9. Organisational Risk Management Flashcards
Risk Management Policy.
Why: Risk is inherent in policing, and everyone at Police has a role to play in managing risks. Because of this, it’s important we all have an understanding of Police’s approach to risk.
- What is the aim/intent of this policy? (2)
- What is not the aim/intent? (1)
AIM/INTENT
We are all able to;
- Identify relevant risks early-on, and
- Make good decisions around how to manage them.
NOT AIM/INTENT
- To try amd eliminate all risk
Risk Management Policy.
How: Who sets the tone for the culture around risk, and gives guidance on the type and level of risk Police is willing to consider and accept? (1)
The Executive Leadership Board (ELB)
Risk Management Policy
Risk:
- Risk is defined as what? (1)
- What is an ‘effect’? (1)
- The effect of uncertainty on objectives.
- Any deviation from the expected - it can be positive or negative or both; and can address, create or result in opportunities and/or threats.
Risk Management Policy.
What is ‘Risk Management’ (1)
- Risk management is the combination of co-ordinated activities that direct and control a ‘risk’ within an organisation
Risk Management Policy.
Types of risk and how we manage them: What are the types of risk we face as an organisation? (3)
- Strategic Risks: Risks that affect the achievement of strategic objectives spelt out in Our Business.
- Corporate Risks: Risks that affect the achievement of cross-organisational corporate objectives. These risks are often more tactical and require a more immediate response.
- Operational Risks: Risks that may affect the achievement of day-to-day operations.
Risk Management Policy.
Types of risk and how we manage them:
- What does the Police threat assessment methodology - TENR stand for? (4)
- TENR is aligned to good risk management. Are the sorts of risks identified using TENR captured in the organisation’s online risk tool? (1)
- Threat is assessed
- Exposure is managed (potential harm, security of places or things)
- Necessity to intervene is immediately considered
- Response is proportionate and considered on assessment of above points.
- No.
Risk Management Policy.
Types of risks and how we manage them: In what situations must TENR be applied? (2)
- All policing situations that involve risk, and
- With the potential to cause harm.
Roles and Responsibilities.
Everyone is responsible for managing risk i.e. employees, consultants and contractors.
- To ensure appropriate and timely risk management, what things are they responsible for? (3)
- Identfying, assessing, monitoring and treating risks
- Contributing to risk discussions
- Escalating risks as needed to the appropriate person or governance group.
Roles and Responsibilities.
What is the role of the ARC (Assurance Risk Committee - who are independent of police)? (3)
- Provide to the Commissioner independent advice on a wide range of strategic issues and risks.
- Provide an independent view on key risks facing police AND
- The adequacy of their actions to mitigate risks.
Roles and Responsibilities.
What is the role of the ELB (Executive Leadership Board) and the Commissioner and Deputies? (2)
- ELB is responsible for strategic direction, and to monitor, identify and manage strategic risk.
- The Commissioner and Deputies ensure processes are in place to manage the risk impacting on day-to-day activities.
Roles and Responsibilities.
- The SLT (Snr Leadership Team) has oversight of corporate risks and reviews, at what level is this team of managers made up of? (1)
- Assistant Commissioner level
Activate Risk Management and Assurance.
Three lines of defence: Police operate a ‘3 lines of defence’ model, each playing a distinct role in the risk management process and wider risk governance. What are they? (3)
First Line of Defence
- All police personnel - everyone acts as a first line of defence identifying and discussing potential risks.
Second Line of Defence
- Management processes and controls - Districts, Service Centres PNHQ workgroups provide robust management that monitors and oversees risks and control measures.
Third line of Defence.
- Internal Audit and Assurance - provide an Independent view of police’s control measures.
Risk Management Policy.
Policy statement and priniples.
Identified risks should be reported and esculated appropritely. What exists that enables reporting? (3)
- Police online risk management tool avaliable on TEN-ONE.
- Risk Coordinators/Champions in District & Service Centres to provide guidance/support.
- Specialist Risk and Assurenace Team based in PNHQ Assurance Group.
Risk Management Policy.
Policy statement and principles: Police risk management approach is based on the joint Australian and New Zealand International Standard called?
Risk Management - Priniciples and Guidelines.
Risk Management Policy.
Risk: Effective risk management needs to be? (8)
- Integrated - into the organisation.
- Structured and comprehensive - contributing consistent/comparable results for analysis/reporting.
- Customised - external and internal
- Inclusive - To improve enagement/awareness
- Dynamic - Remain relevant/move with the times.
- Informative - Providing best information to stakeholders.
- Cultural - influencing behaviours.
- Continually improved - through learning and experience.
