Docstoc

RISK CAPTURING TEMPLATE ed784991 156d

Document Sample
RISK CAPTURING TEMPLATE ed784991 156d Powered By Docstoc
					                                                                                                                                             ed784991-156d-43d3-a1d5-b64250e26eb5.xls


RISK RISK DESCRIPTION                                 COMMENT ON   RISK         PREVIOUS RISK    RISK CATEGORY         CONTROLS                      CONSEQUENCE          LIKELIHOOD    CURRENT RISK CONTROL         CHANGE IN    RISK OWNER           RISK STRATEGY   RISK              TREATMENT DUE
NO.                                                   RISK         IDENTIFIED   SEVERITY SCORE                                                          SCORE                SCORE      SEVERITY     EFFECTIVENESS   RISK                                              TREATMENT/S       DATE (MM/DD/YYY)
                                                                   (MM/DD/YYYY)                                                                                                         SCORE        SCORE
                                                                                                                                                                                        (RESIDUAL)


 1    Declines in service delivery standards due                     July 25, 2007    20         OPERATIONAL - HR Bursary Programme/                         5                  4            20             4        UNCHANGED HR Manager/             Transfer        To be confirmed    December 31, 2007
      to a shortage of adequately skilled nursing                                                & Training       Training interventions/                                                                                         Director
      staff                                                                                                       Quality reviews/ incident
                                                                                                                  reporting and analysis
 7    Inability to attract and retain skilled staff                  July 25, 2007    12         OPERATIONAL - HR Staff development                          4                  5            20             3         GETTING     HR Manager/          Reduce          To be confirmed    December 31, 2007
      impacting on service delivery standards                                                    & Training       schemes/ Funding                                                                                    WORSE       Director
                                                                                                                  obtained to 'top-up' base
                                                                                                                  pay levels for critical
                                                                                                                  positions/ Use of
                                                                                                                  recruitment agencies
 6    Death of patients due to medication errors                     July 25, 2007    12         CORE SERVICES - Recruitment and training                    4                  4            16             2         GETTING     Director: Clinical   Reduce          To be confirmed     December 1, 2007
                                                                                                 Clinical         programmes/ Incident and                                                                            WORSE       Services
                                                                                                 Effectiveness    near miss reporting in
                                                                                                                  RiskMan/ Incident
                                                                                                                  investigation process/
                                                                                                                  Prescription of high-risk
                                                                                                                  drugs managed by
                                                                                                                  experienced senior
                                                                                                                  medical staff.
 19   Harm suffered by customers/ patients due                       July 25, 2007     4         OPERATIONAL -    Maintenance programme/                     4                  4            16             2         GETTING     UNALLOCATED          Reduce          To be confirmed   September 30, 2007
      to malfunction of key medical equipment                                                    Facilities       Capital replacement                                                                                 WORSE
      (e.g. ventilators, heart monitor)                                                          Management       programme/ Staff training
                                                                                                                  in equipment usage


 25   Current IT systems lack adequate                               July 25, 2007    12         IT & SYSTEMS -       No controls in place                   3                  5            15             4         GETTING     Financial Manager Avoid              To be confirmed      January 15, 2008
      Management Information and Reporting                                                       System Functionality                                                                                                 WORSE
      capabilities, resulting in poor decision
      making and funds allocation.
 5    Death of patients due to delays in                             July 25, 2007    16         OPERATIONAL           Internal Audit review and             5                  3            15             2         IMPROVING   Operations        Reduce             To be confirmed   September 20, 2007
      admissions process                                                                                               redesign of Admissions                                                                                     Manager/ Director
                                                                                                                       process (2006)/ New
                                                                                                                       Patient Records IT system

 23   Life threatening patient care errors and                       July 25, 2007     9         CORE SERVICES -       Limit to shift length/                5                  3            15             2         GETTING     Director: Clinical   Reduce          To be confirmed      August 15, 2007
      omissions resulting from overworked/                                                       Clinical Risk         Enforced breaks during                                                                         WORSE       Services
      tired clinical staff.                                                                                            shifts/ Annual leave
 27   Loss of accreditation due to consistent                        July 25, 2007    15         CORE SERVICES         Staff recruitment and                 5                  3            15             2        UNCHANGED UNALLOCATED             Reduce          To be confirmed      August 30, 2007
      pattern of patient harm, caused by                                                         (CLINICAL)            training/ Limit to shift
      incorrect diagnoses and treatment plans.                                                                         length/ Approved
                                                                                                                       treatment regimes for
                                                                                                                       common medical
                                                                                                                       conditions/ Enforced
                                                                                                                       breaks during shifts/
                                                                                                                       Annual leave/ Junior
                                                                                                                       medical staff not permitted
                                                                                                                       to prescribe/ dispense
                                                                                                                       high risk medicines,
                                                                                                                       managed high risk
                                                                                                                       patients
 28   Lack of cash handling procedures and                           July 25, 2007    20         FINANCIAL - Billing   Patient Admissions IT                 3                  5            15             2         IMPROVING   Chief Financial      Reduce          To be confirmed     December 1, 2007
      controls resulting in misappropriation/                                                    & Debtors             system incorporates a                                                                                      Officer
      theft of funds.                                                                                                  billing module/ Daily
                                                                                                                       reconcilliation of tills in
                                                                                                                       pharmacy, admission
                                                                                                                       desks and canteen/
                                                                                                                       Internal Audit reviews/
                                                                                                                       Cash takings banked
                                                                                                                       daily, recorded on Finance
                                                                                                                       system
 24   Inability to meet demand for home-based                        July 25, 2007    12         OPERATIONAL -         No controls in place/                 3                  4            12             4        UNCHANGED Financial Manager Reduce                To be confirmed      August 15, 2007
      care due to shortages of fleet vehicles.                                                   Asset & Fleet         Volunteer driver
                                                                                                 Management            programme under
                                                                                                                       investigation/ Carers
                                                                                                                       transported by relatives
 10   Unplanned failure/s to core IT systems                         July 25, 2007     6         IT & SYSTEMS          BCP Plan in development/              4                  3            12             3         GETTING     IT Manager/ CIO      Reduce          To be confirmed     February 28, 2008
                                                                                                                       Off-site back-up of patient                                                                    WORSE
                                                                                                                       data/ Use of paper-based
                                                                                                                       records

 21   Competition from other institutions                            July 25, 2007     3         STRATEGIC             Medium term strategic                 4                  3            12             2         GETTING     CEO                  Reduce          To be confirmed     February 28, 2008
      (public and private) in terms of use of new                                                                      planning process/                                                                              WORSE
      medical technology, which may result in a                                                                        Ongointg research into
      decline in organisation’s standing, and                                                                          healthcare trends/
      hence patient and revenue growth.                                                                                Membership of indusrty
                                                                                                                       discussion forums
 30   Failure to meet financial reporting                            July 25, 2007     6         FINANCIAL -           Annual budgeting and                  3                  4            12             1         GETTING     Chief Financial      Reduce          To be confirmed    September 1, 2007
      deadlines resulting in non-compliance                                                      Reporting             reporting cycles defined/                                                                      WORSE       Officer
      with government/ Auditor General                                                                                 Monthly and annual
      requirements.                                                                                                    reporting processes/
                                                                                                                       Compliance and risk
                                                                                                                       management reviews
 12   Injuries, losses and interruptions caused                      July 25, 2007     5         STRATEGIC -           State Disaster                        5                  2            10             3         GETTING     Risk Committee       Reduce          To be confirmed     February 28, 2008
      by a natural disaster (floods, fires etc)                                                  Business Continuity   Management Processes/                                                                          WORSE
                                                                                                                       BCP in development/
                                                                                                                       Emergency Response dry-
                                                                                                                       runs
 26   Loss of customer records due to IT                             July 25, 2007     8         IT & SYSTEMS          BCP Plan in development/              5                  2            10             3         GETTING     IT Manager/ CIO      Reduce          To be confirmed     February 28, 2008
      system failure/ corruption of system data.                                                                       Off-site back-up of patient                                                                    WORSE
                                                                                                                       data/ Use of paper-based
                                                                                                                       records


                                                                                                                                                            Page 1 of 9
                                                                                                                                             ed784991-156d-43d3-a1d5-b64250e26eb5.xls




RISK RISK DESCRIPTION                                 COMMENT ON   RISK         PREVIOUS RISK    RISK CATEGORY        CONTROLS                       CONSEQUENCE          LIKELIHOOD    CURRENT RISK CONTROL         CHANGE IN    RISK OWNER           RISK STRATEGY   RISK              TREATMENT DUE
NO.                                                   RISK         IDENTIFIED   SEVERITY SCORE                                                          SCORE                SCORE      SEVERITY     EFFECTIVENESS   RISK                                              TREATMENT/S       DATE (MM/DD/YYY)
                                                                   (MM/DD/YYYY)                                                                                                         SCORE        SCORE
                                                                                                                                                                                        (RESIDUAL)


 8    Failure to deploy and manage resources                         July 25, 2007    20         STRATEGIC -          Annual business planning               5                  2            10             2         IMPROVING   CEO                  Reduce          To be confirmed     December 1, 2007
      effectively to meet required service level                                                 Strategic Planning   and budgeting process/
      standards                                                                                                       Zero based budgeting/
                                                                                                                      Expenditure review
                                                                                                                      committee/ Internal Audit

 15   Loss of patient records due to IT system                       July 25, 2007    12         IT & SYSTEMS         BCP Plan in development/               5                  2            10             2         IMPROVING   IT Manager/ CIO      Reduce          To be confirmed     February 28, 2008
      failures                                                                                                        Off-site back-up of patient
                                                                                                                      data/ Use of paper-based
                                                                                                                      records

 4    Legal claims resulting from breaches of                        July 25, 2007    20         STRATEGIC -        Secure storage and                       3                  3            9              3         IMPROVING   Legal and            Reduce          To be confirmed    September 1, 2007
      patient confidentiality requirements                                                       Compliance & Legal limited access rights to                                                                                      Compliance
                                                                                                                    patient records/ Patient                                                                                      Officer
                                                                                                                    consent forms/ Staff ethics
                                                                                                                    training
 22   Corporate failure of Hospital Food                             July 25, 2007     9         OPERATIONAL -      Service Level Agreement                  3                  3            9              3        UNCHANGED Operations              Reduce          To be confirmed      August 20, 2007
      Company, impacting on XYZ Hospital’s                                                       Purchasing and     with supplier/ Alternative                                                                                    Manager/ Director
      ability to meet in-patient nutritional (meal)                                              Supplies           suppliers investigated
      requirements.
 11   Research misconduct by scientist can lead                      July 25, 2007    10         CORE SERVICES -      Clinical Ethics committee/             3                  3            9              2         IMPROVING   Director: Clinical   Reduce          To be confirmed     November 1, 2007
      to patient harm, damage to institution’s                                                   Clinical Risk        Research review Board/                                                                                      Services
      reputation and loss of funding                                                                                  Independent researchers
                                                                                                                      not granted access to
                                                                                                                      research facilities/
                                                                                                                      Contract prohibiting
                                                                                                                      researchers from
                                                                                                                      communicating with press


 18   Severe injury/ death of staff due to                           July 25, 2007    16         OPERATIONAL -        Facilities Management                  3                  3            9              2         IMPROVING   Facilities Manager Reduce            To be confirmed   September 30, 2007
      workplace accidents caused by lack of                                                      Facilities           involvement with
      maintenance to public areas (lifts,                                                        Management           Worksafe programmes/
      stairwells, corridors etc.)                                                                                     Maintenance budget/
                                                                                                                      OH&S training/ Signage of
                                                                                                                      potential dangers/ Access
 14   Loss of public confidence in the                               July 25, 2007    20         STRATEGIC -          Communications Officer/                4                  2            8              3         IMPROVING   CEO                  Reduce          To be confirmed      August 20, 2007
      organization due to negative publicity                                                     Stakeholder          Public Communications
                                                                                                 Relations            Programme/ Researchers
                                                                                                                      and staff not permitted to
                                                                                                                      speak directly to press

 16   Organisation’s funding allocation from                         July 25, 2007    16         STRATEGIC            Annual budgeting and                   4                  2            8              3         IMPROVING   CEO                  Reduce          To be confirmed    December 31, 2007
      State is not sufficient to provide for                                                                          business planning
      increasing costs associated with provision                                                                      process/ Submissions of
      of current services, resulting in possible                                                                      strategic plans to
      decline in patient care levels, removal of                                                                      healthcare agencies/
      non-core services and/or decline in patient                                                                     Donations and
      numbers.                                                                                                        Sponsorship initiatives
 20   Organisational services not changing/                          July 25, 2007     5         STRATEGIC -          Medium term strategic                  4                  2            8              3         GETTING     CEO                  Reduce          To be confirmed     February 28, 2008
      adjusting to meet changing public and                                                      Strategic Planning   planning process                                                                                WORSE
      customer needs, resulting in a loss of
      patients and funding.
 2    Personnel job descriptions do not reflect                      July 25, 2007    15         OPERATIONAL - HR Alignment of job                           4                  2            8              2         IMPROVING   HR Manager/          Reduce          To be confirmed    December 31, 2007
      organisational needs, resulting in                                                         & Training       descriptions to balanced                                                                                        Director
      unqualified employees performing critical                                                                   scorecard for
      tasks.                                                                                                      organisation/ Annual
                                                                                                                  review of reporting
                                                                                                                  structures
 9    Inability to implement legislative changes                     July 25, 2007     8         OPERATIONAL -    Regulatory compliance                      4                  2            8              2        UNCHANGED Legal and               Reduce          To be confirmed     February 28, 2008
      in a timely manner                                                                         Health & Safety  workgroup/ Health Legal                                                                                         Compliance
                                                                                                                  updates/ Project                                                                                                Officer
                                                                                                                  Management Office
 17   Duplication of effort/ critical tasks not                      July 25, 2007    15         STRATEGIC -      Alignment of job                           2                  4            8              2         IMPROVING   HR Manager/          Reduce          To be confirmed    November 15, 2007
      completed due to overlap in staff                                                          Governance       descriptions to balanced                                                                                        Director
      responsibilities, lack of role clarity.                                                                     scorecard for
                                                                                                                  organisation/ Annual
                                                                                                                  review of reporting
                                                                                                                  structures



 29   Budget over-runs due to poor control of                        July 25, 2007    10         FINANCIAL            Annual budgeting process/              2                  4            8              2         IMPROVING   Chief Financial      Reduce          To be confirmed      August 25, 2007
      expenditure relating to the hospital                                                                            Monthly budget variance                                                                                     Officer
      expansion programme.                                                                                            reports/ Management
                                                                                                                      approval of all extrodinary
                                                                                                                      expenditures/ Internal
                                                                                                                      Audit reviews/ Financial
                                                                                                                      system reporting

 13   Failure to raise adequate philanthropic                        July 25, 2007     3         FINANCIAL            No controls in place                   2                  2            4              4         GETTING     CEO                  Reduce          To be confirmed       March 20, 2008
      funds to support ongoing outpatient care                                                                                                                                                                        WORSE
      programme.
 3    Ineffective marketing of aged care                             July 25, 2007    10         STRATEGIC -          Public Communication                   3                  1            3              3         IMPROVING   PR and Marketing Reduce              To be confirmed      October 16, 2007
      services and facilities leading to under                                                   Stakeholder          Programme/ Aged Care                                                                                        Manager
      utilised resources                                                                         Relations            Outreach Initiatives




                                                                                                                                                            Page 2 of 9
RISK CATEGORY

CORE SERVICES (CLINICAL)
CORE SERVICES - Clinical Effectiveness
CORE SERVICES - Clinical Risk
CORE SERVICES - Education & Training
CORE SERVICES - Emergency Services
CORE SERVICES- Consumer Participation
FINANCIAL
FINANCIAL - Billing & Debtors
FINANCIAL - Budgeting
FINANCIAL - Creditors and Payments
FINANCIAL - Reporting
IT & SYSTEMS
IT & SYSTEMS - Data Completeness
IT & SYSTEMS - Data Quality
IT & SYSTEMS - IT Security
IT & SYSTEMS - System Functionality
OPERATIONAL
OPERATIONAL - Asset & Fleet
Management
OPERATIONAL - Customer Services
OPERATIONAL - Facilities Management
OPERATIONAL - Health & Safety
OPERATIONAL - HR & Training
OPERATIONAL - Purchasing and Supplies

STRATEGIC
STRATEGIC - Business Continuity
STRATEGIC - Compliance & Legal
STRATEGIC - Governance
STRATEGIC - Stakeholder Relations
STRATEGIC - Strategic Planning
                                                         CONSEQUENCE

  SCORE   DESCRIPTION               FINANCIAL
                                    (Additional costs
                                    and/or loss of
                                    income)
    1          INSIGNIFICANT        < $10,000



    2              MINOR            $10,000 to $49,999




    3            MODERATE           $50,000 to
                                    $249,999




    4             MAJOR             $250,000 to
                                    $999.999




    5          CATASTROPHIC         >$1,000,000




            CONTROL EFEFCTIVENESS
SCORE     DESCRIPTION            PERCENT
                                 EFFECTIVE
    1     VERY EFFECTIVE CONTROL
          DESIGN, WELL
          IMPLEMENTED, PREVENT &
          DETECT RISKS/ BREACHES
    2     SOME CONTROLS IN PLACE,
          PARTIALLY EFFECTIVE

    3     FEW CONTROLS IN PLACE,
          POORLY FUNCTIONING
    4       NO CONTROLS IN PLACE, OR 10-20%
            CURRENT CONTROLS HAVE
            NO EFFECT

   RISK
STRATEGY
   Avoid
 Transfer
  Reduce
  Accept
       CONSEQUENCE

REPUTATIONAL                             LEGAL                             OPERATIONAL/ PROCESS




Little or no impact                      Little or no impact               Little or no impact



Sporadic localised unfavourable      Minor delays in meeting legal         Some inefficiencies and/or delays
publicity; No impact on staff morale requirements/ fulfilling SLAs         in delivery of support services and
                                     etc.                                  non-critical functions. No impact
                                                                           on client service standards.

Localised negative publicity;            Some breach of material terms     Inability to provide key support
Limited impact on staff morale;          of key contracts/ SLAs. Threat    services according to minimal
Managed by appropriate response          of legal action against           expected service levels (billing,
by Institution's PR/ Marketing           institution, but able to be       security; payroll, canteen; staff
function                                 resolved through negotiation/     training). No notable impact on
                                         remedial action by institution.   client service standards.

Significant/ continued negative          Noticeable increase in claims     Delays and inefficiencies in core
publicity in local/ regional press;      and legal liability; Most         processes and systems impacting
Low staff morale; Requires               exposures covered by existing     significantly on customer service
intervention of Institution's            insurance cover                   levels. Increased risk of serious
Executive/ CEO to answer public                                            client injury, disability etc.
concerns
Significant/ continued negative          Significant increase in volume    Critical processes/ systems not
publicity in national press; Low staff   and value of legal exposures      available for extended period.
morale resulting in loss of key staff;   and claims; Critical services     Inability to perform core client-
Permanent loss of patient trust;         impacted by cancellation of       facing functions. Prolonged
Withdrawal of funding/ key grants        supplier contracts; Exposures     inability to provide basic services.
etc.; Possible intervention of           not covered by current            Possibility of client death due to
Minister                                 insurance cover                   interruptions to basic services.
                   LIKELIHOOD

SCORE    DESCRIPTION                EXAMPLE




  1     RARE           Highly unlikely to occur in next 5
                       years. No history of adverse event
                       in organisation.
  2     UNLIKELY       Event not likely to occur in next 12
                       months, but there is a slight
                       possibility of occurrence.


  3     POSSIBLE       50% chance of occurrence in next
                       12 months.




  4     LIKELY         There is a strong likelihood that the
                       event will occur at least once in the
                       next 6-12 months. History of
                       event/s in institution or similar
                       organisations.

  5     ALMOST         The adverse event will definitely
        CERTAIN        occur, probably multiple times in a
                       year.
POSITION
Board of Directors
CEO
Chief Financial Officer
Facilities Manager
Director: Clinical Services
Financial Manager
Head of Nursing
HR Manager/ Director
Internal Audit Manager
IT Manager/ CIO
Legal and Compliance Officer
Operations Manager/ Director
PR and Marketing Manager
Risk Committee
Risk Manager
UNALLOCATED

				
DOCUMENT INFO