NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY AND POLICY FRAMEWORK
|
|
- Martin Jessie Griffith
- 5 years ago
- Views:
Transcription
1 NHS WEST NORFOLK CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY AND POLICY FRAMEWORK
2 DOCUMENT CONTROL SHEET Name of Document: WNCCG Risk Management Strategy & Policy Framework Version: 2.0 Date Of This Version: 4th October 2014 Produced By: What is it for? (Intro) Who is it aimed at and which settings? (Scope) Evidence Base: Jean Clark, Head of Governance NHS West Norfolk CCG is committed to commissioning high quality and safe services and minimising risk exposure to patients and public, to its staff and to itself, by effectively managing clinical, corporate, financial and environmental risks that have the potential to affect the CCG s ability to meet its strategic and business objectives, cause harm or result in losses to finances and assets. All staff who work for the CCG, including employed staff, voluntary staff, contractors, CCG members, Governing Body members Reviewed by Jean Clark, Head of Governance, WNCCG Audit Committee WNCCG Executive Committee Equality Impact Assessment (completed) No adverse impact Consultation (Staff, Trade Unions, Lay Members) Not applicable Approved By (as per scheme of Accountable Officer Delegation) Date Adopted: 16 th October 2014 Dissemination All CCG staff, Governing Body Date Due For Review: September 2015 Evaluation Via: The Audit Committee, Patient Safety & Clinical Quality Committee, Governing Body Head of Internal Audit Opinion Review of GBAF and Corporate Risk Register Annual Governance Statement External and Internal Audit IG toolkit assessment Revision History Revision Date Summary of changes Author(s) Version Number 29/9/14 Refresh of framework, including risk escalation chart, risk appetite, clearer process, linkage to Training Needs Assessment, third party assurance, assurance mapping, separating safeguarding into separate policy. Jean Clark 2.0 Page 2 of 20
3 CONTENTS Part Description Page RISK MANAGEMENT STRATEGY 1 CONTEXT 4 2 STRATEGY AIMS AND OBJECTIVES SCOPE OF STRATEGY 4 4 IMPLEMENTING THE STRATEGY 5 5 RESPONSIBILITIES 6 6 MONITORING AND ASSURANCE 7 RISK MANAGEMENT POLICY FRAMEWORK 7 CONTEXT 8 8 PROACTIVE RISK MANAGEMENT 8 9 REACTIVE RISK MANAGEMENT 10 Appendix A Key Steps in Managing Risks 11 Appendix B Risk Escalation Chart 12 Appendix C General Risk Assessment Form 13 Appendix D Risk Rating and Risk Appetite 14 Appendix E Risk Register template 19 Appendix F Key Questions for an audit committee to ask 20 Page 3 of 20
4 1. CONTEXT INTEGRATED RISK MANAGEMENT STRATEGY 1.1. Risk management is the systematic process for identifying, evaluating, managing and mitigating risk and learning from these events to minimise occurrences in the future NHS commissioning organisations face a wide range of strategic, operational, financial and clinical risks, from both internal and external sources, which may prevent them from achieving their objectives Commissioning and providing health services is an inherently risky business and NHS organisations have a legal and moral responsibility to effectively manage risk. Well managed risk taking can bring positive benefits and opportunities to organisations. 2. STRATEGY AIMS AND OBJECTIVES 2.1. Aim NHS West Norfolk CCG is committed to commissioning high quality and safe services and minimising risk exposure to patients and public, to its staff and to itself, by effectively managing clinical, corporate, financial and environmental risks that have the potential to affect the CCG s ability to meet its strategic and business objectives, cause harm or result in losses to finances and assets Objectives To maintain a sound system of internal control, which underpins the Annual Governance Statement To support a positive risk management culture which promotes safety, fosters learning and empowers all staff to make sound judgements and decisions concerning the management of risk To promote an integrated corporate governance approach to the management of risk and organisational performance, in accordance with Turnbull recommendations To ensure that robust risk management, whether financial, clinical or organisation, is fully embedded in all CCG activities, so that risks are mitigated as far as reasonably practicable and managed at the right level of the organisation To ensure that risks associated with the provision of services to its patients are well mitigated by the provider organisations through robust contract management To ensure resources are appropriately directed, thereby maximising value for money for patient services and care To meet all statutory and legal duties with regard risk management, health & safety, information governance etc. 3. SCOPE OF STRATEGY 3.1. This strategy applies to: Page 4 of 20
5 All NHS West Norfolk CCG activities and functions All staff who work for the CCG, including employed staff, voluntary staff, contractors, CCG members, Governing Body members. 4. IMPLEMENTING THE STRATEGY 4.1. NHS West Norfolk CCG will: Promote a clear Integrated Risk Management Framework which supports staff to identify and record risk, to quantify risks in terms of likelihood and consequence and to mitigate risk, in a structured, consistent way and to agree acceptable level of exposure or and/or escalate risks. Risks will have clear ownership Have an agreed organisational risk appetite Employ the three lines of defence model: First Line management assurance from front line or business operational areas Second Line: oversight of management activity, separate from those responsibility for delivery, but not independent of the organisation s management chain Third line: independent and more objective assurance, including the role of internal audit and external bodies Support well managed, positive risk taking and a positive staff attitude to the control of risk Ensure that staff and members are clear about their personal accountability, authority and responsibilities for risk management through appraisal, training and induction. The CCG s Training Needs Analysis (TNA) is linked to the risk management strategy and framework, ensuring training is a robust control Ensure that third parties, including the Commissioning Support Services, operate under the appropriate governance framework and that their risks are managed in accordance with the CCG strategy and policies Have in place clear, up to date Scheme of Delegation, Prime Financial Policies and Standing Orders as part of its Constitution Ensure all major projects, tasks, partnerships and new business/initiatives are risk assessed and risks mitigated to ensure delivery e.g. Quality, Innovation, Productivity and Prevention (QIPP) projects Identify Information Asset Owners (IAO) and Information Asset Administrators (IAA) as part of the Information Governance Framework who will monitor information asset risks Engage internal auditors to carry out risk-based reviews of internal controls, testing to confirm they are operating as intended and thus providing assurance (negative or positive) Page 5 of 20
6 Employ Counter Fraud systems and policies, in line with NHS Protect, supported by the Local Counter Fraud Specialist, and monitored by the Audit Committee Promote a robust incident reporting system, in line with the Incident Management Policy, the Serious Incident Policy, Whistleblowing Policy and Safeguarding Policy, ensuring robust investigation and sharing of lessons learnt and supporting an open and fair no-blame culture Insure against risk through NHS Litigation Authority and ensure that any litigation against the Trust is managed in accordance with the Claim s Policy Have in place robust business continuity plans Provide the resources and support systems necessary to implement this strategy and the Integrated Risk Management Framework 5. RESPONSIBILITIES 5.1. NHS West Norfolk CCG will ensure that appropriate accountabilities and structures are in place to support risk management (see Appendix B) Body Council Of Members Governing Body Accountable Officer Executive Team Audit Committee Patient Safety & Clinical Quality Committee Responsibility Members of the CCG have overall accountability for risk management and systems of internal control throughout the organisation. The Council of Members ensures this accountability is discharged effectively by the Governing Body and its Committees and by CCG staff. Is responsible for risk management as described in the Constitution. It ensures sound systems of internal control are in place to manage risks and reviews assurances via the Assurance Framework (GBAF). As per the Scheme of Delegation, it approves the comprehensive system of internal control, including budgetary control that underpins the effective, efficient and economic operation of the group Has overall responsibility for ensuring NHS West Norfolk CCG meets statutory and legal requirements for risk management. Operational management of risk and management of the Assurance Framework and Corporate Risk Register Provides scrutiny and challenge to the systems of internal control, governance and risk. Uses the assurance framework as the central tool for planning its work and as a key topic for its scrutiny to provide the governing body with assurance.. The Committee operates a programme of deep dives with risk owners Is a committee of the Governing Body and ensures the services commissioned by the CCG are safe, effective, high quality and patient focused, meeting all national standards and legislation. It reviews clinical quality risks and reviews the Corporate Risk Page 6 of 20
7 Register and GBAF. It is responsible for the safeguarding arrangements for the CCG and discusses risks and issues from the Children s & Maternity Commissioning Board Senior Managers Staff Have responsibility for managing risk on a day-to-day basis, keeping live risk registers with formal escalation processes and understanding of risk appetite. They promote risk awareness Have responsibility for their own safety and that of others and a duty to identify and manage risks including clinical, financial and organisational risks, and to escalate significant risks and report incidents. They must participate in mandatory training and other training identified according to their role. 6. MONITORING AND ASSURANCE 6.1. The following monitoring mechanisms will ensure the strategy is implemented: The Audit Committee will receive assurances on risk, internal and external audit, counter fraud and governance and will ensure all auditor recommendations are fully implemented The Head of Internal Audit Opinion will summarise the effectiveness of controls from the work carried out by internal audit each year The Governing Body will review the Assurance Framework at each meeting which will provide sufficient assurances as to the effective mitigation of the CCG s risks The Executive Team will discuss significant operational risks, including QIPP, at each meeting The Patient Safety & Clinical Quality Committee will review all clinical risks, Never Events, Serious Untoward Incidents and Safeguarding issues at each meeting. This committee links to the cluster-wide arrangements for patient safety & clinical quality The Annual Governance Statement (AGS) will review the effectiveness of the system for internal control for the year and any significant control issues that arise during the year. The AGS will be compliant with Treasury and Department of Health Guidance The Council of Members will review the AGS and the effectiveness of the systems of internal control The Governing Body will ensure that there is a clear map of assurances, including from third parties such as the CSU and regularly reviews the quality of these assurances. Page 7 of 20
8 RISK MANAGEMENT POLICY FRAMEWORK 1 CONTEXT 1.1 Risk management is the systematic process for identifying, evaluating, managing and mitigating risk clinical, financial and corporate - and learning from these events to minimise occurrences in the future. 1.2 This framework outlines the practical application of risk management in NHS West Norfolk Clinical Commissioning Group (CCG), supporting a sound system of internal control. 1.3 Members and staff of the CCG have a duty and responsibility to consider the risks involved in what they do. Well managed risk can bring positive benefits and opportunities, ensuring resources are appropriately directed, thereby maximising value for money for patient services. 1.4 Effective risk management is both: Proactive the identification, assessment and evaluation of risk, the evaluation of controls and assurances of the effectiveness of controls, risk treatment and the ongoing monitoring of risk mitigation and Reactive when things go wrong i.e. adverse events - incidents, complaints and claims; identifying a learning action plan feeding back into the risk assessments and registers. 2 PROACTIVE RISK MANAGEMENT 2.1 Each individual/team/committee identifies and assesses risks to the delivery of their objectives. Risks can be clinical, financial or corporate, risks to the delivery of QIPP schemes, risks of joint working with other CCGs or local authorities, risks of delegating to third parties such as the CSU etc. 2.2 Strategic Risks relate to the delivery of the organisation s strategic objectives. They have the highest potential for external impact e.g. an adverse effective on engagement with the wider health ad social care community and with external stakeholders. Examples include risks to services from competitor organisations, technological or societal change and changing patient demographics 2.3 Operational Risks relate to the organisation s on-going day-to-day business delivery e.g. patient safety, staff safety, security, information, finance and litigation. Whilst they may have some external impact, operational risks mostly affect internal functioning and services. Depending on the level of risk involved, operational risks are managed at directorate or committee level. 2.4 Significant operational risks, which are not effectively managed, can have an impact on the delivery of strategic objectives and organisations therefore need to have a process in place to escalate risk as required. 2.5 Risks are assessed/evaluated in terms of likelihood and consequence/impact using a standardised organisational Risk Matrix (Appendix D) 2.6 Controls that are currently in place to manage these risks are identified as are the assurances that these controls are working. Page 8 of 20
9 2.7 Gaps in controls or in assurances are identified and action plans developed to close these gaps (including potential costs, balanced against the cost of the risk occurring, owner and timescale). N.B. risks can be avoided, reduced, transferred or accepted. 2.8 Controls can be Directive e.g. policies, training, risk sharing agreements with other CCGs, Section 75 agreements, Detective e.g. clinical audit, root cause analysis, inventories, reconciliations, or Preventative e.g. limits to decision making such as the scheme of delegation, secure access and passwords etc. 2.9 Assurances need to be specific and include a wide range of independent, internal sources (e.g. NED-led scrutiny committee such as Audit or Remuneration, internal audit, clinical audit, performance data, local counter fraud, serious incident/complaint investigations, IG toolkit evidence etc and external sources (e.g. patient surveys and feedback, benchmarking, CQC, Monitor, External Audit, LINk/HealthWatch, Health & Well Being Board, HOSC etc) Assurances can be negative or positive: Negative assurance: evidence that controls are not working as intended and risks remain unmitigated Positive assurance: confirmation that risks are mitigated by the controls with firm evidence to show that the organisation is reasonable managing its risks and that strategic objectives are being delivered 2.11 Each risk is allocated a risk owner whose responsibility it is to ensure the risk is mitigated to the agreed target level as quickly as possible Risks are documented in a Risk Register (Appendix C), including detailed action plans for mitigation, which is updated regularly. Governing Body Assurance Framework (GBAF): focuses on key strategic risks and operational risks that exceed the risk appetite and therefore impact on delivery of strategic objectives. It is used by the Governing Body as its main tool for discharging the responsibility for internal control. Corporate Risk Register (CRR): focuses on the significant operational risks 2.13 The Governing Body agrees organisational risk appetite (Appendix D). Residual/accepted risk is either small enough to have an immaterial effect on the achievement of objectives or a significant risk that has been well mitigated. Residual risks should continue to be reviewed periodically Appendix B shows how risks are escalated and de-escalated in relation to risk appetite and target mitigation 2.15 All new initiatives, major projects, activities are assessed for risk and incorporated into risk management structures e.g. QIPP, Information Asset Registers etc. Risks that exceed the agreed risk appetite are escalated to the Corporate Risk Register or GBAF as necessitated by the risk rating score (Appendix B) 2.16 Governing Body Sub-Committees review risk mitigation e.g. Patient Safety & Clinical Quality Committee reviews clinical risks, Information Governance Committee reviews IG and Information Asset risks. Committees operate a dip test, requiring close scrutiny of any risk which has remained unchanged above its target level for more than three months. Page 9 of 20
10 2.17 The Audit Committee provides scrutiny and challenge to the implementation of the risk strategy and framework and to the systems of internal control in operation throughout the CCG. The Committee calls risk owners to account to review the effectiveness of controls and the reliability of assurances on controls. 1. REACTIVE RISK MANAGEMENT 9.1 All incidents, near misses and complaints are reported and robustly investigated in order to reduce the risk of recurrence. 9.2 Provider complaints, patient feedback, serious incidents, safeguarding issues, never events and early warning indicators are reviewed by the Patient Safety & Clinical Quality Committee and issues are raised at contract meetings. 9.3 Learning from adverse events informs risk ratings. Page 10 of 20
11 Appendix A - Key Steps in Managing Risks Stages Description 1 Establish the context Define the activity, and consider the goals and objectives. 2 Identify the risk Identify the risk what could happen, how could it happen and what would be the consequence 3 Analyse and assess the risk 4 Evaluate and prioritise the risk Consider how the risk could occur, what would be the effect and how could they be removed or reduced. Score the risk based on likelihood and consequence to identify the significance of the risk/reporting requirements. Consider controls currently in place, assurances as to whether these are working and any gaps in control. Evaluate in light of the significance and quantify any further options for reducing risk, including cost/benefit analysis to identify the preferred course of action. Agree risk rating threshold = Target Risk Rating, based on the risk appetite for that risk (see Appendix D) 5 Risk treatment and control Develop and implement risk reduction action plans depending on risk appetite: Avoid: do not proceed with activity Reduce: or control likelihood and/or consequence Transfer: arrange for another party to risk share Accept: some risk may be minimal and retention acceptable Think: Preventative, directive, detective controls Ensure controls are relevant to the risk and applied consistently over time 6 Monitor and review Monitor the risk impact, the effectiveness of the action and whether the risk priority changes. Escalate/de-escalate as necessary in line with risk appetite. 7 Communicate and consult Identify who needs to know, who is affected, and communicate/consult accordingly. 8 Learning All incidents and near misses shall be reported via the Incident Management Policy. Learning from adverse events will reduce the risk of recurrence, and will be informed by learning from successes as well. Page 11 of 20
12 Appendix B Risk Escalation Chart Encompasses the three lines of defence approach of ownership by frontline staff, accountability by executive and scrutiny by the Governing Body and its Audit Committee. Audit Committee Provides scrutiny of Risk framework GBAF Governing Body Reviews strategic risks and assurances on risk mitigation Risk exceeds risk appetite Corporate Risk Register Executive Team & Patient Safety & Clinical Quality Committee Reviews operational risks and clinical risks respectively Risk identification, assessment and peer challenge Risk decreases to threshold of risk appetite or target mitigation Risk exceeds risk appetite Programme Risk Registers e.g. SRG, Alliance, QIPP, IAOs, Commissioning Boards review operational risks Risk identification, assessment and peer challenge Staff and members can identify risks for assessment and inclusion on risk registers Risk decreases to threshold of risk appetite or target mitigation Page 12 of 20
13 Appendix C - General Risk Assessment Form Risk Assessment No Site/Locality Date Assessment undertaken Assessor Name Review Date Risk Rating quantified in terms of Likelihood and Consequence (L x C) (refer to detailed risk descriptors) Description of Hazard & Risk Hazard = Anything with the potential to do harm Risk = The likelihood of that harm occurring Who might be harmed? Existing controls Risk Rating (L x C) Mitigation Action plan Time scale Lead Page 13 of 20
14 Appendix D - Risk Rating and Risk Appetite Step 1 Look at what is being assessed and ask the question: what is the likelihood of the risk occuring? Use the table to determine the likelihood score(s) for those adverse outcomes. If possible, score the likelihood by assigning a predicted frequency of occurrence of the adverse outcome. If this is not possible, assign a probability to the adverse outcome occurring within a given time frame, such as the lifetime of a project or a patient care episode. If it is not possible to determine a numerical probability then use the probability descriptions to determine the most appropriate score If in doubt grade UP not down LIKELIHOOD of event happening Likelihood score 1- Rare 2 - Unlikely 3 - Possible 4 - Likely 5 - Almost certain How often might it/does it happen This will probably never happen/recur Less than 0.1% chance of happening Do not expect it to happen/recur but is possible Between 0.1% - 1% chance of happening Might happen or recur occasionally Between 1-10% chance of happening Will probably happen/recur but it is not a persisting issue Between 10-50% chance of happening Will undoubtedly happen/recur,possibly frequently Over 50% chance of happening Do not expect to happen for years Annual occurrence Expect to happen monthly Expect to happen weekly Expect to happen daily Step 2 If risk occurs, what is the likely consequence/severity to persons, service, organisation? Use the table of risk descriptors below. Choose the most appropriate domain for the identified risk from the left hand side of the table, then work along the columns in same row to assess the severity of the risk on the scale of 1 to 5 to determine the consequence score, which is the number given at the top of the column. If in doubt grade UP not down. CONSEQUENCE/ SEVERITY Of The Event Occurring Domains 1 - Negligible 2 - Minor 3 - Moderate 4 - Major 5 - Catastrophic Impact on the safety of patients, staff or Minimal injury requiring no/minimal Minor injury or illness, requiring minor Moderate injury requiring professional Major injury leading to long-term Incident leading to death Page 14 of 20
15 public (physical/psychologic al harm) Quality/complaints/ audit intervention or treatment. No time off work Peripheral element of treatment or service suboptimal intervention intervention incapacity/disability Requiring time off work for >3 days Increase in length of hospital stay by 1-3 days Overall treatment or service suboptimal Requiring time off work for 4-14 days Increase in length of hospital stay by 4-15 days RIDDOR/agency reportable incident An event which impacts on a small number of patients Treatment or service has significantly reduced effectiveness Requiring time off work for >14 days Increase in length of hospital stay by >15 days Mismanagement of patient care with longterm effects Non-compliance with national standards with significant risk to patients if unresolved Multiple permanent injuries or irreversible health effects An event which impacts on a large number of patients Totally unacceptable level or quality of treatment/service Informal complaint/inquiry Formal complaint (stage 1) Local resolution Single failure to meet internal standards Minor implications for patient safety if unresolved Reduced performance rating if unresolved Formal complaint (stage 2) complaint Local resolution (with potential to go to independent review) Repeated failure to meet internal standards Major patient safety implications if findings are not acted on Multiple complaints/ independent review Low performance rating Critical report Gross failure of patient safety if findings not acted on Inquest/ombudsman inquiry Gross failure to meet national standards Page 15 of 20
16 Human resources/ organisational development/staffing/ competence Statutory duty/ inspections Adverse publicity/ reputation Short-term low staffing level that temporarily reduces service quality (< 1 day) No or minimal impact or breech of guidance/ statutory duty Rumours Potential for public concern Low staffing level that reduces the service quality Breech of statutory legislation Reduced performance rating if unresolved Local media coverage Short-term reduction in public confidence Late delivery of key objective/ service due to lack of staff Unsafe staffing level or competence (>1 day) Uncertain delivery of key objective/service due to lack of staff Unsafe staffing level or competence (>5 days) Non-delivery of key objective/service due to lack of staff Ongoing unsafe staffing levels or competence Low staff morale Loss of key staff Loss of several key staff Poor staff attendance for mandatory/key training Very low staff morale Single breech in statutory duty Challenging external recommendations/ improvement notice Local media coverage Long-term reduction in public confidence No staff attending mandatory/ key training Enforcement action Multiple breeches in statutory duty Improvement notices Low performance rating Critical report National media coverage with <3 days service well below reasonable public expectation No staff attending mandatory training /key training on an ongoing basis Multiple breeches in statutory duty Prosecution Complete systems change required Zero performance rating Severely critical report National media coverage with >3 days service well below reasonable public expectation. MP concerned Total loss of public confidence Page 16 of 20
17 Business objectives/ projects Insignificant cost increase/ schedule slippage Elements of public expectation not met <5 per cent over project budget 5 10 per cent over project budget Non-compliance with national per cent over project budget Incident leading >25 per cent over project budget Schedule slippage Schedule slippage Schedule slippage Schedule slippage Key objectives not met Key objectives not met Finance including claims Service/business interruption Environmental impact Small loss Risk of claim remote Loss/interruption of >1 hour Minimal or no impact on the environment Loss of per cent of budget Claim less than 10,000 Loss/interruption of >8 hours Minor impact on environment Loss of per cent of budget Claim(s) between 10,000 and 100,000 Loss/interruption of >1 day Moderate impact on environment Uncertain delivery of key objective/loss of per cent of budget Claim(s) between 100,000 and 1 million Purchasers failing to pay on time Loss/interruption of >1 week Major impact on environment Non-delivery of key objective/ Loss of >1 per cent of budget Failure to meet specification/ slippage Loss of contract / payment by results Claim(s) > 1 million Permanent loss of service or facility Catastrophic impact on environment Step 3 Calculate the risk score the risk multiplying the consequence by the likelihood: consequence x likelihood = risk rating: RISK MATRIX Likelihood Consequence 1 Rare 2 - Unlikely 3 Possible 4 Likely 5 Almost Certain 1 Negligible Minor Moderate Major Catastrophic Page 17 of 20
18 Step 4 Identify the existing controls that are in place, assess their adequacy and then score the residual risk as above. Step 5 Take action according to the risk appetite as described below: Low risk 1-3 The CCG accepts risks in this category that are likely to result in identified impact. Moderate risk 4-6 The CCG is willing to accept risks that may result in identified impact. Significant risk 8-12 The CCG is willing to accept some risks in certain circumstances High risk The CCG is not willing to accept any risk under any circumstances Normal risks which can be managed by routine procedures Responsibility for assessment and action planning allocated to a named individual Urgent senior management attention needed with action plan Immediate action required by an Executive Director/Governing Body member i.e. If a risk s residual score is higher than the risk appetite, more will need to be done to manage the risk and this may require additional resources. If the risk s residual score is the same as or lower than the risk appetite, the risk will be considered tolerable (although it will continue to be monitored if risk-rated at a 4 or above). Page 18 of 20
19 Appendix E Risk Register template Team/Committee Lead Date Date of Review Risk Rating quantified in terms of Likelihood and Consequence (L x C) (refer to detailed risk descriptors) Corporate Objective Ref Description of Risk (what can happen and how it can impact) Risk Rating (LxC) Existing Controls (to reduce likelihood of risk happening) Assurances of Controls Current Risk Rating (L x C) Target Risk Rating (LxC) Gaps in controls Progress with timebound action plan to fill gaps/achiev e target risk rating Lead Page 19 of 20
20 Appendix F Key Questions for an Audit Committee to ask Taken from the HM Treasury Audit and Risk Assurance Committee Handbook This list of questions is not intended to be exhaustive or restrictive nor should it be treated as a tick list substituting for detailed consideration of the issues it raises. Rather it is intended to act as a prompt to help an Audit and Risk Assurance Committee ensure that their work is comprehensive. On the strategic processes for risk and control, how do we know that: the risk management culture is appropriate? the board has clearly articulated and communicated its risk appetite? there is a comprehensive process for identifying and evaluating risk, and for deciding what levels of risk are tolerable? the Risk Register is an appropriate reflection of the risks facing the organisation? appropriate ownership of risk in place? management has an appropriate view of how effective the control environment is? risk management is carried out in a way that really benefits the organisation or is it treated as a box ticking exercise? the organisation as a whole is aware of the importance of risk management and of the organisation s risk priorities? the system of control will provide timely indicators of things going wrong? On risk management processes, how do we know: how senior management and Ministers support and promote risk management? how well people are equipped and supported to manage risk well? that there is a clear risk strategy and policies? that there are effective arrangements for managing risks with partners? that the organisation s processes incorporate effective risk management? if risks are handled well, considering: key strategic risks can change very quickly? scenario planning and stress testing? bubbling under risks? the risk focus is wide enough? considers external and emerging risks? reviews financial risks and non-financial risks? if risk management contributes to achieving outcomes? that management are regularly reviewing top risks? Page 20 of 20
Risk Management Strategy and Board Assurance Framework
Risk Management Strategy and Board Assurance Framework Version 1.1 Ratified by Health Commissioning Board Date ratified Audit Committee in Common: 10 th October 2017 Heath Commissioning Board: 8 th November
More informationBoard Risk Appetite Statement
SH NCP 62 Version: 3 Summary: Keywords (minimum of 5): (To assist policy search engine) Target Audience: This document establishes the key areas of risk and guidance on the level of risk the Board is prepared
More informationRisk Management Strategy
Risk Management Strategy Document Reference MLCSU CA_WL_V3 Version 3 Authors: Donna Bamber, Midlands & Lancashire Commissioning Support Unit Senior Risk Officer Smita Shetty, Service Redesign Manager,
More informationRisk Management Framework Policy (incorporating the Risk Management Policy and Strategy)
Corporate Risk Management Framework Policy (incorporating the Risk Management Policy and Strategy) Document Control Summary Status: Version: Replacement. Replaces: Management of the Assurance Plan and
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK UNIQUE REF NUMBER: GB/AC/001/V2.1 DOCUMENT STATUS: Approved by Audit & Governance Committee 18 October 2018 DATE ISSUED: November 2018 DATE TO BE REVIEWED: November 2021 1 AMENDMENT
More informationPutting Barnsley People First INTEGRATED RISK MANAGEMENT FRAMEWORK
Putting Barnsley People First INTEGRATED RISK MANAGEMENT FRAMEWORK 2016-17 VERSION Version Date Author Status Comment Draft 1 29.5.2014 Draft 2 10.6.2014 Richard Walker & Vicky Peverelle Richard Walker
More informationIntegrated Risk Management Framework Sept Page 1 of 17
Integrated Risk Management Framework 2017-2018 Sept 2017 Page 1 of 17 Reference: Title: Author/Nominated Lead: Approval Date: Approving Committee: Review Date: Target Audience: Circulation List: Cross
More informationRisk Management Strategy and Standard Operating Procedure
Risk Management Strategy and Standard Operating Procedure Document Status Equality Impact Assessment Draft Completed no impact Document Ratified/Approved By Date Issued Date To be Reviewed Distribution
More informationINTEGRATED RISK MANAGEMENT FRAMEWORK
INTEGRATED RISK MANAGEMENT FRAMEWORK 2018 20 VERSION Version Date Author Status Comment Draft 1 29.5.2014 Draft 2 10.6.2014 Richard Walker & Vicky Peverelle Richard Walker & Vicky Peverelle Draft Draft
More informationINTEGRATED RISK MANAGEMENT FRAMEWORK (STRATEGY AND POLICY)
INTEGRATED RISK MANAGEMENT FRAMEWORK (STRATEGY AND POLICY) Version 1.5 (DRAFT) RATIFIED DATE BY WHOM Fylde and Wyre CCG Governing Body Fylde and Wyre CCG (F&W CCG) is committed to ensuring that, as far
More informationRISK MANAGEMENT POLICY
TRUST-WIDE CLINICAL / NON CLINICAL POLICY RISK MANAGEMENT POLICY Policy Number: SA02-A Scope of this Document: All Staff Recommending Committee: Risk Management Group Appproving Committee: Executive Committee
More informationRisk Management Strategy
Risk Management Strategy 2016 2019 Version: 6 Policy Lead/Author & Deputy Director of Quality position: Ward / Department: Nursing Directorate Replacing Document: Version 5 Approving Committee Quality
More informationIntegrated Risk Management Framework
Integrated Risk Management Framework October 2012 Patient focused Providing quality, improving outcomes Contents 1. Introduction page 4 WKCCG Risk Management Policy Statement 2. Definitions of Risk page
More informationRISK MANAGEMENT STRATEGY Version 3
RISK MANAGEMENT STRATEGY Version 3 Risk Management Strategy V3 - March 2018 1 Standard Operating Procedure St Helens CCG Risk Management Strategy Version 3.0 Implementation Date September 2014 Review Date
More informationRISK REGISTER POLICY AND PROCEDURE
RISK REGISTER POLICY AND PROCEDURE Lead Manager: Head of Clinical Governance Responsible Director: Board Medical Director Approved by: Date Approved: Date for Review: Feb 2012 Replaces Version: 1.0 Page
More informationVelindre NHS Trust. Black 11A. Risk Assessment & Risk Register Policy
Velindre NHS Trust Black 11A Risk Assessment & Risk Register Policy Executive Sponsor: Director of Nursing & Service Improvement Approved By: Trust Board page 1of 21 EXECUTIVE SUMMARY Overview: This policy
More informationRISK ASSESSMENT AND RISK REGISTER PROCEDURE
RISK ASSESSMENT AND RISK REGISTER PROCEDURE Reference No: UHB 024 Version No: 1 Previous Trust/LHB Ref No: Trust 162 & 206 Documents to read alongside this Procedure Risk Management Policy Health and Safety
More informationDocumentation Control. Hazard Identification, Risk Assessment and Management Procedure. (This document is linked GG/CM/007- Risk Management Policy)
Documentation Control Reference: Date approved: 24 November 2016 Approving Body: (This document is linked GG/CM/007- Risk Management Policy) Trust Board (Medical Director) Implementation Date: 24 November
More informationRisk Management Strategy
Risk Management Strategy Category: Summary: Equality Impact Assessment undertaken: Strategy The purpose of this document is to set out a clear strategy for the Trust s vision in relation to the management
More informationSOMERSET PARTNERSHIP NHS FOUNDATION TRUST RISK MANAGEMENT POLICY. Report to the Trust Board 26 May Risk and Compliance Manager
SOMERSET PARTNERSHIP NHS FOUNDATION TRUST RISK MANAGEMENT POLICY Report to the Trust Board 26 May 2015 Sponsoring Director: Author: Purpose of the report: Key Issues and Recommendations: Director of Governance
More informationRISK MANAGEMENT POLICY AND STRATEGY
1 RISK MANAGEMENT POLICY AND STRATEGY Version No: Reason for Update Date of Update Updated By 1 Review Timeframe September 2014 2 Review June 2017 Governance Manager Governance Manager 3 4 5 6 7 8 Introduction
More informationNHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework
NHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework An Integrated Risk Management Framework Clinical Risk Management Financial Risk Management Corporate Risk Management
More informationRisk Management Strategy and Policy
Risk Management Strategy and Policy SUMMARY The purpose of this document is to provide guidance to all staff within the CCG on the management of strategic, operational and project risks within the organisation
More informationNagement. Revenue Scotland. Risk Management Framework
Nagement Revenue Scotland Risk Management Framework Table of Contents 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy statement... 3 3. Risk management approach... 4 3.1 Risk management
More informationNagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0
Nagement Revenue Scotland Risk Management Framework Revised [ ]February 2016 Table of Contents Nagement... 0 1. Introduction... 2 1.2 Overview of risk management... 2 2. Policy Statement... 3 3. Risk Management
More informationRisk Management Policy and Strategy
Risk Management Policy and Strategy Version: 2.1 Bodies consulted: Approved by: Directors and Managers responsible for risk Board of Directors Date Approved: 28 March 2017 Lead Manager: Lead Director:
More informationSTRATEGY DOCUMENT. Risk Management Strategy
STRATEGY DOCUMENT Risk Management Strategy Document Number: 1COV-STG-007 Sponsor: Chief Executive Date Created: 01/11/2005 Version: 5.0 Status: Final Date Approved: xxx Next Review Date: xxx Approved By:
More informationRisk Management Policy and Framework
Risk Management Policy and Framework C014 CO14: Risk Mgt Policy and Framework (3) Page 1 of 31 Contents 1. Introduction... 5 2. Definitions... 6 3. Risk Management Framework... 7 4. Duties and responsibilities...
More informationIntegrated Risk Management Framework
Integrated Risk Management Framework Author Patient Safety Manager Version 4.0 Version Date May 2017 Implementation/Approval Date May 2017 Review Date May 2018 Review Body Governing Body Policy Reference
More informationKidsafe NSW Risk Management Plan. August 2014
Kidsafe NSW Risk Management Plan August 2014 Document Control Document Approval Name & Position Signature Date Document Version Control Version Status Date Prepared By Comments Document Reviewers Name
More informationScouting Ireland Risk Management Framework
No. SID 124A/15 Gasóga na héireann/scouting Ireland Issued Amended 20 th June 2015 Deleted Source: National Management Committee Scouting Ireland Risk Management Framework Revision Date Description # 20/06/2015
More informationRisk. Protocol for the Management of Risk
Risk Protocol for the Management of Risk Instr No Contact Brian Orpin Version 4.0 Email brian.orpin@nhs.net Issue Date 27/04/2015 Telephone 0131 314 5360 Review Date 27/04/2016 Status Issued Change Control
More informationRisk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY
NHS Education for Scotland RISK MANAGEMENT STRATEGY January 2016 1 Contents 1. NES STATEMENT ON RISK MANAGEMENT 2 RISK MANAGEMENT STRATEGY 3 RISK MANAGEMENT STRUCTURES 4 RISK MANAGEMENT PROCESSES 5 RISK
More informationBournemouth Primary MAT Risk Management Policy
Bournemouth Primary MAT Risk Management Policy 1. Introduction The Bournemouth Primary Multi-Academy Trust (the Trust) operates a risk management system in order to identify and manage key exposures and
More informationCORPORATE RISK MANAGEMENT POLICY AND STRATEGY
CORPORATE RISK MANAGEMENT POLICY AND STRATEGY () August 2018 1 Subject and version number of document: Serial Number: Corporate Risk Management Policy and Strategy Version 2.5 COR/035/V2.06 Operative date:
More informationRisk Management Policy and Framework
Risk Management Policy and Framework Risk Management Policy Statement ALS recognises that the effective management of risks is a fundamental component of good corporate governance and is vital for the
More informationRISK MANAGEMENT FRAMEWORK
Risk Management Framework RISK MANAGEMENT FRAMEWORK Purpose This Risk Management Framework introduces St. Michael s College s approach to risk management. It includes a definition of risk, a summary of
More informationRisk Management Framework
Risk Management Framework Introduction The outgoing Corporate Strategy 2013-18 and incoming University Strategy 2018-23 continues on a trajectory towards Vision 2025 in an increasingly competitive Higher
More informationEffective Assurance Frameworks
Effective Assurance Frameworks NIGEL IRELAND, HEAD O F BARCUD S HARED S E R VICES @ barcudss w w w.barcudsharedservices.org.uk Today What an Assurance Framework is How an Assurance Framework can add value
More informationPolicy Document Control Page
Policy Document Control Page Title Title: Risk Assessment Policy Version: V8 Reference Number: CO21 Supersedes Supersedes: V7 Description of Amendment(s): Removal of Risk and Clinical Governance Committee
More informationRISK MANAGEMENT GUIDELINES
RISK MANAGEMENT GUIDELINES Purpose of Guidelines These guidelines outline the way South West Healthcare operates its Risk Management Program and are to assist the organisation, its divisions, departments
More informationCONTROLLED DOCUMENT. Version Number: 4.1. On: January 2018 Review Date: June 2016 Distribution: Essential Reading for: Information for: 1 of 15
Risk Management Strategy and Policy CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: PURPOSE: Controlled Number: Document Strategy/Policy Governance To set out the principles and framework for the management
More informationContents INTRODUCTION...4 THE STEPS IN MANAGING RISKS ESTABLISH GOALS AND CONTEXT IDENTIFY THE RISKS...8
Contents INTRODUCTION...4 THE STEPS IN MANAGING RISKS...4 1. ESTABLISH GOALS AND CONTEXT...5 2. IDENTIFY THE RISKS...8 Identifying the risks... 8 Identify the sources of the risks... 8 Identify the impact
More informationLONDON BOROUGH OF ENFIELD RISK MANAGEMENT STRATEGY
LONDON BOROUGH OF ENFIELD RISK MANAGEMENT STRATEGY JANUARY 2013 1 Version Control Reference Comments Approval date 05 09 12 19 11 12 10 01 13 2 FOREWORD Welcome to the Council s Risk Management Strategy.
More informationExecutive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B
Executive Board Annual Session Rome, 25 28 May 2015 POLICY ISSUES Agenda item 5 For approval ENTERPRISE RISK MANAGEMENT POLICY E Distribution: GENERAL WFP/EB.A/2015/5-B 10 April 2015 ORIGINAL: ENGLISH
More informationRisk Management. Policy and Procedures
Risk Management Policy and Procedures POLICY SCHEDULE Policy title Policy owner Policy lead contact Approving body Date of approval/review Related Guidelines and Procedures Review interval Risk Management
More informationRISK MANAGEMENT PROCEDURES
RISK MANAGEMENT PROCEDURES Recommended by Approved by Approval date Risk Moderation Sub-Committee Executive Management Team 15-Oct-2012 Version number 1.0 Review date Responsible Director Responsible Manager
More informationRISK MANAGEMENT POLICY October 2015
RISK MANAGEMENT POLICY October 2015 1. INTRODUCTION 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Paringa Resources Limited
More informationMeeting of Bristol Clinical Commissioning Group Governing Body
Meeting of Bristol Clinical Commissioning Group Governing Body To be held on Tuesday 30 June 2015 commencing at 13:30pm at the Greenway Centre, 119 Doncaster Road, BS10 5PY Title: Risk Appetite Statement
More informationRisk Management Policy. September 2015
Risk Management Policy September 2015 Contents Policy Statement... 3 AA s Commitment to Risk Management... 3 Risk Management Principles... 4 Governance Framework... 6 Roles and Responsibilities... 7 Board...
More informationHSC Business Services Organisation Board
Paper BSO 25/2009 HSC Business Services Organisation Board Risk Management 1. Purpose of this report The purpose of this report is to brief the Board on the BSO Risk Management process. 2. Background HSC
More informationRisk Management Strategy. February 2016 February 2019 Risk management, risk Assurance Plan SOP
Corporate Risk Register: Standard Operating Procedure Document Control Summary Status: Version: Author/Title: Owner/Title: Approved by: Ratified: Related Trust Strategy and/or Strategic Aims Implementation
More informationRisk Management Strategy
Risk Management Strategy July 2004 Version 1 This document will be reviewed regularly. Printed copies should not be considered the definitive version. Contact the Risk Management Support Unit (RMSU x54645)
More informationNHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY
NHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY 1 CONTENTS Page Number Introduction 3 Purpose 4 Objectives 4 Systematic Approach to Risk Management 4 The Risk Management Structure 5 Risk
More informationRISK MANAGEMENT PROCEDURE GUIDANCE
RISK MANAGEMENT PROCEDURE GUIDANCE East and North Hertfordshire Clinical Commissioning Group Page 1 of 25 DOCUMENT CONTROL SHEET Document Owner: Director of Nursing and Quality Document Author(s): Company
More informationCO14: Risk Management Policy
Corporate CO14: Risk Management Policy Version Number Date Issued Review Date V3.1 20/12/17 30/04/2018 Prepared By: Consultation Process: Policy & Corporate Governance Lead, NHS County Durham & Darlington
More informationRisk Registers. Providing evidence, if required, that the Trust is compliant with the Management of Health and Safety Regulations 1999;
Risk Registers Appendix 1 What is a Risk Register? A Risk Register is a log of risks of all kinds that threaten the delivery of objectives and the delivery of services. It should be a live document which
More informationRisk Management Strategy
Resources Risk Management Strategy Successful organisations are not afraid to take risks; Unsuccessful organisations take risks without understanding them. Issue: Version 3 - November 2011 Group: Resources
More informationUniversity of Greenwich Risk Management Guide Revised October 2017
University of Greenwich Risk Management Guide Revised October 2017 Purpose of the Guide 1. This document supplements the Risk Management Policy of the University of Greenwich. It explains why risk management
More informationRisk Management Framework
Risk Management Framework Anglican Church, Diocese of Perth November 2015 Final ( Table of Contents Introduction... 1 Risk Management Policy... 2 Purpose... 2 Policy... 2 Definitions (from AS/NZS ISO 31000:2009)...
More information2.2 For Board Members to approve the five high risks the Trust is facing:
HEREFORD HOSPITALS NHS TRUST PUBLIC BOARD MEETING 28 TH JANUARY 2011 COMPANY SECRETARY S REPORT NICOLA.LICENCE@HHTR.NHS.UK BOARD ASSURANCE FRAMEWORK 1.0 INTRODUCTION 1.1 The attached Board Assurance Framework
More informationRisk Management & Assurance Strategy. Audit Committee. See reference page 38
BHH Brent Harrow Hillingdon Clinical Commissioning Groups Risk Management & Strategy Author: Policy Number: Version: Sponsor/Executive: Responsible committee: Gilbert George Dawn Crump Interim Head of
More informationRISK MANAGEMENT. Associate Director of Governance POLICY CONTEXT
RISK MANAGEMENT POLICY NO & CATEGORY RS 01 Risk & Safety VERSION NO & DATE 12 November 2015 RATIFYING COMMITTEE Trust Board DATE RATIFIED November 2015 NEXT REVIEW DATE November 2016 EXECUTIVE DIRECTOR
More informationRISK MANAGEMENT AND STRATEGY POLICY. (Replaces Policy No. TP/RHS/165 V.5) Head of Corporate Governance & Assurance
A member of: Association of UK University Hospitals RISK MANAGEMENT AND STRATEGY POLICY (Replaces Policy No. TP/RHS/165 V.5) POLICY NUMBER TPRHS/165 POLICY VERSION V.6 RATIFYING COMMITTEE Board of Directors
More informationMEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework
MEMORANDUM To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 Re: ERM Policy and Framework Executive Summary Attached are the draft Enterprise Risk Management
More informationRisk Management Strategy, Policy and Procedure
Title: Purpose: Risk Management Strategy, Policy and Procedure The overarching purpose of the risk management strategy is to describe the framework and processes within Cornwall Partnership NHS Foundation
More informationRisk Management Policy
Risk Management Policy October 2014 Risks 1. Risks can be identified under four principal headings a. Financial risks b. Strategic Risks c. Operational Risks, and d. Hazard Risks 2. These are either externally
More informationCITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY
CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY Effective Date 1 July 2015 TABLE OF CONTENTS 1. POLICY STATEMENT... 3 2. POLICY CONTEXT... 4 3. PURPOSE... 5 4. POLICY SCOPE AND APPLICATION... 6 5. RISK
More informationBrighton and Sussex University Hospitals. Risk Management Strategy
Brighton and Sussex University Hospitals Risk Management Strategy Version: 5 Category and number: Approved by: TW/017 BSUH Board of Directors Date approved: 29 th September 2016 Name of originator/author:
More informationRisk Management Framework
Risk Management Framework Purpose: Scope: This Risk Management Framework introduces Central Queensland Christian College s approach to risk management. It includes a definition of risk, a summary of the
More informationRisk Management Procedure. Version Number: 6.0 Controlled Document Sponsor: Controlled Document Lead:
Risk Management Procedure CONTROLLED DOCUMENT CATEGORY: CLASSIFICATION: PURPOSE Controlled Document Number: Procedure Governance To detail the procedure for the management of risk 419 Version Number: 6.0
More informationWest Coast District Municipality. Risk Management Policy
West Coast District Municipality Risk Management Policy TABLE OF CONTENTS Page No. RISK MANAGEMENT POLICY 5 1. OVERVIEW 6 1.1. Policy Objective 6 1.2. Policy Statement 6 1.3. Risk Management Approach 6
More information1.1. This document forms the Council s Risk Management Strategy. It sets out:
1. Introduction Bovey Tracey Town Council RISK MANAGEMENT STRATEGY 1.1. This document forms the Council s Risk Management Strategy. It sets out: - What is risk management - Why the Council needs a risk
More informationDOCUMENT TYPE: Strategy UNIQUE IDENTIFIER: RMS-01. DOCUMENT TITLE: Risk Management Strategy 2018/2019
DOCUMENT TYPE: Strategy DOCUMENT TITLE: Risk Management Strategy 2018/2019 SCOPE: Trust Wide AUTHOR / TITLE: Phebe Hemmings, Company Secretary Christine Morris, Interim Director of Governance REPLACES:
More informationRisk Management Policy
Risk Management Policy April 2017 1 Introduction 1.1 The primary objective of risk management is to ensure that the risks facing the business are appropriately managed. 1.2 Force is committed to ensuring
More informationRisk Management Policy and Procedures.
Risk Management Policy and Procedures. Rev Date Purpose of Issue/Description of Change Date 1. June 2006 Initial Issue 2. November 2009 Revised and updated 6 th November 2009 3. September 2010 Revised
More informationRisk Management Framework
Risk Management Framework Risk Management Framework 1. The University views Risk Management as integral to the successful execution of its Strategy. In order to achieve the aims set out in our strategy,
More informationRisk Management Policy
Risk Management Policy Date Published 6 th July 2016 Version 1 Approved Date 6 th July 2016 Review Cycle Annually Review Date June 2017 Learning together; to be the best we can be 1. Introduction 1.1.
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1 RISK MANAGEMENT FRAMEWORK... 1 INTRODUCTION... 3 AN EFFECTIVE ENTERPRISE RISK MANAGEMENT SYSTEM... 4 Guiding Principles... 4 RISK GOVERNANCE... 5 Mandate and Commitment... 5
More informationHAZARD MANAGEMENT POLICY Page 1 of 7 Reviewed: October 2018
Page 1 of 7 Policy Applies to: The Board of Directors, staff employed by Mercy Hospital, Credentialed Specialists, Allied Health Professionals, contractors, students, volunteers and visitors. Related Standards:
More informationAn Introductory Presentation for ECU Staff
Risk Management at ECU An Introductory Presentation for ECU Staff Phillip Draber Manager, Risk and Assurance Outcomes By the end of this session you should: Be able to complete and document risk management
More informationApproved by: Diocesan Council 17 December 2015
DIOCESAN COUNCIL POLICY 39 Risk Management Approved by: Diocesan Council 17 December 2015 1 PREAMBLE The Perth Diocesan Trustees under the authority of the Diocesan Trustees Statute 1952 have the responsibility
More informationRisk Management. Seminar June Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small
Risk Management Seminar June 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Defining Risk Risk reflects the chance that the actual event may be different than the planned / expected
More informationQueen s University Belfast. Risk Management. Policy and Procedures
Queen s University Belfast Risk Management Policy and Procedures POLICY SCHEDULE Policy title Policy owner Policy lead contact Approving body Date of approval/review Related Guidelines and Procedures Review
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company s risk management framework is an important tool to guide the organisation towards achieving
More informationPRIME FINANCIAL POLICIES
1. INTRODUCTION 1.1. General PRIME FINANCIAL POLICIES 1.1.1. These prime financial policies and supporting detailed financial policies shall have effect as if incorporated into the group s constitution.
More informationGROUP GOVERNANCE FRAMEWORK MANUAL
GROUP GOVERNANCE FRAMEWORK MANUAL Incorporating Standing Orders of the Board of Directors, Standing Orders of the Council of Governors, Reservation and Delegation of Powers and Standing Financial Instructions.
More informationDiscussion. Information
Item 10.8 To: From: Trust Board Kevin Turner, Deputy Chief Executive Date: 4 th July 2017 Title: Strategic Risk Management Report Responsible Director: Kevin Turner, Deputy Chief Executive Author: Karen
More informationRisk Management at Central Bank of Nepal
Risk Management at Central Bank of Nepal A. Introduction to Supervisory Risk Management Framework in Banks Nepal Rastra Bank(NRB) Act, 2058, section 35 (a) requires the NRB management is to design and
More informationPerpetual s Risk Management Framework
Perpetual s Risk Management Framework Perpetual s Risk Management Framework Context Perpetual Limited (Perpetual) is a diversified financial services firm, listed on the Australian Securities Exchange.
More informationVersion: th November 2010 RISK MANAGEMENT POLICY
Version: 1.2-25th November 2010 RISK MANAGEMENT POLICY Document History Document Location To be completed. Revision History Date of this revision: 17/09/2010 Date of next revision: N/A Revision Number
More informationRisk Management Policy
Version: 2.0 New or Replacement: Policy number: Document author(s): Replacement ULHT-MD-GOV-RM-PMIMSI Paul White, Risk Manager Contributor(s): Members of the Trust Board & Senior Leadership Team Approved
More informationRisk Management. Webinar - July 2017
Risk Management Webinar - July 2017 Compiled by: Raaghieb Najjaar, Yaeesh Yasseen & Rashied Small Adapted and Facilitated by: Professor Enslin J. van Rooyen Risk Management - June 2017 2 Defining Risk
More information28 July May October 2016
Policy Name Risk Management Policy & Procedure Related Policies and Legislation AISWA Guidelines Risk Management Policy Category Planning & Management Relevant Audience Date of Issue / Last Revision All
More informationRISK MANAGEMENT FRAMEWORK
RISK MANAGEMENT FRAMEWORK 1. INTRODUCTION (Company) acknowledges that risk is inherent in its business. The Company faces a broad range of risks as a listed entertainment organisation. The Company s risk
More informationRisk Management Policy
Risk Management Policy Date First Published June 2016 Version 3 Date Last Approved 20 th June 2018 Review Cycle 1 Year Review Date June 2019 Learning together; to be the best we can be 1. Introduction
More informationRISK MANAGEMENT POLICY
RISK MANAGEMENT POLICY Approved by Governing Authority February 2016 1. BACKGROUND 1.1 The focus on governance in corporate and public bodies continues to increase. It resulted in an expansion from the
More informationTONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD
TONGA NATIONAL QUALIFICATIONS AND ACCREDITATION BOARD RISK MANAGEMENT FRAMEWORK 2017 Overview Tonga National Qualifications and Accreditation Board (TNQAB) was established in 2004, after the Tonga National
More informationPractical aspects of determining and applying a risk appetite for SMEs
Practical aspects of determining and applying a risk appetite for SMEs By Tim Timchur acis, Director, ActivePro Consulting Pty Ltd Important to determine appetite for risk before determining what risk
More informationRisk Management Strategy
Risk Management Strategy Job title of lead contact: Corporate Services Manager Version number: Version 1 Group responsible for approving Executive Team / Governing Body the document: Date of final approval:
More information