[Risk Analysis and Review] [Part 2]
![[BCM] [SCS] [E3] [RAR] [T2] Treatment and Control](https://no-cache.hubspot.com/cta/default/3893111/6674daa5-e7eb-4719-a8d4-c0f109a97983.png)
This chapter outlines the risk treatment and control measures implemented by the Singapore Children’s Society (SCS) as part of its Risk Analysis and Review (RAR) process.
Building upon the threats identified in Part 1: RAR – List of Threats, this section evaluates how these risks are managed, reduced, transferred, or accepted through appropriate control mechanisms.
The purpose of this chapter is to provide a structured overview of how SCS mitigates the impact of disruptions that may affect its operations, staff, beneficiaries, and stakeholders.
This includes identifying existing risk treatments and controls, as well as additional controls planned to enhance organisational resilience further.
These measures support SCS’s mission to protect and nurture children and youth in need, ensuring continuity of care and community services during unforeseen events.
Table: RAR - Treatment and Control for Singapore Children’s Society
|
Threat |
Existing Risk Treatment – Risk Avoidance |
Existing Risk Treatment – Risk Reduction |
Existing Risk Treatment – Risk Transference |
Existing Risk Treatment – Risk Acceptance |
Existing Controls |
Additional (Planned) Controls |
|
Flood (Denial of Access – Natural Disaster) |
Avoid locating new premises in flood-prone areas. |
Install flood barriers and elevate critical equipment; maintain drainage systems. |
Property insurance covering flood-related damages. |
Minor water seepage in non-critical areas is tolerated. |
Emergency Response Plan, routine building inspections, and coordination with the landlord on drainage maintenance. |
Develop remote work capability for administrative staff; establish secondary site for essential operations. |
|
Fire (Denial of Access – Man-made Disaster) |
Prohibit the use of flammable storage in confined areas. |
Conduct periodic fire drills and maintain fire extinguishers. |
Comprehensive fire insurance coverage for premises and assets. |
Acceptance of minimal operational downtime during fire evacuation. |
Fire detection and alarm systems; evacuation procedures; staff fire warden training. |
Introduce automated fire suppression in key record storage areas; enhance training for new volunteers. |
|
Building Lockdown / Civil Disturbance (Denial of Access – Man-made Disaster) |
Avoid holding significant events in high-risk areas during unrest. |
Implement remote working capability for administrative functions. |
Insurance coverage for event cancellations or disruptions. |
Acceptance of short-term postponement for community events. |
Coordination with police and local authorities; crisis communication channels with staff and parents. |
Implement digital platforms for virtual counselling and education continuity. |
|
Infectious Disease Outbreak (Unavailability of People) |
Avoid large gatherings during high infection periods. |
Implement hybrid work and counselling arrangements; provide PPE and hygiene training. |
Employee medical insurance and group hospitalisation plans. |
Acceptance of reduced volunteer participation during outbreak peaks. |
Pandemic Response Plan; remote service delivery options; hygiene protocols. |
Expand digital mental health and counselling services; enhance health surveillance systems. |
|
Key Staff Resignation or Unavailability (Unavailability of People) |
Avoid dependence on a single staff member for critical functions. |
Cross-train staff and volunteers to perform key roles. |
Outsource HR recruitment functions to trusted partners. |
Accept transitional delay in less critical functions. |
Succession planning, updated job documentation, and volunteer support structure. |
Implement formal mentorship programme for staff retention and knowledge transfer. |
|
Vendor or Donor IT System Failure (Disruption to Supply Chain) |
Avoid reliance on a single vendor for payment or donor management. |
Maintain vendor SLAs and system backups; monitor IT performance. |
Transfer financial risk through contractual penalties and cyber insurance. |
Accept short-term donor data access delays. |
Cloud-based donor database; periodic data backups; alternative vendor contact list. |
Implement vendor risk assessment framework; introduce redundancy for payment gateways. |
|
Transport Disruption (Disruption to Supply Chain) |
Avoid scheduling central logistics during peak disruption periods (e.g., public holidays). |
Diversify transport providers and routes; use localised logistics support. |
Insurance coverage for transportation losses. |
Acceptance of minimal delay in non-critical deliveries. |
Pre-arranged alternative transport vendors; clear delivery protocols. |
Develop logistics continuity plans with multiple NGO and community partners. |
|
IT System Failure / Cyberattack (Equipment and IT-Related Disruption) |
Avoid outdated software and unsupported systems. |
Implement multi-layered cybersecurity, regular patching, and user access control. |
Cyber liability insurance covering data breach costs. |
Accept minor downtime during maintenance. |
IT Security Policy; endpoint protection; data backup and recovery plan. |
Establish Security Operations Centre (SOC) monitoring; conduct phishing simulation and awareness programmes. |
|
Power Failure (Equipment and IT-Related Disruption) |
Avoid overloading electrical circuits; proper facility design. |
Install Uninterruptible Power Supply (UPS) and backup generators. |
Facility insurance covering equipment damage. |
Acceptance of short-term lighting or air-conditioning outages. |
Emergency lighting systems; power restoration SOPs. |
Upgrade energy management system; implement solar backup power for key offices. |
![[BCM] [Thin Banner] Summing Up](https://blog.bcm-institute.org/hs-fs/hubfs/BCM%20Generic%20Banner/%5BBCM%5D%20%5BThin%20Banner%5D%20Summing%20Up.png?width=1920&height=250&name=%5BBCM%5D%20%5BThin%20Banner%5D%20Summing%20Up.png)
The Singapore Children’s Society’s approach to risk management and control demonstrates a comprehensive, proactive stance in maintaining operational resilience.
By integrating preventive, mitigative, and compensatory controls, SCS ensures the continuity of critical functions that support children and families across its centres.
The combination of risk avoidance, reduction, transference, and acceptance provides a balanced framework for managing uncertainty.
Furthermore, the ongoing implementation of planned controls, such as enhanced digital capabilities and strengthened partnerships, reinforces the organisation’s long-term resilience and adaptability.
These efforts align with best practices in business continuity management and uphold SCS’s mission to protect and nurture every child, even in times of crisis.
More Information About Business Continuity Management Courses
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [B-3] course and the BCM-5000 Business Continuity Management Expert Implementer [B-5].
![Register [BL-B-3]*](https://no-cache.hubspot.com/cta/default/3893111/ac6cf073-4cdd-4541-91ed-889f731d5076.png)
![FAQ [BL-B-3]](https://no-cache.hubspot.com/cta/default/3893111/b3824ba1-7aa1-4eb6-bef8-94f57121c5ae.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
