Welcome to Bedford Borough Council

Our Services A - Z :

You are here: Home Page > Advice and Benefits > Risk Management and Insurance

Risk Management and Insurance

The risk management team co-ordinates risk-related functions for Council services and schools. The team provides risk management support and advice on establishing effective risk management for services, projects, and partnerships. It also provides insurance support.


What is Risk Management? 

“Risk is the threat that an event or action will adversely affect the organisation’s ability to achieve its objectives and successfully execute its strategies.”

Risk Management is the identification, analysis & control of risks which may threaten an organisation or the services it provides. It is important to note that risk management is about taking well managed risks to maximise opportunities and to enhance Council services.

Risk has two dimensions that need to be jointly assessed to determine the magnitude of risk;

  • Likelihood: the possibility that the risk will occur; and
  • Impact: the consequences if the risk were to occur


The likelihood of an event multiplied by the impact of it occurring equals the risk score. This is quantified by using a risk scoring chart (matrix). The calculated outcome of these two factors is the level of risk for each activity. Once a risk is identified you must decide the best strategy to manage it, e.g. do you accept the risk, avoid it or put actions & controls in place to mitigate the risk to an acceptable level.


Why practice Risk Management?

  • Helps to ensure the achievement of objectives
  • Enables improved & more informed decision making
  • Ensures better use of resources
  • Good management practice – helps you to take acceptable risks to be innovative & improve service delivery
  • Protects the Council’s reputation
  • Better accountability & monitoring


How does the Council manage risk effectively?

The Council manages risk in a number of ways. Examples include:

· A corporate framework for risk management

· Strategic and departmental risk registers, updated quarterly 

· Strategy and Policy updated annually

· Training and education opportunities for managers and staff

· Active implementation of Health and Safety legislation

· Implementation of emergency plans and business continuity plans

· Compliance with Civil Contingencies Act 2004 legislation


Identifying Risks

A key part of the risk identification process is understanding the sources (root cause) of a particular risk.

Some of the key areas are listed below;


Types of Risk

  • Strategic Failure to deliver a key strategic objective;
  • Operational Risks that relate to the delivery of a service or project;
  • Information  Risks that relate to loss or inaccuracy of data systems or reported information;
  • Reputation Risks that relate to the Council’s brand image;
  • Financial Risks that relate the insufficient funding, losing monetary  resources or incurring unacceptable liabilities;
  • HR/People Risks associated with employees, management and to the well-being of the public;
  • Regulatory Risks related to regulatory environment;
  • Contractual Risks related to the management of service contracts;
  • Technological Risks related to the use of technology/systems as part of  service delivery;
  • Communication Risks related to communication with and between a range of external and internal audiences;
  • Health & Safety Risks associated with stakeholder welfare;
  • Fraud Risks related to unlawful activities


6 Key Questions for Identifying Risks

  • What do you want to achieve, what will stop it being achieved?
  • What is the potential cost to time, money and performance?
  • How likely is it to happen?
  • What are the impacts of each risk?
  • What is the source of the risk?
  • What can be done to reduce/control the risk?


Methods of managing risk

Avoid - remove risk completely, usually by ceasing an activity

Reduce Likelihood – putting controls in place to reduce the frequency of the risk occurring

Reduce Impact – putting controls in place to reduce the negative effects

Transfer the risk – usually financially, through insurance or outsourcing to a specialised company

Accept the risk – and its potential consequences, only when impact and likelihood are low

The more information you have about risk, the more informed decisions you can make as to the best way to manage it. For example, avoiding risk altogether by not performing an activity could mean that you are losing out on opportunities and not maximising organisational benefits. Also, some risk reduction strategies may not be cost-effective. Transferring risk can be advantageous but it can also create new risks which may have to be managed. 


What is a Risk Register?

A risk register is a tool used to effectively identify, prioritise, manage and monitor risks for a specific directorate, service, project or partnership. It allows a risk to be given a value depending on the likelihood of occurrence and the impact that the risk may have.

Risk registers are a live document which should be monitored & reviewed on a regular basis to identify any changes to risk profile and to review the effectiveness of controls & actions.


Why do we use Risk Registers?

  • Assists in identifying managed and unmanaged risks
  • Provides a systematic approach for managing risks
  • Assists in implementing effective and efficient controls
  • Identifies responsibilities
  • Assists in identifying risks at the planning stage and monitoring the risks
  • Assists in focusing on objectives


Don't Miss

council tax

This section provides a range of information from benefits and welfare rights to council tax and trading standards.


Stay Connected
Sign up for email alerts!