Key Components of the Risk Management Program 1. Support of Senior Management Develop an organisation risk management philosophy and awareness of risk at senior levels. 2. Development of the Risk Management Framework a) Policy – Develop a Risk Management Policy and Procedures b) Risk Reference Tables - Provide guidance on acceptability of risks through the development of Agency specific Risk Reference Tables, addressing existing controls, consequences, likelihood and acceptance criteria. c) Risk Register Tool - Acquire a tool in which to capture all Agency risk data. 3. Communication / Education Develop a program which will include: - dissemination of the policy and procedures - raise awareness about managing risks - deliver education session on the specifics of the process - a performance management process - a process for recognition, rewards and sanctions. 4. Managing Risks at the Strategic Level Develop the program to identify, assess, treat, monitor and report on strategic risks as an integrated part of the strategic management process. 5. Managing Risks at the Business Unit Level Develop the program to identify, assess, treat, monitor and report on operational or project risks as an integrated part of the existing business unit management process. 6. Monitor and Review a) Develop Indicators – to measure the performance of the risk management process effective. b) Risk Reporting – establish the process for Business Units to report on their risks and progress of treatments. c) Link incident and accident reporting mechanisms to the risk management process. d) Risk Auditing – develop links to the internal audit process to ensure that the Risk Management process is efficient and effective in meeting the objectives set out in the policy and that key organisational risks are being managed.