UK Government guidance on decision making
Implementation of equal drug laws is simple, in principle: implement Section 1 of the Misuse of Drugs Act in accordance with the Government's own guidance on decision making.
Currently this guidance has not been followed by Government nor has compliance with guidance been considered by any independent reports assessing Government drug policy.
Stages of decision making:
- Aim: a fundamental principle of public law is that all decisions must be made in the public interest, not in the self-interest of the decision maker. The general aim of any Government intervention must then be to reduce risks to the public (or to increase opportunities); the aim must not be to increase their own popularity among the electorate.
- Risk: assess the risks to the public.
- Regulation: evaluate the various alternative methods of regulating those risks.
- Science: both stages 1 and 2 may depend largely on expert scientific advice, especially where evidence-based policy is essential.
- Policy: however Government must take into account all relevant factors, not just independent expert opinion. These factors may be described as 'political', including the public acceptability of alternative regulatory options and compliance with international law. Government therefore has a wide margin of discretion concerning which regulatory option they choose. Different governments may have very different policies for achieving the same general aim.
- Law: however Government discretion is constrained by the law as decided by Parliament. Government must act within the law in accordance with the purpose defined by law; then decisions must not be clearly irrational or implemented unfairly. Government also has a duty to respect and protect the human rights of those affected by their decisions. Government must strike a 'fair balance' between their competing duites toward public protection and the protection of individual rights.
The Misuse of Drugs Act:
- Section 1 describes the decision making process, establishing an independent expert scientific advisory committee, the Advisory Council on the Misuse of Drugs, to provide Government with advice on risk assessments and recommendations for regulations.
- The Act requires Government to seek ACMD advice before making any decisions; only after evaluating that advice can Government propose changes to Parliament.
- Objective measures of risk, from the ACMD, are the only factors mentioned as relevant by the Act.
- The Act does not mention UN drug Conventions.
- The ACMD are not restricted to advising only prohibitory regulations.
- The purpose of the Act is clearly to reduce objective risks to the public in the most effective way.
Government guidance - index
Advisory Council on the Misuse of Drugs:
Office of Science & Technology, DTI, 2001: Code of Practice for Scientific Advisory Committees
ACMD, 2007: Code of Practice
HM Government, 2005: Guidelines on Scientific Analysis in Policy Making
Risk assessment and management:
Inter-Departmental Liaison Group on Risk Assessment, 1996: Use of Risk Assessment within Government Departments
Strategy Unit, 2002: Risk: Improving government's capability to handle risk and uncertainty
Health & Safety Executive, 2007: Five steps to risk assessment
Cabinet Office, 2003: Principles of Managing Risks to the Public
HM Treasury, 2005: Managing Risks to the Public: appraisal guidance
Regulatory options assessment:
Better Regulation Task Force, 2003: Principles of Good Regulation
HM Treasury, 2006: The Green Book - Appraisal and Evaluation in Central Government
Centre for Management and Policy Studies, 2001: Better Policy Making
Common law judicial review:
Treasury Solicitor, 2006: The Judge over Your Shoulder
Department for Constitutional Affairs, 2006: Human Rights: human lives - a handbook for public authorities
Health & changing behaviour:
Advisory Council on the Misuse of Drugs:
Office of Science & Technology, DTI, 2001: Code of Practice for Scientific Advisory Committees [pdf, 114Kb]
11. The terms of reference for most scientific advisory committees are set by Government. It is Governments responsibility to ensure that a committees remit is clear, and it is the committees responsibility to raise concerns if they believe there are ambiguities. As a general principle, any required clarification of a committees role should take place before a committee begins its work.
13. Where a committee is required to offer advice on social, ethical and economic considerations which bear on the scientific advice, it should be made explicit to the committee that this role is being taken on. In putting forward its advice, the committee should make clear any limitations on its expertise to address such wider considerations.
22. Chairs of advisory committees have responsibility for:
- ensuring that the secretariat accurately documents the proceedings of the committee so that there is a clear audit trail showing how the committee reached its decisions.
30. All members and secretariats should regard it as part of their role to:
- consider whether the questions on which the committee offers advice are those which are of interest to the public and other interested parties outside the scientific community;
- examine and challenge if necessary the assumptions on which scientific advice is formulated and ask for explanations of any scientific terms and concepts which are not clear
31. All members should share in the general responsibility to consider the wider context in which their expertise is employed.
40. The secretariat should ensure that the proceedings of the committee are properly documented so that there is a clear audit trail showing how the committee reached its decisions.
55. Committees should aim at having a transparent and structured framework to examine, debate and explain the nature of the risk. It is for committees to decide what form their risk assessments should take, but whatever procedure is used, it should be a systematic one. Whenever their work involves an assessment of risk, committees should consider carefully, taking into account the nature and scale of the problem, what precision of estimates is appropriate or realistic, in terms of costs, resources and time. Where a committee is asked to provide risk management options, it will normally be helpful for it to follow a formal structure based on recognised principles of risk assessment.
56. Whenever the committees work is likely to involve an assessment of risk or where the scientific evidence is expected to be subject to appreciable uncertainty, if not already available within its membership, advice should be taken from individuals or groups with relevant expertise and/or guidance.
59. Within the context of the remit given to them, committees should use the most appropriate method of reporting outcomes that takes account of the level and type of uncertainty involved. Where practical and verifiable, risk should be reported in terms of the likelihood and consequences of the event. Sources of data should be quoted and any degree of auditing described. Where a range of policy options are considered, risks should be reported for each and reasons for choosing a preferred option should be made clear.
77. Advice should be in terms that can be understood by a layperson. It should explain the reasoning on which the advice is based; make clear what principles, if any, of risk management are being applied, any assumptions underlying the advice and identify the nature and extent of any uncertainty.
78. In situations of uncertainty, committees could offer a range of options or interpretations to their departments rather than just one. In so doing they should distinguish between options which are alternative interpretations of the scientific evidence, and options which involve other factors including social, ethical or economic considerations.
96. The general principle of consultation is that there should be transparency, which means that the public should be able to understand the procedures by which the committee arrived at its decisions. There should also be openness, in the sense that the public should have sufficient information available to be able to understand the chain of reasoning underlying a committees advice, and have access to the information on which the committee based its assessments.
ACMD, 2007: Code of Practice [pdf, 52Kb]
5. Members of the ACMD (and its working groups) must at all times follow public service values by:
observing the highest standards of impartiality, integrity and objectivity in relation to the advice they provide;
being accountable through Ministers to Parliament and the public more generally for the activities of the ACMD and for the standard of advice that it provides;
in accordance with Government policy on openness, comply fully with the Secretary of State for the Ministry of Justice Code of Practice on the discharge of public authorities functions under Part I of the Freedom of Information Act 2000 (FOIA).
6. The ministers of the sponsoring department (Home Office) are accountable to Parliament for the policies and performance of this Council, including the policy framework within which it operates.
7. Council members may be personally liable if, in the performance of their Council duties, they make a fraudulent or negligent statement, which results in a loss to a third party.
39. Advice will be given clearly and, wherever possible, in terms that can be understood by a lay person. Any assumptions underlying the advice and the nature and extent of any uncertainty will be identified as far as is possible.
40. Where there is uncertainty the ACMD will identify these with any tensions or trade-offs between them, and may produce a range of options or interpretations as part of its advice. Reasons for producing a preferred option will be made clear.
41. The ACMD should not seek unanimity at the risk of failing to recognise different views on a subject. Any significant diversity of opinion among ACMD members will be recorded and published with the advice.
42. Reports and advice from the ACMD will make it clear where there are substantial gaps in the knowledge base, available data is inadequate or incomplete, complexity makes it impossible to predict the outcome of a policy or intervention with substantial certainty and where judgments have been made in the face of any of these forms of uncertainty. The ACMD will seek to highlight the source and extent of scientific uncertainty if possible, where evidence exists.
43. Reports and advice that are published will include enough detail that anyone scrutinising the work of the ACMD can identify the background information used and any assumptions made or criteria applied.
62. There is a statutory requirement that membership includes representatives of the practices of medicine, dentistry, veterinary medicine and pharmacy, the pharmaceutical industry, and chemistry other than pharmaceutical chemistry; and people who have a wide and recent experience of social problems connected with the misuse of drugs.
HM Government, 2005: Guidelines on Scientific Analysis in Policy Making [pdf, 40Kb]
4. The guidelines address how evidence should be sought and applied to enhance the ability of government decision makers to make better informed decisions. The key messages are that departments, and the individual policy makers within them, should:
think ahead and identify early the issues on which they need scientific advice and early public engagement, and where the current evidence base is weak and should be strengthened get a wide range of advice from the best sources, particularly when there is uncertainty publish the evidence and analysis and all relevant papers
Which areas of evidence do the guidelines cover?
6. The guidelines cover all disciplines from which policy makers may need to seek advice when formulating long-term policy objectives (including international agreements) or when reacting to another piece of established or emerging evidence.
7. These include natural and physical sciences, social sciences, economics and statistics and the arts and humanities. The balance of disciplines required will obviously depend on the issue in question, but the potential for advice to be strengthened by harnessing evidence from all disciplines should not be discounted, particularly in areas of public concern.
Early identification and horizon scanning
9. Individual departments should ensure that adequate horizon scanning procedures are in place, sourcing data across all evidential areas, to provide early indications of trends, issues, or other emerging phenomena that may create significant impacts that departments need to take account of.
10. Many issues are likely to require evidence that cuts across departments and will therefore require close communication and collaboration between departments.
Obtaining specialist advice
12. Departments should draw on a sufficiently wide range of the best expert sources, both within and outside government, ensuring that existing evidence is drawn upon. There is an extensive list of external sources that departments can engage. These include academics, eminent individuals, learned societies, advisory committees, consultants, professional bodies, public sector research establishments (including the Research Councils), lay members of advisory groups, consumer groups and other stakeholder bodies. Where appropriate, consideration should also be given to inviting experts from outside the UK, for example those from European or international advisory mechanisms, particularly in cases where the other countries have experience of, or are likely to be affected by, the issue under consideration.
13. Departments should ensure that their selection of advisers matches the nature of the issue and the breadth of judgment required and is sufficiently balanced to reflect the diversity of opinion amongst experts. When deciding which external sources to seek advice from, departments should encourage those responsible for individual issues to cast their net wider than their traditional contacts and continually establish new networks in order to capture the full diversity of good evidence-based advice.
16. While advice from external and international sources should be sought regularly, departments should absolutely ensure that such advice is sought when:
the issue raises questions that exceed the expertise of in-house staff
responsibility for a particular issue cuts across government departments (e.g. sustainable development)
there is considerable uncertainty and a wide range of expert opinion exists
there are potentially significant implications for sensitive areas of public policy
independent analyses could potentially strengthen public confidence in scientific advice from government.
Asking the right questions and involving the right people
18. Departments should consider how best to frame the particular questions which the experts will be asked to address. Making the question too narrow may prejudice the result. Where issues may be sensitive, departments must ensure that questions are framed to cover the concerns of all relevant stakeholder groups, including consumers and the general public. On these occasions, public dialogue should begin as early as possible. Ideally, the public should be involved in framing the questions that experts and policy makers need to address in order to make Ministers aware of the most important issues before taking a decision. The Council for Science and Technologys recent report on public dialogue listed a helpful set of criteria for consideration in selecting priorities for public dialogue. Although specifically aimed at science and technology, the criteria are relevant for all policy areas:
Proposed criteria for consideration in selecting priorities for public dialogue in science and technology.
Potentially controversial ethical issues arise around the conduct of the scientific research, the use of the technology and/or the wider impacts on society. For example: the benefits and risks to different parties (e.g. individuals, society, government, industry) are inequitable; the benefits to individuals are unclear; individuals may have limited or no choice over their use of the technology; risks fall to particularly vulnerable groups.
There is significant uncertainty over the risks to human health or the environment.
Interested parties from science, industry and civil society hold polarised, and apparently fixed, views in the area. New regulatory or governance procedures may be needed.
20. When assessing the levels of risk or establishing risk management strategies in relation to a specific policy, the use of evidence is essential. Analysts and policy makers must ensure that they include evidence of any differing perspectives of risk (including perspectives from the public) as well as scientific risk assessments as part of any decision making process. Early public engagement is vital to ensure this happens.
21. Evidence in public policy making contains varying levels of uncertainty that must be assessed, communicated and managed. Departments should not press experts to come to firm conclusions that cannot be justified by the evidence available. Departments should ensure that levels of uncertainty are explicitly identified and communicated directly in plain language to decision makers. They should also be made aware of the degree to which they are critical to the analysis, and what new and emerging information might cause them to revisit their advice.
22. When asking experts to identify or comment on potential policy options, it is essential that departments and decision makers distinguish between the responsibility of experts to provide advice, and the responsibility of decision makers for actions taken as a result of that advice. Experts should not be expected to take into account potential political reaction to their findings before presenting them.
Handling the advice
23. Those responsible for departmental and ministerial communication with the public should ensure that the evidence on which any decisions were based are included as part of any press release or communication strategy. Where decisions taken were not based on the evidence, this should also be explained.
Openness and transparency
25. In line with the Freedom of Information Act, there should be a presumption at every stage towards openness and transparency in the publication of expert advice. Departments should also ensure their procedures for obtaining advice are open and transparent. It is good practice to publish the underpinning evidence for a new policy decision, particularly as part of an accompanying press release. Where issues fall under the remit of the Environmental Information Regulations publication will usually be obligatory rather than just good practice. When publishing the evidence the analysis and judgment that went into it, and any important omissions in the data, should be clearly documented and identified as such. This should be done in a way that is meaningful to the non-expert.
30. When responding to public concerns over emerging findings, it is important that departments state clearly the level of peer review and/or quality assurance which has or has not already been carried out, whether they intend to subject the work to any further peer review processes and when this is likely to be available.
Implementation and evaluation
32. As the guidelines are largely principle based, we would encourage departments to ensure they are woven into departmental guidance on better policy making. Chief Scientific Advisers will work in partnership with policy makers to ensure the guidelines principles are fully embedded into departmental policy procedures and to ensure appropriate scientific input into policy decisions.
Risk management and assessment:
HM Treasury, 2005: Managing Risks to the Public: appraisal guidance [pdf, 623Kb]
This guidance is designed to help policy makers address certain risks that the public faces, and also its perceptions of risk. Government has a role to protect and assure the public, which includes taking cost effective action to reduce risk, and to provide accurate and timely information about risk.
One objective of this guidance is to achieve greater consistency and transparency in government decision-making. It aims to achieve this by recommending greater use of evidenced based values of preventing fatality, and other harms, and supports further studies to inform our understanding of the appropriate economic values to use given differences in context. More widespread use of evidence-based values would help to achieve greater consistency in decision making, increasing (in certain areas) risk management activity, and preventing or curbing it in areas where the benefits are not justified by the costs.
This guidance also recommends that, alongside the technical analysis of options available to reduce risk, decision makers should take explicit steps to involve the public: to understand what they are concerned about and why, and to communicate good information about risk, targeted to the needs of the audiences involved.
Finally, these various tools and techniques still require good judgment to determine the most appropriate action for government and society to take given the risks they face.
Chapter 1. Introduction and overview
1.1 This document provides guidance for developing and assessing proposals that affect the risk of fatalities, injury and other harms to the public. It supplements Treasury guidance Appraisal and Evaluation in Central Government (the Green Book), which sets out the general approach to carrying out options appraisal (combined with cost/benefit analysis) of all government intervention. This is a requirement for all expenditure and of all new policy actions which may have an impact on businesses, charities, the voluntary or rest of the public sector.
1.2 The Green Book discusses risk and uncertainty in general terms, but not specifically risks to the public.In addition, the Treasury's Orange Book also provides more general guidance on risk management. This supplementary guidance applies both to proposals which contain elements that relate to public health and safety and those that are primarily concerned with such issues. It supersedes paragraphs 26-33 of Annex 2 of the Green Book.
1.3 The guidance contains a tool (see Appendix A) to help structure and make explicit the assessment of concerns that may exist about risks of fatality and harm, which is a strand of decision-making where there is currently little extant crossgovernment guidance. In other areas, the text points to articles and existing guidance.
1.10 There are a number of generic steps that will need to be taken in the appraisal process. These are set out below and discussed in detail in the guidance.
1. Consider if there are good prima facie reasons for government intervention (e.g. market failures or equity issues that should be addressed);
2. Carry out an expert risk assessment;
3. Carry out an assessment of public concern (Annex A can be used);
4. Consider the extent of public involvement that may be required during the appraisal and decision-making processes;
5. Develop the decision-making process (including how to involve the public) and make this publicly available;
6. Consider the options available for addressing the hazards and risks, and the concerns identified. Develop options which address the reasons for intervention, the specific risks and hazards, and the concerns identified in steps 1-3;
7. Assess the monetary costs and benefits of each option, expressing these within ranges of uncertainty;
8. Assess the non-monetary advantages and disadvantages of each option (and consider other non-monetary issues as well);
9. Develop an implementation plan, taking the best options in terms of monetary and non-monetary considerations, and developing an affordable, viable plan of action. Explain the basis of decisions and make this publicly available; and,
10. Implement, monitor and evaluate the implementation plan.
Appendix A: Concern Assessment Tool
Cabinet Office, 2003: Principles of Managing Risks to the Public [pdf, 105Kb]
People face a range of risks including direct threats, risks to their safety, welfare or livelihood, and risks to the environment. All life involves some risk, and any innovation brings risk as well as reward.
Governments role will vary according to the nature of the risk it may involve providing information and advice on risks that individuals manage themselves, regulating how risks and benefits are distributed across society, or intervening directly to provide protection from external hazards. The following five principles apply to the handling of all types of risk to the public:
Openness and transparency
Proportionality and consistency
Openness and transparency
Government will be open and transparent about its understanding of the nature of risks to the public and about the process it is following in handling them.
Government will make available its assessments of risks that affect the public, how it has reached its decisions, and how it will handle the risk. It will also do so where the development of new policies poses a potential risk to the public. When information has to be kept private, or where the approach departs from existing practice, it will explain why. Where facts are uncertain or unknown, government will seek to make clear what the gaps in its knowledge are and, where relevant, what is being done to address them. It will be open about where it has made mistakes, and what it is doing to rectify them.
Government will seek wide involvement of those concerned in the decision process.
Government will actively involve significant stakeholders, including members of the public, throughout the risk identification, assessment and management process. This will support timely and targeted action. Two-way communication will be used in all stages of policy development, risk assessment and risk management. Where there are differences in interpretation it will aim to clarify these through open discussion, and it will seek to balance conflicting views in a way that best serves the wider public interest. It will explain how views obtained through consultation have been reflected in its decisions.
Proportionality and consistency
Government will act proportionately and consistently in dealing with risks to the public.
Government will base all decisions about risks on what best serves the public interest. Action taken to tackle risks to the public will be proportionate to the level of protection needed and targeted to the risk. Government will seek to apply a consistent approach to its assessment of risks and opportunities and to its evaluation of the costs and benefits of options for handling them, and will ensure that these are clearly articulated. It will apply the precautionary principle where there is good reason to believe that irreversible harm may occur and where it is impossible to assess the risk with confidence, and will plan to revisit decisions as knowledge changes.
Government will seek to base decisions on all relevant evidence.
Government will aim to ensure that all relevant evidence has been considered and, where possible, quantified before it takes decisions on risk. It will seek impartial and informed advice that can be independently verified wherever possible, and seek to build a shared understanding of the risks and options for action. It will consider evidence from a range of perspectives, including the public as well as experts. It will not use the absence of evidence alone to prove the absence or presence of threat, and will acknowledge alternative interpretations of the available evidence. It will make clear how evidence has informed its decisions and will keep them under review as new evidence comes to light.
Government will seek to allocate responsibility for managing risks to those best placed to control them.
Government, where possible, will ensure that those who impose risks on others also bear responsibility for controlling those risks and for any consequences of inadequate control. It will aim to give individuals a choice in how to manage risks that affect them, where it is feasible and in their interest to do so and where this does not expose others to disproportionate risk or cost. It will seek to clarify where responsibility for managing risks rests and that those responsible have the authority and information to act.
- These principles are intended to be consistent with existing published frameworks, including:
the Freedom of Information Act; the Code of Practice on Access to Government Information; the Principles of Good Regulation; the precautionary principle, and principles governing the production of Departmental risk frameworks.
HM Treasury, 2004: The Orange Book: Management of Risk - Principles and Concepts [pdf, 462Kb]
1.2 Risk is defined as this uncertainty of outcome, whether positive opportunity or negative threat, of actions and events. The risk has to be assessed in respect of the combination of the likelihood of something happening, and the impact which arises if it does actually happen. Risk management includes identifying and assessing risks (the inherent risks) and then responding to them.
1.3 The resources available for managing risk are finite and so the aim is to achieve an optimum response to risk, prioritised in accordance with an evaluation of the risks. Risk is unavoidable, and every organisation needs to take action to manage risk in a way which it can justify to a level which is tolerable. The amount of risk which is judged to be tolerable and justifiable is the risk appetite.
1.4 Response, which is initiated within the organisation, to risk is called 'internal control' and may involve one or more of the following:
- tolerating the risk;
- treating the risk in an appropriate way to constrain the risk to an acceptable level or actively taking advantage, regarding the uncertainty as an opportunity to gain a benefit;
- transferring the risk;
- terminating the activity giving rise to the risk.
In any of these cases the issue of opportunity arising from the uncertainty should be considered.
The level of risk remaining after internal control has been exercised (the "residual risk") is the exposure in respect of that risk, and should be acceptable and justifiable - it should be within the risk appetite.
Chapter 3 - Identifying risks
3.2 The identification of risk can be separated into two distinct phases. There is: initial risk identification (for an organisation which has not previously identified its risks in a structured way, or for a new organisation, or perhaps for a new project or activity within an organisation), and there is; continuous risk identification which is necessary to identify new risks which did not previously arise, changes in existing risks, or risks which did exist ceasing to be relevant to the organisation (this should be a routine element of the conduct of business).
3.3 In either case risks should be related to objectives. Risks can only be assessed and prioritised in relation to objectives... A statement of a risk should encompass the cause of the impact, and the impact to the objective ("cause and consequence") which might arise.
Chapter 4 - Assessing risks
4.1 There are three important principles for assessing risk: ensure that there is a clearly structured process in which both likelihood and impact are considered for each risk; record the assessment of risk in a way which facilitates monitoring and the identification of risk priorities; be clear about the difference between, inherent and residual risk.
4.3 This assessment needs to be done by evaluating both the likelihood of the risk being realised, and of the impact if the risk is realised. A categorisation of high/medium/low in respect of each may be sufficient, and should be the minimum level of categorisation - this results in a 3x3 risk matrix.
4.4 When the assessment is then compared to the risk appetite (see 4.5 below), the extent of action required becomes clear. It is not the absolute value of an assessed risk which is important; rather it is whether or not the risk is regarded as tolerable, or how far the exposure is away from tolerability, which is important.
4.5 At the organisational level risk appetite can become complicated (see section 5 for more detail), but at the level of a specific risk it is more likely that a level of exposure which is acceptable can be defined in terms of both a tolerable impact if a risk is realised, and tolerable frequency of that impact. It is against this that the residual risk has to be compared to decide whether or not further action is required. Tolerability may be informed by the value of assets lost or wasted in the event of an adverse impact, stakeholder perception of an impact, the balance of the cost of control and the extent of exposure, and the balance of potential benefit to be gained or losses to be withstood.
4.6 Thinking about risk frequently focuses on residual risk (ie- the risk after control has been applied which, assuming control is effective, will be the actual exposure of the organisation - see 1.4). Residual risk, of course, will often have to be re-assessed - for example, if control is adjusted. Assessment of the anticipated residual risk is necessary for the evaluation of proposed control actions.
4.7 Care should also be taken to capture information about the inherent risk. If this is not done the organisation will not know what its exposure will be if control should fail. Knowledge about the inherent risk also allows better consideration of whether there is over-control in place - if the inherent risk is within the risk appetite, resources may not need to be expended on controlling that risk. This need to have knowledge about both inherent and residual risk means that the assessment of risk is a stage in the risk management process which cannot be separated from addressing risk; the extent to which the risk needs to be addressed is informed by the inherent risk whereas the adequacy of the means chosen to address the risk can only be considered when the residual risk has been assessed.
Chapter 5 - Risk appetite
5.1 The concept of a 'risk appetite' is key to achieving effective risk management and it is essential to consider it before moving on to consideration of how risks can be addressed. The concept may be looked at in different ways depending on whether the risk (the uncertainty) being considered is a threat or an opportunity:
- When considering threats the concept of risk appetite embraces the level of exposure which is considered tolerable and justifiable should it be realised. In this sense it is about comparing the cost (financial or otherwise) of constraining the risk with the cost of the exposure should the exposure become a reality and finding an acceptable balance;
- When considering opportunities the concept embraces consideration of how much one is prepared to actively put at risk in order to obtain the benefits of the opportunity. In this sense it is about comparing the value (financial or otherwise) of potential benefits with the losses which might be incurred (some losses may be incurred with or without realising the benefits).
It should be noted that some risk is unavoidable and it is not within the ability of the organisation to completely manage it to a tolerable level.
Chapter 6 - Addressing risks
6.1 The purpose of addressing risks is to turn uncertainty to the organisation's benefit by constraining threats and taking advantage of opportunities. Any action that is taken by the organisation to address a risk forms part of what is known as "internal control". There are five key aspects of addressing risk:
- TOLERATE: The exposure may be tolerable without any further action being taken. Even if it is not tolerable, ability to do anything about some risks may be limited, or the cost of taking any action may be disproportionate to the potential benefit gained. In these cases the response may be to tolerate the existing level of risk. This option, of course, may be supplemented by contingency planning for handling the impacts that will arise if the risk is realised.
- TREAT: By far the greater number of risks will be addressed in this way. The purpose of treatment is that whilst continuing within the organisation with the activity giving rise to the risk, action (control) is taken constrain the risk to an acceptable level. Such controls can be further sub-divided according to their particular purpose (see 6.2 below).
- TRANSFER: For some risks the best response may be to transfer them. This might be done by conventional insurance, or it might be done by paying a third party to take the risk in another way. This option is particularly good for mitigating financial risks or risks to assets. The transfer of risks may be considered to either reduce the exposure of the organisation or because another organisation (which may be another government organisation) is more capable of effectively managing the risk. It is important to note that some risks are not (fully) transferable - in particular it is generally not possible to transfer reputational risk even if the delivery of a service is contracted out. The relationship with the third party to which the risk is transferred needs to be carefully managed to ensure successful transfer of risk (see section 10).
- TERMINATE: Some risks will only be treatable, or containable to acceptable levels, by terminating the activity. It should be noted that the option of termination of activities may be severely limited in government when compared to the private sector; a number of activities are conducted in the government sector because the associated risks are so great that there is no other way in which the output or outcome, which is required for the public benefit, can be achieved. This option can be particularly important in project management if it becomes clear that the projected cost / benefit relationship is in jeopardy.
- TAKE THE OPPORTUNITY: This option is not an alternative to those above; rather it is an option which should be considered whenever tolerating, transferring or treating a risk. There are two aspects to this. The first is whether or not at the same time as mitigating threats, an opportunity arises to exploit positive impact. For example, if a large sum of capital funding is to be put at risk in a major project, are the relevant controls judged to be good enough to justify increasing the sum of money at stake to gain even greater advantages? The second is whether or not circumstances arise which, whilst not generating threats, offer positive opportunities. For example, a drop in the cost of goods or services frees up resources which can be re-deployed.
6.2 The option of "treat" in addressing risk can be further analysed into four different types of controls:
- PREVENTIVE CONTROLS: These controls are designed to limit the possibility of an undesirable outcome being realised. The more important it is that an undesirable outcome should not arise, the more important it becomes to implement appropriate preventive controls. The majority of controls implemented in organisations tend to belong to this category. Examples of preventive controls include separation of duty, whereby no one person has authority to act without the consent of another (such as the person who authorises payment of an invoice being separate from the person who ordered goods prevents one person securing goods at public expense for their own benefit), or limitation of action to authorised persons (such as only those suitably trained and authorised being permitted to handle media enquiries prevents inappropriate comment being made to the press).
- CORRECTIVE CONTROLS: These controls are designed to correct undesirable outcomes which have been realised. They provide a route of recourse to achieve some recovery against loss or damage. An example of this would be design of contract terms to allow recovery of overpayment. Insurance can also be regarded as a form of corrective control as it facilitates financial recovery against the realisation of a risk. Contingency planning is an important element of corrective control as it is the means by which organisations plan for business continuity / recovery after events which they could not control.
- DIRECTIVE CONTROLS: These controls are designed to ensure that a particular outcome is achieved. They are particularly important when it is critical that an undesirable event is avoided - typically associated with Health and Safety or with security. Examples of this type of control would be to include a requirement that protective clothing be worn during the performance of dangerous duties, or that staff be trained with required skills before being allowed to work unsupervised.
- DETECTIVE CONTROLS: These controls are designed to identify occasions of undesirable outcomes having been realised. Their effect is, by definition, after the event so they are only appropriate when it is possible to accept the loss or damage incurred. Examples of detective controls include stock or asset checks (which detect whether stocks or assets have been removed without authorisation), reconciliation (which can detect unauthorised transactions), Post Implementation Reviews which detect lessons to be learnt from projects for application in future work, and monitoring activities which detect changes that should be responded to.
6.3 In designing control, it is important that the control put in place is proportional to the risk. Apart from the most extreme undesirable outcome (such as loss of human life) it is normally sufficient to design control to give a reasonable assurance of confining likely loss within the risk appetite of the organisation. Every control action has an associated cost and it is important that the control action offers value for money in relation to the risk that it is controlling. Generally speaking the purpose of control is to constrain risk rather than to eliminate it.
Chapter 7: Reviewing and reporting risks
7.1 The management of risk has to be reviewed and reported on for two reasons:
- To monitor whether or not the risk profile is changing;
- To gain assurance that risk management is effective, and to identify when further action is necessary.
7.2 Processes should be put in place to review whether risks still exist, whether new risks have arisen, whether the likelihood and impact of risks has changed, report significant changes which adjust risk priorities, and deliver assurance on the effectiveness of control. In addition, the overall risk management process should be subjected to regular review to deliver assurance that it remains appropriate and effective. Review of risks and review of the risk management process are distinct from each other and neither is a substitute for the other. The review processes should:
- ensure that all aspects of the risk management process are reviewed at least once a year;
- ensure that risks themselves are subjected to review with appropriate frequency (with appropriate provision for management's own review of risks and for independent review/audit);
- make provision for alerting the appropriate level of management to new risks or to changes in already identified risks so that the change can be appropriately addressed.
7.4 Every central government organisation is required to make provision for Internal Audit. Internal Audit's work provides an important independent and objective assurance about the adequacy of risk management, control and governance.
Inter-Departmental Liaison Group on Risk Assessment, 1996: Use of Risk Assessment within Government Departments
Strategy Unit, 2002: Risk: Improving government's capability to handle risk and uncertainty [pdf, 965Kb]
Health & Safety Executive, 2007: Five steps to risk assessment [pdf, 78Kb]
Regulatory options assessment:
HM Treasury, 2007: The Green Book - Appraisal and Evaluation in Central Government [pdf, 431Kb]
The Government is committed to continuing improvement in the delivery of public services. A major part of this is ensuring that public funds are spent on activities that provide the greatest benefits to society, and that they are spent in the most efficient way.
The Treasury has, for many years, provided guidance to other public sector bodies on how proposals should be appraised, before significant funds are committed and how past and present activities should be evaluated. This new edition incorporates revised guidance, to encourage a more thorough, long-term and analytically robust approach to appraisal and evaluation. It is relevant to all appraisals and evaluations.
Appraisal, done properly, is not rocket science, but it is crucially important and needs to be carried out carefully. Decisions taken at the appraisal stage affect the whole lifecycle of new policies, programmes and projects. Similarly, the proper evaluation of previous initiatives is essential in avoiding past mistakes and to enable us to learn from experience.The Green Book therefore constitutes binding guidance for departments and executive agencies.
Amongst the main changes are the following. First, there is a stronger emphasis on the identification, management and realisation of benefits - in short, focusing on the end in sight, right from the beginning. ... In particular, the new Green Book includes, for the first time, an explicit adjustment procedure to redress the systematic optimism ("optimism bias") that historically has afflicted the appraisal process. Finally, there is greater emphasis on assessing the differential impacts of proposals on the various groups in our society, where these are likely to be significant.
1.1 The purpose of the Green Book is to ensure that no policy, programme or project is adopted without first having the answer to these questions: Are there better ways to achieve this objective? Are there better uses for these resources?
1.7 The Green Book will be useful for: Anyone required to conduct a basic appraisal or evaluation of a policy, project or programme; and, People seeking to expand their knowledge in this area.
1.8 This guidance applies:
At the start ... to any analysis used to support a government decision to adopt a new policy, or to initiate, renew, expand or re-orientate programmes or projects, which would result in measurable benefits and/or costs to the public. This is the appraisal part of the process.
And at the finish ... to retrospective analysis of a policy, programme or project at its completion, conclusion or revision. This is the evaluation part of the process.
2. Overview of appraisal and evaluation
2.2 Appraisal and evaluation often form stages of a broad policy cycle that some departments and agencies formalise in the acronym ROAMEF (Rationale, Objectives, Appraisal, Monitoring, Evaluation and Feedback).
2.6 Chapter 3 - Justifying Action.
The first step is to carry out an overview to ensure that two pre-requisites are met: firstly, that there is a clearly identified need; and secondly, that any proposed intervention is likely to be worth the cost. This overview must include an analysis of the negative consequences of intervention, as well as the results of not intervening, both of which must be outweighed to justify action. In many cases, the preliminary step will involve research to set out the scope of the issue to be addressed, and the reasons for intervention.
2.7 Chapter 4 - Setting Objectives.
The second step is to set out clearly the desired outcomes and objectives of an intervention in order to identify the full range of options that may be available to deliver them. Targets should be set to help progress towards meeting objectives.
2.8 Chapter 5 - Option Appraisal.
The third step is to carry out an option appraisal.This is often the most significant part of the analysis. Initially a wide range of options should be created and reviewed. This helps to set the parameters of an appropriate solution. A shortlist may then be created to keep the process manageable, by applying the techniques summarised below to high level estimates or summary data. The 'do minimum' option should always be carried forward in the shortlist, to act as a check against more interventionist action.
2.9 Each option is then appraised by establishing a Base Case. This is the best estimate of its costs and benefits. These estimates can then be adjusted by considering different scenarios, or the option's sensitivity to changes can be modelled by changing key variables.
More fully, the appraisal may develop as follows:
- Identify and value the costs of each option.
- Identify and value the benefits of each option.
If required, adjust the valued costs and benefits for:
- Distributional impacts (the effects of proposals on different sections of society);
- Relative price movements.
Adjust for the timing of the incidence of costs and benefits by discounting them, to obtain their present values.
If necessary, adjust for material differences in tax between options.
Adjust for risk and optimism to provide the Base Case, and consider the impacts of changes in key variables and of different future scenarios on the Base Case.
Consider unvalued impacts (both costs and benefits), using weighting and scoring techniques if appropriate.
2.10 Chapter 6 - Developing and implementing a solution
Following option appraisal, decision criteria and judgment should be used to select the best option or options, which should then be refined into a solution. Consultation is important at this stage, regardless of whether it has taken place earlier. Procurement routes should also be considered, including the role of the private sector.
2.11 Issues that may have a material impact on the successful implementation of proposals must be considered during the appraisal stage, before significant funds are committed. This is to ensure that the outcome envisaged in the appraisal is close to what eventually happens.
2.12 Chapter 7 - Evaluation
Evaluation is similar in technique to appraisal, although it obviously uses historic (actual or estimated) rather than forecast data, and takes place after the event. Its main purpose is to ensure that lessons are widely learned, communicated and applied when assessing new proposals.
Better Regulation Task Force, 2003: Principles of Good Regulation [pdf, 162Kb]
Regulation may widely be defined as any government measure or intervention that seeks to change the behaviour of individuals or groups. It can both give people rights (e.g. equal opportunities), and restrict their behaviour (e.g. compulsory use of seat belts).
The job of government is to get the balance right, providing proper protection and making sure that the impact on those being regulated is proportionate. Politicians differ about the appropriate level of intervention, but all governments should ensure that regulations are necessary, fair, effective, affordable and enjoy a broad degree of public confidence. To achieve this, any policy intervention, and its enforcement, should meet the following five principles which the Better Regulation Task Force devised in 1997:
Government can prescribe the behaviour it expects from business and individuals by setting rules or standards. There are areas where this is the best means of achieving a policy objective. However, prescriptive regulation, like many other means of government intervention, may have unintended consequences, and without enforcement compliance may be limited. It will often be less flexible and less sympathetic to the way markets work than other tools.
Regulators should only intervene when necessary. Remedies should be appropriate to the risk posed, and costs identified and minimised.
Policy solutions must be proportionate to the perceived problem or risk and justify the compliance costs imposed dont use a sledgehammer to crack a nut.
All the options for achieving policy objectives must be considered not just prescriptive regulation.
Regulators must be able to justify decisions, and be subject to public scrutiny.
Proposals should be published and all those affected consulted before decisions are taken.
Regulators should clearly explain how and why final decisions have been reached.
Regulators and enforcers should establish clear standards and criteria against which they can be judged.
Government rules and standards must be joined up and implemented fairly.
Regulators should be consistent with each other, and work together in a joined-up way.
New regulations should take account of other existing or proposed regulations, whether of domestic, EU or international origin.
Regulation should be predictable in order to give stability and certainty to those being regulated.
Regulators should be open, and keep regulations simple and user-friendly.
Policy objectives, including the need for regulation, should be clearly defined and effectively communicated to all interested parties.
Effective consultation must take place before proposals are developed, to ensure that stakeholders views and expertise are taken into account.
Regulation should be focused on the problem, and minimise side effects.
Regulations should focus on the problem, and avoid a scattergun approach.
Enforcers should focus primarily on those whose activities give rise to the most serious risks.
Regulations should be systematically reviewed to test whether they are still necessary and effective. If not, they should be modified or eliminated.
Be balanced and avoid knee-jerk reactions. Ministers can come under pressure to react immediately in response to high profile public concerns. This can lead to ineffective or disproportionate regulation being introduced.
Seek to reconcile contradictory policy objectives. Clear assessments of the likely impact of regulations are essential for identifying and reconciling contradictory objectives.
Balance risks, costs and benefits. It is neither practical nor desirable for regulators to seek to remove all risk. Trade-offs between the costs and benefits of regulation need to be assessed, and citizens allowed, within reason, to make their own judgements about the risks in question.
Avoid unintended consequences. By regulating in one area, regulators may unintentionally create problems elsewhere.
Have broad public support. Broad public support for a policy or regulation is a good indicator that the public sees it as necessary. Where such support is absent, compliance is likely to be low.
Be enforceable. To be effective regulation must also be practical to enforce.
Identify accountability. When things go wrong there must be clear accountability without resorting to unfair retribution.
Be relevant to current conditions. Regulations should be reviewed on a regular basis to ensure that they remain necessary and relevant.
Centre for Management and Policy Studies, 2001: Better Policy Making [pdf, 1.1Mb]
What does a modernised policy-making process look like?
The Modernising Government White Paper identifies where the policy-making process needs to change if policy-makers are to be confident of delivering policies fit for the challenge of the twenty-first century. Those changes involve:
designing policies around outcomes
making sure policies are inclusive, fair and evidence-based
avoiding unnecessary burdens on businesses
involving others in policy-making
becoming more forward and outward-looking
learning from experience.
This framework formed the basis for the thinking behind Professional Policy Making for the Twenty-First Century (Cabinet Office, 1999). This report developed a model of the modernised policy process and used it to carry out an audit of good practice, identifying where the strengths of present practice lay and where further change seemed necessary. This work concluded that one way forward was to produce a descriptive model of policy-making, consisting of:
a series of high level features which, if adhered to, should produce fully effective policies
three themes vision, effectiveness and continuous improvement that fully effective policy-making will need to encompass
nine core competencies that relate to each theme and together encapsulate all the key elements of the policy-making process
definitions of the core competencies, together with descriptions of the evidence needed to demonstrate each competency.
Perhaps the most valuable piece of learning to come from Professional Policy Making for the Twenty-First Century is the taxonomy of the features of modern policy-making. The competencies highlighted here formed the basis of our approach to policy makers across Government.
THE NINE FEATURES OF MODERN POLICY-MAKING
1 FORWARD LOOKING
The policy-making process clearly defines outcomes that the policy is designed to achieve and, where appropriate, takes a long-term view based on statistical trends and informed predictions of social, political, economic and cultural trends, for at least five years into the future of the likely effect and impact of the policy. The following points demonstrate a forward looking approach:
A statement of intended outcomes is prepared at an early stage
Contingency or scenario planning
Taking into account the Government's long term strategy
Use of DTI's Foresight programme and/or other forecasting work
2 OUTWARD LOOKING
The policy-making process takes account of influencing factors in the national, European and international situation; draws on experience in other countries; considers how policy will be communicated with the public. The following points demonstrate an outward looking approach:
Makes use of OECD, EU mechanisms etc
Looks at how other countries dealt with the issue
Recognises regional variation within England
Communications/presentation strategy prepared and implemented
3 INNOVATIVE, FLEXIBLE AND CREATIVE
The policy-making process is flexible and innovative, questioning established ways of dealing with things, encouraging new and creative ideas; and where appropriate, making established ways work better. Wherever possible, the process is open to comments and suggestions of others. Risks are identified and actively managed. The following points demonstrate an innovative, flexible and creative approach:
Uses alternatives to the usual ways of working (brainstorming sessions etc)
Defines success in terms of outcomes already identified
Consciously assesses and manages risk
Takes steps to create management structures which promote new ideas and effective team working
Brings in people from outside into policy team
The advice and decisions of policy makers are based upon the best available evidence from a wide range of sources; all key stakeholders are involved at an early stage and throughout the policy's development. All relevant evidence, including that from specialists, is available in an accessible and meaningful form to policy makers.Key points of an evidence based approach to policy-making include:
Reviews existing research
Commissions new research
Consults relevant experts and/or used internal and external consultants
Considers a range of properly costed and appraised options
The policy-making process takes account of the impact on and/or meets the needs of all people directly or indirectly affected by the policy; and involves key stakeholders directly. An inclusive approach may include the following aspects:
Consults those responsible for service delivery/implementation
Consults those at the receiving end or otherwise affected by the policy
Carries out an impact assessment
Seeks feedback on policy from recipients and front line deliverers
6 JOINED UP
The process takes a holistic view; looking beyond institutional boundaries to the government's strategic objectives and seeks to establish the ethical, moral and legal base for policy. There is consideration of the appropriate management and organisational structures needed to deliver cross-cutting objectives. The following points demonstrate a joined-up approach to policy-making:
Cross cutting objectives clearly defined at the outset
Joint working arrangements with other departments clearly defined and well understood
Barriers to effective joined up clearly identified with a strategy to overcome them
Implementation considered part of the policy making process
Existing/established policy is constantly reviewed to ensure it is really dealing with problems it was designed to solve, taking account of associated effects elsewhere. Aspects of a reviewing approach to policy-making include:
Ongoing review programme in place with a range of meaningful performance measures
Mechanisms to allow service deliverers/customers to provide feedback direct to policy makers set up
Redundant or failing policies scrapped
The need for change is multifaceted. The world for which policy-makers have to develop policies is becoming increasingly complex, uncertain and unpredictable. The electorate is better informed, has rising expectations and is making increasing demands for services tailored to their individual needs. Key policy issues, such as social exclusion and reducing crime, overlap and have proved resistant to previous attempts to tackle them, yet the world is increasingly inter-connected and inter-dependent. Issues switch quickly from the domestic to the international arena and an increasingly wide diversity of interests needs to be co-ordinated and harnessed. Governments across the world need to be able to respond quickly to events to provide the support that people need to adapt to change and that businesses need to prosper. Technological advancement offers new tools and has the potential to fundamentally alter the way in which policy is made.
Systematic evaluation of the effectiveness of policy is built into the policy making process. Approaches to policy making that demonstrate a commitment to evaluation include:
Clearly defined purpose for the evaluation set at outset
Success criteria defined
Means of evaluation built into the policy making process from the outset
Use of pilots to influence final outcomes
In parallel with these external pressures, the Government is asking policymakers to focus on solutions that work across existing organisational boundaries and on bringing about change in the real world. Policy-makers are urged to adapt to this new, fast-moving, challenging environment if public policy is to remain credible and effective.
9 LEARNS LESSONS
Learns from experience of what works and what does not. A learning approach to policy development includes the following aspects:
Information on lessons learned and good practice disseminated
Account available of what was done by policy-makers as a result of lessons learned
Clear distinction drawn between failure of the policy to impact on the problem it was intended to resolve and managerial/operational failures of implementation.
WHAT ARE THE BENEFITS OF CHANGE?
Put simply, the aim of better policy-making is better policy. Modern public policy needs to be soundly based, enduring and coherent. Whilst the rationale behind the modernisation agenda is still publicly debated both here and abroad is it cost efficiency, Europeanisation, agentification, response to globalisation etc? - the need for better public services, and thus better public policy-making remains unchallenged.
In addition to the rather obvious claim for better policy-making resulting in better public services, the Modernising Government White Paper also suggests that modern approaches can foster broader involvement of the public in the decision-making process, encourage greater citizenship and better exploit creativity and diversity in organisations and communities.
Better policy-making has the potential to secure public confidence through greater transparency. The introduction of the Freedom of Information Act, and recent public concern about the handling of BSE, for example, have underlined the need to maintain public confidence in the policy-making process.
Other benefits attributed to better policy-making include the importance of maintaining the unity of the civil service in a devolved environment. Ensuring that the civil service is able to continue effectively to discharge its role as prime policy advisers has also been identified as a concern for the modernisation agenda.
The shock of the new
Although the need for training was widely recognised, for many policy-makers a cultural change was also required in order to respond to the modernising agenda. The traditional mindset towards policy-making was frequently cited as a barrier to change. For many, whilst the need for change was accepted, a lack of familiarity with the new approach spelt uneasiness. Policy-makers frequently spoke of feeling more comfortable sticking to traditional methods, of lacking confidence in new ways of working, such as project management, and of a fear of failure.
Organisational structure and culture
Organisational structures were seen as too traditional, rigid and hierarchical and were often identified as incompatible with professional policy making.
Many thought that there was a propensity for some Ministers to be short-termist, and heavily focused on presentational issues. A number of policymakers considered that this often made Ministers wary about speculative discussion, together with a tendency to pursue new structures and schemes before the performance of those already in place has been properly established.
Innovation and risk
There was a general acceptance that fear of failure and the high penalties attached to mistakes acted as powerful disincentives to real innovation.
Professional Policy Making for the Twenty-First Century recognised that barriers to innovation may be deep-seated and difficult to remove or overcome. Policy-makers responding to our survey eighteen months later still felt that a blame culture prevailed, stifling innovation.
Good quality policy-making depends on high quality information and evidence. Modern policy-making calls for the need to improve Departments capacity to make best use of evidence, and the need to improve the accessibility of the evidence available to policy-makers.
Joined-up and inclusive
In traditional policymaking, policy is developed in sequential bubbles with policymakers in different Government Departments and often even in different areas of the same one thinking and working in isolation from each other. Thinking is often taken to a sophisticated level before others are consulted and rarely takes account of operational issues.
What works: evidence, evaluation and expertise in the policy process
' Government should regard policy-making as a continuous learning process, not as a series of one-off initiatives. We will improve our use of evidence and research so that we understand better the problems we are trying to address. We must make more use of pilot schemes to encourage innovations and test whether they work. We will ensure that all policies and programmes are clearly specified and evaluated, and the lessons of success and failure are communicated and acted upon ' (Modernising Government White Paper, 1999).
Innovative, flexible and creative policy development
Traditional methods are tried and tested and occasionally lead to a breakthrough by the gifted genius unfettered by the thinking of more cautious colleagues. But more typically, it is slow and cumbersome leading to nugatory work, protracted negotiations and compromises or impasses. The outcomes are often poor quality.
Forward and outward-looking approaches to policy-making
CMPSs survey suggests that policymakers are becoming increasingly aware of the need to adopt a strategic approach to policy-making, and the growth of strategic units across Government, together with the networking between them, provides testimony to this. Less evidence exists to suggest that policy-makers have become more outward-looking.
Common law judicial review:
Treasury Solicitor, 2006: The Judge over Your Shoulder [pdf, 345Kb]
Department for Constitutional Affairs, 2006: Human Rights: human lives - a handbook for public authorities [pdf, 411Kb]