Risk is a fact of life and an ever changing landscape. By attempting to foresee and avert problems in the delivery of services and maximise opportunities, we help ensure that resources are used in the best way possible. Risk management is a fundamental part of how we operate and forms part of our Corporate Governance Framework.
Our Policy and Procedures are designed to support a risk culture, which is embedded in the way we work, rather than having a process which is used to drive risk management.
The Risk Management Policy can be found on Policy Hub
Our approach to risk management
Not all risks can be eliminated or mitigated against and a balance must always be struck between the costs of risk reduction against the likelihood and impact of the risk (risk exposure).
Risk impacts can be: financial loss; non-achievement of objectives; environmental damage; personal injury or ill-health; legal action and reputational damage or a mix of these. Most serious risk impacts will include: financial loss; legal action and reputational damage but the very worst are likely to include an element of service failure, injury or environmental damage as well.
The Council as a public body has to protect and preserve its ability to provide services and ensure that assets are protected against significant loss and damage and that interruption to service delivery is minimised.
Whilst it is accepted that risk cannot be entirely eradicated, the following are areas on which the council will not compromise its position by taking a greater level of risk than is absolutely necessary and will take all reasonable steps to eliminate or mitigate the risks where identified:
- Where there is risk of physical harm
- Where non-compliance with Legislation could lead to imprisonment or significant fines
It is the responsibility of all members and employees to be aware of risks when carrying out their duties and to alert the relevant service manager to the threat. Managers must ensure that threats are properly evaluated and mitigated.
If you are concerned about a risk either in your area, or somewhere else, please report it to your line manager or you are welcome to report it via email to Chief Internal Auditor firstname.lastname@example.org.