Skip to main content Skip to navigation

Governance

Risk Management

Risk management is concerned with managing the effects of uncertainty. This uncertainty can manifest as a threat or an opportunity in relation to our goals and objectives. Risk management operates across the University and is central to the achievement of objectives at both strategic and operational level. The University is committed to ensuring that it has a robust and comprehensive system of risk management in line with the requirements of the Office for Students, and follows good practice in risk management. For more information on what risk is and how it is managed, please refer to the 'What is Risk Management' guide at the side of this page.

Risk Management at Warwick

The Risk Policy (approved by Council in July 2018) outlines the current approach of the University to risk management and the general responsibilities of those involved in managing and overseeing risk. To view the policy please refer to the 'University Risk Management Policy' at the side of this page.

Risk Management for Departments

Risk management in departments is undertaken as an integral part of the Strategic Planning Process. Departments within professional services (PSG), the commercial group (CCSG) and the faculties, actively identify, scope, manage and report on the risks to their objectives using the approved 'Risk Register Template & Scoring Guidance', which can be found at the side of this page. The central Risk & Resilience Team support departments to scope and review their risks on a regular basis. Department/Faculty meetings and inter-departmental forums allow for focused and shared understanding of significant risks and thematic risks. If risks are particularly concerning, they can be escalated to the University Executive Board for further consideration using the 'Risk On a Page - Escalation' template, which can be found at the side of this page.

Further Information & Guidance

Whilst the documents provided at the side of this page provide an overview of how risks should be managed across the University, the Risk & Resilience Team encourage staff to contact them to discuss their specific risk management needs in their area. The team is able to offer guidance and advice in the form of meetings, workshops and presentations, and can develop bespoke sessions to focus on issues pertinent to individual departments.

If you would like to discuss this further, please contact:

Chris Griffin, Head of Risk and Resilience (Christopher.Griffin@warwick.ac.uk)

Kimberly Jebson-Hambly, Risk and Resilience Manager (Kimberly.Jebson-Hambly@warwick.ac.uk)

Lauren McCleary, Risk and Resilience Manager (Lauren.McCleary@warwick.ac.uk)

Salma Ahmed, Resilience and Governance Officer (Salma.Ahmed.1@warwick.ac.uk)

or email risk.management@warwick.ac.uk.

Risk Management FAQs

Why might I need to assess and manage risks?

Risk Management practices allow for threats to objectives and outcomes to be identified, assessed and mitigated. This allows for better oversight of the things that threaten what you’re trying to achieve.

What is the difference between a risk and an issue?

A risk is something that may happen. An issue is something that is already happening.

How do I score a risk?

The 'Risk Register and Scoring and Treatment Guidance' clearly explains the difference between likelihood and impact and provides indicative guidance for all risk categories.

Will my scoring be the same as someone else’s?

Risk scoring is somewhat subjective, but adherence to our scoring guidelines will ensure consistency.

Once I’ve identified the risks, is that enough?

Risk identification and risk scoring should be dynamic. Any measures which help to reduce (mitigate) the likelihood and/or impact of your risk, should also be detailed. If your mitigating measures are positively impacting the risk, then you can reduce your score. Likewise, if there is evidence to say that the likelihood or impact are increasing, you can increase your risk score. Ongoing review of your risks is vital to ensure they are an accurate reflection.

What is the added value?

The risk management framework allows for risks to be escalated, via Governance processes. The Risk and Resilience Team can be contacted to explain this, further. Risk identification and management ensures that decision making is defensible and that the right resources (often being the resource of time) follow higher scoring risks.

Is this the same as Risk Assessment?

A department may assess Health & Safety risks, such as slips, trips and falls, to promote a safe working environment. This is different to risk management via a risk register, which allows for risks to strategic outcomes to be managed.

How do we embed risk management?

Consider how risk register discussions can fit into existing forums and meetings to better increase visibility. 

What is Risk Management: A Visual GuideLink opens in a new window

Risk Register Template & Scoring and Treatment Guidance

Risk escalation process flow

University Risk Management Policy

Travel risk management policy and pre-travel risk assessment

Approved Risk Appetite Statements

Risk On a Page - Escalation template

Other Guidance

"The Orange Book: Management of Risks - Principles and Concepts"Link opens in a new window

Strategic Planning and Analytics OfficeLink opens in a new window