Shepway District Council Risk Management Policy

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Shepway District Council Risk Management Policy"

Transcription

1 Shepway District Council Risk Management Policy

2 Contents Section 1 Risk Management Policy Updates and amendments Definition Policy statement Objectives... 3 Section 2 Risk Management Strategy Introduction What is risk management? The benefits of good risk management Types of risk corporate, operational and partnership Risk management cycle Risk identifying, analysing and profiling Mitigating actions to control the risk Reporting and monitoring risk Risk review Responsibility for risk management Mitigating/ treating risk Accept/ tolerating risk Removal of risk from the register

3 Section 1 Risk Management Policy 1. Updates and amendments This policy and strategy have been updated to reflect changes to the council s internal processes, and best practice. Key amendments include: Updating the scoring matrix. Ensuring the risk timetable and risk responsibilities reflect the council s processes and structures. Updating the risk definitions, approach to risk tolerance and the approach to reviewing risk. 2. Definition Risk Management is the planned and systematic approach to the identification, evaluation, and control of risk. The objective of risk management is to secure the assets of the organisation and to ensure the continued financial and organisational well-being of the council. 3. Policy statement Shepway District Council is committed to adopting best practices in the identification, evaluation and cost effective control of risks to ensure that they are reduced to an acceptable level or eliminated, and also maximise opportunities to achieve the council s vision. It is acknowledged that some risks will always exist and will never be fully mitigated. All employees must understand the nature of the risk and accept responsibility for risks associated with their area of work. The adoption of this policy helps Shepway District Council demonstrate its commitment to a policy of managing risk wherever it may arise. 4. Objectives The council s risk management objectives are to: Integrate risk management into the culture of the council. Manage risk in accordance with best practice. Ensure compliance with health and safety, insurance and legal requirements as a minimum standard. Prevent injury and damage and reduce the cost of risk. Inform policy and operational decisions by identifying risks and their likely impact. These objectives will be achieved by: Defining the roles and responsibilities of officers and councillors in relation to risk. Including risk management issues when writing reports and considering decisions. Continuing to demonstrate the application of risk management principles in the activities of the council, its employees and councillors. Providing training as necessary. Maintaining documented procedures of the control of risk and provision of suitable information training and supervision. 3

4 Preparing contingency plans to secure business continuity where there is a potential for an event having a major impact upon the council s ability to function. Maintaining effective communication and the active involvement of councillors and officers. Monitoring arrangements continually and seeking continuous improvement. 4

5 Section 2 Risk Management Strategy 1. Introduction 1.1 Good risk management will help identify and deal with key corporate risks facing the organisation in the pursuit of its goals and is a key part of good management, not simply a compliance exercise. 2. What is risk management? 2.1 It is the process whereby organisations methodically address the risks attaching to their activities with the goal of achieving sustained benefit within each activity and across the portfolio of all activities. (A Risk Management Strategy by the Institute of Risk Management) 2.2 In layman terms, risk management is about ensuring that processes, projects, services and activities are delivered in the best possible manner, while reducing the probability of failure. 3. The benefits of good risk management 3.1 Good risk management supports the achievement of our objectives and has a crucial role to play in ensuring that Shepway District Council is well run. 3.2 The key benefits of a systematic approach to risk management are: Protects and enhances the reputation of Shepway District Council It provides a framework for future activity to take place in a consistent and controlled manner Enables improved decision making Contributes to a more efficient use of capital and resources Assists in the protection and enhancement of assets Optimises operational efficiency 4. Types of risk corporate, operational and partnership 4.1 Risk Management is integral to corporate planning, specific projects, and service management. Categories of risk to be considered are: 4.2 Corporate risks These are risks that need to be taken into account when looking at the medium to long term objectives of the council. These risks can be categorised as follows: Political those associated with a failure to deliver either local or central government policy. Economic those affecting the ability of the council to meet its financial commitments. Social those relating to the effects of demographic changes on the council s ability to deliver its objectives. Technological includes the consequences of internal technological failures on the council s ability to deliver its objectives. Legislative those associated with current or potential changes in national or European law. Environmental those relating to environmental consequences of progressing the council s corporate objectives. 5

6 Competitive those affecting the competitiveness of the service and/or its ability to deliver best value. Customer those associated with the failure to meet the current and changing needs and expectations of customers. Reputation those relating to public confidence and failure to recruit high calibre staff. 4.3 Operational risks These are identified and managed through the service plans which are written by Heads of Service and annually reviewed. These are risks that managers and staff will encounter in the daily course of their work and can be categorised as follows: Professional those associated with the particular nature of each profession. Financial those associated with financial planning and control and the adequacy of insurance cover. Legal those related to possible breaches of legislation, breach of contract, negligence, etc. Physical those related to fire, security, accident, prevention and health and safety. Contractual those associated with the failure of contractors to deliver services or products to agreed cost and specification. Technological those relating to reliance on operational equipment. Environmental those relating to pollution, noise or the energy efficiency of ongoing service operations. Human Resources those relating to staff issues. 4.4 Partnership risks Shepway District Council works with a range of partners to deliver services. It is important that those partners are brought into the risk management framework to ensure that risks to the council are not overlooked. The primary risks are: Financial failure to understand the potential financial liabilities associated with partnership arrangements. Reputation loss of public confidence. Contractual contract requirements not delivered. Legal failure to understand the potential legal liabilities associated with partnership arrangements. Service failure the associated risk of increased costs. 5. Risk management cycle 5.1 There are a number of steps in the cycle of identifying and managing risks within the council. These should be as follows: Identifying risks a need to identify the potential risks that may arise if informed decisions are to be made about policies or service delivery methods. Analysing risks available data should be used to provide information to help assess the probability of any risk arising or the potential impact on activities undertaken. Profiling risks risks can be profiled according to their probability and severity. 6

7 Prioritising action based on the approach to risk action determined on the tolerance and aversion to risk, balanced against the availability of limited resources. Determining action on risk a course of action can then be determined on whether the risk should be avoided, eliminated, reduced, transferred or accepted. Controlling risk once the appropriate action is determined for each risk, the process of controlling that risk can commence. This will either involve minimising/eliminating the risk and/or alleviating its potential impact. Monitoring and reporting on progress progress in managing risks should be monitored and reported so that losses are minimised and intended actions are achieved. Reviewing risk management needs to be seen as a continuous process. It is essential that the incidence of risk be reviewed to see whether it has changed over time. Review Identify Monitor & report Analyse Control Profile Action Prioritise 6. Risk identifying, analysing and profiling 6.1 Risk assessment is about asking: What can go wrong? What is the likelihood of it going wrong? What is the impact should it go wrong? What can be done to mitigate the risk? 7

8 6.2 This five point approach can be applied to decisions made every working day, at all levels of the council. The risk ratings then provide an overall ranking for each risk. 6.3 Risks are rated out of 5 for their likelihood and potential impact. These two figures are multiplied together to give the risk score. This is shown in the Risk Scoring Matrix below. Likelihood Definite Very likely Possible Unlikely Highly unlikely Negligible Low Medium High Very High Impact 7. Mitigating actions to control the risk 7.1 There are four ways to control the risk: Treat/ mitigate identify and put in place mitigating actions that reduce the risk to an acceptable level. Transfer the risk is transferred to a third party (e.g. contractual agreement/ insurance). The financial risk may be transferred, however a reputational risk may remain with the authority. Tolerate/ accept the level of the risk is low compared to the advantages to be gained by taking the course of action that involves the risk. Terminate stop the activity or function that gave rise to the risk. 8. Reporting and monitoring risk 8.1 The Corporate Risk Register is the document which requires the identified risk owner to provide a risk description, a risk score and an overview of the mitigating actions. 8.2 The Corporate Risk Register is updated three times a year. The risk likelihood and impact scores are reassessed and the mitigating actions are reviewed to ensure they are still valid. 8.3 Shepway District Council reports risk by exception. This means the risk register is focused on those risks that are changing and those that are high risk (scoring 16+). Risks won t appear on the register if the council has put in place the only mitigating actions available and risk is unlikely to change. This approach allows senior managers and members to focus on the key risks to the authority and its services. 8.4 Operational/ service risks are reviewed regularly at service or departmental meetings and are formally reviewed and reported in tandem with Service Plan updates. The risks associated with the achievement of the objectives in service plans are assessed by Heads of Service in conjunction with their teams and 8

9 approved by the relevant Corporate Director. Where operational/service risks are significant they are reported to CMT to be considered for inclusion in the Corporate Risk Register. 8.5 The timetable for reporting risk management is as follows: Three times a year provide updated risk register showing risks are being actively managed Annually o Review of the council s Corporate risks (responsibility of the Corporate Management Team) o Review the service risks as part of the service planning process o Review the risks of delivering services in partnership with other organisations. 9. Risk review 9.1 The following process is used to review the risk register: Review identified risks to determine that they are still relevant Review risk owners to ensure the correct people are named Review the controls which have been put in place to ensure that they continue to mitigate the risk Review the risk likelihood and impact to ensure the risk score is still accurate 10. Responsibility for risk management 10.1 Clear identification of roles and responsibilities is paramount to ensuring the successful adoption of risk management and its embedding into the culture of the council. Role and responsibilities are detailed below: Cabinet and Elected Members To oversee the effective management of risk throughout the council. To gain an understanding of risk management and its benefits. To require officers to develop and implement an all encompassing approach to risk management. To consider the issues contained with the council s strategic risk register. 9

10 Corporate Management Team To ensure that the council manages risk effectively through the development of a risk management strategy plus monitoring its implementation and development. To gain understanding of risk management and its benefits. To identify the council s key Corporate Risks and agree actions to mitigate against those risks. To promote risk management and oversee the implementation of the risk management strategy across the council. To agree any inputs and resources required supporting the work corporately. Policy and Engagement Team To support the council and its services in the effective development, implementation and review of the council s risk management processes. To ensure that the risk management processes are considered in accordance with the functions of Corporate Directors to the council as specified in the Finance Procedure Rules. To develop and promote, support and oversee the implementation of the risk management strategy across the council. To annually review the Risk Management Strategy and Policy, seeking approval from CMT, scrutiny and Cabinet should any significant amendments be required. To develop risk management controls in conjunction with Corporate Directors. To identify and communicate risk management issues to services. To assist services in undertaking risk management activity through training or direct support. Heads of Service/ Operational Management Team To manage risk effectively in their particular service areas, to consider risks to services being delivered in partnerships and to work with partnerships to develop partnership risk registers. To implement the detail of the risk management strategy. To recommend the necessary training for employees on risk management. To raise awareness with staff. To incorporate risk ownership through the appraisal scheme with employees. To share relevant information with colleagues in other service areas. To manage operational risk. Employees To manage risk effectively in their jobs. To liaise with their line manager to assess areas of risk in their job. To identify new or changing risks in their job and feed these back to their line manager. Attend risk awareness and management training as required. Be familiar with the council s Risk Management Strategy and to comply with Health and Safety procedures. 10

11 Audit and Standards Committee To provide independent assurance of the adequacy of the risk management framework and associated control environment. To monitor the effective development and operation of risk management and corporate governance in the council. Be satisfied that the authority s assurance statement including the annual governance statement properly reflect the risk environment and any actions required to improve it. Consider the effectiveness of the authority s risk management arrangements, the control environment and associated anti fraud and anti corruption arrangements and seek assurance that action is being taken to mitigate those risks identified. Resources Scrutiny Committee To contribute to and review the development of the Council s corporate management policies, including risk management and corporate governance policies and strategies. To consider the issues contained with the council s strategic risk register, as part of the council s scrutiny process. 11. Mitigating/ treating risk 11.1 The council will aim to mitigate the impact of risk by securing the council's assets, minimising injury to staff, clients, and customers, guarding against exposure to litigation, and protecting the environment from harm. The council will tolerate risks below a certain level and actively manage risks over a certain level. Where a significant risk has been identified, a detailed action plan will be produced with milestones and mitigations. Where corporate risks are considered significant, provision has been made within the council s Policy on Reserve to cover the council s potential exposure. Further information is contained within the Policy on Reserves. 12. Accept/ tolerating risk 12.1 The council aims to minimise and mitigate the risks facing the organisation but it would be naive to believe that this can be completely achieved. Moreover, the council will always face the acceptable risk problem namely, in some circumstances the council will need to take a calculated risk in order to deliver its corporate priorities or maximise the benefits of its investments. The council may also choose in some circumstances to accept a degree of risk when working in partnership with other organisations because doing so will help the council to deliver its corporate priorities and because it wants to share the benefits with its partners A degree of risk is acceptable if the benefit of a particular course of action can compensate for the associated level of risk, even though the council may not be able to mitigate the risks entirely. Determining what is an acceptable or tolerable level of risk can only be established via a thorough analysis of the associated risks on a case by case basis. Consequently, the risks associated with delivering the commitments in the Corporate Plan (or other key corporate projects) are assessed individually. 11

12 13. Removal of risk from the register 13.1 Where risk has been mitigated and the score has reduced than the risk owner can make a recommendation for the risk to be removed from the corporate register This recommendation will then be submitted to CMT where they will accept or rejected to removal of the rick from the register CMT s decision will submitted to cabinet where it can be rejected if councillors feel the risk should still be recorded and managed by the council. 12

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc MARCH 2012 Version 1.10 Strategic Risk Policy Update March 2012 v1.10.doc Document History Current Version Document Name Risk Management Policy Statement and Strategic Framework Last Updated By Alan Till

More information

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise 4. Embedding

More information

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

Bedford Group of Drainage Boards

Bedford Group of Drainage Boards Bedford Group of Drainage Boards Risk Management Strategy Risk Management Policy January 2010 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

Bridgend County Borough Council. Corporate Risk Management Policy

Bridgend County Borough Council. Corporate Risk Management Policy Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk

More information

WEST DORSET DISTRICT COUNCIL RISK MANAGEMENT STRATEGY

WEST DORSET DISTRICT COUNCIL RISK MANAGEMENT STRATEGY WEST DORSET DISTRICT COUNCIL RISK MANAGEMENT STRATEGY As approved by the Executive Committee 7 October 2008 STRATEGY... 3 THE RISK MANAGEMENT PROCESS... 3 RISK REGISTERS... 4 BENEFITS OF RISK MANAGEMENT

More information

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

The Risk Management strategy sets out the framework that the Council has established.

The Risk Management strategy sets out the framework that the Council has established. Derbyshire County Council Management Policy Statement The Authority adopts a proactive approach to Management to achieve Best Value and continuous improvement and is committed to the effective management

More information

RISK MANAGEMENT STRATEGY

RISK MANAGEMENT STRATEGY RISK MANAGEMENT STRATEGY 1 Introduction The purpose of this document is to outline a which facilitates the effective recognition and management of risks facing the University. The Combined Code on Corporate

More information

Risk Management Policy and Framework

Risk Management Policy and Framework Risk Management Policy and Framework December 2014 phone 1300 360 605 08 89589500 email info@centraldesert.nt.gov.au location 1Bagot Street Alice Springs NT 0870 post PO Box 2257 Alice Springs NT 0871

More information

MEMBERS CONSIDER THE RISK STRATEGY AND RECOMMEND APPROVAL TO COUNCIL.

MEMBERS CONSIDER THE RISK STRATEGY AND RECOMMEND APPROVAL TO COUNCIL. Agenda item: 8 Committee: Audit & Standards Committee Date of meeting: 19 th September 2011 Subject: Risk Management Strategy Lead Officer: Head of Finance Portfolio Holder: Resources - Councillor T Oliver

More information

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013 2016 South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013-2016 1 1 Context 3 SCOPE 3 WHAT IS RISK MANAGEMENT? 3 LOCAL AND NATIONAL DRIVERS 3 Business

More information

Risk & Opportunity Management Framework

Risk & Opportunity Management Framework Risk & Opportunity Management Framework January 2010 Version 1.0 Table of Contents 1 Preface... 14 1.1 Risk and Opportunity Management What is it?... 14 1.2 Purpose... 15 2 Risk Management Process... 15

More information

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx

Sub-section Content. 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx Sub-section Content 1 Formalities - Post title: Risk Consultant - Reports to: Head of Group Risk - Division: xxx - Location: xxx 2 Job Purpose - To support the implementation of an Enterprise Risk Management

More information

Group Risk Management Policy

Group Risk Management Policy Group Risk Management Policy Originator: Approval date: Policy and Strategy Team Sovini Board PCHA Board OVH Board/EMT 6 th December 2013 31 st October 2013 14 th October 2013 Review date: December 2014

More information

Corporate Risk Management Policy

Corporate Risk Management Policy Corporate Risk Management Policy Managing the Risk and Realising the Opportunity www.reading.gov.uk Risk Management is Good Management Page 1 of 19 Contents 1. Our Risk Management Vision 3 2. Introduction

More information

Risk Management Strategy

Risk Management Strategy Risk Management Strategy 2010 RISK MANAGEMENT STRATEGY 1 INTRODUCTION 1.1 What is Risk Management? 1.1.1 Risk can be defined as uncertainty of outcome (whether positive opportunity or negative threat).

More information

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 Version 1.0 October 2013 Not protectively marked INDEX PAGE NO TITLE 3 Executive Summary 4 Our Shared Vision and Priorities 5 Outline of the Risk and

More information

V1.0 - Eurojuris ISO 9001:2008 Certified

V1.0 - Eurojuris ISO 9001:2008 Certified Risk Management Manual V1.0 - Eurojuris ISO 9001:2008 Certified Section Page No 1 An Introduction to Risk Management 1-2 2 The Framework of Risk Management 3-6 3 Identification of Risks 7-8 4 Evaluation

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY RISK MANAGEMENT POLICY Issue Date: February 2010 Reviewed: July 2011 Contents Scope...3 Key Points...3 Background...3 Roles and Responsibilities...3 Classification of Risks...4 Risk Evaluation...4 Risk

More information

AFTRS Health and Safety Risk Management Policy

AFTRS Health and Safety Risk Management Policy AFTRS Health and Safety Risk Management Policy Responsible Officer Contact Officer Authorisation Director, Corporate and Student Services Head of Human Resources Chief Executive Officer Effective Date

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Effective from 4 July 2015 Version Number: 2.1 Author: Director of Planning Planning Directorate Document Control Information Status and reason for development Revised updating the

More information

RISK MANAGEMENT POLICY & FRAMEWORK. \\vmfileserver02\company\council\judy\risk Management\Risk Management Framework 2013 (2).

RISK MANAGEMENT POLICY & FRAMEWORK. \\vmfileserver02\company\council\judy\risk Management\Risk Management Framework 2013 (2). RISK MANAGEMENT POLICY & FRAMEWORK \\vmfileserver02\company\council\judy\risk Management\Risk Management Framework 2013 (2).doc 20 Page 1 of Table of Contents Risk Management Policy...3 Risk Management

More information

Risk Management Policy. Corporate Governance Risk Management Policy

Risk Management Policy. Corporate Governance Risk Management Policy Corporate Governance Risk Management Policy Approved by the Council of Ministers, May 2006 1. Background The Isle of Man Government is working to promote better risk management, with emphasis on the importance

More information

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC Annex 1 TITLE VERSION Version 2 Risk Management Strategy and Policy SUMMARY The policy provides the framework for the management and control of risk within the GOC DATE CREATED January 2013 REVIEW DATE

More information

Northern Ireland Blood Transfusion Service

Northern Ireland Blood Transfusion Service Northern Ireland Blood Transfusion Service Risk Management Strategy Northern Ireland Blood Transfusion Service Lisburn Road Belfast BT9 7TS Telephone No. 028 9032 1414 www.nibts.org Page 1 of 12 CONTENTS

More information

Revenue Scotland. Risk Management Framework

Revenue Scotland. Risk Management Framework Revenue Scotland Risk Management Framework Contents 1. Introduction... 3 1.1 Overview of risk management... 3 2. Policy statement... 4 3. Risk management approach... 5 3.1 Risk management objectives...

More information

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Risk Management: Coordinated activities to direct and control an organisation with regard to risk. POLICY CG01 RISK MANAGEMENT Document Control Statement This Policy is maintained by the Governance and Organisational Strategy. Any printed copy may not be up to date and you are advised to check the electronic

More information

Risk Management. Policy, Strategy and Methodology

Risk Management. Policy, Strategy and Methodology Risk Management Policy, Strategy and Methodology Contents Page Number Foreword by Paul Orders, Chief Executive... 2 Foreword by Councillor Graham Hinchey, Cabinet Member for Corporate Services and Performance...

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Responsible Officer Author Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date effective from December 2008 Date last amended December 2012

More information

HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK

HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK July 2013 1 P age Contents Page 1.0 Definition 3 2.0 Context 3 3.0 Purpose and aim of the policy 4 4.0 Policy Statement 4 5.0 Framework for Performance Management

More information

The Lowitja Institute Risk Management Plan

The Lowitja Institute Risk Management Plan The Lowitja Institute Risk Management Plan 1. PURPOSE This Plan provides instructions to management and staff for the implementation of consistent risk management practices throughout the Lowitja Institute

More information

Managing workplace health and safety risks

Managing workplace health and safety risks Managing workplace health and safety risks 1. Purpose 2. Scope 3. Definitions 4. Roles and Responsibilities 5. Procedure 6. Performance Measures 7. References 1. Purpose The purpose of this procedure is

More information

Integrated Risk Management Policy

Integrated Risk Management Policy Integrated Management Policy Document reference number Document developed by Quality and Patient Safety Directorate Revision number 4 Document approved by Quality and Patient Safety Directorate Approval

More information

RISK MANAGEMENT STRATEGY

RISK MANAGEMENT STRATEGY RISK MANAGEMENT STRATEGY 2014-15 April 2014 Page 1 of 17 CONTENTS 1. Introduction 2. What is risk management? 3. Risk Management Policy Statement 4. Risk Management process 5. Roles and responsibilities

More information

Compliance Management Framework. Managing Compliance at the University

Compliance Management Framework. Managing Compliance at the University Compliance Management Framework Managing Compliance at the University Risk and Compliance Office Effective from 07-10-2014 Contents 1 Compliance Management Framework... 2 1.1 Purpose of the Compliance

More information

LOUGHBOROUGH ENDOWED SCHOOLS

LOUGHBOROUGH ENDOWED SCHOOLS LOUGHBOROUGH ENDOWED SCHOOLS Policy Title: Risk Assessment Policy Version Number: 20160725 Approved By: Date Approved: ESTATES AND HEALTH & SAFETY COMMITTEE 3 rd NOVEMBER 2016 Point of Contact (Reviewer):

More information

Enterprise Risk Management Policy

Enterprise Risk Management Policy Enterprise Risk Management Policy A Framework for Managing Opportunity and Risk Date: 27 November 2015 Version: 13.0 Classification: Unclassified Authors: Julie Holland - Risk Management Facilitator Quality

More information

Version: 3.0. Effective From: 19/06/2014

Version: 3.0. Effective From: 19/06/2014 Policy No: RM66 Version: 3.0 Name of Policy: Business Continuity Planning Policy Effective From: 19/06/2014 Date Ratified 05/06/2014 Ratified Business Service Development Committee Review Date 01/06/2016

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY RISK MANAGEMENT POLICY Nuffield College s Risk Management Policy defines the College's approach to risk and how risk management should be embedded into management processes to ensure that the major risks

More information

Audit Committee, 28 November. HCPC Project Risk Management. Executive summary and recommendations. Introduction

Audit Committee, 28 November. HCPC Project Risk Management. Executive summary and recommendations. Introduction Audit Committee, 28 November HCPC Project Risk Management Executive summary and recommendations Introduction At its meeting on 29 September 2013 the Committee agreed that it would receive the Education

More information

RISK ASSESSMENT MATRIX GUIDANCE NOTES

RISK ASSESSMENT MATRIX GUIDANCE NOTES RISK ASSESSMENT MATRIX GUIDANCE NOTES 1. Introduction Risk Assessment matrices provide a powerful and easy-to-use tool for the identification, assessment and control of business risk, via treatment plans.

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ROCKHAMPTON REGIONAL COUNCIL ENTERPRISE RISK MANAGEMENT FRAMEWORK 2013 Adopted 25 June 2013 Reviewed: October 2015 TABLE OF CONTENTS 1. Introduction... 3 1.1 Council s Mission... 3 1.2 Council s Values...

More information

Emergency Management and Business Continuity Policy

Emergency Management and Business Continuity Policy www.surreycc.gov.uk Making Surrey a better place Emergency Management and Business Continuity Policy 4 TH EDITION June 2011 Title Emergency Management and Business Continuity Policy Version 4.0 Policy

More information

RISK MANAGEMENT STRATEGY 2013-2016

RISK MANAGEMENT STRATEGY 2013-2016 RISK MANAGEMENT STRATEGY 2013-2016 As presented and endorsed by the Mornington Peninsula Shire s Audit Committee at its meeting of 20 February, 2013 and subsequent adoption by Council at its meeting of

More information

Version Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 Administered by: Governance Coordinator

Version Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 Administered by: Governance Coordinator Risk Management Framework Version Adoption by Council: 2013 Resolution Number: 2013/177 Current Version: V1.0 TRIM CON: 12/1132 Administered by: Governance Coordinator Last Review Date: 2013 Next Review

More information

Risk Management & Business Continuity Manual 2011-2014

Risk Management & Business Continuity Manual 2011-2014 ANNEX C Risk Management & Business Continuity Manual 2011-2014 Produced by the Risk Produced and by the Business Risk and Business Continuity Continuity Team Team February 2011 April 2011 Draft V.10 Page

More information

Risk Management Guide

Risk Management Guide Risk Management Guide Page(s) Introduction 3 The 5 steps to identifying risk 4 Risk Management Process - Step 1 5 Identify - Step 2 Assess Step 3 5-6 6 Control - Step 4 6 Monitor and Review -Step 5 6 Risk

More information

Allerdale Borough Council Internal Audit Charter

Allerdale Borough Council Internal Audit Charter Allerdale Borough Council Internal Audit Charter Appendix A Document prepared by Document reviewed by Document replaces Document approved by Document due for annual review Internal Audit Manager Date July

More information

Risk Management Policy

Risk Management Policy Risk Management Policy DOCUMENT CONTROL Developed by: Date: Origination: Quality, Systems & Shared s March 2014 Authorised by: Colette Kelleher April 2014 DOCUMENT REVIEW HISTORY Original Circulation date:

More information

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014

An Introduction to Risk Management. For Event Holders in Western Australia. May 2014 An Introduction to Risk Management For Event Holders in Western Australia May 2014 Tourism Western Australia Level 9, 2 Mill Street PERTH WA 6000 GPO Box X2261 PERTH WA 6847 Tel: +61 8 9262 1700 Fax: +61

More information

RISK AND COMPLIANCE COMMITTEE CHARTER

RISK AND COMPLIANCE COMMITTEE CHARTER 1. GENERAL SCOPE AND AUTHORITY 1.1 Introduction This charter governs the operations of the Risk & Compliance Committee of Redflex Holdings Limited (RHL or Company). 1.2 Purpose The Risk & Compliance Committee

More information

Isle of Wight Council Risk Management Practical Guide. DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage

Isle of Wight Council Risk Management Practical Guide. DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage Isle of Wight Council Risk Management Practical Guide DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage Contents: 1 Introduction 3 2 What is Risk Management? 3 3 Approach to Improving Managing

More information

Richmond-upon-Thames Performance Management Framework

Richmond-upon-Thames Performance Management Framework Richmond-upon-Thames Performance Management Framework Introduction Everyone at the Council has a role in Performance Management. It is therefore important that we all understand what is involved. This

More information

JOB DESCRIPTION. TITLE: Corporate Property Manager SALARY RANGE: 55,000-70,000

JOB DESCRIPTION. TITLE: Corporate Property Manager SALARY RANGE: 55,000-70,000 TITLE: Corporate Property Manager SALARY RANGE: 55,000-70,000 JOB DESCRIPTION DEPARTMENT: Property Management Services REGION: North East / North West / Midlands / London / South ACCOUNTABILITIES: The

More information

Risk Management Procedure

Risk Management Procedure Purpose of this document Develop and document procedures and work instructions for Risk Management to cover the project Stages set out in the Project Process Map. The purpose of this procedure is to identify

More information

Proactive Risk Management. Risk in NHS Tayside. Risk Management Guidance Note

Proactive Risk Management. Risk in NHS Tayside. Risk Management Guidance Note Proactive Risk Management Risk in NHS Tayside Risk Management Guidance Note Author: Safety, Governance & Risk Department Review Group: Operational Risk Health and Safety Management Group Review Date: November

More information

Corporate Health and Safety Policy

Corporate Health and Safety Policy Corporate Health and Safety Policy November 2013 Ref: HSP/V01/13 EALING COUNCIL Table of Contents PART 1: POLICY STATEMENT... 3 PART 2: ORGANISATION... 4 2.1 THE COUNCIL:... 4 2.2 ALLOCATION OF RESPONSIBILITY...

More information

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area CODE OF CORPORATE GOVERNANCE INTRODUCTION Corporate Governance is a term used to describe how organisations direct and control what they do. As well as systems and processes this includes cultures and

More information

Procurement Transformation Division. Procurement guidance. Engaging and managing consultants. Includes definitions for consultants and contractors

Procurement Transformation Division. Procurement guidance. Engaging and managing consultants. Includes definitions for consultants and contractors Procurement guidance Engaging and managing consultants Includes definitions for consultants and contractors Procurement guidance: Engaging and managing consultants Page 2 of 17 Table of contents Table

More information

CONTROLLED DOCUMENT. Number: Version Number: 4. On: 25 July 2013 Review Date: June 2016 Distribution: Essential Reading for: Information for:

CONTROLLED DOCUMENT. Number: Version Number: 4. On: 25 July 2013 Review Date: June 2016 Distribution: Essential Reading for: Information for: CONTROLLED DOCUMENT Risk Management Strategy and Policy CATEGORY: CLASSIFICATION: PURPOSE: Controlled Number: Document Version Number: 4 Controlled Sponsor: Controlled Lead: Approved By: Document Document

More information

PM Governance. Executive Team ADCA ADCA

PM Governance. Executive Team ADCA ADCA Item 6.5a Action Plan against the Recommendations Made in the Review of Risk Management Arrangements by PM Governance, November 2014 Key: PM Governance Paul Moore, Risk Consultant ADCA Associate Director

More information

University of New England Compliance Management Framework and Procedures

University of New England Compliance Management Framework and Procedures University of New England Compliance Management Framework and Procedures Document data: Document type: Administering entity: Framework and Procedures Audit and Risk Directorate Records management system

More information

LONDON BOROUGH OF SOUTHWARK

LONDON BOROUGH OF SOUTHWARK APPENDIX 1 LONDON BOROUGH OF SOUTHWARK The annual report to the Audit & Governance Committee on Risk and Insurance for 2011/12, and the key corporate risks Presented to the Audit & Governance Committee

More information

Council Meeting Agenda 27/07/15

Council Meeting Agenda 27/07/15 3 Risk Management Framework Abstract Council s Risk Management Framework ( the Framework ) was adopted by Council in 2012. The Framework provides structure and guidance to Council s risk management activities

More information

A GOOD PRACTICE GUIDE FOR EMPLOYERS

A GOOD PRACTICE GUIDE FOR EMPLOYERS MITIGATING SECURITY RISK IN THE NATIONAL INFRASTRUCTURE SUPPLY CHAIN A GOOD PRACTICE GUIDE FOR EMPLOYERS April 2015 Disclaimer: Reference to any specific commercial product, process or service by trade

More information

Paper J WEST LEICESTERSHIRE CLINICAL COMMISSIONING GROUP BOARD MEETING. 10 February 2015. Governance How we manage our business

Paper J WEST LEICESTERSHIRE CLINICAL COMMISSIONING GROUP BOARD MEETING. 10 February 2015. Governance How we manage our business Paper J WEST LEICESTERSHIRE CLINICAL COMMISSIONING GROUP BOARD MEETING 10 February 2015 Title of the report: Section: Report by: Presented by: Risk Management Strategy & Policy Governance How we manage

More information

A Risk Management Standard

A Risk Management Standard A Risk Management Standard Introduction This Risk Management Standard is the result of work by a team drawn from the major risk management organisations in the UK, including the Institute of Risk management

More information

RISK MANAGEMENT POLICY

RISK MANAGEMENT POLICY DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Council policy Approved Manager Organisational Development Risk Management Committee Council DATE ADOPTED:

More information

Internal Audit Charter. June 2016

Internal Audit Charter. June 2016 Internal Audit Charter June 2016 1 Introduction 1.1 The Internal Audit Charter is a formal document that defines Internal Audit s purpose, authority and responsibility. The charter establishes Internal

More information

Eclipx Group Limited Risk Management Policy

Eclipx Group Limited Risk Management Policy Eclipx Group Limited Risk Management Policy Date approved: 26 March 2015 Table of Contents 1. Background... 3 1.1 Overview... 3 1.2 Purpose... 3 1.3 Board responsibility... 3 2. Key principles and concepts...

More information

The Corporate Select Committee is asked to note the attached report.

The Corporate Select Committee is asked to note the attached report. CORPORATE SELECT COMMITTEE RISK MANAGEMENT Report Author: Peter Grimshaw Internal Audit Manager Executive Member: Councillor John Faulkner Agenda Item 12 13 September 2005 1. PURPOSE This is a regular

More information

RISK MANAGEMENT POLICY (Revised October 2015)

RISK MANAGEMENT POLICY (Revised October 2015) UNIVERSITY OF LEICESTER RISK MANAGEMENT POLICY (Revised October 2015) 1. This risk management policy ( the policy ) forms part of the University s internal control and corporate governance arrangements.

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective

More information

Code of Corporate Governance. Appendix 22 INTRODUCTION

Code of Corporate Governance. Appendix 22 INTRODUCTION Appendix 22 INTRODUCTION Corporate governance is a phrase used to describe how organisations direct and control what they do. For local authorities this also includes how a council relates to the communities

More information

Risk Management Programme Guidelines

Risk Management Programme Guidelines Risk Management Programme Guidelines Submissions are invited on these draft Reserve Bank risk management programme guidelines for non-bank deposit takers. Submissions should be made by 29 June 2009 and

More information

Risk Management Strategy

Risk Management Strategy Risk Management Strategy Version: 8 Approved by: Quality and Governance Committee Date approved: 31 July 2014 Ratified by: Trust Board of Directors Date ratified: Name of originator/author: Head of Patient

More information

Service and Improvement Plan 2015 18

Service and Improvement Plan 2015 18 Service and Improvement Plan 2015 18 Property and Risk 1. Introduction Property and Risk Service and Improvement Plan 2015 2018 1.1 The Property and Risk Service and Improvement Plan covers the period

More information

Collection House Group. Risk Management Policy

Collection House Group. Risk Management Policy Collection House Group Risk Management Policy DOCUMENT CONTROL Endorsement Doc # Current Approval Approved By Review Author Class Version Date Period Doc. CHG 006 7 08/06/16 CLH Board Annual Priscilla

More information

Risk Management Programme Guidelines

Risk Management Programme Guidelines Risk Management Programme Guidelines Prudential Supervision Department Non-bank deposit takers Issued: July 2009 2 CONTENTS Part 1 Introduction... 3 1. Purpose of this document... 3 2. Meaning of risk...

More information

Internal Audit Strategic and Annual Plans 2015/16

Internal Audit Strategic and Annual Plans 2015/16 Internal Audit Strategic and Annual Plans 2015/16 Financial Scrutiny and Audit Committee 10 February 2015 Agenda Item No 8 Summary: This report provides an overview of the stages followed prior to the

More information

IFoA Risk Management Framework 29 February 2016

IFoA Risk Management Framework 29 February 2016 IFoA Risk Management Framework 29 February 2016 1.0 Introduction The IFoA has developed a new Risk Management Framework which was implemented in early 2015-16 and which brings together the management of

More information

Outsourcing and third party access

Outsourcing and third party access Outsourcing and third party access This document is part of the UCISA Information Security Toolkit providing guidance on the policies and processes needed to implement an organisational information security

More information

West Sussex County Council Resilience Policy

West Sussex County Council Resilience Policy West Sussex County Council Resilience Policy INDEX page 2 Policy Statement page 3 Vision Statement,Values and General Principles page 4 Introduction and purpose page 4 Scope of the Policy page 4 The Council

More information

Merthyr Tydfil County Borough Council

Merthyr Tydfil County Borough Council Merthyr Tydfil County Borough Council DRAFT Risk Management Policy & Strategy April 2014 Prepared by: Kerry O Donovan Page 1 of 47 Contents Page Numbers Foreword 3 Merthyr Tydfil County Borough Council

More information

Corporate governance framework and toolkit for working in partnerships

Corporate governance framework and toolkit for working in partnerships Corporate governance framework and toolkit for working in partnerships How to use this document All officers and elected members involved in partnership working need to be aware of this document. Lead

More information

Managing Risk in Procurement Guideline

Managing Risk in Procurement Guideline Guideline DECD 14/10038 Managing Risk in Procurement Guideline Summary The Managing Risk in Procurement Guideline assists in the identification and minimisation of risks involved in the acquisition of

More information

Code of Corporate Governance

Code of Corporate Governance www.surreycc.gov.uk Making Surrey a better place Code of Corporate Governance October 2013 1 This page is intentionally blank 2 CONTENTS PAGE Commitment to good governance 4 Good governance principles

More information

Title: Rio Tinto management system

Title: Rio Tinto management system Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23

More information

Succession Planning Policy and Procedure

Succession Planning Policy and Procedure Succession Planning Policy and Procedure Reference No. P08:2012 Implementation date 07022013 Version Number V1.0 Reference No: Name. Linked documents P14:2002 Police Staff Recruitment and Selection Policy

More information

PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk?

PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE INTRODUCTION. 1 What is Risk? PROCEDURES RISK MANAGEMENT FRAMEWORK AND GUIDELINES PURPOSE This Framework and Guidelines have been developed in support of the CQUniversity Risk Management Policy and are intended for use by the CQUniversity

More information

This Report will be made public on

This Report will be made public on This Report will be made public on Report Number C/ To: Cabinet Date: 30 July 2014 Status: Director: Non key decision Jeremy Chambers, Central Services Cabinet Member: Cllr David Monk, Leader of the Council

More information

Safety Management Plan

Safety Management Plan Safety Management Plan Dieback Mapping and Management Consultants TABLE OF CONTENTS SAFETY MANAGEMENT PLAN... 3 INTRODUCTION...3 OUR OH&S OBJECTIVES...3 OH&S MANAGEMENT PLAN...4 OUR CONSULTATION PROCESS...4

More information

Good Practice Guide: audit strategy

Good Practice Guide: audit strategy Good Practice Guide: audit strategy July 2010 Good Practice Guide: audit strategy July 2010 Official versions of this document are printed on 100% recycled paper. When you have finished with it please

More information

Information Commissioner's Office

Information Commissioner's Office Information Commissioner's Office Internal Audit 2010-11: Visit Four March 2011 Report distribution Timetable For action: Head of Good Practice Scoping meeting: 5 January 2011 Good Practice Group Fieldwork

More information

RMBC s Governance Framework for Significant Partnerships

RMBC s Governance Framework for Significant Partnerships RMBC s Governance Framework for Significant Partnerships 1.0 Introduction 1.1 Corporate governance describes how organisations direct and control what they do. For a council, this includes how it relates

More information

Risk Management Strategy 2012-2014

Risk Management Strategy 2012-2014 Management Strategy 2012-2014 Mission: To support and develop a sustainable, thriving and resilient community through leadership and partnerships NOTE: This Document should be read in conjunction with

More information

Risk Methodology. Contents. Introduction... 2. The Risk Management Structure... 2. The Risk Management Cycle... 2. Methodology...

Risk Methodology. Contents. Introduction... 2. The Risk Management Structure... 2. The Risk Management Cycle... 2. Methodology... Risk Methodology Contents Introduction... 2 The Risk Management Structure... 2 The Risk Management Cycle... 2 Methodology... 3 Appendix 1...5 Definition of Controls... 5 Appendix 2...6 Definition of Impact...

More information

Mid Suffolk District Council. Risk Management Strategy

Mid Suffolk District Council. Risk Management Strategy Mid Suffolk District Council Risk Management Strategy uthor Claire Reynolds and udit Officer (Lead for Risk Management) Version Control V1 30 October 2006 pproved by Executive Committee V2 October/ November

More information

SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY

SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY SOUTHERN RURAL WATER POLICY RISK MANAGEMENT POLICY 1. POLICY STATEMENT Having regard to AS/NZS ISO 31000 Risk Management, it shall be the Policy of SRW to manage risk to protect public safety, quality

More information