Unit of competency details

SISXRSK502A - Manage organisational risks (Release 3)


Usage recommendation:
The Deleted usage recommendation was implemented on 13 June 2017 to describe training components that have no replacement. Enrolments in training components and statements of attainment or qualifications issued before 13 June 2017 are valid. For any components marked as deleted after 13 June 2017, the applicable transition/teach-out periods apply. For specific questions regarding the enrolment, delivery or issuance of a statement of attainment/qualification, please contact your training regulator.
DeletedDeleted from SIS10 Sport, Fitness and Recreation Training Package10/Sep/2019
Supersedes and is equivalent to SRXRIK002A - Manage an organisation's riskE Updated and equivalent to SRXRIK002A Manage an organisation's risk06/Jun/2011

ReleaseRelease date
3 (this release) 06/Mar/2013
(View details for release 2) 28/Nov/2011
(View details for release 1) 07/Jun/2011


SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 080301 Business Management  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 080301 Business Management  18/Nov/2011 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Modification History

The release details of this endorsed unit of competency set are in the table below. The latest information is at the top.




Reduction of repetition.

No changes to competency outcome.

Unit Descriptor

This unit describes the performance outcomes, skills and knowledge required to develop, implement and evaluate a risk-management program for an organisation. It incorporates an assessment of potential risks facing the organisation and the development of strategies and procedures to mitigate risk situations according to the current Australian and New Zealand Standard.

Application of the Unit

This unit applies to those who work in a range of roles, settings and locations in the sport, fitness and recreation industry, including indoors, outdoors and in controlled or uncontrolled environments. This includes those who are responsible for planning, implementing and evaluating programs and activities, such as operations managers, program managers or adventure guides, as well as those managing competitions, sports venues and facilities, recreation and fitness venues.

Licensing/Regulatory Information

No licensing, legislative, regulatory or certification requirements apply to this unit at the time of endorsement.


Not applicable.

Employability Skills Information

This unit contains employability skills.

Elements and Performance Criteria Pre-Content

Elements and Performance Criteria



Elements describe the essential outcomes of a unit of competency.

Performance criteria describe the performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the required skills and knowledge section and the range statement. Assessment of performance is to be consistent with the evidence guide.

1. Determine the context of the organisation's risk-management program.

1.1. Access and analyse relevant legislation  and the organisation’s risk-management policy.

1.2. Access and evaluate current organisational risk-management programs.

1.3. Identify outcomes from organisational risk audits and identify potential areas of risk.

1.4. Analyse the organisation’s capacity to reduce or control the likelihood of incidents and consequences.

1.5. Access and clarify broad risk-evaluation criteria  as specified by the organisation’s risk-management policy.

1.6. Identify key risk-management personnel within the organisation.

2. Identify organisational risks.

2.1. Identify and document sources of risk  within each risk classification  relevant to the organisation, including risks not under the control of the organisation.

2.2. Assess and document areas of impact  on the organisation.

2.3. Identify and document possible causes of risk and seek external specialist assistance  to control them.

3. Conduct analysis of organisational risks.

3.1. Determine appropriate methodology  and tools to conduct organisational risk analysis.

3.2. Conduct analysis according to organisational risk-management policy.

3.3. Determine existing organisational controls established by the organisation according to Work Health and Safety (WHS) legislation .

3.4. Assess the likelihood of any given risk turning into an accident, injury or loss.

3.5. Assess the consequences  of particular occurrences in order to determine the degree of emphasis to be placed on the risk.

3.6. Determine suitable techniques to analyse the likelihood and consequences of particular risks.

4. Undertake assessment of organisational risk.

4.1. Establish specific risk-evaluation criteria for each risk classification or individual risk, consistent with the risk-management policy.

4.2. Compare the level of risk established during the analysis process.

4.3. Rank or prioritise risks for further action, taking account of the wider context of the risk.

4.4. Consider the objectives of the organisation and the extent of opportunity which could result from taking the risk.

4.5. Accept risks that fall into the low or acceptable categories without further treatment.

4.6. Treat risks that fall outside the low or acceptable categories.

5. Prepare and implement an organisational risk-management program.

5.1. Identify specific risk-treatment options  applicable to risks that fall outside the acceptable categories that have the potential to impact upon the organisation.

5.2. Evaluate risk-treatment options according to the organisation’s risk-management policy and risk-evaluation criteria.

5.3. Prepare and document the organisation risk-management plan .

5.4. Establish strategies and procedures to implement the risk-management program.

5.5. Develop and implement training to inform employees and volunteers of the organisation’s risk-management program.

5.6. Monitor and review staff compliance with risk-management procedures.

6. Monitor and evaluate the risk-management program.

6.1. Monitor and review the effectiveness of the risk-management plan, to ensure changing circumstances within the organisation do not alter risk priorities.

6.2. Periodically review acceptable or low risks to ensure they remain acceptable.

6.3. Determine and analyse activities, projects or operations which do not achieve their performance outcomes according to the risk-management program, and determine potential causes.

6.4. Analyse incidents which occur that indicate a near miss and review the risk-management plan.

6.5. Make changes to the conduct of activities or to organisation operations according to review recommendations.

6.6. Implement recommendations in future risk-analysis audits of the organisation.

Required Skills and Knowledge

This section describes the skills and knowledge required for this unit.

Required skills 

  • problem-solving skills to:
  • identify and assess hazards, level of risk and treatment options
  • develop strategies to manage organisational risks
  • planning and organising skills to:
  • develop, implement and monitor a systematic risk-management plan for an organisation
  • make changes to risk-management plan and program as required in response to review recommendations
  • literacy and numeracy skills to:
  • access and analyse required risk-assessment information
  • document a risk-management plan for a specific organisation
  • communication skills to:
  • convey information about the organisational risk-management plan
  • conduct a risk-management review
  • consult with relevant personnel to implement review recommendations.

Required knowledge 

  • strategic and operational plans of the organisation in relation to organisational risk-management procedures to enable organisational capability to deal with events or incidents and risks associated with activities to be assessed and addressed
  • legislation to enable risk identification and assessment for the relevant activities and identification of the legal responsibilities associated with risk management
  • hierarchy of controls to enable the most appropriate and viable risk-treatment options to be applied to activities
  • hazards associated with specific activities and locations to enable effective risk-treatment options to be identified
  • risk-assessment principles and methodology
  • common risk-management terminology, such as risk, risk management, hazard, risk analysis and risk-management plan
  • risk-evaluation criteria to enable level of risk to be assessed
  • disaster, emergency and evacuation plans.

Evidence Guide

The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package.

Overview of assessment 

Critical aspects for assessment and evidence required to demonstrate competency in this unit 

Evidence of the ability to:

  • work within organisation risk-management systems and objectives and comply with legislative requirements to undertake risk assessments that align with organisation risk-management policy and operational requirements
  • access and clarify information to:
  • identify and document organisation risks in each of the relevant classifications
  • develop an organisation risk management plan
  • assess, select and implement viable risk-treatment options
  • monitor the effectiveness of the plan and apply contingency-management techniques to deal with a range of changing circumstances that may alter the management of organisation risks.

Context of and specific resources for assessment 

Assessment must ensure:

  • identification of organisation risks and development of an organisation risk-management plan which is of sufficient breadth to demonstrate competency and consistency of performance.

Assessment must also ensure access to:

  • an operational environment or facility conducting a range of activities and or projects
  • organisation policies and procedures related to risk management
  • organisation reporting requirements
  • organisation records, risk audits and policy documents
  • support staff, locations and resources to implement and review risk-control measures.

Method of assessment 

A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit:

  • observation of applying organisational risk-analysis procedures to organisational operations, such as activities and projects
  • oral and or written questioning to assess knowledge of techniques in relation to risk-assessment methodologies
  • portfolio of records and reports documenting development and review of organisational risk-management plans and outcomes
  • third-party reports from a supervisor detailing work performance.

Guidance information for assessment 

Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended, for example:

  • SISXWHS503 Establish and maintain Work Health and Safety systems.

Range Statement

The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.

Relevant legislation  may include:

  • WHS
  • environmental
  • child protection
  • equal employment opportunity
  • privacy
  • duty of care
  • industrial relations
  • licensing
  • industry codes of practice.

Risk -evaluation criteria  may include:

  • target risk levels
  • legislation
  • regulations
  • Australian standards
  • organisation policies, aims and objectives
  • operating procedures and guidelines.

Sources of risk  may include:

  • physical
  • chemical
  • environmental
  • psychological
  • financial, commercial and legal
  • behavioural
  • technological
  • internal and subject to the organisation’s control
  • external and beyond the organisation’s control
  • human
  • equipment.

Risk classification  may include:

  • diseases
  • economic perils
  • environmental
  • financial
  • human perils
  • natural perils
  • WHS
  • product liability
  • professional liability
  • property damage
  • public liability
  • security
  • technology.

Areas of impact  may include:

  • asset and resource base of the organisation
  • revenue and entitlements
  • costs of activities
  • individuals and community
  • timing and schedule of activities
  • environment
  • organisational goodwill
  • organisational behaviour
  • goals and objectives.

External specialist assistance  may include:

  • specialist consultants
  • government agencies.

Methodology  may include:

  • qualitative
  • quantitative
  • combined qualitative and quantitative.

Work Health and Safety Legislation (WHS)  may include:

  • emergency response
  • consultation and participation
  • WHS issue resolution
  • hazard identification
  • risk assessment and control
  • personal protective equipment use
  • WHS reporting.

Consequences  may include:

  • losses
  • injuries
  • disadvantages
  • gains – personal, educational, social, emotional and fitness.

Risk -treatment options  may include:

  • avoidance
  • reduction
  • transfer
  • finance
  • acceptance.

Organisational risk -management plan  may include:

  • specific risk-treatment plans
  • strategies detailing implementation
  • staff responsibilities
  • schedules
  • expected outcomes of treatments
  • budgeting
  • performance measures
  • review process
  • recording requirements.

Unit Sector(s)


Competency Field

Risk Management.