Business and project risk management review

Broadleaf recently assisted a major professional service business, operating across defence, aerospace and other high technology sectors, to assess its existing risk management practices and identify opportunities to enhance them. The review delivered a plan that will allow the business to build on its existing capability to integrate risk management across business units, and to co-ordinate the implementation of risk management from the Board down through the business and into its substantial portfolio of projects.

The review was based on ISO 31000. Interviews were held with Directors, the Executive, Business Unit Managers, Project Managers and support personnel, including internal audit, project services and IT specialists. The intent and actual implementation of existing risk management processes was reviewed as well as the adequacy and suitability of supporting expertise and tools. These were all assessed against ISO 31000 and against Broadleaf's knowledge of what good risk management means in comparable organisations.

A plan was prepared covering the resources and training required, as well as process and systems improvements that would benefit the business. Indications of a typical implementation sequence and durations were provided to assist the business to implement the plan.