Unit of competency details

Release 

Comments 

Release 1

This version first released with BSB07 Business Training Package version 6.0.

Revised unit. Required knowledge updated to incorporate current Australian Standards.

Replaces BSBRSK501A Manage risk

Element 

Performance Criteria 

Elements describe the essential outcomes of a unit of competency.

Performance criteria describe the performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the required skills and knowledge section and the range statement. Assessment of performance is to be consistent with the evidence guide.

1. Establish risk context

1.1 Review organisational processes, procedures and requirements for undertaking risk  management

1.2 Determine scope  for risk management process

1.3 Identify internal and external stakeholders and their issues

1.4 Review political, economic, social, legal, technological and policy context

1.5 Review strengths and weaknesses of existing arrangements

1.6 Document critical success factors, goals or objectives for area included in scope

1.7 Obtain support for risk management activities

1.8 Communicate with relevant parties  about the risk management process and invite participation

2. Identify risks

2.1 Invite relevant parties to assist in the identification of risks

2.2 Research  risks that may apply to scope

2.3 Use tools and techniques  to generate a list of risks that apply to the scope, in consultation with relevant parties

3. Analyse risks

3.1 Assess likelihood  of risks occurring

3.2 Assess impact or consequence  if risks occur

3.3 Evaluate  and prioritise risks for treatment

4. Select and implement treatments

4.1 Determine and select most appropriate options  for treating risks

4.2 Develop an action plan  for implementing risk treatment

4.3 Communicate risk management processes to relevant parties

4.4 Ensure all documentation is in order and appropriately stored

4.5 Implement and monitor action plan

4.6 Evaluate risk management process

Overview of assessment 

Critical aspects for assessment and evidence required to demonstrate competency in this unit 

Evidence of the following is essential:

• risk management plan which includes a detailed stakeholder analysis, explanation of the risk context, critical success factors, identified and analysed risks, and treatments for prioritised risks
• details of monitoring arrangements for risk management plan and an evaluation of the risk management plan’s efficacy in treating risks
• knowledge of relevant legislation, codes of practice and national standards.

Context of and specific resources for assessment 

Assessment must ensure:

• access to workplace documentation.

Method of assessment 

A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit:

• direct questioning combined with review of portfolios of evidence and third party workplace reports of on-the-job performance by the candidate
• observation of presentations
• oral or written questioning to assess knowledge of risk management policies and procedures
• review of documented critical success factors, and goals or objectives for area
• review of risks prioritised for treatment
• evaluation of action plan for implementing risk treatment
• evaluation of documentation communicating risk management processes to relevant parties.

Guidance information for assessment 

Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended, for example:

• financial management units, governance units, human resource management units, or technology units.

Risks  may include those relating to:

• commercial relationships
• economic circumstances and scenarios
• human behaviour
• individual activities
• legislation
• management activities and controls
• natural events
• political circumstances
• technology.

Scope  may apply to:

• given project
• specific business unit or area
• specific functional such as:

• financial management
• OHS
• governance

• external environment
• internal environment
• whole organisation.

Relevant parties  may include:

• all staff
• internal and external stakeholders
• senior management
• specific teams or business units
• technical experts.

Research  may include:

• data or statistical information
• information from other business areas
• lessons learned from other projects or activities
• market research
• previous experience
• public consultation
• review of literature and other information sources.

Tools and techniques  may include:

• brainstorms
• checklists
• fishbone diagrams
• flowcharts
• scenario analysis.

Likelihood  may refer to:

• probability of a given risk occurring, such as:

• very likely
• likely
• possible
• unlikely
• rare.

Impact or consequence  may refer to:

• significance of outcomes if the risk occurs, such as:

• disastrous
• severe
• moderate impact
• minimal impact.

Evaluation  of risks includes:

• considering the likelihood of the risk occurring
• considering the impact of the risk
• determining which risks are most significant and are therefore priorities for treatment.

Options  may include:

• avoiding the risk
• changing the consequences
• changing the likelihood
• retaining the risk
• sharing the risk with a third party.

Action plans  should include:

• what actions are required
• who is taking responsibility
• time lines
• monitoring processes.