This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
HMIE Risk Management Strategy
1.
Risk Management is widely recognised as an essential element of corporate
governance. This policy aims to support successful achievement of HMIE’s core
purpose and three strategic objectives: providing public assurance and
accountability; informing national policy; and promoting effective practice
2.
To maximise the likelihood of success of this strategy, all risks must be
identified and managed and where possible exploited as opportunities for innovation
and improvement.
Risk management principles
3.
HMIE will promote a positive risk management culture within the Inspectorate
and endeavour to ensure that all staff are aware of the nature and type of risk
associated with their particular areas of work. To achieve this, risk management
activities will:





be fully integrated into our business planning processes and undertaken in
accordance with good practice principles;
enable the identification, evaluation and management of risks to ensure that they
are reduced to an acceptable level or responded to constructively;
anticipate and respond, wherever possible, to changing social, environmental,
financial, political and legislative requirements, realising the opportunities these
afford;
be monitored and reviewed on a regular basis;
enable a preparedness to respond quickly and effectively to opportunities for
improvement or when things go wrong.
Risk classification
4.




Risks will be classified in one of four ways:
Corporate level: overarching, high level risks which could impact on most or all of
the organisation;
Directorate owned corporate level: risks related to a specific Directorate which
could impact on most or all of the organisation;
Directorate specific: risks related to a specific Directorate generally related to
their sectoral or cross-cutting responsibilities; or
Task specific: risks associated with a particular task.
Corporate responsibility
5.
The Corporate Services Director has overall responsibility for risk
management. The Business Management and Communications Team Manager
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
(BMCT Manager) will chair the Risk Management Group which is responsible for the
formulation, implementation and review of the risk management policy and strategy.
Operational responsibilities
6.
Annex B sets out the operational reporting mechanisms for all risks. The
mechanisms should use the following principles:

Responsibility for identifying and managing risks will be a key aspect of
leadership and management at all levels. All staff need to have a heightened
awareness of risk as part of their day-to-day working. Distributed leadership
entails that risks are managed at the lowest level at which an individual member
of staff has the authority, responsibility and resources to take action. All staff in
identified leadership and/or management roles will be responsible for
encouraging openness and honesty in the reporting and escalation of risks and in
good risk management practice within their directorates.

Executive groups, are responsible for identifying, managing and reviewing risks
related to their work and the effectiveness of actions to control these risks.

Task Managers are responsible for identifying and managing task specific risks
on an ongoing basis. Directorate HMACIs and Business Managers will oversee
this process.
Implementation, quality assurance and reporting procedures
7.



The Risk Management Group will:
oversee risk management processes and provide an advisory role accessible to
all staff;
monitor and review the effectiveness of the Risk Management Policy and
strategy;
formally report to SMG and the Audit and Risk Committee on the outcomes of
the review of corporate level risks three times per year.
8.
Members of the Risk Management Group (BMCT Manager, ACI/OSD,
Directorate Business Managers) will undertake regular sample reviews of risk entries
in the Business Planning Tool as part of the business planning process.
9.
HMSCI/HMCI business planning/update meetings will include a review of
Corporate and Directorate level risks by exception.
10.
Where a Directorate level risk occurs that is not able to be managed by that
Directorate, the matter will be raised with SMG. Likewise, where a risk occurs within
a task that is not able to be managed by the Task Manager or Directorate HMACI,
the matter will be reported to the relevant HMCI, who, if unable to manage, will report
to SMG for consideration.
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
Review arrangements for policy, including date of next formal review
11.
This policy will be reviewed in insert date two years after strategy has been
approved..
Contact arrangements to enable feedback
12.
Any comments or queries on this policy should be addressed to:
Business Management and Communications Team,
HM Inspectorate of Education,
2nd Floor, Denholm House,
Almondvale Business Park,
Almondvale Way, Livingston EH54 6GA.
Telephone 01506 600265
Email: PS/HMI@hmie.gsi.gov.uk
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
Annex A
HMIE Risk Management Group
Membership
Membership of the Group will normally comprise:





Business Management and Communications Team Manager (BMCT Manager)
(Chair)
Two HMI advisors
Directorate representatives (Business Managers for all Directorates and SMG)
ISU Manager
Finance Manager
Frequency of meetings
Normally three meetings a year. These meetings will be held in advance of the
HMIE Audit and Risk Committee meetings. Any other business between these
meetings will be considered by email or an additional meeting can be arranged if
required. Annex B sets out the suggested agenda for each meeting.
Quorum
A minimum of 5 members must be present for a meeting to be quorate.
Secretariat
Finance Manager
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
Annex B
Risk Management Group – objectives and remit
The HMIE Risk Management Group exists to support the Accountable Officer and
Audit and Risk Committee in these activities. It leads on the formulation,
implementation and review of the risk management policy and strategy.
The Group’s objectives are to:



provide support and comfort to the Accountable Officer on risk-related matters;
support the integration of risk management into the culture of the Inspectorate;
and
evaluate the effectiveness of strategies to manage risk.
To achieve these objectives, the Group will:




act as risk management champions in their own directorate;
maintain and oversee risk management processes and provide an advisory role
accessible to all staff;
establish monitoring arrangements and appropriate review procedures; and
provide Senior Management Group and Audit and Risk Committee with progress
reports on risk management performance.
Meetings will therefore require to




consider the appropriateness and adequacy of the Inspectorate’s risk
management policy;
review overall performance in relation to risk management;
discuss risk management performance following completion of the annual
business planning round; and
confirm appropriate report content for Senior Management Group and Audit and
Risk Committee.
Examples of material that may be provided for meetings:
Risk management policy
Risk register – Corporate, Directorate and task level
Risk register completion guidelines
HMIE intranet material
Reporting outcome of meetings
The Group will provide:

regular reports to the Senior Management Group and Audit and Risk Committee
on the organisation’s performance relating to risk management
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after
consideration by HMIE Senior Management Group. It supersedes all previous
versions.
Annex D
Risk Management Group: Agenda Planner
Block 1
Review the Inspectorate’s Corporate level risk management performance for the
previous year and consider proposals for the coming year.
Directorate Business Managers, in consultation with CIs, to provide a report on the
performance of the directorate on how well risks have been managed for the
previous business planning year and provide a brief on the tasks/risks for the coming
year.
Review risk management policy and guidance.
Review risk management group entry on intranet.
Agree report content for SMG and Audit and Risk Committee.
Block 3
Corporate level risks – SMG BM to provide the group with a overview of corporate
level risks, including changes and management of risks.
Directorate/task level risks – Directorate Business Managers, in consultation with
CIs, to provide an overview of the risks so far in the year. Particularly focusing on
the management of risks so far. Good practice should be identified and shared.
Agree report content for SMG and Audit and Risk Committee.
Certificates of Assurance to be discussed.
Block 4
Corporate level risks – SMG BM to provide the group with a overview of corporate
level risks, including changes and management of risks.
Directorate/task level risks – Directorate Business Managers, in consultation with
CIs, to provide an overview of the risks so far in the year. Particularly focusing on
the management of risks so far. Good practice should be identified and shared.
Consider any required changes to risk management guidance.
Certificates of Assurance to be finalised in advance of submission to Audit and Risk
Committee.
Agree report content for SMG and Audit and Risk Committee.
Version 1.4 3 Mar 11 to MB
This strategy came into effect in March 2011 by HM Inspectorate of Education after consideration by HMIE Senior Management
Group. It supersedes all previous versions.
Directorate
owned
Corporate
and
Directorate
Corporate
Reported to
CS Director
SMG
Exceptions
Overdue
milestones
CIs
Overdue
performance
measures
CIs
Task
manage
rs
Task
Quarterly
report
BPMT
Reports used
Reviewed by
CS
Team
Leaders
How?
When?
Managed by
Level of risk
Annex D – operational reporting mechanisms for risks
Directorate
Executive
Groups
(DEGs)
Directorate
Executive
Groups
(DEGs)
SCI
SCI
At
SCI All reports
update
meeting
At
SCI All reports
update
meeting
Comments
Content
report/meeting
CS Team Leaders to review relevant
risks and amend where necessary.
Review the
Inspectorate’s
corporate level risk
management
performance for the
previous year and
consider proposals
for the coming year.
CIs who own corporate level risks
including those owned by the
directorate to review relevant risks
and amend where necessary.
SMG BM to review all corporate level
risks and prepare a quarterly/block
report for SMG.
Chief Inspectors to discuss the
Directorate Level risks with the DEG.
Alert SMG to any
changes to risks.
Changes to risks
Management of risks
CI will then discuss exceptions with
SCI at end of block meeting.
BMs to collate information on the
progress being made against each
task and prepare full report for DEG.
DEG will then discuss the risks and
amend if appropriate.
CI will then discuss exceptions with
SCI at end of block meeting.
Version 1.4 3 Mar 11 to MB
of
Exceptions
Changes to risks
Management of risks
Exceptions