Risk Management Strategy and Policy
“HEFCE must be confident that the bodies it funds have adequate and effective risk management, control and governance arrangements to protect the investment of public funding; and arrangements for delivering value for money (VFM) from public funds.” Memorandum of assurance and accountability between HEFCE and institutions: Terms and conditions for payment of HEFCE grants to higher education institutions June 2014/12 (effective 1 Aug 2014).
In accordance with HEFCE terms and conditions, its duty as a public body, CUC Code of Governance and in meeting its responsibilities to key stakeholders, the College provides assurance to Council via a robust and comprehensive system of risk management, control and corporate governance. Although not all risks can be eliminated, effective risk management is a fundamental element of good management and provides a framework for prioritisation of activities, how they may be best supported and protected from threats.
The objectives of the College risk strategy are to:
- Ensure that key risks are identified and managed appropriately
- Enhance quality of decisions where both opportunities and risks are present
- Assist in better prioritisation of resources to support primary objectives
- Create a culture of accountability and risk-based thinking
- Integrate risk management with planning activity, including development and implementation of the strategic plan, operational plans and performance monitoring
- Comply with best practice, including the CUC Code of Governance
A risk management process includes a framework allowing for risk identification, assessment of likelihood and impact of the risk, identification of controls and indicators, a decision regarding appropriate mitigation (transfer, treat, tolerate or terminate) and ongoing monitoring and review. A risk owner is identified to ensure accountability for managing the risk.
View the latest Risk Management Strategy and Policy
View the Risk Information Flow .