skip to main content
Insurance Basics

Why a risk management program is important

company view from outside

With mounting competition and globalisation, you may be facing skill shortages, rising costs, and a more complex business environment than ever before. Add to that an increasing reliance on digital technology and a growing number of natural disasters, and you can see why small and middle market businesses use a risk management program to assist in minimising the risks they face.

If you don’t have a risk management program in place already, here are some areas where your business may be vulnerable to risks, and some basic recommendations for certain steps you can begin to take to help prevent or minimise them.

  1. Your operations and property:

    • Install a sufficient number of smoke detectors for your facility and have a qualified contractor inspect and test them every 12 months.
    • Use, store, and dispense of flammable or combustible liquids properly.
    • Ensure electrical systems are working properly, including scanning the main junction box every three years, and replace any extension cords with permanent wiring.
    • Maintain clear, unobstructed walking and work spaces.
    • Make sure employees and guests utilise appropriate personal protective equipment as necessary.
    • Ensure machinery has appropriate guards and documented lockout/tagout procedures.
    • Provide a safe and controlled reception space for guests and customers.
  2. Your employees:

    • Include background checks and employment history verification when hiring.
    • Train new employees and all employees annually on corporate policies, safety programs, information management, and emergency response. Document when training is complete.
    • Make sure you have an ergonomic program in place.
    • Develop, review, and test your emergency evacuation plan every 12 months.
    • Establish policies and safeguards to protect against fraud and theft.
    • Use a security system that easily removes access for former employees and contractors.
    • Train employees to properly use and maintain personal protective equipment.
  3. Severe weather:

    • Develop a Business Continuity Plan and Emergency Response Plan and review them annually.
    • In a cyclone zone: Plan how you’ll secure loose outdoor fixtures, equipment, and storage; instal cyclone shutters; and give employees time to safely evacuate and protect their own homes. Read more tips on how to prepare for cyclones.
    • In an earthquake zone: Inspect building for structural weaknesses. Secure racks, shelving units, and furniture to the floor or walls, and instal protective film on windows.
    • In an area prone to bushfires: Establish a 50-metre defensible space around your building. Irrigate plants around buildings and minimise combustible exterior storage. Read our top 10 bushfire safety tips.
    • In a flood zone: Have appropriate materials on hand (sandbags, flood walls, etc.), move critical assets to at least one foot above Base Flood Elevation, and instal controls to prevent chemical and pollutant release.
    • Have a qualified roofing contractor inspect your roof each year.
  4. Health emergencies:

    • Include a health emergency plan in your general business continuity preparation.
    • Outline both your response and the steps you’ll take for business recovery in the event of a severe health emergency, such as a viral outbreak or other major disease event.
    • Partner with your Human Resources team to determine alternative working models for employees, such as remote working.
    • Educate employees on hygiene protocols and methods for protecting themselves from infection.
  5. Your IT systems and technology:

    • Create a Cyber Security Plan with assistance from a qualified IT security professional using accepted cyber security standards for your type of operation. Include communications and cyber connections with customers and vendors.
    • Design and test an Incident Response Plan and a plan to manage ransomware attacks.
    • Regularly back up critical data and system information off site and test its recovery.
    • Train your staff annually on strong passwords, social engineering/phishing, and protecting sensitive information.
    • Control access to sensitive data including personal, health, and business information.
    • Make sure manufacturing systems that rely on operational technology have dedicated cyber security control mechanisms to prevent intentional sabotage as well as accidental mistakes by workers and trusted third parties.

This content is brought to you by Chubb Insurance Australia Limited (“Chubb”) as a convenience to readers and is not intended to constitute advice (professional or otherwise) or recommendations upon which a reader may rely. Any references to insurance cover are general in nature only and may not suit your particular circumstances. Chubb does not take into account your personal objectives, financial situation or needs and any insurance cover referred to is subject to the terms, conditions and exclusions set out in the relevant policy wording. Please obtain and read carefully the relevant insurance policy before deciding to acquire any insurance product. A policy wording can be obtained at, through your broker or by contacting any of the Chubb offices. Chubb makes no warranty or guarantee about the accuracy, completeness, or adequacy of the content. Readers relying on any content do so at their own risk. It is the responsibility of the reader to evaluate the quality and accuracy of the content. Reference in this content (if any) to any specific commercial product, process, or service, and links from this content to other third party websites, do not constitute or imply an endorsement or recommendation by Chubb and shall not be used for advertising or service/product endorsement purposes. ©2020 Chubb Insurance Australia Limited ABN: 23 001 642 020 AFSL: 239687. Chubb®, its logos, and Chubb.Insured.SM are protected trademarks of Chubb.

Contact us
Contact us

Have questions?

Contact a broker today.