What is Risk Management?
Risk Management is about managing opportunities and threats to objectives and in doing so helps create an environment of “no surprises”.
Risk is an unexpected event or action that can adversely affect the Council’s ability to achieve its objectives and successfully execute its strategies.
The Council has moved towards an Enterprise Risk Management – ERM – model for managing its risks. ERM ensures that risk is aligned to the Council's strategic priorities and corporate plan, and will ensure that risk is considered when policy and strategy is formulated. Decision making will also be improved via the analysis of potential risks prior to a decision being taken. ERM will continue to support financial planning, programme management, partnership working and business continuity. ERM has also led to the production of a more robust Corporate Risk Register that is underpinned by a series of service and team risk registers.
Risk Management is a key component of Corporate Governance ensuring that we make effective use of our resources. To work properly, the management of risks needs to be undertaken at all levels in the organisation under the co-ordination of each Strategic Director. It should be viewed as a mainstream activity and something that is an integral part of the management of the organisation, an every day activity. Our aim is to embed Risk Management as an integral part of service and strategic decision making.
The Director of Business Assurance and Democratic Services has overall responsibility and accountability for Risk Management facilitation across the Council. However our Legacy Operations Board also has a vital role in communicating Risk Management to all staff and stakeholders - including the Executive and our partner organisations - and for assessing and monitoring strategic risks. Specific roles and responsibilities in relation to Risk Management are detailed in the ERM Policy. However, all staff and members have a role in the management of our risks and associated opportunities.
Risk Management Strategy and Policy
The Risk Management Strategy sets out how the Council identifies and controls risks in achieving its objectives. It sets out the strategic approach to Risk Management, how the strategy will be implemented and the benefits of good Risk Management.
The Risk Management Policy sets out how the Council will implement an effective system of ERM along with the respective roles and responsibilities of members and staff in relation to risk management.
The Strategy and Policy were last approved by the Audit Committee on 22 September 2010.
Corporate Risk Register (CRR)
The Council’s CRR demonstrates that the Council is pro-actively identifying and managing its significant business risks. Significant business risks are essentially those risks that could prevent the Council from achieving its objectives as detailed in its Vision, Priorities and Corporate Plan. It should be noted that the CRR highlights future possible events that could occur and not events that have occurred.
The latest CRR, approved by the Council’s Legacy Operations Board and Audit Committee, is attached below.
Risk Management Group
A Risk Management group was established in April 2010 to help coordinate the Risk Management arrangements of the council and to discuss common and emerging risks. The group meets quarterly and is made up of Risk Management champions from across service areas in the council. The group operates under the supervision of the Director of Business Assurance and Democratic Services with support from the Council’s Business Assurance team.
The Terms of Reference for the group are attached below along with a list of Risk Management group members. Please contact the Risk Management champion from within your service area or the Business Assurance team if you have any questions or require further information on Risk Management.
