#9 RISK MANAGEMENT Flashcards
Our risk management principles are to (5)
- Develop a culture of risk awareness and continuous improvement. Risk recognised as natural and necessary.
- Provide a supportive environment were risks are openly discussed.
- Consider Te Ao Maori views
- Incorporate the views and perspectives of the communities
- embed risk management behaviours and practices
How do we define risk?
Any potential future, uncertain event that may affect the achievement of our objectives
Responsibility of all staff regarding risk (4)
- Understand role of managing risk
- Help managers identify risk
- Escalate and report risk - 1-Up
- Seek support from assurance group
Exec leaders and management responsibilities regarding risk (6)
- identify risk and commit to reviewing regularly
- Ensure processes to manage risk are in place
- Ensure risk is considered
- Receive and/or share risk info
- Support and encourage teams to escalate and report risk
- Seek support from assurance group
What are the risks in the risk oversight framework (4)
- strategic
- Portfolio
- Corporate
- Operational
What are strategic risks and how are they managed?
- Affect strategic objectives
- High level, thematic, long term (5-10 years)
- Strategically important
Responsibility of commissioner and ELT
What are organisational risks and how are they managed?
- systemic and affect one or more work work groups
- Risk to people, legal, regs….
Responsibility of service centres and districts..
Safer people oversee
What are operational risks and how are they managed?
- Risk to day to day ops/
- Risks to BAU who deliver to public
- Responsibility of staff at all levels.
- Often dealt with at time but can mean symptomatic of higher level risk.
- Info shared
- TENR
What are portfolio risks and how are they managed?
- Risk to programme or project
- responsibility of project manager. should be reports to SRO.
- For large projects Treasury requires RPA
- Risks captured in Sentient overseen by IPO
What are the 3 levels of risk?
First line: Police staff.
~ Identify risks
~ sharing info
~ integrated in decision making
~ managing and reporting
~ Recording in appropriate place.
Second line: Districts/service centres/PNHQ
~ discussing, acting upon and escalating risk
Third line: Assurance group
~ Reviews
~ audits
~ advice
What are the 5 steps of the risk management process?
And the 2 ongoing processes
Process:
1) Establish context
2) Identify risk
3) Analyse risk impact
4) Evaluate Risk
5) Take action
Ongoing:
1) communicate and consult
2)
Monitor and review
What must Policed do to effectively manage risk?
Ensure the right people have the right information at the right time (Escalate and collaborate)
Establishing context means understanding:
Internal context
(objective, structure, PPP, capabilities etc…)
External context
(stakeholders values and relationships, social, cultural , political, legal etc…)
Identify risks - How can it be done:
Adhoc - BAU
Through workshops or dedicated processes.
Often risks are confused with threats or hazards.
Threat hazard can contribute to risk by increasing or decreasing consequences.
Threats are human based. Usually intent.
Hazards are non-human (geography, river, substance).
Threats and hazards are what we know.
Risk considers uncertainty to make assessment of overall risk.
What does analysing risk invovle?
The level of risk
Existing controls in place and how effective they are at determining level of risk (do they change the likelihood or consequences of risk)
Risk = Likelihood + Consequences
Once we have established risks and controls how do we evaluate risk?
We can decide to:
Act on Risk (high risk - further planning)
Monitor (High risk - plan sufficient)
Accept Risk - (Low risk - action plans nascent or inefficient)
Achieved - (Low risk were plans are sufficient)
How can we incorporate risk management into everything do?
Planning / SPTs
New initiatives
Changing how we do things
Changing our operating environment
What is a PCBU under HSWA
Person conducting business or undertaking
Police is a PCBU
What is an officer under HSWA
Position that allows them to exercise significant influence over the management of the business or undertaking
In Police - wider Executive team.
What is a worker under HSWA
A worker may be an employee, a contractor or sub-contractor, an employee of a contractor or sub-contractor. Any level.
Under the HSWA everyone who works for New Zealand Police is considered a worker
What is Primary duty of care under HWSA
This requires PCBUs to ensure, so far as reasonably
practicable, the health and safety of workers as part of business or undertaking
What is reasonably practicable under HWSA?
What is or was reasonably able to be done to ensure health and
safety considering and weighing up relevant matters including:
- Likelihood
- Degree of harm
- what the person knows or ought reasonably to know
Duties of workers (4):
- Take reasonable care their own H&S
- Take reasonable care that acts or omissions do not affect others
- Comply with PCBU to allow compliance with act
- Cooperate with policy or procedure relating to H&S
What is the cycle (4) to managing risk?
1) Plan (assess risk, ID controls)
2) Do (implement controls)
3) Check (monitor performance of controls)
4) Act (take action on lessons learnt)
What are static, dynamic and critical risks?
Static - predictable, remain constant over time.
Dynamic - Difficult to predict - TENR
Critical - death or life threatening risk.
How do we report an incident or near miss?
My Police
By person involved - or if unable - supervisor.
Debrief must be had. Report must be reviewed by supervisor;
What is a near miss?
“dam that was close”
Unplanned or unexpected.
Could have resulted in harm but did not.
Includes damage to property but not injury
Does not include an unsafe condition (bald tyres) or unsafe act (knowingly drove car with bald tyres.
What is a notifiable event:
Arising from work activities:
- Death of person
- notifiable injury or illness
- notifiable incident.
What to do if notifiable event occurs
Contact District H&S. H&S will notify Worksafe.
O/S of work hours DCC who notify work safe and Safer People
What are notifiable injuries or illnesses
All work related injuries illnesses where admission to hospital required.
Require med treatment within 48 hours of exposure to substance
Serious infect - carrying out work serious contributor.
Work safe must be notified for certain events including:
Admitted to DPH (Not just treatmet/outpatient)
Serious had injuries
Loss of conciousness
What are 7 critical risks:
1) psycological harm
2) Driving
3) Motivated offenders
4) custody
5) roadside ops
6) hazardous exposure
7) Contractors and third parties
