SL18-Risk Management Policy
{{org_field_logo}}
{{org_field_name}}
Registration Number: {{org_field_registration_no}}
Risk Management Policy
1. Purpose
The purpose of this policy is to provide a structured approach to managing risks within our supported living scheme. {{org_field_name}} is committed to ensuring that all potential risks to tenants, support staff, and the business are identified, assessed, and managed effectively. By implementing a robust risk management framework, we aim to create a safe, high-quality support environment that supports the well-being of everyone involved.
2. Scope
This policy applies to all aspects of our supported living operations, including tenants, employees, contractors, visitors, and other stakeholders. It covers the identification, assessment, control, monitoring, and review of risks associated with the delivery of support schemes.
Our approach supports compliance with the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, particularly Regulation 12 (Safe care and treatment) (assessing risks to health and safety and doing all that is reasonably practicable to mitigate them) and Regulation 17 (Good governance) (systems and processes to assess, monitor and improve quality and safety). It also supports Regulation 13 (Safeguarding service users from abuse and improper treatment) and Regulation 18 (Staffing), as well as duties under the Care Act 2014, the Health and Safety at Work etc. Act 1974, and the Mental Capacity Act 2005 where risk decisions involve consent, capacity and best interests.
As a supported Living provider, we recognise that people have the right to make choices and take proportionate risks as part of ordinary life. Risk management is therefore person-centred, balances safety with autonomy, and avoids blanket rules. Where people choose to take risks, we use positive risk-taking approaches: exploring options, agreeing safer ways to achieve desired outcomes, recording decisions, and reviewing regularly. Any restrictions must be individualised, lawful, proportionate and least restrictive.
2.1 Legal and Regulatory Framework
This policy supports compliance with the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, in particular: Regulation 12 (Safe care and treatment) (assessing risks to health and safety and doing all that is reasonably practicable to mitigate them), Regulation 13 (Safeguarding service users from abuse and improper treatment), Regulation 17 (Good governance) (systems and processes to assess, monitor and improve quality and safety), and Regulation 18 (Staffing) (ensuring staff are competent to deliver care safely). It also supports compliance with the Health and Safety at Work etc. Act 1974, the Care Act 2014 safeguarding duties, and the Mental Capacity Act 2005 where risk decisions involve consent, capacity and best interests.
https://www.legislation.gov.uk/uksi/2014/2936/regulation/12/made?view=plain
3. Commitment to Risk Management
{{org_field_name}} is committed to fostering a culture where risk management is embedded into daily practices. We actively encourage support staff at all levels to participate in risk identification and mitigation processes. By implementing proactive measures, we aim to prevent accidents, minimise harm, and ensure the continuous improvement of our schemes. We provide regular training and resources to our team to equip them with the necessary skills to manage risks effectively.
3.1 Roles and Responsibilities
- All staff: identify hazards, follow risk controls, complete/implement risk assessments, report incidents and near misses promptly, and participate in reviews.
- Keyworker/Lead Support Worker (where applicable): supports the person to understand risk plans, ensures daily controls are applied, and flags any change in presentation or risk level.
- Registered Manager / Service Manager: accountable for the risk management system; ensures risk assessments are robust; escalates high risks; maintains oversight of the risk register; ensures learning is implemented and audited.
- Safeguarding Lead: leads safeguarding decision-making and referrals where risk indicates potential abuse, neglect, exploitation or improper treatment; supports multi-agency working.
- Senior leadership / Responsible Individual: receives scheduled risk reports, approves high-risk action plans, and ensures sufficient resources are in place to mitigate risks.
4. Risk Identification and Assessment
We employ a systematic approach to identifying risks across all areas of scheme provision. This includes conducting initial risk assessments during scheme user onboarding, as well as ongoing evaluations throughout their support journey. Risks are categorised into different types, including physical, emotional, financial, environmental, and operational risks. Our support staff are trained to recognise hazards, report concerns promptly, and document findings accurately.
Once a risk is identified, it is assessed based on its likelihood and potential impact. This enables us to prioritise risks and determine the most appropriate control measures. Our risk assessment process follows a structured methodology, ensuring that risks are reviewed comprehensively and that mitigation strategies are proportionate to the level of risk posed.
4.1 Risk Assessment Method and Review Frequency
Each risk assessment records: the hazard, who may be harmed, current controls, risk rating (likelihood x impact), further actions required, responsible person, target date and review date. Review frequency is based on risk level:
- High risk: reviewed at least monthly (and immediately following any incident, near miss, or significant change).
- Medium risk: reviewed at least quarterly.
- Low risk: reviewed at least annually.
Risk assessments are also reviewed following changes in health, medication, behaviour/presentation, environment, staffing arrangements, safeguarding concerns, complaints, hospital admission, or a significant event.
4.2. Dynamic Risk Assessment
Where circumstances change in real time (for example, escalation in behaviour, unexpected visitors, community risks, substance misuse concerns, environmental hazards, increased vulnerability, or staff concerns about immediate safety), staff will complete a dynamic risk assessment and take the least restrictive action necessary to reduce immediate risk. Actions taken and learning identified will be recorded and used to update relevant risk assessments and support plans.
5. Risk Mitigation and Control Measures
To reduce and manage risks effectively, {{org_field_name}} implements control measures tailored to each specific risk scenario. These measures include:
- Providing support staff with adequate training on health and safety, infection control, and safeguarding practices.
- Ensuring that tenants’ living spaces are safe and free from hazards by conducting regular environmental checks.
- Implementing robust medication support systems (if required) to prevent errors and ensure safe administration.
- Establishing clear protocols for handling emergencies, including fire safety, medical incidents, and safeguarding concerns.
- Regularly reviewing and updating policies and procedures to reflect best practices and regulatory requirements.
All control measures are regularly monitored and adjusted as needed to maintain their effectiveness. {{org_field_name}} places a strong emphasis on support staff awareness and accountability, ensuring that all employees understand their roles in mitigating risks.
6. Monitoring and Review
Continuous monitoring and review of risk management processes are integral to maintaining a high standard of support. We have established a risk register that documents identified risks, actions taken, and outcomes achieved. Regular audits, incident reports, and feedback from support staff and tenants are used to assess the effectiveness of our risk management strategies.
Quarterly risk management meetings are held to evaluate trends, discuss areas for improvement, and implement necessary changes. When significant risks are identified, they are escalated to senior management for further review and action. {{org_field_name}} is committed to a cycle of continuous improvement, ensuring that lessons learned from past incidents inform future risk prevention strategies.
6.1 Risk Register Oversight and Escalation
Our risk register records: risk description and category, root cause (where known), existing controls, risk score, further actions, action owner, due dates, review dates, and status (open/closed). High risks and overdue actions are escalated to the Registered Manager immediately and, where required, to senior leadership. Trends from incidents, near misses, complaints, safeguarding concerns and audits are reviewed and used to update the risk register, training priorities and service improvement actions.
7. Staff Training and Responsibilities
All support staff members receive comprehensive training on risk management upon joining the organisation, with ongoing refresher sessions provided at regular intervals. Training covers essential topics such as hazard identification, reporting procedures, emergency response, and best practices in risk prevention.
Managers and supervisors are responsible for overseeing risk management activities within their teams, ensuring compliance with established policies and procedures. Staff members are encouraged to report any risks they identify and participate in the development of safer working practices. By fostering a proactive and informed workforce, we enhance our ability to manage risks effectively.
8. Incident Reporting and Learning from Events
A transparent and responsive incident reporting system is essential to our risk management framework. All incidents, near misses, and accidents are documented, investigated, and analysed to identify underlying causes. The findings from these investigations are used to refine policies, update training materials, and introduce additional control measures where necessary.
Service users and their families are also encouraged to raise concerns about safety or report incidents. We ensure that all reports are handled with sensitivity, confidentiality, and a commitment to resolving issues promptly.
8.1 External Reporting and Duty of Candour
Where incidents meet statutory thresholds, we will notify the Care Quality Commission (CQC) without delay in accordance with Regulation 18 of the Care Quality Commission (Registration) Regulations 2009 (Notification of other incidents). Where an incident constitutes a notifiable safety incident, we will follow Regulation 20 (Duty of Candour) by communicating openly and transparently with the person affected and/or their representative, providing an explanation of what is known at the time, offering an apology where appropriate, keeping a written record of communications and actions taken, and providing written follow-up and updates in line with our Duty of Candour procedure.
9. Compliance and Governance
{{org_field_name}} maintains governance systems to ensure risks are assessed, monitored and mitigated in line with Regulation 12 (Safe care and treatment) and Regulation 17 (Good governance). Governance includes oversight of the risk register; review of incident/near miss trends; safeguarding outcomes; audit findings; completion of action plans to reduce risk; and assurance that staff receive training and supervision to manage risks safely. Policies and risk controls are reviewed and updated when risks change, when learning is identified, or when guidance/legislation changes
10. Policy Review and Updates
This policy is reviewed annually or as required due to changes in legislation, organisational structure, or emerging risks. Amendments are made in consultation with key stakeholders, ensuring that our risk management approach remains relevant and effective.
Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright © {{current_year}} – {{org_field_name}}. All rights reserved.