Transcript Planning Risk Management in Human Resources

HUMAN CAPITAL DEVELOPMENT
FORUM IN ICT
24TH- 26TH FEBRUARY 2014
CROSSROADS HOTEL
LILONGWE, MALAWI
1
Planning Risk Management in
Human Resources
Presenter:
Jonathan P. Mwakijele, BSc, MCM, MSc,
Head of Training, Consultancy and Research
Unit,
African Advanced Level Telecommunications
Institute (AFRALTI),
Nairobi, Kenya.
e-mail address: [email protected]
2
Planning Risk Management in Human
Resources
Planned approach aims to identify, assess and
resolve risk items before they turn threats to
organisations.
3
Content
PART I
What is risk?
Introduction to Risk Management
Risk management
Assessing risks
- Workforce planning: Job analysis and job
descriptions
- Recruitment and selection
- Performance appraisal
Quantify the Risk
4
PART II
Introduction to Risk Management in HR
Applying risk management to HR
The risk management process
- Identify the risks
- Assess the risks
- Develop strategies for managing risks
- Implement
- Monitor
Who is involved in the risk management process?
5
PART I
The paper has been adopted from Bhima Rao’s
paper on Devising risk management in
human resources.
6
What is risk?
Risk is defined as the “perceived extent of
possible loss”.
It may be a small or a big risk? It varies from
situation to situation.
Risk is a part of personal and business world.
7
Introduction to Risk Management
Understanding risk is the first step in risk
management. The risk assessment tool is known
widely and used effectively in project
management and execution, finance and
accounts, manufacturing, and marketing.
Risk involved in Human Resource Management
function and its assessment is yet to take a firm
root.
Formal risk analysis and risk management in
HR can help to evolve strategies to minimize
the disruptions of plans, control cost and
control loss.
8
HR audit is the first step to understand the risk
involved in daily HR function and in long term HR
plans. HR audit is not only conducting Labor
compliance audit.
Assessment of risk due to non-compliance of labor
laws is only one part of the HR function. The need
of the day is to assess the risk in the entire scope of
HR function and in relation to the objectives of the
organization.
How to assess the risk of HR function, analyze and
estimate the risk which would impact business
results and managing the identified risks successfully
is a new challenge to HR professionals.
9
Risk management
“Risk is the threat that an event or action will
adversely affect an organization's business
objectives and business strategies.”
Risk Management is the process of protecting
an organization from financial loss and
controlling risk at the lowest possible cost.
The goal of Risk Management is to identify,
assess and resolve risk items before they
become threats to assignments or to the
entire organization.
10
HR deals with the most valuable resource of
the organization and it is crucial that it
becomes a part of the total Risk Management.
Once HR becomes the part of risk
management programme, it will allow using
human capital to pursue the company’s
strategic goals more systematically and help
HR become a strategic business partner.
11
In today’s climate, HR faces extraordinary
demands to be effective, efficient and most
importantly, responsive to address changing
organizational and business realities.
HR professionals need to become champion of
high-performance which adds measurable value
to both the top and bottom line of business,
employee satisfaction and retention of talent.
It is not easy to jump to the entire new area of
assessing HR risk areas. One needs to work
systematically, change the mindset from
traditional HR role and embrace new ideas.
12
There are two types of roles in Risk
Management:
People are a source of risk.
- Shortage of right kind of employees at a right
time,
- attrition of experienced employees,
- employee leaving after completion of a oneyear training programme,
13
People are a source of risk (cont.)
- employees doing sloppy work due to lack of
competencies,
- handling customers very badly,
- an employee unwilling to take on additional
responsibility or
- high absentee employees.
14
People are important in handling risk.
- People using their skill to solve unexpected
problems,
- employees going the extra mile for the
organization,
- an employee becoming multi-skilled,
- redesigning his own job to avoid unnecessary
delays in getting work done, or evolving new
process to resolve the problem or an employee
persuading a talented friend to apply for a
position and join the organization.
15
Assessing risks
Undoubtedly, HR function carries risks.
Identifying threats in HR function and how it is
going to impact the business results, reputation of
the company and future business is essential.
Are the threats looked in a routine manner or a
focus is given to understand, assess, categorize the
threats based on the impact, quantifying the threats
affecting the organization is the most critical and
difficult task.
HR professionals very rarely approach this
important area systematically.
16
Few of the threats facing HR function and how
it impacts the business results are :
1) Workforce planning: Job analysis and job
descriptions
- This is the basic function of any HR department.
- Neglecting or undoing in this area results in not
having required manpower at the right time.
- Job analysis and job descriptions are two
important attempts to allocate the jobs and
selecting a right person for a position.
17
Workforce planning: Job analysis and job
descriptions (cont.)
- They are important for conducting performance
evaluation of employee. If it is not done properly it
brings disorder and accountability of a person.
- New Organizations does give importance for
Workforce planning: Job analysis and written down
job descriptions are communicated to employees
and risk is avoided in the initial stage itself.
18
2) Recruitment and selection
- Executing action plans to ensure the
organization is not left with a shortage of
qualified workers is one of the biggest
challenges today.
- HR is creating big risks to organization by not
ensuring the right number of employees at a
right time.
- If the risk analysis is carried out on a regular
basis, the quantum of loss or risk involved can
be understood and possible corrective actions
can be initiated.
19
3) Performance appraisal
- It is essential to have a well designed
performance appraisal system. Whether goal
setting is done systematically, appraisals are
done timely, documentation is done properly,
reward is linked to actual performance.
- Ineffective performance management system
can result in a lack of good formal and
informal feedback from managers to
employees, minimal employee development
and low employee engagement.
20
Performance appraisal (cont.)
- Evolve, implement and institutionalize the
performance evaluation system is the major
responsibility of HR. If not implemented
properly, the risks are manifold and directly
impact the morale, motivation and
productivity of the organization.
21
The above three areas are critical HR functions
which are also major risk areas for any organization.
Other areas which may fall in either major or minor
risk zone depending upon the organizations and
situation are:
- Induction/Orientation,
- HR Policy and Procedures,
- Compensation and benefit,
- Learning and Development,
- Employee and labor relations,
- Labor law compliance,
- Safety and health program,
- HR Service Delivery,
- Retention and Management succession.
22
Quantify the Risk
HR department shall run through a list of risks
and to see if any threats are persisting.
Thereafter, review the systems, structures and
analyze risks and see whether any vulnerability
persists.
Take the opinion of others too, who might
have different perspectives.
23
Quantify the Risk (Cont.)
The next step is to work out the likelihood of
the threat being realized and to assess its
impact.
Lastly, make the best estimate of the
probability of the event occurring, and multiply
this by the amount it will cost/quantify the risk
to set things right if it happens.
24
Once risk is identified and understood, adopt
cost effective methods to mitigate the risks
and on a time bound basis.
Strategies to manage the risks need to be
evolved internally, through use of existing
unexploited resources effectively, improving
the methods and systems, change the
accountability of persons by effective internal
control.
Lastly, bring in additional resources to
overcome the risk.
25
Once risk analysis and management actions
are initiated, it is essential to conduct formal
reviews and analyze the results.
HR has often been considered a “soft” area,
and many have not understood the inherent
risks involved with this function.
The need has come to add total HR function
to the organization's regular audit cycle which
is overlooked till now by HR professionals and
the top management.
26
Part II
The paper has been adopted from HR
Council of Canada.
27
HR Planning
Introduction to Risk Management in HR
Risks are inevitable and organizations have a
moral and legal obligation to attend to the
safety and well-being of those they serve,
those who work for them and others who
come into contact with their operations.
This is known as "Duty of Care.”
28
Organizations need to look at all the risks
throughout their entire operation and
incorporate risk management into all planning
and decision-making.
However, the specific focus of this section is
risk management as it applies to HR activities.
29
Content
Applying risk management to HR
The risk management process
Who is involved in the risk management process?
30
Applying risk management to HR
When developing a risk management plan for
your HR activities, there are a number of
areas to focus on.
This general list will get you started but it is
very important that all organizations identify
and evaluate the risks unique to their own
organization.
31
HR Activity
Potential Risk
Compensation •Financial abuse
and benefits
Potential
considerations
•Who has signing
authority?
•How many
signatures are
required?
•Are there
checks and
balances?
32
HR Activity Potential Risk
Hiring
•Discriminatory practices
•Hiring unsuitable or
unsafe candidates
•"Wrongful" hiring
Potential considerations
•Was a complete
screening completed
on potential
applicants?
•Were provincial
human rights laws
observed?
•Is there a set
probationary period?
•Were promises made
to the candidate that
cannot be honored?
•Did the employee sign
off on the policies and
contract of
employment before
being hired?
33
HR Activity
Potential Risk
Occupational Health•Environmental
and Safety
•Personal injury or
death
Potential
considerations
•Do we provide safe
working conditions
and do we conduct
safety checks
regularly?
•Do we provide
adequate training
for staff?
•Do we ensure the
use of appropriate
clothing and safety
equipment?
•Do we have
adequate policies,
procedures, and
committee in place?
34
HR Activity
Employee
supervision
Potential Risk
Potential
considerations
•Abuse
•Reputation in the
community
•Release of personal
information
•Do we provide
sufficient orientation
and training?
•Do we provide
adequate
supervision
(especially for
activities that occur
off-site or after
hours)?
•Do we have a
performance
management
system in place?
•Are personal
information
protection
guidelines followed?
35
HR Activity Potential Risk
Employee
conduct
Potential considerations
•Abuse
•Do we have clearly written position
•Reputation in the descriptions for all positions?
community
•Do we follow up when the parameters
of the job description are not
respected?
•Do we provide thorough orientation
and training?
•Do we provide an employee
handbook?
•Do we have comprehensive policies
and procedures?
•Do we provide ongoing training about
our policies and procedures?
•Do we retain written records of
performance issues?
•Do we ensure that organizational
valuables are secure?
•Do we have cash management
procedures?
•Do we have adequate harassment
policies and procedures?
36
HR Activity
Exiting
employee
Potential Risk
•Property
•Reputation in
the community
•Compensation
Potential considerations
•Do we retrieve
organizational information
and equipment that a
dismissed employee used
(especially from home)?
•Do we ensure that all
access codes, passwords, etc
are de-activated?
•Do we conduct an exit
interview?
•Do we record lieu time and
vacation balances?
There is a connection between risk management and liability.
Therefore, it is very important to obtain legal advice about
your risk management plan.
37
The risk management process
Risk management is a cycle. That means that it is
not something that gets checked off a "to do" list
but it is a continuous activity.
Having a risk management process means that
your organization knows and understands the
risks to which you are exposed.
It also means that your organization has
deliberately evaluated the risks and has strategies
in place to remove the risk altogether, reduce the
likelihood of the risk happening or minimize
harm in the event that something happens.
38
The risk management process (Cont.)
At a very basic level, risk management focuses
you on two fundamental questions:
1) What can go wrong?
2) What will we do to prevent the harm from
occurring in the first place and in response to
the harm or loss if it actually happens?
39
Identify the risks
The very first step is to identify the risks.
Ask yourself what can go wrong.
Every activity of an organization poses a risk so
brainstorm and document the risks.
Consider both the general risks (that could
happen to any organization) and the risks specific
to your organization.
40
Identify the risks (Cont.)
Risks can be:
- Abuse that is either one-time or ongoing
(physical, emotional, psychosocial, sexual,
financial)
- Personal injury
- Medical
- Environmental
- Property
- Financial
- Reputation/goodwill
- Other
41
Involving staff, volunteers and board members in
the risk identification process will give you a
comprehensive picture of the risks based on
different people's involvement in different areas of
the organization.
You may also wish to engage the services and
opinions of an accountant or a lawyer.
42
Assess the risks
If you have done a thorough job of identifying
risks, you may end up with a long (and
overwhelming) list.
The next step is to assess each of the risks
based on the (1) likelihood or frequency of
the risk occurring and (2) the severity of the
consequences.
Using a risk map to plot the likelihood of
occurrence and the severity of the
consequences will help you prioritize your
next steps.
43
Develop strategies for managing risks
•Consider the most appropriate risk
management strategies for each identified risk:
1) Avoidance - Stop providing the service or
doing the activity because it is too risky.
2) Acceptance - Some risky activities are
central to the mission of an organization and an
organization will choose to accept the risks.
44
3) Modification - Change the activity to reduce the
likelihood of the risk occurring or reduce the severity of
the consequences. Policies and procedures are an
important part of this risk management strategy
because they communicate expectations and define
boundaries. Learn more about writing policies and
procedures.
4) Transfer or sharing - Purchase insurance or
transfer the risk to another organization through signing
a contractual agreement with other organizations to
share the risk (for example, having a contractual
agreement with a bus company to transport clients
rather than staff driving clients).
45
Implement
When you have decided which risk management
strategies will be the most effective and affordable for
your organization, practically outline the steps and who
is responsible for each step in the risk management
plan.
Communicate the plan and ensure that there is buy-in
from all who are involved in the organization (staff,
volunteers, clients, other relevant stakeholders).
Provide training for all organizational staff and
volunteers so they understand the rationale of the risk
management plan as well as the expectations,
procedures, forms, etc.
46
Monitor
Consider the following questions and
document any changes to the plan:
• Is your plan working?
• Have your risks changed?
• Have you expanded or reduced your programs
and services?
• Are changes or updates required?
• Are staff and volunteers following the risk
management plan?
• Do they need re-training on the details?
• Do we need to better communicate the plan?
47
Risk management is an evolving field.
Therefore, it is a good practice to keep
current and re-evaluate your organization's
risk management system on an annual basis.
48
Who is involved in the risk management
process?
Risk management is a large and important
undertaking. There must be commitment from
the board to commit the financial and human
resources.
In larger organizations, a risk management
committee, team or department may be formed
to handle the risk management process.
49
Who is involved in the risk management
process? (Cont.)
In smaller and medium sized organization, the
responsibility for developing and implementing a risk
management process will likely fall on the executive
director.
However, paid staff, volunteers - and potentially clients
and other stakeholders - will be very helpful partners in
identifying risks and developing effective strategies to
deal with the risks.
Once the risk management process is in place,
everyone in the organization has a role to play from
identifying risks to following policies and procedures to
completing forms and reports.
50
Resources:
HR Planning - Risk Management in HR
http://hrcouncil.ca/hr-toolkit/planningrisk-assessment.cfm
Devising risk management in human
resources
http://www.deccanherald.com/content/1
65365/devising-risk-managementhuman-resources.html
51
Thank you for listening
52