According to the WHS Act, organisations are legally obligated to protect both their employees’ physical and psychological health. In other words, just as organisations must do what is reasonably practical to eliminate and reduce the risk of physical hazards, the same must be done for psychological hazards.
When it comes to workplace health and safety, risk management involves identifying potential hazards, assessing the risks of those hazards and putting appropriate control measures in place to eliminate or reduce the risks. The work doesn’t stop there however. After control measures have been implemented, every workplace has an obligation to do their best to make sure they remain effective and to review them on an ongoing basis.
The Governance Institute of Australia recently released its Risk Management Survey Report 2020, which collected responses from nearly 400 governance and risk professionals and senior executives across Australia, and identified top pressure points now and in the future. In an unprecedented year with the bushfires and the coronavirus pandemic, the report found that, understandably, more attention is being placed on risk. This has inevitably led, however, to the uncovering of gaps and issues in how organisations are managing said risks that need to be improved on moving forward.
Reporting should be incidental to any risk management process. As the financial year is coming to an end and the last several months have been quite the rollercoaster ride, it’s time to review your risk reports to ensure that your Board is seeing its latest state of risk, including ‘emerging risks’ and gaps in control measures, in order to be more effective in the upcoming year.
In today’s highly digital and global world, the potential for information security incidents has become more and more likely. Information security incidents are situations or issues where a threat has affected the security of your business network and the ability of your employees to do their work. Think hacking, malware, authentication issues and IT system failures.