Recent Question/Assignment
COMPLETE ASSESSMENT DOCUMENT
BSB60407 Advanced Diploma of Management
BSBRSK501B Manage risk
The following assessments are to be
(a) completed and
(b) submitted
in accordance with the associated
STANDARD INSTRUCTIONS
ASSESSMENT COVER SHEET
To obtain the qualification of BSBIRSK501B Manage risk, the skills and knowledge required are summed as: Skills
Learner should have:
• communication and literacy skills to consult and negotiate, to prepare communication about risk management, and to encourage stakeholder involvement.
• Organisational and management skills to plan and implement risk management process.
• Problem – solving and innovation skills to find practical ways to manage identified risks.
Knowledge
• AS/NZS 4360 : 2004 Risk management
• legislation, codes of practice and national standards, for example;
a) duty of care
b) company law
c) contract law
d) environmental law
e) freedom of information
f) industrial relations law
g) privacy and confidentiality
h) legislation relevant to organisation's operations
i) legislation relevant to operations as a business entity
• organisational policies and procedures including;
a) risk management strategies
b) policies and procedures for risk management
• overall operations of organisation
• reasonable adjustment in the workplace for people with a disability
• types of availability insurance and insurance providers.
Assessments Tasks to be completed
There are four (4) assessment tasks to be completed for this unit.
Assessment Part A. Knowledge test.
Performance objective
You are required to demonstrate understanding of a wide range of questions to assess your underpinning knowledge of the management of risk.
Specifications (submit)
• written responses to all questions provided. Your assessor will be looking for:
? evidence that you understand the required legislative requirements
? evidence that you understand risk management practices in the business sector.
Adjustment for distance-based learners
This test can be adjusted for distance learners. Options include the following. Option 1: Submit test as a report
Procedure:
? no variation of the task is required (templates will be emailed to you) ? Follow-up interview may be required (at the discretion of the assessor)
? Documentation can be submitted electronically or paper-based.
Option 2: Conduct test as an interview
This option involves holding an interview with the candidate on Skype or by telephone.
Procedure:
? the assessor will schedule a date for the interview and email required templates to you
? the assessor will make contact with the learner and commence the interview
? after the interview you will complete the templates using supplied information and return them to your assessor within an agreed timeframe
? supplementary information or a follow up interview may be required (at the discretion of the assessor).
Assessment description
For this task you are required to demonstrate an understanding of standards and legislation relevant to risk management, and the management of risk across an organization in a range of contexts.
Procedure
• (Some of the knowledge will not have been discussed in class and this will require you to study your workbook for the information. This knowledge will assist you when applying it later.)
You are required to:
1. Review the written questions provided
2. Provide written responses to the questions
3. Submit your responses in the agreed timeframe.
1. What are three ways that research can be conducted for risk-related issues? For each way, briefly describe how it may be done.
2. Fishbone checklists and brainstorming are both tools that can be used in risk management. Describe each of these and when they would best be used.
3. What are the five stages of risk likelihood? Briefly describe each one.
4. List and give an example description for each of the five levels of consequence for risk.
5. What needs should be considered when treating risk? List and describe three treatments that could be considered.
6. What should be included in a risk action plan? Describe the key inclusions and briefly the type of information included with each inclusion.
7. How does the AS/NZS ISO 31000:2009 Risk management – principles and guidelines standard assist organisations to reduce risk?
8. For each of the pieces of legislation listed, describe the intent of each and how it could impact on the process of managing risk.
a. Privacy law.
b. WHS regulations.
c. Contract law.
9. Name and give an example for three adjustments that can be made in the workplace to assist a person with a disability.
10. List two types of insurance an organisation could consider purchasing, and for each type, describe the risks covered by the insurance and the benefit to the organisation.
Assessment Part B. Risk review.
Performance objective
For this task you are required to determine the risk context associated with establishing a new business outlet, within the existing business structure. They will be required to review internal and external environment factors and liaise with all stakeholders to generate a list of risks.
Specifications (submit)
• An email by completing (in dot-points) the partial-completed email shown in Procedures based on the information in the case study provided.
• A brief table of notes covering each of the following
? All of the issues and identifying those about which you require further information
? stakeholders from whom that information may be obtained
? the questions you would propose to put to the relevant stakeholder Your assessor will be looking for:
• evidence that you analyzed and identified the needs of the case study and have clearly reflected these in the email and table.
Assessment description
For the case study provided with this Assessment Task, you are required to review risk management processes and determine scope and objectives, taking into account stakeholder input and both internal and external environmental factors affecting the organisation. With the information gathered, you are to identify risks and present this to relevant parties for feedback.
Procedure
For the provided case study, you will assume the role of the risk manager/assessor.
1. Review the Risk Management Policy and Risk Management Strategy in the MacVille Case Study in Appendix 1 and take note of the following.
i. Scope – Identify the scope of risk management required in your identified role.
ii. Goals – Identify and describe the critical success factors, goals or objectives for areas included in scope.
iii. Stakeholders – Identify internal and external stakeholders, their role in the process, and any issues or concerns they have. Present this using the table format provided.
iv. Analysis –Complete a PEST analysis a SWOT analysis for risks monitoring and evaluation associated with the scenario. Include reference to relevant legislation.
v. Research – Review and summarise the research information provided in the case study, as well as any literature available that is relevant to this scenario.
vi. Describe – Complete the analysis of risk for the scenario by summarising the scenario and associated risks, accompanied by checklists, diagrams or flowcharts that support the summary.
2. Complete the following email by including each of the topics previously highlighted.
Email from: Assistant Manager – Queen Street
To: CEO – Paula Kinski
Re: New Toowoomba store
Thank you for the opportunity to become Manager of the new Toowoomba store. I have commenced several actions of the actions you identified. I understand the importance of the tasks especially around the risks and, as a new manager, I wished to check with you at this stage that I am covering all the key issues before completing the formal report. I propose to include:
?
?
Would you please advise of any other issues that should be included.
Regards
Amanada Cheng
Manager MacVille Cafes Ruthven Street
3. Use the following example as a basis for your table of notes.
ISSUE FURTHER
INFORMATION
REQUIRED Y/N STAKEHOLDER QUESTION
Long drive after meetings Y CEO If I need to stay up late in
Toowoomba, it might be better on some nights to stay there. What is situation with the costs of overnight stays? What are your thoughts?
Adjustment for distance-based learners
• Complete assessment as per instructions, the only difference being that the meeting with your manager (the assessor) will be via phone or Skype or other live telephone or video medium.
Assessment Part C. Risk reports.
Performance objective
In this assessment you are to analyze the risks identified in the case study, to assess likelihood and consequence of risks, evaluate and prioritize risks, and determine options for treatment. You are also required to develop an action plan for treatment of risks, and communicate it to relevant parties.
Specifications (submit)
? A completed Risk Analysis Report table based on the table in the Procedures.
? A completed Risk Management Report table based on the table in the Procedures.
(Assessment Part C follows on from and incorporates the responses to Assessment Part B) Your assessor will be looking for:
? evidence that you analysed and identified the risks relevant to the case study, and established suitable plans for managing the risks.
Assessment description
Using the information gathered in Assessment Part A and the case study provided, examine the likelihood and consequences of identified risks, prioritize the risks and determine options for treatment of each risk. Using this information you are required to develop an action plan for implementing risk treatment, document the plan as required, and communicate the risk management plan to relevant parties.
Procedure
When submitting the report and accompanying documents, you need to ensure that:
• your report is titled ‘Risk Analysis Report’
• your table is titled ‘Risk Management Table’
1. Using the case study information provided in this assessment and in Assessment Part B, develop a report for your CEO as per the table and with the following information under the relevant headings.
a. Likelihood – For each risk, assess the likelihood of the risk occurring.
b. Consequence – For each risk, assess the consequence of the risk occurring.
c. Priorities – Use a risk calculation table to assist in prioritising the risks.
d. Options – For each prioritised risk, outline at least two suitable options for treating the risk.
2. Use the table (Risk Analysis Report) to provide a summary of the information and then add comments in the subsequent section to ensure adequate information on
why options you suggest for controlling risk are:
i. likely to be effective
ii. feasible for the organisation.
3. Develop a risk management plan by completing the table included in this task and attaching it to your report.
4. In practice, you would communicate the plan to your organization by several means. Communication of the plan is a vital component of it. In this case, submit your report and the risk management plan to your assessor.
Adjustment for distance-based learners
? No variation of the task is required.
? A follow up interview may be required (at the discretion of the assessor).
? Documentation can be submitted electronically or posted in the mail.
Assessment Part D. Monitoring report.
Performance objective
For this assessment you are required to review the implementation of the action plan developed in Assessment Task 3 and prepare a monitoring report.
Specifications (submit)
? A completed evaluation report using the format shown in Procedures.
Your assessor will be looking for:
? Evidence that you analysed and evaluated the case study information against the established action plan.
Assessment description
Review the implementation of the action plan developed in Assessment Task 2 against the case study provided. Then prepare a monitoring report evaluating the risk management process.
Procedure
(Note: Assessment Part D follows on from and incorporates the responses to Assessment Part C.)
1. Review the provided case study information in order to develop a report examining the ongoing implementation of a risk management action plan. Use the following headings.
a. Plan –a clear summary of the initial risk and the plan implemented to manage it.
b. Implementation– a summary of all actions taken to date in attempting to manage identified risks.
c. Outcomes –a clear statement identifying continued and/or reduced risks, with supporting information in tables or graphs where available.
d. Evaluation –a clear analysis of the effectiveness of the risk management plan, by comparing the implementation with the outcomes.
2. In practice, you would need to communicate your evaluation of the risk management plan by several means through your organization. In this case, submit your report to your assessor.
Adjustment for distance-based learners
? No variation of the task is required.
? A follow up interview may be required (at the discretion of the assessor).
? Documentation can be submitted electronically or posted in the mail.
RISK MANAGEMENT PLAN
RISK PLAN IMPLEMENTATION OUTCOMES EVALUATION
(Where possible, list abbreviations at the end of the table and use them. See example)
• Evaluation
? Issue not avoided – catastrophic damage CAT
? Issue not avoided – major damage MAJ
? Issue not avoided – minor damage MIN
? Issue avoided up to now OK
? Issue now extremely unlikely in short term OK for now
? Issue now extremely unlikely in long term Settled
Appendix 1 - Case Study: Business plan (excerpt)
Appendix 2 - Case Study: Scenario initial situation Toowoomba
As part of their overall strategy in the Australian beverage market, MacVille Pty Ltd have developed a chain of cafes in the Central Business District (CBD) of Brisbane,
Queensland and the CBD of Sydney, NSW. The board of directors have made the decision to expand their operations in Queensland with the purchase and re-branding of the existing Hurley’s cafe in Toowoomba, 130km west of Brisbane.
You are currently the assistant manager of their flagship store in Queen Street, Brisbane, and have been given the opportunity to manage the new store in Toowoomba. The CEO for MacVille’s cafes in Queensland is Paula Kinski.
You are a member of the Finance, Audit and Risk Management (FARM) Committee described in the MacVille Risk Management Policy.
Paula has assigned you the task of managing the risks involved with the operational aspects of this take-over. A copy of her email is attached.
Email from CEO – Paula Kinski
From: CEO – P.Kinski
To: Assistant Manager – Queen Street
Re: New Toowoomba store
Congratulations on your new appointment. Prior to taking up your position as manager of our Toowoomba store located in Ruthven Street, the board has asked that the risks in this project be appropriately managed. I want you to undertake this task as it will give you significant insight into the store’s operations, it will ensure a smooth transition to the MacVille systems and will encourage you to give ongoing support for our risk management initiatives.
I would like you to approach this task in three stages and meet with me at the end of each phase to review your work and discuss your plans for the subsequent phases. The three stages in this risk management task will include:
1. Review.
2. Analyse and plan.
3. Monitor.
Your primary risk management focus is directed to the ongoing operations of the Toowoomba cafe. The strategic and investment risks of this project are being managed by the board. To this end, you are to consider any risks that could impact on human resources management, financial operations, WHS, our supply chain and the local governance and overall compliance issues.
By way of background, MacVille has agreed to employ all existing staff on three months’ probation. The current supervisor James Mansfield has been offered the position of 2nd in charge and he has accepted.
While settlement on the purchase of the business is not for another few weeks, the seller has agreed to grant us full access to the store’s operational processes and store information. You should liaise weekly with the Finance, Audit and Risk Management (FARM) Committee here at head office concerning the marketing, finance and store management functions that you are investigating. I will set up a regular meeting for you.
Head office has a report on a similar expansion conducted by the NSW team that may help you in your research. You may need to review other statistical information and engage specialists to help you with your investigation. The legal firm Goldsmith Partners is advising MacVille on the Hurley cafe acquisition and would be available to help you with legal or any compliance issues.
The landlord of the shop in Toowoomba, Ron Langford, is also a local councillor and has offered his assistance in getting established in Toowoomba. He has offered his email address for correspondence (ron.langford@tcc.com.au).
Once I have received and discussed your risk review report, we can move onto the next stage of the risk management process.
Regards
P.Kinski
CEO MacVille Cafes (Qld)
Site visit – Toowoomba
You received permission from Paula to travel to the Toowoomba store to start your research. Paula had cleared it with James Mansfield the current senior supervisor who will spent most of the day with you helping answer your queries.
You arrived at the cafe and noted the two hours of drive time that it took to get to the cafe from the CBD of Brisbane. You met with James who took you through a complete overview of the store and the surrounding area. He was OK with the idea that you needed to take notes in preparation for a report.
Paula had also arranged for you to meet with Ron Langford in his office later that afternoon.
Hurley’s Cafe
After lunch, you went over your notes to revise and edit key concerns and significant events that you had written down earlier.
The location of the store on the corner of the two main streets of the city makes easy access for local customers and highly visible for tourists.
• The long drive from Toowoomba to Brisbane would make attending the weekly managers meeting difficult considering many meetings did not finish until into the evening after refreshments. There is also manager training sessions that need to complete over the next 6 months in conjunction with a few other assistant managers. Navigating the steep narrow climb up the range with trucks blocking the way is quite difficult even in daylight hours. Being a competent driver you feel that it would be unlikely that you would be involved in an accident, but it still concerns you considerably.
• The two hour delivery would make fresh pastry deliveries from the company’s central bakery plant impractical. The pastries would arrive after the morning rush. These are a key part of the MacVille assortment.
• There is also a concern about getting the company branded supplies through as quickly as a CBD Brisbane store could.
• Hurley’s cafe was a family run store and some family members were employed on the staff. James was engaged by the family to supervise the operations of the store and Mr. Hurley as manager would authorise wages but anyone can authorise deliveries.
• When asked about written policy and procedures manual, James said that Mr. Hurley set the policy and procedures verbally and on the few days each week he was in the store he would show the staff how to do things the way he wanted them done.
• Water use – Running the dishwasher when only half full. Washing fruit and vegetables under a fast running tap. Toilets all used the single flush system. Dual flush would cost about $7,500 to upgrade. The dishwasher was always set to full wash and had a Water Efficiency Labelling and Standards Scheme (WELS) rating of
3. The more water efficient 5-6 star dishwashers cost about $6,000 and above. James explained that Mr Hurley instructed the staff to keep the non-native flowering plants in the courtyard fully watered. The store currently uses 41,500lt a week.
• James spoke about the cafe attracting a large % of retirees because of the easy access to busses and the stores central location.
• The same staff member that completed the cash register balancing also completed the bank deposit form and did the banking as well. The banking was not done every day and often $4,000 was kept on the premises overnight in the cash register. There was no safe. There is a bank two shops away but the Hurley family bank is a couple of blocks away and there was not always time to do the banking.
• James replied to you question about the possibility of break-ins saying that there was a 50% chance of it happening and the risk was moderate.
Not all takings from the cash register by family staff members were recorded.
• The fit-out in parts looked old and unattractive, with some chairs unstable and broken and some parts of the worn carpet was simply taped over with gaffer tape.
• One of the staff was a qualified chef who had developed an innovative and popular range of rice wraps that were tasty, gourmet and healthy. None of the other cafes in the area offered these.
• No established process for dealing with injuries that happened at work.
• James gave a brochure about an innovative frozen par-bake cooking system that was under the limit set by council for an exhaust system yet it cooked fresh bakery items in 30 minutes from frozen par-baked pastries.
• The computer with all the stores employee details, and financial records was not password protected and anyone could access the information.
• James’s response to your question about the lack of sales promotion techniques was that he could not get the staff interested in the activity so he stopped trying to make it happen.
• The employee detail form requested information about the employee’s entire past health issues.
• The wage and superannuation records seemed to be incomplete with many calculations being worked out by the number of hours worked multiplied by a set ‘in the hand’ amount.
• James also provided a brochure about a company that could come and set up WIFI in the cafe so that customers could use their computer notebooks and connect to the internet while they were dining in the cafe.
Meeting with Ron Langford
In the afternoon you met with Ron Langford in his office to discuss the cafe, council bylaws and aspects concerning the surrounding district. You took notes that included the following significant information.
• Ron explained that there were opportunities for opening more cafes in the surrounding shopping centres like Wilsonton, Clifford Gardens and K-Mart Plaza.
• Ron handed you an extract from a government report ‘Economic Brief.’
• Ron explained that the Federal Government was now introducing legislation that backs up the local by-law concerning efficient water usage, particularly by industries. The current by-law has fines of up to $50,000 for excessive water breaches. Ron did explain that the council was giving some time to ‘make good’ under certain circumstances on a case by case basis. Ron also agreed with the idea of installing a water tank in the court yard for the cafe to use and would help get it built.
Ron explained that Toowoomba was obviously a place for retirees and the population was growing.
• Ron spoke about the Federal Government’s National Broadband Network being rolled out in Toowoomba that would allow efficient and effective video streaming and teleconferencing.
• Ron spoke about the current by-law that was due for implementation on the 1st of next month allowing cafes to expand their footpath dinning and so put more tables and chairs outside their premises.
• Ron also spoke of the fact that representatives of a large international chain of coffee shops had been making enquiries around town about opening a store in the Toowoomba CBD.
Senior Management Team and Finance, Audit and Risk Management (FARM) Committee meetings
Soon after you got back from your research trip to the Toowoomba store, you attended two teleconferences. First, you met with the senior management team.At this teleconference, you discussed issues raised by James Mansfield and Ron Langford and the report on previous NSW expansion, which head office had given you: Report into the acquisition and re-branding of the NSW expansion store. Paula said that there may be some things to learn from the NSW experience.
Key problems identified in the report were as follows:
1. Lack of internal controls, particularly over cash handling, monitoring and recording.
2. Failure to meet compliance standards in WHS, Privacy and industrial relations law.
3. Lack of written policy and procedures to guide staff in carrying out their duties.
4. Lack of a professional business culture in the family run business.
5. Failure of the business to monitor the external environment and find opportunities and threats to the business.
The team agreed that similar issues would pose a risk to the Toowoomba expansion.
You then held a teleconference with the FARM Committee. At the teleconference, you relayed the concerns of the senior management team. The FARM committee decided to allow you time to complete your review and then would include discussion of your review in the monthly board meeting.
Table of stakeholders (format)
Stakeholder Internal/external Role in process Stake in process
Appendix 3 - Case Study: Scenario Toowoomba update
The board has reviewed the previous report you developed, and has requested further information for several of the identified risks, including options for reducing the risk levels. These are as follows.
? Banking risk – theft of cash left on premises.
? Manager’s travel risk –physical injury.
? By-law Compliance risk –reputation/brand loss and fines.
Time lines to consider are based on risk priority levels and include the following.
? Pre-settlement – date of legal transfer of the business.
? Opening week – first week of company operations.
? Within 3 months – after the opening week.
? Within 6 months – after the opening week.
Responsibilities for actions include the following.
? Financial, insurance and banking issues – financial controller.
? Legal issues –Goldsmith Partners.
? Expenditure $5,000 – MacVille board.
? New policy – CEO with MacVille board.
? On-site management, training – store manager.
? Changes to MacVille cafe Queensland operations – CEO.
? External audits – CEO with MacVille board.
Develop a report for the board that examines these risks and describes ways that each can be treated, and forward a copy of your report to your manager to table at the next board meeting.
Further case study information
Hurley’s Cafe
You revise your notes from the meeting with James Mansfield and identify the following points:
? In the context of MacVille’s investment here $4,000 would be considered to be of minor consequence if it were burgled from the closed premises overnight.
Meeting with Ron Langford
You revise your notes from the meeting with Ron Langford and identify the following points.
? He also said that the Council water patrols meant that it is likely that stores not complying with the by-law would be discovered.
Senior management team meeting
You go back over your notes compiled with the senior management team and note the following.
? Further feedback from Paula included that the water compliance risk was one where significant time and resources would be required and the board would view it having moderate consequences for MacVille’s cafes in Queensland. She also indicated that the board views any potential risk that could result in the death of an employee as having a catastrophic consequence.
Looking at the hierarchy of control the senior management team was able to give you some good brainstorming ideas to pursue. These include the following.
? Installing native plants to cut down water use.
? Making it a company policy to bank every day and eliminate the need to carry overnight.
? Install a teleconferencing system.
? Install a water tank and reduce dependence on council water.
? Change banks to the nearer one to avoid the long walk.
? Install dual flush toilets.
? Insure overnight cash holdings.
? Finish management meetings at 3:00pm.
? Introduce new processes on water use and conservation.
? Change assistant management times to the morning.
? Write new policy and procedures for water use in Toowoomba.
? Install a water usage graph in the staff room.
? Give the manager an excusal letter allowing them to leave any meeting at no later then 3:00pm every day.
? Replace the dishwasher with a 5–6 stat (WELS) rating.
? Have Goldsmith Partners apply for time to ‘make good’.
Case Study: Implementation information
In accordance with the risk management plan, an external audit was completed and presented six months later to the board. The audit investigated the status of the planned actions on the risks identified.
A summary of the findings is as follows
The financial controller had taken out $5,000 on insurance cover for cash held on the premises overnight from the opening week as planned, but the insurance premium was $2,500 per year and which is considered excessive by the financial controller.
The company bank account that was planned to open in the first week was opened about 4 weeks after opening at the bank two shops down the street, but it is not MacVille’s regular bank and there are difficulties with getting the same level of service that the stores receive in Brisbane.
The teleconferencing system planned for 6 months after settlement, has not yet been installed due in part to the delay in the Federal Government’s National Broadband Networkrollout.
The weekly management meetings are finishing close to 3:00pm as planned but sometimes the manager has to stay on at the request of the head office team. The manager has not yet been issued with an excusal letter by the CEO as agreed upon and feels that they do not have the authority to just walk out at 3:00pm. The assistant management training has been shifted to the mornings allowing the manager to leave before 1:00 pm as planned.
The board and CEO included a new policy regarding compliance with the Toowoomba bylaw on water conservation as planned but the specific procedure has not yet been written, although it appears that compliance is being achieved.
The plants have been changed to natives that require minimal water as planned. The installation of dual-flush toilets were planned for completion 6 months after settlement, and although the dual flush toilets have been ordered and in stock, they cannot be installed due to the backlog of work by district plumbers. The 5 star rated (WELS) dishwasher was installed by the supplier within the 6 months planned timetable.
The application to make good by Goldsmith Partners on behalf of MacVille, was accepted by the Toowoomba City Council; however the grace period to comply with by-law ends in 14 days and the store is still above the acceptable benchmark for water use.
The training on daily banking appears to have been successfully completed as planned. An audit of the bank deposit book shows that on only two occasions in the past 6 months that there is not a banking entry for the day’s sales.
There has been one internal audit arranged by the store and as planned there should have been a call every two months. The store manager cites the distance that auditors have to travel and their overloaded work with the Brisbane stores as the reason for this infrequency.
Although the training on the water saving processes as directed by the policy has been verbally explained and followed, the written procedure has not been completed as the store’s manager claims to be too busy.
A water tank had been built in to the courtyard but the plumbing has not yet been connected. There is a weekly water usage monitor in the staff room as planned but the information has not been updated for the past three weeks.
Appendix 4 - Case Study: Policies and procedures
Risk management policy
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to ensuring the implementation of risk management processes that focus on the proactive management of risks across the organisation.
This risk management policy forms part of MacVille's internal controls and corporate governance arrangements. The risk management policy is designed to:
• identify, evaluate, control and manage risks
• ensure potential threats and opportunities are identified and managed
• inform directors, senior management and staff members about their roles, responsibilities and reporting procedures with regards to risk management
• ensure risk management is an integral part of planning at all levels of the organisation. Policy
MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive management of risk at all levels of the organisation.
MacVille will identify, evaluate, control and manage risk throughout the organisation in accordance with the ‘MacVille Risk Management Framework’. See risk management strategy for framework details.
Responsibility and Authority
Directors, management and employees of MacVille have responsibility fro implementing aspects of this policy. Role of the Directors
The directors have a governance responsibility in the management of risk. This includes:
• determining what types of risk are acceptable and which are not
• setting the standards and expectations of staff with respect to conduct
• approving major decisions affecting MacVille’s risk profile or exposure
• monitoring the management of significant risks to reduce the likelihood of potential organisational risks and threats or failure
• being satisfied that risks are being actively managed, with the appropriate controls in place and working effectively
• annual review of MacVille’s approach to risk management and approval of changes or improvements to key elements of its processes and procedures.
Role of the Senior Management Team and Store Managers
Key roles of the senior management team are to:
• implement policies on risk management and internal control where this is deemed appropriate
• identify and evaluate areas of significant risks potentially faced by MacVille for consideration by the directors
• identify areas where risk management is not adequately addressed and advise the directors accordingly
• review and update the Risk Management Strategy
• undertake an annual review of the effectiveness of systems of internal control and provide an annual report to the directors, including a summary review and respective recommendations.
Role of Cafe Employees
Key roles of the employees are to:
• familiarise themselves with the content of the risk management policy and clarify any aspects necessary with a senior team member
• consider any risks they feel could impact on them meeting their objectives and either manage the risk if it is in their control to do so, or inform a management team member of their concerns
• advise senior management, in the first instance, or the Board, if concerned about any fraud or unethical behaviour.
MacVille Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient operation, enabling MacVille to respond to a variety of operational, financial, commercial and strategic risks. These elements include:
Policies and procedures– A series of policies underpin the internal control process. These policies are endorsed by the directors and are implemented and communicated by the senior management team to all staff. These policies include:
• Human Resources Policies
? Staff Travel Policy
? Harassment Policy
? WHS Policy
? Return to Work Policy
? Work/Life Balance Policy
? Equity/Discrimination/Diversity Policy
? Parental Leave Policy
? Organisational Culture Policy
• Financial Policies
? Bad Debt Policy
? Cash Reserving Policy
? Revenue/Expenditure Recognition Policy
? Finance, Audit and Risk Management (FARM) Committee Terms of Reference including delegations
• Corporate Governance Policies
? Board Protocol
? Sitting Fees Policy
? Directors Remuneration Policy
Monthly reporting– Decisions to rectify problems are made at regular meetings of the senior management team. Comprehensive reporting at board and sub-committee meetings is designed to monitor key risks and their controls.
Business planning and budgeting – The business planning and budgeting process is used to set objectives, agree on action plans, and allocate resources. Progress towards meeting business plan objectives is monitored regularly by the senior management team and by directors at board meetings.
Risk Management review– The Finance, Audit and Risk Management (FARM) Committee are required to report at board meetings on internal controls. The Finance and Audit Committee pay particular attention to risk management. It is the CEO’s responsibility to brief the directors periodically and as appropriate on the development of policies and procedures to ensure effective and efficient operations, risk management strategies and implementation. In addition, the FARM committee oversees internal audit, external audit and management as required in its review of internal controls. The committee is therefore well placed to provide advice to the board on the effectiveness of the internal control system, including MacVille’s strategy for the management of risk.
External audit – The final audit of financial statements is controlled by an external chartered accountant who provides feedback to the Board through the Finance and Audit Committee.
Procedure: Development of a Risk Management Profile
The following outlines the process for developing a risk management profile.
1. Establish the context
? Define and identify the environment, characteristics and stakeholders, their goals and objectives, and the scope of the specific risk management process.
? Develop criteria against which risks are evaluated and identify the structure for risk management.
2. Identify and describe risks
? Risks are best identified through a collaborative approach involving a cross section of stakeholders.
? All conceivable risks must be considered. Ensure any certainties are identified as problems and addressed in the risk management profile.
3. Conduct current risk analysis
? An analysis of the risks is conducted to determine their causes, and estimate their probability and consequences. This analysis provides the basis for working on the
‘right’ risks.
4. Conduct risk evaluation
? Risks are considered and prioritised according to their potential impact, and each risk is assessed to determine its level of acceptability.
5. Develop and implement proposed risk treatments
? Risk treatments are developed to cost-effectively reduce, contain and control risk.
? Formal risk management reporting mechanisms are defined and documented.
? Categorise the risk likelihood.
6. Monitor, report, update and manage risks
? As risks change constantly, the risk profile is continuously monitored, reviewed and updated by management. New risks may be identified as more information becomes available and existing risks may be eliminated through the effectiveness of the risk treatments/actions. Record risks identified through regular audit on the risk audit log. Record risk management activities on the risk management register.
MacVille’s Risk Areas
The following are four broad areas where potential for risk to MacVille has been identified. Under each area, examples of possible risks are detailed.
Operational/Organisational
• Legal and regulatory compliance
• Technology
• Insurance
• Resources: human, physical
• Logistics
• Marketing
• Product quality
• Communications
• Infrastructure, plant and equipment
• Customer interaction
• Market needs
Financial
• Accountability
• Fraud or theft
• Capital investment
• Interest rates
• Loss of income, funding/finance
Governance
• Conduct of board
• Conflict of interest
Project Management
• Procedures and tools for project management
• Stakeholders – strength of relationships/conflict of interest
• Human resources
• Financial resources
Case study:Risk management strategy
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to the proactive management of risks across the organisation. The strategy is designed to:
• identify, evaluate, control and manage risks
• ensure potential threats and opportunities are identified and managed
• inform directors, senior management and staff members about their roles, responsibilities and reporting procedures with regards to risk management
• ensure risk management is an integral part of planning at all levels of the organisation.
Guiding Principles
• MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive management of risk at all levels of the organisation, acknowledging that embracing innovative ideas and practices carries with it risks, but that these are identifiable and measurable and therefore capable of being subject to realistic risk mitigation processes.
Responsibility and Authority
• The directors have responsibility for ensuring that risk management is in place.
• The Finance, Audit and Risk Management (FARM) Committee has the responsibility of reviewing the Risk Action Plan on a six-monthly basis.
• The CEO and the senior management team have responsibility for managing risk and advising the Board on appropriate controls.
• The CEO and the senior management team support and implement policies approved by the directors.
• Key risk indicators will be identified, closely monitored and action taken where necessary, by the staff and directors.
MacVille Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient operation, enabling MacVille to respond to a variety of operational, financial, commercial and strategic risks. These elements include:
• Policies and procedures: A series of policies underpin the internal control process.
• Reporting: Decisions to rectify problems are made at regular meetings of the senior management team.
• Business planning and budgeting: The business planning and budgeting process is used to set objectives, agree on action plans and allocate resources. Progress towards meeting business plan objectives is monitored regularly by the senior management team and by directors at board meetings. Contingency planning is undertaken as required.
• Risk Management review: The Finance, Audit and Risk Management (FARM) committee is required to report at Board meetings on internal controls.
• CEO: The CEO has responsibility to brief the Directors periodically and as appropriate on the development of policies and procedures to ensure effective and efficient operations, risk management strategies and implementation.
• External audit: The final audit of financial statements is controlled by an external chartered accountant who provides feedback to the Board through the FARM Committee.
Definitions
Risks are identified on a scale of likelihood of occurring in the next 12 months and assigning an impact or consequence to the risk as high, medium or low. High includes either a significant shortfall of around 40% in achieving budget or a significant reduction in ability to function. Medium includes either a shortfall of budget of between 10% and 20% or some reduction in function. Low indicates minor reductions in achieving budget or minimal reduction in performance.
RISK ANALYSIS REPORT
(Where possible, list abbreviations at the end of the table and use them. See example)
RISK LIKELIHOOD CONSEQUENCE PRIORITIES OPTIONS
? Likelihood
? Very likely VL
? Likely L ? Possible P
? Unlikely U
? Rare R
? Consequence
? Disastrous D ? Severe S
? Moderate Mod
? Minimal Min
PRIORITY TABLE
Consequence
Likelihood
Almost certain
Likely
Moderate
Unlikely
Rare
RISK MANAGEMENT PLAN
RISK RISK LEVEL CONTROLS MONITORING TIMELINES RESPONSIBLE
(Where possible, list abbreviations at the end of the table and use them. See example)
Risk levels
? Low L
? Medium M
? High H
? Extreme E
• Time lines to consider are based on risk priority levels and include the following.
? Pre-settlement – date of legal transfer of the business. PS
? Opening week – first week of company operations. OW
? Within 3 months – after the opening week. 3M
? Within 6 months – after the opening week. 6M
• Responsibilities for actions include the following.
? Financial, insurance and banking issues – financial controller. FC
? Legal issues – Goldsmith Partners. GP
? Expenditure $5,000 – MacVille board. Board
? New policy – CEO with MacVille board. CEO/B
? On-site management, training – store manager. Mgr
? Changes to MacVille cafe Queensland operations – CEO. CEO
? External audits – CEO with MacVille board. Audit
BSB60407 Advanced Diploma of Management
BSBRSK501B Manage risk
The following assessments are to be
(a) completed and
(b) submitted
in accordance with the associated
STANDARD INSTRUCTIONS
ASSESSMENT COVER SHEET
To obtain the qualification of BSBIRSK501B Manage risk, the skills and knowledge required are summed as: Skills
Learner should have:
• communication and literacy skills to consult and negotiate, to prepare communication about risk management, and to encourage stakeholder involvement.
• Organisational and management skills to plan and implement risk management process.
• Problem – solving and innovation skills to find practical ways to manage identified risks.
Knowledge
• AS/NZS 4360 : 2004 Risk management
• legislation, codes of practice and national standards, for example;
a) duty of care
b) company law
c) contract law
d) environmental law
e) freedom of information
f) industrial relations law
g) privacy and confidentiality
h) legislation relevant to organisation's operations
i) legislation relevant to operations as a business entity
• organisational policies and procedures including;
a) risk management strategies
b) policies and procedures for risk management
• overall operations of organisation
• reasonable adjustment in the workplace for people with a disability
• types of availability insurance and insurance providers.
Assessments Tasks to be completed
There are four (4) assessment tasks to be completed for this unit.
Assessment Part A. Knowledge test.
Performance objective
You are required to demonstrate understanding of a wide range of questions to assess your underpinning knowledge of the management of risk.
Specifications (submit)
• written responses to all questions provided. Your assessor will be looking for:
? evidence that you understand the required legislative requirements
? evidence that you understand risk management practices in the business sector.
Adjustment for distance-based learners
This test can be adjusted for distance learners. Options include the following. Option 1: Submit test as a report
Procedure:
? no variation of the task is required (templates will be emailed to you) ? Follow-up interview may be required (at the discretion of the assessor)
? Documentation can be submitted electronically or paper-based.
Option 2: Conduct test as an interview
This option involves holding an interview with the candidate on Skype or by telephone.
Procedure:
? the assessor will schedule a date for the interview and email required templates to you
? the assessor will make contact with the learner and commence the interview
? after the interview you will complete the templates using supplied information and return them to your assessor within an agreed timeframe
? supplementary information or a follow up interview may be required (at the discretion of the assessor).
Assessment description
For this task you are required to demonstrate an understanding of standards and legislation relevant to risk management, and the management of risk across an organization in a range of contexts.
Procedure
• (Some of the knowledge will not have been discussed in class and this will require you to study your workbook for the information. This knowledge will assist you when applying it later.)
You are required to:
1. Review the written questions provided
2. Provide written responses to the questions
3. Submit your responses in the agreed timeframe.
1. What are three ways that research can be conducted for risk-related issues? For each way, briefly describe how it may be done.
2. Fishbone checklists and brainstorming are both tools that can be used in risk management. Describe each of these and when they would best be used.
3. What are the five stages of risk likelihood? Briefly describe each one.
4. List and give an example description for each of the five levels of consequence for risk.
5. What needs should be considered when treating risk? List and describe three treatments that could be considered.
6. What should be included in a risk action plan? Describe the key inclusions and briefly the type of information included with each inclusion.
7. How does the AS/NZS ISO 31000:2009 Risk management – principles and guidelines standard assist organisations to reduce risk?
8. For each of the pieces of legislation listed, describe the intent of each and how it could impact on the process of managing risk.
a. Privacy law.
b. WHS regulations.
c. Contract law.
9. Name and give an example for three adjustments that can be made in the workplace to assist a person with a disability.
10. List two types of insurance an organisation could consider purchasing, and for each type, describe the risks covered by the insurance and the benefit to the organisation.
Assessment Part B. Risk review.
Performance objective
For this task you are required to determine the risk context associated with establishing a new business outlet, within the existing business structure. They will be required to review internal and external environment factors and liaise with all stakeholders to generate a list of risks.
Specifications (submit)
• An email by completing (in dot-points) the partial-completed email shown in Procedures based on the information in the case study provided.
• A brief table of notes covering each of the following
? All of the issues and identifying those about which you require further information
? stakeholders from whom that information may be obtained
? the questions you would propose to put to the relevant stakeholder Your assessor will be looking for:
• evidence that you analyzed and identified the needs of the case study and have clearly reflected these in the email and table.
Assessment description
For the case study provided with this Assessment Task, you are required to review risk management processes and determine scope and objectives, taking into account stakeholder input and both internal and external environmental factors affecting the organisation. With the information gathered, you are to identify risks and present this to relevant parties for feedback.
Procedure
For the provided case study, you will assume the role of the risk manager/assessor.
1. Review the Risk Management Policy and Risk Management Strategy in the MacVille Case Study in Appendix 1 and take note of the following.
i. Scope – Identify the scope of risk management required in your identified role.
ii. Goals – Identify and describe the critical success factors, goals or objectives for areas included in scope.
iii. Stakeholders – Identify internal and external stakeholders, their role in the process, and any issues or concerns they have. Present this using the table format provided.
iv. Analysis –Complete a PEST analysis a SWOT analysis for risks monitoring and evaluation associated with the scenario. Include reference to relevant legislation.
v. Research – Review and summarise the research information provided in the case study, as well as any literature available that is relevant to this scenario.
vi. Describe – Complete the analysis of risk for the scenario by summarising the scenario and associated risks, accompanied by checklists, diagrams or flowcharts that support the summary.
2. Complete the following email by including each of the topics previously highlighted.
Email from: Assistant Manager – Queen Street
To: CEO – Paula Kinski
Re: New Toowoomba store
Thank you for the opportunity to become Manager of the new Toowoomba store. I have commenced several actions of the actions you identified. I understand the importance of the tasks especially around the risks and, as a new manager, I wished to check with you at this stage that I am covering all the key issues before completing the formal report. I propose to include:
?
?
Would you please advise of any other issues that should be included.
Regards
Amanada Cheng
Manager MacVille Cafes Ruthven Street
3. Use the following example as a basis for your table of notes.
ISSUE FURTHER
INFORMATION
REQUIRED Y/N STAKEHOLDER QUESTION
Long drive after meetings Y CEO If I need to stay up late in
Toowoomba, it might be better on some nights to stay there. What is situation with the costs of overnight stays? What are your thoughts?
Adjustment for distance-based learners
• Complete assessment as per instructions, the only difference being that the meeting with your manager (the assessor) will be via phone or Skype or other live telephone or video medium.
Assessment Part C. Risk reports.
Performance objective
In this assessment you are to analyze the risks identified in the case study, to assess likelihood and consequence of risks, evaluate and prioritize risks, and determine options for treatment. You are also required to develop an action plan for treatment of risks, and communicate it to relevant parties.
Specifications (submit)
? A completed Risk Analysis Report table based on the table in the Procedures.
? A completed Risk Management Report table based on the table in the Procedures.
(Assessment Part C follows on from and incorporates the responses to Assessment Part B) Your assessor will be looking for:
? evidence that you analysed and identified the risks relevant to the case study, and established suitable plans for managing the risks.
Assessment description
Using the information gathered in Assessment Part A and the case study provided, examine the likelihood and consequences of identified risks, prioritize the risks and determine options for treatment of each risk. Using this information you are required to develop an action plan for implementing risk treatment, document the plan as required, and communicate the risk management plan to relevant parties.
Procedure
When submitting the report and accompanying documents, you need to ensure that:
• your report is titled ‘Risk Analysis Report’
• your table is titled ‘Risk Management Table’
1. Using the case study information provided in this assessment and in Assessment Part B, develop a report for your CEO as per the table and with the following information under the relevant headings.
a. Likelihood – For each risk, assess the likelihood of the risk occurring.
b. Consequence – For each risk, assess the consequence of the risk occurring.
c. Priorities – Use a risk calculation table to assist in prioritising the risks.
d. Options – For each prioritised risk, outline at least two suitable options for treating the risk.
2. Use the table (Risk Analysis Report) to provide a summary of the information and then add comments in the subsequent section to ensure adequate information on
why options you suggest for controlling risk are:
i. likely to be effective
ii. feasible for the organisation.
3. Develop a risk management plan by completing the table included in this task and attaching it to your report.
4. In practice, you would communicate the plan to your organization by several means. Communication of the plan is a vital component of it. In this case, submit your report and the risk management plan to your assessor.
Adjustment for distance-based learners
? No variation of the task is required.
? A follow up interview may be required (at the discretion of the assessor).
? Documentation can be submitted electronically or posted in the mail.
Assessment Part D. Monitoring report.
Performance objective
For this assessment you are required to review the implementation of the action plan developed in Assessment Task 3 and prepare a monitoring report.
Specifications (submit)
? A completed evaluation report using the format shown in Procedures.
Your assessor will be looking for:
? Evidence that you analysed and evaluated the case study information against the established action plan.
Assessment description
Review the implementation of the action plan developed in Assessment Task 2 against the case study provided. Then prepare a monitoring report evaluating the risk management process.
Procedure
(Note: Assessment Part D follows on from and incorporates the responses to Assessment Part C.)
1. Review the provided case study information in order to develop a report examining the ongoing implementation of a risk management action plan. Use the following headings.
a. Plan –a clear summary of the initial risk and the plan implemented to manage it.
b. Implementation– a summary of all actions taken to date in attempting to manage identified risks.
c. Outcomes –a clear statement identifying continued and/or reduced risks, with supporting information in tables or graphs where available.
d. Evaluation –a clear analysis of the effectiveness of the risk management plan, by comparing the implementation with the outcomes.
2. In practice, you would need to communicate your evaluation of the risk management plan by several means through your organization. In this case, submit your report to your assessor.
Adjustment for distance-based learners
? No variation of the task is required.
? A follow up interview may be required (at the discretion of the assessor).
? Documentation can be submitted electronically or posted in the mail.
RISK MANAGEMENT PLAN
RISK PLAN IMPLEMENTATION OUTCOMES EVALUATION
(Where possible, list abbreviations at the end of the table and use them. See example)
• Evaluation
? Issue not avoided – catastrophic damage CAT
? Issue not avoided – major damage MAJ
? Issue not avoided – minor damage MIN
? Issue avoided up to now OK
? Issue now extremely unlikely in short term OK for now
? Issue now extremely unlikely in long term Settled
Appendix 1 - Case Study: Business plan (excerpt)
Appendix 2 - Case Study: Scenario initial situation Toowoomba
As part of their overall strategy in the Australian beverage market, MacVille Pty Ltd have developed a chain of cafes in the Central Business District (CBD) of Brisbane,
Queensland and the CBD of Sydney, NSW. The board of directors have made the decision to expand their operations in Queensland with the purchase and re-branding of the existing Hurley’s cafe in Toowoomba, 130km west of Brisbane.
You are currently the assistant manager of their flagship store in Queen Street, Brisbane, and have been given the opportunity to manage the new store in Toowoomba. The CEO for MacVille’s cafes in Queensland is Paula Kinski.
You are a member of the Finance, Audit and Risk Management (FARM) Committee described in the MacVille Risk Management Policy.
Paula has assigned you the task of managing the risks involved with the operational aspects of this take-over. A copy of her email is attached.
Email from CEO – Paula Kinski
From: CEO – P.Kinski
To: Assistant Manager – Queen Street
Re: New Toowoomba store
Congratulations on your new appointment. Prior to taking up your position as manager of our Toowoomba store located in Ruthven Street, the board has asked that the risks in this project be appropriately managed. I want you to undertake this task as it will give you significant insight into the store’s operations, it will ensure a smooth transition to the MacVille systems and will encourage you to give ongoing support for our risk management initiatives.
I would like you to approach this task in three stages and meet with me at the end of each phase to review your work and discuss your plans for the subsequent phases. The three stages in this risk management task will include:
1. Review.
2. Analyse and plan.
3. Monitor.
Your primary risk management focus is directed to the ongoing operations of the Toowoomba cafe. The strategic and investment risks of this project are being managed by the board. To this end, you are to consider any risks that could impact on human resources management, financial operations, WHS, our supply chain and the local governance and overall compliance issues.
By way of background, MacVille has agreed to employ all existing staff on three months’ probation. The current supervisor James Mansfield has been offered the position of 2nd in charge and he has accepted.
While settlement on the purchase of the business is not for another few weeks, the seller has agreed to grant us full access to the store’s operational processes and store information. You should liaise weekly with the Finance, Audit and Risk Management (FARM) Committee here at head office concerning the marketing, finance and store management functions that you are investigating. I will set up a regular meeting for you.
Head office has a report on a similar expansion conducted by the NSW team that may help you in your research. You may need to review other statistical information and engage specialists to help you with your investigation. The legal firm Goldsmith Partners is advising MacVille on the Hurley cafe acquisition and would be available to help you with legal or any compliance issues.
The landlord of the shop in Toowoomba, Ron Langford, is also a local councillor and has offered his assistance in getting established in Toowoomba. He has offered his email address for correspondence (ron.langford@tcc.com.au).
Once I have received and discussed your risk review report, we can move onto the next stage of the risk management process.
Regards
P.Kinski
CEO MacVille Cafes (Qld)
Site visit – Toowoomba
You received permission from Paula to travel to the Toowoomba store to start your research. Paula had cleared it with James Mansfield the current senior supervisor who will spent most of the day with you helping answer your queries.
You arrived at the cafe and noted the two hours of drive time that it took to get to the cafe from the CBD of Brisbane. You met with James who took you through a complete overview of the store and the surrounding area. He was OK with the idea that you needed to take notes in preparation for a report.
Paula had also arranged for you to meet with Ron Langford in his office later that afternoon.
Hurley’s Cafe
After lunch, you went over your notes to revise and edit key concerns and significant events that you had written down earlier.
The location of the store on the corner of the two main streets of the city makes easy access for local customers and highly visible for tourists.
• The long drive from Toowoomba to Brisbane would make attending the weekly managers meeting difficult considering many meetings did not finish until into the evening after refreshments. There is also manager training sessions that need to complete over the next 6 months in conjunction with a few other assistant managers. Navigating the steep narrow climb up the range with trucks blocking the way is quite difficult even in daylight hours. Being a competent driver you feel that it would be unlikely that you would be involved in an accident, but it still concerns you considerably.
• The two hour delivery would make fresh pastry deliveries from the company’s central bakery plant impractical. The pastries would arrive after the morning rush. These are a key part of the MacVille assortment.
• There is also a concern about getting the company branded supplies through as quickly as a CBD Brisbane store could.
• Hurley’s cafe was a family run store and some family members were employed on the staff. James was engaged by the family to supervise the operations of the store and Mr. Hurley as manager would authorise wages but anyone can authorise deliveries.
• When asked about written policy and procedures manual, James said that Mr. Hurley set the policy and procedures verbally and on the few days each week he was in the store he would show the staff how to do things the way he wanted them done.
• Water use – Running the dishwasher when only half full. Washing fruit and vegetables under a fast running tap. Toilets all used the single flush system. Dual flush would cost about $7,500 to upgrade. The dishwasher was always set to full wash and had a Water Efficiency Labelling and Standards Scheme (WELS) rating of
3. The more water efficient 5-6 star dishwashers cost about $6,000 and above. James explained that Mr Hurley instructed the staff to keep the non-native flowering plants in the courtyard fully watered. The store currently uses 41,500lt a week.
• James spoke about the cafe attracting a large % of retirees because of the easy access to busses and the stores central location.
• The same staff member that completed the cash register balancing also completed the bank deposit form and did the banking as well. The banking was not done every day and often $4,000 was kept on the premises overnight in the cash register. There was no safe. There is a bank two shops away but the Hurley family bank is a couple of blocks away and there was not always time to do the banking.
• James replied to you question about the possibility of break-ins saying that there was a 50% chance of it happening and the risk was moderate.
Not all takings from the cash register by family staff members were recorded.
• The fit-out in parts looked old and unattractive, with some chairs unstable and broken and some parts of the worn carpet was simply taped over with gaffer tape.
• One of the staff was a qualified chef who had developed an innovative and popular range of rice wraps that were tasty, gourmet and healthy. None of the other cafes in the area offered these.
• No established process for dealing with injuries that happened at work.
• James gave a brochure about an innovative frozen par-bake cooking system that was under the limit set by council for an exhaust system yet it cooked fresh bakery items in 30 minutes from frozen par-baked pastries.
• The computer with all the stores employee details, and financial records was not password protected and anyone could access the information.
• James’s response to your question about the lack of sales promotion techniques was that he could not get the staff interested in the activity so he stopped trying to make it happen.
• The employee detail form requested information about the employee’s entire past health issues.
• The wage and superannuation records seemed to be incomplete with many calculations being worked out by the number of hours worked multiplied by a set ‘in the hand’ amount.
• James also provided a brochure about a company that could come and set up WIFI in the cafe so that customers could use their computer notebooks and connect to the internet while they were dining in the cafe.
Meeting with Ron Langford
In the afternoon you met with Ron Langford in his office to discuss the cafe, council bylaws and aspects concerning the surrounding district. You took notes that included the following significant information.
• Ron explained that there were opportunities for opening more cafes in the surrounding shopping centres like Wilsonton, Clifford Gardens and K-Mart Plaza.
• Ron handed you an extract from a government report ‘Economic Brief.’
• Ron explained that the Federal Government was now introducing legislation that backs up the local by-law concerning efficient water usage, particularly by industries. The current by-law has fines of up to $50,000 for excessive water breaches. Ron did explain that the council was giving some time to ‘make good’ under certain circumstances on a case by case basis. Ron also agreed with the idea of installing a water tank in the court yard for the cafe to use and would help get it built.
Ron explained that Toowoomba was obviously a place for retirees and the population was growing.
• Ron spoke about the Federal Government’s National Broadband Network being rolled out in Toowoomba that would allow efficient and effective video streaming and teleconferencing.
• Ron spoke about the current by-law that was due for implementation on the 1st of next month allowing cafes to expand their footpath dinning and so put more tables and chairs outside their premises.
• Ron also spoke of the fact that representatives of a large international chain of coffee shops had been making enquiries around town about opening a store in the Toowoomba CBD.
Senior Management Team and Finance, Audit and Risk Management (FARM) Committee meetings
Soon after you got back from your research trip to the Toowoomba store, you attended two teleconferences. First, you met with the senior management team.At this teleconference, you discussed issues raised by James Mansfield and Ron Langford and the report on previous NSW expansion, which head office had given you: Report into the acquisition and re-branding of the NSW expansion store. Paula said that there may be some things to learn from the NSW experience.
Key problems identified in the report were as follows:
1. Lack of internal controls, particularly over cash handling, monitoring and recording.
2. Failure to meet compliance standards in WHS, Privacy and industrial relations law.
3. Lack of written policy and procedures to guide staff in carrying out their duties.
4. Lack of a professional business culture in the family run business.
5. Failure of the business to monitor the external environment and find opportunities and threats to the business.
The team agreed that similar issues would pose a risk to the Toowoomba expansion.
You then held a teleconference with the FARM Committee. At the teleconference, you relayed the concerns of the senior management team. The FARM committee decided to allow you time to complete your review and then would include discussion of your review in the monthly board meeting.
Table of stakeholders (format)
Stakeholder Internal/external Role in process Stake in process
Appendix 3 - Case Study: Scenario Toowoomba update
The board has reviewed the previous report you developed, and has requested further information for several of the identified risks, including options for reducing the risk levels. These are as follows.
? Banking risk – theft of cash left on premises.
? Manager’s travel risk –physical injury.
? By-law Compliance risk –reputation/brand loss and fines.
Time lines to consider are based on risk priority levels and include the following.
? Pre-settlement – date of legal transfer of the business.
? Opening week – first week of company operations.
? Within 3 months – after the opening week.
? Within 6 months – after the opening week.
Responsibilities for actions include the following.
? Financial, insurance and banking issues – financial controller.
? Legal issues –Goldsmith Partners.
? Expenditure $5,000 – MacVille board.
? New policy – CEO with MacVille board.
? On-site management, training – store manager.
? Changes to MacVille cafe Queensland operations – CEO.
? External audits – CEO with MacVille board.
Develop a report for the board that examines these risks and describes ways that each can be treated, and forward a copy of your report to your manager to table at the next board meeting.
Further case study information
Hurley’s Cafe
You revise your notes from the meeting with James Mansfield and identify the following points:
? In the context of MacVille’s investment here $4,000 would be considered to be of minor consequence if it were burgled from the closed premises overnight.
Meeting with Ron Langford
You revise your notes from the meeting with Ron Langford and identify the following points.
? He also said that the Council water patrols meant that it is likely that stores not complying with the by-law would be discovered.
Senior management team meeting
You go back over your notes compiled with the senior management team and note the following.
? Further feedback from Paula included that the water compliance risk was one where significant time and resources would be required and the board would view it having moderate consequences for MacVille’s cafes in Queensland. She also indicated that the board views any potential risk that could result in the death of an employee as having a catastrophic consequence.
Looking at the hierarchy of control the senior management team was able to give you some good brainstorming ideas to pursue. These include the following.
? Installing native plants to cut down water use.
? Making it a company policy to bank every day and eliminate the need to carry overnight.
? Install a teleconferencing system.
? Install a water tank and reduce dependence on council water.
? Change banks to the nearer one to avoid the long walk.
? Install dual flush toilets.
? Insure overnight cash holdings.
? Finish management meetings at 3:00pm.
? Introduce new processes on water use and conservation.
? Change assistant management times to the morning.
? Write new policy and procedures for water use in Toowoomba.
? Install a water usage graph in the staff room.
? Give the manager an excusal letter allowing them to leave any meeting at no later then 3:00pm every day.
? Replace the dishwasher with a 5–6 stat (WELS) rating.
? Have Goldsmith Partners apply for time to ‘make good’.
Case Study: Implementation information
In accordance with the risk management plan, an external audit was completed and presented six months later to the board. The audit investigated the status of the planned actions on the risks identified.
A summary of the findings is as follows
The financial controller had taken out $5,000 on insurance cover for cash held on the premises overnight from the opening week as planned, but the insurance premium was $2,500 per year and which is considered excessive by the financial controller.
The company bank account that was planned to open in the first week was opened about 4 weeks after opening at the bank two shops down the street, but it is not MacVille’s regular bank and there are difficulties with getting the same level of service that the stores receive in Brisbane.
The teleconferencing system planned for 6 months after settlement, has not yet been installed due in part to the delay in the Federal Government’s National Broadband Networkrollout.
The weekly management meetings are finishing close to 3:00pm as planned but sometimes the manager has to stay on at the request of the head office team. The manager has not yet been issued with an excusal letter by the CEO as agreed upon and feels that they do not have the authority to just walk out at 3:00pm. The assistant management training has been shifted to the mornings allowing the manager to leave before 1:00 pm as planned.
The board and CEO included a new policy regarding compliance with the Toowoomba bylaw on water conservation as planned but the specific procedure has not yet been written, although it appears that compliance is being achieved.
The plants have been changed to natives that require minimal water as planned. The installation of dual-flush toilets were planned for completion 6 months after settlement, and although the dual flush toilets have been ordered and in stock, they cannot be installed due to the backlog of work by district plumbers. The 5 star rated (WELS) dishwasher was installed by the supplier within the 6 months planned timetable.
The application to make good by Goldsmith Partners on behalf of MacVille, was accepted by the Toowoomba City Council; however the grace period to comply with by-law ends in 14 days and the store is still above the acceptable benchmark for water use.
The training on daily banking appears to have been successfully completed as planned. An audit of the bank deposit book shows that on only two occasions in the past 6 months that there is not a banking entry for the day’s sales.
There has been one internal audit arranged by the store and as planned there should have been a call every two months. The store manager cites the distance that auditors have to travel and their overloaded work with the Brisbane stores as the reason for this infrequency.
Although the training on the water saving processes as directed by the policy has been verbally explained and followed, the written procedure has not been completed as the store’s manager claims to be too busy.
A water tank had been built in to the courtyard but the plumbing has not yet been connected. There is a weekly water usage monitor in the staff room as planned but the information has not been updated for the past three weeks.
Appendix 4 - Case Study: Policies and procedures
Risk management policy
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to ensuring the implementation of risk management processes that focus on the proactive management of risks across the organisation.
This risk management policy forms part of MacVille's internal controls and corporate governance arrangements. The risk management policy is designed to:
• identify, evaluate, control and manage risks
• ensure potential threats and opportunities are identified and managed
• inform directors, senior management and staff members about their roles, responsibilities and reporting procedures with regards to risk management
• ensure risk management is an integral part of planning at all levels of the organisation. Policy
MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive management of risk at all levels of the organisation.
MacVille will identify, evaluate, control and manage risk throughout the organisation in accordance with the ‘MacVille Risk Management Framework’. See risk management strategy for framework details.
Responsibility and Authority
Directors, management and employees of MacVille have responsibility fro implementing aspects of this policy. Role of the Directors
The directors have a governance responsibility in the management of risk. This includes:
• determining what types of risk are acceptable and which are not
• setting the standards and expectations of staff with respect to conduct
• approving major decisions affecting MacVille’s risk profile or exposure
• monitoring the management of significant risks to reduce the likelihood of potential organisational risks and threats or failure
• being satisfied that risks are being actively managed, with the appropriate controls in place and working effectively
• annual review of MacVille’s approach to risk management and approval of changes or improvements to key elements of its processes and procedures.
Role of the Senior Management Team and Store Managers
Key roles of the senior management team are to:
• implement policies on risk management and internal control where this is deemed appropriate
• identify and evaluate areas of significant risks potentially faced by MacVille for consideration by the directors
• identify areas where risk management is not adequately addressed and advise the directors accordingly
• review and update the Risk Management Strategy
• undertake an annual review of the effectiveness of systems of internal control and provide an annual report to the directors, including a summary review and respective recommendations.
Role of Cafe Employees
Key roles of the employees are to:
• familiarise themselves with the content of the risk management policy and clarify any aspects necessary with a senior team member
• consider any risks they feel could impact on them meeting their objectives and either manage the risk if it is in their control to do so, or inform a management team member of their concerns
• advise senior management, in the first instance, or the Board, if concerned about any fraud or unethical behaviour.
MacVille Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient operation, enabling MacVille to respond to a variety of operational, financial, commercial and strategic risks. These elements include:
Policies and procedures– A series of policies underpin the internal control process. These policies are endorsed by the directors and are implemented and communicated by the senior management team to all staff. These policies include:
• Human Resources Policies
? Staff Travel Policy
? Harassment Policy
? WHS Policy
? Return to Work Policy
? Work/Life Balance Policy
? Equity/Discrimination/Diversity Policy
? Parental Leave Policy
? Organisational Culture Policy
• Financial Policies
? Bad Debt Policy
? Cash Reserving Policy
? Revenue/Expenditure Recognition Policy
? Finance, Audit and Risk Management (FARM) Committee Terms of Reference including delegations
• Corporate Governance Policies
? Board Protocol
? Sitting Fees Policy
? Directors Remuneration Policy
Monthly reporting– Decisions to rectify problems are made at regular meetings of the senior management team. Comprehensive reporting at board and sub-committee meetings is designed to monitor key risks and their controls.
Business planning and budgeting – The business planning and budgeting process is used to set objectives, agree on action plans, and allocate resources. Progress towards meeting business plan objectives is monitored regularly by the senior management team and by directors at board meetings.
Risk Management review– The Finance, Audit and Risk Management (FARM) Committee are required to report at board meetings on internal controls. The Finance and Audit Committee pay particular attention to risk management. It is the CEO’s responsibility to brief the directors periodically and as appropriate on the development of policies and procedures to ensure effective and efficient operations, risk management strategies and implementation. In addition, the FARM committee oversees internal audit, external audit and management as required in its review of internal controls. The committee is therefore well placed to provide advice to the board on the effectiveness of the internal control system, including MacVille’s strategy for the management of risk.
External audit – The final audit of financial statements is controlled by an external chartered accountant who provides feedback to the Board through the Finance and Audit Committee.
Procedure: Development of a Risk Management Profile
The following outlines the process for developing a risk management profile.
1. Establish the context
? Define and identify the environment, characteristics and stakeholders, their goals and objectives, and the scope of the specific risk management process.
? Develop criteria against which risks are evaluated and identify the structure for risk management.
2. Identify and describe risks
? Risks are best identified through a collaborative approach involving a cross section of stakeholders.
? All conceivable risks must be considered. Ensure any certainties are identified as problems and addressed in the risk management profile.
3. Conduct current risk analysis
? An analysis of the risks is conducted to determine their causes, and estimate their probability and consequences. This analysis provides the basis for working on the
‘right’ risks.
4. Conduct risk evaluation
? Risks are considered and prioritised according to their potential impact, and each risk is assessed to determine its level of acceptability.
5. Develop and implement proposed risk treatments
? Risk treatments are developed to cost-effectively reduce, contain and control risk.
? Formal risk management reporting mechanisms are defined and documented.
? Categorise the risk likelihood.
6. Monitor, report, update and manage risks
? As risks change constantly, the risk profile is continuously monitored, reviewed and updated by management. New risks may be identified as more information becomes available and existing risks may be eliminated through the effectiveness of the risk treatments/actions. Record risks identified through regular audit on the risk audit log. Record risk management activities on the risk management register.
MacVille’s Risk Areas
The following are four broad areas where potential for risk to MacVille has been identified. Under each area, examples of possible risks are detailed.
Operational/Organisational
• Legal and regulatory compliance
• Technology
• Insurance
• Resources: human, physical
• Logistics
• Marketing
• Product quality
• Communications
• Infrastructure, plant and equipment
• Customer interaction
• Market needs
Financial
• Accountability
• Fraud or theft
• Capital investment
• Interest rates
• Loss of income, funding/finance
Governance
• Conduct of board
• Conflict of interest
Project Management
• Procedures and tools for project management
• Stakeholders – strength of relationships/conflict of interest
• Human resources
• Financial resources
Case study:Risk management strategy
Introduction
MacVille recognises that risk management is an essential component of good management practice and is committed to the proactive management of risks across the organisation. The strategy is designed to:
• identify, evaluate, control and manage risks
• ensure potential threats and opportunities are identified and managed
• inform directors, senior management and staff members about their roles, responsibilities and reporting procedures with regards to risk management
• ensure risk management is an integral part of planning at all levels of the organisation.
Guiding Principles
• MacVille is committed to achieving its vision, business objectives and quality objectives by the proactive management of risk at all levels of the organisation, acknowledging that embracing innovative ideas and practices carries with it risks, but that these are identifiable and measurable and therefore capable of being subject to realistic risk mitigation processes.
Responsibility and Authority
• The directors have responsibility for ensuring that risk management is in place.
• The Finance, Audit and Risk Management (FARM) Committee has the responsibility of reviewing the Risk Action Plan on a six-monthly basis.
• The CEO and the senior management team have responsibility for managing risk and advising the Board on appropriate controls.
• The CEO and the senior management team support and implement policies approved by the directors.
• Key risk indicators will be identified, closely monitored and action taken where necessary, by the staff and directors.
MacVille Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient operation, enabling MacVille to respond to a variety of operational, financial, commercial and strategic risks. These elements include:
• Policies and procedures: A series of policies underpin the internal control process.
• Reporting: Decisions to rectify problems are made at regular meetings of the senior management team.
• Business planning and budgeting: The business planning and budgeting process is used to set objectives, agree on action plans and allocate resources. Progress towards meeting business plan objectives is monitored regularly by the senior management team and by directors at board meetings. Contingency planning is undertaken as required.
• Risk Management review: The Finance, Audit and Risk Management (FARM) committee is required to report at Board meetings on internal controls.
• CEO: The CEO has responsibility to brief the Directors periodically and as appropriate on the development of policies and procedures to ensure effective and efficient operations, risk management strategies and implementation.
• External audit: The final audit of financial statements is controlled by an external chartered accountant who provides feedback to the Board through the FARM Committee.
Definitions
Risks are identified on a scale of likelihood of occurring in the next 12 months and assigning an impact or consequence to the risk as high, medium or low. High includes either a significant shortfall of around 40% in achieving budget or a significant reduction in ability to function. Medium includes either a shortfall of budget of between 10% and 20% or some reduction in function. Low indicates minor reductions in achieving budget or minimal reduction in performance.
RISK ANALYSIS REPORT
(Where possible, list abbreviations at the end of the table and use them. See example)
RISK LIKELIHOOD CONSEQUENCE PRIORITIES OPTIONS
? Likelihood
? Very likely VL
? Likely L ? Possible P
? Unlikely U
? Rare R
? Consequence
? Disastrous D ? Severe S
? Moderate Mod
? Minimal Min
PRIORITY TABLE
Consequence
Likelihood
Almost certain
Likely
Moderate
Unlikely
Rare
RISK MANAGEMENT PLAN
RISK RISK LEVEL CONTROLS MONITORING TIMELINES RESPONSIBLE
(Where possible, list abbreviations at the end of the table and use them. See example)
Risk levels
? Low L
? Medium M
? High H
? Extreme E
• Time lines to consider are based on risk priority levels and include the following.
? Pre-settlement – date of legal transfer of the business. PS
? Opening week – first week of company operations. OW
? Within 3 months – after the opening week. 3M
? Within 6 months – after the opening week. 6M
• Responsibilities for actions include the following.
? Financial, insurance and banking issues – financial controller. FC
? Legal issues – Goldsmith Partners. GP
? Expenditure $5,000 – MacVille board. Board
? New policy – CEO with MacVille board. CEO/B
? On-site management, training – store manager. Mgr
? Changes to MacVille cafe Queensland operations – CEO. CEO
? External audits – CEO with MacVille board. Audit
This above price is for already used answers. Please do not submit them directly as it may lead to plagiarism. Once paid, the deal will be non-refundable and there is no after-sale support for the quality or modification of the contents. Either use them for learning purpose or re-write them in your own language. If you are looking for new unused assignment, please use live chat to discuss and get best possible quote.
Looking for answers ?
Recent Questions
Assessment Criteria for Written Report (20%)• Submission of a minimum 1500 to maximum 1800-words written report due from week 9. You will submit your written report one week after you have undertaken the...Assessment 2: (20%) Case Study Presentation Due Date weeks 10This assessment builds on your theoretical knowledge and tests your ability to apply this knowledge to practice.you are required to formulate...Assessment 2Assessment 2Report: 30%Word count: 1400 – 1600 wordsDue date: Sunday of Week 8DescriptionYou are playing the role of a community service worker supporting a young adult son who is 18 years...1500-1800 wordsInstructions From TutorPlease download the eTask3 spreadsheet from Canvas and save the eTask spread as an Excel file. The main content of the force method is taught in Lectures 6,7&8.eTask3.1 is a...ASSIGNMENT INSTRUCTIONSAssessment Practical assessmentAssessment code: 011Academic Year: 2023/2024Trimester: 2Module Title: Critical Perspectives on Cross-Border BusinessModule Code: MOD009194Level: 6Module...Information Systems Analysis & DesignAssignmentDue date: Week 5 Friday (5 Apr 2024) 11:59 pm AESTWeighting: 30%Length: 1,200 to 1,500 words (penalty will apply if the length is outside this limit)Assessment...Show All Questions