Strategic Risk Tolerances

This chart sets out the various levels of Strategic Risk Tolerances.

Tolerance Level LOW MODERATE SUBSTANTIAL SEVERE CRITICAL
Occurrence is highly unlikely Occurrence is possible but not likely Occurrence is likely Occurrence is highly likely Occurrence is highly likely in the near future
Strategic Risk Areas
Inability to Proactively Fight Fraud Current CFA model geared towards reactive and does not have proactive intelligence or counter fraud function.
Resources Aging workforce/ finance limitation/ difficulties recruiting to specialist roles/ impact of transformation & evolutionary changes on organisation.
Cyber Risk (Internal) Maintaining IT infrastructure, resources, resilience/ identify, plan combat issues raised by cloud migration/ effect on access, performance, ability to operate and provide counter fraud services to the sector.
Cyber Enabled Fraud Growing use of technology to commit and/ support the commission of fraud offences/ increased vulnerability of growing fraud type and the ability of the sector to respond/ recognise the ways in which technology is increasingly being used
Inability to Deliver Strategic Objectives Changes in NHS & counter fraud landscape/ impact of the Health & Social Care Bill/ powers to deal with combined budget fraud losses/ emerging stakeholder engagement requirements/ post COVID-19 impact.