Sub-questions

Has the programme adopted a systematic approach (for example, horizon scanning) to identifying and considering risks?

Have foreseeable risks been identified and assessed?

Have risks been appropriately analysed to assess both the likely occurrence and the potential impact and produce a prioritised management strategy?

Have key risks been allocated an owner and a management plan in place?

Are there systematic criteria for escalation?

Have risks associated with using innovative approaches/solutions been taken into account?

What contingency plans are in place and how would they be activated?

Essential evidence

Risk register with regular updates.

Risk management - examples from our studies

In The London 2012 Olympic Games and Paralympic Games: post-Games review we reported that to manage and forecast costs, assessed risks were turned into quantified assessments with financial values attributed to them. A £2.7 billion contingency provision gave a high level of financial cover for the Delivery Authority, with clear procedures for applying for and releasing contingency funds. In this way, cost forecasting, management of risk and management of contingency funds were all aligned. As the programme progressed, the requirement for contingency cover reduced and the funding could be redirected to operational requirements.

As the programme moved from its planning to the operational phase, the government's oversight arrangements changed to reflect the need for quick resolution of any issues that might arise. In the year or so before the Games, there was intensive testing of a range of potential scenarios across the programme, enabling delivery bodies to refine their plans, and identify risks and mitigating actions. For example, when it became clear that G4S could not provide the full number of venue security guards required, effective contingency plans were implemented.

Our 2018 report Investigation into the British Army's Recruiting Partnering Project found that the Ministry of Defence underestimated the complexity of what it was trying to achieve, resulting in significant problems that meant the Army did not recruit the number of soldiers needed. The Army and its contractor, Capita Business Services Ltd, did not test fundamental changes before introducing them. Capita also failed to recognise that it could not use an 'off-the shelf' commercial solution as it did not understand the level of customisation needed. As a result, it could not introduce the automated approach to recruitment as originally envisaged. The Army and Capita failed to implement measures to simplify the recruitment process in advance and had to develop manual work-arounds to process applications. We found that, as a result of such problems, Capita had missed the Army's target for recruiting soldiers every year since 2013.

Other relevant reports

Update on the Thameslink Programme (paragraph 13)

Equipment Plan 2017 to 2027 (paragraph 9)

Early progress in transforming courts and tribunals (paragraph 15)

Rolling out smart meters (paragraph 24)