RISK MANAGEMENT .pdf

Full Transcript

Principles of Risk Management
Terminologies
Risk-Based Thinking Risk
Proactive - Effect on uncertainty
- Focuses on anticipating objectives
potential risks
Risk management
Holistic - Coordinated activities to
- Considers the entire direct and control an
organization & organization with regard
Interconnected system to risk

Opportunity-focused Stakeholder (interested parties)
- Looks into potential - Person / organization that
benefits in a risk/certain can affect, be affected by,
situation or perceive themselves by
a decision or activity
Decision Driven
- Helps to make a thorough Risk Source
decision - Element which alone or in
combination has the
KINDS OF ORGANIZATIONS potential to give rise to
risk (origin / cause)
1. External (Controlled)
2. Internal Factors (Limited Event
Control) - Occurrence or change of a
particular set of
Managing Risk circumstances
It is interactive (Repeatedly) and
assists organizations in setting Likelihood
strategy, objectives, and decision - Chance of something
making happening
Part of a governance &
leadership Control
Part of all activities associated - Measure that maintains &
within an organization and modifies risk
interaction with stakeholders
Principle, Framework, Process
 Principles
E. Dynamic
The purpose of Risk Management - Risk management
is the creation and protection of anticipates, detects,
value. acknowledges, and
responds to those changes
Improves performance, and events in an
encourages innovation, and appropriate and timely
supports the achievement of manner
objectives.
F. Best available information
A. Integrated - The inputs on risk
- Risk management is an management are history
integral part of all and past mistakes
organizational activities
G. Human & Control factors
B. Structured & Comprehensive - Human behavior and
- This contributes to culture significantly
consistent and influence all aspects of
comparable results risk management

C. Customized H. Continual Improvement
- The risk management - Risk management is
framework and process continually improved
are customized and through learning and
proportionate to the experience
organization’s external &
internal content related to
its objectives

D. Inclusive
- Appropriate & Timely
involvement of
stakeholders enables their
knowledge, views, and
perceptions to be
considered.
 Framework of Risk Management External context

The purpose is to assist the organization
in integrating risk management into
significant activities and functions.

Leadership and Commitment
Top management and oversight
bodies, where applicable, should
ensure that risk management is Internal context
integrated into all organizational
activities

Top Management
Accountable for managing risk

Oversight bodies
Accountable for overseeing risk
management

Articulating risk management
FRAMEWORK
commitment
- Top management &
1. Integrating risk management
oversight bodies should
- Relies on an understanding of
demonstrate and
organizational structures and
articulate their continual
context
commitment to risk
- Structures differ depending on
management through
purpose, goals, and complexity
policy, statement, forms

2. Design
Assigning organizational roles,
authorities, responsibilities, and
Understanding the organization
accountabilities
and its context
- Top management &
- The organization should
oversight bodies should
examine and understand
ensure that the
its external and internal
authorities,
context
responsibilities, and
 accountabilities are assigned to 4. Evaluation
organizations Periodically measure risk
management framework
Allocating resources performance against its purpose,
1. People, skills, experience, and implementation, plans,
competence indicators, and behavior
2. Organization’s processes,
methods, and tools to be used for 5. Improvement
managing risk
3. Documented processes and Adapting
procedures - Organization should
4. Information and knowledge continually monitor and
management systems adapter the risk
5. Professional development and management framework
training needs to address external &
internal changes
Establishing communication and
consultation Continually improving
- Organization should established - Organization should
an approved approach to continually improve the
communication and consultation suitability, adequacy, and
in order to support the effectiveness of the
framework and facilitate framework and the way
effective application of risk the process is integrated
management

3. Implementation

The organization should implement the
risk management framework by:
Developing an appropriate plan
How types of decisions are made
Across the organization & by who
Modifying the applicable decision
making processes
Ensure that organization
arrangements for managing risks
are understood and practiced
 Popular Risk Management OCTAVE (Operationally Critical
Frameworks Threat Analysis and Response)
- Collaborative approach
NST Risk Management that involves a team of
Framework (RMF) stakeholders from
- By the National Institute departments
of Standards and
Technology
- Used in the United States
government & private
sector

COSO Enterprise Risk
Management (ERM)
- Provides a structured
approach to managing
enterprise-wide risks

ISO 31000
- International standard
that offers framework for
risk management
- Applicable to
organizations of all sizes
and sectors

FAIR (Factor Analysis of
Information Risk)
- Quantitative risk
assessment methodology
that calculates the
financial impact of
information security risks
 Risk Management Process Defining risk criteria
- Specify the amount and type of
The risk management process should be risk that it may or may not take,
an integral part of management and relative to objectives
decision making and integrated into the - Define criteria to evaluate the
structure, operations and processes of significance of the risk and to
the organization. support decision making

Process 3. Risk Assessment
- It is the overall process of risk
1. Communication and identification, analysis, and
Consultation evaluation
- The purpose is to assist relevant - Should be conducted
stakeholders in understanding systematically, iteratively, and
risk, the basis on which decisions collaboratively, drawing on the
are made and the reasons why knowledge and news of
particular actions are needed. stakeholders

2. Scope, context, and criteria Risk Identification
- The purpose is to customize the - Purpose is to find, recognize,
risk management process, describe risks that might help or
enabling effective risk prevent an organization
assessment and appropriate risk achieving its objectives
treatment
Risk Analysis
Defining the scope - The purpose is to comprehend
- The organization should define the nature of risk and its
the scope of its risk management characteristics
activities. - Involves a detailed consideration
of uncertainties, sources etc.
External and internal context
- The external and internal context Risk Evaluation
is the environment in which the - The purpose is to support
organization seeks to define and decisions
achieve its objectives. - Comparing the results of the risk
analysis with the established risk
criteria to determine where
additional action is required
 and reported through
appropriate mechanisms
4. Risk Treatment
- Purpose is to select and Factors to consider for reporting, but
implement options for addressing are not limited to:
risk
1. Differing stakeholders, and their
Selection of risk treatment specific information needs and
options requirements
- Involves balancing potential 2. Cost, frequency, timeliness of
beliefs derived in relation to the reporting
achievement of the objectives 3. Method of reporting
against cost, effort, or 4. Relevance of information to
disadvantages of implementation organizational objectives and
decision making
Risk treatment options are not
necessarily mutually exclusive or
appropriate in all circumstances.

Preparing and implementing
risk treatment plans
- Purpose is to specify how the
chosen treatment options will be
implemented, so that
arrangements are understood by
those involved
- Clearly identify the order in which
risk treatment should be
implemented

5. Monitoring and Review
- The purpose is to assure and
improve the quality and
effectiveness of process design,
implementation and outcomes

6. Recording and Reporting
- The risk man processes and its
outcomes should be documented
 is concerned with preventing
Occupational Health and Safety harm from any incidental
Practices in Tourism and Hospitality hazards arising in the workplace
Industry
Three main objectives
Element 1: Occupational Health and
Safety 1. Maintenance and promotion of
workers’ health and working
Occupational Safety and Health (OSH) capacity
health and safety, occupational 2. Improvement of working
health and safety (OHS), environment and work to
occupational health or safety become conducive to safety and
Multidisciplinary field concerned health
with the safety, health, and 3. Development of work
welfare of people at work organizations and working
As defined by the World Health cultures in a direction which
Organization (WHO) supports health and safety at
“Occupational health deals with work and a positive social
all aspects of health and safety in climate and smooth operation
the workplace and has a strong and may enhance productivity of
focus in primary prevention of the undertakings
hazards
Element 2. OHS Law in the Philippines
Health
Defined as “a state of complete RA 11058
physical, mental, and social An act of strengthening
well-being not merely the Compliance with OHS standards
absence of disease or infirmity” and providing penalties for
violations thereof and its IRR
Occupational Health (D.0 198-18)
Multidisciplinary field of
healthcare concerned with Coverage
enabling an individual to 1. All Private establishments
undertake their occupation in the Where work is being
way that causes least harm to undertaken including
their health establishments located
It contrasts with promotion of inside special economic
health and safety at work, which zones and other
investment promotion
agencies
 4. To report accidents and
2. Utilities engaged in air, sea and dangerous occurrences to
land transportation DOLE-ROs and other government
3. Public Sector (Exemption) agencies in the most convenient
National government way
agencies, government 5. Workers shall be free from
owned and controlled retaliation for reporting any
corporations with original accident
charters, government
financial institutions, state Workplace Classification based on
universities, local risk
government units Low Risk Workplace
Refers to those with less
Duties and Rights exposure to safety and health
Employer’s duties - Provide a safe and hazards
healthy workplace through the ff: Low level of danger
With no or less probability to
Capacity building of all workers cause an accident, harm, injury,
including mandatory trainings or illness
Provision of information on OHS
Use of devices / equipment with Medium Risk Workplace
approved industry standards Refers to those having moderate
Compliance with all the exposure to safety and health
requirements of the OSH hazards
Standards With probability of an accident,
Provide appropriate DOLE tested injury, or illness if no preventive
and approved PPEs FREE of or control measures in place
charge to the workers
High Risk Workplace
Worker’s Rights Refers to those wherein presence
1. To know the different types of of hazards affects not only the
hazards in the workplace workers but persons outside the
2. Be provided with training, establishment
education, and orientation With high level of exposure to
3. To refuse unsafe work without safety and health hazards
threat or reprisal from the Probability of major accident is
employer in cases of imminent likely to occur
danger. Affected workers may be
temporarily assigned to other
work areas
 3. Nurses
Occupational Safety and Health (OSH) 4. OSH Personnel Complement
Programs
1. Covered workplace through the Number and type of OSH personnel are
Health and Safety Committee based on the number of employees and
(HSC), shall develop and the correct determination by the Safety
implement a suitable OSH Officer of his/her workplace
Program following the classification
DOLE-prescribed program
2. OSH Program shall be submitted Safety and Health training
and considered approved upon requirements
stamped-received by concerned 1. All OSH personnel shall undergo
DOLE-Regional Office or Field the prescribed mandatory
office. Pre-approved program training from DOLE-accredited
shall be validated during safety training organizations or
inspection and may be modified its recognized training
by DOLE as necessary, based on institutions
existing laws, rules, and 2. All workers shall undergo the
regulations mandatory 8-hour OSH seminar
3. The HSC shall review and as prescribed by DOLE. This
evaluate the OSH Program at training may be conducted by
least once a year or as necessary. the company safety officer in a
A revised copy of the program staggered manner
shall be submitted to DOLE 3. Workers performing critical
4. A suitable construction safety occupations shall undergo the
and health program (CHSP) mandatory competency
specific for each construction assessment and certification by
project shall be submitted to TESDA
concerned DOLE-Regional office 4. Workers’ OSH Seminars and
or field office training/orientation required by
5. The total cost of implementing the employer or by other
OSH Programs shall be an regulations in the performance of
integral part of the company’s their task shall be undertaken at
operation cost no cost to the worker and
considered as compensable
OHS Personnel Complement working time
All covered workplaces shall have
qualified OSH personnel:
1. First Aider
2. Safety Officer
Workers’ Welfare Facilities protective equipment,
All workers shall have free access and technical guidance,
use of the ff: recognition awards etc.
1. Adequate supply of safe drinking
water Inter-Government Coordination and
2. Adequate sanitary and washing Cooperation
facilities A joint coordinating committee
3. Suitable living accommodation shall be established to effectively
(construction, shipping, fishing, implement the Law and its IRR
night workers) The committee shall develop
4. Separate sanitary, washing, and mechanisms for harmonizing
sleeping quarters (All genders) each agency’s mandate, policies,
5. Lactation station guidelines related to OSH with
6. Ramps, Railings etc reference to the law
7. Medical Facilities (treatment DOLE to collaboratively work
room/clinic) with DENR, DOE, DoTR, DA,
8. Other worker’s welfare facilities DPWH, DTI, DILG-LGUs, DOH,
as may be prescribed by the OSH DICT, PEZA etc
standards and other issuances
Penalties of Violations
Joint and Solidary Liability Not more than P100,000 daily until
The employer, project owner, full compliance
contractor, or subcontractor and Willful failure or refusal to
any person who manages, comply with OSH standards or
controls, supervises the work compliance orders
being undertaken shall be jointly reckoned from the date of
and solidarily liable for issuance of Notice of Results or
compliance with the OSH Compliance order
Standards and corresponding
penalties for violations Corresponding fine plus 50%
Repeated violations of the same
Incentives prohibited act shall be penalized
Given to qualified every in-stance of repeat
employers and workers in violation
recognition of their efforts
in ensuring compliance P100,000
with the OSH standards When the violation exposes the
Shall be given in the form work to death, serious injury, or
of training, additional serious illness
Additional P100,000 fine Enforcement / Effectivity
refusal to access the Enforcement is through the
workplace DOLE0Regional offices having
refusal to provide or allow jurisdiction over the workplace
access to record D.O. 183-17 shall govern the
obstruct investigation procedure in the implementation
misrepresentation of DOLE D.O. 198-18
making retaliatory OSH Law IRR, DOLE D.O. 198-18
measures (termination, effectivity: January 25, 2019
refusal to pay, reducing
wages and benefits or
discriminates any worker
who has given information
relative to inspection)
Fundamentals of Safety Management Risk
Chance of physical or personal
Safety loss
Freedom from accident
The control of hazards to attain Cost of Occupational Health and
an acceptable lead of risk Safety

Incident
An event that may or may not
result to loss

Accident
Unplanned or undesired event
Not necessarily injurious or
damaging that disrupts the
completion of an activity

Hazard
Is any potential or existing Human Costs
condition in the workplace that, The effect of accident to a worker
by itself or by interacting with entails a lot of losses in terms of:
other variables, can result in
death, injuries, property damage, Disability - Temporary or
and other losses permanent pain and suffering
Loss of income; loss of earning
Hazard Control capacity
Involves developing a program Change in social life
to recognize, evaluate, and Death
eliminate the destructive efforts
of hazards arising from human Economic Costs
errors and from conditions in the The economic cost of incidents and
workplace illnesses are far greater than most
people realize (Direct Costs)
Loss Control
Is accident prevention, achieved Medical costs
through a complete safety and Insurance premium
health control program Employee compensation
Regulatory penalties
Indirect costs: Safety Management System
Investigation of incident
Cleaning up of incident site A term used to refer to a comprehensive
Disruption in production business management system designed
Repair/Replacement of damaged to manage safety elements in a
materials and equipment workplace
Training of new/replacement
employees A basic safety management system’s
Poor employee morale leading to main purpose is to:
low production To ensure everyone in the
Environmental litigation organization can recognize and
Ecological remediation understand real or potential
Marketing efforts to project hazards and associated risk
image To prevent or control operational
hazards and associated risk
Three Basic Principles of Safety
Responsibility and Accountability Planning
Top management should set up
1. Detection of conditions and an effective health and safety
practices which the safety management system to
disciplines have identified as implement the safety and health
hazardous policy which is proportionate to
2. The responsibility of challenging the hazards and risk
the safeness of exposures that
either are not covered by a Organization
safety standard or clearly a Involvement of employees and
suspected hazard in the light of their representatives in carrying
experience, reasonable out risk assessments, deciding on
judgment, and prudent preventive and protective
extrapolations from existing measures and implementing
hazard information those requirements in the
3. Application of the most workplace
appropriate established
countermeasures for controlling Control
each of the identified hazards Clarifying health and safety
responsibilities and ensuring that
the activities of everyone are well
coordinated
Monitoring
Top management should
measure what they are doing to
implement the health and safety
policy
To assess how effectively they
are controlling risks, and how well
they are developing a positive
health and safety culture

Review
Involves reviewing the system of
the whole health and safety
management including the
elements of planning,
organization, control
 OSH Guidelines for Hospitality and Hierarchy of Controls
Tourism industry

Workplace Hazard and their Control
1. Physical Hazard
2. Ergonomic Hazard
3. Biological Hazard
4. Chemical Hazard

Injuries and diseases in the workplace
Workplace Hazards and their Control
occur due to unsafe acts and conditions

Read Canvas for notes…
Unsafe Acts
Occur when employees do not
conform or depart from an
established standard, rules, or
policy

Unsafe Conditions
Physical or chemical properties
of a material, machine, or the
environment which could possible
cause injury to people, damage
to property, disrupt operations or
other forms of losses