1 / 14

Risk Management in ONS

Learn about the importance of risk management and how it contributes to better service delivery, improved performance, and more efficient use of resources in the Office for National Statistics (ONS). Explore the risk management cycle and ONS's approach to identifying, assessing, controlling, and monitoring risks.

lmcmullin
Download Presentation

Risk Management in ONS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Risk Management in ONS Robin Youll Office for National Statistics

  2. What we’ll cover in this session • Why we manage risks • ONS appetite for risks • What is a risk? • The risk Management Cycle

  3. Why manage risks? • Management of risk is critical to an organisation’s success • Informed risk-taking helps to improve performance through the use of innovative approaches for managing the business and service delivery

  4. Why is Risk management important? Effective risk management is likely to improve performance against objectives by contributing to : • Better service delivery • Reduction in management time spent fire-fighting • More focus internally on doing the right things and properly • Better basis for strategy setting • Fewer shocks and unwelcome surprises • More efficient use of resources • Reduced waste and fraud, and better value for money • Improved innovation • Better management of contingent and maintenance activities

  5. Tolerance/Appetite ….ONS Guidance • ONS must be risk averse when it comes to • Reputation • Disclosure • Confidentiality • Objectivity • ONS will take risks in areas with manageable outcomes • for example improving processes and systems

  6. How we define a risk • CAUSE/SOURCE - As a result of …………. • EVENT/THREAT - there is a risk that .…….. • EFFECT/IMPACT/CONSEQUENCE - that may result in………. • e.g. • As a result of failure in a particular system, there is a risk that ONS will not be able to meet a publication deadline, with the result that the reputation of ONS will be damaged.

  7. Effective risk management For risk management to be effective, risks need to be: • Identified • this includes risks being considered that could affect the achievement of objectives within the context of a particular organisational activity and then described to ensure that there is a common understanding of these risks • Assessed • this includes ensuring that each risk can be ranked in terms of estimated impact & immediacy, & understanding the overall level of risk associated with the organisational activity being studied • Controlled • this includes identifying appropriate responses to risks, assigning owners and then executing, monitoring & controlling these responses

  8. Risk Identification RECORD Monitor/Review and Report Risk Assessment Risk Control Risk Management Cycle

  9. Step 1. Identification • Independent Risk Review • Designated team interviews key staff at all levels of the project/programme – to build a risk profile • Risk Self Assessment • conducted through a facilitated workshop approach – facilitators help key staff to work out the risks affecting their objectives • A particular strength of this approach is that better ownership is established when owners identify the risks themselves • Risk Identification should be a group activity • Greater chance of capturing all potential risks • Gives a more rounded assessment of risk exposure • Need a cross-section of people involved • Programme and project reps…customers and suppliers

  10. Step 2. Assessment • Risks are always assessed in terms of likelihood and impact. • No industry standard - Other organisations use a more or less detailed matrix than ONS • However, ONS has a corporate standard based on the five-by-five matrix (see next slide) • Key is to be clear about inherent (original) risk • Report this to relevant Programme/Project board to give a view of impact if risk treatment fails • Also gives a view on whether over control is taking place • Current ONS database records original and residual risk score

  11. ONS Corporate Standard Risk Assessment Scoring exposure likelihood exposure Impact Likelihood x Impact = Exposure

  12. Step 3. Control • Measures to be initiated within the programme/ project to control the risk are: • Tolerate • Transfer • Terminate – linked to early risk identification • Treat • Treating the risk is normal ONS approach. Treatment involves • Mitigation: Reducing likelihood or expected impact • Contingency: Measures to be put in place if the risk materialises • Risk control must assign an appropriate risk owner • member of the Project Management team best placed to observe the risk and factors affecting it (Prince2)

  13. Step 4. Monitor, Review and Report • Risks reviewed and reported for two reasons: • to monitor whether risk profile is changing • to identify when further action is necessary • Processes should be put in place to review whether: • risks still exist • likelihood and impact has changed • new risks have arisen • Review processes must: • ensure all aspects of risk management process are reviewed at least once a year • ensure individual risks are reviewed with appropriate frequency • make provision for alerting the appropriate level of management to new risks and changes in risks already identified

  14. Questions

More Related