A Risk Management framework has been created using the Queen Mary’s Risk Policy guide and the Management of Risk (MoR) best practice.
The framework spans across the whole of IT Services, is owned by the Risk & Governance Manager and is designed to help identify, assess and manage risks that affect the operational services within IT Services, it incorporates governance and control at all management and key decision stages. The framework incorporates processes to help centralise the Risk Management approach and incorporates the management of Strategic Level Risks, as outlined by the Strategic Risk Management Committee (SRMG), it also highlights the hierarchy of the wider College governance.
The diagram outlines the framework in which Risk Management is governed across ITS.Each group has risks that are managed and owned by an Assistant Director. The diagram shows how the Strategic Risks are managed at the top by the Assistant Directors and owned by the CIO whilst the Heads of Services and Team Managers manage the Operational Risks and are overseen by the Assistant Directors.
There is a process for risks to be escalated and delegated through the hierarchy which is facilitated by the Risk and Governance Manager. The process used to manage risks which have been derived from the MoR Risk Management methodology.
The Risk Management process consists of 5 steps :
Identify the risk, Evaluate the likelihood of the risk occurring and the impact if the risk was to occur, Plan control actions to either reduce the likelihood of the risk occurring and or the impact of that risk if it were to occur, Implement the control actions as planned and Monitor the progress.
Further information is available on the following links which are accessible to QMUL staff only.
QMUL Risk Management
QMUL Risk Methodology