Risk Management Masterclass

1. Intro: Having a good knowledge about risk management is really important if you want to become a good project manager or health and safety and quality professionals. Hi everyone. My name is be support. People at work call me Dr. Bass. I did my PhD in animal science from Canada and now I'm working in Australia as a full-time project manager where we make cat and dog foods. Apart from my full-time job, whenever I get time, I make YouTube videos for my YouTube channel. And also I sometimes write opinion articles in national newspapers. I have also published several research articles in a national and international journals. And whenever I get time, I tried to play guitar and go for a hiking. So let's dive into today's course without wasting much time. In this course, I'm going to give you the basics about what is the risk, how to manage risk, and how to maintain a risk register. Because these are some of the skills I learned while I was working as a project manager and I want to share you my personal experience. 2. Class Project: So as a part of this course project, what he can do guys, is you make a note of two projects, whether it is your workplace, our home or school, identified those risks and make our description of that risk and categorize those risk. And then analyze and evaluate that risk based on the risk matrix I'm talking about in this video. And then make a treatment plan or action plan for that risk. I think that would be a very fun project for you guys. 3. What is a risk?: So what is a risk? Risk is basically add exposure to internal or external factors which can reduce the profit for your company, which can also increase the chance of failure, and which can affect company reaching its goals. That's why it is really important to understand the level of that risk and categorize that risk as high risk or moderate risk or low risk, and address that risk as quickly as possible. So to address that risk, there are a few step, which is also called Risk Management. And the first steps in risk management is you have to identify the risks. So you have to understand what is that risk? Well, that risk of falls. In which department that risk is falling, and who is the owner of that risk. And once you understand and identify the risk, what you have to do is you have to analyze and evaluate that risk based on provability of that risk happening in your company and based on the consequences of that risk. And once you evaluate and analyze that risk, what do you do is you make an excellent plan to address that risk, where you do a good accent to particular owners and make a record of it. And then once you address that risk, what you do is you monitor and review that. 4. What is risk matrix?: So what is the risk metrics? Are risk metrics is our metrics that is used while assessing risk based on two factors. One is the likelihood of that happening and another is the consequence of that risk happening. Or risk metrics is really important to understand and read the risk because you do not have all the resources in your company to address all the risk. So what you have to do is you have to read those risks from high to low. And if the risk is really high, what you do is you have to address that risk immediately. Whereas if the risk is low, you can choose to ignore that risk for certain period of time. I don't like to say you can ignore any risks because in the future that small risk can also be a big risk. So the only thing is if the risk is really important, then you have to address that risk immediately. The likelihood of the risk happening can be categorized as almost certain risks. Likely risk, possible risk, unlikely risk, and reward risk. And also the consequences of risks can be categorized as insignificant. And I know risk, moderate risk, meso risk, and extreme risks. And based on this, you will come up with a table where you rate risk as high risk, significant risk, medium risk, and low risk. So I would like to share you my screen. So this is an example of a risk assessment to metrics guys, as you can see here, which I am using to analyze and evaluate the risks happening in my company. And then I am writing those risks based on these metrics. As you can see here in the Columbia, this is the likelihood rating where I'm writing the risks from almost certain to rare, the likelihood happening. Some risks could be sought in. Some of them could be likely, some of them could be possible, some of them could be unlikely, and some of them could be rare. And as you can see here, this is the consequence rating. The consequence of some risks could be insignificant, some consequence could be minor, some of them could be moderate, some Maser, and some of the consequence could be extreme. So for example, earthquake, the consequence of earthquake is extreme, but the probability of earthquake happening is rare. So it could fall somewhere over here. Based on this, I will give a number to that risk. If the risk is insignificant and rear, I will get that risk number one. Whereas if the risk is sorted and extreme, I'll give the number ten. And based on that, risk, quits her gets number 910 will be high risk. And the risk which gets seven and it will be significant risk. And the risk which gets number 456 will be medium-risk. And the risk which gets number 123 will be low risk. If the risk is high, I will report to my general manager immediately about that risk. After assessing if the risk is significant, I'll report to my manager within 24 hours. And if the risk is medium, I report to my manager within 48 hours. And if the risk is low and report to my manager within seven to 14 days of risk assessment. For example, if you are working in manufacturing food manufacturing company one that could be bacterial contamination of food, that probability of happening that could be possible. Let's write possible here. And consequence could be maser. So it is possible and the consequence could be maser, so it will fall in the box, so the rating is eight. Similarly, there is another example which is injury of workers working in a mixin called bandsaw. The probability of happening that could be, let's say possible. And the consequences could be extreme. That means it is possible and the consequences extreme, so it will fall somewhere over here. Similarly, the earthquake, the provability of earthquake happening is rare. Whereas consequences extreme. That means it will fall in the box five. So this bacterial contamination of food got di score of eight, so that means it will fall here. So this is a significant risk. Whereas these risks is a high risk because you've got a score of nine. So that means it is a high risk. And this one is medium risk. This is how you read the risk using risk metrics. And if it is high risk, then you report to your manager immediately. If it is significant to you report to your manager within 24 hours and if it is medium, you report to your manager within 48 hours of assessment. 5. Steps involved in managing risks: Now let's understand the steps that are involved in typical risk management. So there are basically four steps that are involved in the risk management process. The phosphine is identification of that risk. Second is evaluation and analysis of that risk, which I have already made some in risk metrics. And part one is treatment of that risk or making X and plan of that risk. And fourth one is a monitor and review of that risk. Let's go into the foster one, which is identification of that risk. So while you identify any risk, you give risk ID, you describe what that risk is. You note down what is the cause of that risk. You note down whether that risk is internal or external. And you also give the category of that risk in which department that risk falls in. And you also write the owner of that risk and you also make a note off the date when that risk was identified. So when this identity gets enough, risk is complete. What you do is you analyze and evaluate that risk using a risk metrics I mention in my other video in this course. So during that analysis and evaluation of risk, what do you do? You make a note of the likelihood of that risk happening, whether it is highly likely, are less likely to make a note of consequences of that risk happening, whether the consequences extreme are insignificant. And you also make a note of what is the impact of that risk. And you also make a note of, is there any existing mechanisms to control that risk? This falls under the evaluation of the risks. And once you evaluate that risk, you make a treatment plan for that risk, or you make an excellent plan from that risk, what do you do is you make a note of debt when that treatment plan was made and you make a note of what is your susan treatment option, whether you choose to avoid that risk are eliminate that risk are the reduce that risk. And also you make a note down of excellent plan in a detailed manner. And then you assign owner of that axon and you assign debt when that axon is going to be carried out when all these three steps are completed, what you do is you monitor and review the risk in a timely basis, for example, annually or six monthly or every 2-year, what do you do is you write or date of when the review is going to be carried out and who is going to review the risk again. And you make a note of the trend of risk, whether the risk has decreased or increased after a risk management plan. And you write additional comments. 6. How to create Risk Register?: Alright, let's learn how to make a risk register using a spreadsheet. This is a template I created for you guys. For this, you need to have a basic knowledge on Excel spreadsheet. I'll also upload the template of this register at the end of discourse guys, which will really help you. So the first step is risk identification, and then second is risk analysis and evaluation. Tardy step is risk treatment and x and plan. And the fourth step is monitor and review. Let's go to the fastest step. So when you identify risk and what you can do is you can create a risk ID. So let's do the foster risk. Risk ID is one. And what is the risk or description? So the risk description could be bacterial contamination of food and the cause of risk could be temperature not reaching to 60 degrees. And whether that risk is internal or external cause I think that risk is internal. And the category could be that risk could fall under quality, service quality, and the risk owner could be Quality Manager. And it identified what's today. So now you just completed the identification of that risk. There are seven things involved. Id, description, cause of risk, whether that risk is internal or external, that category of that risk, risk owner and the date when that risk was identified. Now let's do some risk analysis and evaluation of that particular risks. So what is the impact of that risk? The impact of that risk could be loss of customer, brand, reputation damage. So these are some of the impact of that risk. And what is the existing control mechanism of that risk? So we have asset policies, we have mechanism to reach critical control point, that is 60 degree, as mentioned here. And what is the likelihood of that risk happening? That risk is possible when that temperature is not risk. And what is the consequence of that risk happening? So the consequences maser, if the likelihood is possible, which is here, and the consequences measure, then the rating becomes it, it means you get this color. That means the risk is significant and you have to report to your manager within 24 hours. So you just completed a risk analysis and evaluation. But now what you need to do is you need to make a risk treatment and excellent plan. So who is that is corner. This corner is quality manager. Or what you can do is you can just make a formula here. Debt when the risk treatment was completed. So let's give a date of today again, you can depending on your organized and you can make our debt. And what was the twos and treatment of some whether you choose to reduce, avoid, or eliminate. So you choose to avoid this risk because this risk is really important. And what is the action plan? So x and plan is to design the one that always, that do not open until 60 degree is. That is how you are going to design your axon plan. And who is the axon owner? Exxon owner is the production manager. And when is the accent target debt? You can give a date of, let's say tomorrow. So now you just learned how to treat that risk and how to make an ax and plan, which is really easy if you know what you are doing. And when you complete risk treatment and x and plan, what you have to do is you have to monitor and review that risk. So when is the debt of review? So let's say the date of review is next year, 2202021. And who will perform this review again? Quality Manager and the date X and SAP, you can men some certain debt. And what is the trend of that risk, whether that risk is increased, decreased our unchanged. So let us say decreased. And what is the comment? Well-done production team. So that could be your comment. This is how users to complete risk management for that particular risk. So let's do one more guys as an example. The second would be injury to workers working in bands of machine. Let's highlight that. What is the cause of risk? Improper use of bandsaw, not trend. It stuffs. So that would be the cost. And what is the source, whether it is internal or external? It is internal. And what is the category? The category would be work health and safety. And who is the risk owner? The risk owner could be products and man is at our health and safety manager. And when it was identified, organic was identified today. You just identified that risk today. Now you have to analyze and evaluate that risk. So what is the impact of that risk? Loss of hand, injury, bleeding. And sometimes it could also lead to legal accent, which could be really severe. What is the existing control mechanism? You have trainings on how to use bandsaw. And you have work health and safety policies. And you also have emergency stop in that messaging. And there could be other control mechanisms. And you might have a regular stand up meeting to discuss this risk. So that could be existing control mechanism and likelihood rating is, let us say it is unlikely, but the consequences extreme, that means this is unlikely, but the consequences extreme, so this will become seven. So this is still a significant risk and you have to report to your manager within 24 hours of risk assessment. Who is the risk owner? Again? It is products and manage their products. And men as there is the risk owner, now you are going to treat that risk and Mecca accent plan. So when you are going to make an accent plants, so let's say you are willing to make that today. And what is your SUDAAN treatment option? So you want to eliminate that risk. And if you can't eliminate, Then you can reduce our Avoid depending on the type of risks, guys. So what is the axon plan? Regular sake of bandsaw, regular training every two months, higher, staffs with bands or certification. So that is what you can do. And with the axon owner, let's say team leader is the axon owner. And when is the accent target date, let's say one month from now, 22092020. So now you've just completed X and plan to address that risk. And now it is time to monitor and review risk. So when you are going to review again in one year time and who is going to review it? It is going to be reviewed by work health and safety manager. And you can Men Santa date when that Exxon was at saved. And you can make a note of risk trend whether it has decreased, increased our uncensored, so let's say increased. So that means it is getting red. So you have to write a comment. For example, we need to escalate this risk to avoid it because the risk has increased even after making the treatment plan. So this is how you can maintain this risk register. So where you have risk assessment metrics, where do you have risk scripting and where do you have owner of this file? And you can also put down company logo here. And whenever auditor comes to your company, you this file as a part of your audience. 7. Outro: Alright, congrats, listens guys, on successful completion of this course, I hope this course was really useful to you guys and you launch a set of skills that will help you while you are managing project are while you are working as a quality and safety professionals. If you could give a review of this course, that would be really great and that would help me improve my courses in the future. I wish you good luck in whatever you are doing in your life. Good luck and bye, bye, bye.