Policy Statement

• reduced business downtime
• reduced loss of cash flow
• reduced injuries or illness to clients and workers
• increased health and well-being of clients and workers
• increased innovation, quality and efficiency through continuous improvement.

• Implements a structured and documented risk management approach.
• Identifies, analyses, and treats risks in line with established procedures.
• Applies controls to minimise loss and reduce associated costs;
• Embeds risk management as a continuous monitoring, review, and improvement process.

• This policy is supported by a comprehensive Work Health and Safety (WHS) management system as part of HWH broader governance framework.

Scope

• All HWH representatives. (office-based team members, home support workers, contractors and volunteers)

Definitions

• Unmanaged risk is the level of risk before any action has been taken to manage it.
• Managed risk is the level of risk remaining after considering the effectiveness of current controls (e.g., training, management plans, or using personal protective equipment). It is the level of risk remaining after plans have been put in place and followed. 

• Risk analysis is understanding the nature, sources and causes of risks to determine the degree of risk. 
• The degree and consequences of risk together inform risk evaluation and decisions about risk treatment.

• Avoiding the risk
• Removing the risk source
• Making decisions or taking actions that change the likelihood and/or the consequences
• Sharing the risk with another party
• Tolerating the risk by informed decision.

Policy

• Funding instability from donors or funding bodies
• Reputational damage due to mismanagement
• Leadership capability gaps affecting business operations

• Liquidity risk – insufficient funds to meet obligations
• Interest rate risk – reliance on borrowed funds or interest income
• Credit risk – exposure from selling on credit
• Competitive risk – loss of market share
• Market and economic risk – changes in trends or economic downturns
• Owner/partner exit – due to death or incapacity

• Validated clinical assessments must be completed at the commencement of the client services, to uncover potential risks
• Existing clients must have clinical assessments reviewed at least every 12 months, or sooner if needs change.
• Client risk management plans should be reviewed quarterly, or more frequently if required.

• unregistered and/or uninsured company vehicles
• fulfilling reporting requirements to comply with legislation or funding agreements
• key managers operating outside their authority
• activities that are outside HWH's constitution.

• a robust compliance culture
• internal controls in areas of compliance
• regular internal audits in areas of compliance.

• unplanned exit or retirement of HWH's key managers
• not having workers with the required knowledge and skills
• industrial action and disputes or absenteeism
• lack of diversity (gender, race, age, ability)
• recruitment of workers and their retention or dismissal.

• a robust leadership, a positive culture, and a values framework
• succession planning for key roles
• documenting critical information and key processes so others can continue to run the service
• comprehensive training program for new workers
• training workers so that more than one person knows how to perform each task
• a supervision and mentoring program for workers.

• cause harm to another person
• cause damage to equipment, infrastructure or the event site or
• harm the future of the event organiser.

• A risk assessment of the event site—including existing risks, risks caused by inclement weather, and risks from bodies of water
• A risk assessment of the event, including all proposed activities, e.g. rides, vehicles and security
• A risk assessment of all external risks, such as an evacuation—if so, are there any guests that may have higher risks?

• starting a new business or purchasing a business
• changing work practices, processes or work equipment
• purchasing new or used equipment or using new substances
• planning to improve productivity or reduce costs
• responding to workplace incidents (even if they have caused no injury)
• responding to concerns raised by workers or others at the workplace
• required by the WHS regulations for specific purposes.

• physical work environment
• equipment, materials and substances used
• work tasks and how they are performed
• work design and management.

• Manual handling—when lifting or moving objects or people
• gravity—fallen objects, falls, slips and trips of people
• electricity—shock, fire, burns or electrocution
• machinery and equipment—hit by a moving vehicle or caught by moving parts of machinery
• hazardous chemicals—chemicals, dust
• extreme temperatures—heat stroke, burns, fatigue, hypothermia
• noise—permanent hearing loss
• radiation—microwaves, lasers
• biological—infection, allergies
• psychosocial hazards—stress, bullying, violence, fatigue.

• workplace inspections
• consulting workers
• training workers to report hazards and risks
• reviewing incident reports and complaint registers.

• if there is uncertainty about how a hazard may cause an injury or illness
• the work involves many different hazards, and it is unclear how these hazards may interact to produce new or greater risks
• changes in the workplace that may impact control measures.

• elimination—where possible, a WHS risk should be eliminated
• substitution—replacement with less hazardous options
• isolation—if elimination or substitution is not possible, isolate the hazard so workers cannot come into contact with it
• Control—where elimination, substitution or isolation is impossible, controls such as safe work practices and personal protective equipment.

• Internal fraud—fraud that is carried out within HWH, such as when workers: 
  • steal money or assets that belong to HWH 
  • steal cash donations that belong to HWH 
  • claim non-existent, excessive or purchase orders to obtain payment for goods and services that are not supplied 
  • submit false applications for grants or other benefits 
  • create non-existent beneficiaries or employees to direct unauthorised payments 
• External fraud—scams and fraud initiated externally from HWH, such as when an external actor: 
  • submits false invoices to the HWH
  • steals identities to obtain credit card or bank account details 
  • uses a charity's name to obtain funds fraudulently, e.g. a fraudulent fundraising appeal 
  • makes phone calls or sends text messages or emails, which pose as another organisation to obtain funds fraudulently.

• having a strong ethical culture with clear commitments to integrity and ethical values
• strategies to protect the organisation from fraud rather than just accepting the risk.

• prevention—controls designed to reduce the risk
• detection—controls designed to uncover risk when it occurs
• response—controls designed to facilitate corrective action and harm minimisation.

• fraud risk assessments
• conflict of interest policy
• strong internal controls
• screening for new workers
• effective supervisory processes
• due diligence checks on suppliers and contractors
• worker training to increase awareness of ethics and risk management strategies
• support programs for workers
• independent audits.

• continuous internal monitoring and auditing of processes
• allocation of resources for fraud detection
• fraud detection software to provide real-time data monitoring and analysis
• mechanisms to report fraud while protecting the whistleblower
• unannounced financial and asset audits
• fraud testing.

• Ensuring there are alternative people within the organisation to take on roles when the accountable person is away. HWH has an RACI matrix for these situations

Related Items

• NDIS (Provider Registration and Practice Standards) Rules 2-18 (Cth)
• NDIS - Risk Management Rules 2013 (Cth)
• Home visit safety checklist
• Medication risk mitigation form
• Client Risk Assessment
• Risk Management Plan
• Risks Register
• Financial Risk Register