BSBOPS504 Project Portfolio

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 29

Manage Business Risk

BSBOPS504

Project Portfolio Student

Version VERSION
Contents
Section 1: Establish risk context.....................................................................................................5

Section 2: Identify and analyse risk................................................................................................8

Section 3: Implement and monitor risk treatment......................................................................11

Student name: manvir singh

Assessor: Rajni Ratra

Date:

Business this assessment NatureCare


is based on:
Risk management risk associated with setting up a chain of retail outlets.
project/process:
Documentation reviewed Simulation Pack, policies or procedures.
as preparation:

Section 1: Establish risk context

1. Provide a brief overview of the business or organisation you are basing your portfolio on.
• What is the name of the business or organisation

Nature Care Products

• What is the main focus of the business?

Ans.
makes and distributes high-quality, eco-friendly skin care items.

• What role will you assume as you investigate risk for your chosen risk management
process/project?

Ans,

1. Determine the scope of your chosen risk management process/project.


• What does your chosen risk management process/project involve?

ans,
The first stage is to identify the financial risks that the company faces in its current
operational environment. This technique has the benefit of making these risks visible to all
company stakeholders with system access.

2 Risk analysis: Once a risk has been identified, it must be evaluated.


The scope of the danger must be established.
It's also critical to understand the connection between risk and other internal factors.
It's critical to determine the risk's severity and importance by examining how many
business operations it affects.
3 Risk prioritisation and assessment: Risks must be prioritised and assessed.
Most risk management solutions offer numerous evaluation criteria based on the severity
of the risk.
Risks that can cause catastrophic harm are given the highest priority, whereas risks that
may cause little discomfort are given the lowest priority.

4 Treat the risk: To the greatest extent possible, every risk must be minimised or eliminated.
This is done by reaching out to experts in the field where the risk exists.

5 Keep an eye on the risk and evaluate it:


Not all hazards can be avoided; some risks are unavoidable.
Manual systems rely on dedicated personnel to keep track of things.
These specialists must ensure that all risk factors are closely monitored.
The risk management system in a digital environment monitors the organization's whole
risk framework.

• Which departments or work areas are involved in the process?

ans Payroll, banking, accounts payable (supplier payments), accounts receivable (customer
receipts), and statutory compliance are some of the finance team's general operations and
duties.

• Are there any risks the business will not manage (for example, staff retention)?

ans, Currently, the organisation does not control the risks associated with the IT
department.
IT is the responsibility of the finance department due to the modest size of the
organisation, but it does not need to be risk-assessed.

1. Evaluate organisational requirements and standards for managing risk.


• Which organisational policies and procedures provide input on how you approach your
chosen risk management process or project e.g. Risk management, Record keeping
etc.?

ans,
The Risk Management Policy and Procedures provide feedback on the risk
management process' approach, with the goal of integrating risk management into NatureCare
Products' management culture and cultivating an environment where employees accept
responsibility for risk management.

Aside from that, NatureCare has its own set of risk management policies and procedures.

Internal Communication Policy and Procedures, which aims to improve and streamline internal
and external communications in order to reinforce the vision and strategic priorities, and Record
Keeping Policy and Procedures, which ensures that all records are accurate and secure, are
among the policies and processes.

• Are there any processes you need to follow?

ans, The steps must be followed in accordance with the Risk Management Policy and
Procedures.
The CEO oversees and facilitates the process, which includes the following steps:

Every year, the CEO undertakes a risk assessment.


For risks that exceed NatureCare Products' stated acceptable risks, this includes identifying
the risk's severity and likelihood, as well as designing and/or reviewing specific risk
management plans.

Every corporate operation should, if at all possible, include a Risk Management Assessment.
Strategic, operational, and resource management planning techniques must all include risk
management.

Ensure that risk management approaches are implemented into the quality assurance and
improvement procedures of NatureCare Products.

Risk management escalation processes should be adequately established and documented.

Ascertain that different parts of NatureCare Products react in the same way to the same
hazard.

Test documented risk management techniques at regular intervals.

• Attach policies and procedures to this section of your portfolio.

ans, Policy and Procedures for Risk Management

To provide risk management information and guidance.


This Policy applies to all Nature Care Products employees.

Internal Communication Policy and Procedures

Nature Care aims to enhance and streamline communications (internal and external) to reinforce the vision and
strategic priorities.
As such, we will continue to develop and trial new communication platforms, channels, and tools to improve
information sharing and collaboration between all staff members.

Record Keeping Policy and Procedures

This policy outlines the procedures for creating, preserving, and accessing Nature Care's records.
Its goal is to make sure that all records are correct and safe.

1. What are the legal requirements associated with your chosen risk management process or
project?
• Explain the legislation you need to comply with.

ans, The AS/NZS ISO31000:2018 Risk Management Principles and Guidelines must be
followed by the risk management process adopted.
The legislation aims to harmonise risk management practises in current and future
regulations.
It supports, but does not replace, standards that deal with specific risks and/or sectors.

• Do any regulations apply?

The risk management framework should be implemented by the organisation in


accordance with regulatory criteria through:
Making an appropriate strategy, taking time and resources into consideration;
Identifying when, when, and how various types of decisions are made within the company,
as well as who makes them;
Modifying the relevant decision-making procedures if necessary
Assuring that the risk management arrangements in place at the company are well-
understood and implemented.

• Is there the potential for new laws to be introduced or existing ones to be amended or
rescinded?
Product safety regulation

• Which risk management standard/s are used or guide the risk management activities of
the business?
1. ans, AS/NZS ISO31000 to comply with the guidelines.

1. List the resources available for you to use as you plan, implement and monitor risk.
• Are template documents available to support your risk management process/project?
ans,

yes, template documents available to support risk management process/project, The


required templates for planning, implementing and monitoring risk are provided by the company.

• Do you have budget allocation or restrictions for the risk management process/project?

ans,

yes, have budget allocation or restrictions for the risk management process/project,
The risk management process budget has made a $20 000 provision for a technology advancement
(e.g. RPA) but any other spending should be kept to a minimum

• Which employees are available to assist you?

ans,
the Nature Care Products' performance management systems employees and other
stakeholders, training and other development employees, Payroll officer and finance
administrator are available to assist during the risk management process.

• What other resources are required?

ans, o people, due to due to an increased workload

1.
2. Establish objectives and critical success factors for your risk management process or
project.
• List two objectives.

ans,
The following are the goals of this risk management process:

To reduce the danger of cash theft from retail establishments

To avoid the possibility of new supplier invoices being sent incorrectly.

• List three critical success factors for the risk management process or project.

• ans, Reduced cash flow problems


Timely payment and strong supplier relationship

1. Identify stakeholders who will be part of the risk management process.


• Who is able to shed light on or assist with risk identification, risk analysis and/or risk
control?

ans, Finance manager, the CEO, Payroll officer and finance administrator

• Who is likely to be impacted by an adverse risk event?

ans,
An adverse risk occurrence is likely to have an influence on the entire financial team.
Accounts Manager, Marketing Manager, Marketing Assistant, Sales Manager, four customer
service representatives, Office Manager, Administration Assistant, Operations Manager,
Financial Manager, Payroll Administrator, Finance Assistant (accounts payable and
receivable, etc.), and the CEO are among the other stakeholders.

• How will each stakeholder provide input to the risk management process (such as
identifying possible risks, helping describe their impact and suggesting ways to prevent
or mitigate risks)?

ans The risk management process would be overseen and facilitated by the CEO.
The payroll officer and the finance administrator would help to identify risks and their
repercussions.
By regularly monitoring their areas of responsibility, all line managers may help to ensure
that risks are identified and dealt with.
Line managers would ensure that their tasks and roles contribute to the risk management
process of NatureCare Products, which detects hazards at all levels.
Line managers would exchange recorded risk responses and understanding of risk
management concepts and processes to ensure consistency across the NatureCare
Products.
Line managers would scrutinise all acts.

• What influence does each stakeholder have on risk management decisions?

ans
decisions would be influenced by each stakeholder.

• What are the possible issues each stakeholder may have if a risk event occurs (for
example, employees will still want to be paid, customers may still need your products
or services and banks will still need to be paid for loans etc)?

ans
The stakeholders participating in the risk management process may confront obstacles if a
risk event happens.
Banks have agreed to finance 70% of the capital needed to expand the business and build a
chain of retail outlets in central Sydney, Brisbane, and Melbourne over the next six months,
according to the CEO, and the shareholders have committed to fund the remaining 30%.
As a result, the question of repaying the loan and interest may emerge in this case.
Employees may be let go, and those that remain want to be compensated.
The risk management process may be affected as a result of these concerns.

1.

2. Communicate with relevant stakeholders.


• Who will you communicate to (at least two stakeholders) regarding:
• Explanation of the risk management process or project?

ans,
The company's CEO would be consulted for an explanation of the risk management
procedure.
• Invitation to assist in risk identification.

ans

Finance manager, the payroll officer and finance administrator. Together they identified
risks and associated outcomes

• How will you consult with each stakeholder?

ans,
Schedule a meeting or The consultation regarding the risk management process with the
stakeholders would take place through an email.

• If not already viewed in person by your assessor, attach proof (e.g. draft email,
telephone conversation recording, video of meeting etc.) of your explanation of the risk
management process/project to the stakeholders.

ans,

• If not already viewed in person by your assessor, attach proof of your invitation to
stakeholders to assist in the identification of risks (e.g. draft email, telephone
conversation recording, video of meeting etc.).

• Note: If suitable, 8.3 and 4.4 can be completed as one communication.


1.

2. Analyse the external environment of your risk management process/project.

ans, • Identification of the risks

• The uncertainty that these risks posses.

1. PESTLE Analysis

2. A PESTLE analysis is a method for examining the key external factors affecting a business (Political,
Economic, Sociological, Technological, Legal, and Environmental).
3. It gives people with expert insight into the company's external challenges.
Item Under Investigation: Finance Date: 24rd June 2021
department

Project: Risk management of financial Analyst: CEO


activities

Element Factors and business impact

1. Tax policy, environmental regulations, trade restrictions and reform, tariffs, and
political stability all have the potential to impact NatureCare's risk management
Political
approach.

2. Changes in tax policy may have an impact on the operations of NatureCare.

1. Interest rates, currency exchange rates, inflation, and wage rates, as well as
minimum wage, regular hours, local and national unemployment, and cost of
living, all affect business operations.

2. When going through the risk management process, it's possible that some of the
company's personnel will lose their cool.
Economic
3. There's also the possibility that current employees will demand a pay hike from
the company.

4. Risk management would be affected as a result of this.

5. The cost of training and the taxation of technology to be used have an impact on
the risk management procedure.

1. Stakeholder preferences, communication preferences, cultural differences,


ethical standards, and perceptions of value and quality are all social variables
that could pose risks or opportunities.
Sociological
2. A consumer who believes a beauty skin care product is of higher quality will pay
more for it, even though manufacturing costs are the same, but will not buy it at
all if it violates their ethical standards.
Technology-related factors include process automation, product development, vendor,
competitor, and customer technology, and industry innovation.

Technological The risk management procedure's implementation may be impacted by the robotic
process automation (RPA) implementation phase.

Employees may not grasp how the technology works once it is introduced.

Legal
1. Legal factors include both those imposed by the governance of the jurisdictions
in which the firm operates and those imposed by the organization's internal
governance.
2. NatureCare must follow all of the following ideas and recommendations when
going through the risk management process:

3. Risk Management Principles and Guidelines, AS/NZS ISO31000:2018.

4. Noncompliance would have a negative impact on the risk management process.

Factors in the operational environment or the market that pose risks and
opportunities.

Environmental Because the additional NatureCare items will be available for purchase at the same
time as new retail locations open, there may be fears that suppliers in China, the
Philippines, and New Zealand will be unable to satisfy demand.

This would expose the company to even more dangers.

1.

1. Note: You may choose to perform any external environmental analysis (e.g. PESTLE analysis)
to answer this question instead of the questions below.
• What is the political situation like (e.g. unrest, government support of small business,
government policies)?

ans, The key political factor that Nature Care Australia or any other organization in beauty
industries that it has to go through strict guidelines of standard provided by the local
government of where they operate. The government of Australia has put many legal
constraints on the industry as their products are directly consumed by the users and has a
direct skin-to-skin contact. It comes under Therapeutic Goods Act of 1989 (Bessis, 2015).

• What is the current and predicted economic situation (e.g. state of local and other
applicable economies, interest rates, exchange rates, employment rates etc.)?

. The risk management process budget has made a $20 000 provision for a technology
advancement (e.g. RPA) but any other spending should be kept to a minimum. The
customer service representatives frequently move on to other opportunities and need to
be recruited and replaced on a regular basis

• Are there any social considerations (e.g. changing values, beliefs, attitudes and habits)?

ans, changing values


• How are technological advances affecting the business (e.g. internet, RPA, risk control)?

ans, RPA, Higher Productivity and Improved Quality of Customer Service.

• What are competitors doing?

ans, The competition has become so fierce in the market so competitors Capturing market
share in the era of the new normal and Rising awareness regarding natural beauty products

1.

2. Establish the strengths and weaknesses within your business that have the potential to
create or impact risk.

ans, Strengths is An invoicing RPA system was implemented in the finance department

weaknesses is due to an increased workload and demand on the finance staff, there would be
incorrect invoicing of suppliers. This would result in delayed payment and weakening of the
supplier relationship and may affect staff retention and work performance

1. Note: You may choose to use any relevant analysis tool (e.g. SWOT analysis) to answer
instead of the questions below.
• Are the current risk management policy/procedures complete and comprehensive?

ans, yes, NatureCare's current risk management policy and method is one of the company's
strengths.
The policy and processes are broad and detailed.
The policy outlines the principles to be followed, as well as the necessary training and
development for employees, as well as the roles and duties of all stakeholders in risk
management choices, aims and objectives, and procedures.
As a result, it is the company's strength.

• What is the state or condition of business’ resources relevant to your risk management
process or project?

ans, The resources of the company are also its assets.


The corporation has stated that 70 percent of the financing will be available from banks,
with the remaining 30% to be found by the owners.
A $20 000 budget has been set aside for a technology advancement in the risk
management process, but any further spending should be kept to a minimum.
• How effective are existing communication mechanisms between management and the
workforce?

ans, The company's communication mechanism could be another strength.


In order to promote the company's vision and strategic goals, the organisation has
implemented a comprehensive Internal Communication Policy and Procedures to improve
and streamline internal and external communications.
Similarly, the company is dedicated to developing and testing new communication
platforms, channels, and technologies to encourage information sharing and collaboration
among all personnel.

• How loyal are staff?

ans, The staff's devotion could be a source of weakness.


Because the company's burden has expanded significantly, it is a drawback.
The personnel would not want to take on a lot of tasks because of the workload.

• What is the size and quality of the customer data base?

ans
Nature Care ’s basic customer database has identified that around 70% of customers are
professional women aged 25 to 55.

• What is the business’ ability to fund or raise funding?

ans, The company has the ability to raise funds. The company is able to get loan from the banks to
raise funds, which is a strength.

• What is the business’ cashflow situation?

ans,
the theft of stock or cash from retail outlets would result in cashflow problems and
criminal charges (negative publicity).

• Are supplier relationships strong and reliable?

ans, due to an increased workload and demand on the finance staff, there would be
incorrect invoicing of suppliers. This would result in delayed payment and weakening of the
supplier relationship and may affect staff retention and work performance and also The
relationship with the suppliers based in China, Philippines and New Zealand is reliable, however
because of the delayed payment, the relationship is weakening, which is a weakness
1.
Attach: Policies and procedures
Communication to explain risk management process
to stakeholders (if relevant)
Communication to invite stakeholders to identify
risks (if relevant)
1.

Section 2: Identify and analyse risk


• Plan to discuss risks with invited stakeholders (identified in Section 1).
• Choose a tool or technique to facilitate the group discussion to identify risks within the
scope of the risk management process

ans, Enterprise social networks and Executive team meetings


A meeting would be held to facilitate group discussion and risk identification as part of the
risk management process.

• Note: At the meeting, you will collaboratively choose three risks to focus on as a group.

• List what will be discussed (e.g. identify risks, assess risks, risk treatments, priorities
etc.)

To secure its commitment to training and knowledge development in the area of risk
management

• What method and scale will you use to assess the likelihood and severity of the risks?

ans, To calculate a Quantative Risk Rating, begin by allocating a number to the Likelihood of
the risk arising and Severity of Injury and then multiply the Likelihood by the Severity to
arrive at the Rating.

• What will guide how you prioritise risk (e.g. risk matrix)?

• What are you prepared to negotiate?

ans, Extreme and high-risk situations should be prioritised.

Moderate dangers should be given a medium level of attention.

Low and very low dangers should be given the least amount of attention.
• How will you negotiate?

ans, through a meeting

• Explain questioning and listening techniques you will use to elicit opinion and clarify
understanding.

ans,The stakeholders' opinions will be elicited using a funnel questioning technique.


What might possibly go wrong, for example?

What could be done to prevent this?

What could possibly be harmful to us?

What do you think the worst-case scenario is?

What dangers do we have to deal with?

1.

2. Summarise risks.

1. Role-play

2. Participants:

3. Finance Manager (FM)

4. Payroll Officer (PO)

5. Finance Administrator (FA)

6.

7. FM: Good morning everyone!

8. PO: Good morning.

9. FA: Good morning.

10. FM:Let me jump right into the meeting's agenda. I'm sure you've all seen my email and have a
good idea what the meeting will be about.

11. PO: We had received your email and were considering addressing the agenda.

FM: Our CEO has asked us to look into the dangers involved with this initiative, with a particular focus
on the finance team's financial activities.
Despite the fact that IT is part of the finance department, risk assessment is not required.

Due to the short timeframe allocated to open the retail locations, I'd require your help with risk
management.

FA: Yes, we, too, are concerned about potential hazards to the financial staff.

FM: So, please share your worries with us so that we can identify the specific risks.

FA: All right.

So, my first concern is the theft of merchandise or cash from retail establishments.

With the increase of retail shops, there is a greater risk of stock and cash theft, resulting in cash flow
issues and criminal accusations (negative publicity).

PO: Given the obvious and foreseeable rise in workload as a result of our plan to expand our retail
outlets, I am concerned about an increase in workload and wonder if more workers should be hired.

FM:

Your concerns are valid, and I share them.

I, too, have seen a problem; I recently attended a professional development training course on how to
use automated procedures to perform routine financial activities.

As you said, there would be improper invoicing of suppliers as a result of the additional activity and
strain on the financial employees.

This would result in a delay in payment and a deterioration of the supplier relationship, which could
have an impact on employee retention and performance.

What are your thoughts on the subject?

PO:

I understand your worries.

All three of these problems, I feel, are vulnerable to risk in the finance staff.

As a result, we'd have to get to work right away.

FM: Yes, we should pursue it further.

As a result, we've identified three key risks: stock or cash theft from retail outlets, inaccurate invoicing
of new suppliers, and increased pressure on payroll and accounts receivable/payable personnel.

Is that okay with you?

PO: Yes, but in my opinion, we should prioritise the increasing workload on the financial staff.

FA:

I agree that the workload in our financial staff is prone to dangers.

FM:

What are the alternatives to the issues that have been raised?

Have you given it any consideration?

PO: I believe that in order to address the issue of stock and cash theft, we should install security
cameras, hire well-referenced employees, conduct periodic storage room audits, and get insurance.

FM: That is a viable option.

Why don't we hire some more people for our financial department?

This would reduce the workload in some way while keeping us on the safe side.

FA: That's a fantastic suggestion.

PO: What about the erroneous billing?

FA: I believe we could teach and reward employees as well as automate operations in our finance
department as needed.

PO: Yes, we could provide that training to our employees.

FM: Okay, so for the time being, let's focus on these three risks and their potential solutions.

Thank you very much for all of your help.

Throughout the risk management process, I anticipate such guidance.


PO: Sure, we'd be happy to help you with this.

FM: Thank you very much, and have a nice day.

• Summarise at least three risks identified at the meeting that apply to the scope of your
risk management process or project. For each risk:
• Identify which type of risk it is.

ans,
1 Theft of stock or cash from retail outlets
2 Increased demand on payroll and accounts receivable/payable staff
3 Incorrect invoicing of new suppliers

• Identify who may be responsible for the risk.

ans, finance manager

• List at least two potential outcomes should the risk eventuate.

ans, cashflow problems and delayed payment

• What treatment alternatives were discussed?

security cameras, using well referenced staff, doing frequent audits of the storage room
and taking out insurance.

• How do the stakeholders want to prioritise the risks?

ans, create a project Risk Matrix in order prioritize risk events.

• If not already viewed in person by your assessor, attach proof of your stakeholder
meeting (e.g. video of meeting etc.).

1. Summary of risks identified

2. Risk 3. Type 4. Responsi 5. Potential 6. Treatment


elements bility outcome alternatives

7. Theft of 8. Financ 9. Finance •Cash flow 1. Security cameras,


merchandise e risk Administr problems well-referenced
or cash from ator employees, regular
retail • Criminal storage room
establishmnts charges audits, and
insurance are all
recommended.

2. Invoices from 3. Opera 4. Payroll •Delayed payment 1. Train and reward


new vendors tional Officer staff and to
are incorrect. risk • Weakening of automate
the supplier processes where
relationship necessary

2. Demand on 3. Huma 4. Finance •Staff retention 1. Hiring of additional


payroll and n Manager issues staffs
accounts Resou
receivable/pa rce •Work performance
yable workers risk
has
increased.

1. Complete the table below to assess the identified risks (using an appropriate scale and
stakeholder input).
Note, you may enter relevant information into the table below, or use any other appropriate
format. If you use another format (e.g. MS Excel spreadsheet), attach proof to this section of
your portfolio

Risk Potential Finance Payroll officer Finance Combined


outcome Manager assistant value (e.g.
average)

Likeliho Impa Likeliho Impa Likeliho Impa Likeliho Impa


od ct od ct od ct od ct

Theft of Cash flow 3 3 2 2 2 2 2.3 2.3


merchandise problems
or cash from
retail
establishmnts

Criminal 1 1 2 1 2 1 1.6 1
charges

Invoices from Delayed 4 2 2 2 1 2 2.3 2


new vendors payment
are incorrect.

Weakenin 4 3 3 3 3 3 3.3 3
g of the
supplier
relationsh
ip

Demand on Staff 3 3 2 2 3 2 2.6 2.3


payroll and retention
accounts issues
receivable/pay
able workers
has increased.
Work 3 3 3 4 4 3 3.3 3.3
performa
nce

1.
2.
3. Research risks
• Research each of the identified risks to learn more about the risk and any related risk
treatment options (e.g. speak to stakeholders, do an internet search, review best
practice examples, check policies and procedures, view past incidents, research
technology solutions etc.).
• Note: You must access at least two different sources of information.
• Summarise the research done for each identified risk.
• List the options available to you to treat your identified risks.
• Attach proof of your research to this section of your portfolio.

Risk Source of Research


informatio
n

Theft of Internet Stock theft and cash theft are commonly caused by customers
merchandise or search shoplifting, personnel theft, administrative and paper errors,
cash from retail undiscovered loss, and vendor fraud.
establishmnts
Theft from a retail store affects the company's profits both directly
and indirectly.

The immediate loss of merchandise for sale hurts the company's


capacity to sell items to potential purchasers, while the cost of
replacing stolen goods raises manufacturing costs.

Alternative treatment:

NatureCare may utilise security cameras, well-referenced staff,


frequent storage room audits, and insurance to accomplish this.

Invoices from new Technology There would be inaccurate billing of suppliers as a result of the
vendors are solution increased effort and strain on the finance employees.
incorrect.
This would result in a delay in payment and a deterioration of the
supplier relationship, which could have an impact on employee
retention and performance.

Automation of robotic processes as a treatment option (RPA).


RPA uses artificial intelligence (AI) to automate high-volume,
repetitive activities and eliminate errors.

Keeping an eye on new invoices:

The software looks for new invoices in a specific directory on the


company's SharePoint site.

As soon as new files are detected as invoices, they are given for
data extraction.

Invoice Capture: Relevant data is extracted by the software (e.g.,


bank account, order details, price, etc.). It is sent to human staff for
manual verification if it fails to collect the data efficiently or has
doubts about the data extraction.

Invoice Evaluation: To determine if the invoice is valid, it is


compared to order records and other criteria.
• Comparing the invoice to the purchase orders
• Doing a double-check to see if there are any duplicate records
• Choosing the payment date based on working capital
optimization rules
• To assess whether manual intervention is required, guidelines
and restrictions are used.

Demand on Internet The increasing workload associated with the expansion of


payroll and search NatureCare retail stores is the primary reason of increased
accounts pressure on payroll and accounts receivable/payable employees.
receivable/payabl
e workers has Such a workload may have an influence on employee retention and
increased. productivity.

Alternative treatment: Additional staffing could be hired to address


this issue.

When the finance team is expanded, the work will be further


divided, reducing the workload for each employee. .

1. Use digital technology to document and calculate risk (e.g. a risk register). Include the risk,
potential outcomes, likelihood, impact/severity, risk calculation, treatment actions and
priority of each treatment action.
2. Note: Risk is calculated (likelihood)x(impact).
Potential Risk
Risk outcome Likelihood Impact priority Treatment action
Theft of stock or cash • Issues with Likely Moderate Moderate Security cameras
from retail outlets cash flow Frequent audits of
• Criminal storage room
charges

Incorrect invoicing of • Payment Very likely Significant Extreme Robotic process


new suppliers delays automation
• Supplier installation (RPA)
relationship
deterioration

Increased demand Staff retention Very likely Moderate High Employ more
on payroll and difficulties people.
accounts • Work
receivable/payable performance
staff

Attach: Proof of your research (2 sources)


Stakeholder meeting
Risk assessment (likelihood and impact) if you did not
use the table provided
Digital risk documentation e.g. risk register

Section 3: Implement and monitor risk treatment

1. Complete the action plan below for ONE of your selected risk treatments (in your Risk
register in Section 2).
2. Note: If your business already has an action plan template or other specific documentation
requirements, use them instead and attach your work to this section of the portfolio.

Risk: Invoices from new vendors are incorrect.


Action: Robotic process automation installation (RPA)

Desired outcome: Reduced invoicing errors and improved supplier relationships

Overall person responsible: Finance Manager

Step: Person Timeframe: Resources: Performance Outcome Done?


responsible: measure: requirements:

Automate Finance 3 months Software, Induction into Complete Yes


your Manager hardware the finance installation
processes department
with
robotics
(RPA)

Staff should Payroll officer 2 months Training Attendance Enhancing the Yes
be materials, during training supplier
educated. trainer by employees connection

Operate the Finance 2 week Software Errors in Ability of Yes


Robotic Administrator installation invoicing are employees to
Process reduced. use RPA
Automation
(RPA).

1. Communicate the action plan to relevant parties (each person responsible for a step in the
action plan).
• To who will you communicate?

ans, the payroll officer and finance administrator

• How will you communicate (e.g. face-to-face discussion, email)?

ans, face-to-face discussion

• If not already viewed in person by your assessor, attach proof of your communication
to this section of the portfolio (e.g. email with attachment, project schedule, video of
team meeting etc.).
1.

2. Implement your action plan.


• What are the organisational policy and procedure requirements to implement an
action plan?

ans, The company currently has a Risk Management Policy and Procedures in place that
incorporates the AS/NZS ISO31000:2018 Risk Management Principles and Guidelines

• Must any documentation be maintained or named in a specific way?

ans AS/NZS ISO31000:2018 Risk Management Principles and Guidelines

• If not already viewed in person by your assessor, attach proof of implementation to this
section of your portfolio (e.g. notify HR, schedule resources, recording of telephone
conversation etc.).
1.

2. Monitor your risk management process or project.


• What data is available?

risk and the outcome of the risk management process is available

• Have any new risks emerged?

Three cases of storage room theft were discovered across three locations after three
months of operation.
The risk management approach, according to the CEO, was insufficient in controlling this
risk.

• Have any incidents been recorded?

One of NatureCare's regular container suppliers had merged with another and would no
longer be able to fulfil the order.
This occurrence has been documented.

• Have you (or other stakeholders) received or provided feedback?

The operation manager have received the feedback


1. Evaluate your risk management process or project.
• Are you identified risks still relevant?

Yes, stock or cash theft is still an issue, as three incidences of store room theft across three
enterprises were reported after three months of operation.

• Have your risk treatments been successful?

Since the deployment of the RPA system, the risk handling has been successful in
preventing invoicing errors.

• Are there any new risks?

A fresh threat of a supply shortfall has surfaced.


NatureCare's normal container suppliers had merged with another company and would no
longer be able to fulfil the order.

• How satisfied are stakeholders with your action taken to manage risks?

The stakeholders are satisfied about the RPA implementation and prevention of invoicing error.

• Are your selected treatment options still in line with best practice?

Yes, The treatment includes installation of security cameras and conducting frequent audits of
storage room and the selected treatment for theft of stock or cash from the retail outlets is still
available,.

• Is any other risk treatment necessary?

yss, to decrease the workload of finance team

• Write a report on the outcomes of the evaluation and attach it to this section of your
portfolio. In you report, include:
• a summary of the risk process/project and associated risks and risk treatments
• a summary of the progress of the action plan
• a summary of new risks
• a summary of risks no longer valid
• any additional risk treatments required.

• EVALUATION REPORT

• Risk management of financial activities is the title of the risk project.

• The finance department is to examine for financial risks related with the NatureCare
endeavour under the leadership of the CEO.

• Three financial activity risks were identified during the risk identification process with the
help of the finance administrator and payroll officer.

Theft of merchandise or cash from retail outlets, erroneous billing of new suppliers, and increasing
pressure on payroll and accounts receivable/payable employees were all dangers in the finance
department. These risks could result in cash flow issues, criminal charges, late payments, a
deterioration of the supplier relationship, a problem with staff retention, and a problem with work
performance.

Several therapy options have been developed to address these hazards.

Security cameras, well-referenced workers, periodic storage room audits, insurance, employing more
staff, educating and motivating staff, and automating processes where appropriate were all part of the
therapy.

The action plan included one of the identified risk remedies, which was the implementation of robotic
process automation, following the risk identification procedure (RPA).The three phases were followed
in order to implement the risk treatment action plan.

The Robotic Process Automation (RPA) system has been installed and the crew has been trained to
use it.

The danger of inaccurate supplier invoicing has been eliminated because risk treatment was
implemented.

However, a new threat has surfaced.

Regular container suppliers had merged with another company and would no longer be supplying the
containers NatureCare needed, posing the prospect of a supply shortage.

The possibility of vendors issuing incorrect invoices is no longer a concern.

One month after the stores opened, the finance department developed an invoicing RPA system.

Since its implementation, there have been no invoicing concerns.


Attach: Action plan (if relevant)

Proof of communicating action plan

Evaluation report

You might also like