Risk Management

Will Holmes à Court
Will Holmes à Court
Last updated 
Processes for risk management across the organisation

Overview

Introduction
  • Risk management involves identifying and managing risks. These include various risks to HWH's operation, workers, and clients. 
  • Risks are inevitable, but risk management aims to reduce the chance of a client event from happening. If it does happen, risk management helps to reduce its impact. 
  • Benefits of risk management can include:
    • reduced business downtime
    • reduced loss of cash flow
    • reduced injuries or illness to clients and workers
    • increased health and well-being of clients and workers
    • increased innovation, quality and efficiency through continuous improvement.
Identifying risks
Risk is the combination of an event's likelihood (chance) and the consequences (impact) if it does. Risk management aims to increase the likelihood and impact of a desirable outcome as much as possible. Risk identification is the process of finding, recognising and describing risks

Risks
  • Unmanaged risk is the level of risk before any action has been taken to manage it.
  • Managed risk is the level of risk remaining after considering the effectiveness of current controls (e.g., training, management plans, or using personal protective equipment). It is the level of risk remaining after plans have been put in place and followed. 
Risk tolerance
Risk tolerance is an informed decision to accept a particular risk, with or without risk treatment, to achieve a goal.

Risk analysis
  • Risk analysis is understanding the nature, sources and causes of risks to determine the degree of risk. 
  • The degree and consequences of risk together inform risk evaluation and decisions about risk treatment.
Risk assessment
Risk assessment is the overall risk identification, analysis, and evaluation process.

Risk evaluation
Risk evaluation is the process of determining whether the risk is tolerable or whether it requires risk treatment.

Risk treatment
Risk treatment is the measures taken to change the level of risk. Possible treatment responses include:
  • avoiding the risk
  • removing the risk source
  • making decisions or taking actions that change the likelihood and, or the consequences
  • sharing the risk with another party
  • tolerating the risk by informed decision.
Applies to all
  • parts of the service
  • HWH representatives, including key managers, principals and home support workers
Related Items
  • NDIS (Provider Registration and Practice Standards) Rules 2-18 (Cth)
  • NDIS - Risk Management Rules 2013 (Cth)
  • Home visit safety checklist
  • Medication risk mitigation form
  • Client Risk Assessment
  • Risk Management Plan
  • Risks Register

Process

Risk matrix
A risk matrix is used during risk assessment to define the level of risk by considering the category of likelihood against the category of consequences. It aids in increasing the visibility of risks and assists management decision-making.
image.png 135 KB View full-size Download


Consequence ratings for client risks

The steps to manage risks for clients are:
  • identify risks—identify risks specific to each client
  • assess risks—understand how likely it is to happen and how bad it could be
  • control risks—implement appropriate lifestyle plans to lessen the likelihood and, or the amount of harm
  • review control measures—check and ensure risks are under control and there are no new risks.
    image.png 57.4 KB View full-size Download
Risks for clients must be managed:
  • with a risk assessment as part of a periodically reviewed individual support plan
  • during a transition from one service provider to another

Consequence ratings for organisational risks

In an organisation, persons conducting a business or undertaking:
  • are required by law to manage WHS risks
  • are required by law to minimise the risks of breaches of privacy.
The steps to manage risks in HWH:
  • Identify risks - find out what could cause harm
  • Assess risks - understand the nature of the harm that the risk could cause, how serious the harm could be and the likelihood of it happening.
  • Control risks - implement the most effective control measures reasonably practicable in the circumstances
  • Review control measures - ensuring control measures are working as planned and there are no new risks.
The following table provides example consequence ratings for organisational risks:
Extreme Risks 69 KB View full-size Download
Major Risks 45.9 KB View full-size Download
Moderate Risks 35.5 KB View full-size Download

Minor Risks 32.3 KB View full-size Download
Insignificant Risks 29.4 KB View full-size Download
* Financial impact consequence ratings, litigation costs and fines may differ depending on our size and turnover at the time. 

Responsibilities of key managers
In the context of our policy, key managers include all of HWH's key managers, including principals.

Key managers are ultimately responsible for setting all risk management appetites in HWH. Their responsibilities are to:
  • set overall risk management strategy
  • understand the scope of risks faced by us
  • ensure robust oversight of risk at senior management levels
  • promote a risk-focused culture
  • promote open communications 
  • assign clear lines of accountability and encourage a practical risk management framework.
Key managers must also ensure that risk management policies and processes are implemented and followed across HWH.

Responsibilities of risk manager
If appropriate, key management personnel may assign a risk manager or a risk management committee to assume the responsibilities described.

The responsibilities of a risk manager/risk management committee:
  • Form an overall risk management strategy
  • Identify and prioritise risks across the organisation
  • Make risk management recommendations to key management personnel/board of directors/management committee.
Responsibilities of workers
All workers should:
  • Follow client risk management plans
  • support clients to communicate and self-advocate if the client requests or requires support
  • assist the client, if they request or require support, in maintaining a risk management plan as safety needs change
  • inform the team of any changes to a client's safety needs
  • seek support from key management personnel to manage risk, if required
  • collaborate with relevant parties when concerns about risk management escalate to key managers
  • be actively engaged during supervision and team meetings to work through risk management issues
  • have a basic understanding of Aged Care and NDIS Quality and Safeguarding Frameworks
  • have a basic understanding of relevant WHS policies.