Risk assessment policy

PEER Construction will identify, assess, and appropriately manage risks. This policy covers risks including portfolio management, technological systems, environment, compliance breaches, business continuity, financial loss and PEER Construction’s reputation.

Risk assessment

Risk assessment defines the actions necessary for PEER Construction to adequately manage risks which it can control, and which have or could have an impact on the organisation, and to allocate responsibility for those actions.

Risk assessments:

• identify significant workplace hazards
• define risks posed to PEER Construction’s goals and objectives
• identify anyone who may be exposed to the hazards and how they may be harmed
• evaluate the risks to employees and PEER Construction
• select and monitor realistic and practical preventative and control measures to ensure safety in the workplace
• should be recorded and reviewed regularly.

To rate the likelihood of a business activity not being properly performed complete a risk assessment.

• Likelihood: is assessed on the assumption that there are no existing risk management and compliance processes in place.
• Consequence: rating the consequence of not properly performing the business activity quantifies damage in terms of financial loss to PEER Construction.

Assign the inherent risk rating based on a combination of the risk rating using the tables below.

Risk mitigation strategies

Once risks are identified and assessed you need to decide what to do about them.

• Risk avoidance: avoid risks that involve a high probability impact for both financial loss and damage.
• Risk limitation: take some action to address a perceived risk and regulate their exposure. Risk limitation employs some risk acceptance and some risk avoidance.
• Risk transference: risks that may have a low probability for taking place but would have a large financial impact should be mitigated by being shared or transferred, for example by purchasing insurance, forming a partnership, or outsourcing.
• Risk acceptance: with some risks, the expense involved in mitigating the risk is more than the cost of tolerating the risk. These risks should be accepted and carefully monitored.

When assessing the risk:

• If the breach is either a Priority C or Consider; then Step 1 & 2 must be followed.
• If the breach is either a Priority A or B; then Step 3 must be followed.

Step 1: Action the breach immediately with a face-to-face meeting with employees involved.

During this meeting, the manager will:

• Identify and define the nature of the breach.
• Determine which specific policy was breached.
• Discuss PEER Construction’s procedure relating to the breach.
• Discuss the consequences for the breach.
• Discuss the breach with the employees involved and actions that could be taken to resolve the breach.
• Reach a resolution with the employees involved.

Manager is to communicate and discuss PEER Construction’s ethics, culture, diversity, compliance, standards, and best practice requirements with the employees involved in the breach.

Refer to the Code of conduct and ethical policy.

Step 2: Outcome must be reported to the manager via email.

Step 3: If the breach is to be addressed formally, then an email must be sent to the CEO explaining the situation and the manager will action the next step.

Risk analysis

Use the template to complete a risk analysis and record on the risk register.