Glossary of Terms
Assurance |
An opinion based on evidence gained from the review of the College's governance, risk management and control framework |
ALARP |
As Low As Reasonably Practicable (ALARP). Once each risk has been identified and assessed, an action plan must be devised to reduce the risk in line with ALARP taking into account the College's risk tolerance, proportionality and value for money. |
College Strategic Themes
Influence
Resources
Organisation
TRANSLATION
Research
Education
Exposure |
The consequences that arise from the realisation of a risk. |
Horizon scanning |
The systematic review of internal and external activities to enable the early identification of emerging or changing risks. |
Inherent risk |
The exposure arising associated with a risk before action has been taken to manage it. |
Residual risk |
This is the exposure remaining after action has been taken to manage the risk. |
Risk |
The chance of something happening that has the potential to affect the achievement of our aims or objectives positively or negatively. Risk is measured in terms of the likelihood of an event occurring and the consequences of its realisation. |
Risk Tolerance |
The amount of risk that an organisation is prepared to accept or be exposed to at any one time |
Risk assessment |
The evaluation of risk in terms of the impact resulting from the risk being realised and the likelihood of the risk being realised |
Risk management |
The processes involved in the identifying and assessing risk, assigning ownership, mitigating the risk and monitoring progress |
Risk strategy |
The College's overall approach to risk management |
Risk profile |
The range of risks faced by the College |
Internal control |
Actions taken to manage risk or the impact of the risk if realised |
Risk Owner |
The person responsible for ensuring the risk is properly managed and monitored |
Shared Risk |
A risk with Impact (consequences) on more than one area of the College and/or partners and/or a risk that can be caused by another party. |
Raw Risk |
A risk before any control or mitigation is applied |
Mitigation |
Measures taken to control or reduce the risk |
Controls |
Measures taken to mitigate or reduce the risk |
Impact |
The consequences if the risk was realised (came about) |
Likelihood |
The probability of the risk occurring |
Causes |
The event or events that bring about the risk |
Major Risks |
Major is defined as any Red or Amber Risk or any Green risk with an impact or likelihood score of 7 or above as this implies that either rigorous controls are required to reduce the likelihood of a significant impact or there is an expectation of a significant number of minor events |
4Ts |
Treat |
Treat |
Control measures or processes to reduce the risk by addressing the causes, impact and/or likelihood of the risk. Control measures must be proportionate to the risk and provide value for money. |
Tolerate |
After assessing the Impact and Likelihood of the risk and assessing the control measures required to further reduce the risk, it may be decided that the risk will be accepted without further mitigation |
Transfer |
Some risks can be transferred to another body or organisation, e.g. insurance, outsourcing. Care needs to be taken that the risk is actually transferred. Some risks cannot be transferred e.g. reputation |
Terminate |
Although unusual there may be occasions when the residual risk is considered unacceptable and the only acceptable course of action is to cease all or part of an activity e.g. Field trips to high risk places |
PEST |
A review of Political, Economic, Social (including legal, environmental and ethical) and Technical issues |