Monitoring and Reviewing Risks In Your Organisation
Monitoring and reviewing risks
This is the seventh step in a seven stage process of successfully tackling risk management in your organisation.
The first step in the process is communication and consultation and this needs to occur regularly if you are to continue to keep risk management at the front of everyone’s mind.
In this regard you need to continually communicate throughout the process with your organisation and others who may be impacted.
It is highly recommended that your organisation establish a process to monitor and review your risk management strategy. This is vital because risk is not static. Your risk management strategy should be a fluid document that is regularly updated to take account of changes in your organisation. New risks will emerge and existing risks will disappear.
Risks that you have already acknowledged may become more or less frequent, severe or relevant to your organisation.
These changes will result from changes in your organisation and from changes in the outside world that you have no control over.
There are a number of useful ways to ensure effective monitoring and reviewing of your risk management strategy.
- Set time lines for reviewing different aspects of your organisation’s activities. The regularity of the review will depend on the activity in question. For example, smoke detectors may only need to be checked once a year but lifting slings for the forklift may need to be inspected at the start of each shift.
- Write down when things need to be checked and tick them off when they are. This can be done on your risk register.
When should this problem be fixed
Who and when fixed the problem
Prior to next meeting – July 12, 2009
June 10, 2009, by maintenance officer
- You may also want to make a note of when that area should be reviewed again.
It is important that you investigate and record any accidents or near-misses to help you avoid similar incidents happening again. Investigate the incident – what went wrong Why What could have prevented it
Document the details of the incident and the answers to those questions for future reference. And act on the information.
Records can also be called upon in court if an action is brought against your organisation. Records you should keep include:
- Minutes of meetings – noting important decisions and the reasons for them
- File notes – a record of important conversations in person or on the phone
- Training records – documenting any training undertaken by staff or associates
- Incident records -notes taken or forms completed in the event of any injury or incident. You should be consistent in the type of information you gather in relation to an incident and any investigation of the surrounding circumstances. It is essential to have a specific form for this kind of record
Your records should also include regular reviews of the effectiveness of the risk management strategy itself.
Ask questions such as:
- How effective is your risk management strategy
- Are measures working the way they are supposed to
- How accurate is the risk assessment process Are all risks being identified
- Have risk treatment methods made your organisation safer
- Are safety procedures being followed
- Are safety records accurate and up-to-date
The process of monitoring and reviewing your risk management strategy may result in documented administrative procedures such as policies, guidelines, codes of practice and rules.
Documentation of safe practices and regular maintenance inspections can be used in court proceedings as evidence that reasonable care was being taken.
Produce a resource for staff/members/volunteers
If you produced a risk management guide at the start of the process it could include sections that invite feedback from your staff on whether the risk management strategy is working.
Often it will be people “on the ground” who can see what works and what doesn’t, and who will be the first to notice any changes in the nature of risks faced by your organisation – new risks arising, existing risks disappearing or changing.
Adopt and follow procedures
“Good procedures, regularly followed” should be the risk management mantra for all organisations. Several policies and procedures can be invaluable to management as it strives to fulfil its legal duties and risk management responsibilities.
These include the use of position descriptions for all staff members and an annual self-evaluation process, and the adoption of conflict of interest policies, attendance policies, and management minute procedures.
You should also have a process in place for dealing with complaints, suggestions and other feedback from your staff and the general public.
It is important that the monitoring and reviewing of your risk management strategy is open and inclusive so that everyone connected with your organisation feels a part of the continual process of risk management, in its development, implementation and evaluation.
This goes hand in hand with effective communication, which you should be working on through every step of the risk management process.
A final question on risk management:
What happens if we have an incident that could lead to a claim
- Your first responsibility is to whoever has been injured or distressed. Provide assistance and support and seek medical advice and treatment where required. Do so immediately and where there is some concern expressed by the injured person, express your concern and ensure that where there is any doubt, medical opinion is sought.
- This is to protect both the injured person and your organisation. Where there is a need to phone relative do so as soon as practical.
- Stick to the facts in any conversation and avoid discussion on possible liability or blame.
- If an incident does occur, record the incident. In doing so stick to the facts of what happened. Do not attempt to allocate blame on any person or piece of equipment and avoid making personal comments or opinions. Ensure that all staff are all aware of a recording process and who should be advised in the event of an incident.
- Notify your insurer of all potential and actual claims as soon as possible.
Always make sure that your insurer is notified of any activities that you may wish to undertake outside of your normal operations as it may not be covered or may require an additional premium.
Monitoring and reviewing risks in your organisation is the seventh step in a seven stage process of successfully tackling risk management in your organisation.
Although it is the seventh stage, that doesn’t mean it is the last one. Your risk management strategy should be an evolving, dynamic thing and you will revisit all of the seven steps to some degree, at some stage – some more regularly than others.
Communicating risk management to your organisation is a continual process while you have probably done the bulk of the work in identifying risks in your organisation and just need to ensure your list of risks is accurate and up-do-date.
This, of course, can be achieved through a successful process of monitoring and reviewing your risk management strategy.
While all care has been taken in the preparation of this material, no responsibility is accepted by the author(s), Cornstalk Software P/L or its staff, for any errors, omissions or inaccuracies. The material provided in this document has been prepared to provide general information only.
It is not intended to be relied upon or be a substitute for legal or other professional advice.
No responsibility can be accepted by the author(s) or Cornstalk Software P/L for any known or unknown consequences that may result from reliance on any information provided in this publication
- Analysing Risks In Your Organisation
- Communicating Risk Management To Your Organisation
- Establishing A Context For Risk Management
- Evaluating Risks In Your Organisation
- Identifying Risks In Your Organisation
- How to use bottlenecks in your business to help you write effective standard operating procedures (SOP)
- SOP Software to help you manage your standard operating procedures (SOP)
* Please read our disclaimer before downloading any of our documents