ASSESSMENT TASKS Cluster number and name: MCC4-20_3.2_Business Risk Units of competency: BSBOPS403 Apply business risk management processes Student’s ID: Please insert student ID this column and on...

ASSESSMENT TASKS
    Cluster number and name:
    MCC4-20_3.2_Business Risk
    Units of competency:
    BSBOPS403 Apply business risk management processes
    Student’s ID:
    Please insert student ID this column and on all pages
    Assessor’s name:
    Please ensure your name or assessor name is inserted
ASSESSMENT TASK 1: KNOWLEDGE QUESTIONSAssessment task instructions:
This is the first assessment task which consists of 6 knowledge questions. You must complete all the knowledge questions at the required level to get a “Satisfactory” outcome.
Purpose of the assessment task:
The purpose of the assessment task is to assess your knowledge in the following:
· legislative and regulatory context of the organization in relation to risk management
· techniques for identifying and evaluating risks
· organizational policies and procedures for risk management
· areas where risks are commonly identified in an organization
· risks beyond scope of individual responsibility to be referred to relevant organizational personnel
· Purpose and key elements of current risk management standards.
Assessment conditions and resources:
Assessment will be conducted in a safe simulated environment where you will have access to:
· technology, resources, workplace documentation and templates relating to risk management, scenarios, workplace information to complete this assessment task
· legislation, regulations, standards and codes relating to business risk
· Workplace documentation on selected organizational risks.
Questions:
1.1 Answer the following questions regarding “techniques for identifying and evaluating risks” (Guide: 80+ words)
a) Explain the following risk identification tools and techniques, and
b) Explain the following risk evaluation techniques.
    a)
    Process Flowcharts
    A process flowchart is a diagram that depicts the sequential phases of a process as well as the decisions that must be made in order for the process to function. You may either design a flowchart by hand or utilize simple, powerful software tools to create your own. Process flowcharts follow the logical flow of information to provide business stakeholders with guidance on how to complete processes.
    
    Brainstorming
    The Scrum Master is the ideal option to facilitate the brainstorming session. Companies sometimes bring in outside experts that specialize in brainstorming facilitation since a poorly managed session is an expensive waste of time and can endanger the project's success. Participating in risk identification with the entire team is beneficial since it can result in a better feeling of project risk ownership. To begin off a project, group brainstorming may be an excellent team-building and customer-relationship-building activity.
    
    Risk Checklists
    Risk checklists are a historical record of hazards that have been recognized or realized on previous projects. They assist Estimators in better understanding the needed contingency and Managers in controlling scope expansion. Risk checklists are used at the end of the risk identification phase to ensure that typical project hazards are not ignored.
    b)
    Quantitative Risk Analysis
    Qualitative risk assessment is more subjective. It focuses on identifying risks in order to assess the chance of a given risk event occurring during the project life cycle as well as the impact it will have on the overall schedule if it does. The objective is to assess the level of severity. The results are then recorded in a risk assessment matrix (or any other form of an easy-to-read graphical report) in order to communicate significant risks to stakeholders.
    
    Qualitative Risk Analysis
    Quantitative risk analysis examines the consequences of risk in terms of cost overruns, scope creep, resource consumption, and schedule delays using verifiable data. In layman's words, quantitative risk analysis provides a numerical value to existing risks – risk A having a 40% probability of happening based on measurable data (fluctuations in resource prices, average activity completion time, logistics, and so on) and a 15% likelihood of inflicting an X-day delay. It is completely reliant on the quantity and precision of your data.
1.2 Answer the following questions regarding “policies, procedures or processes for risk management”
a) Explain the purpose of an organization having policies and procedures in place for risk management. (guide: 25+ words)
b) List 5 organizational policies and procedures that relate to risk management? Explain their purpose. (guide: 25+ words)
c) Explain the principal structure of an organizational policy and procedure for risk management. (guide: 25+ words)
    a)
    Management in small businesses typically has the same set of objections to documenting a set of rules and procedures. According to Kevin O'Hare, the aim of these advantages is far bigger than simply putting down certain guidelines. "If your practice is incorrect but you're honest about it, it's considerably less of an issue than if nothing is put down at all." Finding time for governance may be challenging in a world with lean personnel, quick turnover, and an emphasis on doing a lot with a little. If you can commit to putting your rules in place and following them, you'll be surprised at how straightforward an audit becomes in the near run. Your operations will be less stressful, and your employees will be happier.
    b)
    Policies and Procedures of Various Types Every Workplace Requires. Organizations require rules and processes for a wide variety of human resource concerns. The following are some of the topics for which you might consider developing guidelines.
· Attendance Policies and Procedures
· Employee Conduct Policies and Procedures
· Use of Company Property Policies and Procedures
· Harassment and Discrimination Policies and Procedures
· Internet and Social Media Use Policies and Procedures
    c)
    The following are the main components of an organizational risk management policy and procedure:
· For the employer to assess the work tasks necessary to complete a task and the level of risk associated with those activities
· For the employer to develop a set of rules for employees to follow in order to reduce any hazards linked with their work
· Employees should be trained so that they take fewer risks at work
· To provide the necessary equipment to complete the task safely, to keep the equipment in good working condition, and to conduct emergency measures in the event that a worker is wounded, exposed to extreme risk, or placed in a precarious situation
· To educate all employees on the need of safety precautions
1.3 Review a typical business / office environment and list minimum of six (6) areas of risk the organization may have. (guide: 80+ words)
    
    Business risk might prevent you from reaching the objectives you set for your company. Here are seven sorts of business risks to consider in your organization.
a. Economic Risk- As markets change, the economy is always shifting. To mitigate economic risk, save as much money as possible to ensure a consistent cash flow. As part of your company plan, operate with a tight budget and low overhead across all economic cycles.
b. Compliance Risk- Business owners are subject to a plethora of rules and regulations, with which they must comply. Staying up to date on applicable federal legislation from agencies such as the Occupational Safety and Health Administration (OSHA) or the Environmental Protection Agency (EPA), which can assist reduce compliance risks. Stay attentive in tracking compliance by joining an industry association, checking government agency information on a regular basis, and obtaining advice from compliance specialists.
c. Security and Fraud Risk - Businesses must priorities security solutions, fraud detection systems, and staff and consumer education on how to spot possible problems. According to the, data breaches, identity theft, and payment fraud are becoming a significant concern for organizations. If a firm fails to secure its customers' data, it is also financially responsible for any data breaches or fraud.
d. Financial Risk - Keep debt to a minimal and devise a plan to begin reducing your debt load as soon as feasible. If you rely solely on one or two clients for all of your revenue, your financial risk might be substantial if one or both stop using your services. Begin promoting your services to diversify your clientele so that the loss of one does not ruin your bottom line.
e. Reputation Risk - Just one nasty tweet or bad review may reduce your client base and cause revenue to fall. Prepare to react to those comments and assist in addressing any issues as soon as possible. Maintain a focus on quality to avoid litigation and product failures, which can harm your company's brand.
f. Operational Risk - Natural disasters or fires that damage or destroy your physical firm may result in the loss of business continuity. Many operational hazards include humans, such as a server outage caused by technical issues, personnel, or a power outage. Each of these possible operational hazards should be addressed through training and a business continuity strategy.
1.4
Answer the following questions regarding “purpose and key elements of current risk management standards. (Guide: 80+ words)
a) What are risk management standards? What are the different types of Risk management standards as per ISO 31000 risk management standards framework?
b) What are the different elements of current risk management standards “ISO 31000:2009”?
    a)
    Risk Management Standards define an organization's general goals and objectives, with the goal of assisting in the identification of hazards and encouraging risk reduction through best practices. Standards are frequently defined and developed by a variety of bodies that collaborate to promote shared aims, such as ensuring that organizations carry out high-quality risk management practices. The ISO 31000 risk management standards framework comprises the following elements:
· ISO 31000:2009 - Implementation Principles and Guidelines
· Risk Management - Risk Assessment Techniques – ISO/IEC 31010:2009
· Risk Management – Vocabulary – ISO Guide 73:2009
    b)
    ) 5 Essential Risk Management Elements are :
· Identify the assets that must be safeguarded.
· Determine the dangers to such assets.
· Controls should be applied in a tiered, overlapping fashion until the risks are reduced to an acceptable level.
· Examine the controls' adequacy and efficacy.
· Keep an eye on the software and repeat the process on a regular basis
1.5 Review a typical business / office environment, conduct a research and list and explain the legislative and regulatory context of the organization in relation to risk management. (guide: 50+ words)
    
    Uncertainties that affect the fulfilment of corporate objectives are referred to as risks. External or internal variables, such as the regulatory environment and market conditions, might create risks. The selection of important objectives should be guided by an assessment of the external and internal variables that may be affecting the company at the time.
· The external context is the environment in which the company operates and strives to achieve its goals. It consists of the following elements: strengths, weaknesses, opportunities, and threats. Relationships with external stakeholders like as clients, as well as their attitudes and values. The social, legal, and political environments must all be taken into account.
· The internal environment in which the business operates and strives to accomplish its goals should be taken into account. According to Ernst Woelkers' study, the firm's risk tolerance and appetite should also be addressed.
1.6 Answer the following questions regarding organization’s requirements relating to risk management.
a) List 5 points why an organization would choose to review its risk management processes. (guide: 30+ words)
b) Explain the process of risk treatment. (guide: 50+words)
    a)
    Risk management process review is important because this procedure ensures that the management action plans stated stay relevant and up to date.
· Factors influencing the possibility and effects of a risk are extremely likely to alter in today's constantly changing corporate environment.
· This is especially true for factors influencing the cost of risk management strategies. As a result, the risk management cycle must be repeated on a regular basis.
· To incorporate Risk Management into the business's culture and philosophy, the organization must gather and document experience and knowledge via regular monitoring and assessment of incidents, treatment plans, results, and other related documents.
· Technical information on operational procedures is provided. Concerning operational problems with the underlying technology must be eliminated.
· Each stage of the Risk Management process must be meticulously documented. The documented information must contain assumptions, methodologies, data sources, findings, and explanations for decisions.
· Aside from being an extremely valuable information asset for the organization, records of such processes are an important aspect of good corporate governance, provided that they are in accordance with the legal, regulatory, and business needs for records, the cost of creating and maintaining...