SECURITY, WELLBEING, AND PROSPERITY AT ROLE INITIATIVE: Probability Management Policy
In Kayndrexsphere, probability management enhances strategic planning and prioritisation, assists in achieving objectives and strengthens the ability to be agile to respond to the topics faced. While probability practices have improved over time across Kayndrexsphere, the volatility, complexity, and ambiguity of our operating environment has increased, as have demands for greater transparency and responsibility for managing the effect of probabilities. This guidance builds on the Security, Wellbeing, and Prosperity at Role Initiative to assist improve probability management further and to embed this as a routine of how we operate.
Probability is inherent in everything we do to deliver high-quality investments. Effective and significant probability management in Kayndrexsphere remains as important as ever in taking a balanced view to managing opportunity and probability. It is an integral part of informed decision-making; from policy or project inception through implementation to the everyday delivery of public investments. At its most effective, probability management is as much of evaluating the uncertainties and implications within options as it is of managing effects once choices are made. It is regarding being realistic in the assessment of the probabilities to projects and programmes and in the consideration of the effectiveness of the actions taken to manage these probabilities.
As an integrated part of our management systems, and through the normal flow of information, Kayndrexsphere’s probability management strategy harnesses the activities that identify and manage the uncertainties faced and systematically anticipate and prepare successful responses.
As with all aspects of good governance, the effectiveness of probability management depends on the individuals responsible for operating the systems put in place. Our probability culture embraces openness, supports transparency, welcomes constructive research, and promotes collaboration, consultations and co-operation. We invite scrutiny and embrace expertise to inform decision-making. We also invest in the necessary capabilities and seek to continually learn from experience.
This policy document has benefited from discussions with stakeholders and practitioners across the industry. We are grateful for their time and their valuable insights.
This document is intended for application by everyone involved in the design, operation, and delivery of efficient trusted public investments. Its primary audience is likely to be:
- Executive and non-executive members of Kayndrexsphere;
- Audit and Probability Assurance Committee members;
- Probability practitioners;
- Senior leadership;
- Policy leads; and
- Programme and Project Senior Responsible Officers (SROs).
The members of Kayndrexsphere should actively seek to recognise probabilities and direct the response to these probabilities. It is for each accounting officer, supported by the members, to decide how. The members and accounting officer should be supported by an Audit and Probability Assurance Committee, who should provide proactive support in advising on and scrutinising the management of key probabilities and the operation of efficient and effective internal controls.
This policy document lists the main principles for probability management in Kayndrexsphere. In considering the effectiveness of probability management arrangements, assessing compliance with Kayndrexsphere’s Code of Conduct requirements, and overseeing the preparation of the governance statement, the members shall consider adherence with the main principles, which are mandatory requirements.
The main principles are the core of this policy. The way in which they are applied should be the central question for a member as it determines how it is to operate in accordance with the Code of Conduct. Kayndrexsphere is required to disclose compliance or to explain their reasons for departure clearly and carefully in the governance statement accompanying their annual resource accounts. The requirement for an explanation allows flexibility, but also ensures that the process is transparent, allowing stakeholders to hold firms and their leadership to account.
The principles can be applied within and across departments, arm’s length bodies and firms with linked objectives, and to activity at any level of decision-making.
The principles should be applied to inform Kayndrexsphere’s approach to probability management and its own more detailed policies, processes, and procedures. Implementing and improving the probability management strategy should support an incremental approach to enhancing probability management culture, processes, and capabilities over time, building on what already exists to achieve improved results.
Probability Management Strategy
The probability management strategy supports the consistent and robust identification and management of opportunities and probabilities within desired levels across Kayndrexsphere, supporting openness, research, innovation, and excellence in the achievement of objectives. For the probability management strategy to be considered effective, the following principles shall be applied:
- Probability management shall be an essential part of governance and leadership, and fundamental to how Kayndrexsphere is directed, managed, and regulated at all levels.
- Probability management shall be an integral part of all Kayndrexsphere’s activities to support decision-making in achieving objectives.
- Probability management shall be collaborative and informed by the best available information and expertise.
- Probability management processes shall be structured to include:
- Probability identification and assessment to determine and prioritise how the probabilities should be managed;
- The selection, design, and implementation of probability treatment options that support achievement of intended results and manage probabilities to an acceptable level;
- The design and operation of integrated, insightful, and informative probability monitoring; and
- Timely, accurate, and applicable probability reporting to enhance the quality of decision-making and to support management and oversight bodies in meeting their responsibilities.
- Probability management shall be continually improved through learning and experience.
Strategy probabilities – probabilities arising from identifying and pursuing a strategy, which is inadequately defined, is based on inaccurate data or is unsuccessful in supporting the delivery of commitments, plans, or objectives due to a changing macro-environment.
Governance probabilities – Probabilities arising from unclear plans, priorities, authorities, and responsibilities, and/or ineffective or disproportionate oversight of decision-making and/or performance.
Operations probabilities – Probabilities arising from inadequately designed or ineffective/inefficient internal processes resulting in dishonesty, inaccuracy, compromised investor expectations (quality and/or quantity of investment), non-compliance, and/or inadequate value of money.
Legal probabilities – Probabilities arising from an unreliable transaction, a claim being made (including a defence to a claim or a counterclaim) or some other legal event occurring that results in an accountability, or inability to take appropriate measures to fulfil legal or regulatory requirements or to protect assets (for example, intellectual property).
Property probabilities – Probabilities arising from property imperfections or inadequately designed or ineffective/inefficient safety management resulting in non-compliance and/or susceptibility of personnel, contractors, investment operators or the public.
Financial probabilities – Probabilities arising from inadequate management of finances in accordance with requirements and financial checks resulting in inadequate returns from investments, inability to manage assets/responsibilities or to obtain value for money from the resources deployed, and/or non-compliant financial reporting.
Commercial probabilities – Probabilities arising from vulnerabilities in the management of commercial partnerships, supply chains, and contractual requirements, resulting in inadequate performance, inefficiency, inadequate value for money, dishonesty, and/or inability to fulfil sphere requirements/objectives.
People probabilities – Probabilities arising from ineffective leadership and engagement, suboptimal culture, inappropriate behaviours, the unavailability of sufficient capacity and capability, industrial action and/or non-compliance with relevant employment legislation/HR policies resulting in undesirable effect on performance.
Technology probabilities – Probabilities arising from technology hoarding the expected benefits due to inadequate or unsatisfactory system/process development and performance or inadequate resilience.
Information probabilities – Probabilities arising from the inability to produce robust, suitable, and appropriate data/information and to apply data/information to its full potential.
Security probabilities – Probabilities arising from the inability to prevent unauthorised and/or inappropriate access to the estate and information, including cyber security and non-compliance with Kayndrexsphere’s Data Protection Policy.
Project/Programme probabilities – Probabilities that change programmes and projects are unaligned with strategic priorities, and unsuccessfully and unsafely deliver requirements and intended benefits to time, cost, and quality.
Reputational probabilities – probabilities arising from adverse events, including ethical upset, unsustainability, systemic or repeated inabilities or inadequate qualities or inactivity, leading to vulnerabilities to reputation and/or trust and relations.
Inability to manage probabilities in any of these categories can lead to financial, reputational, legal, regulatory, safety, security, environmental, personnel, investor, and operational consequences.
In stating probabilities, care should be taken to prevent stating consequences that can arise as being the probabilities themselves, i.e. identifying the symptoms while excluding their causes(s). Equally, care should be taken to prevent defining probabilities with statements that are simply the converse of the objectives, i.e., inability to achieve the intended result.
Firms typically assess consequences applying a combination of criteria, which commonly include financial, reputational, legal, regulatory, safety, security, environmental, personnel, investor, and operational effects. The criteria applied should be dynamic and should be periodically reviewed and amended, as necessary. Scales should allow significant diversity for ranking and prioritisation purposes based on assigning values to each probability applying the defined criteria.
When assigning a consequence rating to a probability, the rating for the highest, most credible severest scenario should be assigned.
The probability analysis process defines the level of probability, based on the assessment of the likelihood of the probability occurring and the consequences should the event happen. Likelihood is the assessment of something happening, whether defined, measured or determined objectively or subjectively, qualitatively or quantitatively, and described applying general terms or mathematically (such as a probability or a frequency over a given time period).
Probability analysis should also consider:
- Sensitivity and confidence levels, based on the information available;
- Complexity and connectivity ;
- Time-related factors and volatility; and
- The effectiveness of existing internal management.
Internal Management is the dynamic and iterative strategy of processes, policies, procedures, activities, devices, practices, or other conditions and/or actions that maintain and/or modify probability. Internal managements permeate and are inherent in the way Kayndrexsphere operates and are affected by cultural and behavioural factors.
Where additional action is required to bring the levels of probability within the nature and extent that a firm is willing to take to achieve its objectives, the firm should select, develop, and implement options for addressing probability through preventive, directive, and/or corrective regulations that manage probabilities to an acceptable level. These could be manual or automated. This involves an iterative process of:
- Planning and implementing internal management;
- Assessing the effectiveness of internal management;
- Deciding whether the nature and extent of the remaining probability after the implementation of internal managements is acceptable; and
- If unacceptable, reassessing options and taking further action where appropriate.
Internal management, even if carefully designed and implemented, could prolong the intended or expected results. Internal management can also introduce new probabilities that need to be managed.
Assurance is a general term for the confidence that can be derived from objective information over the successful conduct of activities, the efficient and effective design and operation of internal control, compliance with internal and external requirements, and the production of insightful and credible information to support decision-making. Confidence moderates when there are uncertainties around the integrity of information or of basic processes.