Risks and uncertainties
We define risk as anything that can affect our
ability to: achieve our objectives for people living
with cancer; sustain our operations; maintain our
reputation; or meet regulatory requirements. We
see risk as an inherent factor in the decisions we
make in pursuit of our strategic objectives and seek
to understand the risks we face or create, while
operating within an acceptable level of risk-taking.
However, we also recognise the need to seek new
innovations and harness the opportunities that
taking risks can bring, to ensure we continue to do
everything we can to support people living with
cancer. We take risk where we believe the benefits
outweigh the risks involved and where we have the
capabilities to understand and manage those risks
within our risk appetite, as defined by our trustees.
Our approach to risk management follows the
recommendations of the Charity Governance Code.
Risk planning
As part of our formal planning and review cycle,
designated directorate Risk Leads assess risks within
their respective areas of responsibility each quarter
to input into the Risk Leads Group and agree these
with their respective Executive Directors.
Risk management has been embedded into
Macmillan's planning cycle to ensure we add more
value and consideration into processes and content.
As well as identifying potential issues, we also look
for opportunities we might otherwise miss, such as
further growth development and working towards a
sustainable future.
Management review
All risks are scrutinised monthly at a directorate level
and quarterly at the Risk Board meetings to ensure
we monitor all our corporate risks collectively on a
regular basis. We continue to regularly engage with
our trustees, especially via the Finance, Audit and
Risk Committee meetings, to ensure we rigorously
review and scrutinise every risk.
The corporate risk register is an organisation-wide
summary of our risk profile and corresponding
mitigating actions to help leaders validate our
performance and sustainability. This is then
presented to the trustees for scrutiny and approval.
Regular ongoing reviews of risk management plans
inform our strategic planning, change management
and operational decision-making. They also feed
into our assurance framework, including our annual
internal audit plan and insurance programme.
Risk governance
Our risk management process is supported by our
governance structure. Our trustees and Executive
Team recognise the importance of maintaining a
strong system of internal controls, supported by
these risk management activities and assurance
mechanisms, including internal and external audit.
Whilst our Executive Team are responsible for
the day to day operation of our risk processes,
our trustees are responsible for ensuring there
is an effective risk management process and an
appropriate internal control environment. The
Executive Team are informed by our directorate
leadership teams, the Risk, Governance and
Assurance (RGA) division, the Risk Board and the
Risk Leads Group. The RGA team present updates
to the Finance, Audit and Risk Committee, which
reviews the principal risks and provides oversight of
the risk management process, so that the Treasurer
can report annually on the effectiveness of the risk
management process to our Board of Trustees.
Risk
77
Environmental, social
and governance review
Financial review
Strategic report
Overview Financial statements Thank you