PROJECT

PORTFOLIO
 Contents

Section 1: Establish risk context 5

Section 2: Identify and analyse risk 8
Section 3: Implement and monitor risk treatment 10

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 2
 Student name:

Assessor:

Date:

Business this assessment is

based on:

Risk management
project/process:

Documentation reviewed as
preparation:

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 3
 Section 1: Establish risk context

1 Provide a brief overview of the business or organisation you are basing your portfolio on.
1.1 What is the name of the business or organisation?
NatureCare Products
1.2 What is the main focus of the business?
Sells high-quality beauty skin care products at health food stores nationwide, as well as online
through its own website, aiming to increase market share by 20%.
1.3 What role will you assume as you investigate risk for your chosen risk management
process/project?
Financial Manager
Note: This role should include the responsibility to lead risk management processes for the
organisation or a work area.

2 Determine the scope of your chosen risk management process/project.

2.1 What does your chosen risk management process/project include?
Investigating a risk of establishing 1chain store in melbourne and investment program within 6
months
2.2 Which departments or work areas are involved in the process?
Finance division (payroll, investment and credit control dept)
2.3 Are there any risks the business will not manage (for example, staff retention)?
Risks business will not manage: force majeure (war, pandemic,natural disaster, recession
3 Evaluate organisational requirements and standards for managing risk.
3.1 Which organisational policies and procedures provide input on how you approach your chosen
risk management process or project e.g. Risk management, Record keeping etc.? Procedures

I make use of Natura Care Product's organizational policies and processes.

The CEO will oversee and facilitate this process, which will proceed in the manner described
below:
a. A CEO-led exercise that identifies risks every year. This entails determining the severity and
likelihood of risks, as well as developing and/or reviewing individual risk management strategies
for risks that have been identified and that go above and beyond what NatureCare Products
considers to be acceptable risks.
b. The inclusion of a Risk Management Assessment for all company activities, whenever
possible,
c. Clearly establish and document risk management escalation procedures.
d. Ensuring consistency in approach of responses to the same risk by different sections of
NatureCare Products
e. Testing documented risk management procedures at appropriate intervals.
BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 4
 3.2 Are there any processes you need to follow?
The typical risk management process essentially comprises of four steps or stages. The steps )
are:
o risk identification
o risk analysis
o risk priority
o risk mitigation (or control)
o risk monitoring implemented risk control measures.
3.3 Attach policies and procedures to this section of your portfolio.
(Attached Simulation Pack BSBOPS504, page 4-9)

4 What are the legal requirements associated with your chosen risk management process or project?
4.1 Explain the legislation you need to comply with. :
Fair work Act:
 • Outlining the terms and conditions of employment for those working in finance and
retail. The terms and conditions in Nature Care's working agreement must adhere to
the principles of the Fair Work Act.

 • Outlining the rights and obligations of employees (in this case, the finance manager,
finance assistant, and retail shop staff) and employers (in this case, nature care top
management/CEO).
WHS Acts:
The WHS Act places the primary health and safety duty on a person conducting a business or
undertaking (PCBU), in this case Nature Care Product. In Queenslad, WHS acts used to:
 identify hazards (for example the ergonomy of finance employees work environment)
BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 5
  assess risks,
 find ways to control those risks,
 and then make sure those controls keep working.
4.2 Do any regulations apply?
IFRS (International Financing Reporting Standards), Australia Accounting Standards Board
(AASB) Statements
4.3 Is there the potential for new laws to be introduced or existing ones to be amended or
rescinded?
Yes, IFRS will change throughout time (for instance, the most recent IFRS is IFRS 17) after a
significant change in the nature of the entity's operations in the world at large.
Yes, switching to IFRS accounting standards is expensive and time-consuming. Investors and
other users of financial statements need to examine how the information they are receiving has
changed, securities regulators and accounting professionals need to alter their processes, and
the companies reporting will typically need to change at least some of their systems and
practices.
Companies should also need to align Austalia Accounting Standard Board with IFRS 17

4.4 Which risk management standard/s are used or guide the risk management activities of the
business?
Risk management standard used are: The AS/NZS ISO 31000:2018 Standard.
The risk management activities refer to risk management included in ISO 31000's which are:
 identify risks
 evaluate the probability of an event tied to an identified risk occurring; and
 determine the severity of the problems caused by the event occurring.

5 List the resources available for you to use as you plan, implement and monitor risk.
 Risk management template excel from Risk Management Department. Risk Management officer
will coordinate with each department quarterly to monitor RM implementation

 Template of Risk Management from: https://www.smartsheet.com/free-risk-management-

plan-templates
 Additional sources from https://portal.ct.gov/ and BSBOPS504 Simulation Pack
5.1 Are template documents available to support your risk management process/project?
Yes, it identifies risk owner, risk identification, risk monitoring, Risk Response Planning, Risk
Contingency Budgeting
5.2 Do you have budget allocation or restrictions for the risk management process/project?
Yes, based on the budget allocatin provided in annual budget for running year, we have AUD
20,000 for risk management process in 1 year.
5.3 Which employees are available to assist you?
Risk Management Officer, Payroll officer, Retail store manager
5.4 What other resources are required?
Risk assessment, Risk audit, Meeting to refresh risk limit and how to mitigate for all employee.

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 6
 6 Establish objectives and critical success factors for your risk management process or project.
6.1 List two objectives.
- Reducing corporate costs by efficiently managing and conserving resources (people, capital,
intangible assets, etc.);
- Identifying risks early and taking the required steps or procedures, the company intends to
mitigate circumstances that financially affect the organization.
6.2 List three critical success factors for the risk management process or project.
- Interactive communication between all stakeholders fosters consistency, increases
transparency, and generally strengthens the risk management process.

- Participation of key stakeholders: It's crucial to include risk stakeholders so they are informed
of potential repercussions and can voice their opinions if they so choose. Working with various
risk stakeholders also means that various viewpoints are taken into consideration. Explore
more options for potential risk and risk management because different people might provide
different viewpoints and levels of expertise to a subject.

- Appropriate staff training: Employees who receive risk management training are better able to
recognize and comprehend how risk management improves teams, their performance, and the
business as a whole. Additionally, it enhances the team's capacity to handle risk.

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 7
 7 Identify stakeholders who will be part of the risk management process.
7.1 Who is able to shed light on or assist with risk identification, risk analysis and/or risk control?
CEO, Project manager, Marketing Manager, Finance Manager
7.2 Who is likely to be impacted by an adverse risk event?
- If the establishment of 1 chain stores in Melbourne fails: CEO, Project Manager, Marketing
manager, shop assistant
- Teft in the store: marketing manager, shop assistant
- Incorrect invoicing: Finance manager
- If the ROI of investment is not reach the expectation: CEO, Finance Manager
7.3 How will each stakeholder provide input to the risk management process (such as identifying
possible risks, helping describe their impact and suggesting ways to prevent or mitigate risks)?
- For CEO ,Project Manager, Marketing Manager, Finance Manager, shop
assistant:
a. Conducting a series of meetings with the stakeholders RM team have
identified and invited
b. Distributing questionnaires and/or surveys to stakeholders (as an alternative
to holding meetings)
- Project manager: referencing what has happened in similar local, national and
overseas organisations

7.4 What influence does each stakeholder have on risk management decisions?
1. CEO: they can decide risk management process need to be followed
2. Project Manager, Marketing manager, Finance Manager: they can offer risk
mitigation options and develop it with RM team before propose the options to BOD,
can take emergency measures / contingency plan, for example: cost cutting of
project, hold the staff recruitments for a while, etc.
3. Shop assistant: no signifcant influences/ the user of RM decision.

7.5 What are the possible issues each stakeholder may have if a risk event occurs (for example,
employees will still want to be paid, customers may still need your products or services and
banks will still need to be paid for loans etc)?
- Shop assistant: In case of the cancellation of the construction of 1 chain store,
their recruitment may be stop and they may want severance pay to be paid all
once.
- CEO : Law suit from stakeholders, need to pay loan to bank even if the
project fail
- Marketing manager : Revenue target cannot be achieved
- Project manager : The project target cannot be achieved
- Finance manager: The AR/AP and investment target cannot be achieved

8 Communicate with relevant stakeholders.

8.1 Who will you communicate to (at least two stakeholders) regarding:
Who will you communicate to (at least two stakeholders) regarding:

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 8
 8.1.1. Explanation of the risk management process or project?
CEO, Risk Management Manager, Marketing Managemer, Payroll Unit Head
8.1.2. Invitation to assist in risk identification.
Zoom meeting and Focus group discussion with RM Team and Finance Officer
8.2 How will you consult with each stakeholder?
• face-to-face discussions
• email exchanges
• team meetings
• telephone calls
• online discussion or chat forum.
I will do the risk management meeting with , Risk Management Manager, Project Managemer,
Payroll Unit Head
8.3 If not already viewed in person by your assessor, attach proof (e.g. draft email, telephone
conversation recording, video of meeting etc.) of your explanation of the risk management
process/project to the stakeholders.

8.4 If not already viewed in person by your assessor, attach proof of your invitation to stakeholders
to assist in the identification of risks (e.g. draft email, telephone conversation recording, video
of meeting etc.).
Note: If suitable, 8.3 and 8.4 can be completed as one communication.

9 Analyse the external environment of your risk management process/project.

Note: You may choose to perform any external environmental analysis (e.g. PESTLE analysis) to
answer this question instead of the questions below.

PESTLE ANALYSIS

Political Economy Social Technology

Pandemic: Lockdown Employment Rates: The raising number of •The rapid

that barring people to customers who prefer development of
The decrease number
go outside and shop to do online shopping technologies (internet,
of employment rates
in retail store, hence due to the rapid apps, gadget) shaping
BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 9
 decrease the will reduce the development of the customer
profitability of retail number of people technology and shopping behaviors,
store. who can shop in retail internet will affect the by which they tend to
store and impact the revenue of retail shop online lately,
purchare power, store. especially during
hence decrease the pandemic. The
profitability of retail technology will
store. decrease the sells
number in retail
store .
 The automation of
invoicing (RPA) can
result in a more
accurate invoice.
Nature Care can
use this system to
improve their
business

9.1 What is the political situation like (e.g. unrest, government support of small business,
government policies)?
9.2 What is the current and predicted economic situation (e.g. state of local and other applicable
economies, interest rates, exchange rates, employment rates etc.)?
9.3 Are there any social considerations (e.g. changing values, beliefs, attitudes and habits)?
9.4 How are technological advances affecting the business (e.g. internet, RPA, risk control)?
9.5 What are competitors doing?

10 Establish the strengths and weaknesses within your business that have the potential to create or
impact risk.
Note: You may choose to use any relevant analysis tool (e.g. SWOT analysis) to answer instead of
the questions below.
10.1 Are the current risk management policy/procedures complete and comprehensive?
10.2 What is the state or condition of business’ resources relevant to your risk management process
or project?
10.3 How effective are existing communication mechanisms between management and the
workforce?
10.4 How loyal are staff?
10.5 What is the size and quality of the customer data base?
10.6 What is the business’ ability to fund or raise funding?
10.7 What is the business’ cashflow situation?
10.8 Are supplier relationships strong and reliable?

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 10
 Attach: Policies and procedures ☐

Communication to explain risk management process to

☐
stakeholders (if relevant)

Communication to invite stakeholders to identify risks (if

☐
relevant)

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 11
 Section 2: Identify and analyse risk

1 Plan to discuss risks with invited stakeholders (identified in Section 1).

1.1 Choose a tool or technique to facilitate the group discussion to identify risks within the scope of
the risk management process
Note: At the meeting, you will collaboratively choose three risks to focus on as a group.
1.2 List what will be discussed (e.g. identify risks, assess risks, risk treatments, priorities etc.)
1.3 What method and scale will you use to assess the likelihood and severity of the risks?
1.4 What will guide how you prioritise risk (e.g. risk matrix)?
1.5 What are you prepared to negotiate?
1.6 How will you negotiate?
1.7 Explain questioning and listening techniques you will use to seek the opinion of others and
clarify your understanding of what others say.

2 Summarise risks.
2.1 Summarise at least three risks identified at the meeting that apply to the scope of your risk
management process or project. For each risk:
2.1.1. Identify which type of risk it is.
2.1.2. Identify who may be responsible for the risk.
2.1.3. List at least two potential outcomes should the risk eventuate.
2.1.4. What treatment alternatives were discussed?
2.1.5. How do the stakeholders want to prioritise the risks?
2.2 If not already viewed in person by your assessor, attach proof of your stakeholder meeting (e.g.
video of meeting etc.).

3 Complete the table below to assess the identified risks (use an appropriate scale and stakeholder
input) to calculate a combined value for the risk’s likelihood and severity.
Note, you may enter relevant information into the table below, or use any other appropriate format. If you
use another format (e.g. MS Excel spreadsheet), attach proof to this section of your portfolio.

Risk Potential outcome Student’s Stakeholder Stakeholder Combined

role 2 3 value (e.g.
average)

Likelihood Severity Likelihood Severity Likelihood Severity Likelihood Severity

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 12
 Risk Potential outcome Student’s Stakeholder Stakeholder Combined
role 2 3 value (e.g.
average)

4 Research risks
4.1 Research each of the identified risks to learn more about the risk and any related risk treatment
options (e.g. speak to stakeholders, do an internet search, review best practice examples,
check policies and procedures, view past incidents, research technology solutions etc.).
Note: You must access at least two different sources of information.
4.2 Summarise the research done for each identified risk.
4.3 List the options available to you to treat your identified risks.
4.4 Attach proof of your research to this section of your portfolio.

5 Use digital technology to document and calculate risk (e.g. a risk register). Include the risk, potential
outcomes, likelihood, impact/severity, risk calculation, treatment actions and priority of each
treatment action.
Note: Risk is calculated (likelihood)x(impact).

Attach: Proof of your research (2 sources) ☐

Stakeholder meeting ☐

Risk assessment (likelihood and impact) if you did not ☐

use the table provided
BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 13
 Digital risk documentation e.g. risk register ☐

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 14
 Section 3: Implement and monitor risk treatment

1 Complete the action plan below for ONE of your selected risk treatments (in your Risk register in
Section 2).
Note: If your business already has an action plan template or other specific documentation
requirements, use them instead and attach your work to this section of the portfolio.

Risk:

Action:

Desired outcome:

Overall person responsible:

Step: Person Timeframe: Resources: Performance Outcome Done?

responsible: measure: requirements:

2 Communicate the action plan to relevant parties (each person responsible for a step in the action
plan).
2.1 To who will you communicate?
2.2 How will you communicate (e.g. face-to-face discussion, email)?
Note: If you are basing this assessment on the case study business, you are required to
communicate verbally.
2.3 Unless already viewed in person by your assessor, attach proof of your communication to this
section of the portfolio (e.g. email with attachment, project schedule, video of team meeting
etc.).

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 15
 3 Implement your action plan and maintain documentation.
3.1 Which step will you implement?
Note: If you are using the case study, assume that one step in your action plan is to request
quotes for RPA systems for invoice capturing.
3.2 What are the organisational policy and procedure requirements to implement your chosen step
in the action plan (e.g. how many quotes are you required to obtain, should a research report
be written etc.)?
3.3 Attach proof of implementation to this section of your portfolio (e.g. request for quotes, research
conducted and written into a research report etc.).
3.4 Describe how you maintained the documentation to indicate completion of the step (e.g.
marked the action plan as “done”). If this step cannot be completed in the Project Portfolio,
attach proof.

4 Monitor your risk management process or project.

4.1 What data is available?
4.2 Have any new risks emerged?
4.3 Have any incidents been recorded?
4.4 Have you (or other stakeholders) received or provided feedback?

5 Evaluate your risk management process or project.

5.1 Are you identified risks still relevant?
5.2 Have your risk treatments been successful?
5.3 Are there any new risks?
5.4 How satisfied are stakeholders with your action taken to manage risks?
5.5 Are your selected treatment options still in line with best practice?
5.6 Is any other risk treatment necessary?
5.7 Write a report on the outcomes of the evaluation and attach it to this section of your portfolio. In
you report, include:
 a summary of the risk process/project and associated risks and risk treatments

 a summary of the progress of the action plan

 a summary of new risks

 a summary of risks no longer valid

 any additional risk treatments required.

Attach: Action plan (if relevant) ☐

Proof of communicating action plan ☐

Proof of action plan step implementation ☐

Proof of how you maintained documentation (if relevant) ☐

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 16
 Evaluation report ☐

BSBOPS504 | Manage business Risk | Project Portfolio I V2.0 | May 22

Macquarie Education Group Australia Pty Ltd t/a MEGA Education | RTO Code 91305 | CRICOS Code 02657J 17