TB101

Liverpool Hope Students’ Union Risk Register

Introduction

Charities that are required by law to have their accounts audited must make a risk management statement in their trustees’ annual report confirming that ‘….the charity trustees have given consideration to the major risks to which the charity is exposed and satisfied themselves that systems or procedures are established in order to manage those risks’ (Charities) Accounts and Reports) Regulations 2008).

As a Smaller Charity (an income of less than £500,000) the guidance states: ‘Trustees of smaller charities…… (who should still be concerned about the risks their charity faces) are encouraged to make a risk management statement as a matter of good practice.’

Assessing Risk

Identified risks need to be put into perspective in terms of the potential severity of their impact and likelihood of their occurrence. Assessing and categorising risks helps in processing them and filtering them, and in establishing if any further action is required.

Method: Look at each identified risk, decide how likely it is to occur and how severe is its impact on the union if it did occur.

Impact (y)

Descriptor / Score / Impact on service & reputation
Insignificant / 1 /
  • No impact on service
  • No impact on reputation
  • Complaint unlikely
  • Litigation risk remote

Minor / 2 /
  • Slight impact on service
  • Slight impact on reputation
  • Complaint possible
  • Litigation possible

Moderate / 3 /
  • Some service disruption
  • Potential for adverse publicity – avoidable with careful handling
  • Complaint probable
  • Litigation probable

Major / 4 /
  • Service disrupted
  • Adverse publicity not avoidable (local media)
  • Complaint probable
  • Litigation probable

Extreme/catastrophic / 5 /
  • Service interrupted for significant time
  • Major adverse publicity not avoidable (national media)
  • Resignation of senior management and board
  • Loss of beneficiary confidence

Likelihood (x)

Descriptor / Score / Impact on service & reputation
Remote / 1 / May only occur in exceptional circumstances
Unlikely / 2 / Expected to occur in a few circumstances
Possible / 3 / Expected to occur in some circumstances
Probable / 4 / Expected to occur in many circumstances
Highly probable / 5 / Expected to occur frequently and in most circumstances

The heat map below increases the weighting of impact basedon a scoring of xy+y where x is likelihood and y is impact.

Red – major or extreme/catastrophic risks that score 15 or more

Yellow – moderate or major risks thatscore between 8 and 14

Blue or green – minor or insignificant risk scoring 7 or less

Impact / Extreme/catastrophic 5 / 10 / 15 / 20 / 25 / 30
Major 4 / 8 / 12 / 16 / 20 / 24
Moderate 3 / 6 / 9 / 12 / 15 / 18
Minor 2 / 4 / 6 / 8 / 10 / 12
Minor 1 / 2 / 3 / 4 / 5 / 6
Remote
1 / Unlikely
2 / Possible
3 / Probable
4 / Highly probable
5
Likelihood

1

TB101

Risk area/risk identified / Likelihood of occurrence / Severity of impact (score) / Overall or ‘gross’ risk / Potential Impact / Control procedure / Retained or ‘net’ risk / Monitoring Process / Responsibility / Further action required
Governance Risks
The union lacks direction, strategy & forward planning / 2 / 3 / 9 / Union ‘drifts’ with no clear objectives, priorities or plans.
Issues are addressed piecemeal with no strategic reference.
Needs of membersnot fully addressed.
Financial managementdifficulties.
Damage to reputation / Strategic Plan to be launched in Jan 2015which will set the key aims, objectives & policies informed by NUS Diagnostic
Create financial plans & budgets
Monitor financial and operational performance
Get feedback from members and key stakeholders / 6 / Standing agenda items at bi-monthly trustee board meetings
AnnualisedCalendar of trustee meetings
Scorecards used to monitor impact & progress / UDM
Board
UDM
Sabbs
UDM / Strategic Plan to be shared with stakeholders for feedback & launched in Jan 2015
Trustee board lacks relevantskills or commitment / 2 / 4 / 12 / Student trustees feel unsupported and lack confidence to make decisions
Decisions are made bypassing trustees
Resentment or apathy amongst staff
Poor decision making reflected in poor value for money on service delivery
Lack of support and appropriate line management of UDM / Trustee training and induction in place for sabbatical & student trustees
Development pathway implemented for board
Draw up competenciesframework and job descriptions
Review and agree skills required
Review and agree recruitment process
Annualised calendar of meetings / 2 / studenttrusteetraining and induction reviewed annually in line with NUS guidance
Board to review itself and conduct regular skills audit / UDM
Board / Board away day
Buddy scheme between external & student trustees
Trustee Body dominated by one or two individuals, or by connected individuals / 3 / 2 / 8 / Trustee body cannot operate effectively as strategic body
Decisions made outside of trustee body
Conflicts of
Interest
Pursuit of personal agenda
Culture of secrecy or deference
Arbitrary over-riding of control mechanisms. / Consider the structure of the trustee body and its independence
Agree mechanisms to manage potential conflicts of interest
Review and agree recruitment and appointment processes in line with governing document
Agree procedural framework for meetings and recording decisions. / 2 / Board to review itself and conduct regular skills audit
Annual away day for board / Board
UDM / Introduceevaluationmethods for trustees to asses own and board’s performance
Trustees are benefiting from charity (e.g. remuneration) / 1 / 3 / 6 / Poor reputation, morale and ethos
Adverse impact on overall control environment
Conflicts of interest
Possibility of regulatory action / Ensure legal authority for payment or benefit
Consider alternative staffing arrangements
Implement terms and procedures to authorise/approve expenses and payments
Agree procedures and methods to establish fair remuneration conducted separately from ‘interested’ trustee (remuneration committee/benchmarking exercise etc) / 2 / Expenses Policy in Place for trustees
Up to date FinancialRegulations & Procedures / UDM
Board
Ineffective organisational structure / 1 / 3 / 6 / Lack of information flow and poor decision-making procedures
Remoteness from operational activities.
Uncertainty as to roles and duties
Decisions made at inappropriate level or excessive bureaucracy / Agree protocol for reviewing new projects to ensure consistency with objects, powers and terms of funding
Create financial systems to identify restricted funds and their application. / 4 / Staff satisfaction surveys
Board to assess own performance / UDM
Board / Due to low staffing levels there is a remote likelihood of distance between SMT & Staff
Activities potentially outside objects, powers or terms of gift (restricted funds) / 2 / 4 / 12 / Loss of funds available for beneficiary class
Liabilities to repay funders
Loss of funder confidence
Potential breach of trust and regulatory action
Loss of beneficiary confidence
Taxation implications (if non-qualifying expenditure) / Agree protocol for reviewing new projects to ensure consistency with objects, powers and terms of funding
Create financial systems to identify restricted funds and their application. / 6 / Finance & Audit Subcommittee in place
Appropriate reporting mechanisms to trustee board / Board
UDM
Loss of key staff / 3 / 5 / 20 / Experience of skills lost
Operational impact on key projects and priorities
Loss of contact base and corporate knowledge / Succession planning
Business Continuity Plan
Document systems, plans and projects
Implement training programmes
Agree notice periods and handovers
Review and agree recruitment processes / 12 / Appraisal Systems for staff
Investment in Staff development
Subcommittee of Trustee Board to oversee managementsupport for UDM` / Board
UDM / High impact as such a small staff team
Conflicts of interest / 2 / 3 / 9 / Charity unable to pursue its own interests and agenda
Decisions may not be based on relevant considerations
Impact on reputation
Private benefit / Agree protocol for disclosure of potential conflicts of interest
Put in place procedures for standing down on certain decisions
Review recruitment and selection processes. / 6 / Minutes of meetings
Self-evaluation by board / UDM
Board / Procedure for standing down on certain decisions is put in place
Reporting to trustees (accuracy, timeliness and relevance) / 3 / 4 / 16 / Inadequate information resulting in poor quality decision making
Failure of trustees to fulfil their control functions
Trustee body becomes remote ill informed / Put in place proper strategic planning, objective setting and budgeting processes
Timely and accurate project reporting
Timely and accurate financial reporting
Assess and review projects and authorisation procedures
Have regular contact between trustees and senior staff and managers / 9 / Set annualised calendar each year
UDM appraisal / UDM to attend workshops on board development etc
Review arrangements for clerking duties to release pressure on UDM
Membership of Trustee Body changes annually with newly elected Sabbatical and Student Trustees / 5 / 3 / 18 / Trustee Board has to rebuild themselves as a team each year
Individual political agendas
Lack of skills needed for board
Trustees who didn’t stand to be trustees / Briefing to candidates before they stand on role of trustee
Intense training for sabbatical & student trustees
Board away days
Buddy scheme between external & student trustees
External trustees to have split terms of office so no mass exit of all at once / 12 / Board away days
1:1’s between UDM & sabbaticals
Self-evaluation by board / UDM
Board
Operational Risks
Capacity and use of resources including tangible fixed assets / 5 / 3 / 18 / Under-utilised or lack of appropriate physical space within the university
Lack of identity of union on campuses no clear identity
Students unaware of where union is on campus
Inadequate confidential space for advise service
No ownership of union space by students
Mismatch between staff allocations and key objectives / Pop up union to go out onto campus and use social spaces as base for working / 12 / NSS score
Other market research with students
Engagement figures / UDM
Sabbs / Business Plan to university re allocated space on campus
Service provision – lack of visibility to members / 4 / 4 / 20 / Reduced public profile
Reduced engagement from members / Implement pop up union
Benchmark services and implement complaints review procedures. / 12 / NSS score
Other market research with students
Engagement figures / UDM
Sabbs
Contract Risks / 1 / 2 / 4 / Onerous terms and conditions
Liabilities for non-performance
Non-compliance with charity’s objectives
Unplanned subsidy of public provision / Create cost/project appraisal procedures
Agree authorisation procedures
Get professional advice on terms and conditions
Put in place performance monitoring arrangements
Consider insurable risks cover / 2 / Finance & Audit Sub-Committee / UDM
Board
Project or service development / 3 / 2 / 8 / Compatibility with objects, plans and priorities
Funding and financial viability
Project viability
Skills availability / Appraise new project, budgeting and costing procedures
Authorisation procedures in place
Review monitoring and reporting procedures / 4 / Business Cases for new projects to go to trustee board for scrutiny / UDM
Board / Create assessment process for new business cases
Suppliers, dependency, bargaining power / 1 / 2 / 4 / Dependency on key supplier
Lack of supplier to meet key operational objectives
Non-competitive pricing/quotes
Insufficient buying power / Use of competitive tendering for larger contracts
Put in place procedures for obtaining quotations
Authorised suppliers listing
Monitor quality/timeliness of provision
Use service level agreements
Consider use of buying consortia / 2 / Finance & Audit Sub-Committee
Security of assets / 1 / 3 / 6 / Loss or damage
Theft of assets
Infringements of intellectual property rights / Review security arrangements
Create asset register and inspection programme
Agree facility management arrangements
Have safe custody arrangements for documents
Manage use of patent and intellectual property
Review insurance cover / 4 / Finance & Audit Subcommittee
Fund-raising / 1 / 3 / 6 / Unsatisfactory returns
Reputational risks of campaign or methods used / Implement appraisal, budgeting and authorisation procedures
Review regulatory compliance
Monitor the adequacy of financial returns achieved ( benchmarking comparisons)
Stewardship reporting in annual report / 6 / Fundraising proposals through UDM before submission
Employment issues / 1 / 3 / 6 / Employment disputes
Health and safety issues
Claims for injury, stress, harassment, unfair dismissal
Equal opportunity and diversity issues
Adequacy of staff training
Child protection issues
Low morale
Abuse of vulnerable beneficiaries / Review recruitment processes
Utilise NUS HR Support Unit
Insurance cover in place
Agree reference and qualification checking procedures, jobdescriptions, contracts of employment, appraisals and feedback procedures
Implement job training and development
Implement health and safety training and monitoring
Be aware of employment law requirements
Implement staff vetting and legal requirements ( e.g. CRB checks)
Agree a whistle –blowing policy / 6 / HR/Personnel Subcommittee / UDM
Board / Set up HR/Personnel Subcommittee
High staff turnover / 2 / 2 / 6 / Loss of experience or key technical skills
Recruitment costs and lead time
Training costs
Operational impact on staff morale and service delivery / Review interview and assessment process
Agree fair and open competition appointment for key posts
Agree job descriptions and performance appraisal and feedback systems
Conduct ‘exit’ interviews
Team Away Days
Team Meetings
Review rates of pay, training, working conditions, job satisfaction / 3 / Annual Appraisals
6 weekly 1:1 supervisions / HR/Personnel Sub-Committee
Volunteers / 2 / 2 / 6 / Lack of competencies, training and support
Poor service for beneficiaries
Inadequate vetting and reference procedures
Recruitment and dependency / Review and agree role, competencies
Review and agree vetting procedures
Review and agree training and supervision procedures
Agree development and motivation initiatives / 3 / Designated Staff member to oversee volunteer development programme / HR/Personnel Sub-Committee
Health, safety and environment / 1 / 3 / 6 / Staff injury
Product or service liability
Ability to operate (see compliance risks)
Injury to beneficiaries and the public / Comply with law and regulation
Train staff and compliance officer
Put in place monitoring and reporting procedures / 4 / Attendance at university’s Health & Safety Sub-Committee / SU Health & Safety Sub-Committee
Disaster recovery and planning / 1 / 4 / 8 / Computer system failures and loss of data
Destruction of property, equipment, records, through fire, flood or similar damage / Agree IT recovery plan
Implement data backup procedures and security measures
Supported by university’s IT services & systems
Review insurance cover
Create disaster recovery plan including; alternative accommodation / 4
Procedural and Systems documentation / 2 / 2 / 6 / Lack of awareness of procedures and policies
Actions taken without proper authority / Properly document policies and procedures
Audit and review of systems
Staff, Officer & Volunteer Inductions / 3 / 1:1 Supervision
Team Meetings / UDM
Information technology / 2 / 2 / 6 / Systems fail to meet operational need
Failure to innovate of update systems
Loss/corruption of data e.g. donor base
Lack of technical support
Breach of data
Protection law / Appraise system needs and options
Union Cloud Support
Supported by university’s IT services & systems
Appraise security and authorisation procedures
Implement measures to secure and protect data
Agree implementation an development procedures
Use service and support contracts
Create disaster recovery procedures
Consider outsourcing
Review insurance cover for any insurable loss / 6 / Annual Review of systems
Financial Risks
Budgetary control and financial reporting / 2 / 4 / 12 / Budget does not match key objectives and priorities
Decisions made eon inaccurate financial projections or reporting
Decisions made based on unreliable costing data or income projections
Inability to meet commitments or key objectives
Poor credit control
Poor cash flow and treasury management
Ability to function as going concern / Link budgets to strategic planning and objectives
Monitor and report in a timely and accurate manner
Use proper costing procedures for service delivery
Ensure adequate skills base to produce and interpret budgetary and financial reports
UniversityFinanceDept. support for UDM in managing record keeping / 8 / 1/4ly management accounts produced for board & university
Annual Independent Examination of Accounts / Finance & Audit Sub-Committee / Implement SAGE software & training Nov 2014
Reserve policies / 4 / 4 / 20 / Lack of funds or liquidity to respond to new needs or requirements
Inability to meet commitments or planned objectives
Reputational risks if policy cannot be justified / Link reserves policy to business plans, activities and identified financial and operating risk
Regularly review reserves policy and reserve levels / 12 / 1/4ly management accounts produced for board & university
Annual Independent Examination of Accounts / Finance & Audit Sub-Committee / Continue to project surplus in annual budget
Cash flow sensitivities / 3 / 4 / 16 / Inability to meet commitments
Lack of liquidity to cover variance in costs
Impact on operational activities / Ensure adequate cash flow projections ( prudence of assumptions)
Identify major sensitivities
Ensure adequate information flow from operational managers
Monitor arrangements and reporting / 12 / 1/4ly management accounts produced for board & university
Annual Independent Examination of Accounts / Finance & Audit Sub-Committee
Dependency on income sources / 5 / 5 / 30 / Cash flow and budget impact of loss and income source / Identify major dependencies
Implement adequate reserves policy
Consider diversification plans / 30 / Block grant accounts for approx. 60-65% of block all income. This is unlikely to change and we will always be reliant on one income source
Explore additional income streams
Borrowing / 2 / 3 / 9 / Interest rate movements
Ability to meet repayment schedule
Security given over assets
Regulatory requirements / Appraise future income streams to service the debt
Appraise terms (rates available, fixed, capped variable etc)
Appraise return on borrowing
Use appropriate professional advice. / 6 / 1/4ly management accounts produced for board & university
Annual Independent Examination of Accounts / Finance & Audit Sub-Committee / No borrowing plans for foreseeable future
Pension commitments / 3 / 4 / 16 / Under-funded defined benefit scheme
Impact on future cash flows
Failure to meet due dates of payment
Regulatory action or fines / Use actuarial variations
Review pension scheme arrangements ( e.g. money purchase schemes)
Review procedures for admission to NEST and controls over pension administration / 12 / Attend SUSS AGM
1/4ly SUSS newsletter
Annual budget allocations account for SUSS deficit / Finance & Audit Sub-Committee
Inappropriate or loss-making non-charitable trading activities / 2 / 2 / 6 / Resources withdrawn from key objectives
Resources and energy diverted from profitable fund-raising or core activities
Regulatory action, and accountability
Reputational risk if publicised / Monitor and review business performance and return
Ensure adequacy of budgeting and financial reporting within the subsidiary of activity budget.