Back to Top
75 years of the CSO
Statistics Database
cso.ie as Gaeilge

 Skip navigation

Show Menu  

Risk Board Terms of Reference

Risk Board

 Terms of Reference


Role of the Risk Board

The Risk Board is accountable to the Management Board and is responsible for the overall governance of risk management within the CSO. The Board will be led by the Chief Risk Officer.

The Risk Board is responsible for:

  • Examining internal and external factors for risk that could impact the business but with a specific view to external, medium and long-term threats to the Office
  • Developing appropriate policies, procedures, guidance, systems and a CSO risk management framework
  • Overseeing the implementation of the CSO’s risk management framework and reporting on a regular basis to the Management Board, and the Audit Committee
  • Preparing an annual Corporate Risk Register for submission to the Management Board and the Audit Board and for internal publication
  • Reviewing the Corporate Risk Appetite annually for submission to the Management Board
  • Review and challenge risk management and mitigation arrangements to provide assurance that risk management performance is as expected, to consider whether it can be improved or whether change to the framework or the process is required.
  • Providing an analysis of risk findings on a regular basis for the Management Board
  • Ensuring standardisation of risk description, scoring and use of templates across the Office
  • Reviewing and interrogating all of the red and increasing risks identified across the Office via Management Board, the business planning process, by the Governance Boards, by SAQ reviews or any other process with a view to advising on further mitigation or increased monitoring or escalation to Management Board as agreed by the Board
  • Identifying new or emerging risks to the Office in a proactive and agile manner
  • Coordinating the management of risk for business processes that may cross the boundaries of business areas, divisions and locations (“cross cutting” issues)
  • Reviewing risk events as reported as part of the business planning process
  • Reporting to the Management Board on the lessons learned from such risk events and transfer this knowledge across the Office

Decision making and escalation structure

MB has delegated responsibility for the oversight of risk management to the Risk Board, which remains answerable to MB. It is the responsibility of the Risk Board to keep MB informed of progress and to make MB aware of any issues of significance in a timely fashion. The Risk Board will provide reports to MB on a quarterly basis and may decide to escalate issues to MB more often if necessary. The Risk Board will be held accountable for the decisions made regarding managing risk escalation and events in the Office.

The Risk Board is also responsible for reviewing the risks attached to new projects and programmes of work and based on the risk level, assign them to a governance structure or if the risks identified are low, decide that the programme/project can be managed locally.

Criteria for escalation of issues/projects from the Risk Board to MB

A formal decision of the Board is required to determine whether to escalate a risk to MB if:

  • All mitigation measures that can be applied at the business level have been exhausted
  • The Board considers that an intervention is required at MB level
  • The Board is presented with a risk event that has raised the risk status to a crisis situation

Following a decision to escalate an issue/project, the secretary to the Risk Board will contact MB with a description of the issue/project, the decision being sought and supporting documentation. In assessing risks, the Risk Board should consider the CSO’s appetite for risk as expressed in the Corporate Risk Appetite

Membership of the Risk Board

The membership of the board shall be set by Management Board and shall be reviewed annually or as vacancies arise in line with the following guidance:

  • Management Board shall appoint the Chief Risk Officer, who shall be a member of the Management Board.
  • The Chief Risk Officer is responsible for appointing new members of the Risk Board as necessary.
  • The members of the Risk Board should be representative of different functional areas (technical, specialist, business as well as policy) and expertise will be considered in the process of appointing new Risk Board members.
  • The minimum term of a new Risk Board member shall not be less than two years.
  • The maximum number on the Risk Board should be ten, including the Chief Risk Officer
  • Replacement of members should commence on a phased basis – two Risk Board members should be replaced each year at the end of June (A more delayed or accelerated replacement schedule may be warranted to ensure an appropriate balance between refreshing membership composition and maintaining continuity of operations)
  • Members of the Risk Board should be at Senior Statistician/Principal Officer grade
  • The secretary shall maintain a record of attendance of Risk Board members

General Information:

  • At the beginning of each year, the Risk Board shall agree and publish a schedule of regular meetings.
  • Extraordinary meetings may be convened at short notice by the Chair under exceptional circumstances where a serious risk is anticipated, imminent or has been realised.
  • Risk holders may be invited to Risk Board, by the Chair, to report on escalating risks in their areas of responsibility or may be asked for a written report between meetings
  • The secretary to the Risk Board shall maintain a log for recording longer term actions and will keep the Chair informed of any outstanding actions.
  • The Risk Board shall ensure that all data and information accessed or available to board members as part of their role will be securely & appropriately managed according to Office policies.

Working Methods

Pre-Meeting:

  • The secretary shall arrange a pre-meeting briefing with the Chief Risk Officer at least 2/3 days in advance of the meeting;
  • Documentation shall be circulated to the Risk Board at least 4 days in advance of the meeting;
  • Risk Board members shall familiarise themselves with the material in advance of the meeting

At the Meeting:

  • Meetings can proceed provided there is quorum of 51% of membership present;
  • Risk Board members shall participate in a professional manner adopting a corporate perspective rather than representing any sectional interest;
  • Participation shall be professional and courteous with open, critical, challenging and objective input from board members;
  • Decisions shall be made collectively as a Board and members shall respect the confidentiality of board discussions regarding individual opinions expressed.

Post Meeting:

  • Draft actions arising shall be circulated to board members within 2 days of each meeting and board member shall highlight any corrections or amendments by return;
  • Draft minutes shall be circulated to the Board within 1 week of the meeting and Board members shall respond with feedback/corrections within a week of receipt of the minutes

Annual Review

The effectiveness of operation, the terms of reference and the membership of the Risk Board will be reviewed on an annual basis in December of each year and reported as part of the annual report to MB.

 

Contact:

Central Statistics Office
Skehard Road, Cork T12 X00E, Ireland

Tel:
(+353) 21 453 5000
E-Mail:
information@cso.ie

Links:

Careers

You can count on a rewarding career with the CSO.

Learn about our variety of roles and the benefits of working with the CSO.

Follow: