a. Effectiveness of BBC F&B Risk Management Framework:
The risk management framework of BBC F&B is very effective because it encompasses diverse areas of the business risks including operational, financial, commercial risk and risks associated with faulty strategies following the AS/NZS ISO 31000:2009 (iso.org 2018). The framework is even more effective because it consists of policy making, reporting of impending risks to the upper management, business strategy making along with budgeting, analysis of the risk management and external audit. The intervention of the CEO and the top managers make the risks management even more concrete and ensures prompt decision-making to deal with risks (Suttle 2016).
b Scope of risk management required in the acquired role of a manager:
The scope of risk management within the job responsibilities of a manager spans across several areas of business risk like operational, financial and market risks. A manager may also have to deal with the risks associated with faulty decision-making by the upper management and other departmental heads (McNeil, Frey and Embrechts 2015).
c. Current success factors, goals and objectives by the current risk management:
The current risk management system of BBC F&B Pty Limited has several success factors which are aligned with the goals and objectives of the risk management. The email from Paula to the assistant manager and the two teleconferencing calls mentioned in the end of the case study shows that the communications between the CEO, the apex management and assistant managers are very strong and the company stresses on transparent business communications between the different levels within the organisation which is the first critical success factor (Shrivastava and Rathod 2017). Secondly while reviewing the risk factors associated with purchase of Hurley’s, the case study studies the business operations of the cafe from different sides. First, the risk management mentions that customers and tourists can accede to the cafe easily. Again, it points out that being far away from Sydney, logistics and finished food products reaching the store would be an issue. The risk assessment then goes on to point out the wastage of resources and the slack cash management. Thus, the scope of the risk management takes into account benefits of the business brings to the customers, logistics, to the society (through of water) and to the financers (by slack cash management), its second critical success factor (Bromiley et al. 2015). Thus, goal or objective of the risk management analysis of BBC F&B is to analyse the extent the risk management methods of its to-be acquired subsidiaries are aligned to its own business risk management standards.
d. Internal and external stakeholders, their roles in risk management and issues:
As pointed out in the case study, the stakeholders of BBC F&B Proprietary can be divided into two wide categories namely, internal stakeholders and external stakeholders. The internal stakeholders consist of management of BBC F&B Proprietary and Hurley and their respective employees. External stakeholders consist of customers including tourists, logistics companies, society as a whole and government (Hörisch, Freeman and Schaltegger 2014). The following table would outline these stakeholders, roles in risk management and their issues, concerns or stakes.
Table of stakeholders (Appendix 3):
Stakeholder
|
Internal/external
|
Role in process
|
Stake in process
|
Management bodies of BBC F&B
|
Internal
|
Management of company and earning of profits
|
Lack of risk management in the operations of business partners like subsidiaries (Hurley)
|
Apex management of Hurley
|
Internal
|
Making strategies to earn profits
|
Intervention of managers from BBC F&B
|
Internal auditors of BBC F&B
|
Internal
|
Ensuring appropriate risk management within the company
|
Lack of cooperation from employees
|
Employees
|
Internal
|
Follows strategies formed by the apex body
|
Increasing work pressure, lack of WHS
|
Customers(including tourists)
|
External
|
Superior services at the eateries of BBC F&B and its subsidiary Hurley
|
Increase in prices, Unavailability of products due to logistics issues as pointed out in the case study.
|
Government
|
External
|
Forms policies
|
Non compliance of WHS laws and other government policies by companies
|
Society
|
External
|
Controls business activities indirectly by changing preferences of goods and services, demanding for sustainability and so on.
|
Wastage of resources by business organizations (like wastage of water by Hurley in the case study)
|
e. PEST and SWOT analysis:
PEST analysis of Australia:
Political:
1. Strong government support.
2. Government makes standard business laws likes regulation of water usages.
3. Government legislations form base of technological and business improvements
|
Economical:
1. Australia provides cheap resources and logistics chains to business organisations.
2. Australia provides strong network of financial institutions
3.The per capita income of Australia is very high
|
Social:
1. The people in Australia have more disposable income to spend towards cafes.
2. A considerable portion of population of Australia consist of aging people who love spending time in cafes which account for incomes of the .latter.
|
Technological:
1. Australia is technologically developed.
2. Increasing threats from data hackers.
|
SWOT analysis of BBC F&B Pty:
Strengths:
1. BBC F&B is financially strong which is evident by its acquisition of Hurley to expand its business.
2. Enjoys strong market share.
3. Maintains a strict risk management policy which is under the supervision of CEO and directors.
4. Uses advanced information and communication technology like teleconferencing system.
|
Weaknesses:
1. Comparatively weaker presence in comparison to international coffee chains in Australia.
2. Since, it is Proprietary Limited; it enjoys lesser capital than public limited companies.
|
Opportunities:
1. Can open new branches in Australia.
2. Can expand into other countries.
3. Can acquire public limited status to raise capital from share market.
4. Can acquire new firms like Hurley
|
Threats:
1. The weak operational policies of subsidiaries like Hurley arouse legal complications.
2. Subsidiaries like Hurley do not maintain their operations efficiently and taking over such subsidiaries adds to the cost of operations of BBC F&B which attracts investors’ concerns.
|
f. Methods of research for SWOT and PEST:
The method to gain information on the SWOT and PEST consist of primary data acquisition like interviewing the owner and the store manager of Hurley.
g. Summary of the scenario and list of risks to the project:
The following are the list of risk which acquisition of Hurley would create for BBC F&B:
Operational risks:
- The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
- Hurley was a family business which experienced wastage of resources.
Financial Risk:
- The family maintained a lot of cash in hand and theft have been reported in the past.
- The drawings of the family members from the business were not recorded regularly (Mansell 2015).
Data theft risks:
- The employees had unauthorised access to the data base.
- The data base was not protected by passwords.
Part 1: Email to stakeholders:
Email 1: customers
To: Email id of recipient(s)
Subject: Inputs and Identification of additional risk
Dear Mr/Mrs…. (Name of stakeholders),
This is to inform you that BBC F&B is planning to acquire Hurley Cafe as a part of its business expansion. Please find attached a list of threats identified involving takeover of the cafe. It is humble request to you to peruse the risks mentioned and provide necessary inputs. We would highly appreciate your contribution towards help us identifying additional risk to our business namely, BBC F&B (Moriarty 2016).
Operational risks
|
1. The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
2. Hurley was a family business which experienced wastage of resources.
|
Financial Risk
|
1. The family maintained a lot of cash in hand and theft have been reported in the past.
2. The drawings of the family members from the business were not recorded regularly.
|
Data theft risks
|
1. The employees had unauthorised access to the data base.
2. The data base was not protected by passwords.
|
We would highly be obliged to you for your inputs and suggestions towards identifying risks which would guide us to take appropriate steps to deal with them and
a. Findings from the risk assessment at Hurley’s Cafe:
The findings pertaining to the risk management assessment at Hurley’s Cafe shows that the management of the cafe do not follow appropriate risk management procedure. For example, there is no written organisational strategy taken by the management and the staffs, who are mostly family members, have access to all the data which exposes the cafe to data theft risks. Moreover, staffs are not trained to make food and there are lacks of safety measures (Harrison, Freeman and Abreu 2015). Thus the findings of risk management assessment of the Hurley’s cafe show that the cafe does not qualify the critical success factors of BBC F&B.
b. BBC F&B risk management process:
The risk management process of the BBC F&B is very strict and involves identification, evaluation, controlling and managing risks. The continuous intervention of the CEO and the upper level managers make the risk management at BBC aligned to the company’s business strategies (Touboulic and Walker 2015).
c. Communication with stakeholders:
The company should communicate with the stakeholders through formal emails because it wants to seek their input in its risk management process. The company should also send hard copies of the emails in its official letter heads (Gualandris et al. 2015).
d. Support of CEO in ongoing risk management activities:
The CEO Paula Kinski should support the ongoing risk management activities by giving her initials in the letters and sending the emails to stakeholders from her official email id. This would make the mails more official and help the company gain more active feedback from stakeholders (Thomson 2015).
e. Additional inputs of the CEO:
The CEO Ms Kinski can provide her own inputs on additional risk management. She can do this by identifying new risks that the BBC can face after acquisition of Hurley considering the low risk management standards of the latter.
3. Summary of discussion of the meeting with the CEO:
- The risk management should involve inputs from the stakeholders.
- The company should consider the risk management standards of Hurley under its own risk management post acquisition. Hence, it should analyse the present risk management standards at Hurley Cafe to identify the risks in order to from appropriate strategies in advance.
- The CEO would give her own inputs towards identification of new risks associated with the takeover of Hurley as a part of business expansion strategies.
1. Review of BBC F&B scenario information:
The current scenario and the appendices provided (Appendix 4) shows that BBC F&B follows strict risk management policies. This evident by the minute scrutiny of the risk management standards which the assistant manager conducted regarding the future subsidiary of the company, Hurley’s cafe. The company after identifying the risks initiates projects to manage them which is evident by the Gantt chart and the project status report. The finance departments prepare budgets and cost allocation plan which proves the strong risk management policies of BBC (Leveson 2015).
2. Risk analysis report:
a. Likelihood of risks
Risks
|
Particulars
|
Likelihood
|
Operational risks
|
1. The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
|
High
|
2. Hurley was a family business which experienced wastage of resources.
|
Very high
|
Financial Risk
|
1. The family maintained a lot of cash in hand and there have been reports of cash thefts.
|
Rare
|
2. The drawings of the family members from the business were not recorded regularly
|
Frequent
|
Data theft risks
|
3. The employees had unauthorised access to the data base.
|
High
|
4. The data base was not protected by passwords
|
Very high
|
b. Assessment of consequences of risks:
Risk
|
Likelihood (H/M/L)
|
Impact (H/M/L)
|
Risk response (contingency strategies)
|
Responsible
|
Operational risks: The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
|
H
|
M
|
Building production facilities close to Hurley
|
Production manager
|
Operational risks: Hurley was a family business which experienced wastage of resources.
|
H
|
L
|
Strict resource management and reduction of wastage of resources like water
|
CSR officer
|
Financial Risk: The family maintained a lot of cash in hand and there have been reports of cash thefts.
|
H
|
L
|
Minimising retention of cash in hand and more cash in bank
|
Accounts department
|
Financial Risk: The drawings of the family members from the business were not recorded regularly
|
H
|
L
|
Minimising withdrawal from business capital.
|
Accountant department manager
|
Data theft risks: The employees had unauthorised access to the data base.
|
H
|
H
|
Defining the data amount each employee can accede to
|
Technological officer and departmental heads
|
Data theft risks: The data base was not protected by passwords
|
H
|
H
|
Using strong passwords for each data set
|
Technological officer and departmental heads
|
Risk log or risk matrix and options of treatment of risks:
Issue/ Risk
|
Priority
(rank according to impact)
|
Impact on Budget
|
Impact on Schedule
|
Agreed Management Strategy
|
Responsibility
|
Status
|
Operational risks: The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
|
High
|
Increasing in logistics costs
|
Extension of schedule
|
Building production facilities close to Hurley
|
Production manager
|
WIP
|
Operational risks: Hurley was a family business which experienced wastage of resources.
|
Low
|
Limited resources
|
Increasing in costs
|
Strict resource management and reduction of wastage of resources like water
|
CSR officer
|
WIP
|
Financial Risk: The family maintained a lot of cash in hand and there have been reports of cash thefts.
|
|
|
|
Minimising retention of cash in hand and more cash in bank
|
Accounts department
|
WIP
|
Financial Risk: The drawings of the family members from the business were not recorded regularly
|
|
|
|
Minimising withdrawal from business capital.
|
Accountant department manager
|
WIP
|
Data theft risks: The employees had unauthorised access to the data base.
|
Very high
|
Loss of data
|
Business loss due to loss of the data
|
Defining the data amount each employee can accede to
|
Technological officer and departmental heads
|
WIP
|
Data theft risks: The data base was not protected by passwords
|
Very high
|
Loss of data
|
Business loss due to loss of the data
|
Using strong passwords for each data set
|
Technological officer and departmental heads
|
WIP
|
Note: The activities are in WIP stage on commencing stage since BBC according to the case study would be taking over Hurley Cafe in the future and the takeover has not started.
Risk identification:
The risks can be identified, assessed on the grounds of likelihood, consequences and priority on the grounds of severity of their effects on the business operations. For example, for wastage of risk, the likelihood is high but the impact on business would be increasing costs which are less severe compared to impact of data theft, a risk that is less frequent. The risk treatment options are likely to be effective and good for the organisation because BBC follows a stringent risk management policy (safeworkaustralia.gov.au 2018).
Action plan:
Task/ Deliverable
|
Weeks
|
1
|
2
|
3
|
4
|
5
|
6
|
7
|
8
|
Research and analyse industry information
|
|
|
|
|
|
|
|
|
Design and develop policies and procedures
|
|
|
|
|
|
|
|
|
Develop and design marketing materials including a customer service charter
|
|
|
|
|
|
|
|
|
Develop internal training program
|
|
|
|
|
|
|
|
|
External training program
|
|
|
|
|
|
|
|
|
Organise performance evaluation sessions
|
|
|
|
|
|
|
|
|
Organise formal feedback sessions
|
|
|
|
|
|
|
|
|
Monitoring evaluation and review
|
|
|
|
|
|
|
|
|
The action plan would consist of eight proposed actions spreading over eight weeks as shown above. The plan would consist of idenfication of risks, evaluating their severity and organisation of ways to deal with them.
Communication of action plan to board of directors:
The action plan given above should be communicated to the board of directors. This would enable to them to form more appropriate risk management strategies and give their own inputs to strengthen the strategies (Cornelissen and Cornelissen 2017).
Risk Treatment plan of one key risk-Data theft risks:
The implementation of risk management plan to mitigate data theft risks would consist of the following steps:
- The company should adopt new firewall and antivirus software to strengthen its data security system.
- Every employee should mandatorily have an official email id and password to access data.
- The data access limit should be aligned to the designation of the employees.
Evaluation of risk management plan:
Issue/ Risk
|
Plan
|
Implementation
|
Outcomes
|
Operational risks: The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
|
Building production facilities close to Hurley
|
Acquiring factories
|
Reducing transportation to deliver fresh products.
|
Operational risks: Hurley was a family business which experienced wastage of resources.
|
Strict resource management and reduction of wastage of resources like water
|
Reducing wastage of resources like water
|
Reduction of resources purchases and associated costs
|
Financial Risk: The family maintained a lot of cash in hand and there have been reports of cash thefts.
|
Minimising retention of cash in hand and more cash in bank
|
Keeping maximum money in bank
|
Minimum or thefts of cash
|
Financial Risk: The drawings of the family members from the business were not recorded regularly
|
Minimising withdrawal from business capital.
|
Setting aside reserve cash
|
More funds available to business
|
Data theft risks: The employees had unauthorised access to the data base.
|
Defining the data amount each employee can accede to
|
Employees of lower level cannot accede to confidential business data
|
Reduction of misuse of data
|
Data theft risks: The data base was not protected by passwords
|
Using strong passwords for each data set
|
Technological officer and departmental heads
|
WIP
|
1. Three ways to conduct research on risk related issues:
Three ways
|
Explanations
|
1. Secondary
|
The method refers to gaining information from sources like past risks records, journals and newspaper articles.
|
2. Primary
|
Interviews and conversations with people to gain direct information on risk management conditions.
|
3. Mixed methods
|
Gaining information from both sources and making of strategies.
|
2. Fishbone checklist and brainstorming:
Fishbone checklist is a diagram that identifies several causes of an issue, say data risk and try to find out ways to deal with them. Brain storming, part of the fishbone checklist technique refers to group activity which aims to find out solutions to only specific issues unlike the former. The latter technique takes into account the aspects like methods and technology in use to arrive at conclusion (Hoischen-Taubner, Bielecke and Sundrum 2014).
3. Five stages of risk likelihood:
The five stages of risk likelihood are:
- Identifying the risks like operational risks and technological risks.
- Evaluate the potential of the risk to harm the business.
- Evaluation of the risks.
- Maintaining records of the risks in order to facilitate future decision making.
- Continuous monitoring and updation of the risks.
4. Five levels of consequences of risks:
- Very high for example, natural calamities.
- High for example, data thefts.
- Moderate for example, cash theft.
- Low for example, machine breakdown
- Negligible for example, small minor accidents
5. Treatment needs:
The three risk treatment needs to be considered while treating risks are their severity (how severe), their business consequences (results in high financial losses) and their frequencies (how frequent) (Crane and Glozer 2016).
6. Risk action plan:
- Identifying the risks like operational risks and technological risks- The risks and their types like operational risks may consist of wasting resource which would increase the operational costs.
- Evaluate the potential of the risk to harm the business- How severe is the risk and its consequences on the budget of the company.
- Evaluation of the risks- Whether the risk is severe, very severe, moderate or low.
- Maintaining records of the risks in order to facilitate future decision making- Maintaining record of past risks and the measures taken to deal with them. This would help future managers deal with similar types of risks (Crane and Glozer 2016).
- Continuous monitoring and updation of the risks- This would help the company adapt to evolving risk management technologies and deal with future risks.
7. Importance of AS/NZS ISO 31000:2009 Risk management:
It helps the organizations to manage their risks more effectively, thus minimizing their risk management costs. The companies can also earn goodwill be abiding by the ISO 31000:2009 (iso.org 2018).
8. Impact of legislations in risk management:
The legislations and laws have deep impact on the process of risk management. The business organization both of Australian and foreign origin have to abide by the laws like privacy laws, WHS laws and contract laws while operating (safeworkaustralia.gov.au 2018). These laws ensure that business firms take serious measures to minimise risks which results in saving resources, otherwise lost due to risks like accidental fire.
9. Workplace changes to accommodate wheelchair type:
- Ramp way to lifts so that the employee on wheelchair can be pushed towards and away from lift.
- Appropriate changes in the washroom.
- Adaptations in the workstation arrangements like adjusting the height of the table.
10. Two types of mandatory insurance for business organizations:
Business organizations should think about employee insurance and general insurance. The employee insurance would cover the risks caused to employees due to accidents and enable the employers to motivate employees (benefits). The property insurance would cover risks to assets like vehicles, building and warehouses from accidents like fire (Cornelissen and Cornelissen 2017). The benefit of the general insurance is that it would enable the companies to get financial compensation from the insurer in case of risks.
References:
31000:2009, I. 2018. ISO 31000:2009 – Risk management — Principles and guidelines. [online] Iso.org. Available at: https://www.iso.org/standard/43170.html [Accessed 11 Feb. 2018].
Bromiley, P., McShane, M., Nair, A. and Rustambekov, E., 2015. Enterprise risk management: Review, critique, and research directions. Long range planning, 48(4), pp.265-276.
Cornelissen, J. and Cornelissen, J.P., 2017. Corporate communication: A guide to theory and practice. Sage.
Crane, A. and Glozer, S., 2016. Researching corporate social responsibility communication: Themes, opportunities and challenges. Journal of Management Studies, 53(7), pp.1223-1252.
Gualandris, J., Klassen, R.D., Vachon, S. and Kalchschmidt, M., 2015. Sustainable evaluation and verification in supply chains: Aligning and leveraging accountability to stakeholders. Journal of Operations Management, 38, pp.1-13.
Harrison, J.S., Freeman, R.E. and Abreu, M.C.S.D., 2015. Stakeholder Theory As an Ethical Approach to Effective Management: applying the theory to multiple contexts. Revista brasileira de gestão de negócios, 17(55), pp.858-869.
Hoischen-Taubner, S., Bielecke, A. and Sundrum, A., 2014. Different perspectives on animal health and implications for communication between stakeholders. Farming systems facing global challenges: Capacities and strategies, pp.8-16.
Hörisch, J., Freeman, R.E. and Schaltegger, S., 2014. Applying stakeholder theory in sustainability management: Links, similarities, dissimilarities, and a conceptual framework. Organization & Environment, 27(4), pp.328-346.
Leveson, N., 2015. A systems approach to risk management through leading safety indicators. Reliability Engineering & System Safety, 136, pp.17-34.
Mansell, S., 2015. Book Review: Rejoinder to Veldman’s review of Capitalism, Corporations and the Social Contract: A Critique of Stakeholder Theory (Vol. 22, No. 2, pp. 271-275). Sage UK: London, England: Sage Publications.
McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts, techniques and tools. Princeton university press.
Moriarty, J., 2016. The Demands of Stakeholder Theory for Corporate Governance. Business Ethics Journal Review, 4(8), pp.47-52.
Safe Work Australia. 2018. Model WHS Laws. [online] Available at: https://www.safeworkaustralia.gov.au/law-and-regulation/model-whs-laws [Accessed 13 Feb. 2018].
Shrivastava, S.V. and Rathod, U., 2017. A risk management framework for distributed agile projects. Information and software technology, 85, pp.1-15.
Suttle, J., 2016. Aerospace Systems” A Risky Business” Understanding the Need for a Mature Risk Management Framework.
Thomson, I., 2015. ‘But does sustainability need capitalism or an integrated report’a commentary on ‘The International Integrated Reportin
Touboulic, A. and Walker, H., 2015. Theories in sustainable supply chain management: a structured literature review. International Journal of Physical Distribution & Logistics Management, 45(1/2), pp.16-42.