Risk Register Analysis

Transcription

1 Risk Register Analysis Date adopted by Governing Body: Signed on behalf of the Governing Body: Name in block: K Turton Review Date: Autumn 2018

2 Battling Brook Primary School Risk Register Autumn 2016 Approved by : Summer 2015 Review Date: Autumn 2016 Version Id. Content Responsible Date V1.0 Version for approval 1

3 Contents 1.0 Strategic & Reputational Risks 1.1 Strategic Risks 1.2 Public Profile Risks 1.3 Governing Body Organisation Risks 2.0 Operational Risks 2.1 Management Information Risk 2.2 /Performance & Pay Risk 2.3 Income Risk 2.4 Supplier Risk 3.0 Compliance Risks 3.1 Employee legislation 3.2 Environmental legislation 3.3 Financial reporting 3.4 Charities legislation 3.5 Tax legislation 3.6 Data Protection Act 3.7 Welfare compliance 3.8 Sector compliance 3.9 Local Authority & Central Government 4.0 Financial Risks 4.1 Overall financial control 4.2 Financial Systems 4.3 Income 4.4 Expenditure 4.5 Treasury 4.6 Fixed asset 4.7 Investment 4.8 Stock 4.9 Debtors 4.10 Taxation 4.11 Provisions and contingent liability 4.12 Related party 4.13 Funds

4 4.14 Pension 1.0 Strategic and Reputational Risk Category 1.1 Strategic Sub Category Academy objects Charitable status Long term demand Competition Responsible for review Specific Risk Academy is not operating within its Articles of Association (Education) Academy s objects/articles become out of date / are no longer appropriate Likelihood of occurring (5 = High, 1 = Low) Impact if occurs (5 = High, 1= Low) Combined score Likelyhood x Impact Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT Governing Body to confirm that it is satisfied that we are operating within the objects/ articles every AGM TREAT Governing Body to confirm that it is satisfied that the objects are appropriate every AGM. Academy receives unfavourable Ofsted report TREAT Governing Body to review Development Plan and to give report to on progress in order for them to monitor progress during the year. Risk that Academy could lose its charitable status (liable to Corporation Tax) Insufficient demand for Academy s services leaves it unsustainable Presence of other organisations with similar objects and little scope for differentiation TREAT Governing Body to ensure that Battling Brook complies with all Charity Commission regulations. Auditors to confirm TREAT Future pupil numbers to be monitored by / report to Governing Body on annual basis. 3Year plan monitored by TREAT Development Plan, Primary links. Competitive strategic planning to differentiate Person(s) responsible for action Clerk Clerk Auditors Gov Body

5 1.1 Strategic Stakeholder Investment powers Other organisations competing for the same sources of income Beneficiaries / other stakeholders don t consider that Academy provides a valuable / high quality service Risk of not acting in accordance with their investment powers from other Academies/Schools if becomes appropriate TREAT Main income from EFA Research Fund Raising opportunities TREAT Review SDP on annual basis. Encourage feedback from Beneficiaries / other stakeholders TREAT Bank mandate with signatory limits. Robust internal procedures in place and segregation of duties. and Internal Audit reports. Insurance Risk of financial loss / inability to replace items if Academy does not have adequate insurance cover TRANSFER to approve insurance renewal on annual basis. Macro economic Risk of the impact of what an uncontrollable event will have on the Academy e.g. recession, war, oil crisis TREAT Creation / Implementation of Business Continuity Plan to monitor. Change of Change of funding policy and introduction of TREAT Revise Development Government new education priorities by Government Plan to cope with Education changes in policy Government policy. Review 3 year plan, take action to decrease costs and increase income from other sources Natural F&A + S,B&W Risk of the impact an uncontrollable event will TRANSFER Insurance Policy Finance /

6 disaster have on the Academy, e.g. fire, flood Instigate Business Continuity Plan renewed every year. Creation / Implementation of Business Continuity Plan? and Health and S to monitor. Technology S, Behaviour & Welfare Risk of IT / Telephone/Text failure TRANSFER/ TOLERATE IT insurance in place, management reviewed annually, improved to single provider. Telephone services stable Curriculum Information security TOLERATE ICT Policy, Firewalls and website security for students and staff. User Defined controlled access rights for staff using the SIMS suite and school network. Stable network, backup systems and qualified staff. Finance Virus / corruption of data TOLERATE Staff induction process Virus protection system in place Network Manager Network Manager Finance If systems are out of date / no longer supported TOLERATE Stable network, backup systems and qualified staff. Budget to make provision for upgrades Network Mgr Category Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date Person(s) responsible for action

7 Academy objectives Academy not seen by public to be meeting its objectives Operations of the Academy are controversial or may attract a high level of public interest TOLERATE and SMT annual review of activities and SDP against objects. Regular reports to TOLERATE and annual review of activities and SDP against objects. Regular reports to 1.2 Public Profile Governor profile Expenditure Stakeholder have a high public profile and may cause the Academy to attract publicity are seen by the public to be paid a high amount for expenses are not considered to be at arms length from Academy Management and administration costs are perceived by the public to be high Senior Leadership Team of the Academy are seen by the public to be paid high salaries Reserves level Academy seen to be holding reserves and not spending enough on its current pupils TREAT Review selection process for new TOLERATE Rules on expenses to be followed. Gifts and Hospitality policy/practices to be enforced TREAT Apply rules from Finance Policy for purchasing and tender process. Regular Declaration of Business interests TOLERATE Comparison to other Academies to ensure reasonableness. Benchmarking. Actual costs of Head teacher published in annual accounts TOLERATE Comparison to other Academies to ensure reasonableness. Benchmarking. Actual costs published in annual accounts TREAT to agree Reserves spend / contingency presented in annual accounts & budgets. Members

8 Quality of service/ produce Curriculum Academy provides a poor quality service to its customers (Pupils/Parents) Fraud Fraud discovered at the Academy attracts bad publicity TREAT GB to agree Development Plan. to give progress reports. Curriculum committee to monitor progress TREAT Internal controls in place and Internal Audit assurance service. External Audit services. Qualified HR and Finance Staff Insurance in place. Failure to comply with legislation S, B & W Failure to comply with Health and Safety legislation results in an employee/volunteer at the Academy being injured at work, attracting bad publicity Failure to comply with employment law e.g. unfair dismissal of an employee attracts adverse publicity TREAT H&S policy in place. H&S Services contract in place. H&S in place. staffing delegated to oversee H&S Site staff appropriately qualified. Insurance in place TREAT HR policies in place. HR Services contract in place Legal Services contractsin place have delegated responsibility to monitor on regular basis. Litigation Academy is involved in litigation TOLLERATE Legal Services contracts in place Site Mgr Category Sub Category Delegation Specific Likelihood of occurring (5 = High, 1 = Low) s not established with delegated authority, e.g. finance and, personnel, Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT First meeting of in Autumn term to confirm Person(s) responsible for action Governing Body

9 1.3 Governing Body Organisation / absence absence etc. terms of reference not consistent / adequate, etc. F&S terms of reference not sufficiently flexible delegate too little / too much to the and / or do not ensure rigorous monitoring is undertaken in the absence of the and / or do not ensure that staffing levels are maintained and fully qualified membership of committees and review schedule of delegation TREAT Terms of Reference to be agreed and ratified annually TREAT Terms of Reference to be agreed and ratified annually TREAT Schedule of delegated powers to be reviewed in Sept. Approved by full GB TREAT PM Reviews Internal Audit Review of accounts by TREAT conduct a staffing structure review annually Governing Body Governing Body Governing Body Internal Audit Governing Body 2.0 Operational Risks Category 2.1 Management information Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) Quality Risk that information produced (financial and non-financial) for and senior management is not accurate or not in a format suitable for monitoring the performance of the Academy Timeliness Risk that management information is not available quickly after the period to which it relates Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT Robust financial management system in place. Well trained staff Annual audit of accounts. Annual Internal Audit on areas causing concern TREAT Management accounts produced on a monthly basis Full report to on a termly basis. Person(s) responsible for action

10 Review Risk Risk that management information is not subject to review Risk that action is not taken after the review of management information Quantity Risk that too little management information is produced to facilitate informed decision making TREAT Timetable for meetings and adequate minutes TREAT Minutes prepared with action points. Reviewed at next meeting TREAT Regular reports to s. s report to GB Clerk Category 2.2 Human, Risk Sub Category Governor Risk Specific Likelihood of occurring (5 = High, 1 = Low) Insufficient experience of Academy / education sector without the required expertise to advise/support the Academy Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT Selection process to ensure that ( except Parent ) have appropriate experience before appointment TREAT Selection process to ensure that (except Parent ) have appropriate experience before appointment. Lack of availability / poor attendance at meetings TREAT Timetable of meetings issued at start of the year. Minutes issued showing who was absent. to follow up persistent absence. Entrepreneurial that are too entrepreneurial. Risk that activities of the Academy could be outside its objects TREAT Governor Training Confirm Governor roles and responsibilities annually Person(s) responsible for action become too involved with management of the Academy and are not independent from management TREAT Governor Training Confirm governor roles and responsibilities annually do not act solely in the TREAT Governor Training.

11 interests of the Academy but for their business / other interests etc. Declaration of business interests register maintained. 2.2 Human Risk No member with responsibility for financial oversight is appointed TREAT Recruitment / Selection of appropriately qualified members of Governing Body sit on s Passive TREAT Recruitment / Selection process of. Governor Training. Management Senior management capability / experience of Academy/Education sector TOLERATE Training/recruitment procedures in place for all senior staff. Good retention of senior management Seek advice from DFE, Auditors, solicitors. Integrity TOLERATE Training/robust recruitment procedures. DBS checks P & P Key person loss / long term absence / succession TREAT Develop succession planning for all key roles Spring 16 Staff Low morale TREAT Staff briefing, staff meetings, team meetings. Well being scheme CPD budget Performance Reviews Robust HR policies Retention TREAT CPD budget Performance Reviews Robust HR policies Recruitment / retention H+S Recruitment ( of recruiting the wrong person) Recruitment ( of recruiting someone not suitable to work with children) payments TOLERATE Robust recruitment / selection procedures. Robust induction procedures. Robust HR policies TREAT DBS checks in place to ensure compliance/list

12 2.2 Human Risk P & P P & P Performance Management/Appraisal /assessment Staff matters not referred to HR professionals, may lead to tribunals 99 checks and overseas checks where applicable. Child Protection Training for all staff. Safer Recruitment training for chosen staff TREAT Annual assessment of staff performance and appraisals, target settings TREAT HR Service contracts and Legal services in place. Robust HR policies in place. Insurance for tribunal costs in place P & P Training TREAT Training budget available to support CPD. CPD identified during Annual assessment of staff performance and appraisals, target settings. P & P Technical capability TREAT Robust recruitment / selection procedures to assure suitably qualified staff. CPD opportunities Head of Curriculum Area Head of Curriculum Area Head of Curriculum Area Volunteer P & P Excessive reliance on volunteers TREAT Volunteers monitored within lesson P & P observations. Lack of control over volunteers TREAT Training and informal P & P observations Volunteers Training TREAT Volunteers given induction and are given a checklist of expectations and behavior. S, B & W Risk that volunteers are not of appropriate quality/vetted/subject to police checks TREAT All volunteers to be treated the same as staff with regard to recruitment and management of personnel. DBS checks H & S H+S Staff fatality / injury TREAT Robust H&S policy in staff handbook and staff drive. HT HT HT Head of Curriculum Area

13 H+S Pupils at the School Other third party (contractors / visitors) H&S training has been rolled out to premises staff. Risk Assessments carried out on Premises Sufficient insurance guards against financial loss. briefed on H&S TOLERATE Regard to management of Contractors. Sufficient public liability insurance in place. Site security procedures followed - CCTV system, controlled access to school. Visitor management procedures in place. Site Mgr All staff Site Manager 2.3 Income 2.4 Supplier Donor Academy heavily reliant on one donor TOLERATE Donor has a strong influence/power over TOLERATE N/A Academy s activities N/A Marketing Other Academies/Schools competing for TOLERATE Main income is from EFA. donations or similar sources of income Capital Maintenance Fund affected by more Grants receivable Supplier selection Grants receivable not used for the purposes for which they were given Academies converting TREAT to monitor spending of grants Supplier financial viability TREAT Major suppliers background checks. Supplier inappropriate TREAT New suppliers to be approved by HT. Checked for Best value Contracts monitored by Supplier connected with either or staff TREAT Annual declaration of business interests. Key supplier Risk that supplies not available TOLERATE Alternative suppliers are

14 dependency Value for money available. SLA in place, but not tied into long term contracts for supplies. Risk of dependency on few suppliers TOLERATE Not dependent solely on any one suppliers. Purchase price TOLERATE Finance Policy in place Procurement via ESPO for energy service best value sourcing 3.0 Compliance Risks Category 3.1 Employee legislation Sub Category Employment laws Specific Likelihood of occurring (5 = High, 1 = Low) Risk that legislative requirements are not known or complied with Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT HR Services contract in place Legal Services contract in place Discrimination TREAT HR Services contract in place. Equal Opportunities policy Disability Equality Policy Data protection TREAT HR Services contract in place Legal Services contract in place Data Protection policy Human rights TREAT HR Services contract in place Legal Services contract in place Equal opportunities TREAT HR Services contract in place. Equal Opportunities policy Person(s) responsible for action Admin team Admin team Admin team Admin team Admin team

15 3.2 Environmental legislation 3.3 Financial reporting 3.4 Charities legislation 3.5 Tax legislation Contract of Employment s TREAT HR Services contract in place Legal Services contract in place Pension Risk that legislative requirements are not known or complied with Health & Safety UK Legislation EU Legislation Statutory accounts Accounting standards SORP compliance Charities laws Charities laws VAT/PAYE/NI Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk that legislative requirements are not known or complied with Risk are not aware of the legislative requirements of being on the Forum Risk that legislative requirements are not known or complied with TREAT Regular updates from LGPS and Teachers Pension scheme. Attend briefings on changes TREAT H & S Services Contract in place H& S Policy in place and available to all staff. Staff trained TREAT HR Services contract in place Legal Services contract in place TREAT HR Services contract in place Legal Services contract in place TREAT Auditors / Accountants employed to advise and prepare statutory accounts TREAT Accountants employed to advice DfE accounting standards followed. DfE Financial handbook available TREAT Advice from Accountants and DFE TREAT Accountants and solicitors employed to advise and prepare annual returns etc TREAT Accountants and solicitors employed to advise governors on legislation TREAT Advice from Accountants Internal Audit checks Payroll Services contract Admin team

16 3.6 Data Protection Act Data Protection Risk that legislative requirements are not known or complied with in place TREAT ICO Registration Data Protection policy in place Category Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) 3.7 Welfare compliance Disability H+S Risk that legislative requirements are not known or complied with Child Protection Act S, B & W Risk that legislative requirements are not known or complied with Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT DDA compliance of school is reviewed annually. Risk assessments for those at. Disability equality scheme in place TREAT Full Staff training for aspects of Child Protection. Child Protection policy in place. Person(s) responsible for action SENCO Site Manager DSP 3.8 Sector compliance National curriculum compliance Risk that legislative requirements are not known or complied with TREAT Curriculum to review curriculum to ensure we comply with legislation. HT aware of curriculum responsibilities Curriculum Asst 3.9 Local Authority and Central Government Grant criteria Grant terms and conditions are not complied with. Licensing Risk that legislative requirements are not known or complied with TREAT Maintain record of reporting requirements. Standard documentation for reporting. Part of Internal Audit checks TREAT Annual checks on all necessary licenses. ICT licenses held by Network Manager All other Licenses held/subscribed to by /Finance Officer Network Manager

17 4.0 Financial Risks Category Sub Category Specific Likelihood of occurring (5 = High, 4.1 Overall financial control Budget Risk that budget cannot be prepared in accordance with EFA timetable Risk that budget will be in deficit and that it cannot be met by reserves Risk that actual performance is not measured against budget on a regular basis Risk that budget headings are manipulated to ensure targets are met 1 = Low) Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date TREAT to monitor at meetings. to review with on regular basis TREAT Prepare 3-5 year models to highlight problems in future years. to monitor termly reports from. Efficiency savings to be made when/if appropriate TREAT Monthly management accounts Budget reports to termly meetings TREAT Budget virements in line with Finance Policy Internal Audit checks Person(s) responsible for action 4.2 Financial systems Reconciliation Systems suitability Risk that bank reconciliations / other key reconciliations are not completed and reviewed Risk that suspense accounts are not cleared or reconciled Risk that financial system is not suitable for Academy s needs TREAT Bank and other balance sheet reconciliations produced and countersigned. Month-end management accounts ensures prompt reporting TOLERATE Swallowdale do not use suspense accounts TREAT Adequate Financial system in place with support contract. Review during first 2 Finance Officer Finance Officer

18 Maintenance Risk that financial system will not be maintained by provider in long term Disaster Risk that financial information cannot be recovered in the event of a disaster (e.g. fire, theft, vandalism) Access Risk of unauthorised access to financial systems years of use TOLERATE CAPITA supports FMS6 which is used in 79% of schools in UK. Large user group and excellent support. Upgrades once a term TREAT Back up procedures in place. Data stored off site. Disaster Recovery Plan to be prepared TREAT Finance System has user defined access rights set appropriately. Regulated access to network. Regular review of passwords Network Manager Network Manager SMB Network Manager Category Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) 4.3 Income Completeness Restricted income Sponsorship funding Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date Invoices not raised for all transactions TREAT S+B / Finance to monitor income. Lettings and hire income checked overseen by Finance Donations in kind or intangibles are not recorded or recognised in the financial statements TREAT Finance Policy for dealing with donations / gifts over 100. Income is not identified as restricted on receipt TREAT FMS6 allows income to be coded by funding stream. Restricted income is used for purposes other than restriction Restricted funds are transferred to unrestricted funds without consent of donor (PTFA) TREAT FMS6 allows income and expenditure to be coded by funding stream. Internal Audit checks TREAT Separate cost centres for donations. Internal Audit checks Sponsorship targets not met Not applicable Person(s) responsible for action Site Manager Finance Officer

19 4.4 Expenditure Sponsorship promised by individual partners is not delivered Cut off Risk that income is accounted for in the wrong accounting period Not applicable TREAT Training and Y/E procedures. Cut off procedures in place. Monthly forecasting and monitoring in place. Fraud Risk that donations are misappropriated TREAT Busar to report to every term. Auditors to check. Authorisation Allocation Risk that expenditure is not authorised TREAT Finance Policy in place Robust internal procedures in place. Risk that expenditure is allocated between dept headings using inappropriate basis Price Risk that discounts are not secured or price reductions obtained on purchases or services Cut off Risk that expenditure is accounted for in the wrong accounting period TREAT Monthly budgets issued to depts by Finance Officer. Checked by Head of department TREAT Delegated budgets mean motivation for budget holders to seek better deals. Tendering process for larger orders TREAT Training and Y/E procedures. Cut off procedures in place. Monthly forecasting and monitoring in place. Fraud False invoice / payment TREAT Authorisation of invoice required to confirm goods received and satisfactory by budget holder Separation of duties in finance. Internal Audit checks Admin Officer Finance Admin Officer Finance Officer Head of Curriculum Area Head of Curriculum Area Finance Officer Admin Officer Internal Auditors Category Sub Category Specific Likelihood of occurring Impact if occurs (5 = Response (transfer, tolerate, Control procedures and target date Person(s) responsible for action

20 4.5 Treasury Cash flow Risk that cash flow requirements are not forecast (5 = High, 1 = Low) High, 1= Low) treat or terminate TREAT Annual budget signed off by. Budget forecast required by EFA 4.6 Fixed asset 4.7 Investment 4.8 Stock Capital construction Asset recognition Risk that cash is all tied up in investments and insufficient is readily available to meet short term cash flow needs Risk that assets built by contractors do not meet specifications, or actual cost exceeds budget in excess of 50, TREAT Investments policy to be put in place. Only surplus funds invested, only short term breakable bonds TREAT Appoint Project consultant to oversee construction. Regular review of contract expenditure against budget. Report to. Risk that assets are not capitalised TREAT Asset Register and Accounting Policy in place. Asset values set Risk that depreciation rate is not appropriate TREAT Asset Register and Accounting Policy in place agreed with Accountants Fraud Risk that assets are misappropriated TREAT Asset Register and Accounting Policy in place Return Risk that the return on investments is not being maximized Risk that are not acting in accordance with their investment policy / powers (e.g. investing in high investments which are not in best interest of the Academy) TREAT Investment Policy to be put in place to monitor and Audit checks TREAT Investment Policy in place to monitor Internal checks Fraud Risk that stock is misappropriated TREAT Assets are security marked. Limited stock is kept. Auditors Auditors Auditors Internal Audit Internal Audit All staff

21 Category Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) 4.9 Debtors 4.10 Taxation Recoverability Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date Risks that debts are not recovered TOLERATE Debtors are not significant, therefore low of bad debts. Finance policy covers write off Risk that provision for doubtful debts is overstated / understated TOLERATE Debtors are not significant, therefore low of bad debts. Finance policy covers write off Completeness Risk that debtors record is not complete TOLERATE monitors debtors. Cut off Risk that debtors are accounted for in the wrong accounting period TOLERATE Training and Y/E procedures. Cut off procedures in place. Monthly forecasting and monitoring in place. Cash flow Risk that profile of aged debtors deteriorates which impacts on cash flow position Noncharitable trading Change in legislation Contractual commitments Risk that Academy is liable to tax on noncharitable trading activities Risk that Academy is not aware of changes in legislation Risk that Academy has entered into future commitments without having the future funding TOLERATE Aged Debtors listing is monitored by and Finance Officer TOLERATE Battling Brook has no non-charitable trading activities. Accounting systems accommodate noncharity activities TOLERATE Accountancy / Audit Services to advise TREAT Prepare 3-5 year models approval on Person(s) responsible for action Finance Officer Auditors Auditors

22 available to meet them large contracts required over 20, Related party Identification Risk that related party transactions/ transactions with connected persons are not identified TREAT Maintain Register of Business Interests. to declare at every meeting. Staff to declare termly. Disclosure Risk that related party transactions are not correctly or fully disclosed in the financial statements TREAT Maintain Register of Business Interests. to declare at every meeting. Clerk Category Sub Category Specific Likelihood of occurring (5 = High, 1 = Low) 4.13 Funds 4.14 Pension Impact if occurs (5 = High, 1= Low) Response (transfer, tolerate, treat or terminate Control procedures and target date Level of funds Risk that fund levels are too high / low TREAT Prepare 3-5 year budget models. Reviewed by. Risk that unrestricted funds are in deficit and restricted funds are in surplus TREAT Monthly monitoring of accounts Budgets and strategies approved by Endowment Risk that capital in permanent endowment N/A funds is not maintained Funding Risk that scheme is in significant deficit TOLERATE LGPS are government schemes with known s. Discretionary policies in place. Ill-Health early retirement insurance in place. Person(s) responsible for action Contribution Risk that employers contribution rate increases (Local Government) TREAT Budget for known increases. 3 year review. Increases in Employee contributions expected accounted for Risk that employers contribution rate TREAT Budget for known

23 increases (TPS) Risk that Academy is not making the correct contributions (TP & LGPS) increases. 3 year review. Increases in Employee contributions accounted for TREAT Payroll Service contract in place to ensure correct monthly and annual returns made to pension funds. Returns are Audited. TERMINOLGY LIKELIHOOD OF AN EVENT OCCURRING SCORE LOWEST RISK UNLIKELY TO HAPPEN 1 LOW RISK SMALL CHANCE IT MAY HAPPEN 2 MEDIUM RISK POSSIBLE IT MAY HAPPEN 3 HIGH RISK PROBABLE IT WILL HAPPEN 4 HIGHEST RISK LIKELY TO HAPPEN 5 IMPACT ON THE ACADEMY SCORE LOWEST IMPACT VERY LITTLE CONSEQUENCES/COST 1 LOW IMPACT SMALL EFFECT 2 MEDIUM IMPACT SIGNIFICANT CONSEQUENCES 3 HIGH IMPACT SERIOUS CONSEQUENCES 4 HIGHEST IMPACT CRITICAL 5 COMBINED SCORE OF LIKELYHOOD X IMPACT RISK RESPONSES Transfer: Tolerate: Treat: For some s the best response may be to transfer them. This might be done by conventional insurance, or it might be done by paying a third party to take the in another way. This option is particularly good for mitigating financial s of s to assets. The exposure may be tolerable without any further action being taken. Even if it is not tolerable, ability to do anything about some s may be limited, or the cost of taking any action may be disproportionate to the potential benefit gained. In these cases the response may be toleration. This option may be supplemented by contingency planning for handling the impacts that will arise if the is realised. By far the greater number of s will belong to this category. The purpose of treatment is not necessarily to obviate the, but more likely to take control action to contain the to an acceptable level. Such controls can be corrective, detective, directive or preventive (see glossary)

24 Terminate: Some s will only be treatable, or containable to acceptable levels, by terminating the activity. It should be noted that the option of termination of activities may be severely limited in the public sector when compared to the private sector; a number of activities are conducted in the public sector because the associated s are so great that there is no other way in which the output or outcome, which is required for the public benefit, can be achieved. Take the Opportunity:This option is not an alternative to those above; rather it is an option which should be considered whenever tolerating, transferring or treating a. There are two aspects to this. The first is whether or not at the same time as mitigating threats, an opportunity arises to exploit a positive impact. The second is whether or not circumstances arise which, whilst not generating threats, offer positive opportunities for example a drop in the cost