ROYAL
NAVY SUBMARINE MUSEUM
Introduction
As the Government Accounting Officer of an Executive Non-Departmental Public Body I have the responsibility to the Trustees and to Parliament to ensure that not only is the institution meeting its aims and objectives, but also that all areas of 'risk' in achieving those aims and objectives are identified and being 'managed'. It is an area that will be addressed in the future by The National Audit Office, and it is my intention to compile a 'Risk Register' to demonstrate that we have a firm grip on this aspect of our activities.
Doing nothing is the simplest way of managing risk, but through such an approach nothing would be achieved (eg failure to pursue a development plan, shut the site, lock the doors of Torbay Block, and wrap everyone in cotton wool), and it would also mean that we would failing in our primary purposes of caring for a valuable collection and providing a museum for the public benefit. In addition, because the Museum is a Charity and lacks a significant reserve, the 'appetite for risk' (ie acceptance of risk before action must be taken) is, in general (standfast the Development Plan), necessarily low which in turn calls for a high level of awareness and management attention.
The essence of risk is the uncertainty of outcome (whether positive or negative), and the nature of the Museum's business means that it suffers, and expects, exposure to risk. Exposure refers to the combination of probability of a potential event occurring and the magnitude of its impact.
Probability: An assessment of how likely a potential event will occur and with what frequency.
Impact: The evaluated effect or result of a potential event actually happening.
The task of risk management is the management of this exposure to an acceptable level by taking action on the probability, impact, or both; it therefore requires identification of the elements to be considered, not all of which may be controllable because of a limitation in resources, both human and financial.
Every change we make, even the provision of a single stand-alone computer, brings with it, risk (eg it may fail and require replacement, catch fire, cause a trip hazard, or blow up!), so it is necessary to add it to the risk management package.
The cycle of the risk management process is
The Museum will use a 'bottom up' approach by tasking each part of the organisation to review its activities, diagnose the risks faced, and recommend appropriate remedial measures under the headings of 'transfer' (ie insure); 'tolerate' (cost disproportionate to benefit gained); 'terminate' (cease activity); or 'treat' (contain to an acceptable level).
Typical Risks
The following is a summary of the most common categories of risk with examples of the nature of the source and effect issues. The owner is the member of staff designated with the task of assessment (lead manager identified first).
Category of risk/owner |
Source and effect issues |
|
|
|
|
Infrastructure Owner: Technical Support Manager/SM |
Relating to computer systems, power supply systems, telephones. |
|
Legal and Regulatory Owner: Director |
Relating to laws and regulations which if complied with should reduce hazards (eg Health and Safety at Work Act) |
|
Environmental Owner: Site Manager |
Fuel consumption and pollution issues |
|
Market Owner: BSM/Site Supervisor |
Relating to competition and performance. |
|
Budgetary Owners: Director/Internal MC |
Relating to the availability or the allocation of resources |
|
Financial fraud or theft Owners: AdminO/Director |
Relating to the unproductive loss of resources |
|
Fire or Flood Owners: Curator/Site Manager |
Relating to the security of the Collection |
|
Theft Owner: Curator |
Relating to the security of the Collection |
|
Capital Investment Owner: The Development Committee |
Relating to the making of appropriate investment decisions |
|
Liability Owner: Director |
Relating to the right to sue or be sued (eg copyright issues) |
|
Policy Owner: The Board of Trustees |
Relating to the appropriateness and quality of policy decisions |
|
Operational Owners: Director/Deputy Director |
Relating to the procedures employed to achieve particular objectives |
|
Information Owners: PI producers |
Relating to the adequacy of information which is used to make decisions |
|
Reputational Owners: Director/Deputy Director |
Relating to the public reputation of the organization and consequent effects |
|
Technological Owner: Technical Support Manager |
Relating to the use of technology to achieve objectives |
|
Project Owner: Director/Deputy Director |
Relating to project planning and management procedures |
|
Innovation Owner: Director/Deputy Director |
Relating to the exploitation of opportunities to make gains |
|
Personnel Owner: Director/Deputy Director/AdminO |
Relating to the availability and retention of suitable staff |
|
Health and Safety Owner: Director/Site Manager |
Relating to the well-being of people |
Some types of risk lend themselves to numerical diagnosis - particularly financial risk. For other risks - for example reputational risk - a much more subjective view is all that is possible. In this sense risk evaluation is more an art than a science.
Once the risks have been identified, their exposure is to be evaluated as high/medium/low. They are then to be treated under one of the following categories
Transfer: For some risks the best response may be to transfer them. This might be done by conventional insurance, or it might be done through sponsorship.
Tolerate: Ability to do anything about some risks may be limited, or the cost of taking any action may be disproportionate to the potential benefit gained. In these cases the response may be toleration.
Treat: By far the greatest number of risks will belong to this category. The purpose of treatment is not necessarily to obviate the risk but more likely to contain the risk to an acceptable level. The actions which an organisation takes in treating risk are called 'internal controls' - they are actions instigated from within the organisation.
Terminate: Some risks will only be treatable, or containable to acceptable levels, by terminating the activity. This option is severely limited in application because of the nature of the Museum's business.
The types of internal control referred to are
Detective: 'After the event' such as stock checks and reconciliation. By their nature they should be conducted regularly.
Directive: Ensure that a particular outcome is achieved. A good example are 'No Smoking' signs, ensuring only qualified people operate particular machines, the wearing of protective clothing.
Preventative: Limit the possibility of an undesirable outcome. Separation of duty (eg PR forms), limitation of authorised actions (eg cheque signing).
Corrective: A route of recourse to achieve some recovery against loss or damage.
Commander JJ Tall OBE RN
Director
20 December 2001
Categories of Risk - Long term
support; Policy; Capital Investment.
|
Area |
Worst Case |
Exposure |
Control |
Outcome |
|
Long term support |
Withdrawal of Grant-in-Aid |
Low |
Treat/Preventative through
(a) The Financial Memorandum (b) DCI 85/98 (c) Quinqennial Reviews |
Proper procedures in place |
|
Capital Investment |
Overstretch of resources/failure to deliver |
Low |
Treat/Preventative through (a) The Development Plan (reviewed quarterly)
(b) Business Plan (reviewed half-yearly)
|
Proper procedures in place |
|
Policy |
Failure to comply with Re:source/MA standards resulting in withdrawal of Registration |
Low |
Treat/Preventative through (a) The Corporate Management Plan -best practice. (reviewed annually)
(b) The Collections Management Plan (reviewed biennially) (c) The Education Plan (reviewed biennially) (d) Registration Process |
Re-registered February 2001. Proper procedures in place |
Categories of risk - The Written Archive
|
Area |
Worst Case |
Exposure |
Control |
Outcome |
|
[1] Archive |
Fire Total Loss |
Medium/High |
Treat/preventative through 1) Control of Smoking. 2) Fire alarms, smoke detectors & clear emergency exits. 3) Fire Drills & Staff training. 4) Fire extinguishers easily accessed and maintained. 5) Electrical wiring & equipment maintained. 6) Inflammable film not kept in building. Corrective through 1) Disaster plan. |
Proper procedures in place (a) Disaster plan being prepared |
|
[2] Archive |
Flood Partial Loss |
Low |
Treat/preventative through 1) Collection stored away from water pipes, tanks. Corrective through 1) Disaster plan. |
Proper procedures in place. (Collection moved to Ground Floor August 01 thereby increasing separation) (a) Disaster plan being prepared. |
|
[3] Archive |
Theft Partial Loss |
Medium |
Treat/preventative through 1) Security locks on doors. 2) Visitors by appointment only & sign in Visitors book. 3) No bags allowed. 4) No papers taken out of archive. 5) All photocopying done by staff. 6) Complete up to date register & catalogue for archive. |
Register/catalogue being updated by Documentation Consultant Proper procedures in place (Archivist now juxtaposed with Library August 01) |
|
[4] Archive |
Poor Care Partial Loss |
Low |
Treat/preventative through 1) Follow MDA Standards 2) Monitor environmental conditions. |
Proper procedures in place |
|
[5] Library |
Theft Partial Loss |
Low |
As [3] above. Up to date catalogue. No books removed. |
Proper procedures in place |
|
[6] Library |
Fire/Flood Total Loss |
Medium/High |
As [1] above. |
As [1] above. |
Categories of risk - Photographic Archive
|
Area |
Worst Case |
Exposure |
Control |
Outcome |
|
Photograph Collection |
Fire Loss of, or serious damage to, the Collection |
Low |
Treat/preventative through 1) Fire Alarms 2) Fire Drills 3) Fire Extinguishers 4) Control smoking Corrective through (a) Disaster Plan |
Proper procedures in place (a) Disaster Plan ongoing |
|
Photograph Collection |
Flood Loss of, or serious damage to, the Collection |
Low |
Treat/preventative through 1) Collection stored away from water source Corrective through (a) Disaster Plan |
Proper procedures in place
(a) Disaster Plan ongoing
|
|
Photograph Collection |
Theft
Partial loss |
Medium/High |
Treat/Preventative 1) Restricted, supervised access 2) Monitoring of visitors 3) No smuggling |
Proper procedures in place |
|
Copyright Issues |
Being sued Breaching copyright |
Low/Medium
|
Treat/preventative through Disclaimers |
Proper procedures in place |
|
Photograph Collection |
Damage by researchers |
Low
|
Treat/preventative through Researchers being informed of correct handling procedure |
Proper procedures in place |
IT department general:
The IT Department is responsible for the maintenance and upkeep of the Computer suite, audiovisual equipment as well as communications equipment. In general all areas are open to risk in the form of abuse, accidental damage and theft. All the equipment is susceptible to electrical and mechanical failures. The equipment has an acceptable life expectancy and a rolling programme of replacement and upgrading has minimised the failure rate of this equipment. The risks arising from the use of these equipments can be minimised through training and informing the users.
As use of the Internet is on the increase it may benefit the museum to include a 'code of conduct' for on line communications in the staff handbook. This may go someway to protecting the museum from complaints and, in the worst-case, prosecution. This code of conduct should encompass all forms of communication; E-mail, fax, telephone, radio communications and the World Wide Web.
The use of the World Wide Web, and in particular the Museum’s web site, can leave the Museum open to theft of its material. Because the web site is to remain 'open to all', care should be taken when choosing material for the Web site and any material posted should be regarded as an acceptable loss.
Area
|
Worst Case
|
Level
|
Control
|
Outcome |
|
Computer |
Computer virus |
M/H |
Treat/Preventative Anti virus software utilised
E-mail vetted for viruses |
Memo to be published re anti virus measures. Anti-virus software to be frequently upgraded Regular virus alerts to be promulgated. |
|
Data |
Electrical Faults
|
M/H |
Treat/Preventative Server on back up power supply Museum-wide data backed up weekly to second disk Museum wide data backed up daily to removable disk Equipment shut down when not required |
Individual backup programme to be implemented
All Pc’s to be fitted with power supply back up Fire retardant storage required for removable disk
|
|
Databases/ important files stored on Server |
Theft
|
L/M |
Treat/Preventative Where available, auto save/auto recovery set up on software Researchers PC’s A Drive disabled |
Important files to be copied to Server Server upgrade to handle all Museum Data Where possible all equipment to be password protected |
Data Protection
Act
|
Contravention |
M/H |
Treat/Preventative Registered with Data Protection agency Comply with Data Protection Act |
Establish post of Data Protection Officer Data Protection Officer to establish 'Best Practices' |
|
Copyright
|
Breach |
M/H |
Preventative
Printing/copying facilities restricted and controlled Copyright of data established and adhered to Disclaimers accompany all out going Photographic Images Disclaimers attached to all out going Information
|
Proper procedures in force |
|
Computer Software Copyright |
Theft |
L |
Treat/Preventative All software registration and Licences adhered to.
Access to CD Copiers restricted. . |
All staff to be kept informed with current licences Memo to be published re illegal software All software to be stored in a secure stowage |
|
Computer Hardware |
Electrical Faults |
M/H |
Treat/Preventative All equipment shut down when not required |
Power Supply back up to be fitted to all PC’s |
|
|
Theft |
L/M |
Treat/Preventative Fixed Assets Register Intruder alarms fitted to buildings |
Anti theft Devices to be fitted to equipment |
|
|
Accidental damage |
M/H |
Transfer Insure against accidental damage |
Insurance in place |
|
Internet/e-mail access |
Misuse |
L/M |
Treat/Preventative Restrict access to Internet |
Inform users of etiquette in sending e-mail (complete under ICT policy) Inform users of penalties for inappropriate use of
the World Wide Web (complete under ICT policy)
|
|
Gift shop EPOS system |
Electrical fault |
M/H |
Treat/Preventative As
computer Hardware Data
backed up and placed in safe over night |
Proper procedures in place |
|
Portable electrical and Computer equipment |
Theft/Loss |
L/M |
Treat/Transfer/Preventative Fixed
assets register maintained Insurance
policy in force Annual
Musters carried out IAW fixed Assets Register |
Loans register to be established. Increase muster frequency. |
|
|
Damage |
M |
Treat/Preventative As
computer Hardware |
|
Audiovisual
equipment
(Museum) |
Electrical supply |
M/H |
Treat Portable
generators supplied |
|
|
|
Breakdown |
L/M |
Treat Backup
with video |
Supply video projection backup for cinema |
|
Telephone system |
Electrical Supply |
M/H |
Treat/Preventative Emergency
Telephone fitted in Admin Office Power
backup fitted to telephone system Hand
held radios in use. |
All staff to be informed of emergency telephone
procedures. (Memo to be published) |
|
|
Misuse |
L/M |
Treat/Preventative Itemised
Billing in use Restrict
access to telephones |
Proper procedures in place |
Category of risk - Torbay Block
|
Use of Electrical, Mechanical & Computer Equipment |
Failure through misuse |
M/H |
Treat/Preventative Training |
Proper procedures in place |
|
Fire Alarm system |
Electrical Supply |
M/H |
Preventative Monitors informed if known Power failure is expected |
Battery backup to be fitted |
|
|
Faulty Detectors |
L |
Treat/Preventative Smoke Detectors inspected and tested iaw specifications |
Smoke Detectors system to be expanded to all areas. |
.
Categories of Risk - The Museum Site
|
HAZARD/RISK |
WORST CASE |
LEVEL |
CONTROL |
OUTCOME |
|
Gangways |
Slipping/tripping on gangways |
M/H |
Treat/Preventative/Transfer Gangways treated with non-skid material
Warning signs/guarding access to walkways and roads Gangways regularly tested and inspected Roads and walkways regularly inspected Pontoon access insured |
Gates to be provided at gangway Wire mesh to be extended |
|
Buildings and Submarine |
Fire |
M |
Treat/Preventative Buildings/submarine manned Adequate fire fighting equipment available and regularly checked. Fire exits clearly marked. Emergency lighting fitted in buildings and submarine. All staff acquainted with fire fighting and evacuation procedure, Fire alarms regularly maintained. Connected direct to Fire Service Regular acquaint visits carried out by local Fire Service |
Fire orders to be updated |
|
Lighting levels |
Darkness |
M/H |
Treat/Preventative Low lighting in Cinema and environs, adequately controlled by Cinema/Ticket office staff Varying light levels in Submarine controlled by Guides |
Proper procedures in place |
|
Boiler and Central Heating system |
Pressure System failure |
M |
Treat/Preventative Boiler and system overhauled annually by contractors Maintenance staff conversant with operating procedures. |
Proper procedures in place |
|
Electricity |
Failure |
M |
Treat/Preventative Switchboards, distribution panels, wiring regularly checked and maintained. Portable appliances tested annually. |
Proper procedures in place |
|
Fuel |
Pollution |
L |
Treat/Preventative Fuel tank for boiler situated inside a containment bund. Bund level monitored regularly and emptied as necessary Fuelling operations overseen by suppliers and staff. Fuel pipes run below ground or are protected. |
Proper procedures in place |
|
Theft |
Loss of artefacts |
M |
Treat/Preventative Building manned in working hours Staff vigilance CCTV system installed in Main Museum building and monitored by SS Intruder alarms fitted and connected to local Police. System tested and maintained regularly |
CCTV to be fitted to Diving Centre and new Holland Building |
|
Moving Machinery |
Loss of limb/electrocution |
M/H |
Treat/Preventative/Transfer All workshop machinery tested and inspected by contractor. Specified staff only permitted to operate machinery. Portable Appliances Tested annually. Insurance policy in place |
Constant vigilance required (all rotating machinery sold August 01 thereby removing the risk) |
|
Security |
Bomb threat |
M |
Treat/Preventative/Transfer No bags on HMS Alliance Parties supervised Buildings manned Regular contact with FB Security Officer Patrols by MoD Guard Service Increased vigilance by staff as appropriate Constant availability of SA Terrorist codicil to Insurance Policy |
Proper procedures in place |
Categories of Risk - Administration
AREA
|
WORST
CASE
|
EXPOSURE
|
CONTROL |
OUTCOME
|
|
SECURITY |
Unauthorised access to the Museums Bank Accounts |
LOW |
Treat / Preventative Bank balance is checked daily via Lloydslink to verify any activity Password for obtaining information known only to two people within Company. (Back-up details lodged with Waltons ) Combination of signatories on cheques. No one person can write cheque and authorise Introduction of laser cheques . |
Password details to be lodged with RNM for additional security. |
|
|
Unauthorised access to Pay / Personnel records |
LOW |
Treat / Preventative
All records maintained in locked cabinets Back-up Payroll disks retained out of office. |
Proper procedures in place |
|
THEFT |
Loss of takings secured in safe in Administrators office. |
LOW |
Treat /
Preventative Safe kept locked at all times and combination known only to select employees. Keys for safe kept securely. Combination lodged with Waltons. |
Proper procedures in place |
|
|
Theft of takings whilst in transit to Bank |
MOD |
Treat / Preventative/Transfer
Limit on Insurance for cash carryings observed. During high season when carryings higher banking done every day with an escort if necessary. Time and route to Bank varied. |
Limits on insurance carryings need to be reviewed more regularly especially with anticipated increase in ticket sales following Development. |
|
COLLUSION |
Theft of Museums cash through fraudulent Accounting methods. |
LOW |
Treat / Preventative / Tolerate Various safeguards in place to prevent any collusion between Accounting Staff such as combination of signatures on cheques etc. Any staff handling cash must take one period of their annual leave in a two-week block so any cash discrepancies will have chance to surface. External and In-House Audits undertaken |
Due to Manpower levels within the Museum this is not something we can currently aspire to so to a degree must be tolerated. |
|
|
Theft of Museums cash via the Payroll |
MOD |
Treat / Preventative Monthly Payroll currently processed by Administrator and verified by Bookkeeper. Again the risk of collusion arises. Director randomly selects three employees each month and checks the hours they are being paid for against their timesheet / annual salary. |
Production of a Salaries and Wages Certificate produced each month for the Director to sign prior to any monies being sent would safeguard the Museum and the Accounting Staffs integrity. |
|
TRAINING (LACK OF KNOWLEDGE) |
Incorrect payment to an individual or more dangerously incorrect deductions paid to Inland Revenue. Non-compliance with Government pay guidelines eg Minimum wage , Stakeholder Pension Tax Credits etc (Fines are imposed for non compliance) |
LOW |
Treat / Preventative
Self-policing undertaken. Waltons on call for assistance |
Annual Payroll course to be attended. |
|
FIRE |
Loss of all office records |
LOW |
Treat / Preventative
Back up copies for Sage Accounts and Payroll retained in fireproof safe and off site. Files copied to Server at end of day. |
Proper procedures in place |
|
H&S CABLES |
Trip accident involving member of staff/Fire |
MOD |
Treat / Preventative
All cables should be placed in insulated conduits No extension leads |
Proper procedures in place (Torbay uprated 01) |
|
H&S FURNITURE |
Long term Industrial Injury Claim/Sick leave |
LOW |
Treat / Preventative
Correct height desks and chairs should be used to eliminate any potential hazard Carpets to be properly fitted |
Proper procedures in place (Torbay uprated 01) |
|
H&S VDU USAGE |
Possible prosecution for breaking legislative guidelines on time spent on VDU/ Long term Industrial Injury Claim/Sick Leave |
LOW |
Treat / Tolerate
Vary tasks to ensure adequate breaks taken Self-policing. |
Proper procedures in force |
|
STORAGE |
Loss of records/waste of resources (Inability to produce properly maintained archival records when asked by NAO, Inland Revenue etc can result in substantial fines and all records then being subject to further investigation) (Latest
Charity Commission guidelines dictate retention periods of between 3
and 12 years for varying documentation) |
HIGH |
Treat / Preventative No smoking in the storage area. Records to be maintained in adequate environmental conditions. . |
Proper procedures in place. |