1 HUMAN CAPITAL DEVELOPMENT FORUM IN ICT 24 TH - 26 TH FEBRUARY
2014 CROSSROADS HOTEL LILONGWE, MALAWI
Slide 2
2 Planning Risk Management in Human Resources Presenter:
Jonathan P. Mwakijele, BSc, MCM, MSc, Head of Training, Consultancy
and Research Unit, African Advanced Level Telecommunications
Institute (AFRALTI), Nairobi, Kenya. e-mail address:
[email protected] Planning Risk Management in Human Resources
Presenter: Jonathan P. Mwakijele, BSc, MCM, MSc, Head of Training,
Consultancy and Research Unit, African Advanced Level
Telecommunications Institute (AFRALTI), Nairobi, Kenya. e-mail
address: [email protected]
Slide 3
3 Planning Risk Management in Human Resources Planned approach
aims to identify, assess and resolve risk items before they turn
threats to organisations.
Slide 4
4 Content PART I What is risk? Introduction to Risk Management
Risk management Assessing risks - Workforce planning: Job analysis
and job descriptions - Recruitment and selection - Performance
appraisal Quantify the Risk
Slide 5
5 PART II Introduction to Risk Management in HR Applying risk
management to HR The risk management process - Identify the risks -
Assess the risks - Develop strategies for managing risks -
Implement - Monitor Who is involved in the risk management
process?
Slide 6
6 PART I The paper has been adopted from Bhima Raos paper on
Devising risk management in human resources.
Slide 7
7 What is risk? Risk is defined as the perceived extent of
possible loss. It may be a small or a big risk? It varies from
situation to situation. Risk is a part of personal and business
world.
Slide 8
8 Introduction to Risk Management Understanding risk is the
first step in risk management. The risk assessment tool is known
widely and used effectively in project management and execution,
finance and accounts, manufacturing, and marketing. Risk involved
in Human Resource Management function and its assessment is yet to
take a firm root. Formal risk analysis and risk management in HR
can help to evolve strategies to minimize the disruptions of plans,
control cost and control loss.
Slide 9
9 HR audit is the first step to understand the risk involved in
daily HR function and in long term HR plans. HR audit is not only
conducting Labor compliance audit. Assessment of risk due to
non-compliance of labor laws is only one part of the HR function.
The need of the day is to assess the risk in the entire scope of HR
function and in relation to the objectives of the organization. How
to assess the risk of HR function, analyze and estimate the risk
which would impact business results and managing the identified
risks successfully is a new challenge to HR professionals.
Slide 10
10 Risk management Risk is the threat that an event or action
will adversely affect an organization's business objectives and
business strategies. Risk Management is the process of protecting
an organization from financial loss and controlling risk at the
lowest possible cost. The goal of Risk Management is to identify,
assess and resolve risk items before they become threats to
assignments or to the entire organization.
Slide 11
11 HR deals with the most valuable resource of the organization
and it is crucial that it becomes a part of the total Risk
Management. Once HR becomes the part of risk management programme,
it will allow using human capital to pursue the companys strategic
goals more systematically and help HR become a strategic business
partner.
Slide 12
12 In todays climate, HR faces extraordinary demands to be
effective, efficient and most importantly, responsive to address
changing organizational and business realities. HR professionals
need to become champion of high-performance which adds measurable
value to both the top and bottom line of business, employee
satisfaction and retention of talent. It is not easy to jump to the
entire new area of assessing HR risk areas. One needs to work
systematically, change the mindset from traditional HR role and
embrace new ideas.
Slide 13
13 There are two types of roles in Risk Management: People are
a source of risk. - Shortage of right kind of employees at a right
time, - attrition of experienced employees, - employee leaving
after completion of a one- year training programme,
Slide 14
14 People are a source of risk (cont.) - employees doing sloppy
work due to lack of competencies, - handling customers very badly,
- an employee unwilling to take on additional responsibility or -
high absentee employees. People are a source of risk (cont.) -
employees doing sloppy work due to lack of competencies, - handling
customers very badly, - an employee unwilling to take on additional
responsibility or - high absentee employees.
Slide 15
15 People are important in handling risk. - People using their
skill to solve unexpected problems, - employees going the extra
mile for the organization, - an employee becoming multi-skilled, -
redesigning his own job to avoid unnecessary delays in getting work
done, or evolving new process to resolve the problem or an employee
persuading a talented friend to apply for a position and join the
organization.
Slide 16
16 Assessing risks Undoubtedly, HR function carries risks.
Identifying threats in HR function and how it is going to impact
the business results, reputation of the company and future business
is essential. Are the threats looked in a routine manner or a focus
is given to understand, assess, categorize the threats based on the
impact, quantifying the threats affecting the organization is the
most critical and difficult task. HR professionals very rarely
approach this important area systematically.
Slide 17
17 Few of the threats facing HR function and how it impacts the
business results are : 1) Workforce planning: Job analysis and job
descriptions - This is the basic function of any HR department. -
Neglecting or undoing in this area results in not having required
manpower at the right time. - Job analysis and job descriptions are
two important attempts to allocate the jobs and selecting a right
person for a position.
Slide 18
18 Workforce planning: Job analysis and job descriptions
(cont.) - They are important for conducting performance evaluation
of employee. If it is not done properly it brings disorder and
accountability of a person. - New Organizations does give
importance for Workforce planning: Job analysis and written down
job descriptions are communicated to employees and risk is avoided
in the initial stage itself.
Slide 19
19 2) Recruitment and selection - Executing action plans to
ensure the organization is not left with a shortage of qualified
workers is one of the biggest challenges today. - HR is creating
big risks to organization by not ensuring the right number of
employees at a right time. - If the risk analysis is carried out on
a regular basis, the quantum of loss or risk involved can be
understood and possible corrective actions can be initiated. 2)
Recruitment and selection - Executing action plans to ensure the
organization is not left with a shortage of qualified workers is
one of the biggest challenges today. - HR is creating big risks to
organization by not ensuring the right number of employees at a
right time. - If the risk analysis is carried out on a regular
basis, the quantum of loss or risk involved can be understood and
possible corrective actions can be initiated.
Slide 20
20 3) Performance appraisal - It is essential to have a well
designed performance appraisal system. Whether goal setting is done
systematically, appraisals are done timely, documentation is done
properly, reward is linked to actual performance. - Ineffective
performance management system can result in a lack of good formal
and informal feedback from managers to employees, minimal employee
development and low employee engagement.
Slide 21
21 Performance appraisal (cont.) - Evolve, implement and
institutionalize the performance evaluation system is the major
responsibility of HR. If not implemented properly, the risks are
manifold and directly impact the morale, motivation and
productivity of the organization.
Slide 22
22 The above three areas are critical HR functions which are
also major risk areas for any organization. Other areas which may
fall in either major or minor risk zone depending upon the
organizations and situation are: - Induction/Orientation, - HR
Policy and Procedures, - Compensation and benefit, - Learning and
Development, - Employee and labor relations, - Labor law
compliance, - Safety and health program, - HR Service Delivery, -
Retention and Management succession.
Slide 23
23 Quantify the Risk HR department shall run through a list of
risks and to see if any threats are persisting. Thereafter, review
the systems, structures and analyze risks and see whether any
vulnerability persists. Take the opinion of others too, who might
have different perspectives.
Slide 24
24 Quantify the Risk (Cont.) The next step is to work out the
likelihood of the threat being realized and to assess its impact.
Lastly, make the best estimate of the probability of the event
occurring, and multiply this by the amount it will cost/quantify
the risk to set things right if it happens.
Slide 25
25 Once risk is identified and understood, adopt cost effective
methods to mitigate the risks and on a time bound basis. Strategies
to manage the risks need to be evolved internally, through use of
existing unexploited resources effectively, improving the methods
and systems, change the accountability of persons by effective
internal control. Lastly, bring in additional resources to overcome
the risk.
Slide 26
26 Once risk analysis and management actions are initiated, it
is essential to conduct formal reviews and analyze the results. HR
has often been considered a soft area, and many have not understood
the inherent risks involved with this function. The need has come
to add total HR function to the organization's regular audit cycle
which is overlooked till now by HR professionals and the top
management.
Slide 27
27 Part II The paper has been adopted from HR Council of
Canada.
Slide 28
28 HR Planning Introduction to Risk Management in HR Risks are
inevitable and organizations have a moral and legal obligation to
attend to the safety and well-being of those they serve, those who
work for them and others who come into contact with their
operations. This is known as "Duty of Care.
Slide 29
29 Organizations need to look at all the risks throughout their
entire operation and incorporate risk management into all planning
and decision-making. However, the specific focus of this section is
risk management as it applies to HR activities.
Slide 30
30 Content Applying risk management to HR The risk management
process Who is involved in the risk management process?
Slide 31
31 Applying risk management to HR When developing a risk
management plan for your HR activities, there are a number of areas
to focus on. This general list will get you started but it is very
important that all organizations identify and evaluate the risks
unique to their own organization.
Slide 32
32 HR ActivityPotential RiskPotential considerations
Compensation and benefits Financial abuse Who has signing
authority? How many signatures are required? Are there checks and
balances?
Slide 33
33 HR ActivityPotential RiskPotential considerations Hiring
Discriminatory practices Hiring unsuitable or unsafe candidates
"Wrongful" hiring Was a complete screening completed on potential
applicants? Were provincial human rights laws observed? Is there a
set probationary period? Were promises made to the candidate that
cannot be honored? Did the employee sign off on the policies and
contract of employment before being hired?
Slide 34
34 Occupational Health and Safety Environmental Personal injury
or death Do we provide safe working conditions and do we conduct
safety checks regularly? Do we provide adequate training for staff?
Do we ensure the use of appropriate clothing and safety equipment?
Do we have adequate policies, procedures, and committee in place?
HR ActivityPotential RiskPotential considerations
Slide 35
35 Employee supervision Abuse Reputation in the community
Release of personal information Do we provide sufficient
orientation and training? Do we provide adequate supervision
(especially for activities that occur off-site or after hours)? Do
we have a performance management system in place? Are personal
information protection guidelines followed? HR ActivityPotential
RiskPotential considerations
Slide 36
36 Employee conduct Abuse Reputation in the community Do we
have clearly written position descriptions for all positions? Do we
follow up when the parameters of the job description are not
respected? Do we provide thorough orientation and training? Do we
provide an employee handbook? Do we have comprehensive policies and
procedures? Do we provide ongoing training about our policies and
procedures? Do we retain written records of performance issues? Do
we ensure that organizational valuables are secure? Do we have cash
management procedures? Do we have adequate harassment policies and
procedures? HR ActivityPotential RiskPotential considerations
Slide 37
37 Exiting employee Property Reputation in the community
Compensation Do we retrieve organizational information and
equipment that a dismissed employee used (especially from home)? Do
we ensure that all access codes, passwords, etc are de-activated?
Do we conduct an exit interview? Do we record lieu time and
vacation balances? HR ActivityPotential RiskPotential
considerations There is a connection between risk management and
liability. Therefore, it is very important to obtain legal advice
about your risk management plan.
Slide 38
38 The risk management process Risk management is a cycle. That
means that it is not something that gets checked off a "to do" list
but it is a continuous activity. Having a risk management process
means that your organization knows and understands the risks to
which you are exposed. It also means that your organization has
deliberately evaluated the risks and has strategies in place to
remove the risk altogether, reduce the likelihood of the risk
happening or minimize harm in the event that something
happens.
Slide 39
39 The risk management process (Cont.) At a very basic level,
risk management focuses you on two fundamental questions: 1) What
can go wrong? 2) What will we do to prevent the harm from occurring
in the first place and in response to the harm or loss if it
actually happens?
Slide 40
40 Identify the risks The very first step is to identify the
risks. Ask yourself what can go wrong. Every activity of an
organization poses a risk so brainstorm and document the risks.
Consider both the general risks (that could happen to any
organization) and the risks specific to your organization.
Slide 41
41 Identify the risks (Cont.) Risks can be: - Abuse that is
either one-time or ongoing (physical, emotional, psychosocial,
sexual, financial) - Personal injury - Medical - Environmental -
Property - Financial - Reputation/goodwill - Other
Slide 42
42 Involving staff, volunteers and board members in the risk
identification process will give you a comprehensive picture of the
risks based on different people's involvement in different areas of
the organization. You may also wish to engage the services and
opinions of an accountant or a lawyer.
Slide 43
43 Assess the risks If you have done a thorough job of
identifying risks, you may end up with a long (and overwhelming)
list. The next step is to assess each of the risks based on the (1)
likelihood or frequency of the risk occurring and (2) the severity
of the consequences. Using a risk map to plot the likelihood of
occurrence and the severity of the consequences will help you
prioritize your next steps.
Slide 44
44 Develop strategies for managing risks Consider the most
appropriate risk management strategies for each identified risk: 1)
Avoidance - Stop providing the service or doing the activity
because it is too risky. 2) Acceptance - Some risky activities are
central to the mission of an organization and an organization will
choose to accept the risks.
Slide 45
45 3) Modification - Change the activity to reduce the
likelihood of the risk occurring or reduce the severity of the
consequences. Policies and procedures are an important part of this
risk management strategy because they communicate expectations and
define boundaries. Learn more about writing policies and
procedures. 4) Transfer or sharing - Purchase insurance or transfer
the risk to another organization through signing a contractual
agreement with other organizations to share the risk (for example,
having a contractual agreement with a bus company to transport
clients rather than staff driving clients).
Slide 46
46 Implement When you have decided which risk management
strategies will be the most effective and affordable for your
organization, practically outline the steps and who is responsible
for each step in the risk management plan. Communicate the plan and
ensure that there is buy-in from all who are involved in the
organization (staff, volunteers, clients, other relevant
stakeholders). Provide training for all organizational staff and
volunteers so they understand the rationale of the risk management
plan as well as the expectations, procedures, forms, etc.
Slide 47
47 Monitor Consider the following questions and document any
changes to the plan: Is your plan working? Have your risks changed?
Have you expanded or reduced your programs and services? Are
changes or updates required? Are staff and volunteers following the
risk management plan? Do they need re-training on the details? Do
we need to better communicate the plan?
Slide 48
48 Risk management is an evolving field. Therefore, it is a
good practice to keep current and re-evaluate your organization's
risk management system on an annual basis.
Slide 49
49 Who is involved in the risk management process? Risk
management is a large and important undertaking. There must be
commitment from the board to commit the financial and human
resources. In larger organizations, a risk management committee,
team or department may be formed to handle the risk management
process.
Slide 50
50 Who is involved in the risk management process? (Cont.) In
smaller and medium sized organization, the responsibility for
developing and implementing a risk management process will likely
fall on the executive director. However, paid staff, volunteers -
and potentially clients and other stakeholders - will be very
helpful partners in identifying risks and developing effective
strategies to deal with the risks. Once the risk management process
is in place, everyone in the organization has a role to play from
identifying risks to following policies and procedures to
completing forms and reports.
Slide 51
51 Resources: HR Planning - Risk Management in HR
http://hrcouncil.ca/hr-toolkit/planning- risk-assessment.cfm
Devising risk management in human resources
http://www.deccanherald.com/content/1
65365/devising-risk-management- human-resources.html
http://hrcouncil.ca/hr-toolkit/planning- risk-assessment.cfm
http://www.deccanherald.com/content/1
65365/devising-risk-management- human-resources.html
http://hrcouncil.ca/hr-toolkit/planning- risk-assessment.cfm
http://www.deccanherald.com/content/1
65365/devising-risk-management- human-resources.html