Business risk management update

Report: 10
Date: 14 March 2008
By: the Treasurer and Commissioner

Summary

A report on progress made by the MPS in the areas of business risk management and insurance management. Corporate governance matters, including the contributions of the Business Risk Management Team, are now reported to Corporate Governance Committee by Strategic Finance.

A. Recommendation

That

1. members note progress to end January 2008 on business risk management and insurance management; and

2. note progress on the measurement of MPS risk management.

B. Supporting information

1. This report includes a detailed report on activity by the team since the previous update report (Appendix 1).

Mainstreaming MPS Business Risk Management

2. As reported to the December 2007 meeting of the Committee, achievement of the next level on the current MPS risk management maturity model would enable the Service to reach a minimum standard on which to build for the future. It was reported that moving to the next and final level of the maturity model presented a further, and greater, challenge for the MPS.

3. Various developments require us to review the current approach to reporting progress in mainstreaming risk management:

• Publication of a British Standard for risk management (expected shortly)
• ALARM national risk management framework for the police service in the CIPFA / SOLACE governance guidance - the framework advocates consideration of maturity at force and BCU levels unlike our model
• Acceptance that the current ALARM /Audit Commission Key Performance Indicators are now out of date and a new approach is required
• Review of MPS management of corporate business risks commissioned by the Director of Strategic Finance.

4. A suite of corporate health indicators is being deployed from 1 April 2008 with the approval of Performance Board. The suite includes four measures of risk management and internal control performance as follows:

• Percentage of (B)OCUs/departments with a risk register (and action plan) conforming to standard operating procedure
• Percentage of (B)OCUs and departments with a tested business continuity plan conforming to standard operating procedure
• Percentage of accepted Internal Audit high-risk recommendations discharged within the agreed timeframe
• Internal Audit annual average assurance score on internal control environment.

5. The Director of Strategic Finance has tasked the Director of Risk Management to consider whether any supporting measures are required and available from existing business processes. A Risk Practitioners’ Group set up to provide Business Group input to various tasks led by BRMT will consider this issue.

6. BRMT will review the current MPS approach to management of business risks against the requirements of the British Standard and national police service framework. This will include the development of a (B)OCU level maturity model to complement our existing Service level model. The first phase is a review of the process for identifying, evaluating, managing and reporting corporate business risks. An approach to this initial piece of work has been agreed by the Director of Strategy with the Director of Strategic Finance. Work on the review is proceeding. It will include Management Board review of the current Corporate Risk Register and the process of reporting the top MPS corporate business risks to MB and the MPA. The corporate risk management processes adopted by Group organisations will be considered as part of this review. We will also benchmark against the Most Similar Forces and a couple of major corporates. Monthly risk reports will not be prepared during the course of the review. We aim to complete the review by June 08.

7. In terms of the context in which the BRMT operates, the Director of Strategic finance is leading a review of the 'corporate centre' functions of the MPS with the aim of integrating business planning and budgeting and embedding value for money, effective corporate governance, and continuous improvement across the Service. This will allow:

• The centre to develop appropriate standards, in consultation with business groups, provide appropriate guidance and support and hold the business groups to account for delivery
• Business groups to take ownership of activities for which they are responsible
• Information to be compiled through the business planning process in a way that allows emerging issues and cross-service dependencies to be identified and managed.

8. At this time it is proposed that BRMT should sit within Finance Services as part of the Business Development and compliance task which will provide practical help and assistance to Business Groups in improving local governance systems. However, we are proposing provision within the new corporate centre for the co-ordination of risk management activity. This will enable links with strategy development and the business planning and monitoring processes to be made. Finance Services will have a broader remit then just finance and having strategic risk assessment in the centre, with tactical risk carried by each business group, will embed risk management throughout the organisation.

Internal Audit of MPS Risk Management

9. Internal Audit’s formal Draft Report on the audit of MPS risk management has now been received. The Directors of Strategy and Risk Management are working up a management response for approval by the Director of Strategic Finance. In large part, the recommendations support the existing direction of travel and can be agreed by the MPS although certain areas require further discussion with Internal Audit. Agreed recommendations will be embedded in BRMT forward planning for 2008/09 (see below).

Insurance Management

10. The insurance programme continues to mature to reflect the risk exposure of the MPS/MPA. (See sections 8 to 13 of Annexe 1 for an activity update).

11. Heath Lambert has been appointed as the new MPA insurance broker with effect from 1 April 2008, replacing Willis. A handover meeting is planned for March 2008. Heath Lambert has considerable experience in managing police authority accounts and are also brokers to the GLA and LFEPA.

Business Risk Management team forward planning

12. The team has begun forward planning for the 2008/09 financial year. The work programme will align to the outcomes of the current review process and the agreed audit recommendations, which of course have yet to be approved by the Directors of Strategy and Strategic Finance. The following task list reflects the direction of travel. All approved items to be embedded within the Annual Assurance Statement action plan for risk management:

• Development of (B)OCU level maturity model
• Review and refresh of risk management strategy and policy
• Review of application of Enterprise Wide Risk Management principles
• End to end review of DPS led reputation risk management process
• Formal quarterly reviews of Business Group progress in mainstreaming business risk management and Business Group risk registers
• Quality assuring of (B)OCU risk registers by Business Groups on the basis of a suitable quality assurance checklist
• Various enhancements to the business risk management standard operating procedure and training programme
• Development of a guide to Control Risk Self-Assessment undertaken in support of the Annual Assurance Statement.

13. Key tasks for the coming financial year relating to insurance management are:

• Bedding down of new insurance broking contract
• Property insurance renewal (October 2008)
• Embedding of good insurance practice in procurement contracts
• Engagement with Boroughs as regards accident claim reduction.

14. The team continues to support Strategic Finance on corporate governance matters, building the required tasks into its work programme.

C. Race and equality impact

The MPS business risk management process requires diversity risks and impacts to be identified and managed, enhancing the ability of the MPS to respond to the diversity imperative.

D. Financial implications

All work undertaken by BRMT is funded from existing budgets. Interventions to reduce risk exposures identified as a result of the deployment of the business risk management process may have financial implications.

E. Background papers

None

F. Contact details

Report author: Nick Chown, Director of Risk Management, MPS

For information contact:

MPA general: 020 7202 0202
Media enquiries: 020 7202 0217/18

Send an e-mail linking to this page

Feedback