E N D
1. MAD ABOUT RISK Gareth Kelly – Audit Manager and National External Lead on Risk Management
2. Who am I? Audit Manager Lancashire District Councils
Audit Commission Risk Management External Lead
Director in family run business
4. Making a difference
Local Government Context
Strategic risk management role in improvement
“MAD” about risk management
Overcome barriers and explore strategies to embed risk management within existing management and governance arrangements
Effective use of RM within partnership working
Its about learning from each other
Don’t be shy about sharing what has gone well, but please also be honest about things that have gone less well. Its about learning from each other
Don’t be shy about sharing what has gone well, but please also be honest about things that have gone less well.
5. Local Government context Use of Resources Synergy to Health ALE assessments
6. New CPA framework for single tier and county councils
7. Key elements:
In line with strategic regulation and responses to consultation, we propose to adopt a targeted approach to district CPA from 2006. This means that we will undertake recategorisation activity only where there is significant evidence of a potential category change. This will apply either where councils can demonstrate that performance has improved significantly since last CPA and the council wishes to be considered for recategorisation or where the AC identifies significant deterioration of performance.
This is not intended to be a harder test. The outcome of recategorisation will remain broadly comparable with the 2003/04 categories.
In response to feedback from the consultation exercise about the need for consistency and transparency, we are proposing to introduce a two stage process:
Stage 1
First we will decide whether or not there is sufficient evidence to warrant recategorisation activity.
Stage 2
If there is sufficient evidence to warrant this, the AC will undertake corporate assessment. Regional panels will make this decision (see next slide)This will remain the only means by which recategorisation can take place
The categories must remain the same as 2003/04 and corporate assessment broadly similar.
Panel decisions will also be covered by the Commission’s review procedure for scored judgements.
Note
If we adopt a targeted approach this has a number of consequences for the methodology as we have to maintain broad comparability. This is an issue that will crop up on a number of occasions – we have tried to strike a balance between updating the methodology and maintaining comparability with the 03/04 categoriesKey elements:
In line with strategic regulation and responses to consultation, we propose to adopt a targeted approach to district CPA from 2006. This means that we will undertake recategorisation activity only where there is significant evidence of a potential category change. This will apply either where councils can demonstrate that performance has improved significantly since last CPA and the council wishes to be considered for recategorisation or where the AC identifies significant deterioration of performance.
This is not intended to be a harder test. The outcome of recategorisation will remain broadly comparable with the 2003/04 categories.
In response to feedback from the consultation exercise about the need for consistency and transparency, we are proposing to introduce a two stage process:
Stage 1
First we will decide whether or not there is sufficient evidence to warrant recategorisation activity.
Stage 2
If there is sufficient evidence to warrant this, the AC will undertake corporate assessment. Regional panels will make this decision (see next slide)This will remain the only means by which recategorisation can take place
The categories must remain the same as 2003/04 and corporate assessment broadly similar.
Panel decisions will also be covered by the Commission’s review procedure for scored judgements.
Note
If we adopt a targeted approach this has a number of consequences for the methodology as we have to maintain broad comparability. This is an issue that will crop up on a number of occasions – we have tried to strike a balance between updating the methodology and maintaining comparability with the 03/04 categories
8. CPA – Corporate assessment CA focuses on the importance of having a successful corporate ‘engine’ to drive good direct services
The key drivers of corporate management are:
leadership;
financial management;
performance management;
equality and diversity; and
successful partnerships
9. CPA – Corporate assessment CA sets out to assess:
how well local councils understand their local communities,
how this understanding translates into ambitions and priorities for communities,
the capacity of councils to deliver these and what is actually being achieved
10. CPA – Corporate assessment – Capacity Key questions - Risk management as a key player for an authority performing well
Capacity Is there clear accountability and decision-making to support service delivery and continuous improvement?
Risk management is embedded in key corporate and strategic planning, including the main partnership plans and objectives.
Members play an integral role in assessing strategic and key operational risks.
The council can demonstrate a track record of successful risk management in all departments and service areas of the council and across all its partnership activity.
11. CPA – Corporate assessment Council is effectively risk-managed and not risk-averse.
Reserves are set appropriately in the light of its programme of work set out in the corporate and community plans, including contingencies, and the thorough assessment of risks that the council has carried out.
The council is innovative in using partnerships, including within the private sector, to obtain access to new sources of funding.
The council bids for money within a robust risk management framework that supports its priorities with clear exit strategies for time-limited funding.
12. CPA – Use of resources Focus on sound Financial management
Ensure resources are available to support priorities and improve services
Annual assessment covering:
Financial reporting
Financial management
Financial standing
Internal control
Value for money
13. CPA – Use of resources Internal Control
How well does the council’s internal control environment enable it to manage its significant business risks?
The council manages its significant business risks
Arrangements are in place to maintain a sound system of internal control
14. CPA – Use of resources – Internal Control Adequate performance
Adopted and approved RM strategy
Policy/ strategy covers all RM cycle with allocated responsibility
Risk register linked to strategic business objectives
Assigning ownership for each risk
Member committee with corporate RM responsibility in TOR
Risk Assessments – support strategic policy decisions and project initiations
15. CPA – Use of resources – Internal Control Performing well
RM process is reviewed & updated at least annually
RM system covers partnership working including assurances around the management of those risks
Appropriate staff training/ guidance to manage their risks
Member champions have received RM training
Member committee TOR – quarterly corporate RM reporting – Full Council annually
16. CPA – Use of resources – Internal Control Performing strongly
Senior officer/ Member champion fully embedding RM
Council can demonstrate RM is embedded in:
Strategic planning
Financial planning
Policy making and review
Performance management
All members received RM awareness training
Council considers positive upside risks as well as the negative downside risks
Internal control assurance framework using RM
Risk of fraud and corruption forms part of RM process
17. CPA – Use of resources - VFM VFM – 3Es Price paid – inputs/ outputs – outcomes
Balance of low cost high productivity and successful outcomes
The Council currently achieves good value for money?
Costs assessed using VFM profiles against all and nearest neighbour
The Council manages and improves VFM?
Close links to Gershon efficiency statements and effective use of procurement
RM if integrated – Is it a key process to challenge VFM in decision making?
18. Auditor Use of resources and VFM Conclusion 2005/06
Links to the new Code of Audit Practice
Opinion including the SIC
Use of resources and a VFM conclusion – yes/ no
12 criteria of council’s arrangements
8 criteria linked to UoR Key lines of enquiry
4 linked to performance management and data quality (PIs)
Work in both areas closely linked
UoR how good/ effective arrangements are
VFM conclusion proper arrangements or not???
28. Strategic risk management role in improvement Mapping future development and defining expectations in relation to risk management
29. Risk management in context
31. Statutory guidance links Accounts and audit regulations 2003 Regs 4
A body has responsibility for:
“ensuring that the financial management of the body is adequate and that the body has a sound system of internal control which facilitates the effective exercise of that body’s functions and which includes arrangements for the management of risk”
“The relevant body shall review at least once a year the effectiveness of its system of internal control and shall include a statement on internal control, prepared in accordance with proper practices” in its financial statements
34. MAD about risk management Where is Risk management “Making A Difference”?
35. Capturing best practice and identifying barriers/ solutions
Risk making a difference regional workshops
Consideration of key ingredients to embedding RM
Focus on outcomes and support RM activities
Barriers to embedded RM including hurdle strategies and solutions.
36. RM integration into performance management Activity/ Process/ outputs
Director business planning cycle RM workshop
Risks fed into service action plans addressing opportunites/ threats
Risk assessment of £1bn waste mgt project at evaluation/ bidding stage
Protocols agreed
Acknowledgement of inherently poor partner delivery
Outcomes
Achieving objectives in shorter than expected timescales
LPSA targets - £0.5m reward
Reduced drunken street crime via club partnership
Environmental targets being met with protocols working protecting against cost overruns
43. Barriers and strategies to embedding risk management into existing arrangements
44. Overcoming barriers to strategic integration What are the big hurdles?
Strategies for overcoming them
What can you do differently?
45. Common barriers and solutions Barriers
Risk Mgt seen as an add on! Not an integrated management tool or part of the wider corporate management arrangements
Separate IT support systems and reporting mechanisms for PM/ FM and RM? Solutions/ strategies
Integrate into PM/FM in better use of IT
Build into business policy, planning review and monitor
Integrate Key PIs and links to corporate objectives into risk identification and evaluation analysis
Reference to RM in all policies and procedures due to its generic nature including key documents such as the constitution and financial regulations
49. Key learning from the regional MAD events Moving from outputs to outcomes
Demonstrating outcomes attributable to RM is difficult but it can be part of wider management arrangements
Embedding RM is difficult but evidence of authorities achieving success through PM integration
Monitoring side of RM cycle still often underdeveloped
Ultimate goal is a better deal for the community and the need for RM to deliver effective outcomes
30 seconds in the lift with the CEO what difference have I made this week! Think and act strategic?
50. Effective use of RM in partnership working
51. Partnerships - 2003 AC/ ALARM Survey We asked:
Does the authority assess the strengths and weaknesses of the risk management systems of other organisations with which it works, e.g. partners, contractors and consultants?
Survey said:
28% said ‘YES’
We asked:
Has an action plan for implementing controls been developed?
Survey said:
49% said ‘YES’
52. Risk management and partnerships HM treasury/ OGC – Managing risks with delivery partners
Strategic Partnering Taskforce ODPM/ RSM RR
Governance in Partnerships AC national study
English partnerships
Suffolk County Council
53. Not for CPA but for a better deal Performing well for the community you serve
Risk management is embedded in key corporate and strategic planning, including partnership plans and objectives
Members play a key role in assessing strategic risks
Council has a track record of successful risk management in all service areas
Council is not risk averse
54. Good or notable practice Risk Management or the holy grail?
55. Three fingers pointing at you! Integrated good management
Use risk management to deliver tangible outcomes
Simple and accessible risk management
Proactive and strategic reputational risk mgt
Alignment of corporate governance and risk mgt
Risk mgt in partnerships
Integrated performance and risk mgt software
Emergency planning and learning from others
56. The future
Expectations from various spectators that embedded risk management can be a key lynchpin in making a real difference to service delivery and the wider community
Gareth Kelly 01204 877005
G-kelly@audit-commission.gov.uk
Key messages – Good practice and barriers
Ask them for brief verbal feedback
Explain importance of filling in happy sheets
Key messages – Good practice and barriers
Ask them for brief verbal feedback
Explain importance of filling in happy sheets