By : Din Ayup 

As the Head of Department or an Administrator in an organization regardless of its size risk management must be given due attention. Upon receiving the letter of appointment or placement, the first step that must be taken is to identify the risks within the organization being led. How should these risks be identified? Do such risks already exist, have they occurred, or are they likely to occur? Being appointed as the Head of Department is a heavy responsibility that must be carried out with full dedication. Some departments come with significant challenges in terms of reputation, KPI achievements, and human resource management. There are also departments that may not face major challenges, yet the potential risks that could occur still need to be identified.

Assessing operational risks of the department and determining control strategies must be done as an initial step in navigating an organization, with evaluations conducted every six (6) months. Risk-Based Thinking is essential for Head of Department or Top Management to ensure that every action and decision taken does not negatively impact the organization. This approach is particularly important for organizations certified under the ISO 9001:2015 Quality Management System (QMS), as Clause 6.1 clearly outlines the PDCA (Plan, Do, Check, Act) methodology. An example of risk assessment in human resource management relates to the shortage of officers (Non-Academic Management & Professional) and support staff. A lack of manpower will affect the achievement of set KPIs due to increased workload and multitasking requirements, potentially leading to emotional strain and health issues among staff. Risk assessment to measure the level of existing risks such as emotional and mental stress among staff due to lack of work-life balance is crucial. Here, control strategies such as task restructuring, workload review, contract appointments, staffing warrant applications, and others become necessary.

The commitment of top management, especially the Head of Department, in managing risks such as reviewing risks and the action plans taken or to be taken adds significant value to one’s leadership in an organization. Without waiting for negative issues or incidents to occur, thorough planning and actions have already been discussed and monitored for implementation. For every issue encountered, necessary immediate actions are examined and monitored at the department level or escalated to the relevant office, especially those with authority.

Periodic or scheduled risk management reporting gives top management the advantage of assessing achievements or identifying challenges that need resolution. Through the risk register report covering issues, risks that have occurred, and the control or preventive measures taken presented during management meetings. Management can gain a clearer picture of whether is facing crises or risks, while also seeing opportunities for improvement. Structured reporting to higher management ensures that any issue or risk requiring attention and decision-making can be resolved or addressed appropriately.

As a large organization comprising multiple departments that provide various services and facilities, a coordinated and integrated effort to strengthen risk management awareness and understanding must be undertaken, involving the top management of every department. A comprehensive understanding of risk management whether related to operational risks, reputational risks, strategic risks, or occupational safety and health risks serves as added value for Heads of Department and Administrators, thereby enhancing their ability to effectively govern and navigate an organization, regardless of its size.

Date of Input: 10/12/2025 | Updated: 20/01/2026 | nm_aini