"I was very impressed with the level of risk management maturity that

was visible during our visit ... every person engaged during the visit was
able to speak logically about risk and control and more importantly how
it impacted their work environment.”
Independent Auditor, ABC Mining, 2012

It is a great success when risk is handled smartly across all levels of a complex
business. ABC Mining (not its real name) had been striving to leverage best-
practice risk, compliance, operations and maintenance knowledge to improve
material risk management and general business performance.
Significant technical and administrative effort had been expended to align a
range of risk management data sources and processes across all operations, but
the tools used were fragmented and only increased the burden on risk practition-
ers and compromised risk governance, with failures evident in data collection,
alignment and distribution; dual accountability and gaps in the risk governance
Alex Apostolou, processes.
Meercat, 2012
Using the RiskView solution, Meercat and ABC Mining were able to col-
laborate on a new strategy to guarantee the integrity of risk management. After
implementing this step change, the Auditor’s Report stated the most notable
achievements as follows:
- The improvement in Risk governance and the control environment was significant
over an 18 month period.
- Standardisation of Risk Management, risk documents, risk governance and assur-
ance processes.
- Improvement in Critical control effectiveness
- Performance standards capability to link with the ERP (through a URL) as part of
the wider ERP roll-out project, hence ensuring no duplication and/or data integ-
rity issues with the transition into the ERP.
- Appointment of Critical control owners, and assignment of accountabilities within
RiskView under the My Controls and My Risks sections.
ABC Mining is a fully integrated mine to market business comprising mines,
and processing plants:
Site A – an open-cut mine and other facilities.
Site B – an underground mine and other facilities
Site C – a processing plant.
Site D – a second processing plant.
ABC Mining was so impressed with the achievements they prepared a detailed
case study for circulation within their broader corporate community. That case
study is presented here, with minimal changes to protect our client’s identity.
 Case Study
Risk Management Change at ABC Mining
During the CY2010 company-wide audits, risk manage-
ment at two of our Operations (Site D and Site B) were
rated Require major improvement, and two (Site C, Site A)
were rated Require minor improvement.
Overall these gaps related to significant weaknesses in the
risk management systems and processes, data integrity and
standardisation.
With the identified failures in data collection, alignment
and distribution, and risk management process integrity,
a new strategy was developed with the objective to imple-
ment a step change to the risk management process at ABC
Mining.
The maturity curve below (on page 3) was re-assessed and
the new risk management strategy aligned to ensure top
quartile risk management performances are achieved at the
end of FY15 (vs FY17 previously).
During November 2010, the ABC Mining Risk Manage-
ment Team began the process of consolidating all risk data,
optimising risk processes, and configuring RiskView to
deliver the business outcomes required, ensuring standardi-
sation of the Risk Management system across all Operations.
The design principles of RiskView were aligned to the
ABC mantra of Clarity, Ownership and Efficiency.
With a host of early successes during the implementa-
tion, the Management Team made the decision to include
all other general business risks, with the result that we now
have a simple, consistent, integrated and open platform
which is shared with all employees across all operations.
Employees now help themselves to risk and risk-related data,
accessing bowtie diagrams, reports, initiating Critical Con-
trol Performance Standard reviews and the like, with little or
no training.
Page 2 www.meercat.com.au Meercat RiskView Case Study
Nine months later, the results in terms of speed of take-up,
simplified processes, data uniformity, increased risk aware-
ness and accountability and improved performance are
being realised.
An Independent Audit in March 2011, rated ABC Mining
Risk Management as Well-Controlled. The audit report stated
as follows:
The Risk Management function at ABC “has undergone
significant positive change in the period leading up to our
internal audit”.
The opportunity afforded by a restructuring of the func-
tion that was necessary to align with the Corporate operat-
ing model, and in response to previous audit findings of the
operations, ABC initiated a detailed project plan to improve
and standardise their risk management processes.”
In addition, ABC Mining Risk Management Group re-
ceived three comendations, of which one was the implemen-
tation of RiskView.
“To facilitate the required improvement in their Risk
Management processes, ABC have approved the purchase
and implementation of RiskView, an integrated Risk Man-
agement solution.
During the audit, we were provided with the opportunity
to assess the system’s capabilities in supporting ABC’s risk
management activities and maintaining compliance with
ABC’s overall Risk Management framework.
The system can be accessed directly from the user’s desk-
top, and provides the following functionality:
a) a consolidated database of all risks, causes, impacts
and controls (separated into preventative and mitigating)
identified within the business, which eliminates duplication
 as risks are entered into the system and then the relevant
causes and controls can be selected from the existing data-
base and linked to the risk where applicable;
b) bow-ties and Control Self Assessments are presented
in an identical format to that currently used within ABC;
recording of designated owners for all
risks, controls and tasks/activities;
c) monitoring and reporting of tasks
100
and activities, including the flagging of
those due or past due. Reminders of ac-
tions due are automatically presented to
the responsible person on their desktop
when the system is accessed;
% completed
d) a central repository for all risks
that can be accessed by any delegated
user across the business, thereby provid-
ing “one version of the truth” and
e) formal risk reporting for both
internal and Risk and Audit Committee
purposes.”
During the recent follow up audit at ABC Mining, four
recommended practices were noted. Three of these related
to Risk Management improvements, they are:
a) Standardised Risk Management processes across all
operations
b) Documentation of Risk controls and performance
standards
c) Implementation of Risk management plans across all
operations
The ABC Management Team visited Site C in March 2012.
Following numerous material risk reviews, the following
feedback was provided to the Board:
“I was very impressed with the level of risk management
maturity that was visible during our visit to Site C. Every
person engaged during the visit was able to speak logi-
cally about risk and control and more importantly how it
impacted their work environment. Perhaps most impres-
sive was the immediate response to queries about the risk
process specific risk/control which always lead to an in depth
conversation of improvement. It was very exciting to see the
ABC risk vision in action and playing an important part in
business success.”
The key driver of all these improvements has been
achieved through the implementation and application of
standardised risk management processes through RiskView.
Going forward, ABC Mining will further leverage its risk
management process to simplify the management of our
business, to sustain performance improvements across the
compliance spectrum, to optimise change management in
Meercat RiskView Case Study www.meercat.com.au Page 3
both operations and maintenance activities, and to consoli-
date the distribution of accountabilities.
Requirements Addressed
Implementing RiskView supports asset-wide compliance
with ABC’s Risk Management Policy, and specifically:
Risk Management Performance Improvement
80
60
% Performance Standards Completed
40
% RM Standardisation Completed
20
% Critical Controls > 80%
0
Nov-10
Nov-11
Mar-11
Mar-12
May-11
May-12
Jul-10
Jan-11
Jul-11
Jan-12
Sep-10
Sep-11
1) The risk assessment process is used in all operational
areas and consistently by all levels of the business;
2) All risks analysis and evaluation processes in accord-
ance with the defined risk assessment process.
3) Management of risk controls has been streamlined
with ownership being clearly demarcated, ratings
standardised, improvement tasks devised and tracked
where appropriate, and very importantly, all stakehold-
ers involved in risk management are focussed on the
same issues, using the same criteria and focussing on
solving the same problems.
Alignment with other Corporate Policies included:
a) Ensuring single point of accountability and compliance
b) Alignment to Corporate reporting requirements, and
simplification of the monthly reporting processes
c) Inclusion of the IMT, EMT and Business Continuity
management processes
d) Compliance with aviation risk requirements
e) Catastrophic and fatal risks protocol requirements
integrated with risk management (incl. Performance
standards)
f) Standardised and integrated Corporate HSE reporting
g) 5 year planning process adopted for Risk Management
process; and
h) Internal audit process compliance.
Tactical Benefits
The benefit of having the integrated risk management sys-
tem created greater understanding of the ABC Mining mate-
rial risk profile and critical control effectiveness. It is quick,
real time and standardised and focuses the Risk and control
owners on risk management activities and accountabilities.
While the materiality of many risks has been re-assessed,
and in some cases to a lower level, the key aspect of this
activity has been the increase in the standardisation of the
materiality assessments, governance and overall control
effectiveness verification. All risks and their critical controls
are now comparable using the same criteria, with the benefit
that anomalies are now identified and either explained or
Fall from heights — governed by a
common performance standard
eradicated. Audits, recommendations and improvements are
now being resourced consistently across the whole business.
The overall risk of information integrity was removed and
a single repository meant that other sources of informa-
tion (i.e. servers, CURA and MS Office spreadsheets) were
decommissioned very soon after the RiskView go-live.
Page 4 www.meercat.com.au Meercat RiskView Case Study
Project Implementation
The project commenced during November 2010. The
planning was completed based on the following design
principles:
a) Focus on delivering a solution aligned with the Corpo-
rate Risk Management Policy
b) Clarity - Web based. Available anywhere, anytime,
real-time data
c) Accountability - No gaps and overlaps, single point of
accountability for all risk and control owners
d) Controlled - Transparency of information, single re-
pository and standardisation across all operations and
functions based on the design principles.
Four potential solutions were identified:
i) CURA (was an existing solution, but had significant is-
sues providing an integrated risk management solution)
ii) Bowtie XP (customisation of the solution was limited
compared to RiskView, and had issues providing a fully
integrated solution)
iii) Stature (had proved too costly when other sites imple-
mented it)
iv) RiskView (selected based on lower on-going invest-
ment, customisation options and support. Also provid-
ed a fully integrated risk management solution includ-
ing an action tracker interface with existing software).
The Implementation Project began in June 2011 and went
live in September 2011. Alignment with the Corporate fun-
damentals were as follows:
a) The Asset (Risk Manager) now providing risk govern-
ance, assurance and verification, system and process
standardisation
b) The Operations now focussed on delivering Zero
Harm, Cost and Volume
c) Simplified processed to ensure effective and efficient
risk management processes
c) No overlaps of responsibilities and accountabilities
d) No known gaps in our Risk management system any-
more
e) Alignment with the ABC Corporate values
Notable Achievements
The most notable achievements were;
1) The improvement in Risk governance and the con-
trol environment. These improvements, as articulated
under the overview section, were significant as they
confirmed a significant improvement over an 18 month
period
 2) Standardisation of Risk Management, risk documents,
risk governance and assurance processes
3) Improvement in Critical control effectiveness
4) Performance standards capability to link with the
corporate ERP (through a URL) as part of the wider
ERP roll-out project, hence ensuring that there are no
duplication and/or data integrity issues with the transi-
tion into the ERP
5) Appointment of Critical control owners, and assign-
ment of accountabilities within RiskView under the My
Controls and My Risks sections.
The risk management process and maturity improvements
(following RiskView implementation) are reflected in the
graph below.
Challenges Overcome
This project replaced a combination of legacy systems
(CURA, MS Office and shared servers). The old systems
were extremely resource intensive and not sustainable when
managing a large material risk profile. They also created data
accuracy issues and inconsistency in the risk management
approach across the different locations.
Despite a history of common policies, there were signifi-
cant differences in how each site interpreted their obligations
and recorded their results, resulting in significant challenges
in migrating data into a uniform structure based on consist-
ent definitions. This issue was alleviated by the initiation of a
Risk Asset Level Document and a series of site-based, paral-
lel projects with the objective to bring all risk and control
assessments up to a standard review currency.
Meercat RiskView Case Study www.meercat.com.au Page 5
Due to a number of other initiatives underway at the same
time, resources were stretched, imposing deadline and cost
pressure. Because of the project team flexibility, we were able
to adopt a “just-in-time” approach to switching resources as
and when they became available. Having common structure
and data made balancing resources achievable.
Generally people struggle accepting system changes, but
with the implementation of RiskView, a thorough change
management process was followed to ensure alignment
across all the operations. It worked really effectively and all
operations were involved with the development and change
over to RiskView.
The graph on the first page clearly indicates a significant
step change in the number of material risks identified, Con-
trol self-assessment performance improvements, as well as
the development of Performance standards for all identified
critical controls. These improvements are being managed
through RiskView.
Aligning the Benefits
As a result of implementing and operating the ABC Min-
ing RiskView system, we have achieved alignment with our
Corporate Charter as follows:
Sustainability
1) Quantifying the health, safety, environment and
community risk inherent in all our business processes
and ensuring that sufficient resources are allocated to
achieve compliance with our objectives
2) Standardised and integrated HSE risk management
processes and systems

3) Risk management process through RiskView supports
integration of Risk Management with ERP
4) Standardised and integrated Critical control analysis in
RiskView (Ensuring visibility of Engineering/Systems
controls, filtering between HSE and non-HSE critical
controls, and last review date)
Integrity
1) Standardised risk management data, available through
a browser, with document control ensuring data integ-
rity, and availability at all times
2) Link Performance standards URL into the ERP, ensur-
ing one version of the truth
3) Risk Management (MFL and RRR) assumptions
aligned across ABC Mining and populated in RiskView,
displayed at the bottom of each Bowtie.
Respect
1) Communicating openly with all our employees and
encouraging them to help drive improvement across all
our practices and processes
2) The ABC Mining Risk Team now operates as a unit, all
working with the same information, sharing and learn-
ing and working together to standardise risk manage-
ment routines across ABC Mining
Page 6 www.meercat.com.au Meercat RiskView Case Study
Performance
1) Targeting resources to the treatment of risk based on
the consistent application of criteria across all business
areas and processes
2) Significant improvements made in Critical control
effectiveness, Risk Management standardisation and
completion of Performance standards for each of the
370 critical controls at ABC Mining
Clarity
1) Simplified our risk management processes to make
achieving compliance a goal that can be shared by all
employees
2) Protecting long-term shareholder value by increasing
visibility and manageability of all risks, allowing the
prioritisation of resources based on simple, accountable
and sustainable principles
3) Risk management system runs of the Portal, accessible
to all employees
4) Very basic training required to operate and navigate
through RiskView
5) Reporting simplified to run “real-time” exportable to
MS Office and Adobe PDF
Accountability
1) Clearly identifying, documenting and communicating
accountability pathways
2) Critical control owners are all formally appointed by
the respective General Manager / Head of Department,
and the Performance standard is linked to the critical
control
3) Appointed Critical control owners are matched in
RiskView and are held accountable to complete critical
control effectiveness audits and verifications. These are
tracked in RiskView
Leveraging the Lessons
Any operation with material risks can use this system. It’s
easy to configure and customise and provides an end-to-end
solution. Given the speed of implementation, the relatively
low cost, and the necessity of performing the data and
process alignment to achieve a unified and compliant risk
register, applying this activity could easily and beneficially
transfer to other single or multi-site Assets. RiskView is also
available in Spanish.
 Summary Outcomes
Eight months since RiskView went live within ABC Mining, our risk
management, compliance and reporting landscape has improved dra-
matically. For example:
1) We all use one tool to identify, assessment, analyse, manage, audit
and report on material risks;
2) All communication about risks, controls, audits, performance stand-
ards uses the same terminology, definitions and performance crite-
ria, so we are getting down to solving problems faster;
3) Any employee can access and review the latest information from
any of our risks, improving our transparency, accountability and
simplicity;
4) Best-practice can be identified and shared in minutes across all our
operations;
5) Producing the monthly and quarterly Corporate material risk report
takes 20 seconds instead of 2 weeks;
6) We have one version of the truth across all sites and on all risk is-
sues;
7) The recent Corporate audit has confirmed that risk management is
now Well Controlled and that RiskView and its implementation has
been recommended as leading practice;
8) On-going roll-out costs are minimal as little or no training is re-
quired for new users;
9) Risk management productivity has been dramatically improved;
and
10) The ABC Mining Risk management maturity curve has been acceler-
ated by 2 years.

Meercat RiskView Case Study www.meercat.com.au Page 7