Professional Documents
Culture Documents
Assessment: Manage Risk BSBRSK501
Assessment: Manage Risk BSBRSK501
Web: www.georgebrown.nsw.edu.au
Assessment
Manage risk
BSBRSK501
PEDRO
Student
VALENTE
Name
PINHEIRO
Result NYC C
Contents
Assessment Guidelines 3
Manage Risk – BSBRSk501
Innovation and Business Industry Skills Council Ltd, 1st Edition Version 1, 2015
Page 2 of 52
Assessment Schedule 4
1. All assessment tasks must be completed and handed in to your trainer for marking.
You also need to submit a soft copy of your assessments through the email: [email protected] for
records purposes only
2. Please read all instructions before starting each assessment.
3. Where you are required to submit documentation for an assessment, it must be attached to your assessment booklet.
4. Your trainer will not be able to assist you in answering questions. However, your trainer will address any issues concerning
questions requiring further explanation.
5. You may refer to your student learner guide/student resources or any other relevant resource when completing your
assessment. Do not quote directly from the notes. You should answer questions in your own words, except where it asks you
to quote.
6. You have access to computers which are equipped with Microsoft suite of products and printing facility is available at nominal
cost
Assessment Schedule
Learner Trainer Sign
Wee Tasks to Comments
Sign of
k complete
of / Date
Task 1:
Week
1 Case study
Task 1:
Week
written report,
2
role- play
Task 2:
Week
Case study,
3
written report
Task 2:
Week
Role-play
4
/demonstration
Task 3:
Week
5 Case study
Task 3:
Week
6 written report
Comments/feedback to participant
Task 1: Report on Risk
Performance objective
For this task you are required to determine the risk context associated with establishing a new business outlet within the
existing business structure. You will be required to review internal and external environment factors, obtain support for
activities and liaise with relevant stakeholders to identify risks.
Assessment description
For the MacVille Pty Ltd simulated business scenario provided, you are required to assume the role of Brisbane store
Assistant Manager, Ash, who has just been promoted to be Manager of a new store. Ash has been tasked with conducting a
risk management analysis of this new venture.
There are three stages to this project: (1) review, (2) analyse and plan, and (3) monitor. This project is divided into three
assessment tasks as follows:
For this assessment task, you will need to review the simulated business’s risk management processes and determine the
scope and objectives, taking into account stakeholders and both internal and external environmental factors affecting the
organisation. Once you have gathered this information, you are to identify risks and write a draft report to the CEO. You will
meet with the CEO to discuss your report, seek support for your findings, and approval to communicate risk management
processes to relevant stakeholders for their feedback and participation.
Procedure
You will assume the role of Ash, Assistant Manager of the Brisbane MacVille café, who has just been promoted to Manager
of the new Toowoomba store. In preparation for the new venture, Ash has been tasked with conducting a risk management
analysis of this project:
Congratulations on your new appointment. Prior to taking up your position as Manager of our new Toowoomba
store, located in Ruthven Street, the Board of Directors has asked that the risks in this project be appropriately
managed.
I want you to undertake this task as it will give you significant insight into the store’s operations, it will ensure a
smooth transition for Hurley’s Café staff into the MacVille family and will encourage you to give ongoing support
for our risk management initiatives.
I would like you to approach this task in three stages and meet with me at the end of each phase to review your
work and discuss your plans for the subsequent phases. The three stages in this risk management task will
include:
1. Review.
2. Analyse and plan.
3. Monitor…..
Once I have received your risk review report, we will need to discuss the steps that you will take in the risk
management process.
Regard
P.Kinski
1. Review the provided MacVille simulated business scenario information and documentation provided in the
Appendices of this task.
2. Write a report for the CEO (your assessor) that addresses the following:
a. The effectiveness of the MacVille Risk Management Framework in supporting the principles and processes of risk
management, set out in the risk management standard AS/NZS ISO 31000:2009. Outline the purpose and key elements
of the standard in your discussion.
b. Identify and describe the scope of risk management required in your role.
c. Identify and describe the critical success factors, goals or objectives for areas included in the scope.
d. Identify relevant internal and external stakeholders, their role in the risk management process, and any issues or concerns
they have raised. Complete the Table of Stakeholders Template (provided in Appendix 3 of this task) and attach to your
report.
e. Complete a PEST analysis and a SWOT analysis to identify risks associated with the scenario. Outline the relevant
legislation, regulations and standards (including those at a local level, i.e. Toowoomba Council).
f. Describe the methods of research that you used to complete your PEST and SWOT analysis. For example, how you
approached the simulated business information; legislation, regulations, etc.; and any other information or research on
risk that applies to the scope of your report.
g. Complete the analysis of risk for the scenario by summarising the scenario and identifying a list of risks to the project.
Note: Ensure your report is written in a style appropriate to your stakeholder audience, for example, using
appropriate language and including appropriate illustrative material (such as checklists, diagrams or flowcharts) and
attachments to support your summary.
Considering what has been found during the visit to the store, I present this report which I am
starting by pointing out an important information that we ought to understand and take into
account in advance according to the purpose and key elements of AS/NZS ISO 3100:2009 “Risks
affecting organizations can have consequences in terms of economic performance and
professional reputation, as well as environmental, safety and societal outcomes. Therefore,
managing risk effectively helps organizations to perform well in an environment full of
uncertainty” this ISO also allows us to have a base and help to properly manage the risks in the
organization. “ISO 31000:2009, Risk management – Principles and guidelines, provides
principles, framework and a process for managing risk. It can be used by any organization
regardless of its size, activity or sector.
Using ISO 31000 it can help organizations to increase the likelihood of achieving objectives,
improve the identification of opportunities and threats and effectively allocate and use
resources for risk treatment.
However, ISO 31000 cannot be used for certification purposes, but does provide guidance for
internal or external audit programmes. Organizations using it can compare their risk
management practices with an internationally recognised benchmark, providing sound
principles for effective management and corporate governance.
As the new manager of the new store in Toowoomba requires a high degree of knowledge and
skills to identify current and future risks; The ability to anticipate situations that may negatively
impact the organization is fundamental in this new project, because we are working on the
foundations of a previously established store, which does not have the direction or guidelines of
our organization. My ability to manage this new store based on the reduction and prevention of
high risks of impact for the company should be broad since when restructuring a store that is
basically the purpose that is had, they should be analyse all the aspects involved within the
organization starting from resources of raw material, waste, fixed assets, variable assets,
personnel, administration and others. With respect to the critical success factors, goals or
objectives, the acquisition of the new store presents an organization in the administration of the
human resource that is currently available, because at present a policy and definition are not
defined or structured. procedures that allow employees to have a clear objective of their goals or
a clear objective of responsibilities for job positions. Likewise, in order not to be involved in
governmental inconveniences regarding the use of natural resources such as Water; A
restructuring is needed in some points of the store, so that they abide by the rules of use
stipulated by the government.
The administrative management must be delegated and organized in order to minimize the
risks in financial aspect, the cash closings and the general balance must be made by two
different people in order to take better control of daily sales, for no reason the storage of the income
acquired during the working day must be allowed, this income must be deposited daily in the
bank account of the organization.
SWOT ANALYSIS
STRENGTHS: WEAKNESSES:
OPPORTUNITIES: THREAT:
● The fit-out looked old and unattractive ● The long drive from Toowoomba
in parts to Brisbane
● Innovative frozen par-bake cooking system ● The banking was not done every day
POLITICAL: ECONOMIC:
● Government policy ● Economic growth
● political stability ● Inflation
The researched of information used for the development of the SWOP and PEST analysis was
carried out by means of a primary information source, since the data and information supplied by
the current store administrator and also by the reports were used. stored historical. On the other
hand, secondary information was also used, which was acquired by the analysis and study of
the governmental legislations for the identification of the regulations.
Based on the analysis of the information provided, the following risks are listed below:
3. Submit your report as per the specifications on the next page. Be sure to keep a
copy for your records.
4. After you have developed your report, write an email that is intended for relevant
stakeholders (identified in Step 2). Your email should clearly ask stakeholders for
input, include a list of risks you have identified and invite them to assist in
identifying any additional risks.
EMAIL
Good
morning.
As we all know, we are in the process of coupling and transforming the new store in
Toowoomba. The process has been intense and long but at the same time rewarding, I have to
thank each of those who have been part of this process and also those who have collaborated
so that this is taking place.
Based on the information and analysis that has been executed during this time, we have
identified information of great importance to the organization. One of the most important
issues and for which I am sending this email is the identification of the risks that we are
presenting in the new store, so that all those involved in this process participate in the process
of improving the store. put on the table the risks that have been identified.
As a risk we have:
● The two-hour delivery
● Water wastage present
● the possibility of break-ins
● staff member that completed the cash register balancing also completed the bank deposit form
However, I want all those who have or want to contribute information about it to do so, this will
help us to direct the process of improving the store correctly.
Best Regards,
Pedro
5. Send the email to the CEO (your assessor) for review and request a meeting to
discuss identified risks and further risk management processes.
Email to CEO
Dear CEO,
We will be holding a meeting to discuss about the identified risks and risk management processes of the
MacVille Café project. Having you present there is important because we can discuss how we can communicate
with stakeholders about the risk management processes in this scenario.
The meeting will take place next Thursday at 3pm, in the Meeting Room 3 – MacVille in Central Business
District.
If there is anything you would like to discuss in the meeting, send it to me by email and I will include it in the
meeting´s agenda.
Regards,
Pedro
- Project: MacVille to expand their operations in Queensland and purchase and rebrand an existing cafe
in Toowoomba.
- Business unit: MacVille cafes Queensland.
- Risk in relation to functions: human resources management, financial operations, WHS, supply chain,
local governance and compliance issues.
- No written policy and procedures manual and limited staff training – could lead to error and
inappropriate actions
- Authorization system not clearly defined – could lead to fraud
- Lack of sales promotion techniques – impacts of the stores financial viability
WHR risk
- Manager two our drive to and from weekly manager´s meeting – could lead to physical injury
- Unstable and broken chairs – customers injured; compliance breach and customer suing, reputation
loss
- Carpet that was worn through was simply taped over with gaffer tape – compliance breach and
customer suing, reputation loss
- No established process for dealing with injuries happening at work – staff need a quick and organized
response to injuries; staff work loss, unions suing, reputation loss
- Impractical to deliver fresh pastry from the company´s central bakery plant in timely manner – brand
loss, quality service loss
- Supply of company branded supplies – brand loss
c. discuss how you can communicate with stakeholders about the risk management
processes in this scenario and invite them to participate in discussions to further
identify risks associated with the scenario
- Asking the stakeholders for their feedback regarding the current status of risks management and what
else the team needs to consider when addressing the risks associated with MacVille Café opening a
store in Queensland.
7. In dot-point form, summarise your discussion with the CEO. This should
include any recommendations they made to you.
Script:
-Discussed about findings, particularly his understanding of the critical success factors and goals;
-Explained the MacVille risk management processes
-Discussed how we can communicate with stakeholders about the risk management processes in this
-scenario and invite them to participate in discussions to further identify risks associated with the
scenario
-Obtained the CEO´s support for ongoing risk management activities
-The boarder asked for a monthly reporting
-We agreed to do an external audit
8. Submit the required documents for assessment as per the specifications below.
Be sure to keep a copy for your records.
*Already provided above as a simulation of the whole meeting
Specifications
You must provide:
● a risk review report, including a completed table of stakeholders
● email communication to stakeholders
● summary notes from your meeting with the CEO.
Your assessor will be looking for evidence of:
● reading skills to gather, review, interpret and analyse text-based business information from a range of sources
● written and oral communication skills to organise and deliver information to effectively communicate risk management
processes to a range of stakeholders
● numeracy skills to interpret mathematical data when reviewing and analysing scenario business information
● ability to work independently as well as collaboratively to make decisions about risk management
● ability to interact with others using appropriate conventions when communicating to, and consulting with, stakeholders
● ability to sequence and schedule activities and manage communication
● ability to analyse relevant information to identify scope, goals and objectives and to evaluate options
● ability to use familiar digital technology to access information, document findings and communicate them to
stakeholders.
Background
As part of their overall strategy in the Australian beverage market, MacVille Pty Ltd have developed a chain of cafés in the
Central Business District (CBD) of Brisbane, Queensland and the CBD of Sydney, NSW. The Board of Directors has made the
decision to expand their operations in Queensland with the purchase and re-branding of the existing Hurley’s Café in
Toowoomba, 130km west of Brisbane.
Ash is currently the Assistant Manager of MacVille’s flagship café in Queen Street, Brisbane, and has been given the
opportunity to manage the new store in Toowoomba. Ash is also a member of the Finance, Audit and Risk Management
(FARM) Committee described in the MacVille Risk Management Policy.
The CEO for MacVille’s cafés in Queensland, Paula Kinski, has assigned Ash the task of managing the risks involved with the
operational aspects of this takeover. A copy of her email is provided below.
Email from CEO Paula Kinski
From: CEO – P. Kinski
Congratulations on your new appointment. Prior to taking up your position as Manager of our
new Toowoomba store, located in Ruthven Street, the Board of Directors has asked that the
risks in this project be appropriately managed.
I want you to undertake this task as it will give you significant insight into the store’s
operations, it will ensure a smooth transition for Hurley’s Café staff into the MacVille family
and will encourage you to give ongoing support for our risk management initiatives.
I would like you to approach this task in three stages. After the first stage, we will meet to
review your work and discuss your plans for the subsequent phases. The three stages in this
risk management task will include:
1. Review.
2. Analyse and plan.
3. Monitor.
Your primary risk management focus is directed to the ongoing operations of the Toowoomba
café. The strategic and investment risks of this project are being managed by the Board. To this
end, you are to consider any risks that could impact on human resources management, financial
operations, WHS, our supply chain and the local governance and overall compliance issues.
MacVille has agreed to employ all existing staff at Hurley’s Café on three months’ probation. The
current supervisor of Hurley’s, James Mansfield, has been offered the position of 2nd In Charge
and he has accepted.
While settlement on the purchase of the business is not for another few weeks, the seller has
agreed to grant us full access to the store’s operational processes and store information. You
should liaise weekly with the Finance, Audit and Risk Management (FARM) Committee here
at head office concerning the marketing, finance and store management functions that you
are investigating. I will set up a regular meeting for you.
Head office has a report on a similar expansion conducted by the NSW team that may help you
in your research. You may need to review other statistical information and engage specialists to
help you with your investigation. The legal firm Goldsmith Partners are advising MacVille on the
Hurley’sCafé acquisition and would be available to help you with legal or any compliance issues.
The landlord of the shop in Toowoomba, Ron Langford, is also a local councillor and has offered
his assistance in getting established in Toowoomba. He has offered his availability for email
address for correspondence.
When you have finished your report, please name it according to our document naming
conventions and send it through. Once I have received and discussed your risk review report, we
can move onto the next stage of the risk management process.
Regards
P. Kinski
After lunch, you went over your notes to revise and edit key concerns and significant events that you had written down
earlier:
The location of the store on the corner of the two main streets of the city makes for easy access for local customers and high visibility fo
The long drive from Toowoomba to Brisbane would make attending the weekly managers meeting difficult considering many meetings
The two-hour delivery time would make fresh pastry deliveries from the company’s central bakery plant impractical. The pastries would
There is also a concern about getting the company-branded supplies through as quickly as a CBD Brisbane store could. (D)
● Hurley’s Café was a family-run store and some family members were employed on the staff. James was
engaged by the family to supervise the operations of the store and Mr Hurley as manager would authorise
wages but anyone can authorise deliveries.
● When asked about written policy and procedures manual, James said that Mr Hurley set the policy and
procedures verbally and on the few days each week he was in the store he would show the staff how to
do things the way he wanted them done. (D)
● Water use – Water wastage present; the dishwasher is often run when only half full; fruit and vegetables are
washedunder a fast-running tap; toilets all use the single flush system; James explained that Mr Hurley
instructed the staff to keep the non-native flowering plants in the courtyard fully watered.
○ The dishwasher was always set to the full wash setting and has a Water Efficiency Labelling and Standards
Scheme (WELS) rating of 3. The more water efficient 5–6 star dishwashers cost about $6,000 and above.
● James spoke about the café attracting a large percentage of retirees because of the easy access to buses and
the store’s central location. (O)
● The same staff member that completed the cash register balancing also completed the bank deposit form
and did the banking as well. The banking was not done every day and often $4,000 was kept on the premises
overnight in the cash register. There was no safe. There is a bank two shops away but the Hurley family bank
is a couple of blocks away and there was not always time to do the banking. (D)
● James replied to your question about the possibility of break-ins, saying that there was a 50% chance of it
happening in a year and the consequence was moderate. (A)
● Not all takings from the cash register by family staff members were recorded.
● The fit-out looked old and unattractive in parts, with some chairs unstable and broken and some parts of the
worn carpet were simply taped over with gaffer tape. (D)
● One of the staff was a qualified chef who had developed an innovative and popular range of rice wraps that
were tasty, gourmet and healthy. None of the other cafés in the area offered these.(F)
● No established process for dealing with injuries that happened at work. (D)
● James gave a brochure about an innovative frozen par-bake cooking system that was under the limit set by
council for an exhaust system, yet it cooked fresh bakery items in 30 minutes from frozen par-baked pastries.
(O)
● The computer with all the store’s employee details, and financial records was not password protected and
anyone could access the information.
● James’s response to your question about the lack of sales promotion techniques was that he could not get
the staff interested in the activity so he stopped trying to make it happen.
● The employee detail form requested information about the employee’s entire past health issues.
● The wage and superannuation records seemed to be incomplete, with many calculations being worked out
by the number of hours worked multiplied by a set ‘in the hand’ amount.
● James also provided a brochure about a company that could come and set up WiFi in the café so that
customers could use their computer notebooks and connect to the internet while they were dining in the
café. (F)
● Ron explained that there were opportunities for opening more cafés in the surrounding
shopping centres like Wilsonton, Clifford Gardens and K-Mart Plaza.
● Ron handed you an extract from a government report, ‘Economic Brief’.
● Ron explained that the federal government was now introducing legislation that backs up the local
by-law concerning efficient water usage, particularly by industries. The current by-law has fines of
up to $50,000 for excessive water breaches. Ron did explain that the council was allowing some
time to ‘make good’ under certain circumstances on a case-by-case basis. Ron also agreed with the
idea of installing a water tank in the courtyard for the café to use and would help get it built.
● Ron explained that Toowoomba was obviously a place for retirees and the population was growing.
● Ron spoke about the federal government’s National Broadband Network being rolled out in
Toowoomba,which would allow efficient and effective video streaming and teleconferencing.
● Ron spoke about a current by-law that is due for implementation on the first of next month, which
will allow cafés to expand their footpath dining and so put more tables and chairs outside their
premises.
● Ron also spoke of the fact that representatives of a large international chain of coffee shops
had been making enquiries around town about opening a store in the Toowoomba CBD.
Meetings with Senior Management Team and Finance, Audit and Risk Management (FARM)
Committee
Soon after you returned from your research trip to the Toowoomba store, you attended two teleconferences.
First teleconference
First, you met with the senior management team. At this teleconference, you discussed issues raised by James Mansfield
and Ron Langford and there port on previous NSW expansion, which head office had given you: Report into the acquisition
and re-branding of the NSW expansion store. Paula said that there may be some things to learn from the NSW experience.
1. Lack of internal controls, particularly over cash handling, monitoring and recording.
2. Failure to meet compliance standards in WHS, privacy and industrial relations law.
5. Failure of the business to monitor the external environment and find opportunities and threats to the business.
The team agreed that similar issues would pose a risk to the Toowoomba expansion.
Second teleconference
You then held a teleconference with the FARM Committee. At the teleconference, you relayed the concerns of the senior
management team. The FARM Committee decided to allow you time to complete your review and then would include
discussion of your review in the monthly Board of Directors meeting.
MacVille Pty
Ltd Business
Plan
Mission
MacVilleCafés serve competitively priced, high quality coffee and gourmet food in a safe and
comfortable café-style environment. Our friendly, well-trained staff provide superior customer service.
Vision
MacVille aims to deliver our valued customers the very best café-going experience. In three years, the
business will have established a presence across the Queensland and NSW, with the opening of
additional cafés.
Values
customer-
focus safety
teamwork
performance excellence.
Strategic directions
The strategic context in which MacVille will achieve its mission and vision is through:
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to
ensuring the implementation of risk management processes that focus on the proactive management of risks across the
organisation.
This risk management policy forms part of MacVille’s internal controls and corporate governance arrangements. The risk
management policy is designed to:
● inform directors, senior management and staff members about their roles, responsibilities and reporting
procedures with regards to risk management
● ensure risk management is an integral part of planning at all levels of the organisation.
Policy
MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive management of
risk at all levels of the organisation.
MacVille will identify, evaluate, control and manage risk throughout the organisation in accordance with the ‘MacVille Risk
Management Framework’. See risk management strategy for framework details.
● determining which types of risk are acceptable and which are not
● monitoring the management of significant risks to reduce the likelihood of potential organisational risks and threats
or failure
● being satisfied that risks are being actively managed, with the appropriate controls in place and working effectively
● annual review of MacVille’s approach to risk management and approval of changes or improvements to key
elements of its processes and procedures.
● implement policies on risk management and internal control where this is deemed appropriate
● identify and evaluate areas of significant risks potentially faced by MacVille for consideration by the Directors
● identify areas where risk management is not adequately addressed and advise the Directors accordingly
● undertake an annual review of the effectiveness of systems of internal control and provide an annual report to
the Directors, including a summary review and respective recommendations.
● familiarise themselves with the content of the Risk Management Policy and clarify any aspects necessary with a
senior team member
● consider any risks they feel could impact on them meeting their objectives and either manage the risk if it is in their
control to do so, or inform a management team member of their concerns
● advise senior management, in the first instance, or the Board of Directors, if concerned about any fraud or unethical
behaviour.
● monthly reporting
● external audit.
○ Harassment Policy
○ WHS Policy
○ Equity/Discrimination/Diversity Policy
○ Finance, Audit and Risk Management (FARM) Committee Terms of Reference, including delegations
○ Board Protocol
Monthly reporting
Decisions to rectify problems are made at regular meetings of the senior management team. Comprehensive reporting
at Board and Sub-committee meetings is designed to monitor key risks and their controls.
External audit
The final audit of financial statements is controlled by an external chartered accountant who provides feedback to the
Board through the FARM Committee.
Procedure: Development of a Risk Management Profile
The following outlines the process for developing a risk management profile.
● All conceivable risks must be considered. Ensure any certainties are identified as problems and addressed in the risk
management profile.
● technology
● insurance
● logistics
● marketing
● product quality
● communications
● customer interaction
● market needs.
Financial:
● accountability
● fraud or theft
● capital investment
● interest rates
Governance:
● conduct of Board of Directors
● conflict of interest.
Project management:
● procedures and tools for project management
● human resources
● financial resources.
MacVille Pty Ltd: Risk management strategy
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to
the proactive management of risks across the organisation. The strategy is designed to:
● inform directors, senior management and staff members about their roles, responsibilities and reporting
procedures with regards to risk management
● ensure risk management is an integral part of planning at all levels of the organisation.
Guiding Principles
● MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive
management of risk at all levels of the organisation, acknowledging that embracing innovative ideas and
practices carries with it risks, but that these are identifiable and measurable and therefore capable of being
subject to realistic risk mitigation processes.
● The Finance, Audit and Risk Management (FARM) Committee has the responsibility of reviewing the Risk
Management Action Plan on a six-monthly basis.
● The CEO and the senior management team have responsibility for managing risk and advising the Board
on appropriate controls.
● The CEO and the senior management team support and implement policies approved by the directors.
● Key risk indicators will be identified, closely monitored and action taken where necessary, by the staff and directors.
● Policies and procedures: A series of policies underpin the internal control process.
● Reporting: Decisions to rectify problems are made at regular meetings of the senior management team.
● Business planning and budgeting: The business planning and budgeting process is used to set objectives, agree on
action plans and allocate resources. Progress towards meeting business plan objectives is monitored regularly by
the senior management team and by directors at Board meetings. Contingency planning is undertaken as required.
● Risk management review: The FARM Committee is required to report at Board meetings on internal controls.
● CEO: The CEO has responsibility to brief the Directors periodically and as appropriate on the development
of policies and procedures to ensure effective and efficient operations, risk management strategies and
implementation.
● External audit: The final audit of financial statements is controlled by an external chartered accountant who
provides feedback to the Board through the FARM Committee.
Definitions
Risks are identified on a scale of likelihood of occurring in the next 12 months and assigning an impact or consequence to
the risk as high, medium or low. High includes either a significant shortfall of around 40% in achieving budget or a
significant reduction in ability to function. Medium includes either a shortfall of budget of between 10% and 20% or some
reduction in function. Low indicates minor reductions in achieving budget or minimal reduction in performance.
Task 2: Analyse and Treat Risk
Performance objective
For this task you are to analyse the risks you identified in the simulated business scenario to assess the likelihood and
consequence of risks, evaluate and prioritise risks, and determine options for treatment. You are also required to develop a
risk management action plan for the treatment of risks and communicate it to relevant stakeholders.
Assessment description
For the MacVille Pty Ltd simulated business scenario provided, you are required to assume the role of Brisbane store
Assistant Manager, Ash, who has just been promoted to be Manager of a new store. Ash has been tasked with conducting
a risk management analysis of this new venture.
There are three stages to this project: (1) review, (2) analyse and plan, and (3) monitor. This project is divided into three
assessment tasks as follows:
Assessment Assessment Task Assessment
Task 1 2 Task 3
Risk review report,
Risk analysis report,
email to Monitoring
action plan and risk
stakeholders and report
treatment
meeting with CEO
For this task, you are to use the information you gathered in Assessment Task 1, along with the simulated business
information provided, to examine the likelihood and consequence of identified risks, prioritise the risks and determine
options for treatment of each risk. Using this information you are required to develop a risk management action plan for
implementing risk treatment, document the plan as required, and communicate the risk management plan to relevant
parties.
Procedure
Part A
1. Review the MacVille simulated business scenario information and documentation
provided in the Appendices of this task and in Assessment Task 1.
2. Develop a report for the CEO (your assessor) that includes the following:
a. For each risk (i.e. the four identified in the scenario for this task), assess the likelihood
of the risk occurring.
b. For each risk, assess the consequence of the risk occurring.
c. Develop a risk matrix to assist in prioritising the treatment of the identified
risks, including numerical values (e.g. risk matrix in the Student Workbook).
d. Once you have prioritised the risks, for each, outline at least two suitable options for
treatment.
e. Include an explanation of the process you used to identify risks and assess likelihood,
consequence and priority. Also include an explanation of why the options you have
suggested for treating the risks are:
i. likely to be effective
ii. feasible for the organisation.
Note: Ensure your report is written in a style appropriate to your stakeholder audience, for example, using appropriate language and
including appropriate illustrative material (such as checklists, diagrams or flow charts) and attachments to support your findings and
process.
3. Develop an action plan(you may use the Risk Management Action Plan template
provided in Appendix 3 of this task)for implementing risk treatment and attach it
to your report.
Acti
Assess on
Risk risk Controls Monitoring prior Timeline Responsibl
(score) ity s e
two- medium better stock gps deliver 4 6 Carlos
hour planning, regular monitoring, months Alberto
deliver monitoring to the monitoring of de
y delivery, have the quality of Nobreg
some backup stock. a
stock.
stock take
extreme get a better dish 1 6 Silvi
Water
washer to control months o
wastage
the water Sant
present
w0astage, os
improve the
facilities of the
high 2 6 Ratinho
possibility
months
of break-
ins
medium 3 6 Didi
staff
months
member
that
completed
the cash
register
balancing
also
completed
2. Submit the required documents for assessment as per the specifications below.
Be sure to keep a copy for your records.
Specifications
You must:
● submit a risk analysis report, including a risk matrix
● submit a completed risk management action plan
● implement one risk treatment and submit evidence as agreed with your assessor.
Your assessor will be looking for evidence of:
● reading skills to gather, review, interpret and analyse text-based business information from a range of sources in order to evaluate
risk
● written skills to organise and deliver information to effectively communicate risk management analysis and plan to a range of
stakeholders
● numeracy skills to interpret mathematical data when reviewing and analysing scenario business information and evaluating risks and
treatment options
● ability to work independently to evaluate risks and make decisions about treatment options
● ability to interact with others using appropriate conventions when communicating to, and consulting with, stakeholders
● ability to sequence and schedule activities and manage communication
● ability to analyse relevant information to identify and evaluate treatment options
● ability to use familiar digital technology to access information, document findings and communicate them to stakeholders.
Appendix 1 – Scenario – MacVille Pty Ltd simulated business
Background
The MacVille Board has reviewed the previous report you developed, and has requested further information for four of the
identified risks, including options for reducing the risk levels. These risks are as follows:
● Loss of brand recognition risk – brand non-compliance of staff not wearing the MacVille uniform, or altering
MacVille processes and service expectations.
Timelines to consider are based on risk priority levels and include the following:
● Pre-settlement – date of legal transfer of the business.
Develop a report for the Board of Directors that examines these risks and describes ways that each can be treated, and
forward a copy of your report to the CEO to table at the next Board meeting.
Appendix 2: Revised notes from previous meetings
● He also said that the Toowoomba Council water patrols meant that it is likely that
stores not complying with the by-law would be discovered.
● Further feedback from Paula included that the water compliance risk was one
where significant time and resources would be required and the Board would view
it having moderate consequences for MacVille’s cafés in Queensland. She also
indicated that while the Board views the risk of a serious accident unlikely, any
potential risk that could result in the death of an employee would have a
catastrophic consequence.
Brainstorming ideas
Looking at the hierarchy of control, the senior management team were able to give you some good brainstorming ideas to
pursue. These include the following.
● Making it a company policy to bank every day and eliminate the need to carry overnight.
● Give the manager an excusal letter allowing them to leave any meeting at no later than 3.00pm every day.
● Replace the dishwasher with one that has a 5–6 star (WELS) rating.
ANSWER
By the time I have done the report of reviewing the simulated business´s risk management processes and
determining the scope and objectives, taking into account stakeholders and both internal and external
environment factors affecting the organization, I am required to analyze the risks that I identified to access the
likelihood and consequence of risks, evaluate and prioritize risks, and determine options for treatment by the
result of reviewing the risk identification report that I uploaded, the MacVille Board has requested further
information for four of the identified risks, including options for reducing the risks levels.
The risks are as follow:
Banking risk Theft of cash left Almost certain (5) Minor (2) 2
on premises
5 10 15 20 25
4 8 12 16 20
3 6 9 12 15
2 4 6 8 10
1 2 3 4 5
Consequences
I decided the priorities of risks by the numeric matrix that I mentioned above. All in the red colour coded boxes
should be solved first and then the white colour boxes then, the green boxes. The number setting is defined as
there:
As assessing likelihood:
Here are some of the treatment options to control each of the risk:
Banking risk
- Including in the company´s policy concerning about banking everyday and eliminating the need to carry
overnight;
- Changing the current banks to the nearer one to save time;
- CCTV should be mechanized.
All the above treatment options should be implemented to control this kind of risk. These options would
not take much investment costs as there are effective and feasible for the organization.
- Assistant manager should be trained to work temporary on behalf of manager that case;
- Provide the workplace environment to be healthy and good for everyone as providing healthy lunches
and right working temperature;
- Sick leave or benefits should be set up to prohibit unnecessary leave out.
Every workplace should have the trained staff to insert the miss out positions not only the manager
position but also any staff positions as chef, cleaning staff or barista. Employee takes leave either in
case of they are sick or their family members or because of their personal problems. While workplace
environment is good, there has rarely to get sick. Creating a good workplace environment gives you the
benefit of goodwill of the organization as well; as per ours is food supply cafe store.
- Communicate the knowledge of why we need to wear uniform to all the staff;
- Try to negotiate the daily wearing uniform policy as allowing wearing the free style suit/dress for once a
week or providing with different colour/style uniform in different days.
The spread of goodwill and image of the organization starts from the internal organization to external.
So, the satisfaction on work environment of all staff is much more important. As a management, we
need to be flexible for some of the policy that my not cause any losses. We can use the win-win strategy
as providing what they want to be and negotiating what we want to be. The customers would be happy
and satisfy as they have seen the happy employee working and serving them along with flexible work
environment.
A brand is seen as one of its company´s most valuable assets. It represents the face of the company, the
recognizable logo, slogan, or mark that the public associates with the company. In fact, the company is often
referred to by its brand, and they become one and the same.
But, sometimes we need to deal with treatments to manage the risk of decreased brand recognition. In the
MacVille case, the risk treatment will be:
- Objectively assess reputation vs. reality: examine the gap between the company´s reputation and actual
performance; make necessary improvements.
- Assess and accept impact of changing expectations: know that stakeholder’s changing expectations will
affect reputation even if they seem unreasonable at the time.
- Explicitly focus on reputational risk: recognize that this is a distinct kind of risk and manage it in a
proactive and coordinated manner. Assign one person the task of managing reputational risk.
Task 3: Monitor Risk and Evaluate Processes
Performance objective
For this task you are required to review the implementation of the risk management action plan you developed in
Assessment Task 2 and prepare a monitoring report.
Assessment description
For the MacVille Pty Ltd simulated business scenario provided, you are required to assume the role of Brisbane store
Assistant Manager, Ash, who has just been promoted to be Manager of a new store. Ash has been tasked with conducting a
risk management analysis of this new venture.
There are three stages to this project: (1) review, (2) analyse and plan, and (3) monitor. This project is divided into three
assessment tasks as follows:
Assessment Assessment Task Assessment
Task 1 2 Task 3
Risk review report,
Risk analysis report,
email to Monitoring
action plan and risk
stakeholders and report
treatment
meeting with CEO
For this task, you are to review the implementation of the risk management action plan you developed in Assessment Task
2 against the simulated business information provided in this task. Then, you will need to prepare a monitoring report
evaluating the outcomes of the action plan and risk management process.
Procedure
1. Review the MacVille simulated business scenario information provided in the
Appendix of this task.
2. Develop a report for the CEO (your assessor), which examines the ongoing
implementation of the risk management action plan.
a. Ensure you include the following sections in your report:
i. Plan –a clear summary of the initial risk and the plan implemented to
manage it.
ii. Implementation– a summary of all actions taken to date in attempting to
manage identified risks.
iii. Outcomes –a clear statement identifying continued and/or reduced
risks, with supporting information in tables or graphs where available.
iv. Evaluation –a clear analysis of the effectiveness of the risk
management plan, including risk assessment (e.g. risk matrix), by
comparing the implementation with the outcomes.
Note: Ensure your report is written in a style appropriate to your stakeholder audience, for example, using appropriate language and
including appropriate illustrative material (such as checklists, diagrams or flow charts) and attachments to support your findings and
process.
3. Submit the required documents for assessment as per the specifications below.
Be sure to keep a copy for your records.
Specifications
You must provide:
● a monitoring report.
Your assessor will be looking for:
● reading skills to review, interpret and analyse text-based business information from a range of sources in order to
evaluate effectiveness of risk management implementation
● written skills to organise and deliver information to effectively communicate evaluation of activities to stakeholders
● numeracy skills to interpret mathematical data when reviewing and evaluating scenario business information
effectiveness of activities
● ability to work independently to analyse scenario information and evaluate effectiveness of activities
● ability to interact with others using appropriate conventions when communicating to, and consulting with,
stakeholders
● ability to sequence and schedule activities and manage communication
● ability to analyse relevant information to identify and evaluate effectiveness of activities
● ability to use familiar digital technology to access information, document findings and communicate them
to stakeholders.
Water manage To install dishwasher (WELS) Within six months Done as planned
In accordance with the outcomes, the uploaded risk management plan is effective and feasible for the prior
identified risk of the Toowoomba store. And now we are continuously identifying new probable risks to manage
and save the waste time, effort, and energy as the risks might be encountered everywhere and every time either
in our workplace or business, or in our daily routine.
Implementation information
It has now been six months since you delivered your risk management action plan.
In accordance with the action plan, an external audit was completed and has been presented to the MacVille Board. The
audit investigated the status of the planned actions on the risks identified.
Case study, written Assessment Task 3: Review the case study scenario and
report provide a written response.
Assessment mapping summary
A
s
Perfor K
s
Assessm Elemen m g
e
ent ts/ ance e
s
method/ PCs* evide *
s
s nce
m
sessment Task Description **
e
port on risks For the scenario provided, the student is required to review 1 Case study, 1.1, 1.2, 1.3, 1, 2, 5 1
risk management processes and determine scope and written 1.4, 1.5, 1.6, ,
objectives, taking into account stakeholder input and both report, 1.7, 1.8, 2.1,
internal and external environmental factors affecting the role-play 2.2, 2.3, 4.3,
organisation. With the information gathered, the student 4.4
identifies risks and presents this to relevant parties for
feedback.
alyse and treat risk Using the information gathered in Assessment Task 1 and 2 Case study, 3.1, 3.2, 3.3, 2, 3, 5 -
the scenario provided, the student examines the written 4.1, 4.2, 4.4,
likelihood and consequences of identified risks, prioritises report, role- 4.5
the risks and determines options for treatment of each play/demons
risk. Using this information the student develops an action tra tion
plan for implementing risk treatment, communicates their
analysis to stakeholders and implements one risk
treatment.
onitor risk The student reviews the implementation of the action plan 3 Case study, 4.4, 4.5, 4.6 3, 4, 5 -
and aluate developed in Assessment Task 2against the scenario written
processes provided, and prepares a monitoring report evaluating the report
risk management process.
* Elements and Performance Criteria are numbered using the Unit of Competency numbering system.
** Obtain number from previous table ‘Performance Evidence’
*** Obtain number from previous table ‘Knowledge Evidence’
Record of Assessment Outcome
Pedro Valente Pinheiro
Student Name
GBC170342 12/12/2017
Student ID Date
Student Signature
TASK 1
TASK 2
TASK 3
Comments:
I have been provided with feedback on the evidence I have provided. I have been informed of the
assessment result and the reasons for the decision.
Student Signature:
The student has been provided with feedback and informed of the assessment result and the reasons for
the decision
Printed resources
● Anderson, E., 2014, Business risk management: models and analysis, John Wiley & Sons,Chichester, UK.
● Damodaran, A., 2008, ‘Chapter 1 – what is risk?’,Strategic risk taking: a framework for risk management,Prentice
Hall, New Jersey.
● Standards Australia, 2009, AS/NZS ISO 31000:2009 risk management – principles and guidelines, SAI global, Sydney.
Online resources
● AIRMIC, ALARM and IRM, 2002, A risk management standard, available online, viewed January 2015,
<http://www.oat.ethz.ch/education/Autumn_term_09/
Material_on_Psychological_Aspects/AIRMIC_Risk-Management-Standard_1_.pdf>.
● ANZ, 2015, ‘Online security tips’, ANZ, viewed January 2015, <http://www.anz.com/auxiliary/security-centre/fraud-
security-centre/protect-yourself/online-security-tips/>.
● Australian Government, 2014, ‘APP quick reference tool’, Office of the Australian Information Commissioner, viewed
January 2015, <http://www.oaic.gov.au/
privacy/privacy-resources/privacy-guides/app-quick-reference-tool>.
● Australian Government, 2010, ‘Chapter 3 – risk analysis’, Natural hazards in Australia: identifying risk analysis
requirements, available online, Geoscience Australia, viewed January 2015,
<http://www.ga.gov.au/image_cache/ GA10820.pdf>.
● Australian Government, 2014, ‘Privacy fact sheet 17: Australian Privacy Principles’, Office of the Australian
Information Commissioner, viewed January 2015, <http://www.oaic.gov.au/privacy/privacy-resources/privacy-fact-
sheets/other/privacy-fact-sheet-17-australian-privacy-principles>.
● Australian Government, 2010, ‘Risk management – A tool for small-to-medium sized businesses, Australian
Transaction Reports and Analysis Centre, viewed September 2014,
<http://www.austrac.gov.au/risk_management.html>.
● Clarence Valley Council, 2012, Risk management plan, available online, Clarence Valley Council, viewed
January 2015, <http://www.clarence.nsw.gov.au/
page.asp?f=RES-TRV-45-30-11>.
● JobAccess, 2014, An employer’s guide to employing someone with disability, available in the publications list,
JobAccess, viewed January 2015, <http://jobaccess.gov.au/publications_list>.
● PricewaterhouseCoopers, 2008, Being smart about the risks you take, available online, PWC, viewed
January 2015, <http://www.pwc.com/gx/en/consulting-services/pdfs/get_up_to_speed2.pdf>.
● PricewaterhouseCoopers, 2006, Bridging the risk and control information gap, available online, PWC, viewed
January 2015, <http://www.pwc.com.au/
assurance/assets/bridgingrisk06.pdf>.
● Queensland Government, 2014, ‘Preparing a risk management plan and business impact analysis’, Business and
industry portal, viewed January 2015, <http://www.business.qld.gov.au/business/running/risk-management/risk-
management-plan-business-impact-analysis>.
● Smith, R., 2012, ‘Who killed lard?’,Planet money, viewed January 2015,
<http://www.npr.org/blogs/money/2012/02/03/146356117/who-killed-lard>.
● University of New South Wales, 2014, HS329 risk management procedure, viewed January 2015,
<https://www.ohs.unsw.edu.au/hs_procedures_forms/
procedures/HS329_Risk_Management_Procedure.pdf>.
● Worksafe ACT, 2012, Risk management of public events, available online, Worksafe ACT, viewed January 2015,
<http://www.worksafe.act.gov.au/
publication/view/1138>.