a. Effectiveness of BBC F&B Risk Management Framework:

The risk management framework of BBC F&B is very effective because it encompasses diverse areas of the business risks including operational, financial, commercial risk and risks associated with faulty strategies following the AS/NZS ISO 31000:2009 (iso.org 2018). The framework is even more effective because it consists of policy making, reporting of impending risks to the upper management, business strategy making along with budgeting, analysis of the risk management and external audit. The intervention of the CEO and the top managers make the risks management even more concrete and ensures prompt decision-making to deal with risks (Suttle 2016).

b Scope of risk management required in the acquired role of a manager:

  The scope of risk management within the job responsibilities of a manager spans across several areas of business risk like operational, financial and market risks.  A manager may also have to deal with the risks associated with faulty decision-making by the upper management and other departmental heads (McNeil, Frey and Embrechts 2015).

c. Current success factors, goals and objectives by the current risk management:

The current risk management system of BBC F&B Pty Limited has several success factors which are aligned with the goals and objectives of the risk management. The email from Paula to the assistant manager and the two teleconferencing calls mentioned in the end of the case study shows that the communications between the CEO, the apex management and assistant managers are very strong and the company stresses on transparent business communications between the different levels within the organisation which is the first critical success factor (Shrivastava and Rathod 2017). Secondly while reviewing the risk factors associated with purchase of Hurley’s, the case study studies the business operations of the cafe from different sides. First, the risk management mentions that customers and tourists can accede to the cafe easily. Again, it points out that being far away from Sydney, logistics and finished food products reaching the store would be an issue. The risk assessment then goes on to point out the wastage of resources and the slack cash management. Thus, the scope of the risk management takes into account benefits of the business brings to the customers, logistics, to the society (through of water) and to the financers (by slack cash management), its second critical success factor (Bromiley et al. 2015). Thus, goal or objective of the risk management analysis of BBC F&B is to analyse the extent the risk management methods of its to-be acquired subsidiaries are aligned to its own business risk management standards.

d. Internal and external stakeholders, their roles in risk management and issues:

As pointed out in the case study, the stakeholders of BBC F&B Proprietary can be divided into two wide categories namely, internal stakeholders and external stakeholders. The internal stakeholders consist of management of BBC F&B Proprietary and Hurley and their respective employees. External stakeholders consist of customers including tourists, logistics companies, society as a whole and government (Hörisch, Freeman and Schaltegger 2014). The following table would outline these stakeholders, roles in risk management and their issues, concerns or stakes.

Table of stakeholders (Appendix 3):

e. PEST and SWOT analysis:

PEST analysis of Australia:

SWOT analysis of BBC F&B Pty:

f. Methods of research for SWOT and PEST:

The method to gain information on the SWOT and PEST consist of primary data acquisition like interviewing the owner and the store manager of Hurley.

g. Summary of the scenario and list of risks to the project:

The following are the list of risk which acquisition of Hurley would create for BBC F&B:

Operational risks:

1. The cafe was far from Sydney and supplying finished products to it would add to the logistics cost.
2. Hurley was a family business which experienced wastage of resources.

Financial Risk:

1. The family maintained a lot of cash in hand and theft have been reported in the past.
2.  The drawings of the family members from the business were not recorded regularly (Mansell 2015).

Data theft risks:  

1. The employees had unauthorised access to the data base.
2. The data base was not protected by passwords.

Part 1: Email to stakeholders:

Email 1: customers

To: Email id of recipient(s)

Subject: Inputs and Identification of additional risk

Dear Mr/Mrs…. (Name of stakeholders),

This is to inform you that BBC F&B is planning to acquire Hurley Cafe as a part of its business expansion. Please find attached a list of threats identified involving takeover of the cafe. It is humble request to you to peruse the risks mentioned and provide necessary inputs. We would highly appreciate your contribution towards help us identifying additional risk to our business namely, BBC F&B (Moriarty 2016).

We would highly be obliged to you for your inputs and suggestions towards identifying risks which would guide us to take appropriate steps to deal with them and

a. Findings from the risk assessment at Hurley’s Cafe:

The findings pertaining to the risk management assessment at Hurley’s Cafe shows that the management of the cafe do not follow appropriate risk management procedure. For example, there is no written organisational strategy taken by the management and the staffs, who are mostly family members, have access to all the data which exposes the cafe to data theft risks. Moreover, staffs are not trained to make food and there are lacks of safety measures (Harrison, Freeman and Abreu 2015). Thus the findings of risk management assessment of the Hurley’s cafe show that the cafe does not qualify the critical success factors of BBC F&B.

b. BBC F&B risk management process:

The risk management process of the BBC F&B is very strict and involves identification, evaluation, controlling and managing risks. The continuous intervention of the CEO and the upper level managers make the risk management at BBC aligned to the company’s business strategies (Touboulic and Walker 2015).

c. Communication with stakeholders:

The company should communicate with the stakeholders through formal emails because it wants to seek their input in its risk management process. The company should also send hard copies of the emails in its official letter heads (Gualandris et al. 2015).

d. Support of CEO in ongoing risk management activities:

The CEO Paula Kinski should support the ongoing risk management activities by giving her initials in the letters and sending the emails to stakeholders from her official email id. This would make the mails more official and help the company gain more active feedback from stakeholders (Thomson 2015).

e. Additional inputs of the CEO:

The CEO Ms Kinski can provide her own inputs on additional risk management. She can do this by identifying new risks that the BBC can face after acquisition of Hurley considering the low risk management standards of the latter.

3. Summary of discussion of the meeting with the CEO:

• The risk management should involve inputs from the stakeholders.
• The company should consider the risk management standards of Hurley under its own risk management post acquisition. Hence, it should analyse the present risk management standards at Hurley Cafe to identify the risks in order to from appropriate strategies in advance.
• The CEO would give her own inputs towards identification of new risks associated with the takeover of Hurley as a part of business expansion strategies.

1. Review of BBC F&B scenario information:

The current scenario and the appendices provided (Appendix 4) shows that BBC F&B follows strict risk management policies. This evident by the minute scrutiny of the risk management standards which the assistant manager conducted regarding the future subsidiary of the company, Hurley’s cafe. The company after identifying the risks initiates projects to manage them which is evident by the Gantt chart and the project status report. The finance departments prepare budgets and cost allocation plan which proves the strong risk management policies of BBC (Leveson 2015).

2. Risk analysis report:

a. Likelihood of risks

b. Assessment of consequences of risks:

Risk log or risk matrix and options of treatment of risks:

Note: The activities are in WIP stage on commencing stage since BBC according to the case study would be taking over Hurley Cafe in the future and the takeover has not started.

Risk identification:

The risks can be identified, assessed on the grounds of likelihood, consequences and priority on the grounds of severity of their effects on the business operations. For example, for wastage of risk, the likelihood is high but the impact on business would be increasing costs which are less severe compared to impact of data theft, a risk that is less frequent. The risk treatment options are likely to be effective and good for the organisation because BBC follows a stringent risk management policy (safeworkaustralia.gov.au 2018).

Action plan:

The action plan would consist of eight proposed actions spreading over eight weeks as shown above. The plan would consist of idenfication of risks, evaluating their severity and organisation of ways to deal with them.

Communication of action plan to board of directors:

The action plan given above should be communicated to the board of directors. This would enable to them to form more appropriate risk management strategies and give their own inputs to strengthen the strategies (Cornelissen and Cornelissen 2017).

Risk Treatment plan of one key risk-Data theft risks:

The implementation of risk management plan to mitigate data theft risks would consist of the following steps:

1. The company should adopt new firewall and antivirus software to strengthen its data security system.
2. Every employee should mandatorily have an official email id and password to access data.
3. The data access limit should be aligned to the designation of the employees.

Evaluation of risk management plan:

1. Three ways to conduct research on risk related issues:

2. Fishbone checklist and brainstorming:

Fishbone checklist is a diagram that identifies several causes of an issue, say data risk and try to find out ways to deal with them. Brain storming, part of the fishbone checklist technique refers to group activity which aims to find out solutions to only specific issues unlike the former. The latter technique takes into account the aspects like methods and technology in use to arrive at conclusion (Hoischen-Taubner, Bielecke and Sundrum 2014).

3. Five stages of risk likelihood:

The five stages of risk likelihood are:

1. Identifying the risks like operational risks and technological risks.
2. Evaluate the potential of the risk to harm the business.
3. Evaluation of the risks.
4. Maintaining records of the risks in order to facilitate future decision making.
5. Continuous monitoring and updation of the risks.

4. Five levels of consequences of risks:

1. Very high for example, natural calamities.
2. High for example, data thefts.
3. Moderate for example, cash theft.
4. Low for example, machine breakdown
5. Negligible for example, small minor accidents

5. Treatment needs:

The three risk treatment needs to be considered while treating risks are their severity (how severe), their business consequences (results in high financial losses) and their frequencies (how frequent) (Crane and Glozer 2016).

6. Risk action plan:

1. Identifying the risks like operational risks and technological risks- The risks and their types like operational risks may consist of wasting resource which would increase the operational costs.
2. Evaluate the potential of the risk to harm the business- How severe is the risk and its consequences on the budget of the company.
3. Evaluation of the risks- Whether the risk is severe, very severe, moderate or low.
4. Maintaining records of the risks in order to facilitate future decision making- Maintaining record of past risks and the measures taken to deal with them. This would help future managers deal with similar types of risks (Crane and Glozer 2016).
5. Continuous monitoring and updation of the risks- This would help the company adapt to evolving risk management technologies and deal with future risks.

7. Importance of AS/NZS ISO 31000:2009 Risk management:

It helps the organizations to manage their risks more effectively, thus minimizing their risk management costs. The companies can also earn goodwill be abiding by the ISO 31000:2009 (iso.org 2018).

8. Impact of legislations in risk management:

The legislations and laws have deep impact on the process of risk management. The business organization both of Australian and foreign origin have to abide by the laws like privacy laws, WHS laws and contract laws while operating (safeworkaustralia.gov.au 2018). These laws ensure that business firms take serious measures to minimise risks which results in saving resources, otherwise lost due to risks like accidental fire.

9. Workplace changes to accommodate wheelchair type:

1. Ramp way to lifts so that the employee on wheelchair can be pushed towards and away from lift.
2. Appropriate changes in the washroom.
3. Adaptations in the workstation arrangements like adjusting the height of the table.

10. Two types of mandatory insurance for business organizations:

Business organizations should think about employee insurance and general insurance. The employee insurance would cover the risks caused to employees due to accidents and enable the employers to motivate employees (benefits). The property insurance would cover risks to assets like vehicles, building and warehouses from accidents like fire (Cornelissen and Cornelissen 2017). The benefit of the general insurance is that it would enable the companies to get financial compensation from the insurer in case of risks.

References:

31000:2009, I. 2018. ISO 31000:2009 – Risk management — Principles and guidelines. [online] Iso.org. Available at: https://www.iso.org/standard/43170.html [Accessed 11 Feb. 2018].

Bromiley, P., McShane, M., Nair, A. and Rustambekov, E., 2015. Enterprise risk management: Review, critique, and research directions. Long range planning, 48(4), pp.265-276.

Cornelissen, J. and Cornelissen, J.P., 2017. Corporate communication: A guide to theory and practice. Sage.

Crane, A. and Glozer, S., 2016. Researching corporate social responsibility communication: Themes, opportunities and challenges. Journal of Management Studies, 53(7), pp.1223-1252.

Gualandris, J., Klassen, R.D., Vachon, S. and Kalchschmidt, M., 2015. Sustainable evaluation and verification in supply chains: Aligning and leveraging accountability to stakeholders. Journal of Operations Management, 38, pp.1-13.

Harrison, J.S., Freeman, R.E. and Abreu, M.C.S.D., 2015. Stakeholder Theory As an Ethical Approach to Effective Management: applying the theory to multiple contexts. Revista brasileira de gestão de negócios, 17(55), pp.858-869.

Hoischen-Taubner, S., Bielecke, A. and Sundrum, A., 2014. Different perspectives on animal health and implications for communication between stakeholders. Farming systems facing global challenges: Capacities and strategies, pp.8-16.

Hörisch, J., Freeman, R.E. and Schaltegger, S., 2014. Applying stakeholder theory in sustainability management: Links, similarities, dissimilarities, and a conceptual framework. Organization & Environment, 27(4), pp.328-346.

Leveson, N., 2015. A systems approach to risk management through leading safety indicators. Reliability Engineering & System Safety, 136, pp.17-34.

Mansell, S., 2015. Book Review: Rejoinder to Veldman’s review of Capitalism, Corporations and the Social Contract: A Critique of Stakeholder Theory (Vol. 22, No. 2, pp. 271-275). Sage UK: London, England: Sage Publications.

McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts, techniques and tools. Princeton university press.

Moriarty, J., 2016. The Demands of Stakeholder Theory for Corporate Governance. Business Ethics Journal Review, 4(8), pp.47-52.

Safe Work Australia. 2018. Model WHS Laws. [online] Available at: https://www.safeworkaustralia.gov.au/law-and-regulation/model-whs-laws [Accessed 13 Feb. 2018].

Shrivastava, S.V. and Rathod, U., 2017. A risk management framework for distributed agile projects. Information and software technology, 85, pp.1-15.

Suttle, J., 2016. Aerospace Systems” A Risky Business” Understanding the Need for a Mature Risk Management Framework.

Thomson, I., 2015. ‘But does sustainability need capitalism or an integrated report’a commentary on ‘The International Integrated Reportin

Touboulic, A. and Walker, H., 2015. Theories in sustainable supply chain management: a structured literature review. International Journal of Physical Distribution & Logistics Management, 45(1/2), pp.16-42.