Risk Governance in the FE College System

December 5, 2022

Trudi Stevens

Senior Tutor for Promethean Executive

“Governance is a system that provides a framework for managing organisations. It identifies who can make decisions, who has the authority to act on behalf of the organisation and who is accountable for how an organisation and its people behave and perform.

Governance enables the management team and the board to run organisations legally, ethically, sustainably, and successfully, for the benefit of stakeholders, including shareholders, staff, clients and customers, and for the good of wider society.”

Chartered Governance Institute UK & Ireland

The focus of John Spindler’s article of the 15th November 2022 was how many College Governing bodies were not adapting to the rapid changes that everyone, not just FE Colleges, have experienced in recent times.

Effective governance is not easy and neither is it well understood. However, it is fundamental to the viability of any organisation because it determines the effectiveness of the functions that underpin the very purpose of that organisation. Governance covers how decisions are made and by whom; how those decision makers report the process and how they are held accountable. Governance requires that all stakeholders are considered because they feel the impact of organisations’ activities. The decisions that are made determine the viability of the College.

Recent events where decision making has been tested was the Covid pandemic. Was this foreseeable? For a sector that caters for large numbers of young adults, many of whom attend campus from different regions and even countries, the mass transfer of any pathogen is always a possibility.

When it comes to risk management the UK Government’s advice to the sector is clear:

“The board must ensure there is a clear risk management policy so that:

  • significant risks are identified, assessed, monitored and managed
  • the effectiveness of risk management, internal control systems, assurance arrangements and business continuity planningis regularly reviewed
  • a risk exposure profile can be created that reflects the board’s views on what levels of risk are acceptable
  • risk management is ongoing and part of operational procedures

Note that maintaining an up-to-date business continuity plan is a funding requirement.”

FE and sixth-form college corporations: governance guide – GOV.UK (www.gov.uk)

Some basic research on 30 college websites chosen at random, looking at their Governance and Policies pages, produced not one single Business Continuity plan. I found one Covid Emergency Closure plan. If I cannot find it, as a parent of a student, as an employee, then it can be argued that the decision making is neither transparent nor accountable.

The focus of the Governing Boards was primarily on the financial and educational requirements of legislative and regulatory frameworks set by Government. They also addressed the wider safeguarding and welfare needs of their staff and students. The dearth of a wider perspective could be seen as symptomatic of an inward looking and reactionary Governing culture.

The inertia identified in John Spindler’s article could be partly attributed to the scope of the Board’s focus and make up. Notwithstanding the members who come from staff, students and local businesses, if the focus is on the immediate environment in which the College operates then wider horizon scanning does not appear to feature in the Board’s analysis. This both misses threats and opportunities. It reduces the possibility of innovation, disruptive evolution and regeneration. It also misses threats that would be obvious to a risk management professional.

Horizon scanning is a recognised function within commercial operations, embedded in marketing and strategy planning and threat analysis is part of financial and safety decision making processes. Innovation is integral to commercial survival. The governance of risk management is developing more rapidly than in the past because of the VUCAH (Volatile Uncertain Chaotic Ambiguous Hyperconnected) period we live in. Corporate Social Responsibility is merging with the Health and Safety function and is evolving into Enterprise Risk Management. Risk management is becoming an integral aspect of Strategy development. Frameworks and analytical tools are more sophisticated.

Management and leadership, culture and accountability are having to evolve to create the human behaviours necessary to function in this environment. ‘Agile leadership’ is maturing into an approach that both accommodates devolved decision making whilst assuring stability and consistency of purpose and Executive education is reflecting this change.

A wider strategic perspective and the implementation of more comprehensive risk management should be an integral part of the Governing Boards of Colleges across the FE sector. The wider benefits will be felt by the quality of planning, of curriculum design and delivery and, ultimately, by the students.

Here is a simple test of your Governing Board’s risk management capabilities:

How does your organisation rate for each criteria? Score 1 – 10
Significant risks are identified, assessed, monitored and managed
The effectiveness of risk management, internal control systems, assurance arrangements and business continuity planning is regularly reviewed
A risk exposure profile has been created that reflects the Board’s views on what levels of risk are acceptable
Risk management is continuous and part of operational procedures

If the UK is relying on the FE sector to deliver its skilled workforce then it needs effective, innovative and constantly aware Governing Boards.

A more detailed set of questions to ask your Board gives a clear indication of the quality of risk management in your organisation:

  • What are the significant risks the board is willing to take? What are the significant risks the board is not willing to take?
  • Is the board clear about the nature and extent of the significant risks it is willing to take in achieving its strategic objectives?
  • What steps has the board taken to ensure oversight over the management of the risks?
  • Is the organisation addressing all relevant risks or only those that can be captured in risk management processes?
  • Who are the key external stakeholders and have sufficient soundings been taken of their views? Are those views dealt with appropriately in the final documentation?
  • What are the main features of the organisation’s risk culture in terms of tone at the top? Governance? Competency? Decision making?
  • Does an understanding of risk permeate the organisation and its culture?
  • How mature is risk management in the organisation? Is the view consistent differing levels of the organisation? Is the answer to these questions based on evidence or speculation?

More Insights

Scroll to Top