June 2021

Question 1

What is RIDDOR?

Answer 1

Reporting of Injuries, Diseases and Dangerous Occurrences Regulations (2013)

Question 2

What is a hazard?

Answer 2

May cause physical or mental harm to an organisation’s stakeholders.

Question 3

What activities are covered by H&S regulation? (4)

Answer 3

1. Identification and assessment
2. Application of measures to control to protect
3. Recording of incidents to regulatory agency
4. Implementation of policies and procedures on the above

Question 4

What role do H&S government agencies have (3)?

Answer 4

1. Implementation of new rules and guidance
2. Supervise activities
3. Take enforcement action to address non-compliance

Question 5

What is the major H&S legislation and what does it entail?

Answer 5

Health and Safety at Work Act 1974
- Establishes HSE as regulatory body
- Responsibility on both employees and employers
- Employees protected from hazards “as far as reasonably practical”
- Employers expected to co-operate and act responsibly
- Covers non-employees
- Excessively long hours and undue stress

Question 6

What needs to be reported to HSE under RIDDOR? (7)

Answer 6

• death on premises
• work-related accidents that lead to serious injury
• work-related accidents that incapacitate for more than 7 days (3-7 on register just)
• non-fatal accidents to non-workers, requiring immediate hospital treatment
• occupational disease (cancer/dermatitis) due to biological agent
• dangerous occurrence (building collapse or fire)
• gas related incidents

Question 7

What is an enforcement notice?

Answer 7

Notice of time being granted to reach compliance

Question 8

What is the Employers Liability (Compulsory Insurance) Act 1969

Answer 8

Insurance required to pay compensation following injury

Question 9

Name 8 compliance reporting requirements

Answer 9

1. AML
2. CTF
3. Climate change disclosures
4. Corp Gov reporting
5. Environmental compliance
6. Contingency planning
7. Data protection requirements
8. Basel financial regulations

Question 10

What else beyond RAG?

Answer 10

Black = extreme
Blue = insignificant

Question 11

Name 5 kinds of CSR activity?

Answer 11

1. philanthropy
2. free/subsidised services for employees
3. voluntary leave
4. marketing campaigns to change attitudes
5. free/subsidised good for poorer customersN

Question 12

Name 7 kinds of sustainability activity

Answer 12

1. Fairtrade
2. Supply chain selection - local pref
3. Closed loop supply chain
4. Lower carbon footprint
5. Less pollution
6. Long-term growth vs short-term perf.
7. Improve worker health

Question 13

What to do when risks cannot be anticipated?

Answer 13

Alternative is to build resilience
- not prevention, but effect reduction
- crisis management + bus. Wcontinuity
- link with PR

Question 14

What is COBIT?

Answer 14

COBIT (Control Objectives for Information and Related Technologies) is a framework created by ISACA for information technology (IT) management and IT governance

Question 15

Name 3 areas where GRC integration might be limited

Answer 15

1. Financial - compliance with IFRS etc
2. IT - DP, acceptable use, HR
3. Legal - compliance related

Question 16

Name 3 causes of new/changing risks

Answer 16

1. Complexity
2. Interconnectedness
3. Globalisation