Risk based reviews vary in scope.
One size does not fit all - context is critical.
Some straightforward projects can have their objectives achieved by a Desk Check (green dots - see adjacent table) at a very reasonable cost. This can generally be done working remotely with your nominated representative by email, video link and phone.
As projects become more complex - involving other stakeholders; and in some cases sensitivities which benefit from face-to-face contact - their objectives are better achieved by methods listed against the orange dots - ramping up to the red dots for the most complex.
The most effective way of meeting your needs starts with a conversation focused on scope.
Good frameworks, systems and processes are fundamental to adding value to a thriving organisation. Refreshing your risk management framework - including your risk management plans - is a key part of risk management reviews. Engaging us as a trusted adviser provides confidence and identifies things which could benefit from being recalibrated.
© 2018 "Disaster Resilience Consulting" (registered with the Australian Securities and Investments Commission, the independent Australian government body that acts as Australia's corporate regulator).
ABN 29 720 763 314
For clients relatively new to best practice risk management - and looking to improve their approach - I will scope a desktop review of your risk management framework against the International Risk Management Standard - ISO 31000.
The key areas of performance which will be focused on would consider:
1. Leadership and commitment, including:
• aligning risk management with the strategy, objectives and culture of the organisation;
• issuing a statement or policy that establishes a RM approach, plan or course of action;
• making necessary resources available for managing risk; and
• establishing the amount and type of risk that may or may not be taken (risk criteria / appetite).
2. Integration, including:
• determining management accountability and oversight roles and responsibilities; and
• ensuring risk management is part of, and not separate from, all aspects of the organisation.
3. Design, including:
• understanding the organisation and its internal and external context;
• articulating risk management commitment and allocating resources; and
• establishing communication and consultation arrangements.
4. Implementation, including:
• developing an appropriate implementation plan including deadlines;
• identifying where, when and how different types of decisions are made, and by whom; and
• modifying the applicable decision-making processes where necessary
5. Evaluation, including:
• measuring framework performance against its purpose, implementation and behaviours; and
• determining whether it remains suitable to support achievement of objectives.
6. Improvement, including:
• continually monitoring and adapting the framework to address external and internal changes;
• taking actions to improve the value of risk management; and
• improving the suitability, adequacy and effectiveness of the RM framework
This review will highlight obvious opportunity areas where you will get the best return on investment.