Risk has been defined as “the chance of something happening that will have an impact on objectives”. For this reason, we have a documented MAA Risk Management Plan that adopts the principles of AS/NZS ISO 31000:2009 Risk Management – Principles and Guidelines. The plan includes a risk assessment and Safe Work Method Statement that is customised and implemented for each audit program.
It is, however, important to keep in mind that risk relates to both positive and negative impacts and MAA can also see a ‘risk’ as a business and operational opportunity for a gain or improvement, which could increase efficiency and produce a better audit outcome.
Project Risk Management includes the processes concerned with conducting risk management planning, identification, analysis and monitoring & control on the project.
The Project Risk Management process has the following actions for implementation:
- Risk Management Planning: this activity indicates how to approach, plan and implement the risk management activities for a project;
- Risk Identification: it is a very important first step towards identification of risk by documentation of risk characteristics;
- Qualitative & Quantitative Risk Analysis: Qualitative Risk Analysis includes an investigation by assessing and combining probability of occurrences and impacts. Quantitative Risk Analysis includes investigation of numerical information of the project to identify risk;
- Risk Response Planning – It is a tool to develop options and actions against potential risk to project objectives; and
- Risk Monitoring and Control – tracking identified risks, monitoring residual risks, identifying new risks, executing risk response plans, and evaluating their effectiveness throughout the project life cycle.
Read about the other considerations that we include in a typical MAA Access Audit Project Plan