Risk Management Policy



Similar documents
Integrated Risk Management Policy

CONTROLLED DOCUMENT. Number: Version Number: 4. On: 25 July 2013 Review Date: June 2016 Distribution: Essential Reading for: Information for:

RISK MANAGEMENT POLICY

AFTRS Health and Safety Risk Management Policy

Risk Management Plan

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Risk Management Policy Adopted by:

Confident in our Future, Risk Management Policy Statement and Strategy

Risk Management Policy

SAFETY and HEALTH MANAGEMENT STANDARDS

RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT STRATEGY

HEALTH SAFETY & ENVIRONMENT MANAGEMENT SYSTEM

CONSTRUCTION HEALTH AND SAFETY, AND INJURY PREVENTION Research and develop accident and incident investigation procedures on construction sites

ENTERPRISE RISK M A NAGEMENT POLICY

The Risk Management strategy sets out the framework that the Council has established.

Risk Management Strategy

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

Avondale College Limited Enterprise Risk Management Framework

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

Council Meeting Agenda 27/07/15

The Lowitja Institute Risk Management Plan

Policy. VBA Enterprise Risk Management. Governance Unit

BUSINESS CONTINUITY MANAGEMENT POLICY

Risk Management Strategy

The New Zealand Human Services Quality Framework - ISO9002:2008 to 2012

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

Risk Management Policy

Enterprise Risk Management Framework Strengthening our commitment to risk management

Corporate Health and Safety Policy

POLICY. Number: Title: Enterprise Risk Management. Authorization

Health, Safety and Environment Management System

Shepway District Council Risk Management Policy

Bedford Group of Drainage Boards

3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.

Commonwealth Risk Management Policy

Strategic Alliance. Business Continuity Policy

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Compliance Management Framework. Managing Compliance at the University

Understanding Principles and Concepts of Quality, Safety and Environmental Management System Graham Caddies

RISK ASSESSMENT POLICY

INCIDENT POLICY Page 1 of 13 November 2015

TRANSPORT FOR LONDON SAFETY, HEALTH AND ENVIRONMENT ASSURANCE COMMITTEE

Policy Number: 054 Work Health and Safety July 2015

Information Security Incident Management Policy September 2013

Corporate Risk Management Policy

Risk Management Policy

Business Continuity Policy. Version 1.0

Hazard Identification, Risk Assessment and Control Management

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

Policy Document Control Page

How To Manage Risk In Ancient Health Trust

Clinical Incident Management Policy

Business Continuity Management Policy

Cope Foundation - Policy & Review

ENTERPRISE RISK MANAGEMENT POLICY

Xavier Catholic College Risk Management - Policy & Procedure

DEMOLITION Develop hazard management plans for the demolition of complex structures

AS/NZS 4801:2001. Safety Management Systems (SMS) Self-Assessment Checklist. Revision 1 (January 2014)

DERBYSHIRE COUNTY COUNCIL BUSINESS CONTINUITY POLICY

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Queensland Government Human Services Quality Framework. Quality Pathway Kit for Service Providers

Title: Rio Tinto management system

Corporate Health and Safety Policy

Emergency Management and Business Continuity Policy

Northern Ireland Blood Transfusion Service

APPENDIX 50. Enterprise risk management - Risk management overview

Risk Management in the HSE; An Information Handbook

National Occupational Standards for Health & Safety Stand Alone Units. Unit HSS8: Review health & safety procedures in workplaces

Juvenile Justice Centres Continuous Improvement Quality Assurance Framework Policy

SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RECORDS MANAGEMENT STRATEGY. Report to the Trust Board 22 September Information Governance Manager

National Standards for Safer Better Healthcare

RISK MANAGEMENT STRATEGY

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

ASBESTOS POLICY MANAGEMENT PLAN

State Records Guideline No 25. Managing Information Risk

Risk Management Framework

Risk Management Policy and Framework

Risk Management Policy and Process Guide

Risk Management Framework

Service and Improvement Plan

MARCH Strategic Risk Policy Update March 2012 v1.10.doc

University of New England Compliance Management Framework and Procedures

Version: 3.0. Effective From: 19/06/2014

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

Business Continuity Management

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

Risk Management. Policy

Health, Security, Safety and Environment (HSE)

How To Manage Risk

Transcription:

Risk Management Policy DOCUMENT CONTROL Developed by: Date: Origination: Quality, Systems & Shared s March 2014 Authorised by: Colette Kelleher April 2014 DOCUMENT REVIEW HISTORY Original Circulation date: Date Reviewed by Document Amended Y/N Due Date for Review: Version No. Next Review Date 1

Table of Contents Section 1. Purpose... 3 Page 2. Scope... 3 3. s of Risk...3 4. Risk management policy... 4 5. Promoting a Risk Management Culture in COPE Foundation... 5 6. Risk Management - Organisation Structure in COPE Foundation... 6 7. Board monitoring and management of the risk environment... 7 Appendix 1 Definitions.. 8

1. Purpose The purpose of this policy is to set out COPE Foundation s policy on the management of risk within the organisation. The key messages are: 1. Management of risk is the concern of everyone, 2. Management of risk is part of normal day to day business, and 3. The process for managing risk is logical and systematic and should be implemented on a routine basis and integrated with service delivery. COPE Foundation will ensure that risk management: - is an integral and ongoing part of its management process - is as simple and straightforward as possible - that structures and responsibilities are clearly defined. In addition COPE Foundation will: - determine an appropriate method for addressing identified risks - repeat the process of risk identification on an appropriate periodic basis. - assess identified risks on an appropriate periodic basis - provide for monitoring and reporting at various levels of management. 2. Scope This policy applies to all COPE Foundation employees in any setting where supports and/or services are provided. 3. s of Risk In order to manage risk on an integrated basis i.e. inclusive of all risk whether to do with the management or service delivery processes, the following have been identified as risk areas to be addressed. Risk of Injury to User/Staff/Public User Experience Risks Compliance with Standards (Statutory, Clinical, Professional and Management) Risks 3

Objective and Project risks Business Continuity Risks Adverse Publicity/Reputational Risks Financial Loss Risks Environmental Risks 4. Risk management policy COPE Foundation is committed to implement an organisational philosophy that ensures risk management is an integral part of corporate objectives, plans and management systems. Compliance with legislative requirements underpin the risk management policy. The core function of risk management is to assist COPE Foundation to meet its objectives. With the introduction of more individualised approaches to service provision by COPE Foundation the expectation is that there will be a more positive approach taken by staff around risk and the opportunities that positive risk taking can bring to people s lives. The use of risk management methods to provide a consistent approach to these issues, such as those described in the AS/NZS 4360: 2004, and subsequently in ISO 31000, adopted for use in the HSE and COPE Foundation are now widely accepted as mandatory. This approach moves away from the mainly one-dimensional view of risk as pertaining largely to threats and instead views risk as dynamic and multidimensional and emphasises the potential gains/opportunities as well as the hazards of risk taking. The following factors are considered essential for the successful implementation of a risk management strategy: 1. Board and management understanding and commitment to risk management. 2. Alignment to the organisation s objectives. 3. Embedded into day to day processes. 4. Management of risk is an integrated way incorporating clinical, non-clinical, and financial risks. 4

5. Employees and management partnership in risk management processes with clear communication channels. 6. Preventive maintenance risk management processes are applied to strategic and operational risks and the management of facilities, estates, amenities and equipment. 7. Structured mechanisms in place to monitor and review the effectiveness of risk management strategies, plans and processes. 8. All incidents are immediately reported, categorised by their consequences and investigated to determine system failures, using an organisational learning approach. 9. Systems of work are designed to reduce the likelihood of harm occurring. 10. Safe systems of work are in place to ensure the safety of clients, staff, and the public. 5. Promoting a Risk Management Culture COPE Foundation is committed to the protection and wellbeing of the people that it supports, their families, and COPE Foundation staff as well as demonstrating openness and transparency in all matters relating to management and legislative compliance. To this end COPE Foundation is committed to promoting a culture of Risk Management based on a practical application of best practice. COPE Foundation is committed to having in place the necessary structures, processes, training, information systems and communication mechanisms to ensure that this is achieved, along with, where necessary, financial and other resources. COPE Foundation seeks the commitment of all staff in supporting this initiative. To this end the COPE Foundation promotes an environment within which individuals/ groups are encouraged to identify hazards and risks, and report adverse events promptly within the framework of a positive and supportive culture which seeks to apportion blame fairly. 5

6. Risk Management Organisation Structure in COPE Foundation. The following organogram sets out where the Risk Management Function of the COPE Foundation sits in the context of the overall COPE FOUNDATION organisation: COPE Foundation Board of Directors Audit & Risk Management Committee Clinical Governance Committee Remuneration Committee Other Committees Chief Executive Leadership Team Finance Human Resources Development & Innovation Fundraising Communication Learning & Living Homes & Community1 Homes & Community 2 Children & Families Quality, Systems & Shared s 6

7. Board of Directors monitoring and management of the risk environment The Board of Directors of COPE Foundation expects that a risk register be maintained which will allow for the capture of risk information from the bottom up within COPE Foundation. The risk register will be the primary tool for risk tracking, containing the overall system of risks and the status of any risk mitigation actions. The Board will also expect that an operational risk management approach will adhere to that described in the AS/NZS 4360:2004, and subsequently ISO 31000, which has been adopted for use in COPE Foundation. Guidance on COPE Foundation s Risk Assessment process is detailed in COPE Foundation s Risk Assessment Tool and Guidance Document. The use of a consistent approach to risk management such as is described in these documents is essential to successfully embed risk management at all levels and areas within COPE Foundation. The Board of Directors will monitor and review COPE Foundation s corporate risk register, which will be prepared by the Executive, on a quarterly basis. The Audit and Risk Committee will accept or reject additional risks on to the corporate risk register on behalf of the Board of Directors. 8. Risk Management process The Risk Management Process outlines a standardised approach to the identification, analysis, evaluation, treatment, communication and monitoring of risk. All services will use this standardised approach and record the outcome in a series of Risk Registers. These Risk Registers will be collated at key organisational levels allowing for risks to be managed at the most appropriate level in the organisation i.e. risks that fall outside the control of a line manager may be escalated to the appropriate level of management. It is essential that action plans for the risks contained in the Risk Register are identified and an action person assigned. These Risk registers must be under active consideration and be the subject of regular review. 7

Appendix 1 Definitions (ISO 31000:2009) Risk: can be defined as the chance of something happening that will have an impact on the achievement of organisational stated objectives (HSE 2008) or the effect of uncertainty on objectives (ISO 31000:2009). Note 1: An effect is a deviation from the expected positive or negative Note 2: Objectives can have different aspects (such as financial, health and safety, and environmental goals) and can apply at different levels (such as strategic, organisation-wide, project, product and process). Note 3: Risks may be categorised as: Strategic risks: These concern the long term strategic objectives of COPE Foundation. These may be external or internal to the organisation. Operational risks: These relate to the procedures, technologies and other factors relating to the short to medium term objectives of COPE Foundation. Risk management can be defined as coordinated activities to direct and control an organisation with regard to risk. Integrated Risk management: A continuous, proactive and systematic process to understand, manage and communicate risk from an organisation-wide perspective. It is about contributing to strategic decision making in the achievement of an organisation's overall corporate objectives. Risk management Process: The systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context, and identifying, analysing, evaluating, treating, monitoring and reviewing risk. Risk Assessment: The overall process of risk identification, risk analysis and risk evaluation. 8

Risk Register: A risk register is a database of risks that face an organisation at any one time. Always changing to reflect the dynamic nature of risks and the organisation s management of them, its purpose is to help managers prioritise available resources to minimise risk and target improvements to best effect. Hazard: Any process, substance or operation that has the potential to cause harm Monitor: Continual checking, supervising, critically observing or determining the status in order to identify change from the performance level required or expected. Safety: The state of being safe, the condition of being protected against physical, social, spiritual, financial, political, emotional, occupational, psychological or other types or consequences of failure, damage, error, accidents, harm or any other event which could be considered not desirable. Quality: Doing the right thing consistently to ensure the best outcomes for clients, satisfaction for all customers, retention of staff and a good financial performance. 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information