Risk Audit and Assurance Report - Quarter 3 Update 2013/14

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Risk Audit and Assurance Report - Quarter 3 Update 2013/14"

Transcription

1 Report title Risk Audit and Assurance Report - Quarter 3 Update 2013/14 Meeting Governance, Performance and Audit Committee 4 March 2014 Date Report by Head of Strategy and Performance 7 February 2014 Document Number FEP 2207 Public Summary This report provides an updated monitoring position on the Authority s risk management framework including the risk audit programme and supporting assurance work which has taken place during quarter three 2013/14. Recommendations That the Committee: 1. Notes the content of this report with regard to on-going risk management activities and reviews the information as necessary to fulfil its monitoring and oversight responsibilities; and 2. Notes that the three separate reports on risk, business continuity and governance will be combined into one report as from quarter four, 2013/14.

2 Introduction/Background 1. Strategic risk management enables the Authority to plan for, anticipate, manage, and mitigate risks which have the potential to seriously impact upon the services provided by the organisation. As a fire and rescue service, many of our activities are naturally underpinned by a range of hazards, but it is only through the evaluation of the chance or probability of harm associated with those hazards (i.e. by undertaking a risk assessment) that we are able to accurately understand the risk they pose to the organisation. 2. Risk management is a process which seeks to identify, evaluate and manage these risks in a structured way. A robust strategic risk management framework enables the Authority to take sufficient action, which could involve prevention of significant risks and/or reduction of the impact of those that do occur by putting adequate risk mitigation controls in place. 3. As the assessment of risk and the implementation of controls is largely an internal function, the Authority s internal audit function currently provide independent verification to make sure that the appropriate risks are being identified and prioritised, that they are rated correctly and that evidence for the risk controls in place can be checked. 4. This Committee has a responsibility, to monitor the Authority s risk management system, framework and control environment to ensure that it is fit for purpose (FEP1913). Accordingly, this report shows the updated monitoring position regarding the organisation s risk audit and assurance activity as at the end of quarter three, 2013/14 (period to end December 2013). 5. This report also includes the risk performance indicators and an update on the Authority s risk appetite.. Officers have reviewed how risk, continuity and governance information is reported to the Committee. Given the relationship between the three areas, officers will combine the three separate reports into one report from quarter four, 2013/14. This will reduce any duplication and provide a more concise and structured overview for Members. Corporate risk register 7. The Authority s corporate risks are set out in Appendix 1 to this report. Corporate risks are those which officers have identified could have a serious impact on how the Authority operates. These corporate risks were last reported to the Committee in November 2013 (FEP217) as part of the monitoring report for quarter two, 2013/ Over the past quarter, a new risk has been identified by the Director of Finance and Contractual Services that has since been incorporated into the corporate risk register. This new risk relates to the national Emergency Services Mobile Communications Programme (ESMCP). The ESMCP is a cross departmental programme currently sitting within the Home Office. Its purpose is to procure an Emergency Services Network (ESN) to replace the current Airwave communication system that is used by all the emergency services. 9. The new corporate risk (CRR15) has been defined as, The national programme to replace Airwave with the Emergency Services Network (ESN) by 2017 fails to deliver a solution for the provision of radio and data communications which is both affordable in the long term and which delivers the complete functionality required by LFB. 10. The main uncertainty with regards to the new risk relates to the affordability of the programme, the levels of coverage, resilience and availability that the ESN will have and the timeline in which Page 2 of 8

3 the programme is expected to deliver. Accordingly, the likelihood and impact scores for this risk have been established as likely (three) and significant (two) respectively. This means that the overall risk score is six, making this new risk an amber corporate risk. The corporate risk appetite 11. Risk appetite is the amount of risk, broadly, that an organisation is willing to accept in pursuit of its objectives. It reflects the organisation s history and risk management philosophy and, in turn, influences the organisation s culture and risk management style. The better able we are to manage our risks in accordance with our risk appetite, the more we can use this information (i.e. are we within our risk appetite or exceeding it?) to aid decision making. 12. Our approach to risk appetite and the resulting risk appetite statement was originally agreed by the Authority in June 2010 (FEP154) and the statement now forms part of the Authority s Annual Governance Statement. Overall, the Authority s risk appetite can be described as low to lowmedium. Risk appetite is formally applied at two levels within the organisation: the corporate level and the departmental level. The corporate level is reported quarterly as a matter of course to the Committee. The departmental level is reported on an exceptions only basis if there are any issues of significant concern which merit the attention of the Committee. 13. By taking the corporate risks and plotting them on the standard risk matrix (see Figure 1), it is possible to provide an overall picture of the corporate risk profile. By acknowledging that the Authority s risk appetite is low to low-medium, it is possible to represent this by drawing a line on the risk matrix. This becomes the standard risk threshold. Risks which then appear in the green area and amber risks which are unlikely (2x3) and/or significant (3x2) are then said to be within acceptable limits. 14. So that informed risk taking can take place, risks may still appear above the standard risk threshold line so long as the overall risk ratio does not exceed nine per cent of the risk threshold set. However, risks that are rated as very likely and catastrophic (4x4), very likely and major (4x3) or likely and catastrophic (3x4) will still be deemed to be outside acceptable limits, even if they are within the nine per cent ratio. These risks will be subject to extra scrutiny to check that the rating is correct, whether the activity can be pursued (in the case where a choice has been made to take a risk) and what immediate management action can be taken to bring the risk to within more acceptable limits. 15. The current corporate risk profile is shown in Figure 1. The large numbers inside the matrix show the number of corporate risks at that rating (e.g. there are 3 corporate risks with a likelihood rating of 2 (unlikely) and an impact rating of 3 (major)). The smaller numbers refer to the Corporate Risk Identifier (e.g. CRR1, CRR2): Page 3 of 8

4 Likelihood Figure 1 The summary corporate risk profile quarter /14 Very Likely 4 1 CRR13 Likely 3 CRR5, CRR7, CRR8, CRR10, CRR14,CRR15 Unlikely 2 3 CRR1, CRR2, CRR3, Very Unlikely 1 Minor 1 Significant 2 Major 3 Catastrophic 4 Impact 1. At the moment, the overall position of the corporate risks shows that the organisation remains at an amber status with 10 per cent of risks over the standard risk threshold line. 17. The one risk which remains above the line is CRR13 A breakdown in industrial relations affects our ability to deliver the service. This risk remains at a high red rating in spite of control measures such as the industrial relations framework, owing, in part, to the current environment whereby unions are more likely to take industrial action over a range of matters which are; (a) part of the Authority s current change management initiatives; and, (b) over matters which are outside of the Authority s direct control (i.e. pension change proposals). The status of this risk has been confirmed by the recent audit conducted by our external risk auditors. 18. The impact of this risk is that the Authority is just exceeding the green status in risk appetite terms and management focus remains on CRR13 to improve the status of this risk. However, officers are satisfied that, overall, the organisation is operating within acceptable limits. 19. Members will recall from the previous report to the Committee that there is currently a national dispute between the Fire Brigades Union (FBU) and the Government over the Government s proposed pension reforms. Since the last report to the Committee, the FBU have held a further eight strikes, with the most recent of these taking place on the 3 January As with the strike that took place on the 25 September 2013, the Authority implemented its contingency arrangements for the duration of the strike periods and deployed its Emergency Fire Crew Capability (EFCC) in order to provide a contingency level of operational service across London. Page 4 of 8

5 20. Throughout the recent strike periods these arrangements continued to demonstrate their effectiveness, and also provided the Authority with assurance that the controls that are in place to mitigate the impacts associated with this risk are appropriate. 21. Further detail on industrial action and the recent strike periods has been provided in the business continuity management update report for quarter three, which is also on the agenda for today s Committee meeting. Risk audit programme/transfer to MOPAC 22. In order to validate the risk information identified and contained within the Authority s risk management system, a risk audit programme has been carried out each year. The last risk audit programme focussed on selected corporate risks. The background to how the programme was compiled has been provided in previous reports to the Committee. 23. Members will recall from the previous Committee report that the programme has now concluded, and that responsibility for auditing the effectiveness of the organisation s risk management arrangements has now transferred to the Mayor s Office for Policing and Crime(MOPAC) under the shared service arrangement. The MOPAC audit programme provides continuity in terms of risk auditing with thematic audits (e.g. protective security, attendance management, etc.) considering risks in the round. The MOPAC programme also includes a review of the Authority s risk management process during 2013/ The outcomes of MOPAC audits are already reported to the Committee so Members will continue to have sight of recommendations and actions arising as a result of the risk based audit approach. The latest MOPAC progress report is also on the agenda for today s Committee meeting. 25. As noted in the previous risk audit and assurance report (FEP217), outstanding recommendations relating to the industrial relations risk (CRR13), which was the last corporate risk audited under the old risk audit programme, are now reported to Committee in the MOPAC report. Risk performance indicators 2. Risk performance indicators are designed to give a visual representation of the information which provides the background to this report. The current indicators are attached at Appendix 2 to this report and display the content of the Authority s risk management system in terms of the number and status of the corporate and departmental risks. This content is summarised on a rolling quarterly basis over the previous 12 months. Head of Legal and Democratic Services comments 27. The Head of Legal and Democratic Services has reviewed this report and has no comments. Director of Finance and Contractual Services comments 28. This report includes a new risk (CRR15) against the national programme to replace Airwave with the Emergency Services Network by A risk against this programme was also included in the Budget Update Report (FEP2194) and this is set out below: 29. DCLG will replace the existing Airwave contracts, which expire between 201 and 2020 as part of the Emergency Services Mobile Communications Programme. There could be significant financial pressures to LFEPA under any new contract provision. The current contract is subsidised and DCLG have notified LFEPA that its share of this will be 827k in 2013/14. DCLG may be Page 5 of 8

6 unwilling to continue to subsidise any future system. In addition a project team may be required to deliver any new system into the Authority. Sustainable development implications 30. There are no sustainable development implications associated with this report. Staff side consultations undertaken 31. Staff side consultation was undertaken for the review of the industrial relations risk. Further consultation will take place to implement recommendations from the audit action plan as necessary. Equalities implications 32. Fairness, equality and diversity are promoted and supported by both the risk audit programme and overarching risk management framework in line with Authority policy. List of Appendices to this report: 1. Appendix 1 - Corporate risks; and 2. Appendix 2 - Risk performance indicators. LOCAL GOVERNMENT (ACCESS TO INFORMATION) ACT 1985 List of background documents 1. Risk Audit and Assurance Report 2013/14 Quarter 1 and 2 Updates FEP212, 217; 2. Risk Audit and Assurance Reports 2012/13 FEP1949, 2002, 2053 & 2108; 3. Risk Audit and Assurance Reports 2011/12 FEP1794, 1844, 1877; 4. Annual Governance Statement FEP2125; 5. Annual Governance Statement FEP154;. Statement on Internal Control Quarter 1 Update FEP1102; 7. Reconstitution of Committees, Standing Orders, Allowances and Related Matters FEP1913; and 8. Reconstitution of Committees 2007/8 FEP1037. Proper officer Contact officer Telephone Head of Strategy and Performance Daniel Ingram x30071 Page of 8

7 Corporate risks Appendix 1 The current corporate risks for the London Fire Brigade are as follows: Risk Code Risk Description Score CRR1 CRR2 A death or serious injury occurs as a result of our staff not operating a safe system of work Disconnect between top, middle and junior management leads to a lack of consistent leadership affecting our ability to manage and change behaviours CRR3 Failure or perceived failure to deliver the service CRR5 Ability to effect change is limited leading to poor / ineffective resource management CRR7 Failure of a significant contractual relationship impacts on the delivery of services CRR8 Failure to develop and maintain equity across the Brigade CRR10 The current economic climate requires strategic decisions that impact on the Brigade s ability to budget effectively CRR13 A breakdown in industrial relations affects our ability to deliver the service 12 CRR14 CRR15 A risk averse culture within the organisation lessens our ability to deliver efficient and effective services The national programme to replace Airwave with the Emergency Services Network (ESN) by 2017 fails to deliver a solution for the provision of radio and data communications which is both affordable in the long term and which delivers the complete functionality required by LFB Page 7 of 8

8 Number Percentage Number Risk performance indicators Appendix 2 Chart 1. RAG status of corporate risks 2013/14: This shows the number of corporate risks on the Corporate Risk Register and the status of the risks overall (red = high, amber = medium, green = low). The graph shows information over the past year on a rolling quarterly basis RAG Status of Corporate Risks Q4 (12/13) Q1 (13/14) Q2 Q3 Quarter Chart 2. RAG status of corporate current controls 2013/14: This shows the status by percentage of corporate controls currently managing the corporate risks. 100% 90% 80% 70% 0% 50% 40% 30% 20% 10% 0% 2. RAG Status of Corporate Current Controls Q4 (12/13) Q1 (13/14) Q2 Q3 Quarter Chart 3. RAG status of department risks (with current controls) 2013/14: This shows the number and status of departmental risks from the departmental risk registers once current controls have been applied RAG Status of Dept Risks (with Current Controls) Q4 (12/13) Q1 (13/14) Q2 Q3 Quarter Page 8 of 8

Risk Management Strategy 2014-2017

Risk Management Strategy 2014-2017 Appendix 1 London Fire and Emergency Planning Authority London Fire Brigade Risk Management Strategy 2014-2017 Our Risk Management Strategy, together with our underpinning risk management framework and

More information

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc

MARCH 2012. Strategic Risk Policy Update March 2012 v1.10.doc MARCH 2012 Version 1.10 Strategic Risk Policy Update March 2012 v1.10.doc Document History Current Version Document Name Risk Management Policy Statement and Strategic Framework Last Updated By Alan Till

More information

Risk Management Policy. Document author Assured by Review cycle. Audit and Risk Committee. 1. Introduction Purpose or aim Scope...

Risk Management Policy. Document author Assured by Review cycle. Audit and Risk Committee. 1. Introduction Purpose or aim Scope... Risk Management Policy Board library reference Document author Assured by Review cycle P136 Interim Head of Risk and Legal Services Audit and Risk Committee 3 Years This document is version controlled.

More information

RISK MANAGEMENT POLICY (Revised October 2015)

RISK MANAGEMENT POLICY (Revised October 2015) UNIVERSITY OF LEICESTER RISK MANAGEMENT POLICY (Revised October 2015) 1. This risk management policy ( the policy ) forms part of the University s internal control and corporate governance arrangements.

More information

London Legacy Development Corporation s Statement of Risk Appetite September 2015

London Legacy Development Corporation s Statement of Risk Appetite September 2015 London Legacy Development Corporation s Statement of Risk Appetite September 2015 Appendix 1 1. INTRODUCTION 1.1 Her Majesty s Treasury uses the Orange Book definition of risk management The amount of

More information

Bridgend County Borough Council. Corporate Risk Management Policy

Bridgend County Borough Council. Corporate Risk Management Policy Bridgend County Borough Council Corporate Risk Management Policy December 2014 Index Section Page No Introduction 3 Definition of risk 3 Aims and objectives 4 Strategy 4 Accountabilities and roles 5 Risk

More information

Charnwood Borough Council. Corporate Performance Management Framework

Charnwood Borough Council. Corporate Performance Management Framework Charnwood Borough Council Corporate Performance Management Framework Contents 1 Introduction... 1 2 Background... 1 3 Role of the Performance Team... 2 4 Charnwood Framework... 2 4.1 Corporate Plan...2

More information

Department of Health INFORMATION ASSURANCE SUMMARY REPORTS. The purpose and scope of this review

Department of Health INFORMATION ASSURANCE SUMMARY REPORTS. The purpose and scope of this review INFORMATION ASSURANCE SUMMARY REPORTS Department of Health The purpose and scope of this review 1 During the period September to December 2011, the National Audit Office (NAO) carried out an examination

More information

Scottish Borders Council. Local Scrutiny Plan 2015/16

Scottish Borders Council. Local Scrutiny Plan 2015/16 Scottish Borders Council Local Scrutiny Plan 2015/16 March 2015 Scottish Borders Council Local Scrutiny Plan 2015/16 Introduction 1. This local scrutiny plan sets out the planned scrutiny activity in Scottish

More information

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise 4. Embedding

More information

Internal Audit Strategic and Annual Plans 2015/16

Internal Audit Strategic and Annual Plans 2015/16 Internal Audit Strategic and Annual Plans 2015/16 Financial Scrutiny and Audit Committee 10 February 2015 Agenda Item No 8 Summary: This report provides an overview of the stages followed prior to the

More information

Revenue Scotland. Risk Management Framework

Revenue Scotland. Risk Management Framework Revenue Scotland Risk Management Framework Contents 1. Introduction... 3 1.1 Overview of risk management... 3 2. Policy statement... 4 3. Risk management approach... 5 3.1 Risk management objectives...

More information

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC Annex 1 TITLE VERSION Version 2 Risk Management Strategy and Policy SUMMARY The policy provides the framework for the management and control of risk within the GOC DATE CREATED January 2013 REVIEW DATE

More information

Bedford Group of Drainage Boards

Bedford Group of Drainage Boards Bedford Group of Drainage Boards Risk Management Strategy Risk Management Policy January 2010 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy

South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013 2016 South Oxfordshire District Council and Vale of White Horse District Council Risk Management Strategy 2013-2016 1 1 Context 3 SCOPE 3 WHAT IS RISK MANAGEMENT? 3 LOCAL AND NATIONAL DRIVERS 3 Business

More information

Achieve. Performance objectives

Achieve. Performance objectives Achieve Performance objectives Performance objectives are benchmarks of effective performance that describe the types of work activities students and affiliates will be involved in as trainee accountants.

More information

Administration and General Order No. AD/1/TBC

Administration and General Order No. AD/1/TBC COUNTY DURHAM AND DARLINGTON FIRE AND RESCUE SERVICE Administration and General Order No. AD/1/TBC CORPORATE RISK MANGEMENT POLICY 1. INTRODUCTION 1.1 County Durham and Darlington Combined Fire Authority

More information

Risk Management short practical guidance

Risk Management short practical guidance Risk Management short practical guidance April 2014 Introduction Risks are related to potential problems or situations that, if they materialise, could affect negatively the achievement of the Organisation

More information

Trust Board Meeting. Trust Secretary, Linda Storey. Trust Secretary, Linda Storey

Trust Board Meeting. Trust Secretary, Linda Storey. Trust Secretary, Linda Storey ENC 6 Meeting Trust Board Meeting Date 7 th July 2016 Title of Paper Board Assurance Framework Version 1.0 July 2016 Lead Director Author Trust Secretary, Linda Storey Trust Secretary, Linda Storey PURPOSE

More information

Finance and Policy Committee. Date: 13 March Safety Camera Replacement Project. This paper will be considered in public.

Finance and Policy Committee. Date: 13 March Safety Camera Replacement Project. This paper will be considered in public. Finance and Policy Committee Date: 13 March 2013 Item 12: Safety Camera Replacement Project This paper will be considered in public 1 Summary 1.1 The Mayor will shortly publish his Road Safety Action Plan,

More information

Risk Management Policy and Procedures

Risk Management Policy and Procedures Risk Management Policy and Procedures Contents 1. Introduction and overview 2. Completion of the Corporate Risk Register 3. Roles and responsibilities Annexes Annex A Risk probability / impact setting

More information

Our inspection programme will have an outcomes based approach. It will be proportionate and will be based on a risk assessment.

Our inspection programme will have an outcomes based approach. It will be proportionate and will be based on a risk assessment. HMFSI 2013-15 Work Programme Risk Assessment Introduction The HMFSI Business Plan for 2013-15 provides that Under normal circumstances, our inspection priorities are based on the following criteria: The

More information

PM Governance. Executive Team ADCA ADCA

PM Governance. Executive Team ADCA ADCA Item 6.5a Action Plan against the Recommendations Made in the Review of Risk Management Arrangements by PM Governance, November 2014 Key: PM Governance Paul Moore, Risk Consultant ADCA Associate Director

More information

Shepway District Council Risk Management Policy

Shepway District Council Risk Management Policy Shepway District Council Risk Management Policy Contents Section 1 Risk Management Policy... 3 1. Updates and amendments... 3 2. Definition... 3 3. Policy statement... 3 4. Objectives... 3 Section 2 Risk

More information

Risk Management. Policy, Strategy and Methodology

Risk Management. Policy, Strategy and Methodology Risk Management Policy, Strategy and Methodology Contents Page Number Foreword by Paul Orders, Chief Executive... 2 Foreword by Councillor Graham Hinchey, Cabinet Member for Corporate Services and Performance...

More information

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014

RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 RISK AND OPPORTUNITY MANAGEMENT STRATEGY 2013-2014 Version 1.0 October 2013 Not protectively marked INDEX PAGE NO TITLE 3 Executive Summary 4 Our Shared Vision and Priorities 5 Outline of the Risk and

More information

EPRR: Toolkit Business Impact

EPRR: Toolkit Business Impact NHS England Business Continuity Management EPRR: Toolkit Business Impact Assessment (BIA) Template Appendix 3.1 0 [Intentionally Blank] 1 INTRODUCTION The purpose of this document is to assist those who

More information

External Performance Assessment Improvement Plan 2006/8 - Monitoring 6

External Performance Assessment Improvement Plan 2006/8 - Monitoring 6 Report title Agenda item External Performance Assessment Improvement Plan 2006/8 - Monitoring 6 Meeting Performance Management & Community Safety Panel 15 September 2008 Date Report by Document Number

More information

Risk Management Plan

Risk Management Plan Risk Management Plan Author: Adrian Hill Designation: Compliance Manager Phone: 03 8601 2000 Fax: 03 9670 1057 Release Date: 27 February 2006 Version: 2 1 Document History Document Control Number 2 Revision

More information

I attach the following documents in response:

I attach the following documents in response: London Fire Brigade Headquarters 169 Union Street London SE1 0LL T 020 8555 1200 F 020 7960 3602 Minicom 020 7960 3629 www.london-fire.gov.uk Freedom of Information request reference number: FOIA608.1

More information

Risk Management Policy

Risk Management Policy Risk Management Policy Effective from 4 July 2015 Version Number: 2.1 Author: Director of Planning Planning Directorate Document Control Information Status and reason for development Revised updating the

More information

TRANSPORT FOR LONDON AUDIT COMMITTEE STRATEGIC RISK MANAGEMENT PROGRESS REPORT

TRANSPORT FOR LONDON AUDIT COMMITTEE STRATEGIC RISK MANAGEMENT PROGRESS REPORT AGENDA ITEM 4 TRANSPORT FOR LONDON AUDIT COMMITTEE SUBJECT: STRATEGIC RISK MANAGEMENT PROGRESS REPORT DATE: 3 MARCH 2009 1 PURPOSE AND DECISION REQUIRED 1.1 The purpose of this paper is to update the Audit

More information

Note the Chief Internal Auditor s findings to date and gain assurance from Officers that key issues raised are being addressed.

Note the Chief Internal Auditor s findings to date and gain assurance from Officers that key issues raised are being addressed. Agenda Item No: 9 To: Joint Audit Committee Date: 24 September 2014 By: Chief Internal Auditor Title: Internal Audit Update Report 2014-15 Purpose of Report: The purpose of this report is to give an opinion

More information

Fundamental Performance Review Partnership Working 4

Fundamental Performance Review Partnership Working 4 Report title Agenda item Fundamental Performance Review Partnership Working 4 Meeting Performance Management & Community Safety Panel 19 May 2008 Date Report by Document Number Director of Corporate Services

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Ref. No. TP/028 Title: Business Continuity Policy Page 1 of 15 DOCUMENT PROFILE and CONTROL. Purpose of the document: Provides an overview of the London Ambulance Service NHS

More information

Risk Management Policy and Procedures

Risk Management Policy and Procedures Risk Management Policy and Procedures Contents 1. Introduction and overview 2. Completion of the Corporate Risk Register 3. Roles and responsibilities Annexes Annex A Risk probability / impact setting

More information

LONDON BOROUGH OF SOUTHWARK

LONDON BOROUGH OF SOUTHWARK APPENDIX 1 LONDON BOROUGH OF SOUTHWARK The annual report to the Audit & Governance Committee on Risk and Insurance for 2011/12, and the key corporate risks Presented to the Audit & Governance Committee

More information

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy Page: 1 Contents 1. Purpose, Aims & Objectives 2. Accountabilities, Roles & Reporting Lines 3. Skills & Expertise

More information

Risk Management Strategy and Guidelines

Risk Management Strategy and Guidelines Swale Borough Council Risk Management Strategy and Guidelines Status: Final Originating Date: January 2008 Date Ratified: February 2008 (Audit Committee) Next Review Date: January 2009 Accountable Member:

More information

CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY

CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY CORP 600 00 RISK MANAGEMENT POLICY & METHODOLOGY CORP 600 RISK MANAGEMENT POLICY Purpose In March 2003, the Australian Stock Exchange (ASX) Corporate Governance Council released the first version of its

More information

Risk Management Guide

Risk Management Guide Risk Management Guide A Higher Education Institution (HEI) can face a multitude of risks. It is inescapable and is relevant to ask what is the risk of doing X? but also to question what is the risk if

More information

Solvency II Own risk and solvency assessment (ORSA)

Solvency II Own risk and solvency assessment (ORSA) Solvency II Own risk and solvency assessment (ORSA) Guidance notes MAY 2012 Contents Introduction Page Background 3 Purpose and Scope 3 Structure of guidance document 4 Key Principles and Lloyd s Minimum

More information

Financial Health Assessment of Non-college Organisations

Financial Health Assessment of Non-college Organisations Financial Health Assessment of Non-college Organisations May 2015 Of interest to training organisations Financial Health Assessment of Non-college Organisations Purpose 1. This document sets out the Skills

More information

Bedfordshire Fire and Rescue Authority Audit and Standards Committee 26 June 2014 Item No. 8

Bedfordshire Fire and Rescue Authority Audit and Standards Committee 26 June 2014 Item No. 8 For Publication REPORT AUTHOR: Bedfordshire Fire and Rescue Authority Audit and Standards Committee 26 June 2014 Item No. 8 ASSISTANT CHIEF OFFICER (HUMAN RESOURCES AND ORGANISATIONAL DEVELOPMENT) SUBJECT:

More information

Good Practice Guide: audit strategy

Good Practice Guide: audit strategy Good Practice Guide: audit strategy July 2010 Good Practice Guide: audit strategy July 2010 Official versions of this document are printed on 100% recycled paper. When you have finished with it please

More information

Construction (Design and Management) Regulations 2007

Construction (Design and Management) Regulations 2007 MEETING Finance, Procurement and Property Committee AGENDA ITEM 14 MEETING DATE 9 th July 2007 DOCUMENT NUMBER FEP 1052 SUBJECT REPORT Construction (Design and Management) Regulations 2007 (12/06/07) by

More information

ARGYLL AND BUTE COUNCIL SUPPORT SERVICES REVIEW 15 DECEMBER 2011 SUMMARY REPORT

ARGYLL AND BUTE COUNCIL SUPPORT SERVICES REVIEW 15 DECEMBER 2011 SUMMARY REPORT ARGYLL AND BUTE COUNCIL EXECUTIVE SUPPORT SERVICES REVIEW 15 DECEMBER 2011 SUMMARY REPORT 1.0 SUMMARY 1.1 The service reviews for Customer and Support Services, Improvement and HR and Strategic Finance

More information

Corporate Risk Management Policy

Corporate Risk Management Policy Corporate Risk Management Policy Managing the Risk and Realising the Opportunity www.reading.gov.uk Risk Management is Good Management Page 1 of 19 Contents 1. Our Risk Management Vision 3 2. Introduction

More information

1.1 To provide the Committee with an update on the National Fraud Initiative (NFI) exercises for 2014.

1.1 To provide the Committee with an update on the National Fraud Initiative (NFI) exercises for 2014. Audit and Assurance Committee Date: 8 March 2016 Item: National Fraud Initiative 2014 This paper will be considered in public 1 Summary 1.1 To provide the Committee with an update on the National Fraud

More information

INTERNAL AUDIT SERVICE

INTERNAL AUDIT SERVICE Risk Management Policy INTERNAL AUDIT SERVICE Purpose of this document 1. This risk management policy forms part of the University s internal control and corporate governance arrangements. 2. The policy

More information

Review of Risk Management and Insurance. Public Accounts Committee

Review of Risk Management and Insurance. Public Accounts Committee Review of Risk Management and Insurance Public Accounts Committee April 2012 Contents Executive Summary 1 Maturity Model 6 Understanding the Causes and the Way Forward 7 Risk Management Recommendations

More information

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012 To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached

More information

City of Edinburgh Council. Local Scrutiny Plan 2015/16

City of Edinburgh Council. Local Scrutiny Plan 2015/16 City of Edinburgh Council Local Scrutiny Plan 2015/16 March 2015 City of Edinburgh Council Local Scrutiny Plan 2015/16 Introduction 1. This local scrutiny plan sets out the planned scrutiny activity in

More information

RISK MANAGEMENT STRATEGY

RISK MANAGEMENT STRATEGY RISK MANAGEMENT STRATEGY 1 Introduction The purpose of this document is to outline a which facilitates the effective recognition and management of risks facing the University. The Combined Code on Corporate

More information

Risk Management Framework

Risk Management Framework Risk Management Framework Category or Type Originally approved by, and date Administration and Management Vice Chancellor at VCAG on December 2008 Last approved revision October 2011 Sponsor Chief Operating

More information

Risk Management Policy and Process Guide

Risk Management Policy and Process Guide Risk Management Policy and Process Guide Status: pending Next review date: December 2015 Page 1 Information Reader Box Directorate Medical Nursing Patients & Information Commissioning Operations (including

More information

DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF THE IT STRATEGY AND IMPLEMENTATION CONTROL FRAMEWORK

DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF THE IT STRATEGY AND IMPLEMENTATION CONTROL FRAMEWORK Appendix 1b DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF THE IT STRATEGY AND IMPLEMENTATION CONTROL FRAMEWORK DISTRIBUTION LIST Audit Team Steve Hutton, Head of

More information

Performance Management Unit. Performance Management Framework

Performance Management Unit. Performance Management Framework Performance Management Unit Performance Management Framework Issue: 4 Author Amanda Jenkins Performance Management Officer Date of Issue 25 th May 2007 Last Revised February 2011 Version Issue 4 Contents

More information

The Authority's Procurement Strategy 2008/9-2010/11

The Authority's Procurement Strategy 2008/9-2010/11 Report title The Authority's Procurement Strategy 2008/9-200/ Agenda item 2 Meeting Finance, Procurement & Property Committee Authority Date 7 November 2008 20 November 2008 Report by Document Number Director

More information

Confident in our Future, Risk Management Policy Statement and Strategy

Confident in our Future, Risk Management Policy Statement and Strategy Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents

More information

1. Approve the Internal Audit Plan for 2015/16 (paragraphs 1 to 4 and Annex 1 to Appendix 1 refer).

1. Approve the Internal Audit Plan for 2015/16 (paragraphs 1 to 4 and Annex 1 to Appendix 1 refer). Item Number: B2 By: Corporate Governance and Risk Manager To: General Purposes Committee - 16 April 2015 Subject: INTERNAL AUDIT PLAN FOR 2015/16 Classification: Unrestricted FOR DECISION SUMMARY Under

More information

Bedfordshire Fire and Rescue Authority Corporate Services Policy and Challenge Group 9 September 2014 Item No. 6

Bedfordshire Fire and Rescue Authority Corporate Services Policy and Challenge Group 9 September 2014 Item No. 6 For Publication Bedfordshire Fire Rescue Authority Corporate Services Policy Challenge Group 9 September 2014 Item No. 6 REPORT AUTHOR: SUBJECT: ASSISTANT CHIEF OFFICER (HUMAN RESOURCES AND ORGANISATIONAL

More information

POLICY : CORPORATE RISK MANAGEMENT

POLICY : CORPORATE RISK MANAGEMENT APPENDIX 5 POLICY : CORPORATE RISK MANAGEMENT 1 Scope This is a Service wide policy. 2 Aims and Objectives Lancashire Combined Fire Authority provides services to a diverse range of people and organisations,

More information

RISK MANAGEMENT POLICY AND PROCEDURE

RISK MANAGEMENT POLICY AND PROCEDURE RISK MANAGEMENT POLICY AND PROCEDURE SCOPE CONTEXT PURPOSE RISK MANAGEMENT FRAMEWORK Governance and Reporting Risk Statement RISK MANAGEMENT PROCESS Communicate and Consult Establish the Context Risk Identification

More information

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy Not Protectively Marked Item 6 Appendix B DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Management Policy The Dorset & Wiltshire Fire and Rescue Authority () is the combined fire and rescue authority for

More information

Status of Report: Public Agenda Item: 10. The Chief Fire and Rescue Officer and the Treasurer

Status of Report: Public Agenda Item: 10. The Chief Fire and Rescue Officer and the Treasurer Status of Report: Public Agenda Item: 10 Meeting: Policy Committee Date: 14 th January 2015 Subject: Report by: Author: For: Local Government Finance Settlement The Chief Fire and Rescue Officer and the

More information

NES/11/111. Dorothy Wright Director HR & OD Christine McCole, Depute Director HR Tom Power, OD Business Partner (Leadership & Performance Management)

NES/11/111. Dorothy Wright Director HR & OD Christine McCole, Depute Director HR Tom Power, OD Business Partner (Leadership & Performance Management) NES Item 8d December 2011 NES/11/111 (Enclosure) NHS Education for Scotland Board Paper Summary 1. Title of Paper People & Organisational Development Strategy 2. Author(s) of Paper Dorothy Wright Director

More information

RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES

RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES RISK MANAGEMENT GUIDANCE FOR GOVERNMENT DEPARTMENTS AND OFFICES GOVERNMENT ACCOUNTING SECTION DEPARTMENT OF FINANCE MARCH 2004 Risk Management Guidance CONTENTS Pages List of guidelines on risk management

More information

Richmond-upon-Thames Performance Management Framework

Richmond-upon-Thames Performance Management Framework Richmond-upon-Thames Performance Management Framework Introduction Everyone at the Council has a role in Performance Management. It is therefore important that we all understand what is involved. This

More information

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY VERSION 1.0 ISSUED JULY 2015 CONTENTS Page CONTENTS VERSION CONTROL FOREWORD i ii iii POLICY 1 Scope 1 Aim and Objectives 1 Methods and Standards 1

More information

Internal Audit Publication Date: September Legislation Guidance Internal audit function... 3

Internal Audit Publication Date: September Legislation Guidance Internal audit function... 3 INTERNAL AUDIT Contents 1. Legislation... 2 2. Guidance... 3 2.1 Internal audit function... 3 2.2 Outsourcing and sharing arrangements... 5 2.3 Relationship with the auditor... 5 2.4 Internal audit charter...

More information

Risk Management. Policy

Risk Management. Policy Policy Risk Management Endorsed: 26 February 2014 Brief description The GPC Risk Management Policy and its supporting standards and procedures provide a framework to ensure that risks arising from our

More information

Version: 3.0. Effective From: 19/06/2014

Version: 3.0. Effective From: 19/06/2014 Policy No: RM66 Version: 3.0 Name of Policy: Business Continuity Planning Policy Effective From: 19/06/2014 Date Ratified 05/06/2014 Ratified Business Service Development Committee Review Date 01/06/2016

More information

Risk & Opportunity Management Framework

Risk & Opportunity Management Framework Risk & Opportunity Management Framework January 2010 Version 1.0 Table of Contents 1 Preface... 14 1.1 Risk and Opportunity Management What is it?... 14 1.2 Purpose... 15 2 Risk Management Process... 15

More information

Managing Risk Control Environment and Responsibilities

Managing Risk Control Environment and Responsibilities Managing Risk Page 1 of 8 Contents Introduction...3 Risk...3 Risk management - using the framework...3 Source of risk...3 Likelihood and impact...3 Inherent risk...4 Risk-reducing measures...4 Effectiveness...5

More information

Procedure for Internal Audit. Procedure No. 305

Procedure for Internal Audit. Procedure No. 305 Procedure for Internal Audit Procedure No. 305 Print Name Title Date Prepared by Louise Quality Assurance 09/04/09 Naughton Consultant Reviewed by Niamh Mooney Assistant fire and Safety Officer 09/04/09

More information

Risk Management Strategy 2014-2017

Risk Management Strategy 2014-2017 Management Strategy 2014-2017 1. Policy Statement 2. Statement of Commitment 3. Our Approach 4. Management Principles 5. Appetite Statement 6. Maturity 7. Management Levels 8. Escalation 9. Management

More information

INVESTING IN REFORM INVESTING IN STOCKPORT DRAFT BUSINESS CASE

INVESTING IN REFORM INVESTING IN STOCKPORT DRAFT BUSINESS CASE INVESTING IN STOCKPORT DRAFT BUSINESS CASE INVESTING IN REFORM IIS Programme/Project Name: Project Name: Portfolio: IIS Outcome: IIS Board SRO: IIS Project Lead: Public Realm and Solutions SK Communities

More information

Appendix A Scoring for all Corporate and Project Risks Matrix

Appendix A Scoring for all Corporate and Project Risks Matrix Appendix A Scoring for all and Project s Matrix / Moderate (1) Significant (2) Serious (3) Critical (4) Certain/High (4) Tolerable (4) Moderate (8) Substantial (12) Intolerable (16) Very Likely (3) Tolerable

More information

Isle of Wight Council Risk Management Practical Guide. DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage

Isle of Wight Council Risk Management Practical Guide. DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage Isle of Wight Council Risk Management Practical Guide DIRECTORATE OF RESOURCES Strategic Director: Dave Burbage Contents: 1 Introduction 3 2 What is Risk Management? 3 3 Approach to Improving Managing

More information

Patient and Public Involvement (PPI) Strategy

Patient and Public Involvement (PPI) Strategy Patient and Public Involvement (PPI) Strategy 2014-2017 1 Contents Executive Summary 3 1. Introduction 4 2. Why a Patient Experience and Involvement Strategy 4 3. Engagement and Experience The National

More information

Internal Audit Service LOCH LOMOND & THE TROSSACHS NATIONAL PARK AUTHORITY INTERNAL AUDIT PLAN

Internal Audit Service LOCH LOMOND & THE TROSSACHS NATIONAL PARK AUTHORITY INTERNAL AUDIT PLAN Internal Audit Service LOCH LOMOND & THE TROSSACHS NATIONAL PARK AUTHORITY INTERNAL AUDIT PLAN 2016-19 INDEX OF CONTENTS Page 1 Introduction 2 2 The Audit Planning Process 3 3 Monitoring the Plan 4 4 Annual

More information

Shared service centres

Shared service centres Report by the Comptroller and Auditor General Cabinet Office Shared service centres HC 16 SESSION 2016-17 20 MAY 2016 4 Key facts Shared service centres Key facts 90m estimated savings made to date by

More information

Project, Programme and Portfolio Management Delivery Plan 6

Project, Programme and Portfolio Management Delivery Plan 6 Report title Agenda item Project, Programme and Portfolio Management Delivery Plan 6 Meeting Performance Management and Community Safety Panel 27 April 2009 Date Report by Document number Head of Strategy

More information

A review of service reform in Scottish fire and rescue authorities

A review of service reform in Scottish fire and rescue authorities A review of service reform in Scottish fire and rescue authorities Key messages/prepared for the Accounts Commission March 2007 1 Key messages Introduction 1. A National Joint Council (NJC) agreement in

More information

Succession Planning Policy and Procedure

Succession Planning Policy and Procedure Succession Planning Policy and Procedure Reference No. P08:2012 Implementation date 07022013 Version Number V1.0 Reference No: Name. Linked documents P14:2002 Police Staff Recruitment and Selection Policy

More information

INTERNAL AUDIT PROGRESS REPORT

INTERNAL AUDIT PROGRESS REPORT APPENDIX 1 INTERNAL AUDIT PROGRESS REPORT SEPTEMBER NOVEMBER 2014 Angela Struthers Audit Manager November 2014 TABLE OF CONTENTS TABLE OF CONTENTS... 1 REPORT ON AUDIT WORK CARRIED OUT DURING... 2 SEPTEMBER

More information

IFoA Risk Management Framework 29 February 2016

IFoA Risk Management Framework 29 February 2016 IFoA Risk Management Framework 29 February 2016 1.0 Introduction The IFoA has developed a new Risk Management Framework which was implemented in early 2015-16 and which brings together the management of

More information

Risk Management Policy

Risk Management Policy Principles Through a process of Risk Management, the University seeks to reduce the frequency and impact of Adverse Events that may affect the achievement of its objectives. In particular, Risk Management

More information

Smart Meters Programme Schedule 2.4. (Continuous Improvement) (CSP North version)

Smart Meters Programme Schedule 2.4. (Continuous Improvement) (CSP North version) Smart Meters Programme Schedule 2.4 (Continuous Improvement) (CSP North version) Schedule 2.4 (Continuous Improvement) (CSP North version) Amendment History Version Date Status v.1 Signature Date Execution

More information

Risk Methodology. Contents. Introduction... 2. The Risk Management Structure... 2. The Risk Management Cycle... 2. Methodology...

Risk Methodology. Contents. Introduction... 2. The Risk Management Structure... 2. The Risk Management Cycle... 2. Methodology... Risk Methodology Contents Introduction... 2 The Risk Management Structure... 2 The Risk Management Cycle... 2 Methodology... 3 Appendix 1...5 Definition of Controls... 5 Appendix 2...6 Definition of Impact...

More information

SLOUGH BOROUGH COUNCIL. CONTACT OFFICER: Roger Parkin, Director Customer & Transactional Services (For all enquiries) (01753)

SLOUGH BOROUGH COUNCIL. CONTACT OFFICER: Roger Parkin, Director Customer & Transactional Services (For all enquiries) (01753) SLOUGH BOROUGH COUNCIL REPORT TO: Audit Committee DATE: 10 th November 2011 CONTACT OFFICER: Roger Parkin, Director Customer & Transactional Services (For all enquiries) (01753) 875207 WARD(S): PORTFOLIO:

More information

Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013

Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013 1 Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013 1. Introduction 1.1 The Service s key responsibilities are: o The achievement of proper and effective

More information

RISK MANAGEMENT STRATEGY

RISK MANAGEMENT STRATEGY RISK MANAGEMENT STRATEGY 2014-15 April 2014 Page 1 of 17 CONTENTS 1. Introduction 2. What is risk management? 3. Risk Management Policy Statement 4. Risk Management process 5. Roles and responsibilities

More information

Guidance notes: Financial Planning & Managing Risk

Guidance notes: Financial Planning & Managing Risk Guidance notes: Financial Planning & Managing Risk This guidance note is particularly for governors on the audit or finance committee, but will be of interest to all governors. What is the governing body

More information

Risk Management & Business Continuity Manual 2011-2014

Risk Management & Business Continuity Manual 2011-2014 ANNEX C Risk Management & Business Continuity Manual 2011-2014 Produced by the Risk Produced and by the Business Risk and Business Continuity Continuity Team Team February 2011 April 2011 Draft V.10 Page

More information

CHESHIRE FIRE AUTHORITY SUBJECT : 2014-15 DRAFT BUDGET, COUNCIL TAX AND MEDIUM TERM FINANCIAL PLAN

CHESHIRE FIRE AUTHORITY SUBJECT : 2014-15 DRAFT BUDGET, COUNCIL TAX AND MEDIUM TERM FINANCIAL PLAN CHESHIRE FIRE AUTHORITY Item 2 ITEM: 2 MEETING OF : FIRE AUTHORITY DATE : 12 FEBRUARY 2014 REPORT OF : CHIEF FIRE OFFICER AUTHOR : HEAD OF FINANCE SUBJECT : 2014-15 DRAFT BUDGET, COUNCIL TAX AND MEDIUM

More information

Head of Internal Audit:

Head of Internal Audit: Head of Internal : Opinion on the effectiveness of the system of Internal Control at Northern Devon Healthcare NHS Trust for the year ended 31 March 2010 Roles and responsibilities The whole Board of Directors

More information

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer RISK MANAGEMENT FRAMEWORK 1 SUMMARY The Risk Management Framework consists of the following: Risk Management policy Risk Management strategy Risk Management accountability Risk Management framework structure.

More information

Internal Audit Report Business Continuity Planning Arrangements

Internal Audit Report Business Continuity Planning Arrangements The Highland Council Community Services Committee 6 November 2014 Agenda Item Report No 19 COM 45/14 Internal Audit Report Planning Arrangements Report by Director of Community Services Summary This report

More information