attached
BSBRSK501 Student Assessment Page 3 of 13 AOI Institute July, 2020 – Version 1.0 Student Assessment BSBRSK501 Manage Risk In order to be assessed as Competent (C) in this unit, you need to provide evidence which demonstrates that you can perform the required competencies to the required standard. Competency depends on consistently demonstrating the skills, attitude and knowledge that enables you to complete workplace tasks confidently in a variety of situations. This unit describes skills and knowledge required to manage risks in a range of contexts across an organisation or for a specific business unit or area in any industry setting. It applies to individuals who are working in positions of authority and are approved to implement change across the organisation, business unit, program or project area. They may or may not have responsibility for directly supervising others. To attain competence in the unit ‘Manage Risk’ you must: Successfully complete the Theory Assessment (via the student portal) Successfully complete the Assessment Project Successfully complete the Practical Demonstration (Trainer will complete Trainer Observation Checklist) Assessment Project BSBRSK501 Manage Risk Instructions: You are to complete the following Assessment Project (Part 1 – Part 4) on managing risk and submit your written answer to your trainer via the student portal by week 9 of the term. Your assessment project will form part of the evidence gathered for this unit. You must successfully complete all parts of the assessment project in order to obtain satisfactory result. As a part of this assessment you are required to prepare and deliver 2 presentations in the classroom on dates allocated to you by your trainer. Assessment Project: This project is made up of 4 parts: Part 1 – Establish risk context Part 2 – Identify risks Part 3 – Analyse risks Part 4 – Select and implement treatments Part 1 – Establish Risk Context (includes practical demonstration component) This assessment project task requires you to establish the context of the risks associated with an organisation or within a part of the organisation. As per the information below and a current risk management plan provided at the end of this assessment, you will need to access the following: The current risk management plan (Appendix A) Identify key business activities This scenario is centred on a National Electronics Company, called Computers R’ Us. The company sells computers and associated accessories either via their online website or via their call centre. Many of the staff, whether they be in the warehouse, call centre or office utilise a computer for most of their tasks. Task 1: Write a review of the current risk management plan. Your review must include the following: A brief overview of the risk management approach used by the business unit or organisation The scope for the risk management process (i.e. whole organisation, specific project, etc.) The political, economic, social, policy, legal and/or technological contexts The strengths and weaknesses of current risk management arrangements Critical success factors e.g. describe the actions or processes Computers R’ Us uses to achieve its goals and objectives Goals and objectives e.g. explain Computers R’ Us’ goals and objectives in relation to risk management Task 2 (Part of the Practical Demonstration 1): Prepare and deliver a presentation to relevant stakeholders about the risk management process in Computers R’ Us. You will need to also consult them and gather their feedback and ideas on how to identify and assess risks, and on appropriate risk treatment actions and priorities. You will be completing this activity in the classroom on a date allocated to you in advance by your trainer (during week 5 of the term). Your fellow learners and trainer will represent the relevant parties. Your trainer will observe your knowledge and skills during the presentation and will complete an electronic Trainer Observation Checklist which will form part of an evidence gathered for this unit. Duration of this presentation is approximately 7-10 minutes. In your presentation you must include a review of the risk management approach including: A brief overview of the risk management approach used by the business unit or organisation The scope for the risk management process (i.e. whole organisation, specific project, etc.) The political, economic, social, policy, legal and/or technological contexts The strengths and weaknesses of risk management arrangements Critical success factors Goals and objectives Consultation with your stakeholders: Questions you will ask the stakeholders to gather their feedback and ideas on how to identify and assess risks Questions you will ask the stakeholders to gather their feedback and ideas on appropriate risk treatment actions and priorities Task 3 (To be completed after the presentation): Conduct a detailed analysis of key stakeholders. List the issues and concerns raised by the various stakeholders. Part 2 – Identify Risks Building on your answer from Part 1 – Establish Risk Context, you are now required to use a range of methods to identify risks. Your task is to: In consultation with relevant parties develop a list of sources of information you will use to assist you identify risks that apply to the scope you identified in Part 1 – Establish Risk Context. Use these sources of information to research the risks that may apply to scope. In consultation with relevant parties use at least two different tools or techniques to generate a list of risks that apply to the scope. (Tools and techniques may include brainstorming, checklists, fishbone diagrams, flowcharts etc.). Part 3 – Analyse Risks This task requires you to analyse the likelihood and impacts of the risks you have identified in the Part 2 – Identify Risks and evaluate and prioritise them for treatment. You will need to complete the Risk Categorisation Table below. Your task is to: Select at least five (5) risks you have been examining and compile a Risk Categorisation Table (please see below). Assess the likelihood of the risks occurring and the impact on the organisation if they do occur. Determine the level of risk. Describe how adequate the current risk controls are. Evaluate and prioritise these risks for treatment by giving the risk priority (rank ordering them). Risk Categorisation Table Reference ID Risk (Describe the risk) Level of Likelihood (Rate the likelihood) Level of Impact (Rate the consequence) Level of Risk (Resulting level of risk) Current Controls (Describe how adequate they are) Risk Priority (Give it a risk priority) Definitions Level of Likelihood: AExpected will occur regularly BProbablewill occur at some stage CPossiblecould occur DImprobablecould occur but unlikely ERarecan occur but in limited situations Level of Impact: 1Insignificant 2Minor 3Moderate 4Major 5Catastrophic Level of Risk: Level of Likelihood Level of Impact 1 (insignificant) 2 (minor) 3 (moderate) 4 (major) 5 (catastrophic) A (expected) Low Medium High Very high Extreme B (probable) Medium Medium Medium High Extreme C (possible) Low Medium Medium High High D (Improbable) Low Low Medium Medium High E (Rare) Low Low Medium High Medium Adapted from Aspire Training and Consulting Learner Guide - Identify Risk and Apply Risk Management Processes (2007) Part 4 – Select and Implement Treatments (includes practical demonstration component) This task requires you to develop a treatment plan to address the identified risks. Task 1: Develop an action plan to address identified risks and their treatment. Use the template of a Risk Treatment Plan on the following page. You must include the following in your plan: Risks in priority order (as per the Risk Categorisation Table) Treatment options Preferred options Actions required (select which options to accept and which to reject) Who is responsible for implementing the treatment action Timeframes for implementing the treatment actions Monitoring process (who will monitor this risk and its treatment) Further action required Task 2 (Part of the Practical Demonstration No 2): Prepare and deliver a presentation to relevant parties in which you explain your risk treatment plan. You will be completing this activity in the classroom on a date allocated to you in advance by your trainer (during week 7 of the term). Your fellow learners and trainer will represent the relevant parties. Your trainer will observe your knowledge and skills during the presentation and will complete an electronic Trainer Observation Checklist which will form part of an evidence gathered for this unit. Duration of this presentation is approximately 7-10 minutes. In your presentation you must include the following: Risks in priority order (as per the Risk Categorisation Table) Treatment options Preferred options (select which options to accept and which to reject) Actions required Who is responsible for implementing the treatment action Timeframes for implementing the treatment actions Monitoring process (who will monitor this risk and its treatment) Further action required Task 3: Explain the process you would use to implement the risk treatment plan. Describe the strategies you would use to monitor and review the risk treatments you have planned. Outline the sources of information you will need to use to review the effectiveness of your risk management strategies. Describe the process you will follow to ensure accuracy of an appropriate storage of all documentation Risk Treatment Plan Risk in Priority Order Treatment Option(s) Preferred Option(s) Action(s) Required A = accept option(s) R = reject option(s) Person Responsible for Implementing the Treatment Option(s) Timeframe Monitoring Process (Person Responsible for Monitoring the Risk and its Treatment) Further Action Appendix A Computers R’ Us Current Risk Management Plan It is the intent of this Risk Management Plan to: Protect the health, safety and welfare of people at work by identifying, analysing and evaluating the risks in the workplace and implementing relevant treatment actions Safeguard others, including members of the public, who may be exposed to risks from the way work is carried out Carry out enforcement of health & safety regulations to promote a comfortable and safe working environment for all staff. Protect and prevent damage of Computers R’Us equipment and property It is the policy of Computers R’ Us to adhere to all state federal and local WHS regulations and statutory requirements. Any work practices outside of these regulations and any risks observed or identified must be bought to the attention of management immediately and relevant treatment action needs to be promptly implemented. All staff are to carry out their work in a safe manner to ensure that no harm may come to others or in a way that would endanger an employee or visitors’ health. All equipment must be operated as set out in the manufacturers operating instructions. Any equipment that is altered must be done so by an authorised person. All repairs to equipment must only