Native Bush Spices Australia is based in Coffs Harbour, NSW. The business was established in 2010 to cater for a demand for Australian native food p

Case Study

Native Bush Spices Australia is based in Coffs Harbour, NSW. The business was established in 2010 to cater for a demand for Australian native food products. The company has organic certification. The company manufactures and retails a range of organic, Australian native foods including Native herbs and spices, Native herbal teas and Native fruit jams and conserves.

Currently the business is selling its products through a number of small supermarkets and health stores throughout Australia. The company also has a very basic website that includes four pages: Home, About Us, Products and Contact Details.

The companys overall business objectives for the next three years are to increase sales and create brand awareness, develop a broader product range, as well as expand into overseas markets, most likely Hong Kong, Japan and Singapore.

The companys target customers are those that enjoy gourmet foods.

The age range of Australian consumers buying products is between 35 and 65.

Most consumers are health conscious, care about protecting the environment and have an average annual income of $80,000.

The company currently employs the following staff in its head office: CEO, Operations Manager, Marketing Manager, Customer Service Officer and two administration staff. Ten staff are employed in the factory making and distributing the products.

It has been decided that a new website is needed as part of the marketing communications strategy. The new web site is seen as a critical part of the companys expansion strategy. The company has also decided to expand their product range at the same time to meet the market demand from a broader customer base (by establishing a cooperative relationship with a competitor business).

After doing extensive vendor due diligence, the Operations Manager of Native Bush Spices Australia has selected Manager Networks to oversee the risk management of both projects (Manager Networks is an organisation that provides networking events forbusiness peopleacross Australia.They have recently expanded their business to include professional consultancy services).

As a specialist risk consultant (employed by Manager Networks), you have been asked to manage the risk associated with the web design project and product expansion project for Native Bush Spices Australia in the role of Risk consultant. The project team consists of yourself, CEO, Operations Manager, Marketing Manager.

You will report to/receive instruction from the Operations Manager of Native Bush Spices Australia. He has sent you the following email to help you get started:

Dear Risk Consultant,

We are looking forward to working with you as you manage the risks associated with two of our (very strategic) projects. We have chosen to use a risk consultant as we would like to maximise the outcomes of these projects to achieve our organisational objectives, and minimise or anticipate project risk as best we can.

You will not be required to do the activities and tasks associated with the project, rather you are responsible for the risk management processes. As you manage the projects risks, please adhere to Native Bush Spice Australias policies, procedures, protocols and act in a manner that aims to achieve our organisational goals.

Id like you to create a risk management plan (including a risk register). The objective of the Risk Management Planis to document risk management processes and risks of the project process to ensure comprehensive identification, analysis and response to risk.

Kind regards

Operations Manager.

Information specific to Wed design project

Native Bush Spice Australias Risk Management Policy and Procedures require any risk rating to use an average of the estimate from at least two stakeholders.

The Operations Manager and CEO provided the following estimates:

Operations manager estimate CEO estimate

Risk Likelihood Severity Likelihood Severity

Scope creep 4 2 2 2

Staff turnover 2 2 4 1

Underestimation of time/resource commitment 2 2 4 2

Cross platform compatibility 1 4 3 4

One month after the project started (but had not yet been completed), you sent a survey to the project team members to monitor the progress and identify any issues or changed circumstances. You also had a quick look at the project schedule (See Project Schedule spreadsheet) to check that everything was on track.

The survey showed that all activities were being performed as scheduled, however, the Operations Manager had recently received information from Native Bush Spices legal advisors notifying him about upcoming data legislation changes. The CEO and Operations Manager have both estimated the likelihood and severity of the risk posed by an inadequate privacy policy to be 4 each. The CEO has suggested that the Operations Manager do due diligence to understand how the new legislative requirements affect the website design.

After another period of time passed, the website was designed, developed and tested. You received the following email from the Operations manager:

Dear Risk consultant,

Thank you for managing the risks of this project.

Everyone who worked on the project were impressed with your creative communication. However, most team members felt that there was a distinct lack of detail regarding the risk response. The risk response in itself could be a mini project! In future, it would be great to see a risk response plan as part of your risk management. Please will you develop a Risk Response Plan template for use in future project risk management.

Take a look at https://www.northam.wa.gov.au/documents/708/sample-risk-management-plan for ideas.

Kind regards

Operations Manager.

Information specific to Product Range expansion (cooperative relationship) project

Native Bush Spice Australias Risk Management Policy and Procedures require any risk rating to use an average of the estimate from at least two stakeholders.

The Operations Manager and CEO provided the following estimates:

Operations manager estimate CEO estimate

Risk Likelihood Severity Likelihood Severity

Legal challenges 2 2 2 4

Income due to the cooperative relationship does not justify the tie spent on the relationship. 1 2 1 2

Loss of trade secrets to other firms

2 4 2 4

Possibly being taken advantage of by partners 1 4 3 4

One month after the project started (but had not yet been completed), you sent a survey to the project team members to monitor the progress and identify any issues or changed circumstances. You also had a quick look at the project schedule (See Project Schedule spreadsheet) to check that everything was on track.

Unfortunately, not many customers had responded to the marketing survey to determine the market demand and desired product range. All other project activities were going as planned. The CEO and Operations Manager have both estimated the likelihood and severity of the risk posed by unknown product range requirements to be 2 each. The CEO has suggested that the Market Manager source alternative information from the ABS website, or by visiting health shops.

After another period of time passed, the project was successfully completed. You received the following email from the Operations manager:

Dear Risk consultant,

Thank you for managing the risks of this project.

Everyone who worked on the project were impressed with your attention to detail.

However, most team members felt that communication could be more frequent and creative. They also were unsure of who to speak to about the project and its risks you, me or the person responsible for treating the risk. Please will you create a Risk Management Communication Plan template for future use.

Take a look at https://warren2lynch.medium.com/project-management-communication-plan-template-and-example-5f86590b5900 for ideas.

Kind regards

Operations Manager.

Risk Management Policy and Procedures

Purpose

To provide information and guidance on Risk Management. This Policy applies to all Native Bush Spices Australia employees.

Principles

The following principles form the foundation of the Native Bush Spices Australia Risk Management Policy and Procedures:

A commitment to implement risk management effectively:

Native Bush Spices Australia is committed to managing and minimising risk. This will be done by identifying, analysing, evaluating and treating risk exposure that may impact on Native Bush Spices Australia achieving its objectives and/or the efficiency and effectiveness of its operations.

Native Bush Spices Australia will incorporate risk management into its planning and decision-making processes and it must also be included as a consideration in operational planning as a delegated line management responsibility.

Native Bush Spices Australia staff must implement risk management according to relevant legislative requirements and appropriate risk management standards.

A commitment to training and knowledge development in the area of risk management:

Native Bush Spices Australia is committed to ensuring that all staff, particularly those with management, advisory and decision-making responsibilities, obtain a sound understanding of the principles of risk management and the requisite skills to implement risk management effectively.

A commitment to monitor performance and review progress in risk management:

Native Bush Spices Australia will regularly monitor and review the progress being made in developing an appropriate culture of risk management and the effective implementation of risk management strategies throughout the organisation as a basis for continuous improvement.

Responsibilities

Risk must first and foremost be managed at the corporate level as part of the Native Bush Spices Australia good governance and corporate management processes. Risk management is considered an integral part of all management and decision-making functions within Native Bush Spices Australia. The responsibility for the identification of risk and the implementation of control strategies and follow up remains a delegated line management responsibility (or consultant). All stakeholders have a significant role in the management of risk. This role may range from initially identifying and reporting risks associated with their own jobs to participation in the risk management process.

Aims and Objectives

Native Bush Spices Australia aims to integrate risk management into the management culture of Native Bush Spices Australia and foster an environment where staff assume responsibility for managing risks.

To secure its commitment to implement risk management effectively, Native Bush Spices Australia aims to implement risk management across all aspects of Native Bush Spices Australia in accordance with best practice guidelines.

To secure its commitment to training and knowledge development in the area of risk management, Native Bush Spices Australia aims to ensure that performance in risk management is a consideration in the Native Bush Spices Australias performance management systems and other stakeholders have access to appropriate information, training and other development opportunities in the area of risk management.

To secure its commitment to monitoring performance and reviewing progress, Native Bush Spices Australia aims to ensure that appropriate monitoring, review and reporting processes are in place in the area of risk management.

The objectives of risk management are to:

provide a structured basis for strategic, tactical and operational planning across Native Bush Spices Australia, enhancing its governance and corporate management processes;enable Native Bush Spices Australia to effectively discharge its statutory and legislative financial management responsibilities;provide a practical framework for managers to assess risks inherent in the decisions they take;assist and motivate decision makers, at all levels, to make good and proactive management decisions that do not expose Native Bush Spices Australia to unacceptable levels of risk of unfavourable events occurring which adversely impact on the attainment of organisational goals

encourage and commit decision makers to identify sound business opportunities that will benefit Native Bush Spices Australia without exposing the company to unacceptable levels of risk;minimise the risks of not identifying sound business opportunities

protect Native Bush Spices Australia from unacceptable costs or losses associated with its operations, while safeguarding its resources: its people, finance, property and reputation

assist Native Bush Spices Australia in achieving its strategic objectives

create an environment where all staff assume responsibility for risk management

Procedures

Corporate

Risk management is a whole of Organisation Process. It must first and foremost be managed at the corporate level as part of Native Bush Spices Australias good governance and corporate management processes. This process, coordinated and facilitated by the CEO, will involve the following key steps:

an annual risk identification exercise undertaken by the CEO. This involves assessment of the consequence and likelihood of risk, the development and/or review of individual risk management plans for the risks identified which exceed the Native Bush Spices Australia's defined acceptable risks

wherever practicable, the inclusion of a Risk Management Assessment for all business activities

the incorporation of risk management into strategic planning, as well as operational and resource management planning processes

ensure risk management processes are incorporated into the quality assurance and improvement systems of Native Bush Spices Australia

clearly define and document escalation procedures for risk management

ensure a consistency in approach of responses to the same risk by different sections of Native Bush Spices Australia

test documented risk management procedures at appropriate intervals.

Management

Risk management is a delegated line management responsibility (or the delegated consultant). It is the responsibility of all line managers to continually monitor their areas of responsibility to ensure that risks are identified and managed. Line managers should ensure that a contribution is made to Native Bush Spices Australia risk management process, on behalf of their areas of responsibility, that identifies risks at all levels.

The sharing of documented responses to risks and knowledge of risk management principles and procedures will be fostered between line managers to ensure consistency across Native Bush Spices Australia.

On an annual basis, line managers should review all activities to ensure that any unacceptable risk exposures are identified and managed at an appropriate level. All operational sections will be required to report on risk management as part of the Native Bush Spices Australia's annual operational and resource management process.

Individual

Each employee or other stakeholder throughout Native Bush Spices Australia has a role in the risk management process and is responsible for actively participating in the risk management process as appropriate to their position within the organisation.

New Opportunities

In addition to the risks that already exist, Native Bush Spices Australia is continually exposed to new risks, particularly from the introduction of new activities.

New risks should be incorporated into the initial planning and assessment processes conducted prior to undertaking the activity and, subsequently, into the annual risk management assessment at the appropriate level(s) of activity and management. A risk management plan must then be developed.

The risk management process is a collaborative process whereby all managers and supervisors identify risks and agree on risk treatment options.

All Native Bush Spice Australia employees are encouraged to use innovative and progressive risk identification methods, tools and techniques. Collaboration is key, and a variety of collaborative methods are also encouraged (such as an online group chat forum, brainstorming session, collaborative online work document).

Principles

The principles of risk management shall be applied to all areas of risk exposure, insurable and non-insurable, and shall include, but not be limited to the following areas:

Insurable Risks Non-Insurable Risks

Insurable workplace health and safety risks

Insurable fraud and corruption prevention activities

Unauthorised use of resources which represent an insurable risk

Reputation and image as an insurable risk

Fire prevention measures and security precautions

Property loss and damage

Computer security

Professional negligence

Other liability exposures

Legal liability Non-insurable workplace health and safety risks

Non-insurable fraud and corruption prevention activities

Unauthorised use of resources which represent a non-insurable risk

Reputation and image as a non-insurable risk

Crisis contingency planning and disaster recovery

Accounting controls that are not cost effective

Loss of key staff and intellectual property

Management system inadequacies and poor work quality

Failure or disruption of a major income source or investment

Risk classification

Risks should be classified into one of the following categories:

Economic risk

Societal risk

Geopolitical risk

Operational risk

Environmental risk

Technological risk

Project risk

Project risks categories include technical risk, scheduling risk, resource risk, scope risk or deliverable risk.

Risk assessment

For all risks the business elects to manage, the likelihood of each risk occurring must be estimated. Risk likelihood must be calculated by taking the average of at least two stakeholder estimations. This must be done using the following scale:

Rare 1

Unlikely 2

Likely 3

Very likely 4

Similarly, the risk impact must be calculated by taking the average of at least two stakeholder estimations using the following scale:

Minor 1

Moderate 2

significant 3

Catastrophic 4

Risk will be prioritised using the risk matrix:

Severity

Minor Moderate Significant Catastrophic

Likelihood Very likely Moderate High Extreme Extreme

Likely Low Moderate High Extreme

Unlikely Very low Low Moderate High

Rare Very low Very low Low Moderate

Extreme and high risks should receive high priority.

Moderate risks should receive medium priority.

Low and very low risks should receive low priority.

Review

The CEO will regularly monitor and review the progress being made in developing an appropriate culture of risk management and the effective implementation of risk management strategies throughout the organisation. The line managers (or delegated consultant) will monitor and review project risk at the end of each project lifecycle and write a report with recommendations for future improvements.

Guidance

The CEO will ensure that, through its monitoring, review and reporting functions, Native Bush Spices Australia maintains a consistent approach to its assessment of acceptable risk.

Documentation

Each stage of the risk management process shall be appropriately documented. The extent of documentation required is dependent on the nature of the risk. Documentation will be controlled, and become part of an auditable quality management process. Risk registers must contain:

risk

potential outcomes

likelihood

impact

calculated risk

priority

treatment.

Compliance

A representation and compliance statement should be provided by each manager as formal acknowledgement of their responsibility to comply with risk management policies and procedures.

Each employee should have included in their Position Description a responsibility for risk management, and Annual Performance Appraisals should include an appropriate assessment thereof.

Staff Development

Management shall ensure that staff have available to them appropriate information and training opportunities in risk management as appropriate to their position and role within Native Bush Spices Australia.

Project Risk Management Plan

Project risk context

Summarise the riskmanagementcontext.

Existing risk controls

Identify and documentthe companysrisk control measures.

Riskmanagementobjectives and standards

State the objectives of the projects risk management, the objectives of this planand the standards that will be usedto guide it.

Project Risk identification

Summarise identified project risks.

Technical risks Scheduling risks Resource risks Scope Risks Deliverable risks Project risksassessment

Complete the Risk Register to assess each riskusing your agreed risk ranking system.

Risk will be prioritised using the risk matrix:

Severity

Minor Moderate Significant Catastrophic

Likelihood Very likely Moderate High Extreme Extreme

Likely Low Moderate High Extreme

Unlikely Very low Low Moderate High

Rare Very low Very low Low Moderate

Extreme and high risks should receive high priority.

Moderate risks should receive medium priority.

Low and very low risks should receive low priority.

Risk Register

Risk Likelihood Severity Risk Rating

(likelihood x severity) Level of risk Priority

Project Risk treatment

Use the table below to document treatment options.

Risk Potential outcomes (threats or opportunities) Treatment options (at least one per risk) Responsible staff member

Communication Policy and Procedures

Native Bush Spices Australia aims to enhance and streamline communications (internal and external) to reinforce the vision and strategic priorities. As such, we will continue to develop and trial new communication platforms, channels, and tools to improve information sharing and collaboration between all staff members.

This policy is to be implemented in a way that ensures compliance with relevant legislative requirements and standards of best practice.

Native Bush Spices Australia expects that staff will use the channels and for business purposes only and comply with all relevant policies and procedures, the Code of Conduct.

Communication channels

Native Bush Spices Australia has a number of internal communication channels available, including:

Channel Purpose

Meetings If possible, interaction should take place face-to-face or via telephone. All information discussed should be summarised in an email.

Staff bulletin This contains Information from the executive to staff which is important and relevant to their interests, including training, employment vacancies and important announcements.

Contributions for the Staff Bulletin must be approved in advance by the contributors relevant manager before being sent to the communications officer for review and inclusion.

Staff surveys These are used to gather information and feedback from all staff members. Surveys should be sent to staff via email link.

Native Bush Spices Australia intranet The intranet provides important information for staff in an easily accessible location.

The intranet is to be used for conveying information which is important and relevant from the executive team to staff. It is the responsibility of the person contributing the content to ensure the content is factually correct. All contributions must be approved in advance by the contributors relevant manager.

Enterprise social networks (e.g. Yammer, Facebook) These may be used by groups of staff to collaborate and communicate on projects online (e.g. to share and comment on work-related ideas, news and activities). Personal use of these platforms may not be used during work hours. Use of these networks must comply with the Social Media Policy.

All Staff emails Emails are used for messages to and between staff. Staff are required to read all their work-related emails.

Email distribution lists Email distribution lists may only be used by the executive team and should adhere to the Privacy policy.

453075356515PROJECT PORTFOLIO

020000PROJECT PORTFOLIO

RTO No: 91223

-5406891432060

Student Project Portfolio

BSBPMG536 Manage Project Ris05212008BSBPMG536

020000BSBPMG536

k

Contents

TOC o "1-3" h z t "RTO Works Heading 1,1" Section 1: Identify and analyse project risks PAGEREF _Toc67647806 h 6Section 2: Finalise project risk management plans PAGEREF _Toc67647807 h 10Section 3: Monitor, respond to and assess project risk management processes PAGEREF _Toc67647808 h 13

Student name: Assessor: Date: Provide a brief description of your organisation and its main activities/services and/or products: Summarise your organisations broader work goals: Provide a brief description of your role and responsibilities within your organisation: Explain of how your role contributes to the organisations broader work goals: Project 1 context and team members: Project 2 context and team members:

Section 1: Identify and analyse project risksSummarise project risk management processes

Describe applicable standards related to risk List the objectives related to managing risk Summarise policies and procedures relating to risk, including:

project risk classification criteria and risk ranking system.

risk review processes (formal and informal)

templates

Attach proof of the policies and procedures to this section of your portfolio (highlight applicable information). Summarise conventions and protocols for communicating with internal and external stakeholders.

Attach proof of the requirements (e.g. policy and procedure) and highlight applicable information. Describe risk identification methods that may be used to identify project risks (at least two). You are required to manage project risk for two separate projects.

PROJECT 1: Include the name of the Project

Summarise your stakeholder meeting.

Who did you meet with?

What was discussed?

What did you agree on?

Unless already viewed in person by your assessor, attach proof of your meeting to this section of the portfolio. Identify project risks.

Which additional identification method did you use?

List at least four identified risks.

Attach proof of the risk identification method used to this section of your portfolio (e.g. screen shot of online group chat, survey, internet search results etc.). Create a draft Risk Management Plan and Risk Register.

Attach your draft Risk Management Plan and Risk Register to this section of your portfolio. PROJECT 2: Include the name of the Project

Summarise your stakeholder meeting.

Who did you meet with?

What was discussed?

What did you agree on?

Unless already viewed in person by your assessor, attach proof of your meeting to this section of the portfolio. Identify project risks.

Which additional identification method did you use?

List at least four identified risks.

Attach proof of the risk identification method used to this section of your portfolio (e.g. screen shot of online group chat, survey, internet search results etc.). Create a draft Risk Management Plan and Risk Register.

Attach your draft Risk Management Plan and Risk Register to this section of your portfolio. 42862533591500Attach: Risk policies and procedures

Communication protocols and requirements

Proof of stakeholder meeting (project 1)

Proof of the risk identification methods used if relevant (project 1)

Risk Management Plan draft (project 1)

Risk Register draft (project 1)

Proof of stakeholder meeting (project 2)

Proof of the risk identification methods used if relevant (project 2)

Risk Management Plan draft (project 2)

Risk Register draft (project 2)

Section 2: Finalise project risk management plansPROJECT 1: Include the name of the Project

Consult with at least two stakeholders.

Who did you consult with (include a client and at least one internal stakeholder)?

How did you consult?

Summarise the outcomes of your consultation.

Unless already viewed in person by your assessor, attach proof of your consultation to this section of your portfolio (e.g. draft email, recording of face-to-face meeting). Update your draft Risk Management Plan (Risk Register).

Include outcomes of the consultative process and allocate risk responsibilities.

Attach your updated Risk Management Plan and Risk Register to this section of your portfolio. Implement one risk treatment for a risk with high priority.

Attach proof of your implemented risk treatment to this section of your portfolio. PROJECT 2: Include the name of the Project

Consult with at least two stakeholders.

Who did you consult with (include a client and at least one internal stakeholder)?

How did you consult?

Summarise the outcomes of your consultation.

Unless already viewed in person by your assessor, attach proof of your consultation to this section of your portfolio (e.g. draft email, recording of face-to-face meeting). Update your draft Risk Management Plan (Risk Register).

Include outcomes of the consultative process and allocate risk responsibilities.

Attach your updated Risk Management Plan and Risk Register to this section of your portfolio. Implement one risk treatment for a risk with high priority.

Attach proof of your implemented risk treatment to this section of your portfolio. 61859414351000 Attach: Internal and external stakeholder consultation (project 1)

Updated Risk Management Plan (project 1)

Updated Risk Register (project 1)

Proof of implement risk treatment ((project 1)

Internal and external stakeholder consultation (project 2)

Updated Risk Management Plan (project 2)

Updated Risk Register (project 2)

Proof of implement risk treatment ((project 2)

Section 3: Monitor, respond to and assess project risk management processesPROJECT 1: Include the name of the Project

Monitor the project risks.

What formal process will you use to monitor the project risks?

What informal process will you use to monitor the project risks?

Summarise the outcomes of your monitoring processes (include at least one change in the risk environment).

Unless already viewed in person by your assessor, attach proof of your formal and informal monitoring to this section of your portfolio (e.g. photo of you reviewing the project schedule, survey etc.). Respond to the changed environment.

Are the current risk controls and treatments effective and efficient?

How will you respond to the changed environment?

How will you implement one response?

Attach proof of how you implemented one risk response (e.g. email appropriate staff member to take action, update the project schedule etc).

Attach your modified Risk Management Plan (Risk Register) to this section of your portfolio. Review outcomes of the project and its risk management processes.

What were the project outcomes?

What risk management issues were faced?

How effective were the risk management processes and procedures?

What recommendations can you make for future risk management processes? Develop one recommended improvement for future use.

Attach the developed improvement to this section of the portfolio. PROJECT 2: Include the name of the Project

Monitor the project risks

What formal process will you use to monitor the project risks?

What informal process will you use to monitor the project risks?

Summarise the outcomes of your monitoring processes (include at least one change in the risk environment).

Unless already viewed in person by your assessor, attach proof of your formal and informal monitoring to this section of your portfolio (e.g. photo of you reviewing the project schedule, survey etc.). Respond to the changed environment

Are the current risk controls and treatments effective and efficient?

How will you respond to the changed environment?

How will you implement one response?

Attach proof of how you implemented one risk response (e.g. email appropriate staff member to take action, update the project schedule etc).

Attach your modified Risk Management Plan (Risk Register) to this section of your portfolio. Review outcomes of the project and its risk management processes.

What were the project outcomes?

What risk management issues were faced?

How effective were the risk management processes and procedures?

What recommendations can you make for future risk management processes? Develop one recommended improvement for future use.

Attach the developed improvement to this section of the portfolio. 61859414351000 Attach: Proof of formal monitoring process (project 1)

Proof of informal monitoring process (project 1)

Proof of implemented risk response (project 1)

Modified Risk Management Plan (project 1)

Modified Risk Register (project 1)

Risk Response Plan template

Proof of formal monitoring process (project 2)

Proof of informal monitoring process (project 2)

Proof of implemented risk response (project 2)

Modified Risk Management Plan (project 2)

Modified Risk Register (project 2)

Risk Management Communication Plan template (project 2)

RTO No: 91223

-5406891432060

Assessment Task 1

BSBPMG536 Manage Project Risk

Assessment Task 1 Cover Sheet

Student Declaration

To be filled out and submitted with assessment responses

I declare that this task is all my own work and I have not cheated or plagiarised the work or colluded with any other student(s).

I understand that if I am found to have plagiarised, cheated or colluded, action will be taken against me according to the process explained to me.

I have correctly referenced all resources and reference texts throughout these assessment tasks.

Student name Student ID number Student signature Date Assessor declaration

I hereby certify that this student has been assessed by me and that the assessment has been carried out according to the required assessment procedures.

Assessor name Assessor signature Date Assessment outcome S NS DNS Resubmission Y N

Feedback

Student result response

My performance in this assessment task has been discussed and explained to me.

I would like to appeal this assessment decision.

Student signature Date A copy of this page must be supplied to the office and kept in the students file with the evidence.

Assessment Task 1: Knowledge questions

Information for studentsKnowledge questions are designed to help you demonstrate the knowledge which you have acquired during the learning phase of this unit. Ensure that you:

review the advice to students regarding answering knowledge questions in the Business Works Student User Guide

comply with the due date for assessment which your assessor will provide

adhere with your RTOs submission guidelines

answer all questions completely and correctly

submit work which is original and, where necessary, properly referenced

submit a completed cover sheet with your work

avoid sharing your answers with other students.

ii Assessment information

Information about how you should complete this assessment can be found in Appendix A of the Business Works Student User Guide. Refer to the appendix for information on:

where this task should be completed

the maximum time allowed for completing this assessment task

whether or not this task is open-book.

Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix C of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that.

Questions

Provide answers to all of the questions below:

Identify at least two project risks for each of the following risk categories:

Scope risk

Scheduling risk

Resource risk

Technology risk

Outline three examples of tools or techniques that could be used to identify risks as part of a risk assessment process.

Outline three sources of information that can be used to gather information on potential risks within the workplace.

Explain each of the key components of a risk management plan.

Summarisethe purpose of Australia/New Zealand Standard for Risk Management (AS/NZS ISO 31000:2009) and identify the key principles underlying this risk management standard.

Describe thecharacteristics, techniques and appropriate applications ofboth quantitative and qualitative risk analysis.

Outline the key steps involved in a risk management process.

Explain five options for controlling risk.

Complete the table below to provide examples of risk classification and risk context for a variety of industries.The first row has been completed as an example.

Industry Risk context examples (at least two each) Risk classification

(Environmental, Geopolitical, Societal, Economic, Technological, Operational, Resource, Security)

Politics New Labour policies implemented Societal risks, Economic risks

Education Mining

Assessment Task 1: Checklist

Students name:

Did the student provide a sufficient and clear answer that addresses the suggested answer for the following? Completed successfully? Comments

Yes No Question 1 Question 2 Question 3 Question 4 Question 5 Question 6 Question 7 Question 8 Question 9 Task outcome: Satisfactory Not satisfactory

Assessor signature: Assessor name: Date:

RTO No: 91223

-5406891432060

Assessment Task 2

BSBPMG536 Manage Project Risk

Assessment Task 2 Cover Sheet

Student Declaration

To be filled out and submitted with assessment responses

I declare that this task is all my own work and I have not cheated or plagiarised the work or colluded with any other student(s).

I understand that if I am found to have plagiarised, cheated or colluded, action will be taken against me according to the process explained to me.

I have correctly referenced all resources and reference texts throughout these assessment tasks.

Student name Student ID number Student signature Date Assessor declaration

I hereby certify that this student has been assessed by me and that the assessment has been carried out according to the required assessment procedures.

Assessor name Assessor signature Date Assessment outcome S NS DNS Resubmission Y N

Feedback

Student result response

My performance in this assessment task has been discussed and explained to me.

I would like to appeal this assessment decision.

Student signature Date A copy of this page must be supplied to the office and kept in the students file with the evidence.

Assessment Task 2: Project PortfolioInformation for students

In this task, you are required to demonstrate your skills and knowledge by working through a number of activities and completing and submitting a project portfolio.

You will need access to:

a suitable place to complete activities that replicates a business environment including a meeting space and computer and internet access

your learning resources and other information for reference

Project Portfolio template

Simulation Pack

Project Schedules.

Ensure that you:

review the advice to students regarding responding to written tasks in the Business Works Student User Guide

comply with the due date for assessment which your assessor will provide

adhere with your RTOs submission guidelines

answer all questions completely and correctly

submit work which is original and, where necessary, properly referenced

submit a completed cover sheet with your work

avoid sharing your answers with other students.

ii Assessment information

Information about how you should complete this assessment can be found in Appendix A of the Business Works Student User Guide. Refer to the appendix for information on:

where this task should be completed

how your assessment should be submitted.

Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix B of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that.

Activities

Complete the following activities:

Carefully read the following:

This assessment requires you to manage a projects risks on two separate occasions.

You can do this for two real projects at your workplace, for two projects associated with a start-up business you are working on yourself or you can use the Simulation Pack provided.

Vocational education and training is all about gaining and developing practical skills that are industry relevant and that can help you to succeed in your chosen career. For this reason, basing your project on real relationships with classmates or work colleagues will mean that you are applying your knowledge and skills in a relevant, practical and meaningful way!

If you use your own business or workplace, you need:

information to establish the risk management processes (step 2)

sufficient numerical data to analyse risks (step 4)

at least one changed circumstance that impacts the project risks (step 7)

at least one risk management issue that can be improved on for future projects (step 9).

Speak to your assessor to get approval if you want to base this on your own business.

If you are basing this assessment on the case study business, read through the Simulation Pack in preparation for this assessment. All the information needed to complete this assessment is contained in the Simulation pack.

You will be collecting evidence for this unit in a Project Portfolio. The steps you need to take are outlined below. Before you begin, complete page 4 of your Project Portfolio. You must:

provide a brief description of your organisation and its main activities/services and/or products.

summarise your organisations broader work goals (at least two).

provide a brief description of your role and responsibilities within your organisation.

explain of how your role contributes to the organisations broader work goals (make sure you include project risk management in your answer).

describe the project context for each project.

list the project team members for each project.

Start working on Section 1 Identify and analyse project risks. Steps 2 to 4 form part of Section 1.

If you are basing this assessment on the case study, further information to complete the next steps is available in the Simulation Pack.

If you are basing this assessment on your own business, you will need information to establish the risk management processes as well as sufficient numerical data to analyse risks.

Summarise project risk management processes.

Summarise information relevant to your organisation and its risk management processes. In your summary include:

any applicable standards related to risk.

objectives related to managing risk.

policies and procedures relating to risk (including any templates), including:

project risk classification criteria

the risk ranking system

risk review processes (formal and informal).

conventions and protocols for communicating with internal and external stakeholders.

risk identification methods that may be used to identify project risks (at least two).

ii Your summary may be in appropriate format (e.g. mind map, bullet points, written paragraph). You will use the information to help you complete this assessment (take a look at the Risk Management Plan Template and the Risk Register Template for more information).

If your organisation does not provide the information required in their policies and procedures (e.g. risk review processes), then establish the requirements as part of your summary using best practice examples. Make sure you reference any sources.

For each project, meet with an appropriate stakeholder to agree on the risk management process.

ii Use the work done in step 2 to help you prepare for the meeting. Also read through the requirements of the meeting and prepare any note you may need in advance. If you are using the case study, the following links may also help you to prepare:

https://www.stakeholdermap.com/risk/risk-responses.htmlhttps://www.itomic.com.au/top-10-website-project-risk-factors/

https://opentextbc.ca/strategicmanagement/chapter/making-cooperative-moves/

Meet with at least one relevant stakeholder (e.g. senior manager, CEO, business owner etc.). The meetings objectives are to:

confirm the boundaries of your delegated authority.

seek the stakeholders input for risk objectives and standards.

agree on classification criteria and a risk ranking system to apply to the projects risks.

brainstorm possible risks for the project.

agree on possible appropriate risk treatments/responses for a variety of circumstances and risks.

agree on the consultative methods to be used when analysing risk treatment options.

ii Consultative processes may for example include:

an email seeking stakeholder input

a brainstorming session where stakeholders provide input

a notice in the organisations bulletin to provide opportunity for all staff to provide input

an online group discussion forum

an online document for multiple stakeholders to work on

a survey or questionnaire.

Meet separately with at least one stakeholder for each project. Have printouts of any relevant documentation (e.g. risk management policy and procedure) to use or refer to at the meeting.

Take notes at the meeting, as you are required to summarise your meeting outcomes.

Each meeting should take 20 minutes. This will either be attended in person by your assessor or they will attend online. If you are in the workplace, you may like to video record the session for your assessor to watch later (attach proof to Section 1 of your portfolio). Your assessor can provide you with more details at this step. Make sure you follow the instructions above and meet the timeframes allocated.

During the meeting, you will need to demonstrate effective communication skills including:

speaking clearly and concisely to provide and seek information.

asking questions to identify required information.

using active listening techniques to confirm understanding.

For each project, write a draft Risk Management Plan (including a Risk Register).

You have already used brainstorming to identify project risks. Use at least one other method to identify at least four project risks. This method should seek input from an external stakeholder (e.g. customer, other staff members, general public, experienced leaders etc.)

Once youve identified the risks, create a draft Risk Management Plan (including a Risk Register).

As you complete the plan (and register), you are required to analyse four of your identified project risks. You must:

classify each risk

apply the agreed risk ranking system to determine the risk likelihood, severity and risk rating.

identify risk priorities.

identify potential outcomes (threats and opportunities) associated with each risk (at least one per risk).

assign risk treatments for the potential outcomes (at least one per risk).

ii You may use the Risk Management Plan template provided in the Simulation pack, or any other template relevant to your work place. At this point, you do not need to assign responsibility to team members.

Answer separately for each project and make sure you use numerical data as you analyse the risks.

Make sure you have answered all questions in Section 1.

You are required to attach certain documents as part of your evidence review the documents you need to attach as outlined in Section 1 of the Project Portfolio.

Submit Section 1 to your assessor.

Start working on Section 2 Finalise project risk management plans of your project portfolio. Steps 5 to 6 form part of Section 2.

For each project, finalise your Risk Management Plan (and Risk Register).

Before you finalise your plan, use an appropriate consultative method (as previously agreed to) to consult with at least two relevant stakeholders (e.g. CEO, senior manager, project team, business owner etc) to:

agree on risk priorities (you have already prioritised risks in your draft project management plan).

analyse the risk treatment options to choose the best way forward.

ii Consult separately with stakeholders for each project and make sure your chosen consultative method meets the communication requirements of your organisation. If you are using the case study, you will consult with the Operations Manager and CEO.

Once youve consulted with the stakeholders, update your draft Risk Management Plan and Risk Register to incorporate the input provided by the stakeholders during the consultative process. Then, allocate risk responsibilities to the project team members.

ii Change the version number of your Risk Management Plan and Risk Register.

For each project, implement the one of the agreed risk treatments.

Choose one risk that has a high priority and implement the agreed risk treatment.

Examples of how you may implement a risk treatment include:

apply for an insurance policy

outsource processes (e.g. by writing a tender document)

seek legal advice (e.g. by drafting an email)

develop a questionnaire to establish customer requirements

arrange for staff development (e.g. coaching, mentoring or training)

apply due diligence processes.

ii Separate implementation is required for each project.

Make sure you have answered all questions in Section 2.

You are required to attach certain documents as part of your evidence review the documents you need to attach as outlined in Section 2 of the Project Portfolio.

Submit Section 2 to your assessor.

Start working on Section 3 Monitor, respond to and assess project risk management processes of your Project Portfolio. Steps 7 to 9 form part of Section 3.

If you are basing this assessment on the case study, further information to complete the next steps is available in the Simulation Pack.

If you are basing this assessment on your own business or workplace, your projects should include at least one changed circumstance that impacts the project risks. You should also have at least one risk management issue that can be improved on for future projects.

For each project, monitor the project risks.

ii Assume that a short period of time has passed and that project activities have commenced (but the project has not yet been completed).

If you are basing this assessment on the case study, this is one month.

Monitor the risk environment using formal and informal processes to identify at least one changed circumstance that will impact the project risks.

ii You may monitor the risk environment in any way as long as it meets the requirements of your organisation (the risk review processes were established in step 2). You must include one formal process and one informal process.

Examples of formal monitoring processes include:

reviewing data and reports (e.g. customer feedback or timesheets)

formally as part of a team meeting

by emailing individuals to seek an update on the project and risk environment.

Examples of informal monitoring processes include:

observing interpersonal dynamics

watching for changes in behaviour patterns

keeping an eye on social media

reading through project documentation

For each project, respond to the changed environment.

First evaluate the risk controls/treatments that were initially agreed on to determine whether they are still appropriate for the changed circumstances. If required, alter the required response or create a new response for any additional risks.

Make sure you modify your Risk Management Plan (and Risk Register) to reflect the changes (highlight your changes).

Once youve established your responses to the changed circumstances, implement one of the responses.

Examples of how you may implement a risk response include:

make an insurance policy claim.

change office processes (e.g. recycling) to ensure environmental sustainability

offer a discount to loyal customers to maintain customer satisfaction

arrange for staff development (e.g. coaching, mentoring or training)

apply due diligence processes.

ii Separate responses are required for each project.

Your altered responses must still adhere to the agreed responses discussed at your meeting with an appropriate stakeholder in step 3.

Change the version number of your Risk Management Plan and Risk Register.

For each project, review the project outcomes.

ii Assume that a further period of time has passed and the project has been completed.

Also assume that youve received feedback from stakeholders about the risk management processes (see Simulation Pack). You may use this feedback whether youre basing this assessment on you own business or the cases study.

Review the outcomes of the project and its risk management processes. As part of your review, summarise:

the outcomes of the project

any risk management issues faced during the project (at least one)

the effectiveness of the risk management processes and procedures (for all phases of the project)

recommendations for improvements to the risk management processes.

Once youve reviewed the risk management process, develop at least one recommended improvement.

ii Based on the feedback, you must develop a Risk Response Plan.

Submit your completed Project Portfolio

Make sure you have completed all sections of your Project Portfolio, answered all questions, provided enough detail as indicated and proofread for spelling and grammar as necessary.

Submit to your assessor for marking.

Assessment Task 2: Checklist

Students name:

Did the student: Completed successfully? Comments

Yes No Provide background information, including:

summary of the organisations broader work goals (at least two).

a brief description of their role and responsibilities within your organisation.

explanation of how their role contributes to the organisations broader work goals (including project risk management).

the project context for two projects. Summarise project risk management processes, including:

any applicable standards related to risk.

objectives related to managing risk.

policies and procedures relating to risk (including any templates), including:

project risk classification criteria

the risk ranking system

risk review processes (formal and informal).

conventions and protocols for communicating with internal and external stakeholders.

risk identification methods that may be used to identify project risks (at least two). For two separate projects meet with an appropriate stakeholder to agree on the risk management process, including:

confirming the boundaries of their delegated authority.

seeking the stakeholders input for risk objectives and standards.

agreeing on classification criteria and a risk ranking system to apply to the projects risks.

brainstorming possible risks for the project.

agreeing on possible appropriate risk treatments/responses for a variety of circumstances and risks.

agreeing on the consultative methods to be used when analysing risk treatment options. For two separate projects, use a method other than brainstorming to further identify project risks (seeking input from an external stakeholder). For two separate projects, write a draft Risk Management Plan (including a Risk Register) that includes:

classification of each risk

application of the agreed risk ranking system to determine the risk likelihood, severity and risk rating.

Identification of risk priorities.

Identification of potential outcomes (threats and opportunities) associated with each risk (at least one per risk).

risk treatments for the potential outcomes (at least one per risk).

For two separate projects, use an appropriate consultative method (as previously agreed to) to consult with at least two relevant stakeholders to:

agree on risk priorities.

analyse the risk treatment options to choose the best way forward. For two separate projects, update their draft Risk Management Plan and Risk Register to incorporate:

the input provided by the stakeholders during the consultative process.

risk responsibilities. For two separate projects, implement the one of the agreed risk treatments. For two separate projects, monitor the project risks including:

using formal and informal monitoring processes

identifying at least one changed circumstance impacted the project risks. For two separate projects, respond to the changed environment, including:

evaluating the risk controls/treatments that were initially agreed on to determine whether they are still appropriate for the changed circumstances

altering the required response or creating a new response for any additional risks (if required).

modifying their Risk Management Plan (and Risk Register) to reflect the changes

implementing one of the responses. For two separate projects, review the project outcomes including:

a summary of:

the outcomes of the project

any risk management issues faced during the project (at least one)

the effectiveness of the risk management processes and procedures (for all phases of the project)

recommendations for improvements to the risk management processes.

developing at least one recommended improvement. Demonstrate effective oral communication including:

speaking clearly and concisely

asking questions to identify required information

responding to questions as required

using active listening techniques to confirm understanding. Task outcome: Satisfactory Not satisfactory

Assessor signature: Assessor name: Date:

Final results recordStudent name: Assessor name: Date Final assessment results

Task Type Result

Satisfactory Unsatisfactory Did not submit

Assessment Task 1 Knowledge questions S U DNS

Assessment Task 2 Project Portfolio S U DNS

Overall unit results C NYC Feedback

My performance in this unit has been discussed and explained to me.

I would like to appeal this assessment decision.

Student signature: Date:

I hereby certify that this student has been assessed by me and that the assessment has been carried out according to the required assessment procedures.

Assessor signature: Date: