350 likes | 472 Views
EEA and Norway Grants Programme risk management. Inger K. Stoll , Head of Communication, Reporting and Evaluation, Financial Mechanism Office March 2013. Results and risks. What is Results Based Management (RBM)
E N D
EEA and Norway Grants Programme risk management Inger K. Stoll, Head of Communication, Reporting and Evaluation, Financial Mechanism Office March 2013
Results and risks What is Results Based Management (RBM) RBM is a management strategy by which all actors, contributing directly or indirectly to achieving a set of results, ensure that their processes, products and services contribute to the achievement of desired results (outputs, outcomes and impact) What is a result and a risk? In the context of the Grants: A result is the output, outcome or impact of a development intervention A risk is an event that may occur and impede the objective
KEY CONCEPTS Results achievement Beneficiary oriented Managing for results and reduced risks
Risks • Risks are an expression of uncertainty • Risks are events that may occur, and if they occur, have harmful or negative effects on the achievement of results • Risks are closely related to the results and should consequently be analysed against the results framework of a programme • Risk analyses strengthen the basis for choosing realistic objectives and level of ambitions
Risk management process in 11 steps Establish strategy and processes • Develop a strategy for integrating risk management in results management • Establish risk leadership integrated in results management Analysis, actions and follow-up on several levels 3. Identify objectives 4. Identify critical success factors (assumptions)
Risk management process in 11steps 5. Identify risks 6. Assess and prioritise the risks, in terms of likelihood and consequence; high – medium – low 7. Decide risk tolerance 8. Define and assess risk response 9. Response to residual risk
10. Mitigate and manage risks 11. Dialogue and Report FMO’s risk management strategy : http://www.eeagrants.org/
Risk management levels Risk strategy at each level, according to roles and responsibilities Programme Total Grants Country Projects
Steps 1 & 2: Establish risk strategy and leadership • Risk management system in place • Programme Operator must actively take leadership at programme and project levels • Assign roles at each level • Also keep an eye on national level risks, and mitigate where possible
Step 3. Identify objectives at all levels Example – Renewable Energy Objective (pre-defined) Expected outcome(s) (pre-defined) Outputs Types of projects • Modernised RES infrastructure • R&D on RES • Feasibility of RES mapped out in relation to local conditions • Windmills • Solar systems • Hydropower • Bioenergy • Training in RES planning competence • Plans/policy development • Awareness raising campaigns at local level • Train the trainers • Training courses for officials at regional level • Training courses for officials at regional level
Step 4: Identify assumptions • Assumptions are the necessary positive conditions that allow for a succesful cause-and-effect relationship between the different levels of results. • Assumptions are critical success factors. • Assumptions are formulated after the objectives, to ensure results chain realism
Step 4: AssumptionsAn example • Outcome: Participation in local election increases from 63% in 2012 to 75% in 2016. • Output: Votersregistrationincreases from 70% in 2012 to 90% in 2016. • Assumption: Votingcentresareoperational and in place on votingday.
Step 5: Identify risks • Risk identification is done in all phases of a programme, but early identification gives the best effect. • Normally requires several contributers. • If a critical assumption is likely to occur but not certain, it may represent a risk. • Risks are expressed as negative statements in relation to achievement of the desired result.
Step 5. Risk identification • Identifythe risk, monitor, manage and try to influence. A risk register can be useful. • Theremight be a perceivedconflictofinterestregardingsharinginformationof risks. • Keep in mind: Alwaysdocumentyour risk identification, analysis and mitigation
Risk categories It is common to group the risks incategories. FMO usesninebroad risk categories: • Policy and politics • Governance: Institutional, management, transparency and accountability • Corruption and procurementissues • Socio-cultural and gender equity, minorities, Roma, rights and values
Risk categories • Financial issues • Economicissues • Environmental and climateissues • Technical and technologicalissues • RoleofDPPs and project partners NB – Other risk categoriesarealso relevant
Risk dimensions Each risk categoryconsistsofcertain risk dimensionsExampleGovernancecategory: • Adequatecompetence and capacity is not available • Supportive legal frameworkconditionsare not in place • The control systems are not sufficient
Step 6: Assess and prioritisethe risks A risk analysiscontains an assessmentofthe risks in terms of • Probability or likelihoodoftheoccurenceofthe risks • Consequences or impactiftheeventoccurs The risk assessment is a forward-lookingexercise; it shouldtakeintoaccountthe whole agreementperiod- and beyond- to ensuresustainabilityoftheresults
Risk Analysis High Probability Medium Low High Low Medium Consequence
Narrative risk summary • The risk rating is accompanied by a narrative assessmenthighlightingthe major risks identified. • All thehigh or substantial risk ratingsarenamed as major risks Keep in mind: Distinguishprobability and consequence
Step 7: Risk tolerance levels Risks are inevitable. It is not an aim to avoid risks at all costs. A higher risk may be acceptable in contexts where the expected impact and benefits are higher than the potential risks.
7. Risk tolerance • Decide and document what level of risk you accept • Communicate the risk appetite
8. Define and assessrisk response • Identify mitigating actions (including conrols) and assess their impact • Decide on mitigating actions • Re-assess to conclude on residual risk
Step 9: Response to residual risk • Decisionsregardingtoleranceofmajor residual riskscan be divided in thefolllowingstrategies: • Avoid/terminate: Redesign programme or terminatetheprogramme or parts of it. • Transfer/share: Share risk withother partners (ex DPPs) or pass theimpactofthe risk to third part (e.g. via an insurance policy)
9. Response to residual risk… • Accept/tolerate: Accept the risks withoutanymitigatingactions, but monitor and manage if the risk levelincreases
Step 10: Mitigate and manage risks • Reduce, prevent, mitigate • Establish a system for risk monitoring and handling. • During implementation it is good practice to incorporate the mitigating measures in the regular work plan of the programme or projects, assign staff members responsible for actions and resources required.
Mitigation and management • Assess the implementation progress of the mitigating measures, manage and report. • Identify any new risks or changes in circumstances and add to your risk registry and work plan. • Sometimes we need to redesign our risk mitigation strategy and actions.
Step 11:Reporting and dialogue • The programme risk management will be reported in the Annual Programme Report and in the NFP’s Annual Strategic Report • The risk picture and the possible mitigating actions will be a central element in the dialogue between donors, beneficiaries and the FMO
Risks to achievment of outcomes • At the programme level, the FMO bases its risk assessment on the Programme Proposal, the Annual Programme Report the Annual Strategic Report from the NFP and the dialogue. EU analyses are also used. • The FMO especially focuses on likelihood and consequence of risks to achievement of the outcomes = output to outcome review
Results for the beneficiaries • Weareinterested in achievingresults for thebeneficiaries, e g thehigherlevelobjectives, and correspondinglyinterested in thehigherlevel risks Weare in it together!