NIPS Annual Report and Accounts 2012-13 - Department of Justice
NIPS Annual Report and Accounts 2012-13 - Department of Justice
NIPS Annual Report and Accounts 2012-13 - Department of Justice
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
ANNUAL<br />
REPORT<br />
<strong>and</strong> <strong>Accounts</strong><br />
60<br />
RISK MANAGEMENT AND INTERNAL CONTROL<br />
Risk management forms a central element <strong>of</strong> the<br />
department’s internal control framework. Risks are<br />
managed at the level most able to deal with them,<br />
with the most serious being escalated to PSMB.<br />
During <strong>2012</strong>-<strong>13</strong> corporate risks were identified,<br />
assessed, addressed <strong>and</strong> reviewed. Each directorate,<br />
establishment, <strong>and</strong> branch has their own risk register<br />
which is continually under review <strong>and</strong> formally<br />
updated quarterly.<br />
Risk management is also embedded within the<br />
business planning process <strong>and</strong> staff are trained<br />
<strong>and</strong> equipped to manage risk in a way appropriate<br />
to their authority <strong>and</strong> duties. PSMB approved<br />
an updated Risk Appetite <strong>and</strong> Risk Management<br />
guidance document in March.<br />
The ongoing revision <strong>of</strong> the Corporate Governance<br />
Framework sets out the structures <strong>and</strong> arrangements<br />
to ensure that risk <strong>and</strong> planning decisions are<br />
appropriately identified evaluated <strong>and</strong> controlled.<br />
This framework describes the terms <strong>of</strong> reference for<br />
PSMB, OMB, <strong>and</strong> ARC. By doing so, it ensures that<br />
the allocation <strong>of</strong> risk oversight is well documented<br />
<strong>and</strong> clear at all levels <strong>of</strong> the organisation. The <strong>NIPS</strong><br />
Risk Management guidance document, which aligns<br />
with the relevant DFP guidance, establishes in more<br />
detail what is required <strong>of</strong> staff <strong>and</strong> the varying levels<br />
<strong>of</strong> oversight responsibility throughout the Service.<br />
Controls in place to monitor risk are set out below:<br />
• PSMB reviews <strong>and</strong> evaluates corporate level<br />
risk registers. In addition, the Board provides<br />
oversight to the corporate <strong>and</strong> business planning<br />
process by assessing <strong>and</strong> reviewing objectives<br />
<strong>and</strong> key performance targets established for the<br />
Service.<br />
• ARC, which is chaired by a Non-Executive<br />
Director, met four times during the <strong>2012</strong>-<strong>13</strong><br />
financial year. The ARC reviewed Board-level<br />
risks, as well as instances <strong>of</strong> fraud, <strong>and</strong> provided<br />
assurance to PSMB <strong>and</strong> the Accounting Officer<br />
throughout the year.<br />
• Heads <strong>of</strong> Branch, <strong>and</strong> the Heads <strong>of</strong> Management<br />
Support Services in establishments, conduct risk<br />
management assessments in all areas <strong>of</strong> activity<br />
<strong>and</strong> review their local risk registers on a quarterly<br />
basis.<br />
• Project risks are identified <strong>and</strong> managed by<br />
respective Project or Programme Managers<br />
<strong>and</strong> are reviewed by the relevant Project or<br />
Programme Boards.<br />
• South Eastern Health <strong>and</strong> Social Care Trust (SET)<br />
has lead responsibility for prisoner healthcare. A<br />
Regional <strong>NIPS</strong> Corporate Governance Committee,<br />
chaired by the Director <strong>of</strong> the SET <strong>and</strong> reporting<br />
to the Trust’s Governance Committee, has been<br />
operated throughout the year.<br />
• The Service has used the Gateway Review<br />
process to assist in the management <strong>of</strong> risk on<br />
the ongoing reform programme.<br />
• The Service measures <strong>and</strong> reports compliance<br />
with departmental guidance on the use <strong>of</strong><br />
consultants to the ARC.<br />
• An up-to-date register is in place to record<br />
conflicts <strong>of</strong> interest.<br />
• The Service has a procurement policy in place.<br />
<strong>NIPS</strong> <strong>of</strong>ficials attend the DOJ Procurement<br />
Forum <strong>and</strong> the DOJ Procurement Board.<br />
The aforementioned methods to monitor risk<br />
have proved effective in identifying risks quickly as<br />
they arise throughout the year. This can be seen<br />
through the regular updating <strong>of</strong> the risk register<br />
<strong>and</strong> the speed with which actions are put in place<br />
to mitigate these risks. <strong>NIPS</strong> conducted a review<br />
<strong>of</strong> its Risk Appetite which was approved by PSMB<br />
in February. This document detailed the tolerance<br />
for risk which <strong>NIPS</strong> has allowed in various business<br />
areas. This includes having a high risk appetite<br />
for policy related areas, as well as some elements<br />
<strong>of</strong> Human Resources. In contrast, other Human<br />
Resource elements, such as recruitment or equality,