Risk management in public service organisations has come a long way in the ten years since Alarm became involved in tracking the development and progress of this discipline with the first triennial survey in 2000. Alarm’s Chief Executive Dr Lynn Drennan reviews the outcomes of the 2009 Triennial Benchmarking Risk Management Survey. This article was first published in the Spring edition of Alarm’s journal, PublicRM.
By Dr. Lynn Drennan, Chief Executive Alarm
The findings of our 2009 survey are published at a time when the public sector faces some of its biggest challenges in recent times; as it attempts to match growing demand with ever tightening financial constraints, and looks for innovative ways of delivering services with a growing number of partners.
In the face of these challenges, and the changes they are likely to require, the need for a thoroughly embedded risk management process that supports the delivery of objectives and projects and protects the assets and reputations of public bodies has never been so great. But at a time when all functions are being assessed in value-for-money terms, the risk profession needs to ensure it can demonstrate continuing improvement and that it adds value to the organisation, not just cost.
In 2006 we made seven recommendations to members, aimed at improving risk management processes. The results from the 2009 survey suggest that these have been taken on board and, in at least five out of the seven, significant improvements can be observed. In the remaining two areas – related to partnership risk processes and demonstrating the added value of risk management in delivering outcomes – progress appears to be slower, albeit still noticeable.
When it comes to the top five risks on corporate risk registers in 2009, it is perhaps not surprising that issues around the impact of the current recession/ economic downturn are foremost in respondents’ minds and ranks number one in the total responses. There are considerable fears surrounding the likely extent of cuts in public sector funding over the next few years, with additional uncertainty caused by the prospect of a general election in 2010. The recession has already led to higher levels of unemployment and greater demands on the delivery of particular benefits and services. This economic downturn is, of course, a global problem that has had, and will continue to have, a severe effect locally within the UK.
Another global issue, raising local concerns, relates to major incidents/ disasters such as climate change, pandemics and computer viruses – all of which affect countries around the world. In 2006, the survey listed critical incidents and business continuity together and this proved to be the most prevalent risk cited by respondents in that year. In 2009, each of these threats were noted separately and, as a result, took up fourth and fifth positions on the chart of top five risks.
At number two on the list, once again, is partnerships. Although this is recognised as a potentially serious risk, responses to other questions indicate that risk management methodologies are not being universally applied to the various elements of, and parties to, a partnership. Greater effort is still needed if these risks are to be properly managed. The risks in third position in both 2006 and 2009 relate to the internal allocation of resources i.e. ensuring that sufficient resources are made available to achieve the organisation’s objectives and to manage the risks. In a public service context however, this issue is never likely to be far from peoples’ minds and therefore is likely to always feature highly on risk registers.
Outside the top five risks, it is interesting to note that the safeguarding of children and adults was highly ranked, possibly influenced by recent high profile cases such as ‘Baby Peter’. The recruitment and retention of staff – a top five risk in the 2003 survey – was also mentioned by a large number of respondents. Whereas in 2003, when the jobs market was buoyant and the concern was that staff would leave to join another organisation, in 2009 the uncertainty created by the economic downturn may be enhancing fears of redundancy and an embargo on new recruitment.
For the first time, the survey also sought examples of the types of opportunities that organisations recorded on their corporate risk registers. Some common themes emerged, including:
- Raising the profile of the district /region
- Transforming town centres
- Tailoring services to customer needs / improved service delivery
- Shared services
- Building schools for the future
Overall, the survey results provide a significant body of data to suggest that the embedding of risk management is almost complete in most organisations, putting them in a better position to meet the challenges ahead by minimising the risks and threats inherent in any change process. Risk management is now a part of most planning, performance and management processes and continues to grow and develop, although it appears to be less well utilised in areas more heavily influenced by political or financial expediency, such as change management and policy development. From its strong position in the operational aspects of public service organisations, risk management now needs to move further up the agenda and become a key element of strategic decision making. In this respect, both Alarm and its members, as professional public risk managers, have a vital role to play.
A full copy of the survey report can be downloaded from the Alarm website at www.alarm-uk.org