Sample Management Paper on Security and Risk management

Safety Management Program

The purpose

Security and risk management refers to the process whereby losses that are associated with the employees or visitors are identified, evaluated and reduced. These losses may also be related to loss or damage to properties and other facilities that may make an organization to incur legal liabilities.


Risk oversight management would be a responsibility of an overall body which in most cases is the board of directors. The responsibility of risk management maybe delegated to any senior staff or the chief executive officer


Risk and safety management program must involve review of the areas that might be the sources of hazards or risks involving the visitors or the staff members. A committee must be selected to oversee the system of reporting incidences of risks areas and must make good use of information collected by other groups. The undesired occurrences must be reported at once. The selected committee would be responsible for quality improvement and must make necessary steps to ensure that data collections in areas of potential risks are accurate and reliable.

The accomplishment of this task requires that the risk manager of the organization develops and maintains the risk management program. For the program to be a success, the committee members must be involved in the collection of reliable and accurate data at the initial stages. Some of the programs that are necessary include the insurance for malpractices coverage and other programs that might impact

The chief executive officer or the risk manager could appoint someone to the area of safety and risk management. He would be expected to make reports frequently on the state of the organization regarding various risks. The risk manager would review these reports on regular basis and determine the organization’s exposure to certain risks. The manager would then be expected to give precise recommendations to the chief executive officer. Recommendations could be on building and automobile coverage, general liability and malpractices, training or need for new workers.

The insurance identified as one of the requirements for a successful risk project must have detailed outline. The list generated would be a life-savor to any organization that has a risk management platform. The list includes the following:

Commercial Insurance

  1. Automobile
  2. Casualty and property
  3. Business interruption
  4. Errors and omissions
  5. General liability
  6. Crime
  7. Inland marine
  8. Benefits and workers compensation



Training programs

  • Confidentiality programs
  • Safety programs
  • Security programs
  • Compliance to OSHA training

Risk Management Strategies

For the organization to the risk and safety management systematically, the committee must utilize the following aspects in risk management.

  • Risk identification
  • Risk analysis
  • Risks treatment
  • Risk evaluation

Such kind of model would assist the committee to prioritize activities for risk management and ensure that the organization employees a comprehensive effort towards the management of risks in an organization.

Identification of Risk

Identification of risks is considered as the process by which staff working in an organization become aware of the potential risk factors that may lead to the organization incurring losses. There are various informational services that could be used to help members of staff identify and reports risks more efficiently. These services would include but not limited to the following:

  1. Performance improvement
  2. Visitor and staff complaint report
  • Peer review activities
  1. Trends identification through the organization’s reporting system
  2. Discussions between staff and the management

Risk Analysis

The process of risk management that mainly involves determining the potential areas that might lead to occurrence of an already identified risks and the likelihood of their occurrences. Risk analysis helps the risks management committee to establish the most serious hazards that need immediate attention. These identified risks would also guide them on choosing the best strategy in the treating the identified risk.

Risk Treatment

This is a term that describes the use of the available choices made available to the staff and the management for the purposes of handling risks in the company. The major strategies used in risk treatment in clued the following:

  • Risk acceptance:- this is the assumption of the potential loss from an identified risk and finding plans that could be used to  shield the organization from the loss
  • Risk avoidance: – this happens when the identified risk carried serious threat that the organization would not be able to reduce. Any measures that might lead to such risks are therefore dropped and avoided.
  • Risk minimization or reduction: – this involves the use of strategies that reduces the consequences of any given risk or their frequency, without avoiding the risk totally. Some of these strategies used in this case include; policy revision, employee reduction, among other preventions. The organization usually chooses the one that would best suit the needs of the time. In some case, a combination of these strategies are used together to manage situations within the organization.

Risk Management Evaluation

This is the last step in the process of risk management. It involves the assessment of the strategies used in the identification, analysis and treatment of the risks to establish their effectiveness. After the assessment then it would be decided whether more actions should be taken or just left the way they are. When the strategies have recorded improvement in the risk management then the organization could use them from time to time to make improvements in the area of risk management.

Elements of Risk Management Plan

Risk management program of an organization is usually concerned with a number of situations and issues that are likely to be the main sources of losses and liability. The management plan must address the following areas

Employee-Related Risks

The employees are very crucial part of the organization and the management must ensure that they have a safe environment to enable workers to work safely. The risk manager could also recommend for the management to reduce risks of injuries and occupational illnesses. The management should also provide workers with compensation and treatment in such times. The management must also ensure that there are no case of discrimination in terms of recruitment, promotion and hiring of new staff members.

The management must put in place the mechanism to reduce or prevent the risk identified earlier. Emergency preparedness plan must be developed and implemented to shield employees from adverse effects of the potential risks and lastly, the organization must ensure that it carried out regular quality improvement exercise to reduce risks and to improve employee care.


Annual Appraisal

Program appraisal is a must in any program. The effectiveness of the risk management strategies, the scope of the program among other areas are reviewed annually, recommendations made, approvals done where necessary and implemented as required by the law. This is usually done once per year and hence the name annual reprisal.

Risk Management Program of Corporate


The CEO and the board of directors must strive to ensure that employees, customers and visitors are in a safe environment by establishing an effective risk and safety management program.

Responsibilities and Duties

The chief executive appoints the risk manager. The risk manager must be qualified and well trained because he or she would have the responsibility of developing, implementing and monitoring risk management program as well as the creation of risk management committees. The manager would also have the responsibility for the co ordination of investigations on situations and incidences such as the review of existing strategies, interviews with significant personnel, policy and procedure reviews he deems necessary and appropriate for the safety in the organization.

Risk management programs for corporate should be based on monitoring and evaluation in the following aspects:

  1. Centre experience and other events
  2. Customer care occurrence
  3. Indicated applicable regulations
  4. Indicated applicable laws
  5. Acceptable occupational practices as indicated.

Monitoring of the above elements should enable the risk manager to carryout identification, evaluation and reduction of potential risks of loss or injury to the employees, visitors or customers of the organization. The reports on the risk management are to be presented to a committee responsible for the continuous quality improvement, which shall in turn present it to the board of directors.

The risk manager must consult with chief executive officer as required to ensure that everything is done according to the company’s expectations. There should be an operational understanding between the risk manager, human resource manager and continuous quality improvement committee to allow smooth exchange of information among them. This is very important as it supports a strong risk management program. It is also the duty of risk manager to ensure that the risk management is on the safety community and all other communities that are associated with safety in the organization.

Committees formed under risk management policy are allowed to make recommendation on policy, protocol changes and procedures that might reduce risks in the organization. These recommendations could be policies, protocol and procedure, unless the chief executive officer or department director overrules it through writing. Risk manager is allowed to participate or be present in existing educational programs and may provide consultation and advice through a legal administrator on the emergent issues in the organization

Any incident reporting policy established through risk management program must be complied with by all departments in the organization. These departments are also expected to provide full cooperation during the investigation of various situations and incidents.

Risk Management Committee


Board of directors approve the risk management committee through the chief executive officer of the organization


The committee has various functions among them, is to provide timely reviews on important situation and incident reports avail a means in which crucial incidents trends and provide a means of determining risks and providing the best strategies for dealing with the risks.


The risk manager chairs the risk management committee. The manager is appointed by the chief executive officer. The committee includes representatives from various groups such as:

  1. Board of directors
  2. Executive staff
  3. Legal department
  4. Safety
  5. Risk management
  6. Continuous quality improvement

A proxy is allowed to represent any member who is unable to attend the meeting


The committee should meet monthly on regular basis and on scheduled meetings. The minutes of the meetings must focus on the steps taken to ensure that people are protected much more in the future than at present. The committee would also consider the recommendations made on matters related to risk management. The risk management committee shall semi-annually review all the policies and existing procedures and the corresponding state and federal requirements to ascertain compliancy at all times.

Other functions of the committee include the establishment and implementation of risk identification, treatment, evaluation and monitoring systems. The committee shall also identify resources of data, develop communication lines, and evaluate problems to ascertain the necessary action and to monitor the effectiveness of the corrective measures taken. The committee advises chief executive officers on the matters of procedures and policy and develops educational programs that would reduce liabilities in the organization.

The risk management committee reviews and investigates employee incident reports and then makes recommendations on the necessary steps and programs to prevent future occurrence of the same incidents. They could even call employees or any other personnel with knowledge on the incidents being reviewed and could also request for any document related to the incident. The committee could then make recommendations to the management to improve organization, customer care, policy and procedure. However, the committee must take all precautions to ensure that their reports remain confidential and only seen by the authorized people.

Committee on Continuous Quality Improvement


The committee is designed mainly for the purposes of monitoring and evaluating the appropriateness and quality of customer care. It acts as the oversight body for the professional practice, safety, risk management, staff credentialed, and infection control and quality improvement.




The plan for the continuous quality improvement is designed for the purposes of fulfilling the responsibility the organization has for its employees, community and the customers. This plan coordinates and integrates all risk management and continuous quality improvement activities by initiating cooperation with other relevant entities to identify ways of improving the quality of safety measures put in place mainly through assessing, evaluating, concluding, giving recommendation and follow-up activities


The goals of the community include development of appropriate safety standards, systematic monitoring and evaluation of the strategies put in place to ensure safety in the organization, check on compliance and the outcomes of strategies used. The committee also aims to identify patterns and trends of risk management and then see how best to deal with safety issues and to provide time and relevant training to members of staff regarding potential risks. The committee also ensures that there is a reduced financial liability and actual risk to the people in and around the facilities.

Injury, Accident or Illness Report


Illnesses, injuries or accidents to employees or incidents and events that might cause injury to the employees shall be reported to ensure the employees get proper treatment and further measures shall be taken to ensure that such incidents never happen again.


  • Serious illness or injury that might be life-threatening shall be reported immediately to officer in charge
  • Injuries shall be reported by the employee themselves to their respective supervisors. It can be reported by phone or by person. In case the employee cannot report by himself then another employee should report immediately
  • Non-emergency illness or injury would be attended to by the resident nurse
  • The supervisor shall notify security guard after he is notified of the injury or illness. The guard would relevant forms for record keeping
  • The injured employee would confer with human resource department regarding compensation rules