Professional Development Plan

Sharing Best Practice • Professional Development Plan

Professional Development Plan

OVERVIEW

In order to achieve its goal of improving knowledge and practice of risk management in NZ, the Society seeks to ensure that there are opportunities for members and others to learn and / or update their knowledge of risk management.

There is a range of ways in which this can be done including participation in the Society's own activities via its publications, seminars and conferences.

Risk occurs in many forms and management of risks requires competency in:

  • general risk management practice
  • the issues and risk management techniques specific to the risks and risk management activities concerned

Both competencies are required in order for any practitioner to be proficient in managing specific risks or undertaking specific risk management tasks.

Formal training

Which course of study is right for a member will depend on your current job-content, existing skills and risk management responsibilities as well as future aspirations. For competency in generic risk management skills, it may be appropriate to look for a qualification that is at national diploma level (NQF 5-7) or Bachelors Degree or Graduate Diploma level (NQF 7-10). To improve skills in relation to particular risk management techniques a relevant technical or professional qualification might be appropriate (eg in particular types of engineering, in accountancy, in mathematics or a science or in media training or in human factors).

Several unit standards in the NZQA national qualifications framework (NQF) deal with various aspects of risk management. Unit standard 7445 specifically addresses risk management at a corporate level although it is out of date and due for revision in 2009.

University risk management-related courses in New Zealand that the Society is aware of are:

  • Massey University - Risk Management papers 152.386 and 152.387 are extramural papers that cover the relationship between governance and risk management and then take students through the risk management process set out in AS/NZS ISO 31000: 2009 Risk Management - Principles and guidelines. The papers also cover the risk management framework and risk management maturity modelling. A leaflet describing the papers more fully is available here.

  • University of Canterbury - Risk Assessment ENCI 601 - 08S2 (C) is a single paper at Master's level taught in the Engineering School. It is a block mode course suitable for distance students. The paper covers the whole of the risk management process, with a particular focus on quantitative risk modeling techniques; it requires a basic level of statistics as a pre-requisite.

A useful report on professional development & post-graduate training in risk management can be found here.  This report includes a survey of qualification needs.

Continuing professional development

Members should consider their continuing professional development needs as well as more formal needs. Members who have membership of professional organisations may already have to carry out continuing professional development and can combine their requirements. Attendance at Society lunchtime seminars and the Society's biennial Conference are recommended as ways of achieving continuing professional development.

Informal and self-guided professional development

Risk management knowledge is evolving and because of that competent practitioners must be aware of and assimilate these advances, typically through informal and self-guided professional development.

PROFESSIONAL DEVELOPMENT GUIDANCE

The following guidance uses terms aligned with terms used in the NQF and AS/NZS 4360: 2004 Risk Management and shows the competencies that a risk management practitioner might be expected to demonstrate to their employer or a principal. It is couched in learning outcome terms that might be found in a course prospectus or similar. However, it also can be used to both test current competency and highlight areas for improvement. Although these learning outcomes are expressed in a way that relates to a person actually undertaking risk management tasks for their own organisation, they are also relevant to those whose work involves evaluating or assisting the adequacy of the work of others.

A.  Framework

A competent risk management practitioner will understand and be able to describe and evaluate the elements of an organisation's operating frameworks that are necessary to support and integrate effective risk management across the organisation, including:

  • mandate
  • policies
  • delegations and accountabilities
  • resources
  • competencies
  • communications with stakeholders

B.  Principles

A competent risk management practitioner will be familiar with key principles which underpin effective risk management, including the role of risk management in:

  • creating and protecting value
  • decision making
  • addressing uncertainty
  • anticipating and responding to change
  • continual improvement

and with key attributes on which effective risk management depends, including:

  • integration of risk management into the overall organisations
  • a systematic, tailored, structured and timely approach
  • applying best available information
  • transparency and inclusiveness
  • consideration of human and cultural factors
  • dynamic and iterative

C.  Process

1.  Context

A competent risk management practitioner will be able to establish the Context, including:

  • articulating the organisation's objectives
  • defining the external environment in which the organisation seeks to achieve its objectives, and its external stakeholders
  • defining the internal environment in which the organisation seeks to achieve its objectives, and its internal stakeholders
  • developing the risk criteria against which to evaluate risks
  • identifying the purpose and scope of the particular risk management activity

2.  Communication and consultation

A competent risk management practitioner will understand the role of communication and consultation at various stages of the risk management process and be able to:

  • develop a communication plan for both internal and external stakeholders about components of the risk management plan
  • devise and implement appropriate methods to communicate with and consult internal and external stakeholders, and others as needed, on components of the risk management activity

3.  Risk identification

A competent risk management practitioner will understand the concept of "risk" and therefore be able to:

  • select appropriate risk identification techniques that will reveal sources of risk, potential events, and their causes and consequences
  • use information from various sources
  • describe risks in an appropriate way
  • apply the above skills to identify risks in a selected risk Context

4.  Risk analysis

A competent risk management practitioner will understand the purpose of risk analysis and be able to:

  • describe a range of analytical techniques and the type of risk analysis to which each is suited
  • recognise and evaluate existing controls
  • select a method of combining consequence and likelihood that is appropriate to the purpose of the risk assessment and available information
  • analyse risks using selected methods

5.  Risk evaluation

A competent risk management practitioner will be able to evaluate risks against the criteria decided earlier so that decisions can be made about treatment of risks and priorities for treatment.

6.  Risk treatment

A competent risk management practitioner will be able to:

  • devise and evaluate treatment options so as to take advantage of opportunities presented by risks, reduce risks or make existing risk controls more reliable
  • devise risk treatment implementation plans
  • implement risk treatments
  • assess new risks arising as a consequence of the risk treatment

7.  Monitoring and review

A competent risk management practitioner will understand the role of both monitoring and review and be able to:

  • identify appropriate aspects of each stage of the risk management process that warrant monitoring and devise appropriate methods for doing so (including selecting appropriate methods to report and use the information obtained)
  • identify appropriate aspects of each stage of the risk management process that warrant periodic review and devise appropriate methods for doing so (including selecting appropriate methods to express, report and use the information obtained)
  • integrate monitoring and review processes into the organisation's assurance programme

D.  Record the risk management plan process

A competent risk management practitioner will be able to design or evaluate record-keeping systems that provide transparency and are appropriate for each stage of the risk management process and understand the role such systems are to play in the organisation's risk management activities.

Additional risk management competencies

A competent risk management practitioner will be able to apply the above generic competencies to the management of risks within a specific sector, industry or entity, or to particular risk management activities.

This may require additional specialist knowledge particular to the risk management activity or the characteristics of the organisation concerned.  For example:

  • certain types of risk analysis which may be required for a particular assessment could require advanced mathematical competencies
  • certain types of communication - for example, with the public or with lay audiences who are stakeholders in technically complex risks - will require appropriate expertise
  • a person involved in the assessment of sources of risk in a petrochemical plant, will need to understand the technologies concerned which will be different from those required by a person assessing risks arising from investment in a commodities market or the risks associated with genetic modifications of plants

So, as well as understanding the general risk management processes, a competent risk management practitioner must have the additional skills to support their own particular application of those processes to particular situations for which they are responsible.

 A risk management publication reading list is available here.


Specific Focus

Resources

Links to a wide range of related organisations and bodies dealing with various aspects of risk management. more

News

A new standard AS/NZS 5050:2010 Business continuity: Managing disruption-related risk has been published by ... more

Don't miss the next lunchtime seminar - more.

NEXT Wellington Networking Group meeting details.

2010 AGM presentation and papers - more.

Managing risk in sport and recreation - more.

New (March 2010) handbook on risk management communication and consultation here.

Read the latest edition of RiskPost here.

New risk management standard now available - more.

The Risk Society maintains an active news centre. more

UPCOMING EVENTS.  more...

.

Pay your fees

Pay your membership subscription, advertising or consultants' register listing fee here. All you need is an invoice number.

Consultants

Meet the consultants available to help you.