Jingga/Organization-Guide
1
0
Fork 0
mirror of https://github.com/Karaka-Management/Organization-Guide.git synced 2026-01-11 12:58:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3b61a05a03
Organization-Guide/Processes/05_HR_Risk Control Matrix.md

11 KiB
Raw Blame History

HR Risk Control Matrix

No. R Category Risk Event L C F Cause Mitigation Type Mitigation Strategy L* C* Changes Comments ES EY Evidences
1 DHR Operational Risk (HR) Unauthorized search for new employees. 1 1 Preventing (Manual) Only selected people can authorize the employee search. 1 1 yes yes
2 DHR Operational Risk (HR) Job postings are not posted according to the legal requirements. 1 1 Preventing (Manual) Job postings must be posted internally and at the agency for labor. 1 1 yes yes
3 DHR Operational Risk (HR) The job postings are inconsistent or miss important information. 1 1 Preventing (Manual) The DHR maintains a standard job posting layout. 1 1 yes yes
4 DHR Operational Risk (HR) The job postings are inconsistent or miss important information. 1 1 Preventing (Manual) The DHR maintains a standard job descriptions for the different positions which should be used as a basis. 1 1 yes yes
5 DHR Operational Risk (HR) Not matching applications are considered for the job posting. 1 1 Preventing (Manual) The HR department reviews every application and filters obviously mismatching applications. 1 1 yes yes
6 DHR Operational Risk (HR) Applications of candidates get rejected only because of minor mismatches. 1 1 Preventing (Manual) Minor mismatches are allowed if the candidate fits the overall position. 1 1 yes yes
7 DHR Operational Risk (HR) Applications are handled with biases. 1 1 Preventing (Manual) Applications are anonymized by the HR department. 1 1 yes yes
8 DHR Operational Risk (HR) Applicants don't receive a feedback leading to bad reviews. 1 1 Preventing (Manual) The HR department has to reject mismatching applications in a timely manner using a default rejection text. 1 1 yes yes
9 DHR Operational Risk (HR) Applicants are sanctioned. 1 1 Revealing (System + Manual) Applicants are checked by the HR department in a software for sanctions. 1 1 yes yes
10 DHR Operational Risk (HR) References of applicants are invalid. 1 1 Revealing (Manual) The HR department performs random checks of references. 1 1 yes yes
11 DHR Operational Risk (HR) Applicants are chosen despite majority differences in the selection committee. 1 1 Preventing (Manual) All selection committee members have equal voting rights. 1 1 yes yes
12 DHR Operational Risk (HR) Missing critical contractual aspects. 1 1 Preventing (Manual) The HR department has to use a sample contract which contains all important contractual standard aspects. 1 1 yes yes
13 DHR Operational Risk (HR) The applicant receives an unapproved contract. 1 1 Preventing (Manual) The DHR must approve a contract before it can be sent to the applicant. 1 1 yes yes
14a DHR Operational Risk (HR) An applicant gets employed who didn't get selected by the majority of the selection committee. 1 1 Preventing (Manual) The DHR checks if the applicant got selected through a majority vote by the selection committee. 1 1 yes yes
14b DHR Operational Risk (HR) The applicant didn't submit any credentials for aspects mentioned in their CV. 1 1 Preventing (Manual) The DHR checks if the applicant submitted the credentials for aspects mentioned in their CV. 1 1 yes yes
14c DHR Operational Risk (HR) The credentials are invalid. 1 1 Preventing (Manual) The DHR checks if the credentials were successfully verified (random checks) 1 1 yes yes
14d DHR Operational Risk (HR) The contract signed by the applicant is unaltered. 1 1 Preventing (Manual) The DHR checks if the contract is unaltered. 1 1 yes yes
14e DHR Operational Risk (HR) No or altered NDA is signed. 1 1 Preventing (Manual) The DHR checks if the unaltered NDA is signed. 1 1 yes yes
14f DHR Operational Risk (HR) No or altered CLA is signed. 1 1 Preventing (Manual) The DHR checks if the unaltered CLA is signed. 1 1 yes yes
14g DHR Operational Risk (HR) No or altered privacy policy is signed. 1 1 Preventing (Manual) The DHR checks if the unaltered privacy policy is signed. 1 1 yes yes
14h DHR Operational Risk (HR) Employee has a criminal record which prevent their employement. 1 1 Preventing (Manual) The DHR checks if criminal record certificate is negative. 1 1 yes yes
14i DHR Operational Risk (HR) Employee has sanctions which prevent their employment. 1 1 Preventing (Manual) The DHR checks if sanction check is negative. 1 1 yes yes
14j DHR Operational Risk (HR) The applicant tax id is missing. 1 1 Preventing (Manual) The DHR checks if the applicants tax id is available. 1 1 yes yes
14k DHR Operational Risk (HR) The applicant has no work permit even though it is required for this employee. 1 1 Preventing (Manual) The DHR checks if the work permit is available. 1 1 yes yes
15 DHR Operational Risk (HR) The contract for the applicant is signed by unauthorized personnel. 1 1 Preventing (Manual) The DHR only hands over the contract for signing to authorized personnel. 1 1 yes yes
16 DHR Operational Risk (HR) Training plans are inconsistent or miss critical components. 1 1 Preventing (Manual) A sample training plan must be used as a basis. 1 1 yes yes
17 DHR Operational Risk (HR) The employee is not completely trained. 1 1 Preventing (Manual) The employee must sign the training plan after completion confirming their training. 1 1 yes yes
18 DHR Operational Risk (HR) The employee doesn't receive any feedback regarding their performance. 1 1 Preventing (Manual) Annual employee evaluations take place by supervisors. 1 1 yes yes
19 DHR Operational Risk (HR) The employee evaluation and performance is not shared with the HR department which leads to problems during salary negotiations. 1 1 Preventing (Manual) The employee evaluation must be handed over by the supervisor to the HR department who store this evaluation in the employee file. 1 1 yes yes
20 DHR Operational Risk (HR) The employee evaluation doesn't take place. 1 1 Preventing (Manual) The HR department checks that all evaluations have taken place and reminds the supervisors. 1 1 yes yes
21 DHR Operational Risk (HR) The employee evaluation by the supervisor and the employees self-assessment are apart. 1 1 Preventing (Manual) The employee must provide a self-evaluation before the employee evaluation takes place which allows both sides to reconcile the differences. 1 1 yes yes
22 DHR Operational Risk (HR) The organization is unattractive for employees. 1 1 Preventing (Manual) Employees have a annual chance to create a anonymous company evaluation which gets evaluated by the HR department and discussed in the executive committee meeting. 1 1 yes yes
23 DHR Operational Risk (HR) The employee gets put on sanction lists after joining the company. 1 1 Revealing (System) All employees are checked automatically every day by a sanction software. 1 1 yes yes

Abbreviations

  • R: Responsible

  • L: Likelihood (1-5)

  • C: Consequence (1-5)

  • L*/C*: Likelihood and Consequence after mitigation

  • F: Frequency (many times a day, daily, weekly, monthly, annually)

  • ES: Effective

  • EY: Efficient

2022-01-01 - Version 1.0