Your SlideShare is downloading. ×
Mission and Objectives
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Mission and Objectives

280
views

Published on

Published in: Business, Economy & Finance

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
280
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SMDC Risk Management Policy and Statement 2005-06 DRAFT Contents Appendix A Page Risk Management Policy Statement 1 Strategy 1. Introduction 2 2. Identification 3 3. Quantification 4 4. Avoidance 5 5. Financing 6 6. Communication and Reporting 7 7. Responsibilities for Risk Management 8 8. Risk Management Proposals 10 9. Funding of Risk Management 10 10. Benefits of Risk Management 11 11. Action Planning 11 Appendices A Organisation of the Risk Management Process 12 B Risk Thresholds 13 Risk Profile 14 Updated October 2005
  • 2. SMDC Risk Management Policy and Statement 2005-06 DRAFT STAFFORDSHIRE MOORLANDS DISTRICT COUNCIL RISK MANAGEMENT POLICY STATEMENT Staffordshire Moorlands District Council recognises that good risk management practices are an integral part of management responsibilities, if the highest quality services are to be delivered to the community in the most cost effective way. Good risk management practices will identify and quantify risks arising from Council activities, leading to steps being taken to avoid or reduce such risks. This will help to ensure continuity of services, and reduce costs, which can be re-directed into front line services. Risk management is a fundamental part of good business practice and is essential to Best Value and promoting the reputation of the area. Risk management is inherently part of corporate governance thus ensuring the Council has good internal controls so it can achieve its operational and strategic objectives. By being innovative and improving services it is accepted that risks have to be taken and these have to be appropriately dealt with. The Council is committed to manage all of its activities in a way, which minimises risks to people, property, services and its finances. To achieve this, a Risk Management Strategy will be formulated by which all departments will seek to identify, quantify, control and continually re-evaluate the risks from their activities. It is recognised that risk management should embrace all aspects of the Council’s activities, including: • Decision making; • Health and safety of employees and the general public; • The maintenance of physical assets; and • The protection of the Council’s financial position and reputation. This policy is fully supported by Members, the Chief Executive and the Strategic Management Group. Updated October 2005 2
  • 3. SMDC Risk Management Policy and Statement 2005-06 DRAFT STAFFORDSHIRE MOORLANDS DISTRICT COUNCIL RISK MANAGEMENT STRATEGY 1. Introduction 1.1 The purpose of Risk Management (RM) is to mitigate loss. Losses are often measured in money terms but they also include costs of disruption, inconvenience, lowering of morale, adverse publicity, public dissatisfaction etc. 1.2 The 2005 Comprehensive Performance Assessment, the Civil Contingencies Act and the Corporate Governance Agenda, all place great important on the role of risk management within an organisation. This strategy sets out the Authority’s approach to the management of risk. Mission and Objectives 1.3 The Council is committed to Strategic Risk Management (SRM) which is ‘the management of integrated or ‘holistic’ business risk ….it is about making the most of opportunities (making the right decisions) and about achieving objectives once these decisions are made. The latter is achieved through controlling, transferring and living with these risks.’ 1.4 There are a number of reasons why effective SRM is essential for the Council: • Support for Corporate Governance (CG being ‘the system by which local authorities direct and control their functions and relate to their communities’): • To aid compliance with the Civil Contingencies Act; • To reinforce best practice as measured by the Comprehensive Performance Assessment; • Support for business planning and decision-making. 1.5 This strategy ensures the areas of highest risk are identified, appropriate remedial action is considered, and where necessary, financial assistance is made available to implement risk minimising measures. This will be done by regular consultation and liaison with departments and other responsible bodies, to ensure that all relevant parties are involved in the overall process. Funding mechanisms to aid Departments are detailed at Section 5. 1.6 This strategy ensures that two types of risk are addressed: Updated October 2005 3
  • 4. SMDC Risk Management Policy and Statement 2005-06 DRAFT • Direct threats (damaging events) which could lead to a failure to achieve objectives; and • Opportunities (constructive events) if exploited can offer an improved way of achieving objectives, but which are surrounded by threats. Examples include areas such as partnership arrangements. Source: Treasury Orange Book – January 2001 1.7 The Council’s RM Strategy addresses five processes to ensure that it meets the overall objectives of loss minimisation, and the Council’s Corporate Standard ‘Using Resources Wisely’: • Identification of risks (Section 2); • Quantification of risks and action planning (Section 3); • Avoidance of risks (Section 4); • Financing of risks (Section 5); • Communication of risk management (Section 6). 1.8 RM involves a number of differing disciplines such as Health and Safety, crime prevention, fire prevention, Information Technology, internal audit etc. Certain policies within the Council Policy and Procedures Manual form an important element in the management of the Council’s risks, particularly: • Management of Workplace Stress; • Use of Display Screen Equipment; • Health and Safety Policy and Procedures; and • Personal Protective Equipment (PPE); • Lone Working This strategy compliments the above and is the vehicle for delivering the Council’s RM Policy. 2. Identification 2.1 The Council must identify the risks, which threaten its ability to achieve its objectives. Service Managers are required to define the risks they face in their service risk catalogue. These together with the over arching risks identified by SMG are brought together into the Authority’s Corporate Risk Register, which is reported to Cabinet twice a year. Updated October 2005 4
  • 5. SMDC Risk Management Policy and Statement 2005-06 DRAFT 2.2 The process of risk identification is achieved by considering risks on 3 levels, strategic, project based and operational. 2.3 All reports and strategies should include a section in which risk management is considered. The resultant recommendations and conclusions should reflect these risk considerations. 2.4 The Council is committed to the Prince 2 method of Project Management. This is a risk-based approach requiring risks to be continually considered during the life of a project. A number of employees hold the necessary accreditation to manage projects under this approach thus increasing the likelihood of success. 2.5 Service Managers are required to maintain the service risk catalogues on the shared (S:) directory updating them when new risks become apparent or existing risks change. It is recommended that risk be discussed at team meetings in order to gain input from all levels of the organisation. 2.6 The service risk catalogues for an integral part of a service’s business planning process. Risks to service objectives are incorporated into the service plan with the necessary actions identified. 2.7 The quarterly claims report sent to Directorates should be used to update the service risk catalogue with any issues emerging from recent claims. 2.8 Information and recommendations arising our of internal audit reports, health and Safety audits, Best Value Reviews, Asset Management Planning and Community Safety Partnerships, should all be fed into the service risk catalogues. 2.9 Information obtained through liaison with other authorities, external insurers, professional bodies and national associations, such as the National Forum for Risk Management in the Public Sector (ALARM), should be incorporated into the service awareness of risk. The whole process is illustrated at Appendix A. 3. Quantification and Action Planning 3.1 Risks identified and defined in the risk register are quantified in terms of: • Severity of impact • Probability of occurrence 3.2 The resultant ratings will designate each risk a High, Medium or Low risk status. Risks emerging as medium or low are already below the Council’s acceptable risk threshold and need monitoring to ensure they Updated October 2005 5
  • 6. SMDC Risk Management Policy and Statement 2005-06 DRAFT remain there. Risks classified as high status require actions specified to address the risk. The ratings and acceptable risk profile of the Authority is at Appendix B 3.3 The risk register requires a SMART approach to action planning. Consequently, each risk action requires, wherever possible: - • A measurable output • A target date • A designated risk owner 3.4 The analysis will be reviewed annually and reported to the Strategic Management Group (SMG). 3 Avoidance 4.1 The Council needs to avoid exposure to risk by: • Promoting the concept of risk avoidance throughout the Council. Primary responsibility for this will rest with the Corporate Director (CFO) along with the Risk Management Group (see paragraph 4.2); • Ensuring Service business plans compulsorily have a section on Risk Management, so that fundamental risks are addressed; • Getting managers to take greater financial responsibility for the consequences of claims arising from their work areas. Internal insurance recharges now form part of service budget targets; • Recharging premiums, where appropriate, on the basis of claims experience; • Assessing the cost/benefit of eliminating or reducing significantly the impact of risks; • Ensuring that suitable training is provided for high risk activities; • Ensuring that Service Managers are aware of their RM responsibilities as set out in their job descriptions. 3.5 A Risk Management Group (RMG) is maintained, chaired by the Corporate Director (CFO), involving the Cabinet member for Performance Management and the following employees: • Financial Manager (RM); • Health and Safety Advisor; • Audit Services Manager; • One Head of Service from each Directorate; • Head of ICT Services; • Head of Property Services. 4 Financing Updated October 2005 6
  • 7. SMDC Risk Management Policy and Statement 2005-06 DRAFT 3.6 Total elimination of risks is not possible. Funding action to address risks is a key part of the RM Strategy. Funding points of the strategy are: Strategic and Project Management • Areas requiring significant spend should be reported via SMG to either the Revenue or Capital Budget Groups. Operational • The Financial Manager will ensure annually that appropriate insurance cover, either from the internal Insurance fund or external insurance is in place for all identified risks; • The financial impacts of the risk actions identified will be fed into the budgetary process as potential growth items. • Funding will be made available from the Insurance and Risk Management Fund to help services to address high risks. This will be in the form of loans to be repaid over an agreed number of years. In certain circumstances the fund will finance actions directly where the risk is crosscutting. The decision in these cases will reside with the CD (CFO) and RMG. • External insurance will be limited to protection against large claims. Insurance funding should be used for non personal-injury claims between £100 and £500 unless the insurance policy excess is within these parameters. 5 Communication and Reporting Updated October 2005 7
  • 8. SMDC Risk Management Policy and Statement 2005-06 DRAFT 6.1 The strategy requires a suitable reporting and monitoring system, which will report effectively on all aspects of the strategy. 6.2 Reporting of RM will be as follows: Author Recipient Frequency Report Corporate Director (Chief Finance Officer) Cabinet Six Monthly Summary of previous year’s RM activities, results and Risk Register Corporate Director (Chief Finance Officer) Cabinet As Required Newly agreed RM initiatives Corporate Director (Chief Finance Officer) Cabinet As Required Strategic matters Corporate Director (Chief Finance Officer) SMG Annually Report overall funding proposals. Corporate Director (Chief Finance Officer) SMG Annually Report on RM activities and results Corporate Director (Chief Finance Officer) SMG Annually Report on numbers, cost and type of insurance claims Corporate Director (Chief Finance Officer) SMG Six Monthly Report progress on RM activities Corporate Director (Chief Finance Officer) SMG Six Monthly Half yearly update on insurance claims history Financial Manager (DRR) Heads of Quarterly Insurance claims update Service reports for Directorates 6.3 The communication of risk management issues within the Authority is facilitated by: Updated October 2005 8
  • 9. SMDC Risk Management Policy and Statement 2005-06 DRAFT • Corporate Risk Management Group members acting as risk champions within the directorates communicating issues via departmental management team (DMT). • Heads of service/Service Managers cascading RM information via team briefings and section meetings. • Financial Manager (Risk Manager) communicating with services directly when specific issues arise. • The production of a risk management bulletin/newsletter developed to communicate with employees via the Intranet. 6 Responsibilities For Risk Management 7.1 The following have responsibilities for Risk Management: • Cabinet (via Finance and Performance Portfolio Holders) - To approve the RM Policy, Strategy and Action Plan. - To agree changes to the RM Strategy. - To champion among the member body the concept and practice of Risk Management • Strategic Management Group - To receive six monthly and annual reports from the. Corporate Director (Chief Finance Officer) - To provide corporate comment on the RM Budget. - To give corporate commitment to strategic RM issues. • Corporate Director and Chief Finance Officer - To ensure RM funding initiatives are in accordance with the RM Strategy. - To report RM proposals that impact upon the RM Strategy and Action Plan, for approval by SMG and the Cabinet. - Chair of RM Group Updated October 2005 9
  • 10. SMDC Risk Management Policy and Statement 2005-06 DRAFT • Financial Manager (RM) - Overall control of the RM Function; - To prepare reports on RM activities and results, and loss ratio analysis (i.e. cost of insurance claims compared to the cost of premiums). - To manage the insurance fund and external insurance contract. - To promote the implementation of the Council’s Risk Management Strategy on a corporate basis. - To consider the value of new Risk Management initiatives. - To bring together the specialist skills needed for the promotion of successful RM within the authority. - To manage, propose and co-ordinate RM loans from the insurance fund and RM budget. - To consult regularly with Departments and external bodies about developing the RM programme. - To devise programmes of RM activities and to monitor and report the results of the activities to the Director and SMG. - To co-ordinate the maintenance/update of corporate risk register. - To liase with external insurers to ensure that future premiums reflect all RM activities being undertaken by Council services. - To continually look at the feasibility of increasing self- insurance. - To ensure premiums are appropriately recharged to services using a ‘risk’ basis. • Heads of Service and Service Managers - To ensure risk management is considered within service business plans; Updated October 2005 10
  • 11. SMDC Risk Management Policy and Statement 2005-06 DRAFT - To maintain and update the service risk catalogues - To ensure the concept of risk management is communicated to all employees (and that the process is both ‘bottom-up’ and ‘top-down’). 7 Risk Management Proposals 8.1 Where significant funding is required then the proposal must be put forward to either the Council’s Revenue or Capital Budget group. 8.2 The Insurance and Risk Management Fund will make available funding for crosscutting initiatives, which help reduce the Authority’s exposure to risk. The Corporate Risk management Group will consider bids for such funding. 8.3 Services are also above to bid for funding from the Insurance and Risk Management Fund, on a repayable loan basis, to address high risks identified in their service risk catalogues. 3.7 Projects targeted will be those where the highest benefits will accrue to the Council. Some of the prioritised projects may originate from strategic areas highlighted elsewhere such as Community Safety, Best Value reviews, the Asset Management Plan or Service Business Plans. 3.8 RM loans will be used to supplement provisions within Service budgets (e.g. security, revenue/capital maintenance budgets etc). Services must be able to demonstrate that such budgets are fully committed. These loans will be reviewed on an annual basis ensuring they are allocated on a consistent and equitable basis, which maximises the benefit of the funds available. 8 Funding of Risk Management 9.1 If a solution to a risk management issue involves significant expenditure it will have to be accounted for within either the Council’s revenue or capital budgets. 3.9 The insurance account receives all premiums charged to Departments and pays out all premiums for external insurance cover. 3.10The internal premiums recharged to Departments form part of Service targets. The basis of the recharge will include an element for claims history if the number of claims starts to increase dramatically. This is so that services are made more accountable and aware of the implications of RM. 3.11In total advances from the RM budget and loans from the Council’s insurance fund will not exceed £50,000. This will be reviewed annually as the insurance fund is also in place in case payments are necessary for Updated October 2005 11
  • 12. SMDC Risk Management Policy and Statement 2005-06 DRAFT outstanding claims in relation to Municipal Mutual Insurance (MMI), the Council’s insurers up until 1992 when they went into liquidation. 4 Benefits of Risk Management 10.1Benefits of SRM include: • To achieve objectives by identifying barriers to achievement; • Being less risk averse and more innovative; • A better assessment of business opportunities; • Improved business planning through a risk based decision making process; • Focusing on outcomes not processes; • Enhanced performance – it should be part of the performance management framework; • The Buy-in of employees, to ensure it is embedded within the culture of the council; • Better governance, and demonstration of it to stakeholders. 4.4 The RM Strategy enables risks and losses to be managed and controlled, thus allowing funds to be used in the most efficient manner and possible savings to be generated. It also helps to minimise premium increases or even decrease them. The ultimate aim being to reduce the ‘total cost of risk’ i.e. both premiums and the cost of losses. 4.5 The control of loss through risk management has the added benefit of improving safety for employees of the Authority and members of the public. 4.6 By embracing risk management the Authority makes the most of the opportunities which it faces, whilst operating within a risk-aware environment. 9 Action Plan 11.1 An action plan will be drawn up each year to set out the activities and actions for the coming year, Updated October 2005 12
  • 13. SMDC Risk Management Policy and Statement 2005-06 DRAFT APPENDIX A ORGANISATION OF THE RISK MANAGEMENT PROCESS SMG / MEMBERS CORPORATE RISK REGISTER STRATEGIC ISSUES PRINCE2 CMT / SERVICE PROJECT MANAGERS / BOARD PROJECT OPERATIONAL STAFF ISSUES ISSUES RISK MANAGEMENT GROUP MEMBER SMG CMT SPECIALISTS OTHER EXTERNAL PORTFOLIO CORPORATE 2 / 3 HEADS OF FINANCIAL AUDIT / LOSS CONTROL HOLDER DIRECTOR & SERVICE SERVICES / PROPERTY SPECIALISTS PERFORMANCE CHIEF FINANCE HEALTH & SERVICES (as necessary) MANAGEMENT OFFICER SAFETY Updated October 2005 13
  • 14. SMDC Risk Management Policy and Statement 2005-06 DRAFT APPENDIX B Risk Thresholds 1. Risk Consequences – Threats and Opportunities High (I) • Financial impact > £50,000 • Significant impact on Council’s strategy or operational activities • Significant stakeholder concern e.g. real risk of fatality / severe injury Medium • Financial impact between £10,000 and £50,000 (II) • Moderate impact on the Council’s strategy or operational activities • Moderate stakeholder concern e.g. low risk of injury Low (III – • Financial impact less than £10,000 (IV = < £5000) IV) • Low impact on the Council’s strategy or operational activities • Low stakeholder concern 2. Probability of Occurrence – Threats Estimation Description Indicators High (Probable – Likely to occur each year or > Potential of it occurring > 3 times A to B) 25% chance of occurrence in 10 years; Has occurred in past two years Medium Likely to occur in a 10 year Could occur up to 3 times in 10 (Possible – C to time period or less than 25% years. D) chance of occurrence Could be difficult to control due to some external influences. Is there a history of occurrence ? Low (Remote – E Not likely to occur in 10 year Has not occurred. to F) time period or less than 2% Unlikely to occur. chance of occurrence 3. Probability of Occurrence – Opportunities Estimation Description Indicators High (Probable – Favourable outcome likely to Clear opportunity, which can be A to B) be achieved in 1 year; or relied upon with reasonable better than 75% chance of certainty, to be achieved in the occurrence. short term based on current management processes. Medium Reasonable prospect of Opportunities achievable with (Possible – C to favourable results in one year careful management. D) of 25% to 75% chance of Opportunities which may arise occurrence. over and above the plan. Low (Remote – E Some chance of favourable Possible opportunity which has to F) outcome in the medium term yet to be fully investigated by or less than 25% chance of management. occurrence. Opportunity for which the likelihood of success is low on the basis of management resources currently applied. Updated October 2005 14
  • 15. SMDC Risk Management Policy and Statement 2005-06 DRAFT Risk Profile A B High Risk C D Low Risk E F Prob- IV III II I ability Severity Key Red line = risk threshold (i.e. line of tolerance) Grey = risks we can tolerate (low Risk) Green = risks we can tolerate (medium risk) Blue = risks we can’t tolerate (high risk) Updated October 2005 15

×