Risk Management Report to the Board

By Linda Campbell,2014-05-17 17:48
10 views 0
Risk Management Report to the Board

    Risk Management Report to the Board - November 2003

    1. Risk Registers and the Assurance Framework

    The Corporate Risk Register

    ? The structure of the corporate risk register has been revised and now

    features columns for residual risk [the projected risk rating after risk

    management controls have been implemented], and a traffic light score for

    progress against the risk management control plan. The Risk Management

    Committee reviews all risks where there is little or no progress against the

    plan. Risk owners are asked to account for red traffic lights.

    The updated corporate risk register can be found at Appendix A.

The Corporate Risk Register comprises:

? Trust-wide risks, identified through current and previous Risk Register

    updates, scoring 12 and above

? Risks relating to Controls Assurance standards scoring 12 and above

? Locally identified risks scoring 12 and above which have a Trust-wide


Over the past three months all Corporate risk owners have been asked to

    verify ownership of risks and the accuracy of entries in the register. A small

    number of updates/changes have been notified and these are shown in red

    on the November update attached at Appendix A.

Each risk is traffic-lighted according to progress with Risk Treatment Plans

    (Green = progression to plan or plan complete; Amber = plan behind

    schedule; Red = plan not started or no plan in place).

The following risks were allocated red traffic-lights at the September Risk

    Management Committee:

? EF17 Environment Management

? TW4 Adherence to observation Policy (see below)

    ? CA59 Infection Control infection surveillance policy

? EF3 Control of Building Contractors

? EF6 Security in patient sites

? SCA14 Cashiers security staff injury/loss of cash (see below)

The risk owners were asked to provide brief update reports on the current risk

    treatment plans, blockage/s to achieving the plans and actions

    proposed/required to overcome the blockages.


    Risk TW4 - Adherence to observation policy - has since been downgraded to

    amber as the policy is now being reviewed.

    Risk SCA14 - Cashiers Security - has also been downgraded to amber as

    there has been significant progress in undertaking risk assessments at the

    three sites (Bethlem, Maudsley and Lambeth Hospitals), the results of which

    are being referred to the relevant site steering groups for prioritisation and

    allocation of capital funding.

Local Risk Registers

    ? No new “local” risks have been escalated to the Corporate Risk Register at

    this update

    ? Responsibility for maintaining local Risk Registers and monitoring all locally

    identified risks (irrespective of rating) rests with the relevant

    Service/Department, via its established Risk Management (or equivalent)

    Committee. Local Registers will be used as a Risk Management tool and

    integrated with the annual Business Planning cycle.

    Strategic Risks

    ? The strategic risks identified at the workshop in June are a good basis for

    broad planning and change management. The next phase is to develop these

    at Executive level to become inclusive of all significant risks that can be

    categorised as strategic, and agree where controls are needed and

    assurance is lacking. Zoë Reed has agreed to be responsible for taking this

    forward with the Trust Executive and Board.

Assurance Framework

? The DoH definition of Assurance is “Confidence, based on sufficient evidence,

    that internal controls are in place, operating effectively and objectives are

    being achieved”. Judgement on the level of assurance for each risk on the

    Corporate and Strategic Risk Register should be endorsed by Non-Executive

    Directors of the Trust.

    ? The risk register in its current format will form the basis of the assurance

    framework. There is more work to do to identify sources of assurance for

    each identified risks, and rate levels of assurance. A system rating the level

    of assurance has to be in place by Jan 2004 to satisfy the internal control


Performance Management

    ? The inclusion of local risk registers and significant risks within the

    performance management framework is under discussion.


    2. Incident Management

    ? From the 1st October new corporate arrangements for supporting the management of SUIs have been established. A central incident team is based at the Maudsley. The team will co-ordinate the reporting of SUIs, distribute internal and external SUI notifications, track investigations, continue to support the Directorate SUI panels, and will advise Managers and facilitate systematic methods of investigation and identification of corrective actions [recommendations]. Michelle Davis, Board Level Inquiry Co-ordinator is based at Trust HQ.

    ? Aspects of the incident process are under review with the objective of improving the way in which the organisation learns the lessons from incidents in order to reduce the risk of recurrence, and improve safety and quality.

    3. RPST/CNST

? Risk Pooling Scheme for Trusts - RPST

    Compliance at RPST Level one was achieved in September, as a result of independent assessment. Scores of 75% and above across a range of general risk management indicators, were awarded. They were;

    Corporate Accountability 82%

    Risk Management Strategy 77%

    Organisational Structure 86%

    Incident Reporting and Management 76%

    Complaints and Claims Management 79%

    Risk Management Process 78%

    Risk Management Training 86%

    Independent Assurance 93%

? Clinical Negligence Scheme for Trusts CNST

    NHS Litigation Authority Assessors have confirmed that the Trust will be assessed against the CNST standards in March 2004. Written evidence supporting compliance against the standards will be submitted in early December.

    The Trust Executive will decide whether to submit evidence supporting a level two assessment or maintenance at level one, on the basis of progress made against the plan.

    CNST Mental Health clinical risk management standards are currently being developed the Trusts Claims Manager has a place on the National working

    group for this. The NHS Litigation Authority will be inviting Mental Health Trusts to become pilot sites for the new standards.

    The principal obstacle to maintaining compliance at level one remains the tracking of multiple records problem. The SPINE project to identify patients registered on more than one Trust information system is the planned solution to this problem.


    CNST standard two requires a separate policy for responding to Major

    Clinical Incidents, this includes the setting up of help lines for press and public

    enquiries. This policy is currently being developed.

    4. Risk Management Training

    ? Risk management training includes all statutory, mandatory and required

    training [fire, Health and Safety, manual handling, violence and aggression,


    ? A risk management training sub-group of the Training and Education

    Committee has been established to develop risk management training,

    and ensure that risk management training opportunities are taken up by

    those staff whose roles are identified as carrying particular risks.

    ? Applications to and attendance at risk management training is now

    captured on a risk management training database. Attendance reports

    are circulated to Trust Managers.

    ? Two issues are emerging as immediate priorities for the group

    - the volume of risk management training necessary to meet the

    requirements, and

    - non-attendance at risk management training.

    ? A one day introduction to risk management study day will be piloted in


    CB 17/11/2003


Report this document

For any questions or suggestions please email