Risk Management and Enterprise Risk Management at Woolworths
VerifiedAdded on 2023/06/03
|19
|3861
|336
Report
AI Summary
This report provides a comprehensive overview of Woolworths' risk management plan, emphasizing the importance of identifying, evaluating, and responding to potential risks. It reviews the risk management policy principles, highlighting the need for value creation, resource protection, and alignment with corporate objectives. The report details responsibilities at various levels, from the Board to operational staff, and explains Woolworths' Enterprise Risk Management (ERM) approach, including the ORCA framework (Objectives, Risks, Controls, Alignment). The ERM process at Woolworths involves risk identification, analysis, response, monitoring, and reporting, ensuring continuous improvement and effective decision-making. This document is available on Desklib, a platform offering a wide range of study tools and solved assignments for students.
Running head: RISK MANAGEMENT
Risk management
Name of student
Name of University
Author note
Risk management
Name of student
Name of University
Author note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1RISK MANAGEMENT
Table of Contents
Introduction......................................................................................................................................3
Purpose of risk management plan....................................................................................................3
Review of Risk management policy principles...............................................................................4
Responsibilities................................................................................................................................5
Enterprise Risk management approach...........................................................................................6
Enterprise Risk management process at Woolworths.....................................................................9
Conclusion.....................................................................................................................................14
References......................................................................................................................................16
Table of Contents
Introduction......................................................................................................................................3
Purpose of risk management plan....................................................................................................3
Review of Risk management policy principles...............................................................................4
Responsibilities................................................................................................................................5
Enterprise Risk management approach...........................................................................................6
Enterprise Risk management process at Woolworths.....................................................................9
Conclusion.....................................................................................................................................14
References......................................................................................................................................16
2RISK MANAGEMENT
Introduction
The risk management introduces the various concepts of identifying the risks, evaluating
its impacts and defining probable responses to the issues. The risk management plan is deduced
at Woolworths to ensure that the organization functions properly and any kinds of risks are
overcome at an early stages, before it creates any kinds of adverse effects that may affect the
business in the long run. The Woolworths Limited Group is committed to the development of
various strategic and enterprise wide approaches to manage risks and ensures strengthening the
risk aware culture to facilitate coordination at work and improve business performance as well
(Woolworths.com.au 2018). The Enterprise risk management plan will also include the purpose
of risk management, define new policy principles and even monitor risks to mitigate those,
furthermore gain good momentum as effective risk management responses to the challenges and
issues that shall be faced by the organization.
Purpose of risk management plan
The Enterprise risk management has created positive impacts on the business
performance and at the same time, facilitated the change management practices within specific
organizational setting. For instance, Paape and Speklè (2012) also states that the adoption and
designing of enterprise risk management practices have not only dealt with the risks and
opportunities, but also has conducted an integrated approach to increase the capacity of the entity
for creation and preservation of values for the various stakeholders involved in business. With
the help of Enterprise risk management, Woolworths should be able to identify the level of risk
and its potential nature and degree of risks embedded within the processes and activities
Introduction
The risk management introduces the various concepts of identifying the risks, evaluating
its impacts and defining probable responses to the issues. The risk management plan is deduced
at Woolworths to ensure that the organization functions properly and any kinds of risks are
overcome at an early stages, before it creates any kinds of adverse effects that may affect the
business in the long run. The Woolworths Limited Group is committed to the development of
various strategic and enterprise wide approaches to manage risks and ensures strengthening the
risk aware culture to facilitate coordination at work and improve business performance as well
(Woolworths.com.au 2018). The Enterprise risk management plan will also include the purpose
of risk management, define new policy principles and even monitor risks to mitigate those,
furthermore gain good momentum as effective risk management responses to the challenges and
issues that shall be faced by the organization.
Purpose of risk management plan
The Enterprise risk management has created positive impacts on the business
performance and at the same time, facilitated the change management practices within specific
organizational setting. For instance, Paape and Speklè (2012) also states that the adoption and
designing of enterprise risk management practices have not only dealt with the risks and
opportunities, but also has conducted an integrated approach to increase the capacity of the entity
for creation and preservation of values for the various stakeholders involved in business. With
the help of Enterprise risk management, Woolworths should be able to identify the level of risk
and its potential nature and degree of risks embedded within the processes and activities
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3RISK MANAGEMENT
managed by the company. The organization must identify the risks and then prioritize the risks
based on its level of severity based on critical controls (Paape and Speklè 2012). As stated by
Paape and Speklè (2012), the main motive behind successful enterprise risk management could
be the compliance, assurance and better decision making process, which should improve the
efficiency of project techniques and strategies.
Review of Risk management policy principles
The evolution of ERM has also resulted in formation of a risk aware culture, furthermore
supported various policies applied to individuals who have been working at Woolworths,
Australia. According to Fraser, Fraser and Simkins (2010), the policy principles are associated
with the management of risks that could create value and protect the resources from damage,
which might create risks furthermore and affect the accomplishment of business goals and
objectives. The ERM initiative undertaken at Woolworths, Australia should also be proportionate
to the risk level based on its size, nature and complexities, which must be aligned with the
corporate objectives for ensuring effective dynamic process management along with responding
to the changing situations with ease and effectiveness too (Fraser, Fraser and Simkins 2010). The
various risks that might be faced by Woolworths could be higher capital costs, lack of interest
among the workers, deterioration of quality of products and services, thereby damaging the
brand reputation and image. The risk management should be transparent so that all the
stakeholders are engaged altogether for managing the risks through shared decision making as
well as facilitate training and developmental sessions, monitoring of risks, communication and
reviews done periodically. The risk management procedure, which has been presented in the
Australian standards, i.e., AS/NZS ISO 31000:2009 Risk management Principles and guidelines,
managed by the company. The organization must identify the risks and then prioritize the risks
based on its level of severity based on critical controls (Paape and Speklè 2012). As stated by
Paape and Speklè (2012), the main motive behind successful enterprise risk management could
be the compliance, assurance and better decision making process, which should improve the
efficiency of project techniques and strategies.
Review of Risk management policy principles
The evolution of ERM has also resulted in formation of a risk aware culture, furthermore
supported various policies applied to individuals who have been working at Woolworths,
Australia. According to Fraser, Fraser and Simkins (2010), the policy principles are associated
with the management of risks that could create value and protect the resources from damage,
which might create risks furthermore and affect the accomplishment of business goals and
objectives. The ERM initiative undertaken at Woolworths, Australia should also be proportionate
to the risk level based on its size, nature and complexities, which must be aligned with the
corporate objectives for ensuring effective dynamic process management along with responding
to the changing situations with ease and effectiveness too (Fraser, Fraser and Simkins 2010). The
various risks that might be faced by Woolworths could be higher capital costs, lack of interest
among the workers, deterioration of quality of products and services, thereby damaging the
brand reputation and image. The risk management should be transparent so that all the
stakeholders are engaged altogether for managing the risks through shared decision making as
well as facilitate training and developmental sessions, monitoring of risks, communication and
reviews done periodically. The risk management procedure, which has been presented in the
Australian standards, i.e., AS/NZS ISO 31000:2009 Risk management Principles and guidelines,
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4RISK MANAGEMENT
is adopted by the company to set a risk management framework and this facilitated the
management of roles and responsibilities along with clarification of accountabilities (Olson and
Wu 2015).
Responsibilities
The Board holds the power and authority to create an Enterprise Risk management
framework while the Senior Leadership Team under the leadership of Chief Executive Officer
has been associated with the implementation of strategies, maintenance of a culture, manage
people and processes along with use of advanced technologies for easing down the business
operations (Pach et al. 2014).
First line of defense- Risk ownership and management
The risks are assessed and a risk profile is created by managing periodic review
conducted by the Management Board. This should give rise to a healthy and risk aware culture
and thus allow the knowledge and information of risks to be transferred to the Audit, Risk
Management & Compliance Committee (ARMCC) for managing the risks properly. There are
team leaders, managers and risk representatives who are responsible for applying the risk
management principles embedded within the organizational culture to foster management of
business operations with ease and effectiveness (Wu and Olson 2015). The division managers
have the power and authority to terminate employees and immediately stop any tasks that might
cause severe threats for the organization in the future as well.
Second Line of Defence - Risk Oversight
is adopted by the company to set a risk management framework and this facilitated the
management of roles and responsibilities along with clarification of accountabilities (Olson and
Wu 2015).
Responsibilities
The Board holds the power and authority to create an Enterprise Risk management
framework while the Senior Leadership Team under the leadership of Chief Executive Officer
has been associated with the implementation of strategies, maintenance of a culture, manage
people and processes along with use of advanced technologies for easing down the business
operations (Pach et al. 2014).
First line of defense- Risk ownership and management
The risks are assessed and a risk profile is created by managing periodic review
conducted by the Management Board. This should give rise to a healthy and risk aware culture
and thus allow the knowledge and information of risks to be transferred to the Audit, Risk
Management & Compliance Committee (ARMCC) for managing the risks properly. There are
team leaders, managers and risk representatives who are responsible for applying the risk
management principles embedded within the organizational culture to foster management of
business operations with ease and effectiveness (Wu and Olson 2015). The division managers
have the power and authority to terminate employees and immediately stop any tasks that might
cause severe threats for the organization in the future as well.
Second Line of Defence - Risk Oversight
5RISK MANAGEMENT
At the second line of defence, the group risk manages the establishment of policies, rules,
regulations and guidelines required to manage risks at Woolworths, though it should be approved
the Board of Directors. The Group Risk has also created effective frameworks that shall allow
the company to undertake preventive measures at the early stages to deal with the risks by
protecting the assets owned and maintaining safety and wellbeing within workplace too
(Bromiley et al. 2015). The implementation of information technology by Group Quality
Technical services could set frameworks and standards for measuring the performances of
different areas where risks might be experienced.
Third line of defence –Independent Assurance
The third line of defence enables both internal audit and external audit management
where the management and Board of Directors control the internal environment whereas the
external audit involves managing the trustworthiness of the clients along with maintenance of a
good financial position through compliance with the standards of accounting. This would also
ensure gaining approval from the Audit, Risk Management & Compliance Committee based on
the tasks delegated and at the same time, facilitate undertaking management actions and making
decisions to maintain a good risk profile (Baxter et al. 2013).
Enterprise Risk management approach
The organization has used the ORCA approach to manage application of risk
management techniques properly for maintaining everyday business operations, execute
strategies and accomplish the business goals.
O: Objectives
At the second line of defence, the group risk manages the establishment of policies, rules,
regulations and guidelines required to manage risks at Woolworths, though it should be approved
the Board of Directors. The Group Risk has also created effective frameworks that shall allow
the company to undertake preventive measures at the early stages to deal with the risks by
protecting the assets owned and maintaining safety and wellbeing within workplace too
(Bromiley et al. 2015). The implementation of information technology by Group Quality
Technical services could set frameworks and standards for measuring the performances of
different areas where risks might be experienced.
Third line of defence –Independent Assurance
The third line of defence enables both internal audit and external audit management
where the management and Board of Directors control the internal environment whereas the
external audit involves managing the trustworthiness of the clients along with maintenance of a
good financial position through compliance with the standards of accounting. This would also
ensure gaining approval from the Audit, Risk Management & Compliance Committee based on
the tasks delegated and at the same time, facilitate undertaking management actions and making
decisions to maintain a good risk profile (Baxter et al. 2013).
Enterprise Risk management approach
The organization has used the ORCA approach to manage application of risk
management techniques properly for maintaining everyday business operations, execute
strategies and accomplish the business goals.
O: Objectives
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6RISK MANAGEMENT
The company’s aims and objectives to be achieved, i.e., to become the most reputed and
established retail based company in Australia. Woolworths also aims to put customers at first
across all the brands and become a successful lean retailer within the Australian retail industry
through management of excellent systems and managing end to end processes. The development
of strategic partnership and improving the human capital are other considerable objectives to be
achieved by the company (Grace et al. 2015). The risk management plan aims to identify the
stakeholders at first, understand their needs and communicate relevant information during a
particular time so that the management could make decisions effectively.
R: Risks
The potential risks and events that might act as barriers while achieving the business
goals and these included unable to meet customers’ requirements and even lack of workforce
efficiency, which might damage the major assets owned by the company such as property,
people, capital and earning power. Woolworths could adopt the responses to understand the
potential rate of return or loss at the beginning stages, which should give rise to scopes and
opportunities for operating within the environment where constraints and limitations might
emerge. The risk appetite and risk tolerance are essential methods of identifying the risks and
analyzing the degree and level of severity associated with it (Farrell and Gallagher 2015). The
risk appetite enables identification of risks that Woolworths are subjected to face according to
the strategic imperatives and corporate goals or objectives to be achieved. The risk tolerance is
the threshold of risk that the business organization could consider as acceptable according to its
ability to manage the risk that have been identified (Eckles, Hoyt and Miller2014).
C: Control
The company’s aims and objectives to be achieved, i.e., to become the most reputed and
established retail based company in Australia. Woolworths also aims to put customers at first
across all the brands and become a successful lean retailer within the Australian retail industry
through management of excellent systems and managing end to end processes. The development
of strategic partnership and improving the human capital are other considerable objectives to be
achieved by the company (Grace et al. 2015). The risk management plan aims to identify the
stakeholders at first, understand their needs and communicate relevant information during a
particular time so that the management could make decisions effectively.
R: Risks
The potential risks and events that might act as barriers while achieving the business
goals and these included unable to meet customers’ requirements and even lack of workforce
efficiency, which might damage the major assets owned by the company such as property,
people, capital and earning power. Woolworths could adopt the responses to understand the
potential rate of return or loss at the beginning stages, which should give rise to scopes and
opportunities for operating within the environment where constraints and limitations might
emerge. The risk appetite and risk tolerance are essential methods of identifying the risks and
analyzing the degree and level of severity associated with it (Farrell and Gallagher 2015). The
risk appetite enables identification of risks that Woolworths are subjected to face according to
the strategic imperatives and corporate goals or objectives to be achieved. The risk tolerance is
the threshold of risk that the business organization could consider as acceptable according to its
ability to manage the risk that have been identified (Eckles, Hoyt and Miller2014).
C: Control
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7RISK MANAGEMENT
Assessment of risks, measurement of degree and level of severity, mitigation and control
are probable responses to the risks that are identified. This will assist the company to view the
relevant scopes and opportunities, furthermore ensure that the controls are managed wisely to
manage the staffs of Woolworths and make them assured about providing the right resources and
support needed to accomplish the business goals and objectives with ease and effectiveness. The
major control techniques are preventive controls where the responses are provided to prevent
undesirable actions and ensure that risks do not emerge while the detective controls allow for
providing responses to evaluate the unexpected events and risks, furthermore set appropriate
actions to mitigate those (Gatzert and Martin 2015). The corrective controls are aimed at
reducing the negative impacts caused due to the risks and prevent any damage that may be
caused due to that undesirable incident thereafter.
To foster effective controls’ development, few of the major factors to be considered are
control framework designed by the Board of Director, Continuous development of staffs,
incorporating ethical values, beliefs, maintaining a healthy work culture and aligning the
organizational structure with the corporate goals and objectives (Wu, Olson and Dolgui 2015).
A: Alignment
The alignment of risks, objectives and controls is essential all across the organization to
ensure smooth business functioning while it can also check whether Woolworth’s objectives,
risks and controls are aligned enterprise wide or not. The alignment is based on these major
components between strategies, business operations and job accountabilities while the risk
appetite and tolerance for risks are also considered. This creates link between the control
measures and preferred degree of funding to be made by the shareholders for designing and
Assessment of risks, measurement of degree and level of severity, mitigation and control
are probable responses to the risks that are identified. This will assist the company to view the
relevant scopes and opportunities, furthermore ensure that the controls are managed wisely to
manage the staffs of Woolworths and make them assured about providing the right resources and
support needed to accomplish the business goals and objectives with ease and effectiveness. The
major control techniques are preventive controls where the responses are provided to prevent
undesirable actions and ensure that risks do not emerge while the detective controls allow for
providing responses to evaluate the unexpected events and risks, furthermore set appropriate
actions to mitigate those (Gatzert and Martin 2015). The corrective controls are aimed at
reducing the negative impacts caused due to the risks and prevent any damage that may be
caused due to that undesirable incident thereafter.
To foster effective controls’ development, few of the major factors to be considered are
control framework designed by the Board of Director, Continuous development of staffs,
incorporating ethical values, beliefs, maintaining a healthy work culture and aligning the
organizational structure with the corporate goals and objectives (Wu, Olson and Dolgui 2015).
A: Alignment
The alignment of risks, objectives and controls is essential all across the organization to
ensure smooth business functioning while it can also check whether Woolworth’s objectives,
risks and controls are aligned enterprise wide or not. The alignment is based on these major
components between strategies, business operations and job accountabilities while the risk
appetite and tolerance for risks are also considered. This creates link between the control
measures and preferred degree of funding to be made by the shareholders for designing and
8RISK MANAGEMENT
implementing the effective control techniques (Nair et al. 2014). The business organizations are
subjected to changes rapidly and this should be considered by Woolworths by streamlining the
employee actions and at the same time, align the objectives, risks and controls all throughout the
business organization’s workforce.
It is an important stage of the risk management procedure where The Board of Director
manages the senior leadership team, management team and operational staffs. The Senior
leadership team manages strategic planning and identities the risks and report those to the Board
whereas the management team are allocated with the responsibilities of analyzing the risks,
manage the risk registers to understand the severity of risks and then report it to the leader to take
immediate corrective actions (Mikes and Kaplan 2014). Lastly, the operational staffs are the
employees who manage the control actions and integrate those into schedules and processes to
implement the correct measures for reducing the likelihood of risks and prevent occurrence of
any negative impacts as well.
Enterprise Risk management process at Woolworths
1. Identification of risks associated with the lack of quality of products and services delivered by
Woolworths, lack of employee engagement and poor customers’ services, which sometimes lead
to poor sales and revenue generation.
2. Analysis of the probability of these risks and determining the potential impacts
3. Responding to the risks through proper control activities such as selection, prioritization and
implementing the most appropriate actions for reducing the chances of errors or risks associated
with the business functioning.
implementing the effective control techniques (Nair et al. 2014). The business organizations are
subjected to changes rapidly and this should be considered by Woolworths by streamlining the
employee actions and at the same time, align the objectives, risks and controls all throughout the
business organization’s workforce.
It is an important stage of the risk management procedure where The Board of Director
manages the senior leadership team, management team and operational staffs. The Senior
leadership team manages strategic planning and identities the risks and report those to the Board
whereas the management team are allocated with the responsibilities of analyzing the risks,
manage the risk registers to understand the severity of risks and then report it to the leader to take
immediate corrective actions (Mikes and Kaplan 2014). Lastly, the operational staffs are the
employees who manage the control actions and integrate those into schedules and processes to
implement the correct measures for reducing the likelihood of risks and prevent occurrence of
any negative impacts as well.
Enterprise Risk management process at Woolworths
1. Identification of risks associated with the lack of quality of products and services delivered by
Woolworths, lack of employee engagement and poor customers’ services, which sometimes lead
to poor sales and revenue generation.
2. Analysis of the probability of these risks and determining the potential impacts
3. Responding to the risks through proper control activities such as selection, prioritization and
implementing the most appropriate actions for reducing the chances of errors or risks associated
with the business functioning.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9RISK MANAGEMENT
4. Monitoring both the internal and external business environment and assess whether any
changes should be done or not for ensuring continuity of risk responses (Patel and Chrisman
2014).
5. Preparing reports on the risks and monitoring the progress related to responses provided for
managing the risks effectively.
Figure: Risk management process activities (Patel and Chrisman 2014)
The information gathered during the management of business operations and processes
are useful for making effective business decisions along with support to the control activities.
The brainstorming sessions are useful for the identification of risks whereas the risk response
4. Monitoring both the internal and external business environment and assess whether any
changes should be done or not for ensuring continuity of risk responses (Patel and Chrisman
2014).
5. Preparing reports on the risks and monitoring the progress related to responses provided for
managing the risks effectively.
Figure: Risk management process activities (Patel and Chrisman 2014)
The information gathered during the management of business operations and processes
are useful for making effective business decisions along with support to the control activities.
The brainstorming sessions are useful for the identification of risks whereas the risk response
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10RISK MANAGEMENT
actions include transfer of risks, avoiding those, mitigating and finally manage acceptation of
risks. The integration of risks at the portfolio level is needed to understand the feasibility of risk
management procedure and design a contingency view of risk management for ensuring that the
project bears fruitful results (Hopkin 2018).
Identification of risks- The systematic identification of risks at Woolworths is achieved through
various decisions made including the group strategy planning, project plan design, core business
processes, operating the business units, making investments decisions and preparing personal
plans.
The collective as well as individual risk assessment procedures such as brainstorming
sessions could help in preparing the team and manage discussions based on which, any changes
within the business processes and systems can be responded to. The major sources of risks
should be identified such as the human capital, political influential factors, suppliers, network
connectivity, competition level within the retail industry financial aspects, environmental health
and safety, licensing and partnership working in business (Dobbie, Brown and Farrelly 2016).
Analysis- As soon as the risks will be identified the severity of those must be understood to
determine the potential impact that might be caused, furthermore undertake measures to mitigate
those reliably. The ratings are provided in the table here the risks are demonstrated and thus the
table has been presented below.
actions include transfer of risks, avoiding those, mitigating and finally manage acceptation of
risks. The integration of risks at the portfolio level is needed to understand the feasibility of risk
management procedure and design a contingency view of risk management for ensuring that the
project bears fruitful results (Hopkin 2018).
Identification of risks- The systematic identification of risks at Woolworths is achieved through
various decisions made including the group strategy planning, project plan design, core business
processes, operating the business units, making investments decisions and preparing personal
plans.
The collective as well as individual risk assessment procedures such as brainstorming
sessions could help in preparing the team and manage discussions based on which, any changes
within the business processes and systems can be responded to. The major sources of risks
should be identified such as the human capital, political influential factors, suppliers, network
connectivity, competition level within the retail industry financial aspects, environmental health
and safety, licensing and partnership working in business (Dobbie, Brown and Farrelly 2016).
Analysis- As soon as the risks will be identified the severity of those must be understood to
determine the potential impact that might be caused, furthermore undertake measures to mitigate
those reliably. The ratings are provided in the table here the risks are demonstrated and thus the
table has been presented below.
11RISK MANAGEMENT
Figure: Risk impacts (Dobbie, Brown and Farrelly 2016)
From the table, it is understood that there might be strategic or organization wide risks as
well as regulatory risks and in this table, the level of impact has been provided, which needs to
mitigated with the implementation of corrective measures and reduce the chances of errors that
might act as barriers during the project undertaking (Acebes et al. 2013). The 5*5 Risk Map
shows the majority of risks and its severity during the management of project at Woolworths.
Figure: Risk impacts (Dobbie, Brown and Farrelly 2016)
From the table, it is understood that there might be strategic or organization wide risks as
well as regulatory risks and in this table, the level of impact has been provided, which needs to
mitigated with the implementation of corrective measures and reduce the chances of errors that
might act as barriers during the project undertaking (Acebes et al. 2013). The 5*5 Risk Map
shows the majority of risks and its severity during the management of project at Woolworths.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 19
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.