Organisational Risk Management Flashcards
Who does the risk management policy apply to
All employees and contractors
Any entity or person who acts for or represents Police, Also includes all Police workplace locations
What is the first line of defence in risk management
All Police personnel - identifying and discussing any potential risks
What is the second line of defence in risk management
Management processes and controls - provide a robust management environment for discussing, acting upon and escalating risks
What is the third line of defence in risk management
Internal audit and assurance - Internal audit provides assurance on the effectiveness of governance, risk management, and internal controls to ELB and ARC1, who are the primary stakeholders served by the three lines of defence
What tool can also be used in risk management
TENR
What is risk
‘the effect of uncertainty in achieving objectives’
The risk management process involves five steps these are
Establish context Identify risk Analyse risk and impact Evaluate risk Take action
Risk Management roles and responsibilities are
Risk Coordinator role - Risk Coordinator acts as the first point of contact for all risk related matters in their work group
Risk Lead role - responsible for monitoring the risk on behalf of the District etc
Treatment Lead role - responsible for ensuring the treatment for a certain risk is developed and applied on behalf of their District etc
Step 1 of risk management process establishes the context in which you are operating in. What external environmental factors need to be considered. PESTLE
- Political: areas in society and the economy where government is involved
- Economic: factors include growth, interest and exchange rates, inflation
- Social: cultural aspects including attitudes, prevailing norms, age distribution
- Technological: innovations and trends
- Legal: applicable laws and regulatory standards
- Environmental: ecological factors such as weather and climate.
Step 1 of risk management process establishes the context in which you are operating in. What internal environmental factors need to be considered
- Objectives and strategies
- Risk assessment criteria
- Resources and knowledge (e.g. people, processes and systems)
- Culture and behaviours
What is a good framework for risk identification
S trengths
W eaknesses
O pportunities
T hreats
A risk is a;
‘future event’ that may or may not happen
An issue is a;
problem or concern that is occurring or has occurred
What are the three elements of a risk in the context of writing a risk statement
Uncertain event
Cause
Consequence
The severity of the consequences of an unexpected event are #5
Negligible Minor Moderate Major Severe