3. Benefits of Effective Risk Management
8. Policy Review/Document Control
Lancashire Fire and Rescue Service has a moral and statutory duty to take all reasonable actions to safeguard its employees, assets and the public and ensure that it is not financially or operationally disrupted. It will meet this duty by ensuring that risk management plays an integral part in the governance of the Service at a strategic, tactical, and operational level.
Risk management is an active process that requires the co-operation of all staff. Thus, the management of risk is not the responsibility of any one person or group, but the responsibility of every individual in the organisation. Risk management has the responsibility to plan and systematically approach the identification, analysis, and control of risk, and is therefore recognised as an important element of good corporate governance.
The purpose of this Risk Management Policy is to establish a comprehensive framework that ensures effective and consistent risk management practices throughout Lancashire Fire and Rescue Service in alignment with ISO 31000:2018.
This policy aims to enhance the organisation's ability to identify, assess, treat, and monitor risks, thereby promoting safety, protecting assets, and improving decision-making processes.
The objectives of the Risk Management Policy are as follows:
· To implement a systematic and transparent risk management process that identifies, assesses, treats, reports, and reviews risks across all areas of the organisation.
· To establish a standardised set of risk management tools and methodologies applicable to all departments, programmes and projects within Lancashire Fire and Rescue Service.
· To adopt consistent definitions and risk ratings in accordance with ISO 31000:2018, ensuring the identification, assessment, treatment, and reporting of all significant risks within the defined risk appetite.
· To integrate risk management into all planning processes, projects, activities, and day-to-day operations, fostering a risk-aware culture across the organisation.
· To ensure that all managers understand and fulfil their responsibilities in managing risks associated with their respective service areas.
· To communicate risk management information transparently and accessibly, facilitating informed decision-making at all levels of the organisation.
Effective risk management practices aligned with ISO 31000:2018 provide the following benefits to Lancashire Fire and Rescue Service:
· A clear audit trail of all key risks facing the organisation and the necessary actions in place to mitigate them, ensuring accountability and transparency.
· Improved decision-making based on risk assessments and analysis, enhancing the organisation's ability to achieve its objectives.
· Clear ownership of risks across the organisation, promoting a proactive risk management culture.
· Identification and appropriate ownership of cross-cutting risks, facilitating a coordinated and integrated approach to risk management.
· Enhanced corporate governance, fostering confidence and trust among stakeholders.
· Decline in the number of interruptions to service delivery (minimal service disruption and a positive external image as a result).
· Reduction in managerial time devoted to managing the results of a risk event having taken place.
· A more systematic method to addressing legislative, regulatory or competitive demands.
· Improved financial control as a result of risk identification, analysis, treatment, and monitoring.
· Improved health and safety and the superior condition of property and equipment.
For definitions of risk management terms, please refer to Appendix A of the Risk Management Procedure.
· The Combined Fire Authority is responsible for approving the Authority’s risk management policy statement and strategy and for reviewing the effectiveness of risk management.
· Accountability for this Risk Management Policy lies with the Combined Fire Authority and the Chief Fire Officer (CFO).
· The Director of Corporate Services is responsible for preparing the Authority’s risk management policy statement and for promoting it throughout the Authority.
· Senior Management Team (SMT) members are responsible for reviewing corporate and departmental risks and developing appropriate risk management controls in their own areas of responsibility.
· The Director or Corporate Services is responsible for maintaining a corporate risk register and reporting this to the Audit Committee at least annually.
· The Director or Corporate Services is responsible for advising the Authority on insurance matters and is responsible for ensuring that proper insurance cover exists and that adequate resources are available to fund uninsured risks.
· The Deputy Chief Fire Officer (DCFO) is responsible for the development, review, and monitoring of compliance with this policy.
· All employees are responsible for identifying, reporting, and managing existing risks, as well as potential risks not previously recognised and recorded, as part of their daily duties.
· Further responsibilities of various roles in risk management are detailed in Appendix B of the Risk Management Procedure.
· The risk management process at Lancashire Fire and Rescue Service aligns with the principles and guidelines of ISO 31000:2018 and covers corporate, department, programme, and project risks.
· The process allows LFRS to focus on risks that, because of their likelihood and impact, make them management priorities.
· Corporate risks are managed by the Service Management Team (SMT) and discussed as a standing item in quarterly SMT Corporate Programme Board (CPB) meetings.
· Department risks are managed by Department Heads and their staff, applying consistent risk assessment and treatment processes.
· Programme risks are managed by the programme board using standardised risk management methodologies.
· Project risks are managed by the appropriate project managers using standardised risk management methodologies.
· The risk management process involves five stages as detailed in the Five Stage Approach to Risk Management within the Risk Management Procedure.
This Risk Management Policy shall be reviewed and updated as required based on changes in organisational needs, industry standards, or best practices, ensuring its continued alignment with ISO 31000:2018.
Version |
Date |
Reasons for Change |
Amended by |
0.1 |
August 2023 |
First draft |
Esma Alicehajic |
|
|
|
|
|
|
|
|
|
|
|
|
Next Review Date: August 2024
Related Documents (If applicable)
Document Type |
Reference Number |
Title |
Document location |
Date Reviewed |
|
|
Risk Management Procedure |
|
|
|
|
|
|
|