PURPOSE OF THE PROCESS
Understanding the risks while carrying out various activities is vital for the Trust to mitigate such risks. This process highlights the risks across various activities.
Risks are defined as “effect of uncertainty of objectives”. Risk management therefore involves the following:
❖ Identification of risks.
❖ Evaluation of risks.
❖ Prioritising the risks.
❖ Treating the risks with appropriate mitigation plan.
❖ Developing contingency plans if the risks surface after mitigation.
❖ Communicating the risk and mitigation plans.
❖ Monitoring the risk.
❖ Closing the risk (if it is resolved).
The risks are tracked in Risk Registers (refer Risk Register template). A risk officer (to be identified) maintains the risk registers. The risk officer discusses the risks with the management team, cluster lead and other concerned personnels.
The source of the risks can be external or internal. While evaluating the risks, the risks can be classified as low, medium, high and very high. Currently, the evaluation of the risk level are arrived at based on the discussions with the management team rather than a scientific approach. Once the risks are evaluated, then they should be prioritised as rank 1 to 5, where rank 1 is of ‘high-priority’ and rank 5 is ‘low priority’.Then mitigation plans for the risks must be arrived at and communicated to the respective personnel to manage those risks. In addition, contingency plans must be readied if the mitigations fail. The risks will need to monitored and closed if they are resolved completely.
A Risk Register will be maintained for this purpose.