Organisational Risk Management Flashcards
Define “Risk”
The effect of UNCERTAINTY on objectives
What is the difference between a Threat or hazard, and a Risk?
Threats and hazards are chieftly known and can contribute to risk, increasing or decreasing the likelihood of the risk’s occurrence or the consequences if the risk does eventuate.
We use known threats and hazards to make an assessment of overall risk.
List the four risk types in our organisation and what do they each relate to?(4)
- Strategic -Risk overseen by Executive Team. Risks that affect strategic objectives in Our Business
- Portfolio - Investment Portfolios over see risks related to the delivery of investment portfolios, programmes and projects
- Corporate - Police Governance groups overseer risks that may affect achievement of Cross organisational objectives (legislation & regulatory compliance, information management, asset management, People and capability)
- Operational - National Operations Steering group overseers risk that will affect day-to-day operations
How might a Strategic risk impact?
Impacts our ability to achieve “Our Business”
Who oversees Corporate Risks?
Governance Groups
What level of organisational risk affects day to day objectives?
Operational Risk.
What are the five steps in the process of managing risk?
1: Establish Context (Is it Internal or External risk?)
2: Identify the risk; using an approach to risk identification (ad hoc; risk workshop etc), consider the risk to achieving objectives and possible opportunities
3: Analyse risk impact: Use risk matrix (likelyhood v Consequence) to determine significance of the risk, and then identify any existing controls in place nad how effective they will be (ie policies, SOP’s Training, Supervision, IT systsems etc)
4: Evaluate: Consider the inforamtion and determine what action we need to take; Act, Monitor, Accept, acknowledge that effective management is achieved.
5: Take action: If risk not managed, then you must take action (escalate) to reduce the likelihoood or consequences.
What are the four possible outcomes when dealing with risk evaluation (step 4 Evaluation)?
- Act
- Monitor
- Accept
- Achieved - Acknowledge effective management is achieved
Once a risk evaluation is completed, what two options do you have?
- If risk has been mitigated or actively managed, no requirement to escalate. Montior and review decision as appropriate.
- If risk not mitgated/managed, escalate and take action to respond to risk to reduce likelihood/consequences.
What is the “first line of defence” in risk management?
All police personel who apply controls such as policy, process, procedure and standards to their activity
Who is the second line of risk management defence?
Management processes (Districts, Service centres; PNHQ) who provide a robust management enviroment for dicussing, acting upon, and escalating risks
What is the “third line of defence” in risk management?
Internal audit and assurance. The assurance group and other independant functions main a view of Poilce’s control enviroment and verify or certify that controls are operating as intended.
What are common risk management activities that support Our Business (5)
- Planning SPT’s - ensure workgroup have strong understanding of risks in your area
- New Initiatives - easier to run new intitiatives when there is a strong understanding of risks
- Changing how we do things - considering risks should be part of process in changing how we work.
- Changes in our operational environment - good chance to ensure our risks are still relevant and nothing new has arisen.
- Near misses, leasons learnt and events - good chance to consider how to prevent similar happening again. How can we imporve
A. Why do we need to know about Health and safety? (3)
B. Who are Work Safe, what do they do?
C. What is Work Safe’s MOU regarding Commercial Vehcile Safety?
A
- Legal, It’s law
- Ethical. Looking after people is right thing to do
- Our Business - good health and safety is good business. Vision; Safest Country. Goal; Safe homes, streets and communities and safe workplace
B. NZ’s health and safety regulator. Worksafe bring charges under the Health and Safety in the Workplace Act (HSWA)
C. NZ Police operate on behalf or Work Safe in Commercial Vehicle safety enforcement. (CVST)
What does Health and Safety at Work Act (HSWA) define health as?
Health is both physical and mental - it is not just physical injury or illness