RISK MANAGEMENT FOR INFRASTRUCTURE

Size: px
Start display at page:

Download "RISK MANAGEMENT FOR INFRASTRUCTURE"

Transcription

1 RISK MANAGEMENT FOR INFRASTRUCTURE CONTENTS 1.0 PURPOSE & SCOPE 2.0 DEFINITIONS 3.0 FLOWCHART 4.0 PROCEDURAL TEXT 5.0 REFERENCES 6.0 ATTACHMENTS This document is the property of Thiess Infraco and all rights are reserved in respect of it. This document may not be reproduced or disclosed in any manner whatsoever, in whole or in part, without the prior written consent of Thiess Infraco. Thiess Infraco expressly disclaims any responsibility for or liability arising from the use of this document by any third party. Revision Status Issue/ Rev. Date Revision Description By Checked Checked Approved A1 June 2001 Original Issue JG PD RB PS Thiess Infraco Page 1 of 15 TIC-ASM-CON-PP12/A1

2 1.0 PURPOSE AND SCOPE The purpose of this procedure is to detail the process for Risk Management associated with infrastructure. This procedure shall be read in conjunction with TIC-ASM-CON-PP13 Material Change to Infrastructure Asset Management and shall apply to all infrastructure asset systems. This procedure is based on AS/NZS 4360: 1999 Risk Management 2.0 DEFINITIONS Consequence. The outcome of an event expressed qualitatively or quantitatively, being a loss, injury, disadvcantage or gain. There may be a range of possible outcomes associated with an event. Cost is the cost of activities, both direct and indirect, involving any negative impact, including money, time, labour, disruption, goodwill, political and intangible losses. Event. An incident or situation, which occurs in a particular place during a particular interval of time. Failure Mode and Effects Analysis (FMEA). A procedure by which potential failure modes in a technical system are analysed. Can be extended to perform a failure modes effects and criticality analysis (FMECA). Each failure mode identified is ranked according to the combined influence of its likelihood of occurrence and the severity of its consequences. Frequency Measure of the rate of occurrence of an event expressed as the number of occurances of an event in a given time. Hazard. A source of potential harm or a situation with a potential to cause loss. Likelihood. Term used as a qualitative description of propability or frequency. Loss. Is any negative consequence, financial or otherwise. Monitor. Is to check, supervise, observe critically, or record the progress of an activity, action or system on a regular basis in order to identify change. Probability. Is the likelihood of a specific event or outcome, measured by the ratio of specific events events or outcomes to the total number of possible events or outcomes. Probability is expressed as a number between 0 and 1, with 0 indication an impossible event or outcome and 1 indication an event or outcome is certain. Risk. The chance of something happening that will have an impact upon objectives. It is measured in terms of consequence and likelihood. Risk Analysis. A systematic use of available information to determine how often specified events may occur and the magnitude of their consequences. Risk Assessment. The overall process of risk analysis and risk evaluation. Risk Control. That part of risk management which involves the implementation of policies, standards, procedures and physical changes to eliminate or minimize adverse Thiess Infraco Page 2 of 15 TIC-ASM-CON-PP12/A1

3 risk. Risk Evaluation. The process used to determine risk management priorities by comparing the level of risk against predetermined standards, target risk levels or other criteria. Risk Identification. The process of determining what can happen, why and how. Risk Management Process. The systematic application of management policies, procedures and pracrices to the task of establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risk. Sensitivity Analysis. Process for examining how the results of a calculation or model vary as individual assumptions are changed. Stakeholders. Those people and organizations who may affect, or be affected by, or perceive themselves to be affected by, a decision or activity. Thiess Infraco Page 3 of 15 TIC-ASM-CON-PP12/A1

4 8 Communicate & Consult RISK MANAGEMENT FOR INFRASTRUCTURE 3.0 FLOWCHART TIC-ASM-CON-PP12 1 Establish the Context - Stategic context - Organisational context - Risk management context - Develop risk evaluation criteria - Decide the structure 2 Identify the Risks - What can happen? - How can it happen 3 Analyse Risks Determine existing controls: - Determine likelihood - Determine consequences to estimate level of risk 7 Monitor & Review 4 Evaluate Risks - Compare against criteria - Set risk priorities 5 Accept risk Yes No 6 Treat Risks - Identify treatment options - Evaluate treatment options - Select treatment options - Prepare treatment plans - Implement plans Figure 1: Risk Management Process Thiess Infraco Page 4 of 15 TIC-ASM-CON-PP12/A1

5 1 Evaluated and ranked risk 2 Risk acceptable Yes 3 Accept No Identify Treatment options 5 Reduce likelihood 6 Reduce consequences 7 Transfer in full or in part 8 Avoid 9 Consider feasibility costs and benefits Communicate and consult Assess treatment options 10 Recommend treatment strategies 11 Select treatment strategy 4 Monitor and review Prepare treatment plans 12 Prepare trearment plans Implement treatment plans 13 Reduce likelihood 14 Reduce consequences 15 Transfer in full or in part 16 Avoid 17 Risk acceptable Yes 18 Retain No Figure 2: Risk Treatment Process Thiess Infraco Page 5 of 15 TIC-ASM-CON-PP12/A1

6 4.0 PROCEDURAL TEXT The Risk Management process in this procedure follows the basic steps detailed in the reference standard AS/NZS 4360: TIC-OHS-RSK-PP01 Risk Management details the processes for the management of risk at the working level for day to day activities. This procedure is for more formal documentation of risk involving proposed changes to infrastructure to meet the requirements of notification of material changes to the Department of Infrastructure. 4.1 Responsibilities Project managers, Manager Engineering, Manager Asset Management are responsible for ensuring a risk management study is undertaken to identify any impact on risk resulting from material changes to infrastructure. Line managers are responsible for risk management in the work place in accordance with TIC-OHS-RSK-PP Process Overview The process involves the following steps: Establishing the context; Identification of risks; Assessing the risks; - Analysing Risks - Evaluating Risks Treating Risks; Monitoring and reviewing Risks; and Communicating and consulting with stakeholders. The following paragraphs para-phrase the reference standard. 4.2 Establishing the Context Establishing the context involves the following: Establishing the strategic context; Establishing the organisational context; Establish the risk management context; Develop risk evaluation criteria; and Define the structure Establishing Strategic Context This step is focused on the environment in which the Thiess Infraco operates. The context includes financial, operational, competitive, political (public perceptions/image), social, client, cultural, and legal aspects. At this level and for broader studies it is appropriate to consider risks such as Health and safety (public and staff); Business interruption; Thiess Infraco Page 6 of 15 TIC-ASM-CON-PP12/A1

7 Public image/reputation; Equipment/asset damage Environmental damage Internal and external stakeholders are identified along with areas of potential impact. Communication policies with these parties need to be established Establish Organizational Context It is necessary to understand organizational capabilities, goals and objectives and the strategies in place to achieve them. Risk management takes place in the context of the wider goals, objectives and strategies. Failure to achieve objectives, or the specific activity, or the project being considered is one of the risks that need to be managed. Policy and goals help define the criteria by which it is decided whether a risk is acceptable or not, and form the basis of options for treatment Establish the Risk Management Context This step involves establishing goals, objectives, strategies, scope and parameters of the activity to which the risk management process is to be applied. Setting the scope and boundaries for the application of the risk management process involves: Defining the project or activity and establishing its goals and objectives; Defining the extent of the project in time and location; Identifying any studies needed; their scope, objectives, resources required, generic sources of risk, and areas of impact. Defining the extent and comprehensiveness of the risk management activities to be carried out. Factors to consider are: - Roles and responsibilities of various parts of the organisation(s) participating in managing the risk, - Relationships between the project or activity and other projects or activities being undertaken Develop Risk Evaluation Criteria Decide the criteria that risk is to be evaluated against. Decisions concerning risk acceptability and risk treatment will usually be based on operational, technical, financial, legal, or social (Public Relations or Environmental) criteria. The risk criteria must correspond to the type of risks and the way in which risk levels are expressed. Thiess Infraco Page 7 of 15 TIC-ASM-CON-PP12/A1

8 4.2.5 Define the Structure This step involves separating the activity or project into a set of elements. These elements provide a logical framework for identification and analysis, which helps ensure significant risks, are not overlooked. The structure chosen depends on the nature of the risks and the scope of the project or activity. For a material change that involves a change to infrastructure: The process of change (ie construction and commissioning) may be considered as one part of the exercise and the effect of the change considered as a separate study. The principle risks are considered to be: - Collision (PR1) - Injury to the public (PR2) - Injury to staff (PR3) - Derailment (PR4) - Infrastructure failure (PR5) - Rolling Stock failure (PR6) Other examples of Risk Types used in previous changes are: - Effect on public and employees - On time running - Equipment and asset damage - Legal liability - Equipment and asset damage - Public relations - Effect on the environment - Effect on user comfort 4.3 Risk Identification This step seeks to identify the risks to be managed. It should include all risks whether or not they are under control of Thiess Infraco. This step involves determining: What can happen How and why it can happen Tools and techniques to be used What can Happen The aim is to generate a comprehensive list of events, which might affect each element of the structure in paragraph above. These are considered in more detail to identify what can happen. Thiess Infraco Page 8 of 15 TIC-ASM-CON-PP12/A1

9 4.3.2 How and why it can happen Having identified a list of events, it is necessary to consider possible causes and scenarios. There are many ways an event can be initiated. It is important that no significant causes are omitted Tools and Techniques to be Used Checklists, judgements based on experience and records, flow charts, brain storming, systems analysis, scenario analysis and systems engineering techniques are the approaches used to identify risks. 4.4 Risk Analysis This step involves consideration of the sources of risk (events and hazards), their consequences and likelihood in the context of existing control measures. The objective is to separate the minor acceptable risks from the major risks, and to provide data to assist in the evaluation and treatment of risks. Excluded risks are to be listed, where possible to demonstrate the completeness of the risk analysis Determine Existing Controls It is necessary to identify existing management, technical systems and procedures to control risk and assess their strengths and weaknesses Consequences and Likelihood The consequences of an event and the likelihood of it occurring are assessed in the context of existing controls. Consequences and likelihood are combined to produce a level of risk. They may be determined by using statistical analysis or calculations, or where no data is available, by subjective estimates. Possible sources of information are: Past records Relevant experience Industry practice and experience Relevant published literature Experiments and prototypes Engineering models Specialist and expert judgements Techniques include: Structured interviews with experts in areas of interest Use of multi-disciplinary groups of experts Individual evaluation using questionnaires Use of computer and other modelling Use of fault trees and event trees FMECA (failure modes, effect and criticallity analysis). Thiess Infraco Page 9 of 15 TIC-ASM-CON-PP12/A1

10 4.4.3 Types of Analysis The types of analysis are: Qualitative analysis Semi-quantitative analysis Quantitative analysis Quantitative analysis is usually undertaken to provide a general indication of the level of risk initially. Where appropriate this is followed by a more specific quantitative analysis Qualitative Analysis Uses word form or descriptive scales to describe the magnitude of potential consequences and the likelihood that those consequences will occur. The scale s are adapted or adjusted to suit the circumstances. Table 1 shows Qualitative Measures of Consequence. Table 1 shows Qualitative Measures of Likelihood. Table 3 shows a Qualitative Risk Analysis Matrix Level of Risk. Table 4 shows examples of consequences and qualitative measures that were used for a risk analysis for a speed increase. Level Descriptor Example detail description 1 Insignificant No injuries, low financial loss 2 Minor First aid treatment, dealt with internally, medium financial loss 3 Moderate Medical treatment required, external assistance required, high financial loss 4 Major Extensive injuries, loss of operational capabilities, major financial loss 5 Catastrophic Death(s), business seriously threatened Table 1: Qualitative Measures of Consequence Level Descriptor Example detail description A Almost certain Is expected to occur in most circumstances B Likely Will probably occur in most circumstances C Possible Might occur at some time D Unlikely Could occur at some time E Rare May occur only in exceptional circumstances Table 2: Qualitative Measures of Likelihood Thiess Infraco Page 10 of 15 TIC-ASM-CON-PP12/A1

11 Likelihood Insignificant 1 Minor 2 Consequences Moderate 3 Major 4 Catastrophic 5 A (Almost certain) H H E E E B (Likely) M H H E E C (Possible) L M H E E D (Unlikely) L L M H E E (Rare) L L M H H Table 3: Qualitative Risk Analysis Matrix Risk Criteria E: Extreme risk; immediate action required to reduce risk. H: High risk; senior management attention needed. M: Moderate risk; management responsibility must be specified. L: Low risk; Risk generally acceptable, manage further by routine procedures Effect on Public and Employees 1. Fatalities and permanent disability 2. Serious lost time injury or illness 3. Moderate lost time injury or illness 4. Minor lost time injury or illness 5. No lost time On Time Running (OTR) 1. Major cancellation (more than one line) 2. Cancellation (one line) 3. Transposition s 4. Delays > 3 minutes 5. Delays < 3 minutes Legal Liability Equipment And asset Damage($) Public Relations 1. >$500K 1. >$500K 1. Loss of accreditation 2. $100K - $500K loss 3. $50K - $100K loss 4. 5K - $50K loss 5. Less than $5K loss 2. $100K - $500K loss 3. $50K - $100K loss 4. 5K - $50K loss 5. Less than $5K loss 2. Major negative media coverage Effect on environment 1.>$500K 2. $100K - $500K loss remediation costs Local actions $50K - $100K loss remediation costs Customer complaints (phone calls, letters) 5. on site complaints 4. 5K - $50K loss remediation costs 5. Less than $5K loss remediation costs Effect on user comfort 1. Extremely rough ride 2. Very rough ride 3. Rough ride 3. Noticeably rough ride 5. No discomfort in ride Table 4 Examples of Consequences with Quantitative Measures Semi-quantitative Analysis For a semi-quantitative analysis, qualitative scales (extreme, high, moderate, and low) are given values. The objective is to produce a more detailed prioritization than is usually Thiess Infraco Page 11 of 15 TIC-ASM-CON-PP12/A1

12 achieved in a qualitative analysis. Table 5 provides an example of this. Note: The consequences in Table 4 are list in reverse order to Table 1. Table 5 cannot be used with Table 1. Tables 4 and 5 were used in courses run by Alara. CONSEQUENCES PROBABILITY A B C D E Table 5: Semi-qualitative Risk Ranking Quantitative Analysis This approach uses numerical values for both consequences and likelihood using data from a variety of sources (see paragraph 4.4.2). Consequences may be expressed in terms of monetary, Technical or human criteria similar to Table 5 above. Likelihood is usually expressed as a probability, a frequency, or a combination of exposure and probability. 4.5 Risk Evaluation This step involves comparing the level of risk found during the analysis process with previously established criteria. The output of a risk evaluation is a prioritized list of risks for further action. If resulting risks fall into the low or acceptable risk categories they may be accepted with minimal further treatment. Low and accepted risks should be monitored and periodically reviewed to ensure they remain acceptable. Risks not falling into low or acceptable risk category should be treated one or more of the following options below. 4.6 Risk Treatment Risk treatment involves identifying the range of options for treating risk, assessing those options, preparing risk treatment plans and implementing them Identifying Options for Risk Treatment Figure 2 illustrates the risk treatment process. Options are: Avoid the risk Reduce the likelihood of occurrence. Reduce the consequences. Thiess Infraco Page 12 of 15 TIC-ASM-CON-PP12/A1

13 Transfer the risk. Retain the risk Measures to reduce consequence and likelihood are referred to as risk controls. Examples of measures for reducing or controlling likelihood are: - Audit and compliance programs - Formal reviews of requirements, specifications, design, engineering and operations - Inspection and process controls - Preventive maintenance - Quality assurance, management and standards - Research and development, technological development - Structured training - Supervision - Testing, trials - Technical controls - Organisational arrangements. Examples of measures for reducing or controlling consequence are: - Contingency planning - Contract conditions - Design features - Disaster recovery plans - Engineering and structural barriers - Minimising exposure to sources of risk - Separation or relocation of an activity and resources Assessing Risk Treatment options Options are assessed based on the extent of risk reduction and the extent of additional benefits or opportunities created. Selection of the most appropriate option(s) involves balancing the cost of implementing each option against the benefits derived from it. The cost of managing risks needs to be commensurate with the benefits obtained. Where large reductions in risk may be achieved with relatively low cost, they should be implemented. Rare but severe risks may warrant risk reduction measures although not justifiable on economic grounds. The adverse impact of risks should be made as low as reasonably practicable, irrespective of any absolute criteria. Risk treatment options consider how risk is perceived by the affected parties and the most appropriate ways to communicate to those parties Preparing Treatment Plans Plans document how the chosen options shall be implemented. Plans identify responsibilities, schedules, the expected outcome of treatments, budgeting, performance measures and the review process to be put in place. Thiess Infraco Page 13 of 15 TIC-ASM-CON-PP12/A1

14 4.6.4 Implementing treatment Plans Responsibility for treatment of risk should be borne by those best able to control the risk. Responsibilities should be agreed between the parties at the earliest possible opportunity. If after treatment there is a residual risk, a decision shall be taken as to whether to retain that risk or repeat the risk treatment process. 4.7 Monitoring and Review Risks, effectiveness of risk treatment plan, strategies and the management system used to set up control implementation all need to be monitored. Risks and the effectiveness of control measures need to be monitored to ensure circumstances do not alter risk priorities. Ongoing review is necessary to ensure that the management plan remains relevant. 4.8 Communication and Consultation Communication and consultation need to be considered at each step of the risk management process. A communication plan for both internal and external stakeholders needs to be developed as early as possible. The plan should address issues relating to both the risk itself and the process to manage it. Perceptions of risk can vary, due to differences in assumptions and concepts and the needs, issues and concerns of stakeholders as they relate to the risk or the issues under discussion. Stakeholders are likely to make judgements of the acceptability of a risk based on their perception of risk. Stakeholders can have a significant impact on decisions made. It is important that their perceptions of risk and benefits are identified, documented, and understood. 4.9 Documentation Requirements A risk assessment and development of a risk management strategy needs to be documented in an appropriate report comprising the following structure: Title Page Executive Summary Introduction Brief description of the risk management process: - How the context was established - Identification of the risks - Assessment of the risks - Treatment of the unacceptable risks - How monitoring and review was undertaken - How consultation and communication was executed Description of Definitions used: - Incident/risk categories - Probability - Consequence - Risk ranking Results: Thiess Infraco Page 14 of 15 TIC-ASM-CON-PP12/A1

15 - Risk Register - Risk treatment schedule and plan - Risk action Plan Summary of recommendations for new controls to put in place. Examples of forms to document the risk analysis are: Risk Register TIC-ASM-CON-PP12-PF01 (Attachment 1). Risk Treatment Schedule and Plan TIC-ASM-CON-PP12-PF02 (Attachment 2). Risk Action Plan TIC-ASM-CON-PP12-PF03 (Attachment 3) 5.0 REFERENCES TIC-ASM-CON-PP01 - Material Change to Infrastructure Asset Management AS/NZS 4360: Risk Management AS : 1995 Railway Safety Management Standard Conditions of Accreditation under the provisions of the Transport Act ATTACHMENTS TIC-ASM-CON-PP12-PF01 TIC-ASM-CON-PP12-PF02 TIC-ASM-CON-PP12-PF03 Risk Register Risk Treatment Schedule and Plan Risk Action Plan Thiess Infraco Page 15 of 15 TIC-ASM-CON-PP12/A1

Core Infrastructure Risk Management Plan

Core Infrastructure Risk Management Plan SHIRE OF MOUNT MAGNET Roads and Buildings Core Infrastructure Risk Management Plan Version 1 May 2013 AM4SRRC Document Control Asset Management for Small, Rural or Remote Communities Document ID: 59_280_110211

More information

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: POL ENTERPRISE RISK MANAGEMENT SC51 POLICY CODE: SC51 DIRECTORATE: Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT: Executive Support Services RESPONSIBLE OFFICER:

More information

AFTRS Health and Safety Risk Management Policy

AFTRS Health and Safety Risk Management Policy AFTRS Health and Safety Risk Management Policy Responsible Officer Contact Officer Authorisation Director, Corporate and Student Services Head of Human Resources Chief Executive Officer Effective Date

More information

Hazard Identification, Risk Assessment and Management Procedure. Documentation Control

Hazard Identification, Risk Assessment and Management Procedure. Documentation Control Hazard Identification, Risk Assessment and Management Procedure Reference: Date approved: Approving Body: Implementation Date: Version: 3 Documentation Control GG/CM/007 Trust Board Supersedes: Version

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Council policy Approved Manager Organisational Development Risk Management Committee Council DATE ADOPTED:

More information

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Risk Management: Coordinated activities to direct and control an organisation with regard to risk. POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic

More information

CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY

CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY CORP 600 RISK MANAGEMENT POLICY Purpose In March 2003, the Australian Stock Exchange (ASX) Corporate Governance Council released the first version of its

More information

Pocket Guide to Clinical Risk Management

Pocket Guide to Clinical Risk Management TOOLKIT FOR MANAGING RISK IN HEALTH CARE TOOLKIT Pocket Guide to Clinical Risk Management ACKNOWLEDGEMENTS The Pocket Guide to Clinical Risk Management is designed to support Area Health Service Executives

More information

A Risk Management Standard

A Risk Management Standard A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management

More information

Risk Assessment Tool and Guidance (Including guidance on application)

Risk Assessment Tool and Guidance (Including guidance on application) Risk Assessment Tool and Guidance (Including guidance on application) Document reference number Revision number OQR012 Document developed by 5 Document approved by Revision date October 2011 Responsibility

More information

Risk Management Policy and Framework

Risk Management Policy and Framework Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871

More information

Title: OHS Risk Management Procedure

Title: OHS Risk Management Procedure Issue Date: July 2011 Review Date: July 2013 Page Number: 1 of 9 1. Purpose: To outline the methodology by which Department of Education and Early Childhood Development (DEECD) identifies, assesses, controls

More information

Managing Risk in Procurement Guideline

Managing Risk in Procurement Guideline Guideline DECD 14/10038 Managing Risk in Procurement Guideline Summary The Managing Risk in Procurement Guideline assists in the identification and minimisation of risks involved in the acquisition of

More information

The Lowitja Institute Risk Management Plan

The Lowitja Institute Risk Management Plan The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute

More information

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014 An Introduction to Risk Management For Event Holders in Western Australia May 2014 Tourism Western Australia Level 9, 2 Mill Street PERTH WA 6000 GPO Box X2261 PERTH WA 6847 Tel: +61 8 9262 1700 Fax: +61

More information

Hazard Identification, Risk Assessment and Control Management

Hazard Identification, Risk Assessment and Control Management The Paraplegic and Quadriplegic Association of SA Inc Hazard Identification, Risk Assessment and Control Management STATEMENT The Paraplegic and Quadriplegic Association of South Australia Incorporated

More information

Project Risk Management

Project Risk Management Project Risk Management Study Notes PMI, PMP, CAPM, PMBOK, PM Network and the PMI Registered Education Provider logo are registered marks of the Project Management Institute, Inc. Points to Note Risk Management

More information

Risk Assessment Tool and Guidance (Including guidance on application)

Risk Assessment Tool and Guidance (Including guidance on application) Risk Assessment Tool and Guidance (Including guidance on application) June 2008 Document Reference Number OQR012 Document Drafted By Office of Quality and Risk Revision Number 4 Document Ms. Edwina Dunne,

More information

3.0 Risk Assessment and Analysis Techniques and Tools

3.0 Risk Assessment and Analysis Techniques and Tools 3.0 Risk Assessment and Analysis Techniques and Tools Risks are determined in terms of the likelihood that an uncontrolled event will occur and the consequences of that event occurring. Risk = Likelihood

More information

6. Risk management plans for high risk activities and special events

6. Risk management plans for high risk activities and special events 6. Risk management plans for high risk activities and special events What is a high risk activity or special event? The answer to this question will be different for every organisation. A high risk activity

More information

POLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization

POLICY. Number: 7311-10-005 Title: Enterprise Risk Management. Authorization POLICY Number: 7311-10-005 Title: Enterprise Risk Management Authorization [ ] President and CEO [ X] Vice President, Finance and Corporate Services Source: Director, Enterprise Risk Management Cross Index:

More information

Quality and Engagement Sub Committee

Quality and Engagement Sub Committee Quality and Engagement Sub Committee 12 June 2012 Corporate Risk Register and Risk Management Strategy Executive Summary As part of authorisation, Blackpool Clinical Commissioning Group (CCG) must identify

More information

identify hazards, analyze or evaluate the risk associated with that hazard, and determine appropriate ways to eliminate or control the hazard.

identify hazards, analyze or evaluate the risk associated with that hazard, and determine appropriate ways to eliminate or control the hazard. What is a risk assessment? Risk assessment is the process where you: identify hazards, analyze or evaluate the risk associated with that hazard, and determine appropriate ways to eliminate or control the

More information

Guidance for Industry: Quality Risk Management

Guidance for Industry: Quality Risk Management Guidance for Industry: Quality Risk Management Version 1.0 Drug Office Department of Health Contents 1. Introduction... 3 2. Purpose of this document... 3 3. Scope... 3 4. What is risk?... 4 5. Integrating

More information

Motivations. spm - 2014 adolfo villafiorita - introduction to software project management

Motivations. spm - 2014 adolfo villafiorita - introduction to software project management Risk Management Motivations When we looked at project selection we just took into account financial data In the scope management document we emphasized the importance of making our goals achievable, i.e.

More information

4. Critical success factors/objectives of the activity/proposal/project being risk assessed

4. Critical success factors/objectives of the activity/proposal/project being risk assessed ARTC Risk Management Work Instruction 2: 1. Conduct Risk Assessment Workshop This Work Instruction provides general guidelines for conducting a generic Risk Assessment workshop. The instructions supplement

More information

G8 Education Limited ABN: 95 123 828 553. Risk Management Policy and Risk Management Framework

G8 Education Limited ABN: 95 123 828 553. Risk Management Policy and Risk Management Framework G8 Education Limited ABN: 95 123 828 553 Risk Management Policy and Risk Management Framework Table of Contents Introduction... 4 Policy Statement... 4 Policy Conditions... 4 Responsibilities... 4 Implementation

More information

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) 7917134922 E-Mail: elindsay@blueyonder.co.

Edwin Lindsay Principal Consultant. Compliance Solutions (Life Sciences) Ltd, Tel: + 44 (0) 7917134922 E-Mail: elindsay@blueyonder.co. Edwin Lindsay Principal Consultant, Tel: + 44 (0) 7917134922 E-Mail: elindsay@blueyonder.co.uk There were no guidelines/ regulations There was no training No Procedures No Inspectors Inform All staff of

More information

Computer Security Lecture 13

Computer Security Lecture 13 Computer Security Lecture 13 Risk Analysis Erland Jonsson (based on material from Lawrie Brown) Department of Computer Science and Engineering Chalmers University of Technology Sweden Security Management

More information

Risk Management & Assessment at UQ

Risk Management & Assessment at UQ Risk Management & Assessment at UQ Course Overview: This training module has been developed for workers at the University of Queensland, and forms part of the OH&S training program at UQ. The aim of this

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012

More information

Project Risk Analysis toolkit

Project Risk Analysis toolkit Risk Analysis toolkit MMU has a corporate Risk Management framework that describes the standard for risk management within the university. However projects are different from business as usual activities,

More information

Business Continuity Management Policy

Business Continuity Management Policy Business Continuity Management Policy May 2009 Document Document drafted by Office of Quality and Risk Reference Number OQR032 Document approved by Ms. E. Dunne, Head of Quality and Risk Revision Number

More information

Quality Risk Management The Pharmaceutical Experience Ann O Mahony Quality Assurance Specialist Pfizer Biotech Grange Castle

Quality Risk Management The Pharmaceutical Experience Ann O Mahony Quality Assurance Specialist Pfizer Biotech Grange Castle Quality Risk Management 11 November 2011 Galway, Ireland Quality Risk Management The Pharmaceutical Experience Ann O Mahony Quality Assurance Specialist Pfizer Biotech Grange Castle Overview Regulatory

More information

Risk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1

Risk Assessment for Medical Devices. Linda Braddon, Ph.D. Bring your medical device to market faster 1 Risk Assessment for Medical Devices Linda Braddon, Ph.D. Bring your medical device to market faster 1 My Perspective Work with start up medical device companies Goal: Making great ideas into profitable

More information

ERM Program. Enterprise Risk Management Guideline

ERM Program. Enterprise Risk Management Guideline ERM Program Enterprise Management Guideline Table of Contents PREAMBLE... 2 When should I refer to this Guideline?... 3 Why do we need a Guideline?... 4 How do I use this Guideline?... 4 Who is responsible

More information

Risk Assessment and Management. Allen L. Burgenson Manager, Regulatory Affairs Lonza Walkersville Inc.

Risk Assessment and Management. Allen L. Burgenson Manager, Regulatory Affairs Lonza Walkersville Inc. Risk Assessment and Management Allen L. Burgenson Manager, Regulatory Affairs Lonza Walkersville Inc. Standard Disclaimer Standard Disclaimer: This presentation is the opinion of the presenter, and does

More information

Bedford Group of Drainage Boards

Bedford Group of Drainage Boards Bedford Group of Drainage Boards Risk Management Strategy Risk Management Policy January 2010 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

A Guide to Risk Assessment in Ship Operations

A Guide to Risk Assessment in Ship Operations (June 2012) A Guide to Risk Assessment in Ship Operations INTRODUCTION Although it is not often referred to as such, the development and implementation of a documented safety management system is an exercise

More information

Controlling Risks Risk Assessment

Controlling Risks Risk Assessment Controlling Risks Risk Assessment Hazard/Risk Assessment Having identified the hazards, one must assess the risks by considering the severity and likelihood of bad outcomes. If the risks are not sufficiently

More information

Title: Rio Tinto management system

Title: Rio Tinto management system Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23

More information

DIT HEALTH AND SAFETY OFFICE

DIT HEALTH AND SAFETY OFFICE DIT HEALTH AND SAFETY OFFICE PROCEDURE TITLE Risk Assessment Procedure REVISION NO.: 5 NUMBER OF PAGES: 8 REFERENCE: Parent Health and Safety Statement Risk Assessment Template (DITRAT) Safety Inspection

More information

PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT PROJECT RISK MANAGEMENT DEFINITION OF A RISK OR RISK EVENT: A discrete occurrence that may affect the project for good or bad. DEFINITION OF A PROBLEM OR UNCERTAINTY: An uncommon state of nature, characterized

More information

Safety Management Systems (SMS) guidance for organisations

Safety Management Systems (SMS) guidance for organisations Safety and Airspace Regulation Group Safety Management Systems (SMS) guidance for organisations CAP 795 Published by the Civil Aviation Authority, 2014 Civil Aviation Authority, CAA House, 45-59 Kingsway,

More information

Risk Management. Policy

Risk Management. Policy Policy Risk Management Endorsed: 26 February 2014 Brief description The GPC Risk Management Policy and its supporting standards and procedures provide a framework to ensure that risks arising from our

More information

RISK MANAGEMENT POLICY. Version 3

RISK MANAGEMENT POLICY. Version 3 RISK MANAGEMENT POLICY Version 3 Version: Version 3 Version 3 Authors: Liz Hollman, Mary Klaus, Sarah Langan-Hart Approved by: Healthcare Governance Committee Trust Board Approved date: May 2009 Review

More information

Version: 3.0. Effective From: 19/06/2014

Version: 3.0. Effective From: 19/06/2014 Policy No: RM66 Version: 3.0 Name of Policy: Business Continuity Planning Policy Effective From: 19/06/2014 Date Ratified 05/06/2014 Ratified Business Service Development Committee Review Date 01/06/2016

More information

Guidance on Risk Assessment and Control

Guidance on Risk Assessment and Control Guidance on Risk Assessment and Control Page 1 of 18 CONTENTS Section Page Executive Summary 2. FLOWCHART 4. 1. Introduction and Scope 5. Hierarchy of risk control 5. Definitions 5. 2. Related Documents

More information

Risk Management Procedure

Risk Management Procedure Purpose of this document Develop and document procedures and work instructions for Risk Management to cover the project Stages set out in the Project Process Map. The purpose of this procedure is to identify

More information

Infrastructure Risk Management Plan Template

Infrastructure Risk Management Plan Template - 1 - Local Government Association of South Australia Sustainable Asset Management in SA Infrastructure Risk Management Plan Template GUIDELINES V5 DRAFT FOR PILOT COUNCIL REVIEW Prepared by Sept 2006

More information

Removal of Gender Restrictions on Australian Defence Force Combat Role Employment Categories

Removal of Gender Restrictions on Australian Defence Force Combat Role Employment Categories Removal of Gender Restrictions on Australian Defence Force Combat Role Employment Categories Risk Management Plan INTENTIONALLY BLANK 1. Introduction The purpose of this Risk Management Plan (RMP) is to

More information

SECURITY MANAGEMENT Produce security risk assessments

SECURITY MANAGEMENT Produce security risk assessments 1 of 6 level: 6 credit: 20 planned review date: March 2007 sub-field: purpose: Security This unit standard is for people who work, or intend to work, as security managers or security consultants, and who

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...

More information

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise 4. Embedding

More information

RiskManagement ESIEE 06/03/2012. Aloysius John March 2012

RiskManagement ESIEE 06/03/2012. Aloysius John March 2012 RiskManagement MOTIS ESIEE 06/03/2012 Aloysius John March 2012 Risk Management is a Introduction Process for Project manager to identify factors that may more or less affect the success or the achievement

More information

Guidance note. Risk Assessment. Core concepts. N-04300-GN0165 Revision 4 December 2012

Guidance note. Risk Assessment. Core concepts. N-04300-GN0165 Revision 4 December 2012 Guidance note N-04300-GN0165 Revision 4 December 2012 Risk Assessment Core concepts The operator of an offshore facility must conduct a detailed and systematic formal safety assessment, which includes

More information

Appendix V Risk Management Plan Template

Appendix V Risk Management Plan Template Appendix V Risk Management Plan Template Version 2 March 7, 2005 This page is intentionally left blank. Version 2 March 7, 2005 Title Page Document Control Panel Table of Contents List of Acronyms Definitions

More information

PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT 11 PROJECT RISK MANAGEMENT Project Risk Management includes the processes concerned with identifying, analyzing, and responding to project risk. It includes maximizing the results of positive events and

More information

RISK MANAGEMENT STRATEGY

RISK MANAGEMENT STRATEGY RISK MANAGEMENT STRATEGY 1 Introduction The purpose of this document is to outline a which facilitates the effective recognition and management of risks facing the University. The Combined Code on Corporate

More information

RISK ASSESSMENT. Australian Risk Management Standard AS/NZS 4360:200 defines a risk as;

RISK ASSESSMENT. Australian Risk Management Standard AS/NZS 4360:200 defines a risk as; RISK ASSESSMENT Australian Risk Management Standard AS/NZS 4360:200 defines a risk as; the possibility of something happening that impacts on your objectives. It is the chance to either make a gain or

More information

1.20 Appendix A Generic Risk Management Process and Tasks

1.20 Appendix A Generic Risk Management Process and Tasks 1.20 Appendix A Generic Risk Management Process and Tasks The Project Manager shall undertake the following generic tasks during each stage of Project Development: A. Define the project context B. Identify

More information

Power plant safety: a wise business move

Power plant safety: a wise business move Power plant safety: a wise business move Power plant safety: a wise business move Going to work in a controlled and safe environment is not an unreasonable expectation for any worker. In many occupations,

More information

University Audit and Compliance

University Audit and Compliance Risk Assessment Process Enterprise-Wide Risk Assessment Risk Assessment Process Risk Assessment: A disciplined, documented, and ongoing process of identifying and analyzing the effect of relevant risks

More information

Discipline: Technical Services Category: Procedure. Risk Management RM-01 2013. Applicability. ARTC Network Wide. Interstate Network.

Discipline: Technical Services Category: Procedure. Risk Management RM-01 2013. Applicability. ARTC Network Wide. Interstate Network. Discipline: Technical Services Category: Procedure Risk Management RM-01 2013 Applicability ARTC Network Wide Interstate Network Hunter Valley Document Status Version Prepared by Reviewed by Endorsed Approved

More information

Safety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS. April 2008 1

Safety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS. April 2008 1 Safety Regulation Group SAFETY MANAGEMENT SYSTEMS GUIDANCE TO ORGANISATIONS April 2008 1 Contents 1 Introduction 3 2 Management Systems 2.1 Management Systems Introduction 3 2.2 Quality Management System

More information

Project Risk Management. Presented by Stephen Smith

Project Risk Management. Presented by Stephen Smith Project Risk Management Presented by Stephen Smith Introduction Risk Management Insurance Business Financial Project Risk Management Project A temporary endeavour undertaken to create a unique product

More information

Analyzing Risks in Healthcare. February 12, 2014

Analyzing Risks in Healthcare. February 12, 2014 Analyzing s in Healthcare February 12, 2014 1 Content What is Enterprise Management (ERM) ERM Benefits ERM Standards / ISO 31000:2009 ERM Process Register ERM Governance Model s Q&A 2 What is Enterprise

More information

AN INTRODUCTION BOOKLET FOUR

AN INTRODUCTION BOOKLET FOUR 4 AVIATION RISK MANAGEMENT AN INTRODUCTION Civil AVIATION AuthORITy of New Zealand BOOKLET FOUR PUBLISHED: JUNE 2013 Preface The Civil Aviation Authority (CAA) published Advisory Circular AC00-4 Safety

More information

Risk Management & Internal Compliance and Control System

Risk Management & Internal Compliance and Control System Risk Management & Internal Compliance and Control System Risk Management SAI Global ( the Company ) recognises that risk management is an integral part of good management practice. Risk Management is an

More information

Risk Assessment Policy and Procedures

Risk Assessment Policy and Procedures Health and Safety Services 1 Contents Page No. 1. Introduction 4 2. Responsibilities 4 3. Definitions 5 4. Hazard Identification 5 5. Risk Evaluation and Estimation 7 6. Risk Control 10 7. Communication

More information

Council Meeting Agenda 27/07/15

Council Meeting Agenda 27/07/15 3 Risk Management Framework Abstract Council s Risk Management Framework ( the Framework ) was adopted by Council in 2012. The Framework provides structure and guidance to Council s risk management activities

More information

Occupational safety risk management in Australian mining

Occupational safety risk management in Australian mining IN-DEPTH REVIEW Occupational Medicine 2004;54:311 315 doi:10.1093/occmed/kqh074 Occupational safety risk management in Australian mining J. Joy Abstract Key words In the past 15 years, there has been a

More information

Preferred Practice Notes

Preferred Practice Notes Preferred Practice Notes for organisers proposing events or filming activities in Birmingham on the public highway or in council managed areas of the City. Film Birmingham Birmingham Museum & Art Gallery

More information

Policy 10.105: Enterprise Risk Management Policy

Policy 10.105: Enterprise Risk Management Policy Name: Responsibility: Complements: Enterprise Risk Management Framework Coordinator, Enterprise Risk Management Policy 10.105: Enterprise Risk Management Policy Date: November 2006 Revision Date(s): January

More information

Hazard Identification, Risk Assessment and Control Procedure

Hazard Identification, Risk Assessment and Control Procedure Hazard Identification, Risk Assessment and Control Procedure 1. Purpose To ensure that there is a formal process for hazard identification, risk assessment and control to effectively manage workplace and

More information

Designing an Effective Risk Matrix

Designing an Effective Risk Matrix Designing an Effective Risk Matrix HENRY OZOG INTRODUCTION Risk assessment is an effective means of identifying process safety risks and determining the most cost-effective means to reduce risk. Many organizations

More information

Management and Reporting of Undergraduate Nurse Incidents During Clinical Placement at RCH

Management and Reporting of Undergraduate Nurse Incidents During Clinical Placement at RCH Management and Reporting of Undergraduate Nurse Incidents During Clinical Placement at RCH Management and Reporting of Undergraduate Nurse Incidents During Clinical Placement at RCH Overview The purpose

More information

Revenue Scotland. Risk Management Framework

Revenue Scotland. Risk Management Framework Revenue Scotland Risk Management Framework Contents 1. Introduction... 3 1.1 Overview of risk management... 3 2. Policy statement... 4 3. Risk management approach... 5 3.1 Risk management objectives...

More information

LIABILITY RISK MANAGEMENT PROCESS

LIABILITY RISK MANAGEMENT PROCESS LIABILITY RISK MANAGEMENT PROCESS CONTENTS 1. INTRODUCTION 2 2. STEPS IN THE RISK MANAGEMENT PROCESS 2 2.2. Communicate and consult 4 2.3. Establish context 4 2.4. Identify Risks 14 2.5. Analyse Risks

More information

Guide to Developing Risk Management Plans for Sport & Active Recreation Clubs

Guide to Developing Risk Management Plans for Sport & Active Recreation Clubs Guide to Developing Risk Management Plans for Sport & Active Recreation Clubs No single risk management model fits every organisation. Different governance and administrative structures, and varying activities

More information

Nova Scotia EMO. Hazard Risk Vulnerability Assessment (HRVA) Model. Guidelines for Use. October, 2010

Nova Scotia EMO. Hazard Risk Vulnerability Assessment (HRVA) Model. Guidelines for Use. October, 2010 Nova Scotia EMO Hazard Risk Vulnerability Assessment (HRVA) Model Guidelines for Use October, 2010 EMO NS Hazard Risk Vulnerability Assessment Model Page 1 of 10 Table of Contents 1. Background 2. Definitions

More information

A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000

A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 A structured approach to Enterprise Risk Management (ERM) and the requirements of ISO 31000 Contents Executive summary Introduction Acknowledgements Part 1: Risk, risk management and ISO 31000 1 Nature

More information

14.1 Risk Identification and Assessment TEMPLATE.docx. Existing Controls

14.1 Risk Identification and Assessment TEMPLATE.docx. Existing Controls FORM 14.1 RISK IDENTIFICATION AND ASSESSMENT TEMPLATE Site: Assessment completed by: Date: Area Assessed Describe the specific location of the hazard What are the Hazards? Existing Controls What actions

More information

SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY

SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY 1. POLICY STATEMENT Having regard to AS/NZS ISO 31000 Risk Management, it shall be the Policy of SRW to manage risk to protect public safety, quality

More information

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand

Integration of Risk Management and Internal Audit. Chartered Institute of Management Accountants, New Zealand Integration of Risk Management and Internal Audit Chartered Institute of Management Accountants, New Zealand Contents Understanding the three lines of defense governance model What is Risk? Risk Management

More information

RISK MANAGEMENT FOR COMMUNITY GROUPS. ESTABLISH THE CONTEXT The Strategic Context The Organisational Context The Risk Management Context

RISK MANAGEMENT FOR COMMUNITY GROUPS. ESTABLISH THE CONTEXT The Strategic Context The Organisational Context The Risk Management Context RISK MANAGEMENT FOR COMMUNITY GROUPS Develop Assessment Criteria ESTABLISH THE CONTEXT The Strategic Context The Organisational Context The Risk Management Context Decide the structure IDENTIFY RISKS What

More information

Clinical Risk Management: Agile Development Implementation Guidance

Clinical Risk Management: Agile Development Implementation Guidance Document filename: Directorate / Programme Document Reference NPFIT-FNT-TO-TOCLNSA-1306.02 CRM Agile Development Implementation Guidance v1.0 Solution Design Standards and Assurance Project Clinical Risk

More information

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

Project Management Competency Standards

Project Management Competency Standards BSB01 Business Services Training Package Project Management Competency Standards CONTENTS BSBPM401A Apply scope management techniques...3 BSBPM402A Apply time management techniques...8 BSBPM403A Apply

More information

Network Risk Assessment Guideline

Network Risk Assessment Guideline Network Risk Assessment Guideline Network Risk Assessment Guideline Table of Contents Revision history... ii 1. Purpose and Scope... 1 2. Definitions, Abbreviations and Acronyms... 1 3. References... 2

More information

HQMC 20 Aug 04 E R R A T U M. to MCO 3500.27B OPERATIONAL RISK MANAGEMENT (ORM)

HQMC 20 Aug 04 E R R A T U M. to MCO 3500.27B OPERATIONAL RISK MANAGEMENT (ORM) HQMC 20 Aug 04 E R R A T U M to MCO 3500.27B OPERATIONAL RISK MANAGEMENT (ORM) 1. For administrative purposes, the Publications Control Number (PCN) has been reidentified. Change the PCN "10203352700"

More information

GUIDANCE MATERIAL GUIDANCE ON THE USE OF POSITIVE PERFORMANCE INDICATORS TO IMPROVE WORKPLACE HEALTH AND SAFETY

GUIDANCE MATERIAL GUIDANCE ON THE USE OF POSITIVE PERFORMANCE INDICATORS TO IMPROVE WORKPLACE HEALTH AND SAFETY GUIDANCE MATERIAL GUIDANCE ON THE USE OF POSITIVE PERFORMANCE INDICATORS TO IMPROVE WORKPLACE HEALTH AND SAFETY Office of the Australian Safety and Compensation Council NOVEMBER 2005 IMPORTANT NOTICE The

More information

Internal Audit Report Disaster Recovery / Business Continuity Planning

Internal Audit Report Disaster Recovery / Business Continuity Planning Audit Committee, 28 November 2013 Internal Audit Report Disaster Recovery / Business Continuity Planning Executive summary and recommendations Introduction As part of the Internal Audit Plan for 2013-14,

More information

CHAPTER 33 R&M FAILURE MODES, EFFECTS (AND CRITICALITY) ANALYSES (FMEA/FMECA) CONTENTS

CHAPTER 33 R&M FAILURE MODES, EFFECTS (AND CRITICALITY) ANALYSES (FMEA/FMECA) CONTENTS Applied R&M Manual for Defence Systems Part C - R&M Related Techniques CHAPTER 33 R&M FAILURE MODES, EFFECTS (AND CRITICALITY) ANALYSES (FMEA/FMECA) CONTENTS Page 1 Introduction 2 2 Scope 2 3 Benefits

More information

Risk Assessment: An introduction

Risk Assessment: An introduction Preamble The purpose of a risk assessment is to systematically identify all of the risks associated with a task, activity or process, and put appropriate controls in place to eliminate or reduce the risks

More information

RISK MANAGEMENT STRATEGY 2013-2016

RISK MANAGEMENT STRATEGY 2013-2016 RISK MANAGEMENT STRATEGY 2013-2016 As presented and endorsed by the Mornington Peninsula Shire s Audit Committee at its meeting of 20 February, 2013 and subsequent adoption by Council at its meeting of

More information

POLICY : CORPORATE RISK MANAGEMENT

POLICY : CORPORATE RISK MANAGEMENT APPENDIX 5 POLICY : CORPORATE RISK MANAGEMENT 1 Scope This is a Service wide policy. 2 Aims and Objectives Lancashire Combined Fire Authority provides services to a diverse range of people and organisations,

More information

Business Continuity Plan

Business Continuity Plan Business Continuity Plan October 2007 Agenda Business continuity plan definition Evolution of the business continuity plan Business continuity plan life cycle FFIEC & Business continuity plan Questions

More information

Information security risk management using ISO/IEC 27005:2008

Information security risk management using ISO/IEC 27005:2008 Information security risk management using ISO/IEC 27005:2008 Hervé Cholez / Sébastien Pineau Centre de Recherche Public Henri Tudor herve.cholez@tudor.lu sebastien.pineau@tudor.lu March, 29 th 2011 1

More information

Risk Assessment and Risk Register Policy. Contents

Risk Assessment and Risk Register Policy. Contents Classification: Policy Lead Author: Paul Dodd Head of risk management Additional author(s): N/A Authors Division: Corporate Unique ID: RM6(06) Issue number: 3 Expiry Date: January 2017 Contents Section

More information