the work undertaken, including
relevant stakeholders, colleagues and management.;
3. The research and analysis made and how you presented your findings;
4. List the all identified risks in work areas by using Risk Register Form;
5. Did you need to refer areas of risk to others, due to the risk being under
another work area;
6. What legislative and organisational policies/procedures that you needed to
consider for your risk management.

A) I am currently working as an administrator at Milson Real Estate in Milsons Point, Sydney.

Milson Real Estate is a small agency responsible for managing some buildings in that area.
They are also involved in the buying and selling of properties throughout Sydney.
In our workplace there are few risks which may occur. For instance, Milsons Real Estate uses a
special software called Hirum that lists owners and tenants, payments made, reports, etc. One
possible risk would be a malfunction of the server or a computer virus resulting in the loss of all
the information recorded.
On the other hand, inspections are always held on Saturdays. Sometimes the apartments
inspected are undergoing refurbishing or repairs and therefore present a safety risk for
prospective purchasers who come to see them.

B & C) potential risks were discussed amongst the office staff in order to come up with possible
ways to avoid any sort of consequences.In developing a risk management strategy for these two
potential risks, our manager consulted former vendors and insurance companies. We reviewed
our records for the preceding 12 months to see if there were any letters of complaint regarding
inspections, any OH&S incidents, and incidents of personal injury.
We also had group meetings concerning any software problems that may have occurred in the
past and analysed and discussed possible ways to avoid this from happening. We used Risk
Register as a risk management tool. Here is an example:

D) Risk Register
Adequacy
Consequence Likelihood Level of Risk
Risk Consequences of Existing
Rating Rating Risk Priority
Controls
-Data loss-
Lost data
would need to
Softwaremalfunction be restored
Priority
from memory Inadequate Catastrophic Unlikely Extreme
one
or other
records, which
might not be
accurate
Incidents

during
-Physical Priority
Adequate Catastrophic Rare High
injuries one
inspections

E)No because I only report this to my manager because it`s our department and when considering
our risk management system, our manager, who is responsible for keeping our workplace and the
buildings we manage safe, made sure we complied with all the legislation concerning the Real
Estate sector as well as other policies such as any relevant state/territory legislation and
Occupational Health and Safety (OHS) policies, procedures and programs. Obviously, we help him
where we can. For instance, all staff members are aware of emergency procedures and may tell
when and how to complete incident reports.

F)