Leadership and Management in Managing Business Risk
Business risk is the possibility of loss or failure due to internal or external factors that affect the performance or sustainability of an organization. Business risk can arise from various sources, such as market changes, technological disruptions, regulatory compliance, operational inefficiencies, human errors, natural disasters, cyberattacks and more. Managing business risk effectively is a key responsibility of leaders and managers, as it can impact the strategic objectives, reputation and value of the organization.
In this blog post, we will explore some of the best practices and tips for leaders and managers to manage business risk in a proactive, systematic and integrated way. We will also provide some examples and data from recent studies and reports to illustrate the benefits and challenges of risk management.
Why is Risk Management Important for Leaders and Managers?
Risk management is not only a defensive or reactive process to avoid or minimize losses, but also a strategic and proactive process to identify and exploit opportunities, enhance performance and create value. According to a survey by Forbes Finance Council, some of the benefits of risk management for leaders and managers include:
– Improving decision making and planning by using data and analytics
– Enhancing innovation and creativity by encouraging experimentation and learning from failures
– Increasing resilience and agility by anticipating and adapting to changes
– Strengthening stakeholder trust and confidence by demonstrating transparency and accountability
– Reducing costs and increasing efficiency by optimizing resources and processes
– Protecting reputation and brand image by preventing or mitigating crises
However, risk management also poses some challenges for leaders and managers, such as:
– Balancing risk appetite and tolerance with strategic goals and performance expectations
– Aligning risk culture and behavior with organizational values and vision
– Integrating risk management across functions, levels and locations
– Communicating risk information effectively to different audiences
– Investing in risk management capabilities, tools and systems
How to Manage Business Risk Effectively?
There is no one-size-fits-all approach to manage business risk, as different organizations face different types of risks depending on their industry, size, structure, strategy, culture and environment. However, some of the common elements of an effective risk management framework include:
– Establishing a clear vision, mission and strategy for the organization that defines its purpose, goals, values and direction
– Developing a risk appetite statement that articulates the level and type of risk that the organization is willing to accept or pursue in relation to its strategy
– Identifying and assessing the potential risks that could affect the achievement of the strategic objectives, using various methods such as brainstorming, interviews, surveys, audits, analysis, etc.
– Prioritizing and ranking the risks based on their likelihood and impact, using tools such as risk matrices, heat maps, dashboards, etc.
– Developing and implementing risk responses that aim to avoid, reduce, transfer or accept the risks, using techniques such as contingency planning, mitigation actions, insurance policies, contracts, etc.
– Monitoring and reviewing the risks and responses regularly to ensure that they are relevant, effective and aligned with the changing environment
– Reporting and communicating the risk information to relevant stakeholders such as board members, senior executives, employees, customers,
suppliers, regulators, investors, etc., using formats such as reports,
presentations, newsletters, etc.
Examples of Risk Management in Practice
To illustrate how some organizations have applied risk management principles in practice,
here are some examples from different sectors:
– In 2020, Netflix faced increased competition from new streaming services such as Disney+, Apple TV+ and HBO Max. To manage this market risk,
Netflix invested heavily in producing original content that differentiated its offering from its rivals. It also expanded its global presence by launching in new markets such as India,
Africa and the Middle East. As a result,
Netflix added 37 million new subscribers in 2020,
surpassing its own projections.
– In 2019,
Boeing faced a major operational risk when two of its 737 Max planes crashed within five months,
killing 346 people. The crashes were attributed to a faulty software system that caused the planes to nosedive. To manage this crisis,
Boeing grounded all 737 Max planes worldwide,
halted production,
launched an internal investigation,
cooperated with regulators,
compensated victims’ families,
apologized publicly,
and implemented safety improvements. However,
the damage to Boeing’s reputation,
trust
and financial performance was severe.
– In 2018,
Facebook faced a reputational risk when it was revealed that Cambridge Analytica,
a political consulting firm,
had accessed the personal data of 87 million Facebook users without their consent. The data was used to influence the 2016 US presidential election and the Brexit referendum. To manage this scandal,
Facebook admitted its mistake,
fired the responsible employees,
tightened its data privacy policies and controls,
cooperated with authorities,
and launched a campaign to restore user confidence. However,
Facebook also faced legal actions,
fines,
regulatory scrutiny
and public backlash.
Works Cited
– Austin, Michelle. “20 Tips To Help Leaders Effectively Manage Risk And Uncertainty.” Forbes, 12 Sep. 2023, https://www.forbes.com/sites/forbesfinancecouncil/2023/09/12/20-tips-to-help-leaders-effectively-manage-risk-and-uncertainty/. Accessed 18 Sep. 2023.
– Abu-Bakar, Andrew. “The role of leadership in risk management.” APM, 10 Nov. 2020, https://www.apm.org.uk/blog/the-role-of-leadership-in-risk-management/. Accessed 18 Sep. 2023.
– ERM Initiative. “A Risk Manager’s Role in Strategic Leadership.” NC State University, 20 Jan. 2016, https://erm.ncsu.edu/library/article/risk-manager-strategic-leadership. Accessed 18 Sep. 2023.
– Lee, Edmund. “Netflix Reports a Summer Slump in Subscriber Growth.” The New York Times, 20 Oct. 2020, https://www.nytimes.com/2020/10/20/business/media/netflix-earnings-subscribers.html. Accessed 18 Sep. 2023.
– Gates, Dominic et al. “Flawed analysis, failed oversight: How Boeing and FAA certified the suspect 737 MAX flight control system.” The Seattle Times, 17 Mar. 2019, https://www.seattletimes.com/business/boeing-aerospace/failed-certification-faa-missed-safety-issues-in-the-737-max-system-implicated-in-the-lion-air-crash/. Accessed 18 Sep. 2023.
– Cadwalladr, Carole and Graham-Harrison, Emma. “Revealed: 50 million Facebook profiles harvested for Cambridge Analytica in major data breach.” The Guardian, 17 Mar. 2018, https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election. Accessed 18 Sep. 2023.
_______________________________
Sample Assignment:
Case Study:
BSBOPS504 Manage business risk
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 2 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
Copyright 2021
© Australian College of Business Intelligence
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 3 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
Contents
1. Case study introduction ………………………………………………………………………………………..4
2. Greendale Case Study …………………………………………………………………………………………..5
2A. Background…………………………………………………………………………………………………………………………5
2B. Site visit – New Port Macquarie store (the existing Atwood’s Coffee Place)………………………………..7
2C. Meetings with Senior Management Team and FARM Committee ……………………………………………11
3. Appendix ………………………………………………………………………………………………………….12
3A. Greendale Business plan (excerpt)……………………………………………………………………………………….13
3B. Greendale Risk management policy ……………………………………………………………………………………..14
3C. Greendale Risk Management Framework……………………………………………………………………………..16
3D. Greendale Risk management strategy ………………………………………………………………………………….21
3E. Implementation results ………………………………………………………………………………………………………23
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 4 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
1. Case study introduction
1A. Using this case study
To enable you to complete your assessment for unit BSBOPS504 Manage business risk, a case study on
Greendale has been provided. For further details, please read the information below.
PLEASE NOTE: Greendale is a fictional company invented for the purpose of this assessment.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 5 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
2. Greendale Case Study
2A. Background
As part of their overall strategy in the Australian beverage market, Greendale Pty Ltd have developed a
chain of cafés in the Central Business District (CBD) of Brisbane, Queensland and the CBD of Sydney,
NSW. The Board of Directors has made the decision to expand their operations in New South Wales with
the purchase and re-branding of the existing Atwood’s Coffee Place in Port Macquarie, 380 km north of
Sydney. This café will help to drive revenue and growth for Greendale.
Ash is currently the Helpant Manager of Greendale’s flagship café in Queen Street, Brisbane, and has
been given the opportunity to manage the new store in Port Macquarie. Ash is also a member of the
Finance, Audit and Risk Management (FARM) Committee described in the Greendale Risk Management
Policy.
The CEO for Greendale’s cafés, Elsa Harrington, has given Ash the job of managing the risks involved
with the operational aspects of this takeover. A copy of her email is provided below.
From: CEO – E. Harrington
To: Helpant Manager – Queen Street
Re: New Port Macquarie store
Congratulations on your new appointment. Prior to taking up your position as Manager of
our new Port Macquarie store, located in Ruthven Street, the Board of Directors has asked
that the risks in this project be properly managed.
I want you to take on this task as it will give you important insights into the store’s
operations, it will ensure a smooth transition for Atwood’s Coffee Place staff into the
Greendale family and will encourage you to give ongoing support for our risk management
efforts.
I would like you to approach this task in three stages. After the first stage, we will meet to
review your work and discuss your plans for the following steps. The three stages in this
risk management task will include:
1. Review.
2. Analyse and plan.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 6 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3. Monitor.
Your primary risk management focus is directed to the ongoing operations of the Port
Macquarie café. For this you are to consider any risks that could impact on human
resources management (i.e. work force, staff etc), financial operations, WHS, our supply
chain (supplier) and the local authority and overall compliance (meeting the standards)
issues.
Greendale has agreed to employ all existing staff at Atwood’s Coffee Place on three
months’ probation. The current supervisor of Atwood’s Coffee Place, Tom West, has been
offered the position of 2nd In Charge and he has accepted.
While settlement on the purchase of the business is not for another few weeks, the seller
has agreed to give us full access to the store’s operational processes and store
information. You should communicate weekly with the Finance, Audit and Risk
Management (FARM) Committee here at head office concerning the marketing, finance
and store management functions that you are looking into. I will set up a regular meeting
for you.
Head office has a report on a similar growth conducted by the NSW team that may help
you in your research. You may need to review other statistical information and take on
specialists to help you with your investigation. The legal firm Goldsmith Partners are
advising Greendale on the Atwood’s Coffee Place acquisition and would be available to
help you with legal or any compliance issues.
The owner of the shop in Port Macquarie, Stuart Gardner, is also a local councillor and has
offered his Helpance in getting established in Port Macquarie. He has offered his
availability for email address for correspondence (communication, messages).
Regards
E. Harrington
CEO Greendale Cafés
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 7 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
2B. Site visit – New Port Macquarie store (the existing Atwood’s
Coffee Place)
You received permission from Elsa to travel to the Port Macquarie store to start your research. Elsa had
cleared it with Tom West, the current senior supervisor, who will spend most of the day with you
helping answer your queries/inquiries. She also arranged for you to spend time with Stuart Gardner, the
store’s landlord.
2B.i. Meeting with Tom West
You arrived at the café and noted the two hours of drive time that it took to get there from the CBD of
Brisbane. You met with Tom, who took you through a complete overview/update of the store and the
surrounding area. He was OK with the idea that you needed to take notes in preparation for a report.
After lunch, you went over your meeting notes to review and ensure you had noted all key important
concerns and events:
Notes from meeting with Tom West
● The location of the store on the corner of the two main streets of the city makes for
easy access for local customers and high visibility for tourists.
● The long drive from Port Macquarie to Brisbane would make attending the weekly
managers meeting difficult considering many meetings did not finish until into the
evening after refreshments. There are also manager training sessions that need to
be completed over the next six months in with a few other Helpant managers.
Going through the steep narrow climb up the range with trucks blocking the way is
quite difficult even in daylight hours. Being a good driver, you feel that it would be
unlikely that you would be involved in an accident, but it still worries you quite a bit.
● The two-hour delivery time would make fresh pastry deliveries from the company’s
central bakery plant unrealistic. The pastries would arrive after the morning rush.
These are a key part of the Greendale product assortment/variety.
● There is also a concern about getting the company-branded supplies through as
quickly as a CBD Brisbane store could.
● Atwood’s Coffee Place was a family-run store and some family members were
employed on the staff. Tom was engaged/working by the family to
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 8 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
supervise/manage the operations of the store and Mr Atwood as manager would
authorise wages but anyone can authorise deliveries.
● When asked about written policy and procedures manual, Tom said that Mr Atwood
set the policy and procedures verbally/in words and on the few days each week he
was in the store he would show the staff how to do things the way he wanted them
done.
● Water use – Water wastage present; the dishwasher is often run when only half full;
fruit and vegetables are washed under a fast-running tap; toilets all use the single
flush system; Tom explained that Mr Atwood instructed the staff to keep the nonnative/not grown locally in the country flowering plants in the courtyard fully
watered.
○ The dishwasher was always set to the full wash setting and has a Water
Efficiency Labelling and Standards Scheme (WELS) rating of 3. The more water
efficient 5–6 star dishwashers cost about $6,000 and above.
○ Dual-flush system1
would cost about $7,500 to upgrade.
The store currently uses 41,500 litres a week.
● Tom spoke about the café attracting a large percentage of retirees because of the
easy access to buses and the store’s central location.
● The same staff member that completed the cash register balancing also completed
the bank deposit form and did the banking as well. The banking was not done every
day and often $4,000 was kept on the premises overnight in the cash register. There
was no safe. There is a bank two shops away but the Atwood family bank is a couple
of blocks away and there was not always time to do the banking.
● Tom replied to your question about the possibility of break-ins, saying that there
was a 50% chance of it happening in a year and the consequence/importance was
moderate/reasonable.
● Not all takings from the cash register by family staff members were recorded.
1 Dual Flush System – A dual-flush toilet is a variation of the flush toilet that uses two buttons or handles to flush different levels of water
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 9 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
● The fit-out looked old and unattractive in parts, with some chairs unstable and
broken and some parts of the worn carpet were simply taped over with gaffer 2
tape.
● One of the staff was a qualified chef who had developed a new and popular range
of rice wraps that were tasty, gourmet (very high quality-desirable) and healthy.
None of the other cafés in the area offered these.
● No established/well known process for dealing with injuries that happened at work.
● Tom gave a brochure about an innovative/new frozen par-bake 3
cooking system
that was under the limit set by council for an exhaust system, yet it cooked fresh
bakery items in 30 minutes from frozen par-baked pastries.
● The computer with all the store’s employee details, and financial records was not
password protected and anyone could access the information.
● Tom’s response to your question about the lack of sales promotion techniques was
that he could not get the staff interested in the activities so he stopped trying to
make them happen.
● The employee detail form requested information about the employee’s entire past
health issues.
● The wage and superannuation records seemed to be incomplete, with many
calculations being worked out by the number of hours worked multiplied by a set ‘in
the hand’ amount.
● Tom also provided a brochure about a company that could come and set up WiFi in
the café so that customers could use their computer notebooks and connect to the
internet while they were dining in the café.
2 Gaffer tape – strong cloth-backed waterproof adhesive tape
3 Par-baking – is a cooking technique in which a bread or dough product is partially baked and then rapidly frozen for storage. The raw dough is
baked normally, but halted at about 80% of the normal cooking time, when it is rapidly cooled and frozen
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 10 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
2B.ii Meeting with Stuart Gardner
You met with Stuart Gardner in his office to discuss the café, council by-laws and aspects/sides
concerning the surrounding district. You took notes that included the following information.
Notes from meeting with Stuart Gardner
● Stuart explained that there were opportunities for opening more cafés in the
surrounding shopping centres like Wilsonton, Clifford Gardens and K-Mart Plaza.
● Stuart handed you an extract from a government report, ‘Economic Brief’.
● Stuart explained that the federal government was now introducing legislation
(government rules) that backs up the local by-law 4
concerning efficient water
usage, particularly by industries. The current by-law has fines of up to $50,000 for
excessive water breaches/breaks- penalties. Stuart did explain that the council was
allowing some time to ‘make good’ under certain circumstances on a case-by-case
basis. Stuart also agreed with the idea of installing a water tank in the courtyard for
the café to use and would help get it built.
● Stuart explained that Port Macquarie was obviously a place for retirees and the
population was growing.
● Stuart spoke about the federal government’s National Broadband Network being
rolled out in Port Macquarie, which would allow efficient and effective video
streaming and teleconferencing.
● Stuart spoke about a current by-law that is due for implementation/ putting into
place – on the first of next month, which will allow cafés to expand their footpath
dining and so put more tables and chairs outside their premises.
● Stuart also spoke of the fact that representatives/agents of a large international
chain of coffee shops had been making enquiries around town about opening a
store in the Port Macquarie CBD.
4 By-Laws : a regulation made by a local authority or corporation
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 11 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
2C. Meetings with Senior Management Team and Finance, Audit
and Risk Management (FARM) Committee
Soon after you returned from your research trip to the Port Macquarie store, you attended two
teleconferences.
2C.i First teleconference
First, you met with the senior management team. At this teleconference, you discussed issues raised by
Tom West and Stuart Gardner and the report on previous NSW expansion, which head office had given
you: Report into the acquisition and re-branding of the NSW expansion store. Elsa said that there may be
some things to learn from the NSW experience.
Key problems identified in the report were as follows:
1. INTERNAL SYSTEMS: Lack of internal controls, particularly over cash handling, monitoring and
recording.
2. COMPLIANCE: Failure to meet compliance standards in WHS, privacy and industrial relations law.
3. POLICY: Lack of written policy and procedures to guide staff in carrying out their duties.
4. BUSINESS CULTURE: Lack of a professional business culture5
in the family run business.
5. Failure of the business to monitor the external environment/outside affairs and find opportunities
and threats to the business.
The team agreed that similar issues would pose a risk to the Port Macquarie expansion.
2C.ii Second teleconference
You then held a teleconference with the FARM Committee. At the teleconference, you relayed the
concerns of the senior management team. The FARM Committee decided to allow you time to complete
your review and then would include discussion of your review in the monthly Board of Directors
meeting.
5 Business Culture – the way a business or professional organisaiton operates with a sense of business formalities.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 12 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3. Appendix
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 13 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3A. Greendale Business plan (excerpt)
Mission
Greendale Cafés serve competitively priced, high quality coffee and gourmet food in a safe and
comfortable café-style environment. Our friendly, well-trained staff provide superior customer service.
Vision
Greendale aims to deliver our valued customers the very best café-going experience. In three years, the
business will have established a presence across the Queensland and NSW, with the opening of
additional cafés.
Values
● Customer-focus
● Safety
● Teamwork
● Performance excellence.
Strategic directions
The strategic context in which Greendale will achieve its mission and vision is through:
● Engaging/dealing with customers and customer research
● Developing and improving products and quality
● Expansion of operations across Queensland and NSW
● Creating a high-performing organisation.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 14 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3B. Greendale Risk management policy
3B.i Introduction
Greendale recognises that risk management is an essential component of good management practice
and is committed to making sure the setting up of risk management processes that focuses on the
proactive management of risks across the organisation.
This risk management policy forms part of Greendale’s internal controls (systems in the company) and
corporate governance6
(how the company is managed and run) arrangements. The risk management
policy is designed to:
• Identify, evaluate, control and manage risks
• Ensure possible threats and opportunities are identified and managed
• Inform directors, senior management and staff members about their roles, responsibilities
and reporting procedures with regards to risk management i.e. (what the responsibilities
senior management have when issues of risk management happen)
• Ensure risk management is an essential part of planning at all levels of the organisation.
3B.ii Policy
Greendale is committed to achieving its vision, business objectives and quality objectives by the
proactive management of risk at all levels of the organisation.
Greendale will identify, evaluate, control and manage risk throughout the organisation in accordance
with the ‘Greendale Risk Management Framework’. See risk management strategy for details.
3B.iii Responsibility and Authority
Directors, management and employees of Greendale have responsibility for implementing aspects of
this policy.
Role of the Directors
The Directors have an authority responsibility in the management of risk. This includes:
● determining which types of risk are acceptable and which are not
● setting the standards and expectations of staff with respect to behaviour
6 Corporate governance – broadly refers to the mechanisms, processes and relations by which corporations are controlled and directed.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 15 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
● approving major decisions affecting Greendale’s risk profile or dangers- i.e financial or business
hazards
● monitoring the management of significant risks to reduce the likelihood of potential
organisational risks and threats or failure
● being satisfied that risks are being positively managed, with the correct controls in place and
working effectively
● annual review of Greendale’s approach to risk management and approval of changes or
improvements to important items of its processes and procedures.
Role of the Senior Management Team and Store Managers
Key roles of the senior management team are to:
● Putting together policies on risk management and internal control where this is seems
appropriate
● Identifying and evaluating areas of significant risks possibly faced by Greendale for consideration
by the Directors
● Identify areas where risk management is not properly looked at and advise the Directors
accordingly
● review and update the Risk Management Strategy
● undertake an annual review of the effectiveness of systems of internal control and provide an
annual report to the Directors, including a summary review and respective recommendations (i.e
update the Directors on how well the internal systems are working or not).
Role of Café Employees
Key roles of employees are to:
● Making themselves aware of the content of the Risk Management Policy and clarifying any parts
of it with a senior team member as necessary
● Consider any risks they feel could impact on them meeting their aims and either manage the risk
if it is in their control to do so, or inform a management team member of their concerns
● advise senior management, in the first instance, or the Board of Directors, if concerned about any
scam or unethical behaviour.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 16 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3C. Greendale Risk Management Framework
This framework covers a number of items that together provide an effective and efficient operation,
enabling Greendale to respond to many of operational, financial, commercial and strategic risks. These
items include:
● policies and procedures
● monthly reporting
● business planning and budgeting
● risk management review
● external audit.
Policies and procedures
A number of policies support the internal control process. These policies are supported by the directors
and are put together and communicated by the senior management team to all staff. These policies
include:
● Human Resources Policies:
○ Staff Travel Policy
○ Harassment Policy
○ WHS Policy
○ Return to Work Policy
○ Work–Life Balance Policy
○ Diversity Policy
○ Parental Leave Policy
○ Organisational Culture Policy – how the company operates professionally
● Financial Policies:
○ Bad Debt Policy
○ Cash Reserving Policy
○ Revenue Recognition Policy
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 17 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
○ Finance, Audit and Risk Management (FARM) Committee Terms of Reference, including
delegations
● Corporate Governance Policies:
○ Board protocol and practices
○ Sitting Fees7 policy
○ Directors salary policy.
Monthly reporting
Decisions to fix problems are made at regular meetings of the senior management team.
Comprehensive reporting at Board and Sub-committee meetings is designed to monitor important risks
and their controls.
Business planning and budgeting
The business planning and budgeting process is used to set objectives, agree on action plans, and
allocate resources. Progress towards meeting business plan objectives is monitored regularly by the
senior management team and by Directors at Board meetings.
Risk management review
The Finance, Audit and Risk Management (FARM) Committee is required to report at Board meetings on
internal controls. The FARM Committee pays particular attention to risk management. It is the CEO’s
responsibility to brief the Directors periodically and as appropriate on the development of policies and
procedures to ensure effective and efficient operations, risk management strategies and
implementation. In addition, the FARM Committee oversees internal audit, external audit and
management as required in its review of internal controls. The committee is therefore well placed to
provide advice to the Board on the effectiveness of the internal control system, including Greendale’s
strategy for the management of risk.
External audit
The final audit of financial statements is controlled by an external chartered accountant8 who provides
feedback to the Board through the FARM Committee.
7 Sitting Fees – is a fee paid for being part of a meeting and contributing to the meeting without having any company ownership – it’s a fee
payable on a periodic basis throughout each year. The sitting fees covers all formal meetings, regardless of their duration, of the prescribed
authority, including any preparation time and travel associated with the meetings
8 Chartered Accountant – The title is an internationally recognised professional designation. Chartered accountants work in all fields of business
and finance, including audit, taxation, financial and general management.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 18 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3C.i Procedure: Development of a Risk Management Profile
The following outlines the process for developing a risk management profile.
1. Establish the context:
● Define and identify the location, features and stakeholders (interested parties, people, workers
etc), their goals and objectives, and the area of the specific risk management process.
● Develop conditions against which risks are reviewed and identify the arrangement for risk
management.
2. Identify and describe risks:
● Risks are best identified through a collaborative approach involving a number of stakeholders.
● All possible risks must be considered. Ensure any confirmations are identified as problems and
addressed in the risk management profile.
3. Conduct current risk analysis:
● An analysis of the risks is conducted to determine their causes and estimate their probability and
results. This analysis provides the basis for working on the ‘right’ risks.
4. Conduct risk Assessment:
● Risks are considered and prioritised according to their potential impact and each risk is
assessed/evaluated to determine its level of acceptability.
5. Develop and implement proposed risk treatments:
● Risk treatments are developed to cost-effectively reduce, contain and control risk.
● Formal risk management reporting mechanisms are defined and documented.
● Categorise the risk likelihood.
6. Monitor, report, update and manage risks:
● As risks change constantly, the risk profile is continuously monitored, reviewed and updated by
management. New risks may be identified as more information becomes available and existing
risks may be eliminated through the effectiveness of the risk treatments.
● Identified risks, and monitoring and management activities should be recorded and stored as
follows:
○ risks identified through regular audit should be recorded on the Risk Audit Log
○ risk management activities should be recorded on the Risk Management Register.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 19 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3C.ii. Greendale’s Risk Areas
The following are four broad areas where potential for risk to Greendale has been identified. Under each
area, examples of possible risks are detailed.
Operational:
● legal and regulatory compliance
● technology
● insurance
● resources: human, physical
● logistics 9
● marketing
● product quality
● communications
● infrastructure, plant and equipment
● customer interaction
● market needs.
Financial:
● accountability
● fraud or theft
● capital investment 10
● interest rates
9
Logistics – the planning and control of the flow of goods and materials through an organization or manufacturing process
10 Capital Investment – Funds invested in a firm or enterprise for the purposes of furthering its business objectives
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 20 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
● loss of income or funding.
Governance:
● conduct of Board of Directors
● conflict of interest 11
.
Project management:
● procedures and tools for project management
● stakeholders – strength of relationships, and conflicts of interest
● human resources (i.e staff, personnel)
● financial resources.
11 Conflict of interest – a conflict between the public and private interests of somebody in an official position
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 21 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3D. Greendale Risk management strategy
Introduction
Greendale recognises that risk management is an essential part of good management practice and is
committed to the positive management of risks across the organisation. The strategy is designed to:
● Identify, review, control and manage risks
● Ensure potential threats and opportunities are identified and managed
● Inform directors, senior management and staff members about their roles, responsibilities and
reporting procedures with regards to risk management
● Ensure risk management is an integral/important part of planning at all levels of the organisation.
Guiding Principles
● Greendale is committed to achieving its vision, business objectives and quality objectives by the
proactive management of risk at all levels of the organisation, acknowledging that
embracing/taking on innovative/new ideas and practices carries with it risks, but that these are
identifiable/known and measurable/can be calculated and therefore capable of being subject to
realistic risk mitigation/minimisation processes.
Responsibility and Authority
● The Board of Directors have responsibility for ensuring that risk management is in place.
● The Finance, Audit and Risk Management (FARM) Committee has the responsibility of reviewing
the Risk Management Action Plan on a six-monthly basis.
● The CEO and the senior management team have responsibility for managing risk and advising the
Board on appropriate controls.
● The CEO and the senior management team support and implement policies approved by the
directors.
● Key risk indicators 12 will be identified, closely monitored and action taken where necessary, by
the staff and directors.
12 Key Risk Indicator (KRI) – A Key Risk Indicator, also known as a KRI, is a measure used in management to indicate how risky an activity is.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 22 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
Greendale Risk Management Framework
This framework encompasses a number of elements that together facilitate an effective and efficient
operation, enabling Greendale to respond to a variety of operational, financial, commercial and strategic
risks. These elements include:
● Policies and procedures: A series of policies strengthen the internal control process.
● Reporting: Decisions to fix problems are made at regular meetings of the senior management
team.
● Business planning and budgeting: The business planning and budgeting process is used to set
objectives, agree on action plans and allocate resources. Progress towards meeting business plan
objectives is monitored regularly by the senior management team and by directors at Board
meetings. Contingency planning is undertaken as required.
● Risk management review: The FARM Committee is required to report at Board meetings on
internal controls.
● CEO: The CEO has responsibility to brief the Directors periodically (after some time regularly) and
as appropriate on the development of policies and procedures to ensure effective and efficient
operations, risk management strategies and implementation.
● External audit: The final audit of financial statements is controlled by an external chartered
accountant who provides feedback to the Board through the FARM Committee.
Definitions
Risks are identified on a scale of the possibility of happening in the next 12 months and assigning a
consequence to the risk as high, medium or low. High includes important impacts to how the business
functions. Low indicates minor reductions in business performance.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 23 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
3E. Implementation results
It has now been six months since you delivered your risk management action plan.
In accordance with the action plan, an external audit was completed and has been presented to the
Greendale Board. The audit investigated the status of the planned actions on the risks identified.
3E.i. A summary of the findings
• The financial controller had taken out $5,000 on insurance cover for cash held on the premises
overnight from the launch week as planned.
• The company bank account that was planned to be opened in the first week was actually
opened about four weeks after the café’s launch at the bank two doors down the street. As it is
not Greendale’s regular bank, there are difficulties with getting the same level of service that
Greendale stores receive in Brisbane.
• The teleconferencing system, planned for six months after launch, has not yet been installed,
due in part to the delay in the rollout of the federal government’s National Broadband Network.
• The weekly management meetings are finishing close to 3.00 pm as planned but sometimes the custom dissertation writing service.
manager has to stay on at the request of the head office team. The manager has not yet been
issued with an excusal letter by the CEO as agreed, and feels that they do not have the authority
to just walk out at 3.00 pm.
• The Helpant manager training has been shifted to the mornings, allowing the manager to leave
before 1.00 pm as planned.
• The Board of Directors and CEO included a new policy regarding compliance with the Port
Macquarie by-law on water conservation as planned, but the specific procedure has not yet
been written. However, it appears that compliance is being achieved.
• The plants have been changed to natives that require minimal water as planned. The installation
of dual-flush toilets was planned for completion six months after settlement, and although the
dual-flush toilets have been ordered and are in stock, they cannot be installed due to the
backlog of work by district plumbers. The five-star rated (WELS) dishwasher was installed by the
supplier within the six-month timetable as planned.
BSB50420 Diploma of Leadership and Management
Case Study: BSBOPS504 Manage business risk
Case Study Information: BSBRSK501 Version: v21.0 Page 24 of 24
Developed by: ACBI Approved by: DoS Issued: June 2021 Review: June 2021
• The application to ‘make good’ by Goldsmith Partners on behalf of Greendale was accepted by
the Port Macquarie City Council; however, the grace period to comply with by-law ends in 14
days and the store is still above the acceptable benchmark for water use.
• The training on daily banking appears to have been successfully completed as planned. An audit
of the bank deposit book shows that there is no banking entry for the day’s sales on only two
occasions in the past six months.
• There has been one internal audit arranged by the store and, as planned, there should have
been a call every two months. The store manager cites the distance that auditors have to travel
and their overloaded work with the Brisbane stores as the reason for this infrequency.
• Although the training on the water-saving processes, as directed by the policy, has been verbally
explained and followed, the written procedure has not been completed as the Helpant
manager claims to be too busy.
• A water tank had been built into the courtyard, but the plumbing has not yet been connected.
There is a weekly water-usage monitor in the staff room as planned but the information has not
been updated for the past three weeks.
• All the original staff members are wearing the Greendale uniform. However, these original
employees are now responsible for directly supervising new employees. The original staff
members are not explaining the uniform requirements to new employees and are not delivering
any warnings for uniform non-compliance. As a result, there has been an increase in uniform
non-compliance.