Assessment Task 2 - Case Study
Establish risk scope, risk context and identify risks
STUDENT ID GROUP NO.
DATE OF SUBMISSION PLACE OF
This assessment task is about analysing a case study of a simulated workplace and information from a range of sources to identify the scope and context for the risk management related to the Unit of Competency “BSBRSK501 Manage risk” and its elements and performance criteria.
Using the simulated workplace documents and the case study scenario on the Appendix 1, you are required to analyse information from a range of sources of simulated workplace to identify the scope and context of the risk management process that includes: stakeholder analysis, political, economic, social, legal, technological and policy context, current arrangements, objectives and critical success factors for the risk scope and risks that may apply to the scope.
To test your ability to demonstrate the skills and knowledge required to analyse information from a range of sources to identify the scope and context of the risk management process.
Review the documents of simulated workplace ‘Coffeeville’ and the scenario on the Appendix 1 and provide solutions to the task activities in analyzing and identifying the scope and context of the risk management process for the workplace.
Specifications to submit
You must Submit a report that includes the following activities (the report must cover all the
10 points stated under your task). When submitting the report and accompanying documents, you need to ensure that:
A. your report is titled ‘Risk review.’
B. your report is in order, with attachments on the back of your report as follows:
I. it includes notes from meeting with your manager.
II. it includes draft communication with stakeholders.
III. Completed risk identification table.
1. Review the simulated workplace (Coffeeville) to undertake the risk management.
2. Read the workplace scenario on the Appendix 1 to determine the risk scope and the risk context.
3. Review the “Risk Management Policy” of the simulated workplace on the appendix
4. Analyses information from a range of sources to identify the scope and context of the risk management process including:
a. stakeholder analysis,
b. political, economic, social, legal, technological and policy context,
c. current arrangements of risk management,
d. objectives and critical success factors for the area included in scope and risks that may apply to scope.
5. This task requires you to meet with your manager (assessor) and other stakeholders. Form the individuals with specific roles to role-play as agreed by your assessor.
6. Complete the following assessment task activities during the allowed assessment date/s and time/s.
7. The assessment task is due on the date specified by your assessor.
8. Any variations to this arrangement must be approved in writing by your assessor.
9. Submit your work with any required evidence attached.
10. See the specifications above for details of submission requirements. Time allowed for the assessment task is 3 hours.
Your assessor will be looking for demonstration of your ability to analyse information from a range of sources to identify the scope and context of the risk management process including:
1. stakeholder analysis.
2. political, economic, social, legal, technological and policy context.
3. current arrangements.
4. objectives and critical success factors for the area included in scope.
5. risks that may apply to scope.
Your Task Scenario
You are the café manager of Coffeeville. Emma Balcastran, the CEO of the café has asked you to review information of the workplace to identify the scope and context of the risk management for Coffeeville. She has asked you to write a report by undertaking the following activities to manage risks for the cafe:
1. Review the existing arrangements for risk management of the café including the policies and procedure and their effectiveness.
2. Review organizational process, requirements and key elements of current risk management standards and identify the scope of risk management for the café including legislative and regulatory context of the organisation in relation to risk management.
3. Identify and describe the critical success factors, goals or objectives for areas included in scope.
4. Identify internal and external stakeholders, their role in the process, and any issues or concerns they have. Complete this using the table format provided in Appendix 3.
5. Complete a PEST analysis and a SWOT analysis for risks associated with the scenario.
6. Review the research information provided in the case study and any other literature that is relevant to this scenario to use in your risk management process.
7. Establish the risk context for the risk management process for the new café in Melbourne.
8. After you have completed the above activities, you need to meet with your manager (your assessor) and discuss the draft report you have developed. In dot-point form, summarise the discussions with your manager. This should include any recommendations they made to you. As part of your discussions with your manager, you also need to discuss and identify how you can communicate with stakeholders about the risk management processes and invite their participation. Arrange to meet with James and Ben in a role-play to further discuss and identify risks associated with the café (scenario). Develop a draft of the communication for the use.
9. In consultation with stakeholders (Your Assessor), identify risks (minimum seven (7)) for the café using the risk scope and context you have established. You may use the template provided in Appendix 3 for risk identification.
10. Complete and submit your report to your CEO (your assessor) to move to the next stage of risk management process which is risk analysis, risk evaluation, risk treatment and monitoring in Assessment task 3.
Appendix 1 Simulated Workplace (Coffeeville)
As part of Coffeeville overall strategy in the Australian cafe market, Coffeeville Pty Ltd have taken to the next level of growth with the café to be always sought out by local area employees, tourists and street walkers in the Central Business District (CBD) of Melbourne, Victoria. The board of directors have made the decision to rebrand the café as a “quality café and customer friendly service” to all local customers and businesses.
You currently work as the manager of Collins Street café in Melbourne. The CEO has assigned you the task of managing the risks involved with the organisational aspects of current café that may impact the objectives. James is the Operational Supervisor who is helping you with the project. The three stages of your risk management task will include:
1. Review and understand the risk scope and context.
2. Identify, analyse, evaluate risks and provide appropriate risk treatments
3. Monitor and review risk controls.
The strategic and investment risks of this project are being managed by the directors. You are to consider any risks that could impact on marketing and sales, human resources management, financial operations, Work Health and Safety (WHS), operational, supply chain and the local governance, business reputation and overall compliance issues.
Current risk management
Current risk management is handled by directors in a very informal manner. They don’t even have a risk register in place. They just determine the risk associated with their investments and control them with their gut feelings. Risk controls are not documented and not monitored. You decided to conduct research and engage stakeholders to help you with your risk management activity. You also decided to analyse information from a range of sources of workplace to identify the scope and context of the risk management process.
Your consultation starts with James and the CEO had also arranged for you to meet with Ben Holden, the landlord in his office. You decided to meet and consult relevant individuals for you to determine the risk scope and the context and take notes on all the research and discussions with stakeholders.
You have noted down the key concerns and significant events from the meeting with James.
1. The location of the store on the corner of the two main streets of the city makes attractive for local customers and highly visible for tourists. But, two of the adjoining buildings have become vacant and ready to be leased out leaving the possibility of new cafes being opened right next to Coffeeville.
2. The current two-hour delivery of fresh pastry deliveries to the café from the company’s central bakery plant would delay the deliveries. The pastries would arrive after the morning rush. These are a key part of the Coffeeville assortment.
3. You learnt that policy and procedures are not updated during the last two years and may lack the changes of local council laws and hospitality regulations.
4. You noted down about the water use as running the dishwasher when only half full. Washing fruit and vegetables under a fast running tap. Toilets all used the single flush system. The store currently uses 50,000 litres a week.
5. The same staff member that completed the cash register balancing also completed the bank deposit form and did the banking as well.
6. The banking was not done every day and often cash was kept on the premises overnight in the cash register. There was no safe. The current bank is a couple of blocks away and there was not always enough time to do the banking though there is a bank two shops away.
7. James replied to you question about the possibility of break-ins saying that there is a 50% chance of it happening and very seriously mentioned that there is no formal risk management practice currently in place for the cafe.
8. The tables and chairs looked old and unattractive, with some chairs unstable and broken and some parts of the worn carpet was simply taped over and covered.
9. No WHS policy and procedures in place and established process for dealing with injuries sustained in incidents of operational aspects at work.
10. The computer with all the stores employee details, and financial records was not password protected and anyone could access the information.
You also met with Ben Holden, the landlord in his office to discuss the cafe, council laws and aspects concerning the compliance requirements and the general business situations in the local area. You took notes that included the following significant information.
1. Ben explained that there were opportunities for opening more cafes in the surrounding shopping centres like Westfield and Plaza.
2. Ben spoke about a report ‘Economic Brief’ and explained that the Federal Government was now introducing legislation that backs up the local by-law concerning efficient water usage, particularly by industries. The current by-law has fines of up to $50,000 for excessive water breaches. Ben also agreed with the idea of installing a water tank in the court yard for the cafe to use and would help get it built.
3. Ben explained that Melbourne was obviously a place for coffee lovers and the population was growing.
4. Ben spoke about the current by-law that was due for implementation on the 1st of next month allowing cafes to expand their footpath dinning and so put more tables and chairs outside their premises.
5. Ben also spoke of the fact that representatives of a large international chain of coffee shops had been making enquiries around town about opening a store in the Melbourne CBD.
IBIS WORLD Industry Report - Industry Locations Chapter
The Cafes and Coffee Shops industry has grown strongly over the past five years, supported by Australia's vibrant coffee culture. Industry revenue is expected to grow at an annualised 5.1% over the five years through 2017-18, boosted by a large spike in 2013-14 as positive consumer sentiment and growing incomes encouraged consumers to visit cafes and coffee shops. Industry revenue is expected to increase by 2.7% in 2017-18, to total $8.3 billion. Despite the industry's strong performance over the past five years, competitive pressures have pushed profitability down over the period. Australia's coffee culture, and its growing number of speciality cafes and coffee shops have contributed to high industry competition, low barriers to entry and low industry concentration.
The geographic spread of the industry is closely correlated with population and income distribution. Consequently, a significant proportion of cafes and coffee shops are in the heavily populated eastern seaboard states. New South Wales, Victoria and Queensland account for 81.3% of industry establishments, and over 77% of the population. New South Wales and Victoria have a larger share of cafes and coffee shops than their population base would indicate. This is largely due to higher average incomes in these states, and greater demand for cafe meals and beverages. Furthermore, Melbourne's entrenched coffee culture has resulted in many new cafes and coffee shops opening in inner-city areas.
Risk Management Policy
Coffeeville recognises that risk management is an essential component of good management practice. Coffeeville is committed to ensuring the implementation of risk management processes that focus on the proactive management of risks across the organisation.
This risk management policy forms part of Coffeeville's internal controls and corporate governance arrangements. The risk management policy is designed to:
• identify, evaluate, control and manage risks
• ensure potential threats and opportunities are identified and managed
• inform management and staff members about their roles, responsibilities and reporting procedures with regards to risk management
• ensure risk management is an integral part of planning at all levels of the organisation.
Coffeeville is committed to achieving its vision, business objectives and quality objectives by the proactive management of risk at all levels of the organisation.
Coffeeville will identify, evaluate, control and manage risk throughout the organisation in accordance with the ‘Coffeeville Risk Management Framework’. See risk management strategy for framework details.
Responsibility and Authority
Management and employees of Coffeeville have responsibility for implementing aspects of this policy.
Role of store managers/partners
Key roles of the senior management team are to:
1. determine what types of risk are acceptable and which are not
2. set the standards and expectations of staff with respect to conduct
3. approve major decisions affecting Coffeeville’s risk profile or exposure
4. monitor the management of significant risks to reduce the likelihood of potential organisational risks and threats or failure
5. perform annual review of Coffeeville’s approach to risk management and approval of changes or improvements to key elements of its processes and procedures
6. implement policies on risk management and internal control where this is deemed appropriate
7. identify and evaluate areas of significant risks potentially faced by Coffeeville for consideration by the managers and partners
8. identify areas where risk management is not adequately addressed and advise the partners accordingly
9. review and update the risk management strategy
10. undertake an annual review of the effectiveness of systems of internal control and provide an annual report for partners, including a summary review and respective recommendations.
Role of cafe employees
Key roles of the employees are to:
1. familiarise themselves with the content of the risk management policy and clarify any aspects necessary with a senior team member
2. consider any risks they feel could impact on them meeting their objectives and either manage the risk if it is in their control to do so, or inform management/partners of their concerns
3. advise store management/ partners about any fraud or unethical behaviour.
Coffeeville Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient operation, enabling Coffeeville to respond to a variety of operational, financial, commercial and strategic risks. These elements include:
Policies and procedures
A series of policies underpin the internal control process. These policies are endorsed by the partners and are implemented and communicated by the store management to all staff. These policies include:
Human resources policies:
• staff travel policy
• harassment Policy
• OHS Policy
• return to work policy
• work/life balance policy
• equity/discrimination/diversity policy
• parental leave policy
• organisational culture policy Financial policies:
• bad debt policy
• cash reserving policy
• revenue/expenditure recognition policy.
Decisions to rectify problems are made at regular meetings of the partners. Comprehensive reporting at staff meetings is designed to monitor key risks and their controls.
Business planning and budgeting
The business planning and budgeting process is used to set objectives, agree on action plans and allocate resources. Progress towards meeting business plan objectives are monitored regularly by store managers and partners.
Procedure: Development of a Risk Management
The following outlines the process for developing a risk management profile.
1. Establish the context
Define and identify the enviBenment, characteristics and stakeholders, their goals and objectives, and the scope of the specific risk management process. Develop criteria against which risks are evaluated and identify the structure for risk management.
2. Identify and describe risks
Risks are best identified through a collaborative approach involving a cross section of Coffeeville stakeholders.
All conceivable risks must be considered. Ensure any certainties are identified as problems and addressed in the risk management profile.
3. Conduct current risk analysis
An analysis of the risks is conducted to determine their causes and estimate their probability and consequences. This analysis provides the basis for working on the ‘right’ risks.
4. Conduct risk evaluation
Risks are considered and prioritised according to their potential impact, and each risk is assessed to determine its level of acceptability.
5. Develop and implement proposed risk treatments
• Risk treatments are developed to cost-effectively reduce, contain and control risk.
• Formal risk management reporting mechanisms are defined and documented.
• Categorise the risk likelihood.
6. Monitor, report, update and manage risks
As risks change constantly, the risk profile is continuously monitored, reviewed and updated by management. New risks may be identified as more information becomes available and existing risks may be eliminated through the effectiveness of the risk treatments/actions.
Record risks identified through regular audit on the risk audit log. Record risk management activities on the risk management register.
Coffeeville’s Risk Areas
The following are four broad areas where potential for risk to Coffeeville has been identified. Under each area, examples of possible risks are detailed.
• legal and regulatory compliance
• resources: human, physical
• product quality
• infrastructure, plant and
• equipment • customer interaction
• market needs.
• fraud or theft
• capital investment
• interest rates
• loss of income, • funding/finance.
• procedures and tools for project management
• stakeholders – strength of relationships/conflict of interest
• human resources
• financial resources.
2017 – Emma Belcastran (CEO, Coffeeville)
Appendix 3 – Tables
Stakeholder Consultation Format
Stakeholder Internal/ external Role in process Issues/concerns
Table of Risk Identification
Risk Context Risk Stakeholder inputs/or methods used to identify risk