Raising standards of governance – the risk register
An existing client’s risk register had become overly complex and timely to monitor. We was engaged to consider how it could be streamlined. At the time of the review, the scheme was in the process of:
- Outsourcing administration from the in-house team to a third-party provider;
- Assessing the DC section of the scheme for a potential bulk transfer to a Master Trust.
After reviewing the existing risk register and discussing the ongoing issues and activities of the scheme with the Chair and the respective heads of the various working groups, it was agreed to split the risk register into three different registers;
- The main strategic risk register which would continue to be monitored by the Board;
- Two operational risk registers to be monitored by the respective working parties.
Our Team identified and evaluated the key strategic risks on the main register:
- Some of the existing items were merged;
- Mitigations were put in place to reduce risk;
- Key actions were agreed on how the newly categorised risks would be managed and monitored;
- The post-mitigation scores were summarised on a risk grid to provide an “at a glance” overview for the Trustee;
- Essential quarterly monitoring was established to review the risks as projects progressed.
Despite undertaking two major projects simultaneously, the revised approach to risk registers enabled the Board to focus at a high level on its strategic risks, which included covenant, funding and investment risks. The working groups had their own operational risk registers which allowed them to focus on the key actions necessary to see the projects through to completion.