Risk Management Strategy
Revised 2008
1.0 Risk Management Strategy
Risk management is the culture, processes and
structures that are directed towards effective management of
potential opportunities and threats to achieving our objectives.
The purpose of this strategy is to explain how the Council will
implement sound management of risks and opportunities. Risk
Management is not just the responsibility of a few individuals –
all employees, councilors and the wider community have
responsibility for risk management. It makes sound business
sense; effective risk management is good management.
We believe that risk needs to be managed
rather than avoided. Consideration of risk should not stifle
innovation. The Council recognises that it has to deliver services
in an increasingly litigious and risk averse society. However, risk
management is a tool for exploiting opportunities as well as a
safeguard against potential threats. The Council will therefore use
risk management to promote innovation in support of the Corporate
Strategy.
A systematic approach to identifying and
analysing risks will be an integral part of all management
processes and day to day working, rather than a separate initiative
and will be maintained using the simplest possible means.
The objectives of this strategy are to support
the Havant Borough Sustainable Community and Corporate Strategies
and:-
- further embed risk management as an integral
part of service, strategic and project planning and decision-making
through
Corporate
risk management
Project based risk management
Partnerships
risk management
Service
based risk management;
- maintain an effective and explicit system of
key risks identification, analysis and control;
- facilitate innovation and manage projects
well;
- achieve better management of operational
risk, through management and supervision, inspection and greater
ownership of risk management by all employees;
- ensure robust Business Continuity
arrangements.
Achieving these aims will:-
- enable better Member and Officer decision
making;
- contribute to sustainable improvements in
services to customers and the achievement of best value;
- result in better management of change;
- result in more effective Partnership
arrangements;
- reduce the number and cost of claims and
adverse incidents and improve our ability to defend them; thus
controlling insurance costs and reducing the potential for adverse
publicity;
- reduce complaints;
- protect the Council’s reputation.
2.0 Organisation
Members have strategic responsibility for risk
management as part of their responsibility for governing the
delivery of local services. The Staffing Matters Committee
will be the lead Member body monitoring risk management. To
assist with the task of effective Risk Management:-
a)
Members and Executive Management Team decision making, and all
other decision making, must include the consideration of
risk. Risk will be specifically identified in Executive
reports.
b) The Risk
Management Strategy Group will advise and support in the context of
risks likely to have a significant impact on the achievement of the
Council’s objectives. The Group currently comprises the Head of
Resources, Head of Environmental Services, Internal Audit Manager
(Havant/Winchester), Environmental Health Manager, Emergency
Safety Officer, Insurance and Treasury Officer, Technical Support
Team Leader and any external insurance or risk advisers.
c) Directors and
Heads of Service will champion the risk management process and will
each be given roles as champions of risk management to cover all
the key risks in the corporate risk register.
d) All staff will
be trained, through induction training and ongoing training
programmes agreed at appraisals, to have regard to risk management
in their day to day activities and to understand the part they play
in the Council’s overall risk management.
e) All teams
(including internal audit, accountancy, contract supervisors and
project teams) will have particular regard to risk management
techniques in their work, documenting the risk assessments and
inspections carried out.
f) The
Council’s Health and Safety Adviser will offer advice and
assistance to employees on health and safety matters – recognising
that there must be ownership of responsibility for health and
safety throughout the organisation.
g) Internal Audit
will provide an independent appraisal of the adequacy, application
and effectiveness of the arrangements put into place by
management. The Internal Audit Plan is linked to the Risk
Register.
h) Established
Civil Emergency arrangements will continue.
i) The Head
of Resources/Chief Financial Officer is responsible for arranging
appropriate insurance cover.
The Risk Management Strategy Group
will:-
- Update on an ongoing basis the list of
corporate key risks and score risks on a consistent basis.
- Review on an ongoing basis the controls in
place for key risks and make recommendations as appropriate.
- Assist Staffing Matters Committee in their
review of risk management
- Report any matters of particular concern to
Executive Management Team
- Help build a culture where everyone realises
that proper risk management is not “someone else’s problem”; it is
something everyone must do every day.
- Monitor insurance claims and accidents and
advise as to actions required to reduce the costs associated with
claims against the Council.
- Consider the implications of adverse events
as they occur and assist in planning a response should controls
fail. Assist in improving future procedures. The Group will
normally have access to some internal audit days in the Internal
Audit Plan for areas of emerging risk.
- Where appropriate assist directors and heads
of service to arrange training to give employees the skills
necessary to identify, evaluate and control the risks associated
with the services they provide. Seminars and reviews of risks will
be also be arranged for Members.
- Monitor Business Continuity
arrangements.
Directors, Heads of Service and their staff
will:-
- Comply with Financial Regulations and
Contract Standing Orders.
- Ensure that risk management becomes embedded
in the culture of the Council particularly in relation to
management and supervision, inspections and when new policies and
service delivery methods are considered.
- Ensure that Service Plans include evaluation
of risk.
- Consider and act promptly in relation to risk
management issues raised by the Risk Management Strategy Group and
refer risk management issues for discussion by the Risk Management
Strategy Group where appropriate.
- Review processes and controls continuously
and ensure employees have a clear understanding of the consequences
of lack of control.
- Keep Business Continuity Plans up to
date.
- Carry out risk assessments and eliminate
health and safety risks where practicable.
3.0 Methodology for strategic top down
Risk Assessment
Categories of risk (subject to regular review)
will be:-
- People
- Money
- Strategic
- Environmental
- Information and Data
- Physical Assets incl. Property
The 28 Key Risks for Havant Borough Council
currently identified (as set out in the Appendix) will be
continually reviewed by the Risk Management Strategy Group.
Controls will be reviewed against each risk and the controls will
be classified as:-
- Green – in place and working.
- Amber – Don’t know or not convinced.
- Red – Not significantly in place.
The Key Risks will be classified by scoring
both impact and likelihood between 0 – 5 (Over 2.5 being high,
Under 2.5 Low) and then the Risks will be categorised as:-
- A
High Impact, High
Likelihood
- B
High Impact, Low
Likelihood
- C
Low Impact, High Likelihood
- D
Low Impact, Low Likelihood
Key Risks are likely to fall in categories A
and B.
4.0 Key Elements of
Risk Management work
Corporate Risk Management
Evaluation of those risks that have major
consequences for the Council in achieving its overall goals.
Executive Management Team, The Executive and the Risk Management
Strategy Group have key roles in evaluating the Council’s key risks
supported by the Executive Management Team roles as risk champions
and monitoring by Staffing Matters Committee.
Project based Risk
Management
Evaluation of those risks that impact on the
delivery of projects and major programmes of change
management. The Council uses its own toolkit for projects
based on best practice and this includes the evaluation of risk
throughout the project.
Partnerships Risk
Management
There are many potential benefits and rewards
from partnership working but there are also risks involved. Some of
these risks can be managed by the Council through formal contracts
and partnership agreements that allocate risks to appropriate
parties. Failure by either of the parties can have serious
consequences.
All significant partnerships that are
established need to identify the risks (events or actions) that
could prevent the partnership from achieving its objectives. A risk
assessment will be undertaken for each partnership that:-
- Highlights the risks that the partnership
faces
- Identifies the barriers to the partnership’s
success
- Creates a common understanding among the
partners of the issues the partnership faces
- Pioritises the risks and ensures that these
are regularly reviewed and monitored
- Allocates responsibility for managing the
risks to the party best placed to do that
- Provides the necessary assurance to each
organisation that the partnership is being adequately managed.
The systems for establishing and regularly
reviewing the risks associated with existing and new key
partnerships will be improved during the strategy period. For new
partnerships the monitoring process should be agreed when the
partnership is set up. Reports to the partnership and the
individual organisations will be determined by the significance of
the risks involved.
Service based Risk
Management
Evaluation of those risks which impact on
delivery of services including welfare issues, health and safety,
asset management issues, budgetary issues etc. Each service
is required to include risk evaluation in its service plans.
Particular emphasis is given to managing health and safety risks in
accordance with best practice.
5.0 Linked
Strategies
Havant Borough Sustainable
Sets priorities to improve the quality of life in Havant
Community
Strategy
Borough 2008 - 2012
Corporate
Strategy
Sets the priorities for the Council 2008 – 2012
Medium Term Financial
Strategy Sets the
financial strategy to secure a forward looking approach and long
term sustainability
in service provision – led by the Council’s priorities set out in
the Corporate Strategy.
Code of Corporate
Governance Sets out
the system by which the Council directs and controls its functions
and relates to the local community.
6.0 Review of
Strategy
This Strategy will be reviewed annually by the
Risk Management Strategy Group. Any significant amendments to
the strategy will be referred to the Staffing Matters
Committee.
APPENDIX
KEY RISKS
ASSESSMENT 2008
HIGH IMPACT/HIGH
LIKELIHOOD (A)
People
Lack of employee motivation/efficiency
Money
Income not collected, income sources not fully explored
Strategic
Wrong strategic priorities or major change in strategic
direction
Incorrect pace of modernisation/innovation.
Failures in partnership
working.
Information and
Data IT
security risks/system failures.
Information overload or processes too bureaucratic.
Environmental
Major incidents – weather, civil unrest etc.
Physical
Assets/Property Loss of assets/unable to access
buildings and vehicles or assets not well managed.
HIGH IMPACT/LOW
LIKELIHOOD (B)
People
Litigation.
Over reliance/too demanding of certain officers.
Unable to recruit and retain staff or to ensure the right staff are
taken on.
Health and Safety.
One person able to make decisions without sharing/recording getting
approval for actions.
Councillors and officers not supporting each other.
Money
Contractor/supplier failure with significant effect.
Major budget variation.
Treasury risk.
General local, sub-regional and regional economic conditions.
Fraud and corruption.
Financial practices failure.
Losses from claims or loss/damage to property
.
Strategic
Not achieving statutory duties/obligations.
Public and media relations – effect on strategy.
Community planning oversights/errors due to not properly
researching/consulting.
Decisions taken out of HBC hands that affect our strategic
objectives.
Failure of major projects, new initiatives.
Failure of services to deliver.
Information and
Data Data
Quality
A copy of the above strategy is available
below. It requires Acrobat Reader or equivalent to read the
PDF file:-
Risk
Management Strategy 2008 in PDF format (96KB)
Return to Policies and
Strategies page