These are challenging times for disability care organisations. Turnover and results are under pressure due to agreements made in The Hague and the increasing competition. The transition from the AWBZ (general law on exceptional medical expenses) to the WMO (social support act) has heightened the uncertainty.
ORO has turned these developments into an opportunity to become a more enterprising organisation. A solid risk management policy is an essential part of this.
Risk management was not new to ORO. Before 2014, they had already drawn up an overview of fifteen critical risks. However, ORO wanted to make the various quality, safety and risk management activities more coherent. And analyse risks in a more structural way.
Not so much because of the Health Care Sector Governance Code or the compliance manual as drawn up by the VGN (Disability Care Association). ORO was actually intrinsically motivated to understand the risks because they saw opportunities.
It is an ambitious organisation and wants to achieve certain strategic goals. A structured inventory and approach to risks increases their chances of succeeding.
The overview of risks they had prepared before turned out to be a good basis to start from. Nevertheless, this was still insufficient for ORO. To make risk management an integral part of their business operations and decision-making, they needed to formulate a policy.
And that was indeed the first step they took.
The Executive Board and the Management Team were involved in all steps. Firstly, Corine Spaans, policy advisor at ORO, and two Infoland consultants interviewed all the directors and managers.
The objectives of risk management and the way it should be implemented within ORO were discussed. Each interviewee was also asked to name possible risks within their risk domain.
Knowing that you oversee the risks and that they are secured makes all the difference.”
The results of the interviews were presented in a joint session, after which the risk management framework was finalised. ORO distinguishes between strategic and tactical risks. Strategic risks are directly related to ORO’s mission, vision and strategy.
This includes psychosocial overburdening of employees and an insufficient professional network of cooperation with partners.
Tactical risks are inherent to the processes within ORO, but no specific strategic objectives have been set for those. Examples of tactical risks are unsafe medication and ICT failure.
Ultimately, the tactical risks translate into operational risks, for example at the level of an individual client. Within ORO, risks are identified in four areas: clients, employees, business operations and the environment.
Based on the framework, a risk domain and a corresponding risk owner were assigned for each risk, which made it possible to assign responsibilities.
Thanks to this process, ORO has an up-to-date risk profile and a concrete action plan, which can also be used for external accountability to the Supervisory Board, Works Council, Central Client Council and Inspectorate.
But that is not the most important thing. No, risk management has become an integral part of the planning and control cycle. Once new annual plans are drawn up, the risk profile can be revised with relatively little effort.
Above all, the link to strategic goals ensures that risk management offers ORO opportunities.
It becomes clear at a glance what you have done, what risk you run and what you can still do.”
In the second phase of the risk analysis, all risk owners were interviewed again. All identified risks were evaluated.
For each risk, causes were described, existing control measures inventoried and risk scores assigned. Zenya RISK was used as a supporting tool.
The end result is an up-to-date risk profile in Zenya that makes it clear which risks are under control and which are not.
In a joint session with the Board of Directors and managers, led by the Infoland consultants, ORO discussed the complete risk profile. Central to this discussion was the question of what the intended strategy should be for each risk.
Is any immediate action required? Or is further analysis desirable to gain a better understanding of the nature and extent of the risk? Or can the risk be accepted, at least for the moment? This very valuable session enabled an integral assessment of risks.
The result was a set of control measures to be taken, but also a list of subjects for future audits, as a check on the risk profile.
The Zenya tool facilitated the discussion by providing filtering options, a clear detailed view per risk and a link to other Zenya modules. After all, from a risk it is easy to make a link to relevant documents and improvement measures in Zenya.
Contact our experts without obligation! We will be pleased to brainstorm with you.