|
Introduction
Those
who will benefit
Users/clients
Testimonials
Hot topics
Business
DNA Regulatory
DNA Tax
& Accounting DNA Banking
DNA Defence
DNA
International Int
Health Regs (IHR) Banking
Regs & Basel II Accounting standards
(IFRS/IAS, GAAP) Anti
Money
laundering (AML)
Counter
Terrorism Regs
Risk Management,
COSO, AS4360
Corporation
Law & Regs
Corporate
Governance
Corporate
Whistleblowing
US
Code of Federal
Regulations (CFR)
International
Traffic in Arms Regs (ITAR)
SOX
Regs
Education supplements
Accountants
Law
School
MBAs
Aust DoD
ASDEFCON
Financial Reform
Special
focus on
Regulators
Compliers
Employers
Clients
Suppliers
Contractors
Consultants
Lawyers
Translators
Sporting
life
Football
Golf
| |
|
Risk Management
|
(COSO, AS 4360) |
|
1 Risks associated with
business, government and defence instructions
Risk
is often defined as a potential loss or danger.
Consequently, to be successful,
organisations need to know:
 |
what
the events are that can affect their success (hazards) |
|
the
likelihood and consequence of these events and |
|
what
actions they can take to reduce their exposure to them. |
business, government and defence instructions
|
internal
requirements:
 |
policies |
|
procedures |
|
instructions |
|
|
externally
promoted policies and claims |
|
government
regulations |
|
purchase
orders, service level agreements, technical specifications &
contracts |
|
referenced
documents, standards & codes |
In the context of these
business, government and defence instructions, some of the events that could affect your
organisation’s success include:
|
1 Sub-standard understanding of requirements |
|
2 Sub-standard compliance checking & auditing |
|
3 Sub-standard compliance planning |
|
4 Sub-standard development & drafting |
|
5 Sub-standard laundering |
|
6 Sub-standard choice comparison |
|
7 Sub-standard changed and original clause comparison |
|
8 Sub-standard compliance programming |
|
9 Sub-standard compliance costing |
|
10 Sub-standard development of workflows and procedures |
|
11 Sub-standard development management alarm bells |
|
12 Sub-standard completion of prescribed notices and forms |
|
13 Sub-standard preparation and review of contractual claims |
|
14 Sub-standard dispute resolution |
|
15 Sub-standard translation into other languages |
|
16 Mass media exposure of sub-standard performance |
Organisations need to decide whether they should take these events
(hazards) seriously or not.
This
is often known as:
|
determining
their risk exposure or |
|
evaluating
their risk. |
Risk can be determined by considering both the consequence and
likelihood of each event occurring.
Analysis
of the consequence and likelihood of events may be either qualitative or
quantitative as shown in the following table.
|
Qualitative
|
Qualitative
analysis uses words or descriptive scales to describe the
magnitude of the likelihood and the consequence.
This
style often uses personal judgement, estimation and assumptions.
e.g.
Rare - Unlikely - Moderate - Likely - Almost certain
|
|
Quantitative
|
Quantitative
analysis often involves:
|
financial
accounting
|
|
statistical
analysis
|
|
staff
& supplier competency testing (Mustor Metric Testing MIS
4100) or
|
|
staff
& supplier performance prediction (MIS 8000).
|
e.g.
$, ₤, €, average, standard deviation, percentiles, Mustor
Metrics
|
|
Multiple
consequences
|
An
accident may have multiple affects such as:
|
the
health of employees
|
|
the
environment and
|
|
the
production capability of the organisation (both the quality
& the quantity produced) and
|
|
the
financial status of the organisation.
|
|
|
Hidden
consequences
|
The
consequences of some events are not always obvious.
For example, the consequence of a dispute, is the effort
and resources required to resolve it.
If the dispute is resolved by direct negotiation then the
consequence of the dispute could be considered insignificant.
However, should the dispute require arbitration to resolve
it, then the consequence could be considered major.
Should the dispute require litigation to resolve it and the
legal fees from having to pay the other party’s expenses are
high, the consequences could be considered catastrophic.
|
|
Compounding
consequences
|
Events
often have compounding consequences.
For example:
|
an
accident may cause loss of production capability that may lead
to a contractor bearing the cost for late completion.
|
|
|
|
discrepancies,
ambiguities, loops and illogical clauses in the technical
specification may cause the supplier to claim for variations.
This may increase the cost and the duration of the contract,
which could cause them to run over budget and/or bear costs
for late completion to their client.
|
|
The level of your exposure to risk can be graphically represented.
The result is basically an area calculation.
That is, the risk exposure level is a product of the consequence
and the likelihood of the event occurring.
With a graphical representation, you can see very quickly that the more
serious the consequence, and the higher the likelihood of the event
occurring, the greater the risk. For
example, the figure below shows, that as event A has a greater
consequence and likelihood of occurrence than event B and C, it has a
higher risk exposure level.
3
Risk
reduction
Once the events that may affect your success have been identified, and
the risk level determined, each organisation is in a position to decide
whether they will either accept the risk or act to reduce it.
Your organisations risk level may be
reduced by either:
|
reducing
the consequences of an event once it occurs or |
|
reducing
the likelihood of the event occurring in the first place. |
The
following figures graphically display these concepts.
Reducing the likelihood of hazardous events may involve:
|
improving
business, government and defence instructions such as:
|
internal
requirements
 |
policies |
|
procedures |
|
instructions |
|
|
externally
promoted policies and claims |
|
government
regulations |
|
purchase
orders, service level agreements, technical specifications &
contracts |
|
referenced
documents, standards & codes |
|
|
improving
employees with training in document:
|
interrogation |
|
compliance
checking |
|
compliance
planning |
|
translation |
|
dispute
resolution |
|
|
improving
the selection of:
|
employees |
|
suppliers |
|
contractors |
|
translators |
|
lawyers |
|
consultants |
|
Reducing
the consequence of hazardous events may involve improving:
|
developing
mitigation procedures |
|
purchasing
compensating Insurance |
4
Effects of relaxation
Should
your staff and suppliers relax on the efforts to reduce the likelihood
and consequence of events that may affect their success, their risks
increase. The following
figure graphically displays this concept.
5
Risk management standards
There
are a number of generic risk management standards around the world.
The following table details some of the more popular standards as
well as the organisations involved in there development.
This
standard has been designed so that it can be equally used by your:
|
employees |
|
suppliers |
|
contractors |
|
translators |
|
lawyers |
|
consultants |
The
Risk Management system (MIS 11 000) has been designed so that your staff
and suppliers can either use it by it self (stand-alone) or ‘bolt’
it onto your existing system. The
following figure graphically describes these choices.
|
| |
Recent Public
Presentations
CPA
STC
IPWEA
Aust
Compliance Institute (ACI)
Clarity
- International Plain Legal Language Association
PLAIN
- International Legal Language Society
Not-For-Profit
Network
Recent clients
Aust
Defence Department
Telstra
Liverpool
Council
Energy
Australia
Popular start up
programs
Awareness
Masterclass
Risk
Discovery
Opportunity
Discovery
|
