“HEFCE must be confident that the bodies it funds have adequate and effective risk management, control and governance arrangements to protect the investment of public funding; and arrangements for delivering value for money (VFM) from public funds.”   Memorandum of assurance and accountability between HEFCE and institutions: Terms and conditions for payment of HEFCE grants to higher education institutions June 2014/12 (effective 1 Aug 2014).

In accordance with HEFCE terms and conditions, its duty as a public body, CUC Code of Governance and in meeting its responsibilities to key stakeholders, the College provides assurance to Council via a robust and comprehensive system of risk management, control and corporate governance. Although not all risks can be eliminated, effective risk management is a fundamental element of good management and provides a framework for prioritisation of activities, how they may be best supported and protected from threats.

The objectives of the College risk strategy are to:

• Ensure that key risks are identified and managed appropriately
• Enhance quality of decisions where both opportunities and risks are present
• Assist in better prioritisation of resources to support primary objectives
• Create a culture of accountability and risk-based thinking
• Integrate risk management with planning activity, including development and implementation of the strategic plan, operational plans and performance monitoring
• Comply with best practice, including the CUC Code of Governance  

A risk management process includes a framework allowing for risk identification, assessment of likelihood and impact of the risk, identification of controls and indicators, a decision regarding appropriate mitigation (transfer, treat, tolerate or terminate) and ongoing monitoring and review. A risk owner is identified to ensure accountability for managing the risk.

View the latest Risk Management Strategy and Policy

View the Risk Information Flow .