Home
About Tilia
Solutions
What are we doing?
Suggested reading and
listening
Comments
Contact Tilia
Solutions
August
Looking forward to my usual quiet summer - who wants to be trained in
August? Except it hasn't quite worked out like that. I've prepared new
courses, discussed risk in Worcestershire and NHSLA inspections in
Essex. I've written a risk policy, commented on committee terms of
reference and developed my new website. Still, my suitcase, passport and
Euros have remained firmly tucked away so quieter, but .....
Starts with a bang and four days in Essex helping to prepare for the NHSLA level two inspection. This was interrupted by a day training in Brussels, explaining the basics of risk management through a power cut. A day training on internal controls in Italy meant some welcome warmth in a chilly Autumn and also involved agreeing more days to facilitate the annual risk appraisal exercise. Back to Britain and a return to the haunts of my childhood - a day in Cleethorpes talking to internal auditors about value-for-money audit including value-for-money risk, something that I hadn't really thought about before. Always good to add some new ideas and be challenged. This was followed by a short session with an audit committee in Warwickshire thinking about governance. I learnt a lot from my fellow trainer as she talked us through some of the major changes in local government finance and between us trying to explain how this worked in the public sector to councillors who were more used to private sector ways.
Another busy month, starting with a trip to an NHS Trust in the Midlands to help facilitate a director and non-executive director risk identification workshop. Lots of new ideas to take into my training, including the full text of the Gerald Ratner quote that I use to illustrate reputation management, the idea of calling a risk course "stuff happens" and the use of the 80:20 rule in relation to risk registers. (80% of risks on a typical risk register are day job matters and should be deleted; of the remaining 20%, 80% relate to risks where the cause is beyond management's control. And 80% of the actions are there to make management feel better and/or to be seen to be doing something rather than to have a direct impact on the risk itself.) Reminds me of lots of risk registers I've seen so thanks Matt Humphrey (no relation) for the ideas.
The rest of the month has been evenly split between training and carrying out that risk assessment exercise for a DG based in Brussels and Italy (so nice to see the sun again!). Training has covered all the usual areas - risk, internal controls and management supervision in Brussels and Luxembourg. Always good to see delegates for a second and third time and find out how they used earlier training ideas. As for the risk assssment exercise - this was a mixture of covert (and not-so-covert) training and assessment. We got some good results out of it and I learned a lot too:
- it helps to have all your delegates in one room; video conferencing has its limits especially when you can see but not hear them having a robust discussion
- try to make sure all your delegates speak the same language: my French skills were stretched when one person insisted on making all his contributions in Italian or French; I could choose which I preferred
- a small number in a small room round a small table works best
- you can photograph white boards but flip chart is better
- keep the agenda brief (risks of fraud, third party liabilities, business impact, key processes and other is too much for one day)
And I revised my thinking about risk scoring. Faced with a risk that was highly likely to happen with a trivial impact but very unlikely to happen with a critical impact, how do you score it? High for both? Low for both? Go for the more serious case? We decided that impact took precedence over likelihood and scored accordingly.
I also paid a speedy trip to Edinburgh for a fun day with six delegates discussing how we could make their audit committees more influential. It's great when delegates really engage and the conversations were wide ranging and challenging.
And I've been asked to add a new course to the list with training in fraud (should that be anti-fraud?) for the EC for next year. I may be a qualified investigator, able to carry out an interview under PACE (if only I could remember the words of the caution), but this is going to require some mugging up!
November started well, with an enjoyable four days back in Essex to carry out a dry-run audit for the NHSLA inspection. Thank goodness this isn't happening until December 2013 as they have a long way to go yet, although it was heartening to find that some changes have taken place and staff are beginning to take this seriously. We expect to be there so frequently over the next year that I now have a staff pass - two out of ten wards that I visited even asked to see it. From Essex to Italy for the last risk assessment exercise - a rapid and productive two hours that ticked all the criteria for a successful session that I identified on my last visit. The boozy leaving lunch that they had attended beforehand only smoothed the process.
Another country, another organisation and another risk assessment exercise - mixed results with one director sending a representative who was allowed to listen but not say anything and another director thanking us for giving her the opportunity to take time out and think about what they are doing. From Brussels, back to Italy to train through a nuclear evacuation drill (we had to stay put) and a strike (running a picket line to provide training was fun) and then to London to think about ways of making audit committees more effective - no strikes, no drills, everyone first language English but an exciting and informative day nevertheless.
December started in the same way as November - back to Essex and the NHS trust and a mixed week of examining records and talking risk and this time all the wards asked to see my pass!
I had two days as a trainee facilitator at the iRM's fundamentals of risk management course in preparation for delivering the course myself next year. A multi-lingual, multi-national group from whom I learned a lot. I then had a day delivering risk management training in Brussels, being videoed - technical mix ups mean that the video is now posted on youtube so I look forward to going viral!
2013 2014 2015 2016 2016 2017 2018 2019 2020 2021 2022 2023 2024