NatureCare Products

Risk Management Policy and Procedures

Purpose
To provide information and guidance on Risk Management.

Scope
This Policy applies to all NatureCare Products employees. The policy extends to all current and future
activities, and new opportunities.

Recognition
NatureCare Products recognises the need for risk management to feature as a consideration in strategic
and operational planning, day-to-day management and decision making at all levels of the organisation.

Principles
The following principles form the foundation of the NatureCare Products Risk Management Policy and
Procedures.

A commitment to implement risk management effectively

NatureCare Products is committed to managing and minimising risk. This will be done by identifying,
analysing, evaluating and treating risk exposure that may impact on NatureCare Products achieving its
objectives and/or the continued efficiency and effectiveness of its operations.
NatureCare Products will incorporate risk management into its planning and decision-making
processes and it must also be included as a consideration in operational planning as a delegated line
management responsibility.
NatureCare Products staff must implement risk management according to relevant legislative
requirements and appropriate risk management standards.

A commitment to training and knowledge development in the area of risk management

NatureCare Products is committed to ensuring that all staff, particularly those with management,
advisory and decision-making responsibilities, obtain a sound understanding of the principles of risk
management and the requisite skills to implement risk management effectively.

A commitment to monitor performance and review progress in risk management:

NatureCare Products will regularly monitor and review the progress being made in developing an
appropriate culture of risk management and the effective implementation of risk management
strategies throughout the organisation as a basis for continuous improvement.
Responsibilities

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 1
 Risk must, first and foremost, be managed at the corporate level as part of the NatureCare Products good
governance and corporate management processes. Risk management is considered an integral part of all
management and decision-making functions within NatureCare Products. The responsibility for the
identification of risk and the implementation of control strategies and follow up remains a delegated line
management responsibility.
All stakeholders have a significant role in the management of risk. This role may range from initially
identifying and reporting risks associated with their own jobs to participation in the risk management
process.

Objectives
a) NatureCare Products aims to:
 integrate risk management into the management culture of NatureCare Products
 foster an environment where staff assume responsibility for managing risks.

b) To secure its commitment to implement risk management effectively, NatureCare Products aims to:
 implement risk management across all aspects of NatureCare Products in accordance with
best practice guidelines.

c) To secure its commitment to training and knowledge development in the area of risk management,
NatureCare Products aims to:
 ensure that performance in risk management is a consideration in the NatureCare Products'
performance management systems.
 ensure that staff and other stakeholders have access to appropriate information. training and
other development opportunities in the area of risk management.

d) To secure its commitment to monitoring performance and reviewing progress, NatureCare Products
aims to:
 ensure that appropriate monitoring, review and reporting processes are in place in the area of
risk management.

e) The objectives of risk management are to:

 provide a structured basis for strategic, tactical and operational planning across NatureCare
Products, enhancing its governance and corporate management processes;
 enable NatureCare Products to effectively discharge its statutory and legislative financial
management responsibilities;
 provide a practical framework for managers to assess risks inherent in the decisions they take;
 assist and motivate decision makers, at all levels, to make good and proactive management
decisions that do not expose NatureCare Products to unacceptable levels of risk of
unfavourable events occurring which adversely impact on the attainment of organisational
goals
 encourage and commit decision makers to identify sound business opportunities that will
benefit NatureCare Products without exposing the company to unacceptable levels of risk;
 minimise the risks of not identifying sound business opportunities
 protect NatureCare Products from unacceptable costs or losses associated with its operations,
while safeguarding its resources: its people, finance, property and reputation
 assist NatureCare Products in achieving its strategic objectives
 create an environment where all staff assume responsibility for risk management

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 2
 Principles
The principles of risk management shall be applied to all areas of risk exposure, insurable and non-
insurable, and shall include, but not be limited to the following areas:

Insurable Risks Non-Insurable Risks

 Non-insurable workplace health and safety

risks
 Insurable workplace health and safety risks  Non-insurable fraud and corruption
 Insurable fraud and corruption prevention prevention activities
activities  Unauthorised use of resources which
 Unauthorised use of resources which represent a non-insurable risk
represent an insurable risk  Reputation and image as a non-insurable
 Reputation and image as an insurable risk risk
 Fire prevention measures and security  Crisis contingency planning and disaster
precautions recovery
 Property loss and damage  Accounting controls that are not cost
 Computer security effective
 Professional negligence  Loss of key staff and intellectual property
 Other liability exposures  Management system inadequacies and
 Legal liability poor work quality
 Failure or disruption of a major income
source or investment

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 3
 Procedures

Corporate
Risk management is a whole of Organisation Process. It must first and foremost be managed at the
corporate level as part of NatureCare Products' good governance and corporate management processes.

This process, coordinated and facilitated by the CEO, will involve the following key steps:
 an annual risk identification exercise undertaken by the CEO. This involves assessment of the
consequence and likelihood of risk, the development and/or review of individual risk management
plans for the risks identified which exceed the NatureCare Products 's defined acceptable risks
 wherever practicable, the inclusion of a Risk Management Assessment for all business activities
 the incorporation of risk management into strategic planning, as well as operational and resource
management planning processes
 ensure risk management processes are incorporated into the quality assurance and improvement
systems of NatureCare Products
 clearly define and document escalation procedures for risk management
 ensure a consistency in approach of responses to the same risk by different sections of NatureCare
Products
 document all risks with a potentially high impact, as assessed on the basis of their likely occurrence
or impact
 test documented risk management procedures at appropriate intervals.

Management
Risk management is a delegated line management responsibility. It is the responsibility of all line managers
to continually monitor their areas of responsibility to ensure that risks are identified and managed. Line
managers should ensure that a contribution is made to NatureCare Products risk management process, on
behalf of their areas of responsibility, that identifies risks at all levels.
The sharing of documented responses to risks and knowledge of risk management principles and
procedures will be fostered between line managers to ensure consistency across the NatureCare Products.
On an annual basis, line managers should review all activities to ensure that any unacceptable risk
exposures are identified and managed at an appropriate level. All operational sections will be required to
report on risk management as part of the NatureCare Products 's annual operational and resource
management process.

Individual
Each employee or other stakeholder throughout NatureCare Products has a role in the risk management
process and is responsible for actively participating in the risk management process as appropriate to their
position within the organisation.

New Opportunities
In addition to the risks that already exist, NatureCare Products is continually exposed to new risks,
particularly from the introduction of new activities.
New risks should be incorporated into the initial planning and assessment processes conducted prior to
undertaking the activity and, subsequently, into the annual risk management assessment at the appropriate
level(s) of activity and management. A risk management plan must then be developed.

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 4
 PESTLE Analysis
To assist in the identification of risks, a PESTLE Analysis should always be conducted. Consider the
following questions to conduct a PESTLE Analysis:

Political Factors: for each factor consider the impact on the company
 When is the country's next election? How could this change government policy?
 What is the current government’s approach to business policy, and on other policies that affect the
organisation?
 Are there any pending legislation, regulations or taxation changes?
 Is there a trend towards regulation or deregulation?
 How does government approach corporate policy, corporate social responsibility, environmental
issues, and customer protection legislation?
 Are there any other political factors that need to be considered?

Economic Factors to Consider: for each factor consider the impact on the company
 Is the economy growing, stagnating, or declining?
 Are key exchange rates stable, or do they tend to vary significantly?
 Are customers' levels of disposable income stable or rising or falling?
 What is the unemployment rate? Will it be easy to build a skilled workforce? Or will it be difficult to
secure a skilled workforce?
 Do consumers and businesses have easy access to credit?
 How is globalisation affecting the economic environment?
 Are there any other economic factors that need to be considered?

Socio-Cultural Factors to Consider: for each factor consider the impact on the company
 What is the population's growth rate and age profile and how is this likely to change?
 Are generational shifts in attitude likely to affect the business operations?
 What are your society's levels of health, education, and social mobility? How are these changing,
and what impact does this have?
 What social attitudes could affect the business? Have there been recent socio-cultural changes that
might affect this?
 How do religious beliefs and lifestyle choices affect the population?
 Are any other socio-cultural factors likely to drive change for the business?

Technological Factors to Consider: for each factor consider the impact on the company
 Are there any new technologies that you could be used within the business to increase efficiency?
 Are there any new technologies on the horizon that could radically affect the business or the
industry as a whole?
 Does technology affect work patterns (for example, levels of remote working) and how?
 Are there any other technological factors that should be considered?

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 5
 Legal Factors to Consider: for each factor consider the impact on the company
 Are there any pending legislation or regulations changes?
 Is there a trend towards increased or decreased regulation?
 How does government approach customer protection legislation?
 What is the climate in terms of consumer litigation?
 Are there any other legal factors that need to be considered?

Environmental Factors to Consider: for each factor consider the impact on the company
 How does government approach environmental issues, including environmental protection?
 What environmental legislation or regulations impact on the business?
 Are there any new technologies that could be used to improve sustainability?
 What are consumer attitudes to environmentalism/sustainability?
 Are there any other environmental factors that should be considered?

Risk Management Planning

The organisation’s Risk Management Plan Template should be used.
The following procedure should be followed for risk management:
1. Gather information about potential risks and risk treatments or controls using a range of risk
management tools and techniques. The preferred method is brainstorming potential risks with key
staff members and conducting a PESTLE analysis to identify external risks.
2. Confirm key risks and risk treatments or controls to be documented in the risk management plan.
For each risk, indicate the consequence of the risk e.g. loss in sales, loss in profits, business
closure, lack of qualified staff, etc.
3. Identify key risks and document them in the risk register.
4. Using the risk legend within the risk management plan, assess and document the likelihood of the
risk occurring.
5. Using the risk legend within the risk management plan, assess and document the severity of the
risk occurring.
6. Identify and document the agreed treatment or control method for each risk.
7. Assign a ranking to the risk using the risk assessment legend. The ranking of the risk will determine
its importance in terms of risk management.

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 6
 Review
The CEO will regularly monitor and review the progress being made in developing an appropriate culture of
risk management and the effective implementation of risk management strategies throughout the
organisation.

Guidance
The CEO will ensure that, through its monitoring, review and reporting functions, NatureCare Products
maintains a consistent approach to its assessment of acceptable risk.

Documentation
Each stage of the risk management process shall be appropriately documented. The extent of
documentation required is dependent on the nature of the risk. Documentation will be controlled and
become part of an auditable quality management process.

Compliance
A representation and compliance statement should be provided by each manager as formal
acknowledgement of their responsibility to comply with risk management policies and procedures.

Each employee should have included in their Position Description a responsibility for risk management, and
Annual Performance Appraisals should include an appropriate assessment thereof.

Staff Development
Management shall ensure that staff have available to them appropriate information and training
opportunities in risk management as appropriate to their position and role within NatureCare Products.

Lead College Pty Ltd RTO No: 41489 CRICOS Code: 03636F
Risk Management Policy and Procedures – BSBRSK501 Manage Risk Page 7