UKGI00045874
UKG100045874
Terms of Reference for ShEx Risk and Assurance Committee
Corporate structure and role
The Risk & Assurance Committee (R&AC) is the key body established by the
Shareholder Executive (ShEx) to support the Executive Committee (ExCo) in
monitoring corporate governance, risk management and control systems within ShEx.
ExCo delegates the day to day management of risk and provision of quality assurance
within Shareholder Executive (ShEx). The R&AC is an extension of ExCo, to carry
out certain defined roles on its behalf. All relevant decision-making responsibility
remains within ExCo. The structure and input to R&AC is set out below and the
duties of R&AC are described in more detail on page 3.
Shex Board
Financial
models
ShEx risk
QA
Rolling Handbook
report
The principal objective of the R&AC is to lower the overall risk profile of ShEx
through focusing on, and improving, the risk mitigation activities being applied by the
individuals and teams across the department. One of its key objectives is to consider
the projects and transactions on which ShEx has ongoing responsibility. It will also
regularly consider the profile of new sources of work for ShEx.
It is also a vehicle to provide peer support and a review mechanism to SROs within
ShEx.
The current Terms of Reference have been approved by BIS Internal Audit and will
be discussed with the NAO before the next scheduled R&AC meeting on 21% August
2013.
Membership of Risk and Assurance Committee
Quorum requirement (4 SCS) as follows:
e ShEx COO (Chair)
¢ 1 other member ExCo*
e 2Grade 5 from panel**
Rolling attendees
ShEx Risk Champion
ShEx Portfolio Unit
Financial Models Champion
Secretariat
Maximum 2 from G6/G7 pool
By invite/request
e All members of ExCo
UKGI00045874
UKGI00045874
* Where ShEx COO cannot attend, 2 members of ExCo will be required to attend with one of
those acting as alternative Chair.
** Panel to be selected on a “R&AC-by-R&AC” basis, and to be independent of main agenda
items.
Grade 5 panel
Two from the G5 panel below will attend each R&AC to make the meeting quorate.
Attendance will be managed by the Secretariat to ensure an even distribution of
meetings across the panel and that appropriate individuals are invited to each specific
R&AC with respect to the agenda. The panel, initially, are:
Adam Thynne
David Curley
Patrick Magee
Nathan Phillips
Declan Burke
Craig Lester
Elizabeth Cuthbertson
Jerry Storrs
Will Gibson
Tim Martin
Attendance and Substitutes
All R&AC members are expected to prioritise attendance as far as is possible.
Substitutes to the quorum requirements set out above are not permitted.
Frequency and timing of meeting
ShEx R&AC to meet fortnightly. Most meetings are expected to be 1.5-2 hours.
ExCo may also require a specific R&AC be convened on a specific topic at short
notice.
Conflicts of Interest
Members of the panel who become aware of a potential conflict of interest relating to
matters being discussed by the Committee should give prior notification to the Chair,
and where necessary withdraw from the discussion of the relevant agenda item.
Duties
The ShEx R&AC is authorised by ExCo to have the following responsibilities:
e Consider and approve the ShEx risk dashboard report on a regular basis
¢ Periodically consider and approve the ShEx risk register
e Escalate key risks to ExCo as necessary, and advise ExCo on necessary
decision-making
e Consider specific documents/presentations from teams/individuals as needed
(including as instructed by ExCo), to provide peer to peer support and
challenge on particular topics
e Consider potential new sources of work/responsibility for ShEx, including
associated MoUs, and recommend to ExCo any courses of action
e¢ Manage the communication (and adoption) of the Laidlaw toolkit for SROs
within ShEx
e Provide project lifecycle assurance to projects/programmes as needed
e Review and approve the ShEx process and procedures described in the ShEx
handbook
e Interact with Portfolio Unit reviews to provide additional assurance on health
of portfolio investments, with a focus on particular risks
e Monitor and challenge quality assurance profile of all financial models used
within ShEx
e Undertake periodic reporting in to BIS on ShEx risk
Reporting
UKGI00045874
UKGI00045874
The Secretariat shall circulate agenda and papers 3 working days prior to R&AC
meeting, and circulate minutes and actions of meeting no more than 2 days after
meeting.
Seek, wherever possible, to ensure that requests for new papers are kept to a minimum
and, as far as possible, existing documentation forms the basis of the papers.
The Chair/ShEx COO shall report all substantive issues arising at following ShEx
board and ExCo, and agree the subsequent agenda for R&AC.
Evaluation
R&AC will, from time to time, review its TOR and make any amendments needed (in
consultation with ExCo). This should occur at least three times in any twelve months.
As part of this review, the panel will ensure that the R&AC is not providing
unnecessary duplication to other forms of programme and project assurance
individual transactions may receive.
UKGI00045874
UKGI00045874