1 / 9

Embedding risk management in the public sector – a rain check

Embedding risk management in the public sector – a rain check. Colette Kane Northern Ireland Audit Office Promoting better use of public money. Overview. Good practice in Risk management Key messages we wanted to promote How public sector bodies are doing Where additional focus is needed.

benson
Download Presentation

Embedding risk management in the public sector – a rain check

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Embedding risk management in the public sector – a rain check Colette Kane Northern Ireland Audit Office Promoting better use of public money

  2. Overview • Good practice in Risk management • Key messages we wanted to promote • How public sector bodies are doing • Where additional focus is needed

  3. www.niauditoffice.gov.uk

  4. Good Practice in Risk Management-key messages • Process should be specific to each body. • Managed risk taking can present opportunities. • A clear understanding of roles and responsibilities in the process is key. • Contingency planning is important for every organisation. • Not all risks need to be accepted/treated. • Good communication is key. • Horizon scanning is recommended. • Identify and communicate risk appetite. • Consider fraud risk. • Be clear on assurances.

  5. A rain check! We have observed; • An increased emphasis on risk management. • As finances get tighter risk management is seen as more important. • More conversations on risk around the board and audit committee table. • Risk discussed at all levels within the organisation. • Risk appetites being explored. • More emphasis on the high risks. • More movement on risks than before.

  6. Could do better? Areas of risk management requiring more focus; • Braver managed risk taking. • Too many risks being recorded and monitored. • Risk assessment very cautious and without regard to appetite. • The controls being relied upon are sometimes non existent. • Horizon scanning not widely used. • Fraud risk assessments not being prepared. • Contingency planning still relatively weak and rarely tested. • Disclosure in Governance Statements still being developed.

  7. Governance Statements The governance statement should reflect the organisation’s governance, risk management and internal control arrangements and how they operate in practice. The Governance Statement should provide a sense of the organisation’s vulnerabilities and resilience to challenges.

  8. Key Recommendations • Focus more on the assessment of risk and particularly where risks have materialised and how these were addressed. • New risks identified should be disclosed.

  9. www.niauditoffice.gov.uk

More Related