Public Board of Directors papers 27.01.22

The risk management process will be used to: • Identify potential risks with the intention of initiating and monitoring action to prevent or reduce the adverse effects of risks • Manage the treatment of risk in a systematic way so that the organisation can determine acceptability of residual risks • Provide a comprehensive approach to improving patient and staff safety • Improve decisions about resources and priorities • Provide information to the Board through the committee structure so that it can make informed decisions Risk management will be embedded in the core processes and systems of the Trust; including policies, procedures, business planning, business case development, performance management and corporate governance • That these core systems will be reflected in the divisional risk management arrangements • Risks will be actively managed and positive assurance sought • The risk register will be a live, actively managed and reviewed document and not simply a passive repository of risks • That risk management is the responsibility of all staff within their own sphere of work, so that the person best placed to manage each identified risk is the one that does so • That high-risk areas and activities will attract greatest focus and attention • That there will be learning from analysis of incidents, complaints and claims and explicit roll-out of identified improvements • The strategy will actively promote and underpin the acquisition of relevant accreditations, including the registration requirements of the Care Quality Commission (CQC). The Trust is also required to meet its legal and contractual obligations as set out in the Health and Social Care Act 2012. The Christie is part of the Greater Manchester intergrated care system (ICS) where the extent of the health system reforms is still evolving and the Trust is involved in these developments at all levels. 2.6 Scope This document applies to all Trust employees, contractors and other third parties working within the Trust. Risk management is the responsibility of all staff. Managers at all levels are expected to take an active lead to ensure that risk management is a fundamental part of their operational working and service delivery.

3.0 DEFINITIONS Term Acceptable risk Adverse event Aggregated data analysis

Meaning

A willingness to accept a level of risk to secure certain benefits, but with the confidence that it is being properly controlled and monitored. Any event or circumstance leading to unintentional harm or suffering The collection of data from incidents, complaints and claims which have been analysed both separately and all together, and in a number of different ways e.g. by location, specialty, cause, etc, and its subsequent review to identify trends. The person who has delegated responsibility from the board of directors for the management of governance arrangements within the Trust, and is ultimately responsible for ensuring that the Trust meets its obligations with regards to the safe and effective delivery of services. This is delegated to responsible individuals within the Trust. A demand for compensation following an adverse incident resulting in personal injury, damage to property or loss.

Chief executive

Claim

Risk management strategy and Policy 2021-2024 Document ref: RM01 Version 04

Page 6 of 38

67