Managers are responsible for risk management within the client engagement and risk should be a standing agenda item at management meetings.
Guidance to support risk management is available through the EM/SDM. Key areas of risk that should be focussed on and considered by managers within client engagements are:
- PEOPLE:
- Resource management
- Health and safety
- Behaviour
- LEGAL AND REGULATORY
- CONDUCT:
- Quality
- Timeliness
- Telephony (where appropriate)
- Payments
- FRAUD
- INFORMATION SECURITY
- BUSINESS CONTINUITY
- SUPPLIER MANAGEMENT
- IT SYSTEMS
- CHANGE
- BREACHES AND OPERATIONAL LOSS
If you suspect that there is a risk or issue which should be raised with your EM/SDM in relation to one of the above matters, then you should take steps to raise the matter promptly. It is better to notify the EM/SDM of a matter which doesn’t require action than to not notify the EM/SDM of a matter which does.
Risks identified should be raised in line with the governance framework of the project or direct to the EM/SDM.