Risk Management – Follow Up

Background

Processes to identify, assess, prioritise and manage risk are fundamentally important in achieving organisational goals.  Corporate risk management processes focus on reducing, mitigating or otherwise managing the uncertainties faced in delivering strategic and key operational objectives.  Effective risk management embraces processes at corporate, departmental and service levels. 

In 2017, the then Comptroller and Auditor General (C&AG) undertook a review of the States of Jersey’s approach to risk management.  The C&AG found that, whilst work had been undertaken to create a risk management framework, the effective management of risk was not adequately embedded across the States.  The 2017 report Risk Management made 18 recommendations, all of which were accepted for implementation by the States. 

The Government of Jersey launched a new Risk Management Strategy during 2019. This Strategy was further updated in March 2022. 

This review has followed up recommendations made in 2017.  I have considered arrangements at the corporate level as well as at departmental level.  In considering departmental arrangements, I have reviewed three specific departments – Health and Community Services (HCS), the Chief Operating Office (COO) and the Probation and After-Care Service. 

Scope

The review has evaluated: 

• the arrangements established to manage and monitor the implementation of the recommendations contained in the 2017 report 
• the progress the States of Jersey have made in implementing the agreed recommendations 
• the effectiveness of corporate arrangements for managing risk.  These include arrangements for escalation of risks from departments and from other bodies whose accounts are consolidated in the financial statements of the States; and 
• the effectiveness of arrangements for risk management within departments.  

The review has not considered risk management relating to:  

• strategic investments, the results of which are excluded from the States Accounts (Jersey Telecom, Jersey Post, Jersey Water and Jersey Electricity); and 
• the States’ pension funds. 

The review has also not considered the management and mitigation of investment risk (for example relating to the Strategic Reserve and the Social Security (Reserve) Fund). 

Conclusions

Risk management in the States of Jersey has continued to develop since the 2017 C&AG Report. Effective implementation of the Risk Management Strategy and of the recommendations in this report will be key to embedding risk management as an integral tool of management.