Risk Management for Local Government
The sector is well guided with counsel in the Orange Book from HM Treasury and Risk Management in Government advice from HM Cabinet Office, and with CIPFA SOLACE guidance being more widely recognised with Local Government.
Experience shows though that whilst there is an acceptance that members of the Board (presumably Local Councillors in local government) have a critical role in establishing the environment that will allow the effective management of risk to flourish, many struggle to impose a risk management process that effectively combines a review of the inherent risks that threaten achievement of corporate objectives and therefore lack a transparent risk mitigation framework at both a strategic but particularly operational level.
It is correct that the extent of many organisation’s activity covers a broad range of service delivery, which in itself poses problems in terms of defining risk appetite. Consequently, organisations have a tendency to define risk using opaque terms such as low to high for impact or never to almost certain regarding likelihood, without really giving any guidance regarding what the Board will not allow to happen.
For the Board to fulfil its responsibilities it must maintain an effective risk management system that provides them with assurance that the organisation is anticipated to achieve its objectives in a structured manner, therefore implementing an effective hierarchy of controls to mitigate the risks it faces as a consistent aspect of governance arrangements. It is essential therefore that what matters most is identified, analysed and managed in order to focus discussion on what more should be done.
The current pandemic will have tested business continuity arrangements across all areas of government, certainly in respect of fall-back arrangements regarding the provision of technology and the ability of staff to work from home, but services will also have been tested regarding:
- Maintenance of essential services, including refuse, schools, care and transport,
- Procurement strategies,
- Health and Safety,
- Adherence to Safeguarding responsibility, and
- Financial management.
The use of RiskMate will support an organisation’s needs no matter what the size of the organisation by focusing on business-critical risks. This ensures that the Board not only fulfils its regulatory responsibilities to review the organisation’s significant risks as well as the controls to mitigate and manage these risks appropriately; but uses the risk management software as a focus for its wider governance aspirations regarding service delivery, sound financial management and stakeholder communication.
As such, it should ensure that a focus is provided on what matters most and therefore ensure that its services are sustainable in the short and longer term. Operating in real-time on cloud-based software, RiskMate will help ensure that your organisation maintains control as well as looking ahead to ensure that you are as prepared as possible for what your organisation may face.