“HEFCE must be confident that the bodies it funds have adequate and effective risk management, control and governance arrangements to protect the investment of public funding; and arrangements for delivering value for money (VFM) from public funds.” Memorandum of assurance and accountability between HEFCE and institutions: Terms and conditions for payment of HEFCE grants to higher education institutions June 2014/12 (effective 1 Aug 2014).
In accordance with HEFCE terms and conditions, its duty as a public body, CUC Code of Governance and in meeting its responsibilities to key stakeholders, the College provides assurance to Council via a robust and comprehensive system of risk management, control and corporate governance. Although not all risks can be eliminated, effective risk management is a fundamental element of good management and provides a framework for prioritisation of activities, how they may be best supported and protected from threats.
The objectives of the College risk strategy are to:
- Ensure that key risks are identified and managed appropriately
- Enhance quality of decisions where both opportunities and risks are present
- Assist in better prioritisation of resources to support primary objectives
- Create a culture of accountability and risk-based thinking
- Integrate risk management with planning activity, including development and implementation of the strategic plan, operational plans and performance monitoring
- Comply with best practice, including the CUC Code of Governance
A risk management process includes a framework allowing for risk identification, assessment of likelihood and impact of the risk, identification of controls and indicators, a decision regarding appropriate mitigation (transfer, treat, tolerate or terminate) and ongoing monitoring and review. A risk owner is identified to ensure accountability for managing the risk.
View the latest Risk Management Strategy and Policy
View the Risk Information Flow .