Add to collection(s) Add to saved
  1. Business
  2. Finance

Business Risk Register

advertisement 
1
HONITON TOWN COUNCIL
Business Risk Register
2015
2
Processes
In line with best practice, the Council has adopted a seven-step process to support the
implementation of risk management and help maintain impetus.
Steps
1
Identifying
risk
Risks will be identified during the service delivery planning process
and cross-referenced, where possible, to key tasks and to the
achievement of corporate objectives.
2
Analysing risk
Risks will be assessed against probability and impact of the
identified risks using the Council’s approved evaluation criteria to
give a risk score.
3
Profiling risk
The evaluation exercise will result in a risk score from which
significant risks can be established.
4
Prioritising
action
Risks will be entered in the risk register detailing the inherent risk
score, existing controls and residual risk score.
5
Determining
action
Further actions required to reduce the threat of the risk occurring or
minimise its impact will be stated in the risk register. Target dates
and assignment of responsibility will also be stated.
6
Controlling
risk
The specified actions will be carried out as stated in the risk register.
7
Monitoring
The risk management working group will keep the risk register under
review and progress against further actions identified will be
monitored quarterly. The register will be updated as actions are
achieved and risk scores amended as appropriate. The identification
of risks should be a continual process and risks emerging throughout
the year should be evaluated and, where necessary, added to the
register.
3
Risk Management Matrix
4
5
Minor
Moderate
3
Major
2
Catastrophic
1
Negligible
Assessment Impact
Financial
(F)
Reputation
(D1)
Stakeholder
(D2)
Under £500
Minimal loss of
public trust
Minimal impact
on stakeholder
business
arrangements
£501 _ £1000
Slight loss of
trust with no
lasting impact.
Little adverse
publicity
Minor impact
on stakeholder
business
arrangements
£1001 _ £5000
Moderate loss
of trust that
receives
significant
adverse
publicity locally
with no lasting
impact
Moderate
disruption to
stakeholder’s
arrangements.
£5001 _ £10000
Significant loss
of trust and
receives local
media attention.
Potential for
lasting impact
Significant
disruption to
and opposition
from
stakeholders
Over £10000
Significant loss
of trust and
receives
national media
attention with
potential for
persisting
impact.
Major
disruption to
and strong
opposition from
stakeholders
who represent
vulnerable
clients
Community/
Customers
(D3)
Minimal
impact or
disruption to
community
contained
within a
community
area
Minor impact
to community
and
community
dissatisfaction.
Limited
service
disruption.
Moderate
impact to
community
and customer
dissatisfaction.
Moderate
service
disruption.
Significant
service
disruption and
community
opposition.
Threat of legal
action.
Major service
disruption.
Significant
community
opposition.
Legal action.
Long-term
public
memory.
Mild health effect for
short period.
Minimal environmental
impact.
Minor injury
(worker or third
party).
Medical treatment
beyond first aid.
Reversible health
effect.
Minor illness.
Local impact requiring
response, but from which
there is a natural
recovery.
Irreversible health
effect for example
loss of hearing.
Serious illness from
which there is full
recovery.
Moderate environmental
impact, requiring
response to aid recovery.
Reportable to authorities.
Life shortening health
effect.
Health effect causing
significant irreversible
disabilities.
Major environmental
incident resulting in
significant impact
requiring management
by external authorities
Death
Extreme environmental
incident, resulting in
irreversible long term or
widespread harm
Moderate
First aid case,
with no lost time.
Negligible safety
impact
Single major
injury,
4
Major
Environmental (E)
Multiple major
injuries which
may result in
permanent
disabilities
5
Catastrophic
2
Health (H)
Negligible
1
Safety (S)
Minor
4
3
Death
Assessment Impact
5
Likelihood Ranges
Guidance
Probability Range
1
Improbable
Very remote probability that the event
would occur
1%
2
Remote
Event may occur only in exceptional
circumstances
1 – 10%
3
4
Possible
Probable
Event could occur at some time
Event should occur at some time
11 - 50%
51 – 90%
5
Almost
Certain
Event will occur in most circumstances
90%
Impact
Description
5
10
15
20
25
4
8
12
16
20
3
6
9
12
15
2
4
6
8
10
1
2
3
4
5
Likelihood
Red Risk: (20-25)
Unacceptable risk.
Reduce risk by mitigation.
Amber Risk (12-16)
Reduce risk by mitigation. Regularly review
Yellow Risk (8-10)
Tolerate risk. Review control measures
Green Risk. (1-6)
Acceptable Risk.
Monitor risk.
Transfer risk.
.D.
Risk/Event
Cause
Consequence/Impact
D D D
F L R
1 2 3
S H E
Mitigation
Preventative
Actions
Residual
Risk
6
Governance Risk (Overall Inherent Risk)
Inadequate
Financial
arrangements.
Poor
organisational
structures.
The risk is poor or
inadequate
Governance
Poor
understanding of
legal
requirements
Poor decision
making
Poor forward
and contingency
planning.
Poor operational
management
Loss of
community/stakeholder
confidence.
Adverse Reputation.
Negative Media
Attention.
INHERENT RISK
Poor Audit reports
Loss of service provision.
Financial Investigations.
Breach of legislative
requirements.
Legal Actions.
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
D D D
F L R
1 2 3
S H E
Mitigation
Preventative
Actions
Residual
Risk
7
Financial Risks
Loss of
community/stakeholder
confidence.
Adverse Reputation.
The risk is poor or
inadequate financial
management
Poor financial
procedures.
Negative Media
Attention.
INHERENT RISK
Poor Audit reports
Loss of service provision.
Financial Investigations
Loss of
community/stakeholder
confidence.
101
The risk is the
precept is not
adequate to meet
council
requirements.
Adverse Reputation.
Poor forward
planning
Set appropriate Precept
Manage Accurate Budget
Forward Planning.
Negative Media
Attention.
Unexpected
finance
requirements
(see risk 106)
Poor Audit reports
102
The risk is poor
financial record
keeping
Inadequate
Records
Loss of service provision
Poor Audit reports.
Financial Regulations in
placed and reviewed
annually by Finance
Financial Irregularities
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
D D D
F L R
1 2 3
S H E
Mitigation
Preventative
Actions
Residual
Risk
8
committee and ratified by
full council.
Financial data recorded
using Sage by RFO
103
The risk is poor
banking methods
Inadequate
procedures
104
The risk is the misuse of council funds
Fraud
105
The risk is Income
streams fail to meet
expected budget
requirements.
(Town market)
Details and procedures
contained in the Financial
Regulation.
Poor Audit reports
All Members of
Town Council
to have an
understanding
of the
recording
system.
Review
Annually
Expenditure above
£20,000 requires
authorisation by full council
Loss of financial asset.
Down turn in
service
requirements
Unrealistic
target budget
Impact on council
reserves.
Prudent Budgeting
See Risk 301
&302
(Public car park)
Loss of
community/stakeholder
confidence.
106
The risk is
insufficient reserves
are maintained to
meet unexpected
expenditure
Poor precept
management.
Adverse Reputation.
Poor of forward
planning
Negative Media
Attention.
Adequate Insurance
Prudent budgeting
Sensible reserves
Poor Audit reports
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
D D D
F L R
1 2 3
S H E
Mitigation
Preventative
Actions
Residual
Risk
9
Loss of service provision
107
108
109
110
The risk is loss of
council funds held
in Bank Accounts
The risk is the loss
of council Assets
The risk is nonpayment of regular
expenditure
The risk is
additional costs
incurred through
legal actions
Errors made by
bank.
Impact on finances
Reconciliation of bank
accounts conducted
quarterly by finance.
committee.
Split reserves
for £85,000
FCS
Addition costs
Sufficient Insurance to
cover repair or
replacement of assets
Review
Annually
Adverse Reputation.
Negative Media
Attention.
Prudent financing
Collapse of bank
Theft
Vandalism
Poor Financial
Management
See risk 106
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
10
Compliance Risks
Loss of
community/stakeholder
confidence.
Adverse Reputation.
The risk is failing to
comply with
legislation and
council policies
Poor
Management
Negative Media
Attention.
5
5
5
4
5
5
5
5
25
INHERENT RISK
Legal Action
Fines
Imprisonment
Negative Media
Attention.
201
The risk is failure to
meet Health and
Safety Regulations.
Lack of council
knowledge and
understanding of
requirements
Legal Action
Robust Health & safety
Policy
Review annually
Broaden H&S to
encompass Car
Park and other
HTC owned land
Robust Health & safety
Policy
Review annually
Broaden H&S to
encompass Car
Park and other
HTC owned land
Fines
Imprisonment
Negative Media
Attention.
202
The risk is failure to
meet Fire
Regulations
Lack of council
knowledge and
understanding of
requirements
Legal Action
Finds
Imprisonment
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
11
Negative Media
Attention.
203
The risk is failure to
meet Environmental
Regulations
Lack of council
knowledge and
understanding of
requirements
Legal Action
Robust Health & safety
Policy
Review annually
Broaden H&S to
encompass Car
Park and other
HTC owned land
Training Policy
Training Plan
Train Councillors
on Governance &
Accountability
Act
Adequate Polices upheld
Training Plan
Induction
Training for all
councillors
Adequate Polices upheld
Training Plan
Induction
Training for all
councillors
Fines
Imprisonment
Loss of
community/stakeholder
confidence
204
The risk is failure to
meet Financial
Regulations
Lack of council
knowledge and
understanding of
requirements
Negative Media
Attention.
Legal Action
Fines?
Imprisonment
205
The risk is failure to
meet council
policies
Lack of council
knowledge and
understanding of
requirements
Loss of
community/stakeholder
confidence.
Adverse Reputation.
Negative Media
Attention.
Adverse Reputation.
206
The risk is failure to
meet Employment
Regulations
Lack of council
knowledge and
understanding of
requirements
Negative Media
Attention.
Legal Action
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
12
Fines
Adverse Reputation.
207
The risk is failure to
comply with Local
Government Acts
Lack of council
knowledge and
understanding of
requirements
Negative Media
Attention.
Trained Clerk and staff
Legal Action
Training Plan
updated regularly
Fines?
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
13
Operational Risks
Loss of
community/stakeholder
confidence.
The risk is failing to
deliver services
effectively
Poor
Management
Adverse Reputation.
4
4
4
4
4
16
INHERENT RISK
Negative Media
Attention.
Down turn in
service
requirements.
301
302
The risk is the street
market fails to
perform to its
expected level
Insufficient
Councillors
Poor
Management
Failure to
recognise the
changing
needs and
expectations
of the
community
Multi
Resignations
Unable to fill
through election
or co-option
Negative Media
Attention.
Loss of
community/stakeholder
confidence.
Employ Street Market
Manager
Market Committee
Set regular
objectives
Loss of revenue
Council not quorate
Adverse Reputation
Negative Media
Attention.
Loss of
community/stakeholder
confidence.
Regularly promoting the
work of the council
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
14
303
304
305
306
The risk is loss of
key council staff
The risk is loss of
CCTV coverage
The risk is
deterioration of:
Footpaths
Flower Beds
Bus Shelters
Community Seats
The risk is failure to
maintain community
events:
Hot Pennies
Charter Day
Long term
illness.
Unexpected
death
Vandalism
Lack of
Maintenance
and/or funds
Vandalism
Lack of
Maintenance
and/or funds
Vandalism
Lack of funds
Lack of Interest
Produce a
Business
Continuity Plan
Impact on key council
services
Adverse Reputation
Negative Media
Attention.
Possible legal action
Regular maintenance
Prudent Budgeting
Adverse Reputation
Negative Media
Attention.
Possible legal action
Regular maintenance
Prudent Budgeting
Adverse Reputation
Negative Media
Attention.
Prudent Budgeting
Promotion of events
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
.D.
Risk/Event
Cause
Consequence/Impact
S H E
D D D
F L R
1 2 3
Mitigation
Preventative
Actions
Residual
Risk
15
Strategic Risks
The risk is failing to
make Strategic
Decisions
401
402
Poor decision
making.
Poor Horizon
Scanning
Loss of
community/stakeholder
confidence.
Adverse Reputation.
4
4
4
4
4
16
INHERENT RISK
Negative Media
Attention.
The risk is failure
to deliver key
council objectives.
Use of political
allegiance to
influence Council
polices
403
The risk is failure
to recognise the
changing needs
and expectations
of the community
404
The risk is failing to
protect the
community and
environment during
emergency
situations
See 101
See 205 &
207
No forward
planning
Major
emergency
situations
Loss of
community/stakeholder
confidence.
Adverse Reputation.
Negative Media
Attention.
Loss of Life
Loss of Services
Adverse Reputation.
Negative Media
Attention.
Community Engagement
Strategy
Continuous
monitoring of
Strategy
Emergency Plan
Review Plan
Annually
Risk Assessment Key
S = Safety H = Health E = Environment D1 = Reputation impact D2 = Stakeholder impact D3 = Community/Customer impact F = Financial Impact L= Likelihood of event occurring R = Risk Rating
Related documents
Standardized Risk Management Terms, Based on ISO/IEC Guide 73
Standardized Risk Management Terms, Based on ISO/IEC Guide 73
PR-presentation
PR-presentation
Stakeholder Identification - Strategic Plan
Stakeholder Identification - Strategic Plan
Partner Due Diligence Evaluation of Strategy and Reputation (APT5)
Partner Due Diligence Evaluation of Strategy and Reputation (APT5)
Stakeholder Engagement Model
Stakeholder Engagement Model
Group rep mgmt Presentation2
Group rep mgmt Presentation2
Hany Faidy
Hany Faidy
232.Mar-2011-Stakeholder
232.Mar-2011-Stakeholder
KSS Webinar 2 July 31 2013
KSS Webinar 2 July 31 2013
Identifying the stakeholders
Identifying the stakeholders
Download
advertisement