document title risk management policy · document title risk management policy reference number...

Document Title Risk Management Policy

Reference Number NTW(O)33

Lead Officer Lisa Quinn

Author(s)

Anna Foster

Head of Performance and Assurance

Ratified By Trust-wide Policy Group

Date Ratified May 2015

Implementation Date June 2015

Date of full implementation

June 2015

Review Date June 2018

Version Number V04

Review and Amendment Log

Version Type of Change

Date Description of Change

V04 Review Jun 15

Updates to Sections 3, 4, 7, 10

Updated Standard Appendices A, B and C

This Policy supersedes the following documents, which must now be destroyed:

Reference Number Title

NTW(O)33 – V03.5 Risk Management Policy

Risk Management Policy

Section Content Page No:

1 Introduction 1

2 Purpose 1

3 Definitions 2

4 Duties, Accountabilities and Responsibilities of Staff 4

5 Organisational Responsibilities for the Management of Risk

6

6 Risk Management Process - Overview 8

7 Risk Identification and Risk Assessment Tools – clinical risk assessment, clinical environmental risk assessment (CERA) and general risk assessment.

9

8 Risk Evaluation / Measurement 11

9 Risk Mitigation and Risk Escalation 11

10 Risk Monitoring and Review 14

11 Training 14

12 Consultation and Communication with Stakeholders 15

13 Equality and Diversity Impact Assessment 15

14 Implementation 15

15 Monitoring and Compliance 16

16 Standards / Key Performance Indicators 16

17 Fair Blame 16

18 Fraud, Bribery and Corruption 16

19 Associated Documents 17

20 References 17

Standard Appendices - attached to Policy

A Equality Analysis Screening Toolkit 18

B Training Checklist and Training Needs Analysis 20

C Audit and Monitoring Tool 22

D Policy Notification Record Sheet - click here

Appendices - listed separate to Policy

Appendix No Description Issue Date Issued

Review Date

Appendix 1 Risk Registers 1 Jun 15 Jun 18

Appendix 2 Executive Portfolio 1 Jun 15 Jun 18

Appendix 3 Trust Governance Structure 1 Jun 15 Jun 18

Appendix 4 Quality and Performance Terms of Reference

1 Jun 15 Jun 18

Appendix 5 Clinical Environment Risk Assessment

2 Mar 16 Jun 18

Appendix 6 General Risk Assessment Form 1 Jun 15 Jun 18

Appendix 7 Evaluation and Measurement of Risk

1 Jun 15 Jun 18

http://nww1.ntw.nhs.uk/services/?id=2550&p=2780&sp=1

NTW(O)33

1 Northumberland, Tyne and Wear NHS Foundation Trust NTW(O)33 – Risk Management Policy– V04 –Upd Index – Mar 16

1 Introduction 1.1 Risk Management - identifying, analysing, evaluating, treating and monitoring

risks - is everybody’s responsibility. All staff have a responsibility to understand risks relating to their job and to know what to do when risks are identified or a risk increases or changes. The key to effective risk management is knowledge of where risks lie, having a measure of them, knowing their potential effect on the organisation and having an adequate and agreed level of control over them. This policy therefore sets out how to identify and quantify risks and thereafter to minimise, eliminate or accept risks to patients, staff, Northumberland, Tyne and Wear NHS Foundation Trust (the Trust / NTW) and third parties, using a consistent approach to risk management in clinical and non-clinical services. (Note that in this document the terms patient and service user should be considered interchangeable).

1.2 The Board of Directors recognises that risk management is an integral part of

good management practice and, to be most effective, should be part of the culture of the Trust. The Board of Directors are committed to ensuring that risk management is an integral part of its philosophy, practices and business plans, rather than being viewed or practiced as a separate activity, and that responsibility for implementation is accepted at all levels in the organisation

2 Purpose 2.1 This Risk Management Policy has been written to comply with health and

safety regulations. The Management of Health and Safety Regulations 1999 place an obligation on employers to identify and then control risks, before incidents occur, through a suitable and sufficient assessment of the risk. They require all employers and self-employed people to assess the risks to staff / patients and any others who may be affected by their work or business. This should be a proactive process, rather than a reactive plan and the most significant risks should be documented.

2.2 This Policy also supports the Trust’s Risk Management Strategy, which

describes the Trust’s strategic objectives; the identification of the key corporate risks which could prevent us achieving our strategic objectives; how these risks will be managed; how risk management is integrated into the Trust’s governance arrangements; and plans to improve our risk management processes in the interests of patient safety, the safety of our staff and others and to ensure that the Trust is a sustainable and consistently high performing organisation.

NTW(O)33


3 Definitions of Terms Used 3.1 What is Risk? 3.1.1 Risk is defined as “the possibility of incurring misfortune or loss” and can be

associated with people (service users, visitors, staff and contractors), buildings and estate, equipment and consumables, systems and management.

3.1.2 Risks are sometimes categorised as “strategic” - those that represent a major

threat to achieving an organisation’s strategic objectives or to its continued existence; or “operational” - those related to the day-to-day running of an organisation. In the NHS they are also often categorised as “clinical”, which deal with individual service user and general clinical care provision; or non-clinical, which can involve the activities of people, the environments they occupy and visit, or wider risks which affect, for example, financial viability, quality standards, service continuity, the organisation’s reputation, litigation etc.

3.2 What is Risk Management? 3.2.1 Risk management can be defined as “the systematic application of policies,

procedures, methods and practices to the tasks of identifying, analysing, evaluating, treating and monitoring risk”

3.2.2 Risk management is everyone’s business - the Trust manages risk in a

holistic way and the risk management process deals with all risks, clinical, non-clinical, financial and organisational. The aims of effectively managing risk are to:

Provide a safe, high-quality service for service users; Minimise the human costs of risks i.e. to protect service users,

visitors and staff and contractors from risks, where reasonably practicable;

Ensure the management of risk is consistent with, and supports

the achievement of the Trust’s strategic objectives; Initiate action to prevent or reduce the adverse effects of risk; Meet statutory and legal obligations; Improve compliance with the requirements for registration with

the Care Quality Commission and current risk management standards;

Minimise the financial and other negative consequences of

losses and claims, for example, poor publicity and loss of reputation;

NTW(O)33


Minimise the risks associated with new developments and activities.

3.3 What is Risk Escalation? 3.3.1 This Policy emphasises that risks should be controlled and managed at the

lowest possible level in the organisation. Most operational risks can normally be managed at ward and department level, as control measures should reduce risks to an acceptable level (see Appendix 6 – Risk Classification and Further Action based on Risk Grading – for a description of insignificant and acceptable risks). However, where a risk identified at a particular level in the Trust cannot be controlled or managed at that level it should be escalated up to the next level for review and, where appropriate, for management of that risk.

3.3.2 This Policy also sets out that where a risk has a risk score higher than an

agreed value it should be referred to the next level - for information. The higher level can decide to manage any of these risks, bearing in mind the underlying principle in this Policy that risks should be controlled and managed at the lowest possible level. Evidence of these risks being discussed should be recorded in appropriate Meeting Minutes. The risk escalation process in the Trust is explained in more detail in Section 9.

3.4 What is a Risk Register? 3.4.1 A risk register is a log of risks of all kinds that threaten the delivery of

objectives and the delivery of services. It should be a ‘live’ document which is populated through the risk assessment and evaluation process. Risk registers should operate at all levels of the Trust – at local ward / department level, major projects and programmes, Directorate, Group and Corporate level. Templates for risk registers are provided at Appendix 1. However, the use of electronic risk registers using the Safeguard Risk Management System is being rolled out.

3.5 What is a Risk Owner? 3.5.1 A risk owner is the accountable person in an organisation who has

responsibility to manage, control and review a risk on a regular basis. This will not always be the person who has identified the risk and will depend on the severity and impact of the risk on individuals or the organisation. The risk owner will be clearly identified on the Risk Register.

3.6 What is Risk Review? 3.6.1 Risk reviews should be undertaken via the Safeguard System on a regular

basis by the risk owner or risk group to continually assess the likelihood of the risk occurring, the potential impact of the risk, the controls in place to manage the risk and any action that has been identified to reduce or eliminate the risk.

NTW(O)33


3.6.2 The electronic Safeguard System has a review function which will allow risks to be monitored by their review date. A timeline exists between creating or opening a risk and where controls have been introduced to reduce or eliminate the risk.

3.7 What is the Board Assurance Framework? 3.7.1 The Board Assurance Framework is a tool that sets out the high level risks for

each strategic objective, along with the controls in place to manage those risks; the assurances available to the Board of Directors that the controls are effective and progress is being made in delivering the objective; and actions to address any gaps in controls or assurance.

4 Duties, Accountabilities and Responsibilities 4.1 All staff in the Trust have responsibilities relating to risk management. The

portfolios of the Executive Team are attached as Appendix 2. Some officers have specific responsibilities as outlined below.

4.2 Chief Executive Officer (CEO)

4.2.1 The Chief Executive as “accountable officer” has overall accountability and responsibility for risk management within the Trust, ensuring the implementation of an effective risk management system, the development of the governance structure and meeting all statutory requirements. The CEO must sign an annual Statement of Internal Control, a main element of which covers the Trust’s risk and control framework.

4.2.2 The CEO will ensure that appropriate accountability statements for risk

management and governance are in each Group Director’s job description and that all Group Directors have effective arrangements in place to address actions relating to corporate risks where they are the risk owner and to manage their Directorate Risk Registers.

4.3 Executive Director of Finance 4.3.1 The Executive Finance Director is designated as the accountable and

responsible officer for implementing the overall system of internal control in the Trust.

4.4 Executive Director of Performance and Assurance

4.4.1 The Executive Director of Performance and Assurance has responsibility to ensure that the Trust has a robust Risk Management Strategy and Policy in place, integrated with the Trust’s Strategic Integrated Business Plan and the Trust’s governance structure and arrangements. This includes ensuring that there is a robust and effective Board Assurance Framework.

NTW(O)33


4.5 Executive Director of Nursing and Operations

4.5.1 The Executive Director of Nursing and Operations has responsibility for all nursing and operational services. The Executive Director of Nursing and Operations is supported by the Group Directors who work with clinicians and other staff to ensure the effective delivery of services, the management of operational Groups’ provision.

4.6 Deputy Director of Performance and Assurance 4.6.1 The Deputy Director of Performance and Assurance, reporting to the

Executive Director of Performance and Assurance has responsibility for the development and day-to-day management of the Trust’s Corporate Risk Register and Board Assurance Framework.

The post also has responsibility for reviewing, developing and embedding the Risk Management Strategy and Risk Management Policy across the Trust to ensure that there is a comprehensive, robust and effective system which informs Risk Registers and the Board Assurance Framework.

4.7 Deputy Director of Clinical Governance 4.7.1 The Deputy Director of Clinical Governance has day to day responsibility for

clinical governance issues, including patient safety and compliance with the NHS Litigation Authority’s Risk Management Standards for Mental Health and Learning Disability Trusts.

4.8 Head of Safety and Patient Experience

4.8.1 The Head of Safety and Patient Experience leads the Patient Safety Team, whose functions include the provision of expert advice to wards and departments on health, safety and security management. The Head of Safety and Patient Experience is also responsible for ensuring that effective risk management underpins the Trust’s Incident and Claims Management processes as well as all other safety related processes.

4.9 Executive Directors and Group Triumvirates

4.9.1 These staff are responsible for the implementation of this policy at corporate and service level including the establishment and continual management of Group and Directorate risk registers, programme and project risk registers and the appropriate use of clinical / non clinical risk assessment tools which meet the needs of their particular service areas. They are responsible for managing risks that could prevent their directorate / department objectives being achieved.

NTW(O)33


4.10 Managers 4.10.1 All managers are accountable for the day-to-day management of risks of all

types within their area of responsibility. They are charged with ensuring that risk assessments are undertaken throughout their area of responsibility on a pro-active basis and that remedial action is carried out where problems are identified. They are also responsible for reporting difficulties in implementing plans to mitigate risks to their Group or Directorate Operational Management Group, if necessary, escalating a risk to the next level, in accordance with the risk escalation process (see Section 9).

4.11 All Staff 4.11.1 Management of risks is a fundamental duty of all staff whatever their grade or

role. In particular, all staff must ensure that identified risks and incidents are reported to their immediate line manager and, if appropriate, their Health and Safety representative, in order that effective action is taken. All incidents must also be reported to the Trust’s Safety Department through the incident reporting process (see Trust Incident Policy - NTW(O)05).

These requirements also extend to agency staff.

4.12 Partner Organisations and Contractors

4.12.1 Specific risks identified by the Trust will be shared with any other relevant organisation working in partnership with the Trust. Likewise, the Trust expects that any relevant risks identified by partner organisations, including the owners of buildings used by Trust staff, will be shared in a similar manner.

5 Organisational Responsibilities for the Management of Risk 5.1. The Trust Organisational Structure chart, including the Committees referred

to below is shown in Appendix 3. The responsibilities for the key committees, in terms of risk management, are as follows:

5.2 Board of Directors 5.2.1 The Board of Directors is accountable and responsible for ensuring that the

Trust has an effective process for identifying and managing risks of all types. It will receive and consider reports from the Audit Committee, the Quality and Performance Committee and the Corporate Decisions Team as necessary.

5.3 Quality and Performance Committee 5.3.1 The Quality and Performance Committee, which is a Sub Committee of the

Board, oversees and monitors the implementation of key quality and performance strategies, programmes and systems, including risk management.

NTW(O)33


It is the Trust’s formal Risk Management Committee and specific responsibilities relating to risk management and assurance are to:

Oversee the risk management system and obtain assurances that there is an effective system operating across the Trust;

Review the management of the Corporate Risk Register and the

Groups top risks; Review the Board Assurance Framework to ensure that the

Board of Directors receive assurances that effective controls are in place to manage corporate risks;

Report to the Board of Directors on any significant risk

management and assurance issues.

5.3.2 Its full Terms of Reference are provided in Appendix 4. This Committee will review the Board Assurance Framework and will also receive information and seek assurances on the effective management of Groups top risks, at least every second month.

5.4 Audit Committee 5.4.1 The Audit Committee is a Sub Committee of the Board of Directors and is

responsible for providing an independent and objective view of internal control. Specific responsibilities include:

Reviewing the establishment and maintenance of an effective

system of integrated governance, risk management and internal control, across the whole of the organisation’s activities (both clinical and non-clinical) that supports the achievement of the organisation’s objectives;

Reviewing the arrangements in place to support the Assurance

Framework process prepared on behalf of the Board of Directors and advising the Board accordingly. It will review the development of the Assurance Framework at least three times a year.

5.4.2 The Audit Committee reports to the Board of Directors annually on its work in

support of the Statement on Internal Control, specifically commenting on the fitness for purpose of the Assurance Framework, the completeness and embedding of risk management in the organisation and the integration of governance arrangements.

NTW(O)33


5.5 Corporate Decisions Team 5.5.1 The Corporate Decisions Team’s specific responsibilities relating to risk

management are:

To manage and develop the Corporate Risk Register and be aware of Groups’ top risks;

To manage the implementation and development of an effective Risk Management System across the Trust;

To manage the implementation and development of the Board Assurance Framework, in line with best practice;

To report to the Quality and Performance Committee on changes to the Corporate Risk Register and any other significant risk management issues.

5.6 Group Governance Structures

5.6.1 Group Directors are responsible for ensuring that they have processes in

place within their overall Group and its Directorates which ensure that risks are effectively managed. The Group Governance Structure is also illustrated in Appendix 3. Each Group must have within its governance structure a meeting where its risk register is considered and arrangements that enable risks to be escalated from Directorates. Group Directors will ensure, through their directorate governance structures, that risks are identified, assessed, controlled and managed in line with this Policy.

5.6.2 Individual Directorates are also responsible for ensuring that their local wards

/ teams and departments have effective arrangements in place to manage local risks in accordance with the processes described in this Policy.

5.7 Programme and Project Boards 5.7.1 Where the Trust has established a Programme or Project Board to lead a

specific time limited task, the Programme / Project Board will manage a risk register and keep the Trust Committee to which it is accountable informed of the management of its Risk Register. Programme and Project Board risks can be escalated to the appropriate Committee and, if necessary, to the Corporate Decisions Team for inclusion in the Corporate Risk Register.

6 Risk Management Process - Overview 6.1 Risk Management involves four basic steps, described in more detail in the

following Sections (7–10), to manage risks. It is important to stress that risk management, including the use of assessment tools, should not occur as an isolated activity. It is expected that it is undertaken on a multi-disciplinary basis and at times within a multi-agency context.

NTW(O)33


Step 1 - Risk Identification, including the use of risk assessment tools;

Step 2 - Risk Measurement, which prioritises the risks;

Step 3 - Risk Mitigation, including the risk escalation process;

Step 4 - Risk Monitoring and Review. 7 Risk Identification and Risk Assessment Tools 7.1 Risks can be identified in different ways and at different levels in the Trust.

Risks will be identified for example through day to day operational management; through internal reporting and governance processes; and through external reports on the Trust’s Clinical and Non-Clinical Services and its management processes. Risks should also be identified at all levels within the Trust – at local ward / team and department level; at divisional levels within operational services; at directorate level; and at Board level. Risk Assessment Tools (clinical and non-clinical) have been provided for staff to ensure a consistent approach to Risk Assessment is adopted throughout the organisation (see Appendices 5 and 6).

7.2 The following table provides some potential sources for the identification of

risks, although the list is not exhaustive.

External Risk Identification

Internal Risk Identification

Reactive Risk Identification

Patient Surveys

Staff Surveys

External Audit Reports

Monitor

Care Quality

Commission / Mental

Health Act

Commission Reports

Health and Safety

Executive Reports /

Visits

Accreditation Bodies’

Reports

Safety Checklists

Safety tours or

inspections

Staff Side Union

Safety Audits

Clinical Environmental

Risk Assessment

(CERA – Appendix 5)

Ward refurbishment

planning

Essence of Care

Patient Environmental

Assessments

(PLACE)

Serious Incidents

Incident Themes

Near Misses

Complaints

Claims

Performance Reports

Sickness Statistics

Stress Risk

Assessments

Staff Turnover exit

interviews

Disciplinary /

Grievance

Investigations

NTW(O)33


Environmental Health

Reports

Specialist Risk

Assessments

Legal advice

Independent Inquiries

Networking and

Benchmarking

Risk Management

groups and sub-

groups

Points of You

Internal Audit Reports

Counter Fraud

proactive reports

7.3 Clinical Risk Assessment

7.3.1 The Trust’s approved tools to record the outcome of the clinical assessment of risk for adults are listed in the Trust’s Policies, NTW(C)20 – Care Co-ordination and Care Programme Approach, and NTW(C)48 Care Co-ordination and Care Programme Approach for Children and Young People.

7.3.2 Clinical Risk Assessment should be undertaken at critical points throughout

an individual’s care in all clinical settings. It is not a one off activity, but is part of good daily practice on a continuing basis and is explicitly linked to the Trust’s Policy, NTW(C)20 - Care Coordination and Care Programme Approach (CPA) planning processes. Risk Assessment is a multi-disciplinary responsibility and is required:

As part of an initial assessment;

When admitting / discharging from hospital and as part of planning and agreeing leave;

As part of review considerations;

When there are major changes / incidents, for example, major changes in clinical mental health condition; following a serious untoward event or incident involving a near miss or actual incident report being filed; or a significant change in legal status (e.g. detention under the Mental Health Act);

When alerted by carers or other members of the Care Team;

When transferring service users to other teams / service providers.

NTW(O)33


7.3.3 Clinicians are expected to conduct appropriate Risk Assessments and to develop plans to manage risk in a way that takes the service user’s views and preferences into account whilst providing safeguards for him / her and for others. The tools used to assess clinical risk should wherever possible indicate the level of ongoing or residual risk; for example, a high, medium, low or other flagging system which attaches a level of importance so that appropriate and proportionate action can be taken.

7.3.4 Once completed it is then possible to use the information gathered from the

clinical assessment tool to further quantify the risk to the individual from environmental hazards (see Section 7.4 below) such as ligature risks on a general Risk Assessment Form, where clinical and environmental risks can be considered together and protective control measures implemented.

7.4 General Risk Assessments 7.4.1 Where a Specialist Assessment Tool is not available, a General Risk

Assessment Form should be completed. Guidance on the completion of these forms can be found in Appendix 6.

7.4.2 The Safety Department can be contacted to provide further advice in

completing these assessments. The general risk assessments will also be audited on a regular basis by the Safety Department.

8 Risk Evaluation / Measurement 8.1 As described in paragraph 7.3.3 above, clinical risks should wherever

possible evaluate the level of on-going or residual risk, for example a high, medium or low risk or other flagging system, which attaches a level of importance so that appropriate action is taken.

8.2 Non-clinical risks being entered onto a Risk Register must be evaluated and

measured by assessing the likelihood and potential impact of a risk, using a standard 5 x 5 matrix. This then categorises risks into four levels of priority - very low, low, moderate and high – and indicates the urgency with which action should be taken to mitigate the risk. This helps to ensure that a consistent systematic approach is followed throughout the Trust. More detailed guidance on risk evaluation and measurement in the Trust is provided in Appendix 7.

9 Risk Mitigation and Risk Escalation 9.1 Following the identification and assessment of a risk, consideration should be

given to how the risk can be mitigated. In general, in order of preference, the action would be to:

Remove the risk - by removing the cause or causes of the risk;

NTW(O)33


Transfer the risk if possible e.g. by taking out insurance or transferring the risk to another party, for example, a contractor;

Reduce / manage the risk – e.g. through the development of policies and practice guidance or putting contingency plans in place to mitigate the risk if it occurs.

9.2 This Policy and the Trust’s Risk Management Strategy emphasises that risks

should be controlled and managed at the lowest possible level in the organisation. Most operational risks can normally be managed at local ward or department level, as control measures should reduce it to an acceptable risk (see Appendix 6 – Risk Classification paragraph). However, where a risk identified at a particular organisational level in the Trust cannot be effectively controlled or managed at that level it should be escalated up to the next level for review and,

where appropriate, for management of that risk. An example of this could be

that in order to effectively manage a risk a level of expenditure is required which requires approval at a higher level. It is possible, depending on the nature of a risk and the appropriate action identified to manage it, that a risk identified at local ward / department level could be escalated through to the Trust’s Corporate Risk Register for action.

9.3 It is important to emphasise here that a risk should not be escalated to the

next level simply because it has been evaluated as a high risk – as stated in paragraph 9.2 above, the main principle is that risks should be controlled and managed at the lowest possible level in the organisation. However, it is also important that there is a good awareness throughout the organisation of the top risks within risk registers and the monitoring and review arrangements, described in Section 10 below, must therefore be followed.

9.4 The risk escalation process / reporting process for top risks is illustrated on

the following page.

NTW(O)33


Risk Escalation and Reporting Process

Risks which can’t be managed are escalated to the Directorate Risk Register

Risks which can’t be managed are escalated to the Group Risk Register

Risks which can’t be managed are escalated to the Senior Management Team for inclusion in the Corporate Risk Register

ALL STAFF – LOCAL WARDS/DEPARTMENTS Risks / Incidents / Hazards are reported in line with appropriate policy. Risks entered into local ward / department risk register

and managed.

DIRECTORATE LEVEL Develops / Manages / Reviews Service Specific Risk Registers

GROUP LEVEL Develops / Manages / Reviews Directorate Risk Register

through directorate governance structure Operational Leaders Group also co-ordinates risks across

Operational Directorates

CORPORATE DECISIONS TEAM Manages / Develops the Corporate Risk Register and risk

management system. Reports to Q&P Committee on significant risk management issues

QUALITY AND PERFORMANCE COMMITTEE Oversees the risk management system and obtains

assurances on its effectiveness. Reports to the Board on any significant risk management issues

BOARD OF DIRECTORS Accountable / responsible for effective risk management

process.

NTW(O)33


NOTE: In addition to this escalation process, the top risks (as defined by Directors) from Local Ward / Department Risk Registers and Directorate Risk Registers and the top risks (as defined by the Corporate Decisions Team) from Group Risk Registers must be reported to the level above them for information.

10 Risk Monitoring and Review

10.1 All identified risks on ward /department, divisional, directorate / Group, project and Programme Risk Registers and the risks on the Trust’s Corporate Risk Register must be regularly monitored and reviewed via the Safeguard System. The risk owner or risk group should review the risk score (the likelihood of the risk occurring and the potential impact of the risk), the effectiveness of any controls that are in place to manage the risk and any other action that is being implemented to eliminate or reduce the risk. This review could result for example in a risk being closed, a risk rating being reduced or increased, the action being taken to manage the risk being changed or a decision made to escalate a risk up to the next level in the Trust if it is felt that the risk can be more effectively managed at that level. The outcome of risk reviews should be documented.

10.2 It is also important that there is a good awareness throughout the Trust of high risks and an assurance that risks are being managed effectively. Therefore where a risk has a risk score higher that an agreed value, as defined by Group Directors for Local Ward / Department and Divisional Risk Registers; and as defined by the Corporate Decisions Team for Group Risk Registers, these must be reported to the level above them for information. This must include all high risks i.e. those with a score of 20 or 25. This enables:

The higher level to be aware of significant / high risks which are being managed at the level reporting to it;

The higher level to be able to monitor that these risks are being managed effectively; and

The higher level to decide whether or not it should take over the responsibility for managing any of these risks, bearing in mind the main principle that risk management should take place as near as practical to the risk source.

11 Training 11.1 The training needs are identified in the Communications and Training Check

List and Training Needs Analysis at Appendix B.

NTW(O)33


11.2 Board Members and relevant Senior Managers are required to receive relevant Risk Management Awareness Training. Risk awareness will continue to be undertaken through identified risk management sessions / workshops involving members of the Trust’s Corporate Decisions Team, the Trust Board and other identified senior staff with specific responsibilities, as described in Section 4. All newly appointed board members will receive risk awareness training in relation to the Trust as part of their induction.

11.3 Levels of training are identified in the training needs analysis and are included

within the Training Guide which can be accessed via this link:

http://nww1.ntw.nhs.uk/services/index.php?id=3796&p=2780 12 Consultation and Communication with Stakeholders

12.1 This is an existing Policy which has only minor changes that do not relate to operational and / or clinical practice therefore did not require a full consultation process

12.2 Systems of communication that contribute to minimising risk are in place and

include a Trust intranet for staff, customer satisfaction surveys with service users and carers, and regular Council of Governors Meetings. The Risk Management Strategy is available to all stakeholders through the Trust’s website and the Trust reports regularly to Monitor on compliance with the terms of its provider licence. Communication with staff is particularly important and risk management issues can be communicated through line management team briefing, the Chief Executive’s Bulletin and the communication of alerts to relevant staff groups via email.

13 Equality and Diversity Impact Assessment

13.1 In conjunction with the Trust’s Equality and Diversity Officer this Policy has undergone an Equality and Diversity Impact Assessment which has taken into account all human rights in relation to disability, ethnicity, age and gender. The Trust undertakes to improve the working experience of staff and to ensure everyone is treated in a fair and consistent manner. See Appendix A.

14 Implementation

14.1 Taking into consideration the minor implications associated with this Policy review, it is considered that a target date of July, 2015 is achievable for communications about the changes in this Policy, with any specific training being implemented on an ongoing basis. This will be monitored by the Quality and Performance Committee through the review process. If at any stage there is an indication that the target date cannot be met, then the author will implement an Action Plan.

http://nww1.ntw.nhs.uk/services/index.php?id=3796&p=2780

NTW(O)33


15 Monitoring and Compliance 15.1 Monitoring of compliance with this Policy will be undertaken on a day-to-day

basis by the Deputy Director of Performance and Assurance, discussing any issues with the relevant Directorate / Group and, if necessary, reporting to the Executive Director of Performance and Assurance.

16 Standards / Key Performance Indicators 16.1 The following external standards will be used to assess the effectiveness of

this Policy.

The Care Quality Commission’s registration outcome 16, including that providers who comply with the regulations will identify, monitor and manage risks to people who use, work in or visit the service,

16.2 A small set of performance indicators will be developed and agreed to help in

assessing the effectiveness of the risk management process, for example:-

How many new risks are being identified;

How many risk ratings have been reduced or closed within a specified period;

These will be included as part of the Monitoring Report as detailed in Section 16.2.

17 Fair Blame 17.1 The Trust is committed to developing an open learning culture. It has

endorsed the view that, wherever possible, disciplinary action will not be taken against members of staff who report near misses and adverse incidents, although there may be clearly defined occasions where disciplinary action will be taken.

18 Fraud, Bribery and Corruption 18.1 In accordance with the Trust’s Policy NTW(O)23 – Fraud, Bribery and

Corruption / Response Plan, all suspected cases of fraud and corruption should be reported immediately to the Trust’s Local Counter Fraud Specialist or to the Executive Director of Finance

NTW(O)33


19 Associated Documentation

Risk Management Strategy;

NTW(O)01 - Development and Management of Procedural Documents;

NTW(O)05 - Incident Policy;

NTW(O)20 - Health and Safety Policy;

NTW(O)40 - Falls Prevention / Risk Reduction and Management Policy;

NTW(C)20 - Care Coordination / Care Programme Approach (CPA);

NTW(C)48 - Care Co-ordination / Care Programme Approach for children and Young People.

19.1 All other Trust Policies are also in place to help reduce risks and can be accessed through the following link to the Trust intranet:

http://nww1.ntw.nhs.uk/services/?id=1183&p=1

20 References

Management of Health and Safety Regulations 1999;

NHS Litigation Authority Risk Management Standards for Mental Health and Learning Disability Trusts.

http://nww1.ntw.nhs.uk/services/?id=1183&p=1

NTW(O)33

18 Northumberland, Tyne and Wear NHS Foundation Trust NTW(O)33 – Risk Management Policy– V04 - Issued June 2015

Appendix A

Equality Analysis Screening Toolkit

Names of Individuals involved in Review

Date of Initial Screening

Review Date Service Area / Directorate

Grahame Ellis / Christopher Rowlands

12 Jan 2009 June 15 Trust-wide

Policy to be analysed Is this policy new or existing?

NTW(O)33 Risk Management Policy Existing

What are the intended outcomes of this work? Include outline of objectives and function aims

Process for the management of risks across the organisation. To comply with the Management of Health and Safety Regulations 1999 and support the Trust’s Risk Management Strategy. Risk Management also underpins all other Trust Policies.

Who will be affected? e.g. staff, service users, carers, wider public etc

All Staff

Protected Characteristics under the Equality Act 2010. The following characteristics have protection under the Act and therefore require further analysis of the potential impact that the policy may have upon them

Disability Not applicable

Sex Not applicable

Race Not applicable

Age Not applicable

Gender reassignment

(including transgender)

Not applicable

Sexual orientation. Not applicable

Religion or belief Not applicable

Marriage and Civil Partnership

Not applicable

Pregnancy and maternity

Not applicable

Carers Not applicable

Other identified groups Not applicable

NTW(O)33


How have you engaged stakeholders in gathering evidence or testing the evidence available?

Though standard Policy consultation mechanisms.

How have you engaged stakeholders in testing the policy or programme proposals?


For each engagement activity, please state who was involved, how and when they were engaged, and the key outputs:


Summary of Analysis Considering the evidence and engagement activity you listed above please summarise the impact of your work. Consider whether the evidence shows potential for differential impact, if so state whether adverse or positive and for which groups. How you will mitigate any negative impacts. How you will include certain protected groups in services or expand their participation in public life.

No impact

Now consider and detail below how the proposals impact on elimination of discrimination, harassment and victimisation, advance the equality of opportunity and promote good relations between groups. Where there is evidence, address each protected characteristic

Eliminate discrimination, harassment and victimisation

Not applicable

Advance equality of opportunity Not applicable

Promote good relations between groups Not applicable

What is the overall impact? Not applicable

Addressing the impact on equalities Not applicable

From the outcome of this Screening, have negative impacts been identified for any protected characteristics as defined by the Equality Act 2010? NO If yes, has a Full Impact Assessment been recommended? If not, why not? Manager’s signature: Christopher Rowlands Date: May 2015

NTW(O)33


Appendix B

Communication and Training Check List for Policies

Key Questions for the accountable committees designing, reviewing or agreeing a new Trust Policy

Is this a new policy with new training requirements or a change to an existing policy?

Change to an existing Policy

If it is a change to an existing policy are there changes to the existing model of training delivery? If yes specify below.

No changes to previous training needs identified

Are the awareness/training needs required to deliver the changes by law, national or local standards or best practice?

Please give specific evidence that identifies the training need, e.g. National Guidance, CQC, NHSLA etc.

Please identify the risks if training does not occur.

Legal requirement under the Management of Health and Safety Regulations to have adequate risk assessment and management processes in place

NHSLA

Non compliance with statutory regulations; risk of losing NHSLA Level 1 status

Please specify which staff groups need to undertake this awareness/training. Please be specific. It may well be the case that certain groups will require different levels e.g. staff group A requires awareness and staff group B requires training.

All staff require awareness of the changes in the policy and processes, including senior staff with identified key responsibilities.

Is there a staff group that should be prioritised for this training / awareness?

No – all staff to be aware

Please outline how the training will be delivered. Include who will deliver it and by what method. The following may be useful to consider: Team brief/e bulletin of summary Management cascade Newsletter/leaflets/payslip attachment Focus groups for those concerned Local Induction Training Awareness sessions for those affected by the new policy Local demonstrations of techniques/equipment with reference documentation Staff Handbook Summary for easy reference Taught Session E Learning

Awareness of revised Policy through:-

Trust and Operational Directorates’ Quality and Performance Committees

other Directorate Management Groups

meeting with Directorate lead officers on Safeguard Risk Management system, as required by Deputy Director of Performance and Assurance

Please identify a link person who will liaise with the training department to arrange details for the Trust Training Prospectus, Administration needs etc.

Deputy Director of Performance and Assurance

NTW(O)33


Appendix B – continued

Training Needs Analysis

Staff / Professional Group

Type of Training Duration of Training

Frequency of Training

All Staff

Copy of completed form to be sent to:

Training and Development Department, St. Nicholas Hospital

Should any advice be required, please contact:- 0191 223 2216

(internal 32216)

NTW(O)33


Appendix C

Monitoring Tool

Statement The Trust is working towards effective clinical governance and governance systems. To demonstrate effective care delivery and compliance, Policy Authors are required to include how monitoring of this Policy is linked to Auditable Standards / Key Performance Indicators will be undertaken using this framework.

NTW(O)33 – Risk Management Policy - Monitoring Framework

Auditable Standard / Key Performance Indicators

Frequency / Method / Person

Responsible

Where results and any Associate Action Plan will be reported to implemented and Monitored; (this will

usually be via the relevant Governance Group)

1 Review of Terms of reference for Risk Committees and Groups to establish effectiveness of organisations risk management structure

Frequency: Annually Method: Audit of Committee/ Group Performance against Terms of Reference Responsible Person(s): Chairs of Committees and Group

Corporate Decisions Team Trust-wide Quality and Performance Committee Board of Directors

2 Review of Corporate (organisation-wide) Risk Register All Risk Registers will include the following headings:-

Description of Risk

Risk Score

Summary Risk Treatment Plan

Date of Review

Residual Risk Rating

Frequency: Quarterly Method: review and challenge Responsible Person(s): Corporate Decisions Team Monitoring that all information is included will take place as part of the routine reviews which are undertaken at Group and Trust-wide Meetings / Committees

Corporate Decisions Team Trust-wide Quality and Performance Committee Board of Directors Trust-wide Quality and Performance Committee

NTW(O)33




Responsible



3 Management of Local Risks (Directorate and Group) All Risk Registers will include the following headings:-

Description of Risk

Risk Score

Summary Risk Treatment Plan

Date of Review

Residual Risk Rating

Frequency: Quarterly Method: review and challenge Responsible Person(s): Group Directors / Directorate Leads Monitoring that all information is included will take place as part of the routine reviews which are undertaken at Group and Trust-wide Meetings / Committees

Group Quality and Performance Meetings Operational Management Groups Corporate Decisions Team Trust-wide Quality and Performance Committee

Trust-wide Quality and Performance Committee

4 Key Individuals compliance with Policy requirements related to risk management activities

Frequency: Annually Method: Review of Training Figures, Review / Audit of Minutes from Meetings Responsible Person: Corporate Decisions Team / Group Directors / Directorate Leads

Group Quality and Performance Meetings Operational Management Groups Corporate Decisions Team Trust-wide Quality and Performance Committee Board of Directors

NTW(O)33




Responsible



5 Risk Management Process and Structure

Internal Audit will undertake an annual audit of the Risk Management Process and Structure. The Audit Report and resulting recommendations / action plan will be monitored via Trust-wide Quality and Performance Committee

Quality and Performance Committee Corporate Decisions Team Audit Committee Board of Directors

The Author(s) of each Policy is required to complete this monitoring template and ensure that these results are taken to the appropriate reporting Governance Group as above in line with the frequency set out.