Embed Size (px)
Citation preview
This article was downloaded by: [The Aga Khan University]On: 22 October 2014, At: 05:47Publisher: RoutledgeInforma Ltd Registered in England and Wales Registered Number: 1072954Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK
Policy StudiesPublication details, including instructions for authors andsubscription information:http://www.tandfonline.com/loi/cpos20
The emergence of public sectorrisk management: The case of localauthorities in ScotlandJohn Hood a & Siobhan Kelly ba Department of Risk and Financial Services , GlasgowCaledonian University , Cowcaddens Road, Glasgow, G4 OBA,UK Phone: 0141 331 3154 Fax: 0141 331 3154 E-mail:b Department of Finance and Accounting , GlasgowCaledonian UniversityPublished online: 26 Nov 2007.
To cite this article: John Hood & Siobhan Kelly (1999) The emergence of public sector riskmanagement: The case of local authorities in Scotland, Policy Studies, 20:4, 273-283, DOI:10.1080/01442879908423784
To link to this article: http://dx.doi.org/10.1080/01442879908423784
PLEASE SCROLL DOWN FOR ARTICLE
Taylor & Francis makes every effort to ensure the accuracy of all the information(the “Content”) contained in the publications on our platform. However, Taylor& Francis, our agents, and our licensors make no representations or warrantieswhatsoever as to the accuracy, completeness, or suitability for any purpose of theContent. Any opinions and views expressed in this publication are the opinions andviews of the authors, and are not the views of or endorsed by Taylor & Francis. Theaccuracy of the Content should not be relied upon and should be independentlyverified with primary sources of information. Taylor and Francis shall not be liablefor any losses, actions, claims, proceedings, demands, costs, expenses, damages,and other liabilities whatsoever or howsoever caused arising directly or indirectly inconnection with, in relation to or arising out of the use of the Content.
This article may be used for research, teaching, and private study purposes. Anysubstantial or systematic reproduction, redistribution, reselling, loan, sub-licensing,systematic supply, or distribution in any form to anyone is expressly forbidden.
Terms & Conditions of access and use can be found at http://www.tandfonline.com/page/terms-and-conditions
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
Policy Studies, Vol. 20, No. 4, 1999 273
The Emergence of Public Sector Risk Management:The Case of Local Authorities in Scotland
JOHN HOOD AND SIOBHAN KELLY
ABSTRACT The 1980s saw an increase in the extent of academic interest and research into local authority
management. A specific aspect of local authority management practice which has, however, been grossly
under-researched is that of risk management. This is something of a paradox, given the fact that significant
changes in the local authority insurance market have brought about a culture within authorities whereby a more
pro-active approach to risk management is necessary. This paper discusses the findings of both survey and case
study research* into the current risk management situation within Scottish local authorities. In particular, the
methods of budget calculation, the levels of budgeting and the means by which these budgets are expended are
analysed. Finally, suggestions are offered as to how local authority risk management strategies could be
improved.
Introduction
The past decade has seen a resurgence of academic interest in local authority management.1
One important issue which has been implicit in much of this literature, but paradoxically hasnot been the subject of as much academic interest, is the area of local authority riskmanagement. Risk management as an applied academic discipline has evolved as part of abroader set of cultural and political theories. At their core, these theories have focused on thequestion as to which role governments ought to play in the communication and managementof societal risk. Horlick-Jones (1996), for example, has spoken of the role of governments inthe establishment of public safety policies. Although arguing from significantly differenttheoretical perspectives, cultural theorists such as Wildavsky (1989) and Beck (1992) havedebated the role which governments have to play in the societal perception and managementof risk. The Royal Society (1992: 41) include local authorities in their categorization ofinstitutional players in public risk management, defining them as 'subnational'. Penning-Rowsell (1996: 127) succinctly summarizes the growing demands on the public sector:
the public... are demanding that society and government, rather than theAlmighty, protect them from their effects. Accidents no longer exist: someone is toblame.
As indicated above, whilst the largely theoretical literature on societal risk has experiencedsubstantial growth, surprisingly little has been written on the question of how societal riskmanagement is, or should be, translated into concrete policy measures. Exceptions to this havetended to be related to the 'catastrophe' type risk, such as nuclear power (HSE, 1992). Riskat the low severity, but high frequency, operational level has tended to be ignored. We seek
John Hood, Department of Risk and Financial Services, Glasgow Caledonian University, Cowcaddens Road,Glasgow G4 OBA, UK. Tel: 0141 331 3154; Fax: 0141 331 3229; E-mail: [email protected]. Siobhan Kelly,Department of Finance and Accounting, Glasgow Caledonian University. Correspondence to John Hood.* The research referred to above is still ongoing, and the authors acknowledge the financial assistance of RiskManagement Partners Ltd and Am Re, whose contributions have supplemented internal university funds. Thefindings are, however, purely those of the authors.
0144-2872/99/040273-11 © 1999 Policy Studies Institute
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
274 John Hood and Siobhan Kelly
to explore these issues on the basis of a survey of risk management initiatives among Scottishlocal authorities; an environment which has faced increased demands for risk managementactivities, but where little guidance has been given with regard to their concrete implemen-tation
The Public Sector and Risk Management
Recent events such as King's Cross, Clapham, Piper Alpha and Dunblane, with their resultingenquiries,2 have focused the public spotlight on the underlying practices of risk management.The prominence of public sector risk management has been strengthened by a series ofgovernment initiatives. Organizations such as the Audit Commission (1997) and the AccountsCommission for Scotland (1997) have sought to raise the profile of local authority riskmanagement. This has involved the publication of a number of reports which have empha-sized the importance of a systematic risk management structure in terms of reducingoperational costs. These official initiatives have been complemented by the creation of dieAssociation of Local Authority Risk Managers (ALARM) and its Scottish equivalent,ALARMS. The aims of ALARM and ALARMS, as outlined in dieir constitution (ALARM,1997) are:
... to enable local authorities and die public sector generally to develop riskmanagement strategies which address the incidence and consequence of injury,crime, loss and damage.
ALARM, and subsequently ALARMS, were founded primarily in response to major changesin local authority insurance coverage which occurred in 1992.
The Evolution of Public Sector Risk Management
Prior to late 1992, it is arguable that local authorities felt that they had little real incentive tomanage risks actively. Almost invariably they purchased 'ground-up', ie full and comprehen-sive, insurance from die Municipal Mutual Insurance Co (MMI). The reliance on 'ground-up'insurance as die sole feature of a risk management strategy is, however, fundamentally flawed.The Health and Safety Executive (HSE, 1993) clearly demonstrated that, for most risks, dieamount paid by insurers subsequent to a loss only represented a fraction of die total cost ofthe loss to the insured. In effect, dierefore, die indiscriminate belief of local authorities tiiat bypurchasing 'ground-up' insurance they were adequately financing risks was misplaced. Ar-guably, dierefore, die pre-1992 risk financing practices of local authorities represented poorvalue for money, and did not address the question of those risks that could have been moreeconomically controlled or retained by the audiority.
As comprehensive insurance from MMI actively discouraged authorities from retainingany insurable risks, it therefore removed incentives for adopting risk management practiceswhich had been found for many years in comparable private sector organizations. MMl'spolicy is summarized succinctly by an ALARM (1995) local area report:
MMI did not reward councils for loss control strategies and measures by way ofreducing future premiums. The policy of not encouraging the public sector to retainany of their risk also affected them badly in die long term ... MMI also had diecurious policy of not encouraging local audiorities to retain any of their risk, diis alsoadded to the councils' lack of enthusiasm in reducing their losses.
The 1992 collapse of MMI, and its subsequent purchase by the Zurich Insurance Co., broughtan end to the low-cost, full insurance regime which had previously existed. The collapse of
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
The Emergence of Public Sector Risk Management 275
MMI was inextricably linked to its policy of underwriting local authority insurance atuneconomic rates. Added to this, it was substantially unprepared for the rapid growth, in bothfrequency and severity, of claims made by, and claims made against, local authorities. Aninevitable corollary of MMI's demise was that local authorities had to develop their ownspecific risk management strategies within a very short time period. Steps to realize 'the needfor active risk management in local authorities' (Watt, 1996) were accelerated by therecognition of deficiencies in existing practices.
In Scotland, ALARMS has stood at the forefront of risk management initiatives, by theprovision of seminars, newsletters and guidance on specific issues. These initiatives havegained in public prominence as a result of the Dunblane shooting incident.3
In line with comparable private sector approaches, ALARM and ALARMS emphasizethat good risk management practice involves a staged process of identifying the hazard,evaluating the risk and implementing measures to control the risk. Yet little is said about howthis process is to be financially planned and controlled. Risk management as a function cannotbe actively pursued unless there is sufficient backing financially. In the current financialclimate of public expenditure constraints, therefore, the planning and targeting of the riskspending have to play a central role in public sector management.
Another organization which has contributed to the growth of risk management initiativesin Scotland is the Accounts Commission for Scotland. It is the belief of the AccountsCommission for Scotland that significant value for money savings can be achieved by localauthorities if there is successful planning of, and a corporate dedication to, risk management.In a recent report (Accounts Commission, 1997), the Commission called for several measureswhich can be undertaken by local authorities to develop an effective approach to corporaterisk management. Key recommendations of this report include:
• the adoption of an organizational commitment to risk management;• the improvement in risk management education, training and awareness;• the identification of specific risk areas;• the development of effective information systems.
Like ALARMS' recommendations, those of the Accounts Commission for Scotland give littleinformation on the financing of public sector risk management units. Indeed, little referenceat all is made to the financial implications of, and budgetary procedures required when,adopting better risk management practices.
Local Authority Risk Management in Scotland: A Survey
By the mid-1990s, local authorities in Scotland faced demands for the provision of riskmanagement services from a number of sources. These demands were accompanied by a lackof guidance with regard to the concrete processes involved in creating, budgeting andmanaging a public sector risk management unit. The purpose of this article is to investigatehow Scottish local authorities have coped with this situation. Underlying our analysis is asurvey of all Scottish local authorities.
In December 1995/January 1996, we surveyed all 32 Scottish local authorities on theallocation of risk management responsibility, leading up to local government reorganizationon 1 April 1996 (Reid & Hood, 1996). This was followed up by a second survey in January1997 (Reid el al., 1997), which examined the resources, objectives and priorities for riskmanagement. The results from these surveys suggested that there appeared to be anincreasingly highly developing culture of risk management within Scottish local government,a result which may be generally applicable throughout the UK. The second survey specifically
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
276 John Hood and Siobhan Kelly
inquired as to whether or not each local authority had a dedicated, or corporate, riskmanagement budget.
In order to include a wide range of local authority initiatives, our surveys utilized a broaddefinition of risk management, used by both the Chartered Insurance Institute (CII) and theInstitute of Risk Management (IRM). This defines risk management as:
The identification, analysis and economic control of those risks which can threatenthe assets or earning capacity of an enterprise (Dickson 1995).
The core questions investigated in this context included, (a) the level of risk awareness amongstlocal councils, (b) the level and nature of spending on risk management (c) the planning andbudgetary process underlying various risk management activities. The latter question ofbudget planning, in particular, required us to move beyond the survey format and to have acloser look at selected local authorities.
Risk Awareness
Of a total of 32 local authorities surveyed in 1997, only eight of the 30 respondents had acorporate risk management budget, with a further two having specific departmental riskmanagement budgets. Information provided at this time highlighted significant variations inthe budgeted amounts set aside and the lack of comparability of what little data wereavailable. Given the substantial difference in expenditures on risk management between theten authorities, it was considered likely that different accounting methods had been used in therespective calculations. This put severe limits on our ability to assess the level of awareness of,and commitment to, risk management practices amongst Scottish local authorities. Moreover,it was also likely to be the case that significant variations would become apparent as to howthe risk management budget was finally expended.
As a follow-up to our 1997 local authority risk management survey, a number of questionswere formulated to enable the actual budget position (for the two years of the newly createdlocal authorities' existence) to be identified and studied in more depth. Following minoradjustments, the eight authorities who had been identified as having a dedicated riskmanagement budget (plus the two who had stated that they had a departmental structure)were contacted by telephone between November 1997 and February 1998. A structured setof questions relating to risk management were put to the respondent. A more general, and lessstructured, interview followed on from this.
As far as the working definition of risk management utilized by the eight authorities withdedicated risk management budgets was concerned, a wide degree of variation could beidentified. We detail these responses verbatim below in Table 1.
As can be seen from die above table, key words in the definitions as used by localauthorities include 'one-off items of expenditure and expenditure which will 'reduce liability/risks'. The absence of comprehensive definitions, comparable for each local authority, suggeststhat 'risk management' may be being used as a residual categorization and justification ofexpenditure by some local authorities. This is not surprising. Our telephone interviewsindicate that many managers widi functional responsibility for risk management appointed bythe councils had little or no risk management experience. The risk manager designate is oftenan accountant who has been assigned risk management duties as a consequence of localgovernment reorganization. Other designate risk managers meanwhile, suggested that riskmanagement responsibilities were given to them as a token acknowledgement by the localauthority that it had to provide such services.
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
The Emergence of Public Sector Risk Management 277
Table 1 Local Authority Risk Management Definitions
Authority* Risk Management Definition
A No definition used — Anything RM Group feels appropriateB Definition awaitedC Any single initiative, not ongoing, to benefit the council
Benefits to one department only will receive 50% fundingD Anything which is a 'one-olF and which will result in a reduction of liability for the councilE Same as Chartered Insurance InstituteF Any risk management training and loss-control measuresG Council still to define fully but, in general, any item which will reduce the liability of
the councilH 'One-ofF items of expenditure to reduce the risks of the council
* Authorities' names have been withheld for reasons of confidentiality
Nature and Level of Spending
As part of the January 1997 survey, local authorities were asked to provide their figures forthe total annual risk management budget. It was not known from the information gatheredto which financial year the figures related. In order to compile data of a comparable nature,information gathered in the follow-up study detailed 1996/97 budgets and actual spend, and1997/98 budgets. This information is summarized in Table 2.Authorities A to H represent those eight councils who initially indicated that they had acorporate risk management budget, having omitted a further two local authorities whoindicated that they had specific departmental risk management budgets, but were unable togive the budget figure.
Six of the eight local authorities detailed in Table 2 had an amount budgeted for riskmanagement in 1996/97 and yet only four of these actually spent any of their budget during1996/97. The areas of expenditure were, in all cases, related to 'one offitems' only, eg CCTVinstallation, security of schools, anti-vandalism campaigns, etc. Two authorities, D and F, setthemselves budgets in 1996/97 of £50,000 and £100,000 respectively, and yet neitherincurred actual expenditure in that year.
Two authorities, E and H, had, for the first time, allocated a separate budget to theprovision of risk management in financial year 1997/98. While expenditure of a riskmanagement nature may have been incurred in each authority in previous years, this would
Table 2 Budgets and Spends
Authority
ABCDEFGH
Budget Estimate
1996/97£20,000£50,000£50,000£50,000£Nil£100,000£40,000£Nil
Actual Spend
1996/97£8,224£37,500£15,000NilNilNil£12,000Nil
Budget Estimate
1997/98*£20,000£75,000*£50,000*£25,000£500,000£100,000£40,000£40,000
* Plus 1996/97 underspend
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
278 John Hood and Siobhan Kelly
Table 3 Basis of Budgets
Authority
ABCDEFGH
Basis of 1996/97 Budget
Previous authorityPrevious authorityNegotiated figureNegotiated figureNonePrevious authorityPrevious authorityNone
Basis of 1997/98 Budget
96/97 original plus any underspendPlanned projects96/97 original plus any underspend96/97 original figure reduced plus any underspendNegotiated, based on plans and contingencies96/97 original figure96/97 original figureNegotiated
have occurred at a departmental level and would not have been defined as such, tending tobe hidden under a 'general expenditure' title. Following on from this theme, all eightauthorities stated that risk management items could also be found within the budgets of otherdepartments. The problem that existed was that spending on such areas such as riskmanagement training would only be headed as 'Training', and not the specific area oftraining. Thus it is difficult to identify all risk management-related outlays. A striking exampleof this difficulty was given by an authority which stated that £700,000 had been spent fromreserves to reduce claims related to roads. As these expenditures focused on preventingliabilities, they constituted risk management expenditure rather than repair expenditures inthe true sense.
No single local authority included the salaries of the risk manager and associated staffwithin the budget, this being seen as an administrative overhead. Most staff within the localgovernment environment surveyed were not purely risk managers but also acted as, and/orwere qualified as, accountants, insurance managers, etc.
Budget Planning
Essential to any accounting system is an effective budget-setting process. To the risk manager,the corporate risk management budget is an indispensable management tool for directing,co-ordinating and controlling the risk management activities of the organization. As Table 3illustrates, budgeting for risk management in the surveyed authorities followed a peculiarpattern in which risk management departments were given the same budget as they had in theprevious year, plus any element of the preceding year's budget which they did not spend. Amore common pattern would be that a service department which did not spend all of itsbudget in the previous year would be assumed not to require such a large sum to be budgetedfor in the first place. Perhaps the practices illustrated in Table 3 reflect a developmental natureof risk management within local authorities, where risk management is seen as a necessaryfunction, even though the precise set of tasks to be performed is unclear.Our survey also enquired how budget authorities (A-H) had arrived at the original figure. Thereplies included:
Negotiated (in some way) in 2 casesBased on Previous Authority Budget in 4 casesNo 1996/97 budget (Authorities E and H) in 2 cases
In local authority budgets the term 'negotiated figure' often means that the budget is aguesstimate based upon what was believed to be acceptable to the council at that particulartime. Scottish authorities which state that the basis of the budget is the 'previous authority',
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
The Emergence of Public Sector Risk Management 279
Table 4 Planned Budgetary Process Review
Authority Authority's Plans to Review Risk Management Budgetary Procedures
A No plans to reviewB Examining methods used at present however still at early stagesC No review planned for some time to allow data to be collatedD Only after a period of time will the original guesstimate be reviewedE Survey on existing method initiated. However, will take some timeF Changes in calculation will not be considered for two yearsG Will only be reviewed after a sufficient period of time has elapsedH Once data collated and savings shown, a review will take place
base their calculation, as a result of local government reorganization, upon an apportionmentof the previous authority's budget to the newly created local authority. Changes in the riskmanagement-related budget allocation between 1996/97 and 1997/98 have only taken placefor two out of the six authorities (Authorities E and H did not have budgets in 1996/97 andtherefore are excluded from this analysis). Authority B increased its risk management budgetbecause of a revised budgetary approach which included a more detailed plan of spending onspecific areas. Authority D reduced its risk management budget because no spending hadtaken place during 1996/97. In most cases, the basis of the 1997/98 budget was the 1996/97risk management budget, plus any carry forward of the underspent 1996/97 budget.
Taken as a whole, this indicates that no rigorous budget-setting techniques were used for1996/97 estimates and the figures being used are all selected on a relatively arbitrary method.Given the growing importance of public sector risk management generally, it is fair to say thatafter local government reorganization it was important for local authorities to be seen to bedoing something to contribute to the new risk management culture sweeping the public sector.This, of course, seems a minimalist token response to the risk management concept, displayinga lack of substantive measures and thought from local authorities.
As part of the initial survey into how existing budgets were calculated, we asked riskmanagement officials whether their remit included a review of the budgetary process, in orderthat more accurate costings could be derived. The results are shown above in Table 4. Allauthorities did state that they would review their procedures in the future, but exactly whenthey would do so and which methods they would use are unknown. This suggests that theeight authorities surveyed are still unclear as to how to budget for their risk managementneeds. It is surprising that variables such as the size of the overall budget, local population,etc, have not been investigated as benchmarks in the budget-setting process.
Case Studies
From the initial data gathered by telephone survey and questionnaire, a selection of localauthorities was made in order to investigate the relationship between the appointment of a riskmanager and the risk management-related process in greater detail. These are detailed inTable 5.
Authorities 1 and 3 derived their risk management budget after a corporate total had beenapproved, and six months into the financial year. Service departments in both authorities werebeing consulted as to how this money should be spent, thereby establishing a 'bids system'before the final allocation. This meant that no actual 1997/98 risk management-relatedspending was to take place until the various activities suggested had been prioritized, whichwas to take until November 1997. Given the close proximity of this process to the end of the
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
280 John Hood and Siobhan Kelly
Table 5 Case study examples
AUTHORITY Risk Manager Risk Management Budget
Authority 1 / /(Authority E in Tables 1-4)Authority 2 / XAuthority 3 X •(Authority F in Tables 1-4)Authority 4 X X
financial year, this may have led to spending for spending's sake. It is around October/November each year that local authorities approve their budgets for the forthcoming year,
' and for the risk manager to enter this negotiation process with no actual demonstrated spends,or indeed expenditure plans for the current financial year, indicates a marginalization of therisk management budget.
Authorities 1 and 2 had a designated risk manager, yet in many respects this title may bemisleading. As previously indicated, the reorganization of local government in 1996 creatednew structures and new responsibilities. In authorities 1 and 2, financial accountants weregiven the title of risk manager, although most of their duties involved insurance-relatedmatters. In contrast, authority 3 had no designated risk manager although the officerresponsible for the function was one of the few Institute of Risk Management-qualified officersin local government in Scotland. To illustrate the anomalies in the whole area of localauthority risk management further, this authority received £400-500,000 worth of riskmanagement-related bids, such as improvements in school security and training in riskassessment, from service departments, as compared with a budget of £100,000. The qualifiedrisk manager was not permitted to assimilate the information and prioritize the bids based onhis technical experience and qualifications. Priorities amongst different bids were left to benegotiated by the risk management group, which, in effect, was the local authority Director-ate.
Authority 3 is an example of a system where money is set aside at a corporate level forrisk management, with no designated risk manager of sufficient standing to approve theexpenditure. Authority 2, by contrast, involves a designated risk manager in the co-ordinationof council-wide risk management but makes no funds available to pursue such policies.Effectively 90 per cent of working time of the risk manager is spent on insurance claimprocessing and payment.
Effective Planning of Risk Management
As indicated earlier, local authorities historically were able to externalize risk managementfunctions to outside insurance providers. An increased awareness of the cost of risk, however,has led to a demand from service departments for an assessment of the cost of risk, anddemand for risk management services. A number of risk management-related initiatives havebeen implemented by Scottish local authorities within various service departments. On thewhole the implementation of these initiatives has been ad hoc, leaving the responsibilities withindividual departments rather than creating a structured organizational policy. In the absenceof proper monitoring, the assessment of the cost effectiveness of these measures has remaineddifficult.
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
The Emergence of Public Sector Risk Management 281
Today, there is a strong argument for a central risk management budget because riskmanagement is a corporate subject. It is not practical to have service departments administer-ing risk management services according to their own mission. For example, a security camerafocusing on a local community centre funded by the Leisure Services Department could, ata corporate level, have been extended into a project more beneficial to the authority as awhole. Furthermore, the commitment of elected members will be a crucial element to thesuccess of the risk management strategy, and will be more likely to be strong where theauthority can demonstrate a consistent and corporate approach.
At a departmental level, service departments have incurred, and will continue to incur,their own expenditure on risk management projects. Due to the nature of local authoritybudgeting, the budget-setting process requires service departments to justify, plan and forecastfuture projects at least five months before the start of the next financial year. From theevidence gathered, the service department approach to risk management budget-settingdominates attempts at centralized corporate budgeting. In our survey only one local authorityout of eight with a corporate risk management budget could provide what one could call 'afinancial plan' of risk management projects over the forthcoming year.
What Needs to be Done?
All authorities surveyed indicated that they do have plans to renew the budget-setting processin the future. To provide an effective approach to the formulation of a risk managementbudget would require a series of steps. These include:
• An examination of the claims history of service departments to identify problematic areasand units of exposure to risk.
• The recognition that a system of 'near miss' analysis, allied to claims history analysis, iscrucial.
• A discussion of risk issues with service departments and a sharing of 'practitioner' experi-ences between departments.
• Following the normal budgetary cycle of local authorities, departments need to be informedthat a risk management budget is being constructed for full council consideration for theforthcoming year. Departments should then be invited to submit bids for priority riskmanagement projects.
• Once the bids are received, the risk manager needs to prioritize the bids to formulate apreliminary risk management budget. This prioritization process will involve a mix of therisk manager's professional judgement and the views of the risk management group. Unlikeother service budgets, which have a preceding year's budget to act as a gauge foracceptability by the council, the corporate risk management budget will be relatively newto the majority of Scottish local authorities. Risk management budget-setting, therefore,should not be based solely on historic budget information or the risk manager's view ofwhat the council will accept. Rather it should emphasize what is needed at the current timewithin that particular council.
• The risk manager's salary and associated costs should be built into prioritized riskmanagement projects, in order to give a proper financial plan of likely expenditure on riskmanagement for the forthcoming year.
• Budgetary control of the risk management budget at the corporate and departmental levelshould ensure that the money is used only for the specific purpose intended, and notdiverted onto general service expenditure.
• Incremental expenditure on risk management should yield a net incremental saving for thelocal authority.
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
282 John Hood and Siobhan Kelly
In Scotland it will take some time before a full financial appraisal of risk managementinitiatives can be undertaken. This, however, can only be achieved long-term by the councilif satisfactory budgeting and budgetary control arrangements are enforced.
Conclusions
Corporate risk management is concerned with evaluating the measures which an organizationhas in place to manage identified risks and then recommending action that the organizationneeds to take to control these risks more effectively. In order for this approach to succeed,available resources must be directed, through a strong financial planning framework, to theareas of greatest need. Today, the lack of a corporate approach and the non-systematic andarbitrary methods of risk financing, exacerbated by the diffusion of risk management activitiesand expenditures across service departments, prevent a strategic cost-benefit comparison ofalternative measures which could be employed to reduce risks. It can be seen from the resultsof the survey that no standard exists for spending control nor budget-setting for the riskmanagement function within Scottish local authorities.
From the evidence gathered, the risk management budget-setting process did not followany systematic process and, in all cases examined, budget allocation was based on historic datawhich were calculated prior to local government reorganization, and/or determined throughgeneral negotiations within the authority as to what would be felt appropriate. These arbitraryand ad hoc methods currently employed in budgeting for risk management are likely to beperpetuated year after year. While the diffusion of risk management expenditure acrossdepartmental budgets has a long history, it is now essential that authorities can demonstratean overall corporate approach to risk management by having a separate budget andbudgetary control process. All local authorities will soon enter an era of Best Value, and it isdifficult to envisage a situation where such a fragmented risk management budgeting systemas exists at present will satisfactorily meet the criteria of Best Value laid down by centralgovernment. Irrespective, however, of any need to satisfy central government requirements onvalue for money, failure to adopt a more co-ordinated and corporate approach to riskmanagement will leave authorities in a situation where they are failing to benefit fully fromit.
Without some attention to co-ordination, co-operation and rigorous financial planning,the present unsatisfactory state of affairs is likely to continue.
Notes
1. The literature has focused on a number of divergent issues such as the emergence of 'New PublicManagement', see Hood (1991), Boyne (1996); the changing quality of services provided by localauthorities, Walsh (1991), Bailey and Davidson (1997); and issues of efficiency in service provision,Bates (1993), Audit Commission (1995).
2. See Fennel (1988), Hidden (1989), Cullen (1990 and 1996)3. See ALARMS (1996)
References
Accounts COMMISSION (1997) A Safer Place: Property Risk Management in Schools, Edinburgh.ALARM - SCOTTISH BRANCH (1996) The Cullen Report on the Incident at Dunblane - The Lessons for Local
Authority Risk Managers in Scotland.ALARM - North West Branch (1995) The Downfall of MMI and the Lessons to be Learned.ALARM (1997) Membership Directory and Handbook.AUDIT COMMISSION (1995) In the Line of Fire: Value fir money in the Fire Service: The National Picture, Audit
Commission, London.
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
The Emergence of Public Sector Risk Management 283
AUDIT Commission (1997) Insurance Arrangements and Risk Management, Technical Release 26/97, AuditCommission, London.
BAILEY, S. and Davidson, C. (1997) Did Quality Really Increase Under Local Government CCT? inMontanheiro, L. et al, Public and Private Sector Partnerships: Learning for Growth SHU Press Sheffield
1997.BATES, J . G. (1993) Managing Value for Money in the Public Sector, Chapman & Hall, London.Beck, U. (1992) Risk Society, Sage, London.Boyne, G.A. (1996) Scale, Performance and the New Public Management: An Empirical Analysis of
Local Authority Services, Journal of Management Studies, Nov. 1996, 33, 6, pp809-26.Cul len , The H O N . Lord (1990) The Public Inquiry into the Piper Alpha Disaster, HMSO, London.Cul len , The H O N . Lord (1996) The Public Inquiry into the Shooting at Dunblane Primary School on 13th March
1996, The Stationery Office, London.Dickson, G. (1991), Risk and Insurance, Chartered Insurance Institute, Sevenoaks.FENNELL, D. (1988) Investigation into the King's Cross Underground Fire, HMSO, London.HIDDEN, A. (1989) Investigation into the Clapham Junction Railway Accident, HMSO, London.H O O D , C. (1991) A Public Management for all Seasons, Public Administration, 69, Spring, pp 3 - 17.Horlick-Jones, T. (1996) Is Safety a By-Product of Quality Management? in Hood, C. & Jones, D.
(Eds.) Accident and Design: Contemporary Debates in Risk Management UCL Press, London.HSE (1992) The Tolerability of Risk from Nuclear Power Stations, (revised edition) HMSO, London.HSE (1993) The Cost of Accidents at Work, HMSO, London.PENNING-ROWSELL, E. (1996) Criteria for the Design of Hazard Mitigating Institutions in Hood, C. &
Jones, D. (Eds.) Accident and Design: Contemporary Debates in Risk Management UCL Press, London.Reid, J. and Hood, J. (1996), Risk Management in Scotland's New Councils — An Interim Report on the Allocation
of Responsibility as at December 1995, Glasgow Caledonian University Survey Report.REID, J., Hood, J . and Ross, D. (1997) Risk Management in Scotland's Councils — A Summary of the Allocation
of Responsibility, Resources, Objectives and Priorities -for Risk Management, Glasgow Caledonian UniversitySurvey Report.
THE ROYAL SOCIETY (1992) Risk Analysis, Perception Management, The Royal Society, London.WALSH, K. (1991) Competitive Tendering for Local Authority Services: Initial Experiences, HMSO, London.WATT, P.A. (1996) Local Government Principles and Practice: A Text for Risk Managers, Witherby, London.Wildavsky, A. (1989) Searching for Safety, Transition, Oxford.
Dow
nloa
ded
by [
The
Aga
Kha
n U
nive
rsity
] at
05:
47 2
2 O
ctob
er 2
014
