Risk Management for Government & Provincial Public Sector

Risk is the effect of uncertainty on objectives, which is inherent in all activities of government. Effective risk management reduces uncertainty by identifying, prioritizing and mitigating risk. Risk management is critical to the achievement of the B.C. government's goals and governance responsibilities.

Enterprise Risk Management (ERM) is the coordinated, ongoing application of risk management across all parts of an organization, at all levels, from strategic planning to service delivery.

An ERM Program is the framework that the organization has in place to govern risk management activities. This includes how risk is assessed, the roles and responsibilities of senior leaders and all employees in managing risk, and the effective reporting and communication of risk information throughout the organization.

Enterprise Risk Management Resources

The B.C. government's Risk Management Guideline for the B.C. Public Sector (PDF), which aligns with the CSA ISO 31000 standard, provides a structure for managing risk and implementing effective ERM Programs across the B.C. public sector. In this context, "enterprise" is defined as the whole of government, including B.C. government ministries and all public sector organizations that work together to provide services to British Columbians.

Strong ERM Programs enable senior leaders to:

  • Identify and communicate risks that are shared across the B.C. public sector
  • Apply combined risk mitigation strategies
  • Determine overarching priorities
  • Facilitate discussion of the types and levels of risk government is prepared to accept (tolerance)
  • Make long-term plans for the future

ERM Programs contain three components:

  1. The principles for managing risk
  2. The framework which governs the effective reporting and communication of risk information
  3. The risk management process that is used to collect and assess risk information

ERM Program components - Click to view full size

The B.C. Enterprise Risk Categories Tool (.pdf) provides a framework to take an enterprise-wide view of potential threats and opportunities that may have an impact on objectives.

The Standard Risk Register (.xlsx)  helps to document risk assessment results in a consistent manner, including identified risk events, causes and impacts, and allows for tracking and management of mitigation strategies.

B.C. government ministries and public sector organizations are encouraged to build an ERM Program that is tailored to their decision-making structure and encompasses the elements found within the standard. For more information, or for access to the B.C. government’s subscription to the CSA ISO 31000:18 Risk Management – Guidelines Standard and supporting documents, B.C. public sector organizations can email ERM@gov.bc.ca.

Ministry staff can find additional helpful resources in the Government Chief Risk Office intranet (B.C. government only).