Cabinet Office permanent secretary Alex Chisholm and his Department of Health and Social Care counterpart Sir Chris Wormald have challenged proposals for the creation of a cross-government “chief risk officer”.
Introducing the new post – at the helm of a new Office for Preparedness and Resilience – was one of a series of recommendations made by members of the House of Lords Risk Assessment and Risk Planning Committee last month, based on experience from the Covid-19 pandemic.
But at a Public Accounts Committee session on risk this week, Chisholm and Wormald questioned the merits of the peers’ plan.
Chisholm, who is also civil service chief operating officer, said a cross-government risk role could blur lines of accountability and prompt buck-passing on the part of perm secs. Wormald questioned whether any one individual would be capable of managing the “CRO” job.
PAC chair Dame Meg Hillier said there appeared to be “real institutional resistance” across Whitehall to the idea of having a central risk officer, despite the fact that there was already a chief medical officer and a chief scientific officer.
Asked what progress had been made with the plans for a CRO, Chisholm said that while he was “sympathetic” to the spirit behind the Lords committee’s recommendation, government had yet to reach a “settled view” on whether it would be a good idea.
“If you had a chief risk officer, would that help or would that hinder?” he asked. “I think I’m probably a little bit sceptical about that as a personal view.
“You want risk to be held by the people who are working in departments or in arm’s length bodies. If there’s a sense of ‘I don’t need to worry about risk, it’s somebody else’s problem’, a chief risk officer, whoever that might be, however wonderful they are, that might move the burden of responsibility from where it most needs to sit.”
Hillier subsequently asked Chisholm why Whitehall had a problem with having a chief risk officer when the private sector had somebody with that role in every major organisation.
The perm sec acknowledged “some precedents” but insisted there were fundamental differences between government and private-sector institutions.
“Banks are large organisations, they face lots of different types of risk,” he said. “But they are of a certain type. They are financial risks and those are very different to the 130 types of risk – those are the very high level ones, with a particular level of severity and probability – that we include in the National Risk Register.
“It would be difficult to say that one person had the particular level of expertise to be an authority on all of those topics.
“I think that we agree that we need to have a common practice and to have a head of the risk-management function to be responsible for all of that across government. But that’s from a centre of excellence basis. What we don’t want to do is to undo the sense of responsibility that people have for risk.”
Wormald told PAC members at Wednesday’s session that although it would be “tremendously convenient” for him if somebody else was accountable for all of his risks at DHSC, he did not think it was the right way forward.
“My question is one of practicality,” he said. “For something that covers 40% of the economy, is there actually a person who you would appoint who is able to do that? I’m not sure that you could.
He added: “I don’t think it can run like the chief risk officer of a bank.”
Hillier suggested that Wormald’s problem was that he could not think of an individual who was capable of being appointed to the position of CRO.
The perm sec agreed it was a “pertinent point” but insisted that the scale of risk faced by government was “way off the chart for anything in the private sector”.
Chisholm said the discussion showed that both he and Wormald were “enthusiastically agreeing about the need for challenge”.
But he added: “We don’t want to do anything to weaken the chains of responsibility and expertise. That’s the area of debate.”