Unit of competency details

PSPMNGT608B - Manage risk (Release 3)


Usage recommendation:
Is superseded by and equivalent to PSPMGT007 - Manage riskUnit code updated. Content and formatting updated to comply with the new standards. All PC transitioned from passive to active voice. Assessment Requirements created drawing upon specified assessment information from superseded unit. 06/Mar/2016
Supersedes and is equivalent to PSPMNGT608A - Manage risk 04/May/2009

Release Status:
ReleaseRelease date
3 (this release) 01/Nov/2012
(View details for release 2) 07/Mar/2012
(View details for release 1) 05/May/2009

Qualifications that include this unit

CodeSort Table listing Qualifications that include this unit by the Code columnTitleSort Table listing Qualifications that include this unit by the Title columnRelease
PSP61212 - Advanced Diploma of Government (Procurement and Contracting)Advanced Diploma of Government (Procurement and Contracting)
PSP60504 - Advanced Diploma of Government (Management)Advanced Diploma of Government (Management)1-2 
PSP52012 - Diploma of Government (Rail Safety Regulation)Diploma of Government (Rail Safety Regulation)
PSP60912 - Advanced Diploma of Government (Workplace Inspection)Advanced Diploma of Government (Workplace Inspection)
PSP61312 - Advanced Diploma of Government (Road Transport ComplianceAdvanced Diploma of Government (Road Transport Compliance
TLI60215 - Advanced Diploma of Deployment LogisticsAdvanced Diploma of Deployment Logistics1-2 
PSP60512 - Advanced Diploma of Government (Management)Advanced Diploma of Government (Management)
PSP51912 - Diploma of Government (Workplace Inspection)Diploma of Government (Workplace Inspection)
PSP60904 - Advanced Diploma of Government (Workplace Inspection)Advanced Diploma of Government (Workplace Inspection)1-2 
PSP52008 - Diploma of Government (Rail Safety Regulation)Diploma of Government (Rail Safety Regulation)1-2 
Items per page 10 | 20 | 50 | 100
Displaying items 1 - 10 of 12


SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 080399 Business And Management, N.e.c.  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 080399 Business And Management, N.e.c.  05/Jul/2004 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Modification History


TP Version 




Unit descriptor edited.



Layout adjusted. No changes to content.



Primary release.

Unit Descriptor

This unit covers maximising results and minimising consequences for a business unit activity by managing risk. It includes establishing the risk management context, planning for risk management, managing risk and evaluating the risk management plan.

In practice, managing risk may overlap with other generalist or specialist public sector work activities such as acting ethically, complying with legislation, applying government systems, managing resources, managing change, managing diversity, formulating business strategies, etc.

The unit is one of 4 in the Working in Government and Management Competency fields dealing with risk. Related units are:

  • PSPGOV417A Identify and treat risks
  • PSPGOV517A Coordinate risk management
  • PSPMNGT704A Undertake enterprise risk management

This unit replaces and is equivalent to PSPMNGT608A Manage risk.

No licensing, legislative, regulatory or certification requirements apply to this unit at the time of publication

Application of the Unit

Not applicable.

Licensing/Regulatory Information

Not applicable.


Not applicable.

Employability Skills Information

This unit contains employability skills.

Elements and Performance Criteria Pre-Content

Elements are the essential outcomes of the unit of competency.

Together, performance criteria specify the requirements for competent performance. Text in bold italics  is explained in the Range Statement following.

Elements and Performance Criteria



1 . Establish the risk management context 

1.1 The nature and extent of business unit  activity, its objectives and outcomes are established within the organisational  context.

1.2 The strategic and risk management  context are identified in accordance with organisational requirements.

1.3 Stakeholders  are identified and consulted to ensure their views, concerns and needs are taken into account in the risk management  process.

1.4 Criteria  for risk assessment are determined in accordance with legislation, policy and procedures .

1.5 Risk management criteria are determined to provide guidance on balancing risk, costs, benefits and opportunities.

1.6 Risk management criteria are monitored, reviewed and adjusted to ensure opportunities and current and emerging trends are reflected.

2 . Plan for risk management 

2.1 Sources of risk  are investigated and potential, perceived and actual risks  are identified and consulted upon to ensure full coverage.

2.2 Risks are analysed  and documented  in consultation with stakeholders, and levels of risk  are determined as the basis for risk management planning in a specific activity.

2.3 Risk management methods/techniques/tools  are selected and modified as necessary to evaluate risks to determine those that are acceptable  and those that are unacceptable .

2.4 Risk treatment options  are identified for unacceptable risks and preferred risk treatment approaches are determined.

2.5 A risk management plan  is developed and communicated to key stakeholders to ensure clarity and achievement of objectives throughout the activity's life cycle.

3 . Manage risk 

3.1 Activity is managed in accordance with agreed risk management plan.

3.2 Performance is reviewed, variance is analysed and risk responses are initiated to achieve objectives with minimal disruption and conflict.

3.3 Internal and external risks to outcomes are monitored and remedial actions are initiated to achieve business unit objectives.

4 . Evaluate the risk management plan 

4.1 A valid and reliable evaluation methodology  is developed and implemented.

4.2 Outcomes are reviewed and analysed to assess the effectiveness of current risk management strategies.

4.3 Evaluation is used to monitor existing risks, identify new risks and identify any trouble spots.

4.4 A variety of information, including the perspectives of key stakeholders, is obtained and utilised.

4.5 Recommendations on enhancements to the plan are formulated and acted upon to inform subsequent risk management processes.

4.6 The outcomes of evaluation are communicated to relevant personnel.

Required Skills and Knowledge

This section describes the essential skills and knowledge and their level, required for this unit.

Skill requirements 

Look for evidence that confirms skills in:

  • applying legislation, regulations and policies relating to risk management
  • researching and analysing the wider context affecting the organisation
  • assessing and evaluating risks
  • monitoring and reviewing risks and risk treatments
  • using communication and consultation with a diverse range of stakeholders
  • applying problem solving using conceptual and reasoning skills
  • using formal language and style for written plans
  • engaging in discussion using exchange of complex oral information
  • using a variety of words and language structures to explain complex, formal documents and assisting others to apply them in the workplace
  • responding to diversity, including gender and disability
  • applying procedures relating to occupational health and safety and environment in the context of risk management

Knowledge requirements 

Look for evidence that confirms knowledge and understanding of:

  • legislation, regulations, policies, procedures and guidelines relating to risk management
  • Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised
  • international standards such as SIRCA 8001:2003
  • Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised
  • risk management cycle
  • the relationship of risk to context - how the context may define the risks
  • the importance of consultation and communication at every stage of the risk management cycle
  • legal requirements related to the activity
  • whole-of-life considerations
  • approval processes
  • range of evaluation methodologies
  • the diversity of risks in the public sector
  • equal employment opportunity, equity and diversity principles
  • public sector legislation such as occupational health and safety and environment in the context of risk management

Evidence Guide

The Evidence Guide specifies the evidence required to demonstrate achievement in the unit of competency as a whole. It must be read in conjunction with the Unit descriptor, Performance Criteria, the Range Statement and the Assessment Guidelines for the Public Sector Training Package.

Units to be assessed together 

  • Pre-requisite units that must be achieved prior to this unit:Nil
  • Co-requisite units that must be assessed with this unit:Nil
  • Co-assessed units that may be assessed with this unit to increase the efficiency and realism of the assessment process include, but are not limited to:
  • PSPETHC601B Maintain and enhance confidence in public service
  • PSPGOV601B Apply government systems
  • PSPGOV602B Establish and maintain strategic networks
  • PSPLEGN601B Manage compliance with legislation in the public sector
  • PSPMNGT602B Manage resources
  • PSPMNGT604B Manage change
  • PSPMNGT605B Manage diversity
  • PSPMNGT609B Formulate business strategies
  • PSPMNGT611A Manage evaluations
  • PSPMNGT612A Review and improve business performance
  • PSPMNGT613A Develop partnering arrangements
  • PSPMNGT614A Facilitate knowledge management
  • PSPPOL603A Manage policy implementation

Overview of evidence requirements 

In addition to integrated demonstration of the elements and their related performance criteria, look for evidence that confirms:

  • the knowledge requirements of this unit
  • the skill requirements of this unit
  • application of the Employability Skills as they relate to this unit (see Employability Summaries in Qualifications Framework)
  • management of risk in a range of (2 or more) contexts (or occasions, over time)

Resources required to carry out assessment 

These resources include:

  • legislation, policy, procedures and protocols relating to risk management
  • Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised
  • Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised
  • other national and international standards relating to risk management such as SIRCA 8001:2003
  • case studies and workplace scenarios to capture the range of risk management situations likely to be encountered

Where and how to assess evidence 

Valid assessment of this unit requires:

  • a workplace environment or one that closely resembles normal work practice and replicates the range of conditions likely to be encountered when managing risk, including coping with difficulties, irregularities and breakdowns in routine
  • management of risk in a range of (2 or more) contexts (or occasions, over time)

Assessment methods should reflect workplace demands, such as literacy, and the needs of particular target groups, such as:

  • people with disabilities
  • people from culturally and linguistically diverse backgrounds
  • Aboriginal and Torres Strait Islander people
  • women
  • young people
  • older people
  • people in rural and remote locations

Assessment methods suitable for valid and reliable assessment of this competency may include, but are not limited to, a combination of 2 or more of:

  • case studies
  • portfolios
  • projects
  • questioning
  • scenarios
  • authenticated evidence from the workplace and/or training courses

For consistency of assessment 

Evidence must be gathered over time in a range of contexts to ensure the person can achieve the unit outcome and apply the competency in different situations or environments

Range Statement

The Range Statement provides information about the context in which the unit of competency is carried out. The variables cater for differences between States and Territories and the Commonwealth, and between organisations and workplaces. They allow for different work requirements, work practices and knowledge. The Range Statement also provides a focus for assessment. It relates to the unit as a whole. Text in bold italics  in the Performance Criteria is explained here.

Business unit  may refer to:

  • a program
  • sub-program
  • cost centre
  • area
  • division
  • branch
  • production unit or section located within the organisation

Organisational context  may include:

  • the organisation, how it is organised, and its capabilities
  • any official resources, including physical areas and assets, that are vital to the operation of the organisation
  • key operational elements and services of the organisation
  • any major projects

Strategic and risk management context  may include:

  • the relationship between the organisation and the environment in which it operates
  • the organisation's functions:
  • political
  • operational
  • financial
  • social
  • legal
  • commercial
  • the various stakeholders and clients

Stakeholders  may include:

  • employees
  • managers
  • volunteers
  • unions
  • financial managers
  • self-insurers
  • clients
  • suppliers
  • contractors
  • service providers
  • community organisations
  • the public

Risk management :

  • is a logical and systematic process of identifying, analysing, evaluating, treating, and monitoring risks related to any strategy plan, process, program or procedure that will enable the organisation to minimise losses and maximise opportunities
  • may be considered in relation to an organisation's:
  • people
  • assets and physical environment
  • reputation and image
  • legal issues
  • business continuity
  • finances
  • may include written procedures to ensure staff know:
  • what
  • how
  • when, and
  • by whom, action is to be taken to treat risks in the organisation

Risk evaluation criteria  are:

  • used to rank risks and decide whether they are acceptable or not
  • affected by:
  • legal requirements
  • perceptions of internal/external stakeholders
  • cost-benefit analysis, for example, cost of risk management being less than financial cost if the risk occurred

Legislation, policy and procedures  may include:

  • Commonwealth and State/Territory legislation relating to risk management
  • national and international codes of practice and standards, such as SIRCA 8001:2003
  • the organisation's risk management policies and practices
  • codes of conduct/codes of ethics
  • Australian and New Zealand standards - Risk management AS/NZS 4360:1999 or as revised
  • Guidelines for managing risk in the Australian and New Zealand public sector - HB 143:1999 or as revised
  • professional standards for risk management, for example CPRM - certified practising risk manager
  • jurisdictional policies, guidelines and web sites, for example www.riskmanagement.qld.gov.au

Sources of risk  may include:

  • human behaviour
  • technology/technical issues
  • occupational health and safety
  • legal
  • political
  • property/equipment
  • environmental
  • financial/market
  • natural events

Risks  may be:

  • internal
  • external
  • random
  • real
  • perceived

Risks  may include:

  • physical injury or death
  • failure of machinery or equipment
  • breaches of security
  • fraud
  • litigation
  • client dissatisfaction
  • unfavourable publicity

Analysis of risks  includes:

  • likelihood of risks:
  • almost certain
  • likely
  • possible
  • unlikely
  • rare
  • consequences of risks:
  • insignificant
  • minor
  • moderate
  • major
  • catastrophic
  • current control measures

Documentation of analysis  may include:

  • table showing all risks, any existing controls, likelihood of occurring, consequences and subsequent level of risk

Level of risk  may be:

  • low, treated with routine procedures
  • moderate, with specific responsibility allocated for the risk, and monitoring and response procedures implemented
  • high, requiring action, as it has potential to be damaging to the organisation
  • extreme, requiring immediate action, as the potential could be devastating to the organisation

Methods/techniques/ tools  may include:

  • computer modelling
  • sensitivity analysis
  • structured interviews
  • statistical data
  • questionnaires
  • fault trees
  • analysis of consequences - loss of money, time, labour, intangibles

Acceptable risks  are:

  • those which an organisation has determined have the least potential for harm
  • not necessarily insignificant

Risks  may be acceptable because:

  • the risk level is so low that it does not warrant spending time and money to treat it
  • the risk is low and the benefits outweigh the cost of treating it
  • the opportunities presented are much greater than the threat

Unacceptable risks  are:

  • those which an organisation has determined have the most potential for harm

Options for treating risks  may include:

  • avoiding the risk, for example, by terminating the activity or conducting it in another way (these actions may have different risks attached)
  • controlling the risk, by reducing the likelihood of the risk occurring, the consequences of the risk, or both
  • transferring the risk, for example, by arranging insurance, contracting some or all of the activity to another organisation or person, etc
  • retaining the risk, and making contingency plans/funds allocation for covering any loss or other negative effect from the risk

Risk management plan  may include:

  • sources of risk and risk events
  • analysis of risks - likelihood, consequences and risk levels
  • prioritised list of unacceptable risks
  • treatment options selected
  • person/s responsible for implementing treatment options
  • resources required
  • performance measures
  • timeframe for implementation
  • timetable for review of plan

Evaluation methodology  may include:

  • observations
  • physical inspections
  • incident reports
  • questionnaires
  • interviews with stakeholders
  • regular reviews of risk treatment procedures
  • repeat of the risk management process

Unit Sector(s)

Not applicable.

Competency field