Identify risk and apply risk management processes

E:\TAFE\1. Sem 1 & 2 2017\Sem 2 2017\2. Cert IV Business\2.Identify risk\Assessments\AT01 Portfolio\BSBRSK401_AT1_Element
4.docx\ Version 1\February 2014
Element 4 – Monitor and review effectiveness of risk treatments

4.1 Answer the following questions:
 What is the purpose of a treatment plan?
 Explain why a treatment plan should be regularly reviewed.
 What criteria can be used to assess whether the treatment plan is successful.
The purpose of a risk treatment plan is to link up the risks with the mitigation
plans/solutions in a bid to correcting them. It is normally done on a small sheet where at
least one or two solutions for each identified risk are provided.
Like the business itself, risks may change from time to time. The essence of reviewing the
treatment plan, therefore, is so that if the risks change, the solutions may also change.
In evaluating the effectiveness of the treatment plan, one of the criteria to use might be
looking at the profit margins of the organization, looking at the people behaviour in the
organization and evaluating the involved stakeholders in respect to the issue at hand.

4.2 Refer to the risk treatment plan, prepared in question 3.5. Assume that after implementing
the treatment plan, there continues to be issues even though everything in that plan has
been implemented. Review the treatment plan and explain how the treatment plan
could be improved.
In the prepared treatment plan, the two solutions to the issues arising were getting the
equipment, especially the Dalla Corte more affordable maintenance costs. As it stands now,
the two solutions did not work. The solution to lower maintenance costs would then be
training several individuals that will be tasked with the responsibility of ensuring that the
equipment and instrumentation is working effectively. On the other hand, the next solution
could be importing the spares cheaply as we purchase other deliverables in bulk. In a bid to
improve the plan and the business at large, we would seek to train our own engineers to
solve this problem once and for all.

4.3 Using the internet, research the role of an ‘internal audit manager’. You may consider using a job search site such as www.seek.com.au or www.mycareer.com.au or any other job search site.
 What activities/tasks do internal audit managers carry out?

AUI64—BSBRSK401 Identify risk and apply risk management processes

E:\TAFE\1. Sem 1 & 2 2017\Sem 2 2017\2. Cert IV Business\2.Identify risk\Assessments\AT01 Portfolio\BSBRSK401_AT1_Element
4.docx\ Version 1\February 2014
 What role does an internal audit manager play in the risk management process?
The internal audit managers function as an internal taskforce that is given the responsibility of providing disciplined approaches to risks, usage of the organization’s funds and the improvement of control and governance processes. Among other roles, the internal audit manager carries out the following roles in the risk management process:
 Ensures that the business is compliant with the federal/national laws about investments.
 Recommends improvement in the control processes
 Investigates reported cases of theft, fraud, corruption and embezzlement.
 Reviews the programs and measures put in place as controls.
 The manager assesses the adequacy of the internal control systems put in place to safeguard the business against risks.

4.4 When reviewing your risks and treatment plans, what barriers or challenges will be faced when undertaking reviews of risk management processes that include identifying when and
why risk management activities have not been successful?

As in any other process, review of the risk management processes from assessment to
treatment plans will be faced by several challenges. One of the barriers is that one cannot
measure how effective or ineffective management processes have been.
Another challenge is that while training taskforces to work within an organization, they go
for simple workshops that do not train them on compliance with simple risk management
processes, hence the challenges in identifying success or failure.
Lack of common risk languages and insufficient data also act as barriers to telling when
approaches have been successful or not.
Intangible benefits and lack of managerial awareness act as some other barriers. When the
benefits are few, it sounds as if the approaches have been successful while in the real sense
they could be ineffective.
Challenges related to the risk management process such as acquisition of funds to carry out

Answer preview:

Element 2 – Analyse and evaluate risks

Refer to the Cooper’s Café Case Study and identify and list five risks related to Cooper’s Café. For each risk:

clearly state the risk

analyse each risk and provide an overview of the problems that may cause harm to the business

List the stakeholders involved.

Risk Problems Stakeholder

Management-employees could not handle the Dalla corte machine. The quality of the coffee was inconsistent, not as the customers wanted it.

The customers got dissatisfied
Employees

The owners