For many Organisations, business reputational risks and financial risks are not stand-alone issues, but part of the wider corporate governance requirements for sound risk management and issues of wider concern to stakeholders. The Turnbull guidance on the Combined Code on Corporate Governance requires listed companies to have robust systems of internal control, covering not just 'narrow' financial risks but also risks relating to the environment, business reputation and health and safety (Source: HSE/IoD Guidance - Leading Health & Safety at Work INDG 417).
Environmental, Social and Governance Risks are becoming more widely reported but which criteria should be covered? An Audit committee can oversee the performance of the company, however, we suggest that an independent expert or a non-executive director can act as a better scrutineer.
Are your Directors or Senior Managers demonstrably trained? Do your current Directors and Senior Managers know their responsibilities for health & safety, risk management, and environmental matters? If they do, then are they following the Plan, Do, Check, Act principles in HSE and Risk Management Guidance, and is the Organisation ready for ISO 45001?
We assist Organisations reviewing their governance to:
Prepare Management Systems, Procedures and Controls to set out the roles and responsibilities within the Organisation for [health and safety, business reputation and financial] risks.
Ensure that Arrangements for managing business risks are adequately resourced, including new arrangements. The arrangements also cover the advice being given to you on health & safety, environmental and other matters. Are these advisers Competent? What is it that defines their competence and have you checked that? Is the advice being given enough in the circumstances? Do these advisers have access to the right information?
Are reports being given in sufficient detail and at the right level? Are your auditing systems adequate and do your Business Management Systems generate the right monitoring and review outputs to let you know they are working? Is Risk Management built in to the appraisals process?
How do you review and update individual operating policies and procedures? Where are the key areas of vulnerability that lead to serious incidents or fraud? How can you develop key procedures to help you respond properly when something happens? What does your readiness to respond in the event of an incident say about you?
Consider the common factors involved in most serious accidents and incidents in relation to your own activities, and avoid the common causes. Mitigate the seriousness of an incident with several key precautions and put measures in place to deal with an incident if one arises.