• The CIPFA/SOLACE principles and their basis
• How to ensure that the principles are applied
• The CPA requirements
• The positive benefits of embedding risk management
• Selling the benefits to management
• Why traditional risks are only the tip of the iceberg
• Actions you need to take
• Exercise 1 – Benefits and success measures

Establishing An Effective Risk Management Process

• Why is risk such a hot topic?
• Surprises and risk
• The standards – AUS/ NZ 4360, IRM/ALARM, COSO etc
• The need to link risk management with strategic and service planning
• New and emerging Risks- Reputation, Social, Environmental etc
• How to ensure your Chief Executive’s and Leader’s continuing support
• Maintaining a risk strategy for your organisation
• Categories of Risk

Coffee

Effective Risk Management (Continued)

• Exercise 2 - analysis of a disaster
• Agreeing a common risk language
• Risk identification and evaluation
• Risk categories
• Measuring risk
• Risk mitigation
• Identifying risk exposures, and opportunities
• What makes a good risk register?
• Action planning
• Monitoring action plan implementation
• Discussion of delegates own experiences
  

Integrating The Output From Risk Workshops Into The Business Process

• Linking corporate risks into the Strategic planning process
• Linking operational risks into service planning
• Risk owners – how to determine such personnel and enforce ownership
• Annual statements by risk owners
• Developing risk tracking
• Linking key risks into the basis of the Internal Audit programme
• Using the risk register as a decision skeleton
• Reports for Senior Management - several examples will be shared
• The 38 questions on the ‘Worth the Risk’ checklist
  • Members
  • Officers/Implementation
  • Risk identification
  • Assessing significance
  • Risk exposures
  • Consultation
  • Communication
  • Change Management

  Exercise 3 – the 38 questions

Recording The Risk Environment

• Reports for chief officers and cabinet – with examples
• How to link risk management into decision making
• Risk registers – the need to coordinate and link the output
• Flagging interdependencies – if one risk treatment is changed the other party or parties impacted need to be notified.
• Risk treatment analysis – how to determine the cost/ benefits of dealing with exposures / exploiting opportunities
• Integrating incident management
• The rise of reputation as the key risk
• Where does reputation come from?
• How do you measure it?
• The explosion of regulation and external assurance
• The scrutiny dilemma (league tables etc) and the implications.
• Business Continuity planning
• Integrating Health and Safety, Insurance and claims etc
• The use of Risk Management Software – pros and cons
• The Software available

Cascading The Process

• Members responsibility for Risk
• Members workshops
• Workshops for other management levels
• How to measure the benefits
• Risk awareness for staff
• Exercise 4 – Awareness training
• Sharing output with partners
• Evaluating risks within these relationships
• Risk indicators (KPI’s)
• Auditing the Risk Management programme
• How to Identify and reduce excessive controls
• Feeding key risks up the organisation
• Co-ordinating the whole process
• Useful web sites and reference books
• Managing stakeholder expectations
• How to use the programme to change the culture in a positive way