Risk Management is an evolving business practise and is now reaching a level of maturity where ERM (Enterprise Risk Management) is becoming more defined.
CorProfit brings thought leadership and field-experience where your corporate Risk Framework document is established to have a range of Risk Management Programs integrated according to the processes and methodologies each employs. This is taken a step further to integrate under one software platform, KnowRisk®.
Incident Management is a major part of ERM; if you take is as sitting “shoulder to shoulder” with Risk Management, lessons learnt from evaluating incidents become the test bed for risks in the risk management system and the means to improve controls that might have broken down.
An incident by definition is a risk that has occurred, thus setting the residual likelihood at 100%. In many cases your company has obligations to register incidents that occur in relation to injuries, environmental spills, or a breach of privacy during work related activities.
Naturally you distinguish between an incident under OHS or SHE from Corporate Breaches under Financial Services, health, Aged Care, Disability Services and so on.
CorProfit has expertise across several business disciplines in relation to managing incidents and setting them under the appropriate categories.
There is nothing new about the need to register incidents and to work through the ramifications that may need to be addressed.
Where CorProfit sets itself apart is how to learn lessons from incidents beyond just those that are mandated to be reported so as to provide useful feedback to the risk management side to reduce similar incidents from reoccurring in the future; even to having no incidents in the first place that result in serious consequences.
The CorProfit Incident Management Module is an ideal starting point for you to compare your current approach and determine enhancements to what you do. Our Incident Management process includes:
- The incident is registered (what occurred)
- The incident is categorised using pre-defined categories / sub-categories
- The impacts of the incident are documented (i.e. the affects)
- Date / time if known is entered (when)
- The location details are entered (where)
- Details of persons affected are also entered (who)
- Some background / cause is investigated (how it happened)
- How the situation could have been dealt with (could it have been dealt with in a better way, even avoided in the first place?).
CorProfit makes clear the relationship between a risk and incident as mentioned above, which this diagram depicts.