• cymraeg

• UK Snapshot
• Neighbourhood
• Economy
• Census
• About ONS
• Jobs

Managing risk has four components: identifying risk; assessing the likelihood of the risk; assessing the impact of the risk, and developing appropriate mitigation strategies. A risk management strategy would aim to provide a structured way of ensuring all material risks were identified, prioritised and reacted to appropriately. The Office for National Statistics (ONS) is currently reviewing its overall risk management strategy to ensure:

• it is comprehensive, and scaled throughout the organisation

• risks are identified and monitored

• the monitoring mechanism is effective at signalling changes in the status of a known risk

• effective reporting and decision making mechanisms are in place to take the appropriate response punctually

• evaluation and feedback strategies are in place to continuously review and improve risk management practices

• training, systems and communication strategies are in place to support an effective strategy

• it integrates with risk management strategies of other stakeholders

The current ONS approach to risk management has the following features:

• risk management is largely devolved to the relevant business area

• each business area within ONS produces an annual business plan, including a risk register which is used in organisational planning and monitoring. Development of the risk register is generally done formally in the case of new developments, or the implementation of significant changes. As project management training and support is provided more widely, processes within business areas will become more structured and comprehensive

• as part of revised arrangements following a review of risk management within ONS, it is intended that risks of strategic corporate significance will be flagged by business areas and the risk status reported monthly to the executive as part of a monthly report on progress against financial and business objectives. Remaining risks are monitored and managed within the line area

• environment scanning for emerging risks is in place in business areas and corporately

• potential corporate risks are reviewed at weekly executive meetings and, where appropriate, flagged as ongoing risks to be managed

• training in risk management is being developed and implemented as part of the implementation of effective project management across the organisation. Tools for project management which include risk management are also being developed and implemented

• a senior, responsible owner of a corporate risk management strategy for financial risk and another for business risk, have been established at Board level in ONS, with responsibility to develop, implement, monitor and continuously improve corporate risk management strategies for the organisation

• it is intended, that as part of ONS business risk management, executive consideration be given to monitoring and taking action on key areas of risk to business. Once a year, the executive will consider a report on the major issues of concern arising during the year, whether they were on the risk register, and if so, why the action taken in their regard proved inadequate