Download presentation
Presentation is loading. Please wait.
Published byTerence Newton Modified over 9 years ago
1
Public Policy and Risk Management: Lessons in Implementation Andrew Graham School of Policy Studies Queens University
2
2 My Objective Today My Objective Today: To share some recent research on risk management implementation by The Conference Board of Canada and Deloitte & Touche
3
3 Scope and Nature of the Research Focused on how to implement integrated risk management: plenty of policy frameworks out there: challenge was making them work Sample of organizations world-wide: not scientific Anecdotal: looking for experience and what was learned not for quick fix or best practice Focus on total organization, not financial or controllership elements – key to integration Guided by public sector sponsors including Management Board, Ontario My role: lead researcher for The Conference Board
4
4 Key Findings: Where Risk Management Fits Risk management is a necessary part of public policy and operational management: it happens or it is managed Risk management is only implemented when all elements of the organization are involved, not just corporate or audit Expectations of political leaders about risk vary considerably but general messages around: –Expectations that public service will identify risks, preferably in a systematic fashion –Distaste for surprises –General level of comfort goes up when systematic risk management is practiced –Will always expect solutions or recommended courses of action –Concern for language, context and publicity
5
5 Key Findings: Implementation LeadershipLeadership is key, but complex: –Governance –Guidance –Accountability Whole Meal DealWhole Meal Deal: risk identification alone is dangerous – must create a system that has risk identification, mitigation and communications as a single package and activity Build for Transparency:Build for Transparency: Assume and act as if all documentation will be public Fitting It In:Fitting It In: Less about cultural change and more about adapting to existing cultures: “We all do risk management now. So what is so different?”
6
6 Key Findings: Implementation Staff trainingStaff training and support in using simple tools of risk analysis creates a common language Takes timeTakes time: cannot be flavour of the month: “Just another management tool.” Stakeholder engagementStakeholder engagement: systematic and long term risk management means inevitably engaging stakeholders and being more transparent Risk tolerancesRisk tolerances: search for quantification and rigid limits is often fruitless and dangerous in public sector: dynamic and nuanced process: –Role of internal leadership in vetting and guiding –Role of external engagement –Avoiding the mythologies of science and definitiveness –Role of demonstrable process
7
7 Implications for Policy Advisors and Analysts Systematic risk management is often about bring the full picture to decision makers Avoiding either “the elephant in the room” avoidance syndrome or listening only to the “danger establishment” (Aaron Wildavsky) Risk mitigation and communication: serves policy and political ends Engagement of stakeholders in risk determination: need to establish governance and rules of engagement Use of risk management tools in priority setting: address the red boxes first, stupid! Systematic or integrated risk management is a way of getting ahead of the curve
8
8 Publication of the detailed results out shortly. More information available on risk management through The Conference Board of Canada at www.conferenceboard.ca
9
9 The School of Policy Studies For more information on The School of Policy Studies and this research, you can reach me at grahama@qsilver.queensu.ca or http://www.queensu.ca/sps/faculty/andrewgraham/home.shtml
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.