menu
  • Home
  • Services
    • Tax Depreciation
    • Sec94A Estimates
    • Tender Evaluation
    • Contract Administration
    • Life Cycle Costing
    • Risk Management
  • Contact Us
  • Links
  • Login
  • You are here:  
  • Home
  • Services
  • Risk Management

Search

Risk Management

Risk Management Process

The TDQS team considers risk management fundamental to the achievement of objectives and a significant aspect of organisational governance. Risk management will be implemented in order to improve business performance, meet internal and external obligations and ensure objectives are achieved safely and successfully. TDQS adopts ISO 31000 Risk Management Processes in managing our projects.

Establishing the Context

By establishing the context, the organization articulates its objectives, defines the external and internal parameters to be taken into account when managing risk, and sets the scope and risk criteria for the remaining process.

Attention to these and other relevant factors should help ensure that the risk management approach adopted is appropriate to the circumstances, to the organization and to the risks affecting the achievement of its objectives.

Risk Identification

The aim of this step is to generate a comprehensive list of risks based on those events that might create, enhance, prevent, degrade, accelerate or delay the achievement of objectives. Identification should include risks causes, control status, consequences including cascade effects and likelihood.

Risk Analysis

Risk analysis provides an input to risk evaluation and to decisions on whether risks need to be treated, and on the most appropriate risk treatment strategies and methods. Risk is analysed by determining consequences and their likelihood, and other attributes of the risk.

Risk Evaluation

The purpose of risk evaluation is to assist in making decisions, based on the outcomes of risk analysis, about which risks need treatment and the priority for treatment implementation. The risk evaluation can also lead to a decision not to treat the risk in any way other than maintaining existing controls. This decision will be influenced
by the client’s risk attitude and the risk criteria that have been established.

Risk Treatment

Risk treatment involves selecting one or more options for modifying risks, and implementing those options. Risk treatment involves a cyclical process of assessing a risk treatment:

  • deciding whether residual risk levels are tolerable;
  • if not tolerable, generating a new risk treatment; and
  • assessing the effectiveness of that treatment.

Monitoring and Review

Both monitoring and review should be a planned part of the risk management process and involve regular checking or surveillance. It can be periodic or ad hoc. The organization's monitoring and review processes should encompass all aspects of the risk management process for the purposes of:

  • ensuring that controls are effective and efficient in both design and operation;
  • obtaining further information to improve risk assessment;
  • analysing and learning lessons from events (including near-misses), changes, trends, successes and failures;
  • detecting changes in the external and internal context, including changes to risk criteria and the risk itself which can require revision of risk treatments and priorities; and identifying emerging risks.

Communication and Consultation

Effective external and internal communication and consultation should take place to ensure that those accountable for implementing the risk management process and stakeholders understand the basis on which decisions are made, and the reasons why particular actions are required.

Communication and consultation with stakeholders is important as they make judgements about risk based on their perceptions of risk. These perceptions can vary due to differences in values, needs, assumptions, concepts and concerns of stakeholders. Communication and consultation should facilitate truthful, relevant, accurate and understandable exchanges of information, taking into account confidential and personal integrity aspects.

TDQS further recommends critical steps as below for continual improvement of the risk management process:

  • Reporting of risk performance for assessment and measurement of lessons learnt
  • Full accountability for risks by risk owners
  • Application of risk management in all decision making
  • Continual communications with external and internal stakeholders
  • Full integration in the organization's governance structure with risk framework

 

   

Tax Depreciation QS Pty Ltd

PO Box 61

Maroubra NSW 2035

info@taxdepreciationqs.com.au
www.template-joomspirit.com
Back to top