Contents
Who is responsible for risk management in the workplace?
For: Employers and managers Information seekers The ‘person conducting a business or undertaking’ ( PCBU ), who is usually the employer, must manage risks to health and safety by eliminating risks as much as is reasonably practicable. Those responsible for preventing and managing risks include:
employersthe self-employedprincipal contractorsanyone who manages or controls a workplacedesignersmanufacturersimporters and suppliers of plant, substances or structures that are used at work.
This applies to all types of work and all workplaces that are covered by the Work Health and Safety Act 2011 (WHS Act), Managing work health and safety risks within a workplace involves the elements of governance, prevention, response and recovery.
Is CEO responsible for risk management?
Roles and responsibilities regarding risk management and internal control The key roles and responsibilities regarding the Group´s internal control and risk management are defined as follows: BOARD OF DIRECTORS The Board of Directors is ultimately responsible for the administration and the proper organization of the operations of the Company.
According to good corporate governance, the Board also ensures that the Company has duly endorsed the corporate values applied to its operations. The Board approves the internal control, risk management and corporate governance policies. The Board establishes the risk-taking level and risk bearing capacity of the Company and re-evaluates them on a regular basis as part of the strategy and goal setting of the Company.
The Board reports to the shareholders of the Company. AUDIT AND FINANCIAL COMMITTEE Audit and Financial Committee is responsible for the following internal control related duties
to monitor the reporting process of financial statements; to supervise the financial reporting process; to monitor the efficiency of the Company´s internal control, internal audit, if applicable, and risk management systems; to review the description of the main features of the internal control and risk management systems pertaining to the financial reporting process, which are included in the Company´s corporate governance statement; and to monitor the statutory audit of the financial statements and consolidated financial statements.
More detailed descriptions how Audit and Financial Committee is fulfilling its monitoring role are defined in the Committee´s annual plan. The Audit and Financial Committee reports to the Board of Directors of the Company. CHIEF EXECUTIVE OFFICER CEO is in charge of the day-to-day management of the Company in accordance with the instructions and orders given by the Board.
- CEO sets the ground of the internal control environment by providing leadership and direction to senior managers and reviewing the way they are controlling the business.
- CEO is in charge of the risk management process of the Group and its continuous development, allocation of resources to the work, review of risk management policies as well as defining the principles of operation and overall process.
CEO reports to the Board on risk management as part of the monthly reporting. CEO, and CFO, CLO, Segment Boards and the Presidents of the business segments, which operate under CEO, are responsible for the management of risks endangering the fulfillment of objectives set for the Company.
CHIEF FINANCIAL OFFICER CFO ensures and controls that the Group´s accounting and financial reporting practices comply with the law and that the financial reporting is reliable. CHIEF LEGAL OFFICER Chief Legal Officer ensures that the Group´s corporate governance practices comply with the law and that legal matters of the Group are handled appropriately, in particular the contractual risks related to business operations.
BUSINESSES SEGMENTS Segment Boards and management of business segments are responsible for internal control implementation in the business segments. More specific internal control policies and procedures are established within each segment within the principles set by the Group functions.
laws, regulations, internal policies, and ethical values
in their designated responsibility areas. Some areas of risk management, in particular the management of financial risks and insurances, have been centralized for the purpose of scale advantage and for securing sufficient Group-level control. FINANCE FUNCTION Group´s parent company´s finance function is responsible for:
ensuring a setup of adequate control activities for business segments in cooperation with the business management; operative follow-up of the adequacy and effectiveness of control activities; and ensuring that external reporting is correct, timely and in compliance with regulations.
Finance function does not have a separate internal control function. Group CFO reports any supervisory findings to the Finance and Audit Committee. INTERNAL AUDIT The Company has no specific internal audit organization. This is taken into account in the content and scope of the annual audit plan.
Who is responsible for the risk management process in most projects?
A project management risk owner is the individual responsible for observing each potential risk area and also executing a risk response should a risk event occur.
Who prepares risk management plan?
Key stakeholders – senior management, compliance officers, and department managers – may develop a risk management plan to address high-level and strategic risks. Or in a project management setting, a project manager works with the project team to create a risk management plan related to project risks.
What is the risk owner responsible for?
Risk ownership in project management – The term risk owner refers to the individual responsible for identifying, assessing, and mitigating risks. While risk management is a team effort, the risk owner plays a vital role in ensuring that potential threats are identified and addressed in a timely manner.
Is CFO responsible for risk management?
Risk comes from not knowing what you’re doing. – Warren Buffett One of the pillars of a CFO’s responsibilities is risk management. From overall financial compliance to the IT department, a fractional or full-time CFO is the first line of defense in establishing and maintaining adequate risk management and mitigation for today’s organizations.
Is the board of directors responsible for risk management?
Who/what must be protected? – The primary responsibility of a not-for-profit board is to guide the organisation in accomplishing its mission. In fulfilling this obligation, the board has a legal duty to use the organisation’s assets prudently. The assets of a not-for-profit vary, but generally fall within one of the following categories:
People (board members, volunteers, employees, clients, donors, and the public); Property (buildings, facilities, equipment, materials, copyrights, and trademarks); Income (sales, grants, and contributions); and Goodwill (reputation, stature in the community, and the ability to raise funds and appeal to prospective volunteers).
These are all things that the board must take into account when considering the organisation’s risk management strategy.
Is project team responsible for risk management?
Project Manager – What is the primary role of the project manager? He or she is responsible for achieving the project objectives. This often comes in the form of completing the project on time, within budget, and within scope. In a broader sense, project managers oversee all aspects of the project, including risk management. Here are some risk management tools that they may use:
Risk management plan Risk register Decision register Issue register
The authority of the project sponsor and project manager should be established early in the project and is typically included in the project charter, The project charter may include specifications of the project manager’s authority over others, such as project team members and a risk manager.
| Organizational Structure Type | Project Manager’s Authority | Project Manager’s Role | Who Manages the Project’s Budget? |
|---|---|---|---|
| Functional | Little or none | Part-time; may or may not be designated job role like coordinator | Functional manager |
| Matrix – weak | Low | Part-time; done as part of another job and not a designated job role like coordinator | Functional manager |
| Matrix – balanced | Low to moderate | Part-time; embedded in the functions as a skill and may not be a designated job role like coordinator | Mixed |
| Matrix – strong | Moderate to high | Full-time designated job role | Project manager |
| Project-oriented | High to almost total | Full-time designated job role | Project manager |
PMBOK® Guide, Sixth Edition, page 47 Matrix environments are common and require careful attention. Project team members report to both a functional manager and project manager(s). Where do project managers reside organizationally? That depends on the organization.
Who owns a risk plan?
A risk owner is a person or entity responsible for managing threats and vulnerabilities that they might exploit. Each risk owner should be someone for whom the risk is relevant to their job and who has the authority to do something about it.
