oecd workshop: learning from crises and fostering the continuous improvement of risk governance and...
DESCRIPTION
Presentation by Erik Thomassen, Directorate for Civil Protection, Norway. The workshop on “Learning from crises and fostering the continuous improvement of risk governance and management”, jointly organised with the governments of the Netherlands, Norway and Sweden, was held in Oslo, Norway on 17-18 September 2014. More information is available at www.oecd.org/gov/risk/high-level-risk-forum-oslo-workshop-2014.htmTRANSCRIPT
![Page 1: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/1.jpg)
Norwegian Directorate for Civil Protection
![Page 2: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/2.jpg)
Quality Assurance Through Auditing Ministries and Agencies OECD workshop, Oslo, Norway, 17 September 2014
Erik Thomassen Head of Unit; Analyse
![Page 3: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/3.jpg)
Royal Decree 15 June 2012 Instructions for the ministries` work with civil protection and emergency preparedness, the Ministry of Justice and Public Security`s coordinating role and auditing function and central crises management
• Basic principles • Obligations and
responsibility in the field of Civil Protection on Government level
• The Ministry of Justice and Public Security`s coordinating role
• Audits of the ministries` civil protection work
• Central crisis management
![Page 4: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/4.jpg)
Background • First audits were conducted in
2002 • Regular audits started in 2005 • Third round of audits is
ongoing now • The Ministry of Justice and
Public Security is the formal auditing authority
• Audits performed by DSB • Basis is requirements and
obligations in Royal Decree 15 June 2012
![Page 5: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/5.jpg)
The Ministries` Basic Obligations
“The ministries´ efforts in the field of civil protection and emergency preparedness should be targeted, systematic and traceable and integrated into the ministry`s planning system, management systems and management dialogue with subordinated enterprises”
![Page 6: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/6.jpg)
Issues in Audits
• Organization • Governance, structure of objectives,
follow-up of subordinated agencies and enterprises
• Overview of risks • Contingency plans • Exercises • Learning from events and exercises • IT-security
![Page 7: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/7.jpg)
Method and Process • Preparations • Examination of documents • Official opening meeting with high rank officials and experts in
the ministry • Interviews in the ministry (number varies from less than ten to
more than 30 depending on ministry`s significance) • Interviews or meetings in subordinated agencies • Final meeting, report presented • Ministry responding to the report • Final report submitted from the Ministry of Justice to the ministry
subject to audit • Follow-up-plan presented to the Ministry of Justice • Findings in audits presented to the Cabinet • Follow-up meeting(s)
![Page 8: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/8.jpg)
No Formal Sanctions
• Lack of compliance with the standards in the Royal Decree is not met by any kind of formal sanctions
• The auditing regime is basically an internal governmental control system
• Up to now the Minister of Justice have in some cases notified a cabinet colleague that his or her ministry fails to live up to the standards required
• However the hidden threat of losing reputation both within the government and in the public may have some effect
• Audits of safety & security issues also performed by Office of the Auditor General, who reports to Parliament (fewer – and not systematically)
![Page 9: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/9.jpg)
Reports now open to the public
• The Government have decided that new audit reports as of April 2014 will be open to the public
• The first public report was the report from the audit in the Ministry of Justice and Public Security
• The Government has also decided that findings in all reports should be presented to the Cabinet
“Butchering the contingency work in the Ministry of Justice”
![Page 10: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/10.jpg)
Status
• Audits have developed over time. More structured, more focused. Reports more explicit.
• Auditors well received in ministries – their report in some cases to a lesser extent
• Auditors have been given access to all relevant documents – even internal and classified ones
• Many interviewees are relatively outspoken • Remains to be seen how the ministries will react knowing
that the report will be publicized
![Page 11: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/11.jpg)
Does Audits Work?
• All ministries have improved their performance in the field of safety and security since 2005 – some more than others
• The extent of causality is difficult to assess • Experience from events, exercises and the increasing
general awareness in society of the importance of safety and security issues do also play a role
• Audits must be regarded as part of a toolkit
![Page 12: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/12.jpg)
How Does It Work?
• Audits puts safety and security higher on the agenda both for ministers and in the civil service
• Enhances a common standard across ministries and sectors
• Actuates processes in the ministries towards a more systematic approach to risk and crises management
• Instigates tidying operations before the arrival of the auditing team
![Page 13: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/13.jpg)
Audits as Part of a Learning Process
• A presumption for continuous improvements is systematic evaluation, identification of faults and weaknesses and designation of improvement measures
• Learning from events and exercises is essential • Scrutinizing internal systems and routines on a regular
basis is equally important • An external investigation like an audit may strengthen
other learning processes apart from being a basis for learning in itself.
![Page 14: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/14.jpg)
Limitations and Challenges I. Are Ministries That Important? • If the aim is to make Norway a more resilient society, are
ministries the right place to focus? • Agencies, municipalities, public and private enterprises
are the ones running the country on a daily basis • County Governors audit municipalities. Regulators audit
enterprises • Audits in ministries have been extended to encompass
government agencies, but auditing them is challenging. No common standard as in the ministries. Need for expertise in auditing teams
![Page 15: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/15.jpg)
Limitations and Challenges II. Difficult to Assess Ability • Audits focus on systems and documentation • Systems are important, but not sufficient • Ability is achieved through knowledge, skill and
motivation • Assessing motivation and leadership is challenging • Documents and systems may some times be
produced primarily to satisfy auditors
![Page 16: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/16.jpg)
The 22 July Commission's Conclusions
• The ability to acknowledge risk and learn
from exercises has not been sufficient • The ability to implement decisions that
have been made, and to use the plans that have been developed, has been ineffectual
• The ability to coordinate and work together has been deficient.
• The potential inherent in information and communications technology has not been exploited well enough.
• Leadership's willingness and ability to clarify responsibility, set goals and adopt measures to achieve results have been insufficient.
![Page 17: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/17.jpg)
Strengthening Audit`s Influence on Motivation and Leadership
• Sanction Based Motivation – Informal sanctions are
strengthened: • Findings in audit reports
presented to the Cabinet by the Minister of Justice
• Reports are now open to the public
• Inner Motivation • The emphasis put on
audits in the Government visualizes expectations and importance of safety and security issues
![Page 18: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/18.jpg)
Current Development and Way Forward
• Audits are to a larger extent differentiated. More attention given to ministries with responsibility for core functions in society, less to others
• Guidelines for ministries based on Royal Decree will be revised – making obligations more distinct
• Reports are increasingly explicit in concretizing deviations from the standards of the Royal Decree
• More standardized reports – a better basis for benchmarking
![Page 19: OECD Workshop: Learning from crises and fostering the continuous improvement of risk governance and management - Erik Thomassen](https://reader033.vdocument.in/reader033/viewer/2022051609/5473ed40b4af9fa90a8b54c7/html5/thumbnails/19.jpg)
Conclusions
• Audits must be regarded as part of a toolkit
• Audits may strengthen a process of continuous learning
• It is challenging to assess and influence motivation and leadership
• Audits will probably have a stronger impact on motivation, leadership and ability in the future – given the emphasis the Government puts on it – and the fact that reports from now on are open to the public