6 Virtual Brochure – February 2024 Overall risk trends Our analysis is based on the strategic risk registers of 17 HEIs at the end of the 2022-23 academic year. Details of our approach our set out in Appendix A, but in brief: • each risk has been categorised against one of the 23 common sector themes • we have normalised the inherent and residual risk scores, using a 0-1.0 scoring system, and calculated the averages of these for each risk theme • we have calculated the difference between the average normalised inherent and residual risk scores for each theme to examine the extent to which institutions believe that risks are being managed • we have analysed the frequency of risks and the occurrence of risk themes across the group of institutions. Figure 1, overleaf, presents the average intrinsic and mitigated risk score for each thematic area, ranked by the inherent risk score. Risks with the higher intrinsic scores tend to be those areas such as cybersecurity, student recruitment, industrial relations, and UK policy environment, where factors outside of institutions’ control have a stronger influence on the likelihood and severity of risk impacts. It is notable this year that student outcomes features highly as an inherent risk, when student experience features as the risk area with the lowest intrinsic score. Figure 2, page 8, presents the difference between the average unmitigated and mitigated risks scores. This reflects how confident institutions are feeling collectively about the effectiveness of their actions in managing and mitigating risks in the different thematic areas. This shows, for example, a high degree of confidence in managing and mitigating risks around student mental health and wellbeing, data issues, business continuity, cybersecurity, and legal and regulatory compliance activities. As would be expected, there is less confidence in mitigating risks largely driven from external factors such as the UK policy environment, environmental sustainability, and geopolitics. In Figure 3, page 9, it is important to recognise that the analysis is in part influenced by the frequency with which risks appear on strategic risks registers. Risks to the lefthand side of the graph relating to financial sustainability, staffing, student recruitment, estates, OfS compliance and cybersecurity (which may be grouped with digital estate) are matters for concern for almost all institutions. In contrast, risks around the UK policy environment, governance and data quality and management do not feature highly, suggesting that risks in these areas are of lesser concern to the majority of institutions in our analysis.
RkJQdWJsaXNoZXIy NTI5NzM=