9. Risk Management, Health and Safety Flashcards
What are our risk management principles?
- Develop a culture of risk awareness and continuous improvement, where risk is recognised as a natural and necessary part of the way we work, to ensure we can be even more successful than we are today
- provide a supportive environment where risk is openly discussed and managed, so our people are empowered and feel safe to identify, escalate and report risks where something doesn’t look or feel right
- Include and actively consider Te Ao Maori views and perspectives in our risk Korero and Kaupapa.
- Incorporate the views and perspectives of the communities police serves.
- Embed risk management behaviours and practises into decision making, organisational governance, strategy development , business planning and programme and project management.
- Safeguard the mana, reputation and integrity of Police so the public, our communities and the Government have confidence in Police and the work we do.
How do we define Risk?
Any potential future, uncertain event that may affect the achievement of our objectives
What is risk management about?
knowing our options, understanding what could stop us from achieving our objectives and what could help us achieve them. Then we can work to reduce the likelihood and impact of the risks we’ve identified, as well as our ability to realise the benefits. Our management of risk ultimately shapes and influences how we achieve our business goals and objectives and make quality informed decisions.
What is the responsibility of all staff when it comes to risk management?
- Understand their role in managing risk at police.
- identify, discuss and help manage risks in their area of responsibility.
- Escalate and report risks to their one up People leader, Programme or Project manager when appropriate to ensure there are no surprises.
Seek support when needed from the Assurance group.
What is the repsonsibility of Executive leaders and managers ( Tier 3 and below?)
- Identify risks for their respective groups and teams and commit to review these risks regularly.
- Ensure processes are in place to manage these risks, their impact on day to day activities and the acheivement of group of team objectives.
- Ensure risk is considered when managing or delivering programmes, projects, products, services and assets.
- Receive and/or share risk information with other groups and teams to enhance Police’s risk culture and Maturity.
- Support and encourage leaders and their teams to escalate and report risks
- Seek support when needed from the Assurance group.
What is the responsibility of the Organisational governance when it comes to risk management?
- Govern strategic and organizational risk on behalf of the ELT.
- Seeks assurance, monitors the effectiveness of risk mitigations and holds risk and treatment owners to account where appropriate.
- May direct action or intervention to better enable management of risks.
- Maintains awareness of risks across Police, within the scope of each of the sub-governance groups, as set out in the Police governance and leadership chapter.
- Ensures risk is a consideration for every decision.
What is the role of the Executive Leadership Team ( ELT ) in risk management?
- Responsible for Polices’s strategic direction.
- owns and governs Police’s strategic risks.
- Seeks and receives assurance that strategic risks are being managed effectively.
- Advocates and drives the embedding of risk management in all activities, by building a risk awareness culture to inform decision making.
- Provides assurance to the ARC and ministers that Police’s risk management framework is operating as intended.
What is the role of Assurance and risk Committee in Risk management?
- Provides independant and oversight and advice to the commissioner on a wide range of strategic risks and issues, to test, challenge and offer new ideas and approaches.
- Reviews and assesses the reporting and management of risk as it relates to Police’s strategic objectives.
- Provides advice to improve the risk management culture, approach and processes.
What is the role of the assurance group in Risk management?
- Develops and maintains the risk management police manual chapter, framework and approach.
- Supports and guides our people in Districts, Service centres, and work groups to increase their understanding and awareness of risk and how to apply Police’s risk management framework.
- Provides advice and a risk lens to support risk discussions at stewardship and performance governance Group ( S&PGG) meetings.
- Uses risk management products and outputs to inform the development of annual Assurance, Internal Audit and Risk and Resilience work programmes.
- Provides advice, reporting and information to the ELT and ARC on risks and how they are being managed.
Describe the 4 types of risk
Strategic, organisational, operational and portfolio( Programmes and Projects)
Describe Strategic risk and how we manage it?
- Risks that may affect the acheivement of Police’s strategic objectives
- high level, thematic and long term ie 5-10 years.
- Risks that are strategically important and core to achieving police’s strategic intent.
Responsibility of commissioner and ELT
Describe organisational risk and how we manage it?
- Risks that are systemic, and affect one or more work groups
- Risks that relate at an enterprise level, to people, legal and regulatory compliance, capability and capacity, finance, information management, managing change and the external environment.
Responsibility of Service centres and districts. Safer people oversees and monitors health, safety and wellness across police, and provides regular reporting to the health and safety Governance group (HSGG)
Describe operational risk and how we manage it?
- Risks that may affect the achievement of day-day operations
- Risks that relate to the business as usual operational activities of staff ( including constabulary and employees) who deliver services to the public’
Responsibilty of staff at all levels.
Can be often dealt with at the time but may be symptomatic of higher level risk. May have deeper causes, wider ranging impacts or cannot be managed effectively at an operational level. It is important that these are assessed and monitored to consider whether they should be shared with others or escalated for support.
Operational risk information is also shared to ensure transparency and consistency across police for dealing with similar risk events, and to help eachother be safe.
TENR- Operational risk is broader than TENR, which fits within Police’s general risk management and frameworks and processes.
Describe Portfolio risks and how to manage them?
- Risks that may affect a programme or project’s ability to deliver and achieve its objectives and intended benefits.
Responsibility of the programme/ project manager and should be reported to the sponsor, senior responsible officer ( SRO) and/pr steering group overseeing the specific programme or project.
For larger programmes/projects the treasury requires police to complete a Risk Profile Assessment ( RPA) at the start of the project, which may be reassessed when the risk profile changes during the delivery lifecycle.
Programes and projects apply the risk management policy, framework and approach to their work programme. Captured in Sentient, our project management tool, overseen by Police’s Investment Portfolio Office ( IPO)
IPO oversees and monitors programmes and projects and provides a view on programme and project risks to the S&PGG and sub portfoloios.
IPO ensures programme/project closure activities include handover of any open risks which may impact BAU
Describe the first line in the Three lines Model
we all act as the first line, which includes - Identifying and discussing potential risks
-Sharing risk information
- Ensuring risk is integrated in decision making
- Managing risks within our areas and reporting or escalating risks to the appropriate level and
- recording them in the appropriate place of system ie a risk register or risk log