Most Anglican churches and organisations acknowledge that good risk management practices are important. However many believe it is too complex, too time consuming and there are other more important priorities. Some have folders of policies and procedures that sit in the bottom drawer of the filing cabinet.


WHAT IS A RISK?

To define risk on a technical level, a risk is “the effect of uncertainty on objectives.”   Risk management begins and ends with your objectives... what is your mission, your vision or your calling overall (at an enterprise level) for a specific activity (operational)?  Everyone must take risks in order to achieve their objectives, so risk management is simply about considering the 'uncertain' variables and trying to manage them to maximize the impact of what you are trying to accomplish.  Ultimately taking risks is a good thing, it is necessary and it is important... so good risk management is intentional and not reckless. 

A risk can be internal (within your control) or external (outside your control). Risk management is both preventative (reducing the chances of something unexpected happening) and also impact reducing (minimising the impact if something unexpected does happen).


WHAT IS THE RISK MANAGEMENT PROCESS?

The 5 Step Process is based on Australian Standards (AS 31000).

 STEP 1 - Identify your risks
 STEP 2 – Analysis your risks
 STEP 3 - Evaluate your risks
 STEP 4 – Treat your risks
 STEP 5 – Monitor and review the risks
STEP 1 - IDENTIFY YOUR RISKS At a basic level, identifying risks can start with a simple brainstorming exercise. It is best done by leaders with operational responsibility as they best know the practical aspects of any risk. Getting an external or independent perspective will also ensure that you don’t miss critical risks from being too close to the activity to be objective.
STEP 2 – ANALYSE YOUR RISK Once you have created your list of risks, you need to do a simple exercise of systematically determining how important these risks are. Use the universal risk matrix table to help rank the risks based on the likelihood of occurrence and then just how much impact the event would have on your organisation.
STEP 3 - EVALUATE YOUR RISK Once you have a list of analysed risks, it is time to prioritise them. Rank the risks in order of the highest risks to lowest. At this point many organisations get overwhelmed and give up. We recommend that you select the top 10 risks to start with. It is better to deal with the most important risks properly first, then move on to the other lower priority risks.

The next practical step is to evaluate your top risks by asking a simple question,
“Are we comfortable with the way this risk/uncertainty is being handled?”
STEP 4 – TREAT YOUR RISK There are five things you can do about a risk/uncertainty. The strategies are:
 
  1. Avoid the risk. Do something to remove it such as ban the activity.
     
  2. Transfer the risk. Make someone else responsible. Perhaps engage a contractor or a third party. Getting appropriate insurance coverage may be a risk transfer strategy.
     
  3. Mitigate the risk. Take actions to lessen the impact or chance of the risk occurring.
     
  4. Create risk strategies, plans and policies for risks and adjust behaviours where necessary to reduce the risk.
     
  5. Accept the risk. You might calculate the risk and decide that it is worth taking on for yourself.
     
STEP 5 – MONITOR AND REVIEW YOUR RISKS Every organisation, big or small, should allocate one or two people to champion and manage the risk management process. They should provide regular reports to the board as well as coordinate the assessment of any new activities.

It is appropriate to conduct a comprehensive review annually and looking at any incident and near miss trends. It is best to schedule in advance.
DOCUMENT THE PROCESS It’s now time to complete a simple summary document of your risk management findings. This summary is commonly referred to as a risk register and summarises each step of the process.

At the AIRS office we have a template that you can use for a risk register. Please contact us for a copy and for further information.