Risk Management Demystified

May 2009

Having an understanding of the basic professional risk management tools that can be implemented and the benefits they can deliver can demystify the concept and hopefully motivate firms to develop their own risk management policies and procedures.

First; we need to understand what it is we are trying to manage; AS/NZS 4360:2004 defines risk as the chance of something happening that will have an impact on objectives. A simple definition of risk management is: “the implementation of proactive measures in order to reduce risk”.

Second; it is important to understand why we should improve the management of professional risk, this can include:

Consumer protection and avoidance of injury or loss;

Your customer’s loss equals your loss therefore through improved risk management you can reduce the prospect of consequential loss or injury to third parties who rely upon your professional services.

Sensible business practice;

Managing your risks can not only avoid costly mistakes, but aligning your risk management with your business objectives can also deliver significant commercial rewards. These can be through systemisation, efficiency gains and increased capabilities. Incorporation of risk management philosophies into your business encourages a philosophy of continual improvement that forces you to regularly assess your business performance.

Risk Management becoming mandatory?;

Professional bodies, Regulatory Authorities and even clients are increasingly mandating that documented risk management policies and procedures exist and are operational. Membership of Engineers Australia’s Professional Standards Scheme requires you to demonstrate that you have in place risk management systems which, as a minimum, address several core risk management components.

Third; one must understand how to manage risk. This is generally accepted as a systematic process of Identifying, Quantifying and Treating risks. The objective here is to rank or prioritise those risks in your business and then implement strategies to control, eliminate, avoid or transfer those risks. 

Exposure to risk for most consulting firms fall under the following key headings:


Clients are frequently the cause of many claims – whether they are the source or simply the cause which generates a third party action. This can be due to a level of sophistication that is too high or too low, their size, whether they are constantly meddling in the project or simply too demanding.

You can develop strategies to assess and manage your client relationships taking into account such factors as dependency & influence, ability to pay and level of difficulty of maintaining the relationship. One of the most useful strategies could be the implementation of client selection criteria and a checklist to assess potential clients.

The Brief

The lack of a formal brief also is the cause of significant difficulties when things go wrong.

Strategies could include systems or procedures for managing client expectations; using standardised procedures for assessing variations to your brief; including specific monetary limits of liability; and the establishment of standard terms and conditions that form part of every fee proposal and which operate until replaced by a signed formal contract.


Understanding and maintaining a record of your core competencies, capabilities and resources available can not only assist in the promotion of your areas of expertise but also in the avoidance of projects outside your competency. Your pre-assessment of sub-consultants can avoid costly mistakes arising as a result of a selection made in haste.

Analysis of Project Exposures

Traditionally this area of risk has been the main focus of professional engineering firms. You could establish strategies that include procedures for assessment of:

  • Project/design complexity and the level of technical innovation required;
  • Certification/risk allocation - procedures for assessment of the nature of the role undertaken and the liability implications of the role;
  • Contractual liability: the use of standard terms of engagement or a systemised process for assessing client drafted contracts to manage your liabilities;
  • Peer review of designs, computations and even drawings;
  • Checklists to ensure compliance with your own procedures.


Some contracts are simply not commercially viable leading to all parties to become embroiled in a legal dispute when things go wrong and therefore they should be avoided. Risk management strategies can include the assessment of feasibility and returns of the brief, credit control and security of payment. Non payment of fees after a project is complete is often the cause of a dispute leading to allegations of a breach of professional duty;

Service Delivery

Maintaining policies and procedures to manage service delivery risks can deliver significant efficiency benefits through systemisation of standard processes including: scheduling/timetabling, budget & cost control, sub consultant management, report delivery (templates), design team coordination and performance monitoring.

Communication Protocols

Like most relationship breakdowns, lack of communication can be at the centre of the problem and commercial disputes are no different. How you propose to manage the lines of communication between client and you the consultant, the contractors and other interested parties can be critical. How you communicate potential problems, the frequency of communication and incident management are all worthy of developing strategies.

Document and Record Management

If you can rely upon clearly documented discussions, designs and drawings you have a solid position to defend any accusations of wrongdoing. Having ready access to these documents is also critical. Identify strategies for how you are going to retain documents, where they are to be kept and how long they will be stored.

Business Planning

Whilst not often readily considered a Risk Management strategy the overall development and ongoing monitoring of your Business Plan is a critical risk management function. Issues to consider include Contingency Planning; Succession Planning; the analysis of threats and weaknesses; and a strategy for growing your business to ensure it remains strong and financially viable.

If after reading the above, it all seems too daunting you are fortunate that some of the hard work has already been done for you through the creation of the Risk Management Strategies Guide. This guide is available free of charge for existing BRIC clients, contact us for details.

The task of developing and documenting risk management strategies is often left in the too hard basket or deferred because of the perceived complexity of the subject. Darren Pavic provides an introduction to risk management and an overview of the elements to be considered for incorporation into your risk management strategy.



Specialist Insurance Brokers