Risk Management in a Policing Environment ALARM South

Risk Management in a Policing Environment ALARM South East Regional Conference Wednesday, 3 November 2004 Nick Chown

Outline of Presentation by Nick Chown, Director of Risk Management, Metropolitan Police Service § § § Some background information Risk management strategy and process Linking with the National Intelligence Model Role of Corporate Risk Management Group Examples of where RM has added value Question and answer session

The Met – performance Mission: To make London the safest major city in the world Street Crime 34% over last 2 years Gun Crime 10% in last 12 months Commercial Robbery Burglary 80% on last year Lowest Levels since 1973 Detection Rates 18% in Jan 04 (target 20%) Recruitment 246% over last 4 years Commissioner - “The Met is the agency of first and last resort”

The Met - scale § Gross annual revenue budget of £ 2. 9 bn § Approx 25% of total service budget for England Wales § 44, 300 Employees • • 30, 000 police officers 12, 000 police staff 1, 500 PCSOs 800 Traffic Wardens § 650 buildings in 300 locations valued at £ 1. 7 bn § Over 5, 000 vehicles § Over 20, 000 desktop computers § Over 640, 000 payslips produced per year § 34, 000 telephones § 30, 000 radios

MPS – Management Board etc § Commissioner § Deputy Commissioner [DCC] – Diverse set of teams – Strategic Development [DCC 2] – Corporate Risk Management Group [DCC 2(7)] § Four Assistant Commissioners – Territorial Policing, Specialist Crime, Specialist Operations and Human Resources § Director of Public Affairs

The Met – governance Authority § Full Authority § Co-ordination & Policing Committee (COP) § Finance Committee § Corporate Governance Committee (previously Audit Panel) Service § Management Board § Corporate Governance Strategic Committee § Strategic H&S Committee § Other strategic committees § Resilience & BC committees § Inspection Co-ordination Group

The Metropolitan Police District

Risk management – the background § § § Advent of Metropolitan Police Authority Willis review of risk management Central risk management team Director of risk management Securing senior buy-in Integrated risk management strategy Ø Risk management framework & user guide Ø Local sponsors and facilitators Ø Programme of mainstreaming work

The Met – integrated risk management strategy § Based on ALARM ‘toolkit’ approach § To effectively manage potential opportunities and threats to the Authority and the Service achieving their objectives involving: Ø Integration of risk management into the culture Ø Raising awareness of need for risk management Ø Enabling response to changing conditions Ø Introduction of robust framework Ø Minimisation of cost of insurable risk

Mainstreaming risk management in planning Strategic RM NIM / PPAF Annual Plan EM Self. Assessment Diversity EM S-A Projects Inspections Audits Reviews Objectives Risk – the chance of something happening that will have an impact on objectives Ad hoc Etc. Monitor and Review Actions

Mainstreaming risk management in planning Strategic RM NIM / PPAF Annual Plan EM Self. Assessment Diversity EM S-A Projects Inspections Audits Reviews Objectives Identify Risks (Threats, Hazards) Risk – the chance of something happening that will have an impact on objectives Ad hoc Evaluate Risks Likelihood and impact Etc. Monitor and Review Actions Risk Controls Risk Reporting Risk Register

Mainstreaming risk management in planning Strategic RM Corporate Strategic Assessment Corporate Risk Profile Plan Objectives Identify Risks (Threats, Hazards) Risk – the chance of something happening that will have an impact on objectives Monitor and Review Strategic Intelligence Assessment Actions Evaluate Risks Likelihood and impact Risk Controls Business Risk Profile

National Intelligence Model Business Government & Local Objectives Performance Management Business Excellence Model Managing Crime Outcomes Prioritise Intelligence Work TASKING & COORDINATION PROCESS Criminals Disorder Production of Intelligence Products Tasking & Coordination Meetings Problems Acknowledgements: National Criminal Intelligence Service Outcomes Analytical Products Knowledge Products System Products Community Safety Reduced Crime Controlled Criminality Controlled Disorder

NIM tasking and coordination The criminal intelligence paints the picture CONTROL STRATEGY comprises PRIORITIES FOR • INTELLIGENCE • PREVENTION • ENFORCEMENT Requires Strategic tasking and Tactical tasking and Coordination group coordination group • Resourcing the needs • Setting priorities • Identifying policy needs • Applying the tactical menu • Responding to new needs • Checking still on course Acknowledgements: National Criminal Intelligence Service

National Intelligence Model – business risk Business Managing Business Risk Human Rights Life & limb Government & Local Objectives Performance Management Business Excellence Model Outcomes Prioritise Business Intelligence TASKING & COORDINATION PROCESS Production of Business Risk Profiles Tasking & Coordination Meetings Community Safety Reduced Crime Controlled Criminality Reputation Service Delivery Finances Outcomes Analytical Products Knowledge Products System Products Controlled Disorder

NIM tasking and coordination The business intelligence paints the picture CONTROL STRATEGY comprises PRIORITIES FOR • INTELLIGENCE • PREVENTION • CONTINUITY Requires Strategic tasking and Tactical tasking and Coordination group coordination group • Resourcing the needs • Setting priorities • Identifying policy needs • Applying the tactical menu • Responding to new needs • Checking still on course

ing nn ga l Li im ab i ina lity l. J us tic e Pla Le Cr ntin ge ncy mun icat ions Com IT & Co nersh ips /Part muni ty Com Public Order Man agement m e nin an g Fire ty Identify Assess Evaluate Controls Measure Report m Co ity r eg t in ts/ n ai pl Pl Security er fe ity l disast u tin Natura on Party s. C Third Sa ion rim ty es or F leet & t even e. C rsi sin Mot R Tra inin g PS D th e Pr Crim lum Vo ve Di Bu H He al Terroris IM N Serious Crime The Metropolitan Police risk management spectrum nc ina sk i l. R ia F litic Po isk R al y unit m Com e ranc Insu Self ce Insuran Alternative Risk Transfer

g Identify Assess Evaluate Control Measure Monitor Report ing ilit y na nc ia l. R isk Lia b Le ga l Pla nn isk Fi Co ntin ge ncy Com mun icat ions ips tners h IT & ty/Pa r muni Com Public Order Man agement m ion e nin an Fire ty Pl Security er fe ity l disast u tin Natura on Party s. C Third Sa Terroris rim ty es or F leet & t even e. C rsi sin Mot R Tra inin g PS D th e Pr Crim lum Vo ve Di Bu H He al Serious Crime All Encompassing NIM ‘Risk’ Coverage … R al litic Po nity u mm Co e ranc su elf In S ce Insuran Alternative Risk Transfer

Risk management helps achieve the MPS mission Mission Internal Pressures Vision MPS Policing Plan Change Mgmt Local Plans External Pressures

Plans can be blown “off course” sion Mis sion Vi Plan g licin t Po PS Mgm M e ang Ch l oca s L n Pla

Plans can be blown “off course” Mis MP Vis SP olic sio ion n ing Cha Pla nge n Mg mt Loc Pla al ns

Risk management helps keep plans “on course” Mission Vision MPS Policing Plan Change Mgmt NIM Crime Local Plans NIM Business Risk

New NIM business intelligence products Business Intelligence PESTELGO Issue Analyses Ø Accurate picture of the business Ø What is actually happening on the ground Ø Nature and extent of problems Ø The trends Ø Where the main threats lie Strategic Intelligence Assessments Corporate Risk Profile Corporate Strategic Assessment Business Risk Profiles

Current approach is often fragmented and inconsistent Insurance Risk Assessment Reputation Risk Inspection & Review Legal Issues Health& Safety Compliance BCP / Security Controls Resilience

Corporate co-ordination role Control Environment Legal Issues Early Warning Physical Security Embedding in Support Group Process Insurance Health & Safety Inspection & Audit Embedding in Operational Process Risk Profiling Compliance Resilience & Business Continuity Information Security Embedding a ‘Managed Risk’ Culture Risk Assessment Self. Insurance Reputation Risk

Some other elements of corporate role • • Structure / proactive / focus / solutions Setting standards for risk management Business continuity management lead Insurable risk management / insurance Programme and project input Advice and guidance on risk matters Support to various committees

Reputation risk management § Metropolitan police ‘brand’ § Reputation as impact § Business risk management process standard impact assessment § MPS (gold/silver/bronze) reputation risk management system § Diamond Risk Management Committee

Impact assessment Impact categories Scale Human Rights & Diversity Life & Limb Reputation Performance Financial Very Low 1 No differential diversity impacts or HR interference No injuries No discernible damage to MPS reputation No discernible Impact on service delivery On or within 1% of total budget Low 2 Some justifiable impacts / interference Slight injuries only Minimal damage to MPS reputation Impact on service delivery of little/ no concern to stakeholders Between 2% and 5% of total budget Medium 3 Limited unjustifiable impacts / interference Major injuries or single fatality Limited damage to MPS reputation Impact on service delivery relevant and noticeable by stakeholders Between 6% and 10% of total budget High 4 Significant unjustifiable impacts / interference Some fatalities or many major injuries Major damage to MPS reputation Major impact on service delivery Between 11% and 20% of total budget Very High 5 Serious unjustifiable impacts and/or interference Many fatalities Catastrophic damage to MPS reputation Catastrophic impact on service delivery In excess of 20% of total budget

Added value from risk management • • • Bichard project Business cases Overseas travel policy Insurance invalidation indemnity Diversity Directorate restructuring C 3 i risk management pilot First steps towards ‘virtual captive’ Human rights & diversity impact assessment SO 16 physical security unit CO 11 community impact assessments Area homicide review teams

Q&A • Any questions?