类别 全部 - controls - management - audit - review

作者:Kelly Bakaas 2 年以前

102

Monitor

The organization lacks formalized audit and risk management procedures for its projects, relying instead on scheduled EHS audits conducted by various management levels. There are no established risk review processes, which means concerns are only addressed if deemed significant.

Monitor

Risk Audit There are currently no formalized audit procedures regarding projects. EHS has a number of scheduled audits that must be completed by different levels of management on a regular basis.

Has Risk Management Worked?

Focus on High Risks

Risk Review As there are no formalized risk procedures with regards to projects there are no review procedures either. Any concerns identified are reviewed if they are large enough to warrant the attention.

Review involves less frequent checking and observation of risks and controls than monitoring, to which it should be seen as complementary rather than as an alternative.

Risk Profile
Lessons Learned
Monitor Progress Treatment Plans
Check The Checkers
Adequacy of Controls
Project Risk Management Plan
Effectiveness of Risk Management

Monitor and Review Process

Monitor

Monitoring - involves the continual, critical observation of factors of interest. Ongoing surveillance of risk sources and those factors, internal and external to the organization, that give rise to uncertainty about whether and to what extent the project will achieve its objectives.

Communication Project communication is mostly one through e-mail. The information regarding risks is not specifically called out and is sometimes difficult to find buried in the e-mail string.

Recording There is no project specific recording of risks or subsequent notes/comments. EHS does record all of their information in the centralized EHS software.

Reporting From a project perspective there is no reporting, EHS does however, have regulr reports they must complete including individual manegr score cards

Identify There is no formal process for identifying new risks. They are usually discussed during scheduled meetings but nothing is recorded for follow up.

Analyze Project risk analysis is very limited, there are no formalized risk assessments or registers to document risk in order to carry out proper analysis.

New Risks

Monitor We currently do not have any formalized project risk monitoring program. EHS does however, monitor multiple ongoing risks but this information is not readily accessible

Risk Response Plans
Risk Processes

Review and Update During scheduled project meetings concerns and issues are discussed but nothing formalized or documented. As there is no formal risk register for projects it is difficult to porperly monitor

Identified Risks

Track and Evaluate The company uses a computer based tracking system for all of its EHS risks. As for projects and business there is no formalized sytem in place. Each project uses their own method but and is limited and not readily accessible the project team.

Levels of Risk
Risk Management Strategies