Risk Management Assignment Of MPM Consulting Group

Question

Task:
Part 1 – Risk Management Framework
Outline and Design of the Framework: This is about the risk management framework, not the process. The process supports the framework. If using AS/NZS ISO31000:2009 as the basis for the framework, this section will make reference to: mandate and commitment; design, implementation; monitoring and review; and continual improvement. If using ISO31000: 2018, the section will make reference to: Leadership & commitment; integration; design; implementation; evaluation; and improvement. This will be different again if you choose COSO or some hybrid version as a basis for the framework.

Assessment 1
Organisational Internal and External Contexts
This is about the makeup, culture and nature of the organisation and the work it does including the market it competes in, the legislative and compliance environment, its resilience, future economic trends and impacts, political stability and impacts.

Organisational roles and responsibilities
This section describes the roles, responsibilities, authorities and accountabilities needed to support effective management of the framework and risk in the organisation. This will include the roles of Risk Officer, owners, management and staff.

Monitoring and Review (or Review and Improvement) of the Framework
Explain how and when the framework will be monitored, reviewed and improved for its relevance to the organisations, its work, and the external environment over time.

Risk Management Process
This section explains what the process is (7-step or similar) and how it is to be applied. This must include: description of how risk events are identified and described; how the criteria for analysis of consequence, likelihood and risk level are applied; evaluation of the risk; treatment options; and analysis after treatment. This section will also explain how risk will be monitored, reviewed, consulted, communicated and reported.

Acceptable Level of Risk
This section provided guidance on what are acceptable levels of risk to the organisation (maybe specific to categories of risk), and how conflicting interests will be managed. Risk attitude and/ or risk appetite can be incorporated. This section will guide users in the ‘evaluation’ step in the process.

Risk Criteria Tables
The criteria tables can be included in the text or as an appendix. They will include consequence, likelihood, and combined risk level, or similar). The consequence ratings must be appropriate to the organisation and its work, and be able to applied consistently across all areas of the business, including projects (unless the criteria for projects is able to be adapted for the project context).

Risk Register
A blank register should be included in an appendix and users of the manual should be provided with clear explanation of how the register is to be used.

Glossary of Terms
Whether in the body of the Framework or in an appendix, all terms used or referenced in the Framework should be listed and described.

Agreement
Signature boxes can be included for agreement by those you think necessary to gain commitment and authority to manage the framework.

Conclusion
This may be written as a summary of the framework and how it is to be used. Discussion and justification on the framework, process and criteria can also be included here, if not distributed throughout the document.

Part 2 – Implementation Plan
Introduction: The Implementation Plan is an overview of the scope of work and strategy to develop the Framework, and implement it across the organisation within the stipulated timeframe. This requires a project approach and this plan becomes a high level, partial Project Management Plan. The extent of documentation for this plan is consistent with the marks applied to this part of the assessment.

In this section, describe the rationale for the plan. It is not a Risk Management Plan.

Scope Statement
Refer to the assessment briefing for the contents of this scope statement.

Strategy for Implementation
This is an overview of the influences on this ‘project’ and how it will be delivered. No detailed costing, Gantt chart, or resource histogram etc. is required. Some consideration to necessary resourcing (apart from yourself) is expected, along with: a high-level schedule (Gantt chart, table, milestone table); noting of any procurement needed; and the identification and analysis of stakeholders and how they will be managed (could be in the form of a stakeholder management plan/ table).

Benefits of ERM to all Stakeholders
Discussion of the benefits of ERM that may aid in the identification of risk and promotion of the framework to users and other stakeholders.

Interfaces
Description of interfaces of the Framework with other organisational instruments such as policies, processes, business and quality systems, standards and legislation. How will these influence the implementation of risk management practices into the organisation? Approval

Approval
A signature box is required for approval by those considered crucial to the support and smooth implementation of the Plan.

Conclusion
This may be written as a summary of the Plan and how it is to be used. Discussion and justification on the plan and its creation can also be included here, if not already provided throughout the document.

Answer

Executive Summary
The current study of risk management assignment clearly deciphers the different aspects related to the e risks management framework and risk implementation plan as per the guidelines of ISO 31000:2018 framework. The importance of making policies and integrating the same in determining the implementations has been discussed. The guidelines are followed in determining the importance of the different aspects of policy developments including documentations, resource allocation for making the risk management policy an effective one.

Part 1
1.0 Introduction
The present risk management assignment is based on the development of a guide, which would help in implementing the risk management framework in the organisation MPM Consulting Group located in Brisbane, Queensland. The report helps in developing an understanding of the different aspects of the framework ISO 31000:2018 that is to be implemented in the organisation. The frameworks to be developed in order to ensure their effective management of the risks that might evolve in the different division of the company. The report will help in providing effective instruction to ensure that the management of the risks is carried out on a regular basis. The company MPM Consulting Group is currently divided into five divisions, which are building division, mining division, environmental division, long-standing division and civil division. The company has recently restructured its business framework in order to ensure effective development of the five divisions in the company to bring the estimated revenues for the next few years. The document will help the company in understanding the gap overall framework ISO 31000:2018 and their implications in the organisations that would be obtained. The document follows a systematic understanding of the entire manual abiding by the identification of the internal and the external context of the organisation along with the review given on the risk management process to be carried out in the chosen framework.

2.0 Risk Management Manual
The risk management manual will help in describing the framework ISO 31000:2018 based on the process that is to be used in order to maintain the overall development and implementation of the framework in the organizations. The manual further describes the policies that have been beaten into account for the employees to adhere to the risk management process. The manuals are based on the evaluation of the probable risk that might be faced by the organization and will be managed considering the selected framework.

2.1 ERM Framework
The given ERM Framework ISO 31000:2018 described within the risk management assignment is based on the presence of the five components which are Leadership & commitment, integration, design, implementation, evaluation and improvement. The framework is based on the development and conduction of the following aspects in the framework which are given as follows:

• Planning the establishment of the risk management framework
• Leadership provision by committing to the risk management process
• Making the employees in the organization responsible for managing risk
• Designing the organization's framework uniquely
• Implementing organization’s risk management framework
• Improving the performance of the risk management framework

2.2 Organisational context
2.2.1 Internal
At present, the company MPM Consulting Group is based on the development of town planning which is currently adhering to the development of land developers’ projects being carried out in the organisation. It is important to note that the company has been able to employ more than thirty employees on full time prospects and is being supported by contractors and sub-contractors. Currently the business structure has been re-evaluated and the restructuring of the business has been conducted. The current organisational structure is based on the five divisions, which are based on the following aspects. The building division contains several structural engineers and drafters. The division is focused on the provision of mechanical and electrical support from the division. The mining division is based on drafting the experiences based on mining, oil and gas and commercial along with industrial building experience. The environmental division is based on the provision incorporation of pragmatic environmental scientists. The town planning division is based on the development of team development based on town planning, designers and the external part-time economists. There is also the provision of civil division outcome that is based on the provision of giving support to other departments of the organisation.

2.2.2 External
The understanding of the external organizational context is based on the analysis of the external factors of the company.

2.3 Organisational roles and responsibilities
Organizational roles and responsibilities illustrated in this study of risk management assignment are based on the affectivity that would be given in order to ensure productive development and management of the risk framework which is to be coupled. It is the responsibility of the board of directors to monitor and evaluate the process being used to implement the risk management framework in the company effectively. The responsibility of the managers and directors of the company is to bring in a higher rate of productivity to be obtained from responding to the overall processing to be carried out in developing the framework. The management of the risk management framework is based on effective analysis on the overall risks that are potential to be occurring in the organization and in the different divisions of the company. There is the requirement for understanding and maintaining the different prospects of reviewing the framework based on the organizational structure that is being currently followed. The board members are responsible to check into the different developmental strategies in the company which will relate to risk management policies, the treatment for the risks and the development of effective schedules that are to be presented in the organization.

2.4 Monitoring and Review of the Framework
The monitoring and reviewing of the risks is to be carried out by effective development of the risk management framework through the following activities provided in this risk

management assignment

• Monitoring and reviewing of tasks is being carried out by maintaining the planning of the risk management process and ensuring effective involvement of the regular checking process of the framework to be developed. 
• There is the requirement for ensuring that the monitoring process is being carried out through effective surveillance being maintained on the hacking process which will help in maintaining a balance in between the scheduled tasks to implement the fray work and adhere to the developmental policies. 
• The monitoring of the framework is based on the effectively that is to be given so that the results that are being generated through the development of the framework in the company is maintained. It is important to note that the monitoring process will be focused on the effective recording of the actions that have been taken into account by the different members who are present in the respective divisions in the organization.
• Based on the identified division it is important to note that the organization would be resulting in effective reviewing of the internal outcomes and the external results that has been resulted from the overall processing of the framework. 
• There is the requirement of ensuring that the results obtained are beings shared internally and externally so that all the employees and the other senior employees are aware of the results obtained and the results that are essential to be gathered from the organization. 
• Once the implementation of the framework is completed, it is the responsibility to ensure that there is effective reviewing for the risks that are being registered in the risk register for the organization. Once, the reviewing of the risks is carried out there is a need to understand the possible impacts that would be caused by the risks identified.
• There is the requirement of ensuring that the risks which are being identified are documented based on the actions and the events that might occur in the organizations. Once the identification is confirmed, there is the requirement of changing the status of the risks which have the potential to be occurring in the organizations.
• The changes that are present in the risks that might be occurring needs to be analyzed through the framework policies so that the improvement which are essential to be carried out is identified and the controls are being maintained. 
• When any event is being identified, there is the requirement of adhering to control system, which would help in maintaining the overall processing of the risk management processes and the events that have the potential to be occurring in the organization is identified and processed.
• If any such events occur in the organization which is based on the overall removal of the risks leading to the change in the status of the risks, there is a need to ensure that the control breach is being carried out productively and efficiently.

2.5 Risk Management Process
2.5.1 Identification of the risk
The risk management process is based on the first step that is based on the development of the identification process of the various risks that might be occurring in the organisation. The process outlined in this risk management assignment is based on developing an assessment of the risks that have potential ability to occur in the organisation and might end up creating difficulty in the organizational process. The identification of the risks is based on the understanding on the level of impact that would be caused by the risks occurring. This step enables the organisation in producing an analysis on the departments and the operations, which would be impacted by the risks. The step also ensures in developing knowledge on steps that are to be taken in order to ensure that the steps taken are effective enough in mitigating the overall risks processing to be conducted.

2.5.2 Risk analysis process
Various processes can be used in order to ensure that the risks analysis is being carried out productively. The analysis process of the risks is based on the basic understanding on the overall implications that would be caused by the risks in the organisation. This process helps in identifying the potential events that might have occurred in the organisation due to the occurrence of the risks. The given stage helps in ensuring that the recording of the risks is taken into account. The potential side effects of the risks that might be occurring are identified and understood. There is the development and understanding of the recording of the findings that has been analysed from the potential risks to be occurring.

2.5.3 Evaluation of risk
The risks evaluation technique would help in developing an overall understanding of risk identification, probability and the impact that might occur due to the risk along with the moment of the risks. The evaluation process defined in this risk management assignment helps in identifying the measurement that is to be taken so that the impact of the risks can be identified. The use of the risks evaluation process further ensures that the framework is being followed by adhering to the risks and the overall development process that can be taken into account. The evaluations of risks are also based on the investments that would be occurring in developing the risks and the agreements that can be taken into account by the organisation to maintain the risks.

2.5.4 Treatment of risk
The treatment of the risks is to be carried out by adhering to the following steps which would help in ensuring that the risks are neither occurring in the company and if it occurs then there is effective removal of the risks in the organisation. It has been noted that the risks treatment process is based on the overall development and maintenance of avoidance, reduction, transfer, acceptance, sharing and identifying the level of the risks prior. Treatment refers to the development of possible solutions, which would help in mitigating the risks, which has already occurred once the evaluation and identification as been conducted.

2.5.5 Monitoring and reviewing of risks
The monitoring and reviewing of the risks in the organisation is based on the development of different steps and stages, which would adhere to the overall processing, and management of the risks that has been occurred and understanding the impact obtained from the framework ISO 31000:2018 that has been set up in the organisation. This process ensures that there is effective monitoring carried out to check if there is effective management of standards in the organisation to mitigate the risks. It is important to note that there is the requirement for checking into the concepts of plan and ensure that the magnet strategies are adhering to the framework policies. The monitoring and reviewing of the system is based on ensuring quality and improvement in the process that is being used.

2.6 Risk Criteria Tables
This need to be mentioned that identified risks varies on the occurrence rate and its potential impacts. Thus, to understand the likelihood versus impact, this particular framework has been created. An entity acquires number of risks that can severely influence the growth and performance of the company in the end. One of the key risks that can have negative consequences on the growth of MMP Consultancy Group is management risks. The management risk can adversely affect the business performance due to ineffective communication. On the other hand, management risk generally takes place due to lack of attractive benefits and rewards. Henceforth, the likelihood of the risk can be high. In addition to that, the consequences of management risk are hampering business process, as employees will lack motivation to render strong labour force within the business. Another major risk that has high likelihood is change in revenue amount. Employees provide strong labour force based on the benefits that are provided by the company. A slight change in revenue structure can significantly influence the behaviour of the employees. In this way, the employees may find it difficult to accept change. This has been observed that risks such as difference in the view of stakeholders can negatively influence the organizational growth. Stakeholders can have different goals and aims that can differ from each other. Hence, it may create a conflict situation within the business. Thus, it will have negative consequences on the brand image of the company. It is important for the management team of MPM Consultancy Group to examine the issues mentioned in this risk management assignment based on which effective strategies and solutions can be developed. Thus, it is vital for the company to understand the consequences and likelihood of the risks as it can severely affect business growth and development.Refer to Appendix A

2.7 Risk register
Refer to Appendix B

2.8 Glossary of Terms

2.9 Agreement
Refer to Appendix C

3.0 Risk policy
3.1 Risk Objective
Risk policy is determined to be a significant part of the RMM (Risk Management Manual). The risk policy supports to illustrate the approach and commitment of MPM Consulting Group in regards to risk management. This has been observed in the present study of risk management assignment that the principles and practices reflect on the risks such as opportunities, which are associated with the business operation of MPM Consulting Group. It needs to be stated that risk policy assists in enhancing overall business performance and growth in a persuasive way. The key aim of the company is to reduce risks related to the construction business. Additionally, risk policy will help MPM consultancy business to attract potential stakeholders towards it through which effective competitive advantage can be acquired. As MPM consultancy is construction business, thus, the primary goal of the business is to provide safety and security to the key stakeholders. Hence, this particular policy will be considered as an official document for reiterating MOM's commitment towards risk management in an appropriate manner. With the help of the risk policy, the company will be able to harness opportunities within due time through maintaining specific principles related to risk management.

3.2 Rationale
MPM Consultancy Group focuses on rendering quality services to the key stakeholders through considering risk factors. This has been evident that risks can create hindrance in the process of organisational growth and performance. Therefore, this company aims at establishing strong and effective risk policies through which risk factors can be reduced or eliminated from the business operation. Risk management assists in identifying risks that creates a number of challenges for the company. Thus, Risk Officer is provided with the authority to examine various activities and areas associated with the business. For instance, areas such as scoping, costing, project scheduling and sustainability are determined to be susceptible form of risks. Henceforth, MPM Consultancy aims at making risk management an integral part of the project and business activities.

3.3 Extent of Application of the Risk Policy in this risk management assignment
The extended to risk management policy is going to be covered in every aspects and divisions of operations within the business and its environment both in terms of external and internal environment of MPM Consulting Group. The planning of the risk management and its implementation will also include the devolvement of strategies that are will aligned with the standards of the legislations and the ISO 31000:2018 framework (Barafort, Mesquida & Mas, 2019).

3.4 Mechanisms for Internal and External Communication and Reporting
The mechanism that have been policies for the risk management includes that of internal communicative portable devices through which the organizations will be able to go for the achievement of the improvements in tracking methods that were earlier used before the expansion of the company took place. This is how the effectiveness of tracking the internal operations through effective training is going to make the risk management policy as well as the implementation and administration an effective one (Setty, McConnell, Raucher & Bartram, 2019). A reporting of the activities on a daily and monthly basis is another mechanism that is going to be adopted and included within the policy of the organization. In case of issues found, the board of directors will be reported for directly dealing with the issues within the company.

3.5 Integration of Risk Management Policy into the Organization
The risk management policy that is going to be developed within the organization keeping in alignment with the guidelines of the ISO 31000:2018 framework. The integration with the organizations require the implementation of the strategies of the risk management plan for which relating the risk management policy. The training of the employees is very important through which implementing the risk plans that are developed will be possible with the intended outcome (Barafort, Mesquida & Mas, 2019). The transparency of the organization is judged through the integration of the policy to the organization communicating them to the stakeholders of the company. The risk officer will be responsible for the monitoring the implication and accountable to the Board of Directors as well.

3.6 Resource Allocation for Risk Management
The operational activities as well as the risk management requires both financial as well as material resources to manage the risks as well mitigate risks, incidents or accidents that are potential to occur.

3.7 Acceptable Risk Levels and Conflicting Interests
The acceptability of the level of potential risks and the risk that may occur is going to be determined based on the level of risk that must be from high to medium. The risks that are low as per the developed standardized risk matrix is not going to be considered as risk. Conflicts are going to be dealt with by the consultation of the Board of Directors determining the legitimacy and reasonability of the conflicts in identifying the solution to these internal risks.

3.8 Documentation Requirements
This is one of the significant aspects of risk management policies as per the guidelines of ISO 31000:2018 framework. Referring thus, the Risk report is going to be developed during the time of risk occurrence as well as once the risk is mitigated. This is going to help the company in referring to the previous case when any similar case occurs. Further, the documentation of the reports of the issues or any progress are critically studied as per the guidelines for the purpose of identifying the occurrence of the issue and further no occurrence takes place is to be ensured making documentation significant in risk management.

3.9 Risk Policy Review
On reviewing the policy of the risk implementation, it can be concluded that it has been well aligned as per the guidelines of ISO 31000:2018 (Barafort, Mesquida & Mas, 2019).However, it is very important to determine the implementation to be well aligned. The policy that has been developed by the organization was developed after the discussion with the Board of Director and a general meeting with the employees of the different division of the company.

Part 2
4.0 Scope Statement
4.1 Project Scope Statement
The MPM Consulting Group is growing towards the advancement after it was established in the year 2000. The organization started its journey with six staff, designers, engineers and stakeholders. For the proper advancement of the firm, the founders have reconstructed the organization and have divided the overall operation of the organization into five sectors. With the expansion of the organization, some required and basic steps are designed for managing risks. Several sectors are functioning in the organization and many employees are connected with the operation of the organization. Therefore, it is very natural that the safety and security of the employees and other resources of the company should be protected with utmost importance. That is why, the term ‘risk management’ has become very relevant in this context and the innovative techniques of managing risks are also stated here elaborately.

4.2 Included scope and excluded scope
The MPM Consulting Group explored in this risk management assignment has included and excluded some factors for managing risks like:

Inclusion:
An awareness programme will be conducted to make the employees understand the benefits of managing risks. This Programme will impart lesson to the employees so that the employees can apply the tricky policies to manage risks. An adequate knowledge will be imparted to the employees so that they can understand the risk policy, framework, strategies for the proper implementation of those on the organizational context. Cautiousness of the employees is always required and a special training of the company trains the employees to take precaution always so that they can deal with risky situations during production and other emergency situations. The company will monitor and assess the progress of the employees on the risk management and its policies .

Exclusion: The company will exclude the monitor and assessment process of the employees after six months and that will be conducted at every month. It leaves enough scope to the employees for improvement and an employee can improve a lot on risk management within certain duration of time. Employees should not be trained after some months of service of the employees. It should be initiated at the beginning of the service of an employee so that the employees can assess themselves and improve accordingly on the basis of the context (American Diabetes Association, 2016).

4.3 Essential steps, assessment & assumptions required within this risk management assignment
The risk management policies of the MPM Consulting Groups will thoroughly be assessed by the risk officer , managing director and other concerned persons and authorities. In the next step, it will be assessed if the risk policies are possible to implement in the existing context of the organization or not. If the infrastructure of the organization is sufficient for implementing the risk policies and procedures, then the employees of the organization will easily apply the policies to manage risks. If the ambience of the organization is not so developed to implement the risk policies, the concerned authorities will have to take initiative and proper measures for that. Necessary training on risk management is really important to overcome the constraints for implementing risk policies. The company will ensure that all employees have joined the training, arranged by the company for this purpose (Glendon, & Clarke, 2015)

5.0 Strategy for Implementation
5.1 Proper Assessment and justification of the required resources:
The company needs the following resources for the proper implementation of the risk management policy in the next eight months. The infrastructure of the organization is not till developed for applying risk management policy and the required resources are stated below:

5.2 Schedule for implementing project

5.3 Derivation
An expert and a special team will always be there on the basis of the requirement of the emergency of the company. A special training should be initiated to equip the employees with adequate knowledge to implement the risk management policy. Through the help of proper monitoring and assessment, the company will be able to measure the progressive report of the risk factor of MPM Consulting Groups (Chance, & Brooks, 2015).

6.0 Benefits and approval
6.1 How the present risk management assignment explore benefits of ERM to all Stakeholder?
It is on the successful implementation of the land development project and eventful integration of the ERM framework the stakeholders will get the following benefits

6.2 Interfaces
A through integration will be made in all aspects of MPM consulting group. This thing will only be achieved by dint of removing all the risks which are associated with this thing actively. It is because the risks can be a major component, which can create problems in finishing the project. The risks need to be resolved efficiently in order to build this project. ERM is important as its success determines the health and life of the business enterprise. For this reason, if the organisation does not identify rather recognise the risks associated with this thing then it will become difficult for this particular company to face any risk events. It is important for the company to identify the risks associated with one particular project. Through ERM practice improvement will be seen in the understanding of the risks. It is therefore pretty much important for the members who will be completing the task to properly make out the risks. Due to the business growth a lot of strain has been put to the partners associated with the business in order to support the business (Thomya & Saenchaiyathon, 2015) .Consequently, they have restricted the company with the establishment of five basic divisions in order to run the function smoothly. The ERM practice needs to be fruitful in the truest sense of the word as it may cause problems in creating problems for the company.

The project needs to be implemented very strictly in order to do this job. The consulting company should need to look for the things that should be implemented efficiently. It is important to identify the risks of the ERM practice to perform these things efficiently. Along with this, it needs to be noted that there needs to be implemented some steps so that it should be effective in terms of recognising the steps so that there should not be any problem in implementing the project.In this context it needs to be noted that there has to be some issues which need to be rectified using this thing. Hencer The ERM practice needs to be implemented quite authentically in order to complete the project otherwise if any such discrepancy happens then it will be important for them to mitigate those issues quite effectively (Lundqvist & Vilhelmsson, 2018). Through ERM practices there will be some chances of improving the relationships among the stakeholders stronger so that it can act as a boost for the company to improve the condition stronger. Hence it is very much important for the understanding of the risks associated with the tasks to mitigate the issues quite fruitfully. The company needs to make its project plan in such a way so that it should be effective in its nature. Moreover the administration department needs to be very strict as well as careful in determining the project implementation plan effectively. Proper administrative function ing will make the job easier for the workers to do this thing quite well.

6.3 Approval Refer to appendix D

6.4 Conclusion
The risk management manual, risk policy and risk implementation plan in this risk management assignment will assist the MPM consulting group company. The introduction of this manual risk assessment will bring effectiveness and efficiency in doing the project management plan very efficiently. The workers need to understand the risk issues carefully so that those can be mitigated quite easily. In this context it needs to be stated that the project should be completed within specified time. It is important that the Risk officer should monitor all the activities closely and review the framework integration so that all the activities should be done accordingly. More importantly, no lapse should be there in finishing the project making plan. The persons should see the things very closely, strict effective monitoring hence is needed in order to do proper completion of the project. It is because it is very much important to make rather implement proper project plan for identifying the risks. Along with this it needs to be stated that there should be proper implementation of the project plan has to be there to make the project successful. It is because proper planning of the project will ensure the company to fulfil its project on an efficient note. Risk management assignments are being prepared by our project risk management assignment help experts from top universities which let us to provide you a reliable assignment help online service.

Reference List
American Diabetes Association. (2016). 8. Cardiovascular disease and risk management. Risk management assignment Diabetes care, 39(Supplement 1), S60-S71.

Barafort, B., Mesquida, A. L., & Mas, A. (2019). ISO 31000?based integrated risk management process assessment model for IT organizations. Journal of Software: Evolution and Process, 31(1), e1984.

Chance, D. M., & Brooks, R. (2015). Introduction to derivatives and risk management. Cengage Learning.

Christensen, J., Søndergaard, K., Serwanski, L., Bojsen, T. B., & Tambo, T. (2018, September). A Risk Management Framework for Implementation of Emerging Technologies. In European Conference on Innovation and Entrepreneurship (pp. 199-XX). Academic Conferences International Limited.

Glendon, A. I., & Clarke, S. (2015). Human safety and risk management: A psychological perspective. Crc Press.

Hutchins, G. (2018). ISO 31000: 2018 Enterprise Risk Management. Greg Hutchins. Sadgrove, K. (2016). The complete guide to business risk management. Routledge.

Setty, K., McConnell, R., Raucher, R., & Bartram, J. (2019). Comparative evaluation of risk management frameworks for US source waters. AWWA water science, 1(1).

Hillson, D. (2016). Enterprise risk management: Managing uncertainty and minimising surprise. In Advising Upwards (pp. 75-104). Routledge.

Beasley, M., Branson, B., Buckless, F., Hancock, B., Pagach, D., & Showalter, S. (2019). Enterprise Risk Management Initiative, Poole College of Management, North Carolina State University. Directors and Boards.

Thomya, W., & Saenchaiyathon, K. (2015). The effects of organizational culture and Enterprise Risk management on organizational performance: A conceptual framework. International Business Management, 9(2), 158-163.

Lundqvist, S. A., & Vilhelmsson, A. (2018). Enterprise risk management and default risk: evidence from the banking industry. Risk management assignment Journal of Risk and Insurance, 85(1), 127-157.

Appendices
Appendix A

Appendix B

Appendix C

Appendix D