It Is Satisfied with the Assurance It Receives

It Is Satisfied with the Assurance It Receives

Agenda Item: 8

Paper No: CM/06/11/07

DATE: / Tuesday 16 November 2011
TITLE OF PAPER: / Strategic Risk Register
The Strategic Risk Register is presented to the Board regularly to enable it to monitor risks to the achievement of strategic objectives. The Board needs to be able to take assurance from the Audit and Risk Committee that:
  • the register is regularly updated and the risks attached to CQC’s strategic objectives are prioritised and effectively managed; and
  • it is satisfied with the assurance it receives.

The Board are asked to REVIEW the risks in light of the report from the Audit & Risk Committee and the quarterly performance scorecard.
Board for information / Executive and Board decision / Executive and Board shared decision / Executive and Board discussion/Board decision
* Check box as required
LEAD DIRECTOR: / Louise Guss, Director of Governance and Legal Services
AUTHOR: / Alastair Cannon, Head of Governance
DIRECTORATE / Governance and Legal Services
DATE: / 4 November 2011
PAPERS: / Annex 1 – Strategic Risk Register


AUDIT TRAIL: / Audit Committee, 19 October 2011
LINK TO STRATEGIC OBJECTIVES AND BUSINESS PLAN / The strategic risk register relates directly to meeting CQC strategic objectives.
RISK IMPACT: / A summary of mitigating actions completed and those identified in high risk areas are specified in the register.
REPUTATION IMPACT: / By putting an effective risk monitoring system in place, stakeholders can be assured that CQC is committed to proactively identifying and minimising its risks. This reduces the likelihood of public concerns as well as negative media attention.

1. Background

1.1 As part of the CQC’s risk management framework there is a register of risks to achieving strategic objectives and meeting statutory duties. These risks are owned by the Board and should be reviewed periodically in light of performance, changes in the operating environment and changes to the strategy. The current register is attached at Annex 1.

1.2 The register is presented to the Board with the quarterly performance scorecard so that the risk ratings can be reviewed in light of current performance. The Audit & Risk Committee keeps the operation of the risk management framework under review and provides the Board with advice on the register and the framework.

1.3 In reviewing the residual risk and the effectiveness of the mitigating actions, Board helps set the risk appetite for the organisation.

  1. Executive Summary

2.1The Audit & Risk Committee has recommended a thorough review of the register to align with the refresh of the strategy (a separate item on the agenda of this meeting) to ensure that the risks remain relevant. This has been arranged as an item for the Board strategy session in December. The ARC independent member has also been invited to attend for that item.

2.2 The Committee recommended for the strategic risk register, and other registers in the framework, that close attention is paid to whether mitigation is intended to reduce likelihood or impact. This would assist in reaching a true evaluation of the mitigating action and therefore a sound judgement about the residual risk. The strategic risk register mitigating actions have been updated with a ‘tag’ to show whether they are intended to reduce likelihood or impact.

  1. Conclusion

3.1In light of the Strategy refresh it was agreed that there would be a joint ARC Board review of the Strategic Risk Register, which would take place at the Board's strategy meeting in December. However the Board should indicate in the meantime if wishes to amend the current risks, their mitigations or ratings.

4.Next Steps

4.1The Audit and Risk Committee will monitor the strategic register and the effectiveness of the framework at its next meeting in January 2012.

Name:Alastair Cannon

Title:Head of Governance

Date04 November 2011

Page 1 of 3