LIST OF CONTENTS - Borough of Stockton-on-Tees
[pic]
Resources
Finance
RISK MANAGEMENT
ANNUAL REPORT
2005 - 2006
LIST OF CONTENTS
1. Introduction
2. Risk Management Strategy
3. Summary of Overall Progress
4. Update of the Corporate Risk Register
Appendices:
Appendix A: Key Performance Indicators
Appendix B: Operational Performance
Appendix C: Corporate Risk Register – March 2006
1. INTRODUCTION
The Council’s Risk Management Team has continued to develop and improve the corporate risk management programme since the last major review and enhancement of the strategy in 2002.
This report provides a summary of progress since the start of the enhanced programme, and a more detailed update over the last 12 months, together with the latest version of the Corporate Risk Register with amendments made over the final quarter of the year ending 31st March 2006.
In addition to the commentary on risk assessment and management activities the report fulfils important requirements in terms of the Comprehensive Performance Assessment (CPA), as well as compliance with best practice in corporate governance as identified by CIPFA/SOLACE. The risks identified also serve to provide assurance that the significant risks of the Council are being robustly managed.
2. RISK MANAGEMENT STRATEGY
As an organisation concerned with service provision and economic development of the Borough it is essential that the risks to achieving our objectives are managed so that we create an environment without surprises.
By effectively managing our risks and the threats and opportunities which flow from them we will be in a stronger position to deliver our business objectives, provide improved services to the community and achieve better value for money.
Risk Management is therefore at the heart of what we do. The Council’s approach to risk management aims to be forward looking, innovative, comprehensive and demonstrate leadership within the community. It also aims to support a culture which encourages continuous improvement and development with appetite for risk taking at all levels supported by well thought through decision making.
This strategy sets out the policy that underpins our approach to risk management both internally and within the wider environment in which the Council functions along with the framework for ensuring that risk management is truly embedded.
The strategy will be periodically reviewed to ensure that it reflects the business needs of the authority, remains challenging and responsive to Government direction and requirements.
3. SUMMARY OF OVERALL PROGRESS
In 2002 the Council accepted the need for change and took steps to review and improve its existing risk management procedures. The main reason for the change was that the former risk management approach, although very successful, was focused primarily on operational activities with little or no attention being given to the management of strategic business risks.
The Corporate Director of Resources took ownership of the review process and worked with the Council’s Risk and Insurance Manager to ensure that the new approach, methodology and systems would be robust and result in measurable improvements to the quality of service delivery.
Implicit in the strategy was that the Council would develop a system that delivered real benefits from effective risk identification, analysis and monitoring to reduce risk related costs without significantly increasing workloads and creating a paper mountain. Making risk management part of the existing processes and reviews rather than treating it as a separate function is helping to achieve this.
Achievements to date:
1. A Guide to the Identification and Assessment of Strategic Risk has been produced for use across the authority. This incorporates a framework for implementation of the management process & procedures that are now widely embedded in and practised by all service areas.
2. A comprehensive range of policy and support documentation is now in use to support and facilitate the process including, a Risk Identification & Assessment pro-forma linked to a scoring mechanism and risk ranking criteria, Categories of Risk advice and, Risk Implications guidelines for use in Cabinet Reports. These are designed to help achieve consistency of identification and treatment across the whole organisation. There is also a formal Statement on the Council’s Risk Management Policy and, Defined Roles and Responsibilities for elected members and officers.
3. Guidelines for carrying out Service Planning risk assessments have been introduced. Each service area within the authority has completed a risk profile for their service area. This information is moderated within each service area in line with the corporate approach. The first risk registers were in place for the 2003/4 Service Delivery Plans and have been developed and enhanced to become a permanent feature of the Authority’s annual planning process.
4. The Council’s Risk Management Team have been providing ongoing support to Service Grouping’ Management Teams to advance progress. This has been further augmented by regular one-day ‘Managing Risk and Opportunity’ training courses for managers and supervisors and which form part of the authority’s Basic Core Management Skills Programme. Risk Management awareness information has been included in elected members’ Induction Training sessions and facilitated workshops for councillors have also been held. Feedback from the evaluations completed by attendees at some of these training events is included at Appendix B of the report.
5. A Risk Management Forum Group has been established to communicate, promote steer and monitor the Council’s overall approach to risk management and its effectiveness within all aspects of its own business and shared working arrangements with external bodies. The forum is tasked with sharing advice and providing guidance to Service Groupings on risk management and with reviewing key strategic risks and the effectiveness of controls as part of its monitoring process and, maintaining the Council’s risk register.
6. A quarterly monitoring and reporting cycle is now in place to ensure that Service Groupings report progress on risk management to the Risk Management Forum Group. This information then feeds into the Corporate Risk Register which is reported on to the Council’s Executive Management Team (CMT) and, to Cabinet via the Audit Committee.
7. To support the production of the Statement of Internal Control (SIC) all Heads of Service must now produce and sign a Certificate of Assurance which details the work undertaken within their Service Grouping on risk management and internal control and provides evidence to support the Statement of Internal Control.
8. Over the last three years the Audit Commission has carried out annual reviews of the authority’s risk management services and the feedback has been very positive with only a small number of recommendations, which have been addressed. Additionally, there was some recognition of progress made within the area of risk management in the Council’s Comprehensive Performance Assessment rating which improved from good to excellent between 2002 and 2004 and was assessed as 4 stars – Improving well in 2005.
9. Risk Management is now included in the Council’s Procurement Strategy and project management arrangements of the authority to ensure that risk is managed at every stage of the process.
10. Business Continuity Management started within the authority in 2004/5. The first steps of the process were to undertake Business Impact Analysis studies within service areas and these have now been substantially completed. The information is now being consolidated and fed back to management teams and further training needs are being identified.
11. Work has progressed on the Disaster Recovery Plan, which deals with protecting and maintaining the IT infrastructure and telecommunications within the authority. Contracts have been signed with an external emergency services provider and it is anticipated that the Authority will soon be able to embark on phased testing exercises.
12. Ethical Governance – following an earlier ethical governance “snap-shot” survey, a more detailed audit of the Council’s processes for monitoring and reviewing standards of conduct exercised by members and officers was undertaken during 2003/4. Arrangements are in hand for this area of risk to be audited again in 2006/7 utilising the IDeA toolkit approach, and culminating in a report back on the ethical health of the Authority with recommendations and plans for future actions.
13. A new software application has recently been procured that will, for the first time, truly integrate Risk and Audit Management functions across the authority. The benefits will include a shared database of risks; joint access to information on controls and action plans to manage these and enhanced monitoring and reporting capabilities for both services. The new system will also help to determine audit plans and objectives and to identify and focus attention on corporate risk priorities.
14. Apart from certain statutory requirements to be found in Health and Safety legislation, various pieces of regulatory legislation, Audit Codes of Practice and the like, other risk management standards are purely a matter for internal decision. As a result, standards against which the Council should measure itself are in the process of being developed. To support this work the Risk Management Section is currently taking part in a pilot group with the NE Region of ALARM (Association of Local Authority Risk Managers) to benchmarking performance against other authorities. Consideration is also being given to HM Treasury standards for risk management and the NHS controls assurance framework to develop performance management.
Current Progress
In the course of internal and external assessments both the Council’s Internal Audit & Risk Management Teams and the Audit Commission Inspectors have found that the Council has improved its ability to handle risk over the past 3–4 years and is continuing to do so. Key improvements include:
1. All service groupings have moved beyond awareness of the need to change, and they increasingly have well-established risk management processes and consistency of approach is improving.
2. Service delivery/Performance improvement plans – all Service Grouping Management Teams (SGMT’s) are now involved in identifying and assessing risks associated with their service objectives. As a result risk management is firmly embedded among people’s minds from the very start of the planning process.
3. Systematic efforts have been made to address key areas of risk – e.g. in project management where some effective use is being made of Gateway reviews to help ensure that the risk status of key projects is being managed down. Also in relation to handling external threats – where the key threats to the borough have been identified and risk assessed and Services are engaged in planning for them in accordance with the requirements of the Civil Contingencies Act.
4. There are better arrangements for spreading good practice across and within service groupings and between them and their partners – e.g. risk management practice criteria are now included in the Customer First Accreditation Programme and a corporate Employees’ Protection Register is at an advanced stage of development.
5. There is stronger leadership – three years ago only around half of service groupings identified the main risks relating to their aims and objectives – now they all do. Also, nearly all services report regular discussion of key risks by senior managers.
6. There is greater number of more skilled and trained staff. The large majority of those attending training courses and events say that effective or very effective training is in place and, there is evidence that the training is being cascaded down through service areas.
7. There is emerging evidence that this is helping Service areas to handle risks better – e.g. anticipating threats – better horizon scanning in Service Groups and at the center. Also, making risk-based decisions e.g. on resource allocation and identifying cross-cutting risks such as skills and staff shortages.
Significant challenges remain however, including: even better anticipation of risk and more early action to tackle it; improved political engagement; better management of risk with delivery partners; further embedding risk in the core processes of the Council; and better handling of risks to the public. This will require continued strong leadership in order to bring about the right conditions to achieve full culture change and to maintain high-level ratings in external examinations over the next few years.
4. UPDATE OF THE CORPORATE RISK REGISTER
The Corporate Risk Register brings together the key risks that could deflect services from achieving their objectives over the next 12 months’ period and beyond. It also sets out the actions being taken to ensure that the risks, and potential adverse outcomes, are minimised.
The previous version of the register showed the position as at 31st December 2005. A further review has been undertaken for the year-end on 31st March 2006 and changes over the intervening period have been incorporated to produce the current register comprising 27 risks as detailed in Appendix C of this report.
Although the total number of significant risks has not changed since December 2005, the risk profile has altered slightly. More particularly, six new risks have been notified for inclusion in the register, five have been reassessed and moved below the corporate reporting threshold, and two risks have been consolidated and amalgamated into one entry. These additions and amendments can be summarised as follows:
|Service Area |Corp |Risk Issue |Risk |Comments |
| |Risk No.| |Score | |
|Resources |22 |Management Development – failure to |16 |The likelihood and potential consequences of this risk|
|(HR) | |equip managers with the right skills| |event occurring are considered sufficiently high to |
| | |to lead, develop and motivate staff.| |warrant its inclusion in the register until such time |
| | | | |as the controls become more effective. |
|Resources |23 |Staff recruitment and retention. |16 |This new risk identifies the detrimental effect of |
|(HR) | | | |failing to recruit and retain the services of staff of|
| | | | |the right calibre on the provision of high quality |
| | | | |services. |
|Resources |24 |Computer room review/ replacement |16 |This is a newly identified risk highlighting the |
|(ICT) | | | |unsuitability of the present location for housing the |
| | | | |central ICT infrastructure upon which the authority |
| | | | |places heavy reliance for the provision of crucial |
| | | | |services. |
|Resources |25 |Investigation / implementation of |16 |Also a new risk to the register which reflects |
|(ICT) | |data matching / sharing software | |concerns over the absence of suitable systems and |
| | | | |procedures to support new data matching and sharing |
| | | | |between organisations and particularly in relation to |
| | | | |the National Child Index. |
|Resources |26 |Review and upgrade firewall |16 |A new risk associated with the increasing use of |
|(ICT) | |infrastructure | |internet and email services across the Authority and |
| | | | |the unreliability of the current Firewall |
| | | | |infrastructure that could trigger further business |
| | | | |interruptions. |
|Resources |27 |Computer room acceptable standards |16 |Physical weaknesses in the computer room and |
|(ICT) | | | |particularly the potential for water ingress, which |
| | | | |could lead to massive disruption of service, have |
| | | | |given rise to this new risk notification. |
|CESC |- |Placements for children with complex|12 |The risk has fallen below the corporate reporting |
| | |needs | |threshold due to improvements in the Independent |
| | | | |Fostering Arrangements and hosting of the Regional |
| | | | |Commissioning Unit in this area. |
|Service Area |Corp |Risk Issue |Risk |Comments |
| |Risk No.| |Score | |
|ESC |- |Staff recruitment and retention |12 |Rating reduced from 16 to 12 due to improved staffing |
| | | | |levels in both the Children and the Adult services |
| | | | |areas. |
|CESC |- |Sickness absence |12 |Improved absence records have been attributed to the |
| | | | |effectiveness of the risk controls and have enabled |
| | | | |the rating to be reduced from 16 to 12. |
|DNS |- |To enhance the natural and built |15 |The risk has been reduced from 20 to 15 as a result of|
| | |environment by safe and sustainable | |the State of the Environment Report being signed off |
| | |development | |and ready for consultation in May 2006. |
|DNS |- |Neighbourhood renewal: Regeneration |5 |The prospect of a CPO objection being received in |
| | |of the most deprived areas to bring | |relation to the Hardwick Regeneration Scheme is now |
| | |them close to the Borough average. | |considered sufficiently unlikely to enable the risk |
| | | | |rating to be reduced from 20 to 5. |
|DNS |1 |Planning: To develop high quality |20 |Previously different strands of this risk were |
| | |strategies and plans to guide the | |recorded under two separate entries that have now been|
| | |core business of the service group. | |consolidated into one. |
The updated version of the Corporate Risk Register will be made available in the Members’ Library and an electronic copy incorporating the supporting risk assessment details (accessed by double-clicking the embedded risk issue logo) is to be placed on the intranet (Toolkit/Risk Management and Insurance/Risk Management/Corporate Risk Register).
KEY PERFORMANCE INDICATORS
Customer satisfaction survey results:
Satisfaction surveys are based on 18 questions with a scoring of 1 to 5, with 5 being “Excellent”, 3 “Met Demand” and 1 being “Poor”.
| |2003/04 |2004/05 |2005/06 |
|% less than 2.5 |0 |0 |Results not available until |
| | | |later in year |
|Average |3.9 |4.2 | |
Commendations and Evaluations:
|Event |Date |Comments - Attribution |
|Setting the Standards RM Exercise|December, 2004 |“Just to say how I enjoyed it. And how it helped many think more of |
| | |genuine risk”. |
| | |“One of the best events in terms of getting people to interact” – |
| | |Corporate Director |
|LGC Finance Team of the Year |March, 2005 |“I was particularly interested to see the judges’ comments regarding the|
|Award | |integration of risk management through the business process. |
| | |It has been terrific working with the Council and I will certainly be |
| | |using Stockton as an example which I feel others should follow in |
| | |embedding risk management into their decision making process” – Marsh |
| | |Risk Consultants |
|Managing Risk & Opportunity |14.7.05 |“Achieved key points through interactive exercises”. |
|Training Course | |“Now have a good understanding of RM and Stockton’s approach”. |
| | |“I did not even think of RM before and now I can see how important and |
| | |valuable it is in our business” - Attendees |
|Tristar IDeA Inspection Report |August 2005 |“This section stood out in terms of its service arrangements and the |
| | |relationship between a clearly identified client and the SBC service |
| | |provider. There was real evidence of partnership working, service |
| | |improvement and monitoring and evaluation in progress” – IDeA Inspector |
|Managing Risk & Opportunity |October 2005 |“A very pleasing and informative course that gave insight into a new |
|Training Course | |subject for me”. |
| | |“Theory base explained well followed by good practical examples” - |
| | |Attendees |
|Elected Member Workshop |21.12.05 |“The team of three were all excellent. I would recommend the |
| | |presentation to colleagues” -Councillor |
| | |“Thank you for providing such a useful and informative course this |
| | |morning”-Councillor |
Appendix B
OPERATIONAL PERFORMANCE
ALARM North East Risk Management Benchmarking Survey 2005/06:
The Council is currently taking part in a pilot group with the North East Region of ALARM (Association of Local Authority Risk Managers) to benchmark performance against six neighbouring peer authorities. Comparisons of this nature are a requirement of the Code of Audit Practice for the Comprehensive Performance Assessment.
The survey is also intended to assist local authorities in identifying best practice and thereby advance initiatives within their own organisation and measure their performance relative to other similar authorities in relation to risk management.
This is intended to be an annual exercise and the results of the first survey were as follows:
| |Percentage Scores |
|Authority |A |B |C |D |E |F |SBC |
|Type |Unitary |Unitary |County |Met |Unitary |Met |Unitary |
| | | | | | | | |
|Comparator | | | | | | | |
|RM Strategy |81.25 |83.21 |88.03 |88.21 |83.21 |73.21 |85.89 |
|Elected Member involvement |42.86 |75.47 |61.9 |75.00 |70.47 |61.90 |75.47 |
|Corporate Governance |70.00 |80.00 |77.5 |86.25 |66.25 |67.50 |80.00 |
|Risk Identification |81.87 |82.5 |83.12 |86.25 |83.12 |78.12 |85.00 |
|Consultation |87.5 |92.5 |85.00 |93.75 |82.5 |78.75 |86.25 |
|Communication |78.33 |83.33 |82.5 |88.33 |79.16 |75.83 |79.16 |
|Average Percentage score |75.62 |82.59 |80.33 |87.45 |78.60 |71.68 |82.33 |
|Overall Ranking |6 |2 |4 |1 |5 |7 |3 |
|RISK IDENTIFICATION & ASSESSMENT |RISK MANAGEMENT |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No. |/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No. |/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likliehood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |
|Service |Corp. |Business |Impact Score X Likelihood Score = RISK Score |Measures already in place |Measures planned |Effectiveness |Target Date |Officer |
| |Risk No.|/ Service |[ Risk Score: >20=Catastrophic, 16-20= High, < 16 Medium, Low ] |to control risk |for next year |of proposed | |Responsible |
| | |Objective | | | |controls | | |
| | |Risk Issue |Risk Type |Previous
Risk Score |Present Risk Score |Risk Category | | | | | | |
Resources
ICT |27 |ISR 07 |
Computer Room acceptable standards
| | | | | | |CMT notified and issue appears on the Corporate Risk Register |Complete as much of the ongoing snagging list as possible |Weak |Jun-06 | G Borwell | | | | | | | | |I= |4 | | | | | | | | | | | | | | |X | | | | | | | | | | | | | | | |L= |4 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | |= |16 |High | | | | | | | | | | | | | | | | | | | | | | |
-----------------------
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
Association of Local Authority
Risk Managers
Award Winners
CORPORATE RISK REGISTER - REVIEW
4th Quarter - March 2006
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
[pic]
Appendix A
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
Appendix C
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- list of different cultures of people
- list of stocks on nasdaq
- list of stocks on nyse
- list of state departments of education
- list of the properties of matter
- list of national capitals of world
- list of the bill of rights
- borough of education nyc
- list of joint chiefs of staff
- borough of montvale nj
- borough of montvale
- borough of montvale nj website