• Choose a category
• All
• Classic-Fiction

The risk management process

Risk management is a central part of any organization’s strategic and operational management processes. It is integral to the business planning process in order to ensure that the organization can achieve its core objectives. Risk management, undertaken systematically and robustly, will help ensure a successful trust, one that prospers while delivering an excellent high-quality and safe service to its patients.

Health and safety management is inseparable from risk management. Legally healthcare trusts are required to have a health and safety policy (DH 1999). The term ‘risk management’ is used as an overarching concept but it explicitly includes the management of health, safety, fire and security, clinical, operational, financial and strategic risks.

Figure 4.1 depicts an organizational model for managing risk, which is based on the Australian/New Zealand risk management standard 4360:2004 (Standards Australia and Standards New Zealand 2009) and is internationally recognized.

Figure 4.1 The risk management process. Standards Australia and Standards New Zealand (2009), under license 101-c097 SAI Global.

The risk management process made easy

As can be seen from Figure 4.1, the risk management process comprises seven key stages (Standards Australia and Standards New Zealand 2009).

1. Establishing the context.

2. Risk identification.

3. Risk analysis.

4. Risk evaluation.

5. Risk treatment.

6. Monitoring and reviewing risks.

7. Communication and consultation.

Stage 1 – establishing the context

A key component of the context of risk management which impacts upon every level of the process is the individual and organizational commitment to maintain an open dialogue with staff and others about risk issues, to listen to staff concerns and to communicate effectively to all relevant parties about risk-related issues. Nurses working within any organization need to ensure that they are familiar with the risk management strategy and how risks are managed and recorded at an organizational level (NPSA 2009).

Stage 2 – risk identification and analysis

To prevent harm, it is important to understand not only what is likely to go wrong but also how and why it may go wrong. Hopkinson 2001 states that ‘the objective of the risk identification element is to ensure that all significant risks are listed so that they can be analysed and evaluated’. This step requires considering the activity within the context of the physical and emotional environment and the culture of the organization and the staff who perform the activity.

This is a small step but essential to the process, as risks that are not identified will not be managed. Risks are identified from a wide range of sources, as illustrated in Figure 4.2.

Figure 4.2 Risk sources. Standards Australia and Standards New Zealand (2009), under license 101-c097 SAI Global.

As can be seen, risk identification is undertaken in many ways and includes incident reporting forms, use of specific risk assessment forms such as falls, pressure sore, nutrition, complaints, legal claims, adverse events and adverse trend analysis, Health and Safety Executive visits, trust health and safety audit inspections, and NHS Litigation Authority standards. Healthcare organizations are now obliged to assess the key risks for the organization and there is an expectation that wards and departments will meet regularly to discuss and analyse particular risks in their clinical areas. This is known as proactive risk assessment.

Stages 3 and 4 – risk analysis and evaluation

The data collected from the risk identification process have to be analysed to ensure that decisions can be made about prioritizing and treating the risks. This stage involves considering the consequence (how bad?) and the likelihood (how often?).

A widely used system for risk analysis and evaluation in trusts is the three-step 5 × 5 risk-scoring matrix as detailed in Steps A–C.

Step A involves assessing the severity/consequence score (how bad?).

Step B involves assessing the likelihood