FAQs

What is a risk incident?

Any unexpected, unplanned event, or a sequence of events that results in a loss or potential loss.

What incidents should I report to risk?

You should report any event that falls within the definition of a risk event: "Any unexpected, unplanned event, or a sequence of events that results in a loss or potential loss."

If you are unsure about what to report, contact the Office of the Chief Risk Officer for advice.

How do I report an incident?

A defined incident reporting and management process is in place and is managed by the Office of the CRO. Information on incident management and the incident management form are located on the Incidents Management Page.

Where can I find the Incidents Management Page?

Information on incident management and the incident management form are located on the Incidents Management Page.

What is a health and safety incident?

Accident - Unexpected, unplanned event, in a sequence of events that results in physical harm, injury or disease to an individual, (i.e. a person slips on spilled coffee and twists their ankle).

Incident - Event with or without immediate or serious consequences i.e. where there was an incident but in this particular instance there is no injury to an individual but there can be financial loss or damage to property or any combination of these effects. (i.e. Coffee is spilled and left to spread and wet floors through the building).

Near Miss - Event without immediate or serious consequences i.e. where there was potential for an accident but in that particular instance there was no injury or financial loss damage to property, a near miss, a loss or any combination of these effects. (i.e. Coffee is spilled and identified immediately and tidied up to prevent any spread or accidents).

More information on what constitutes health and safety incidents can be found on the Estates and Facilities page for the University Safety Office ( https://www.tcd.ie/estatesandfacilities/health-and-safety/) or if you are unsure as to what to report contact firstly your local safety officer.

Where do I report a health and safety Incident?

Incidents that relate to health and safety, are currently reported to your local safety officer, Insurance@tcd.ie, and the University Safety Office. They must be notified in a timely fashion to allow for investigation by the local safety officer and reporting to the Health and Safety Authority where required.

Accidents and incidents are reported to your local safety officer, Insurance@tcd.ie and the University Safety Office: An incident report for health and safety incidents can be accessed and downloaded from there: Accident Reporting).

Near misses should be reported to your local safety officer.

What is fraud?

The TCD Fraud Policy describes fraud as including, but not being limited to:

• Theft or misappropriation of University assets;
• Submission of false claims for payments or reimbursement;
• Acceptance or offering a bribe or accepting gifts or other favours under circumstances that might lead to the inference that the gift or favour was intended to influence an employee's decision-making while serving the University;
• Acceptance of an inappropriate commission from, or paying same, to a third party;
• Collusion with vendors or third parties in providing preferred pricing or engaging in contract rigging
• 'Off Books' accounting or making false or fictitious entries;
• Knowingly creating and/or distributing false or financial misleading reports or data;
• Paying excessive prices or fees where authorisation for or justification thereof is not justified or documented;
• Research Fraud;
• Blackmail or extortion;
• Violation of the University's procedures with the aim of personal gain or to the detriment of the University;
• Overriding of University systems and controls to engage in fraudulent activity (e.g. sharing of accounts and passwords with 3rd parties, lack of due regard for the segregation of duties);
• Unauthorised or illegal use of confidential or proprietary information.

Who does the Fraud Policy apply to?

The fraud policy applies to all areas within the University and its subsidiary undertakings (as defined by S.1162 Companies Act, 2006) and all staff and students within the University and its subsidiaries.

An employee refers to a staff member who receives remuneration, either full or part time, from the University and those reimbursed by Trinity for the provision of externally contracted services. The term also includes any volunteer who provided services to the University through an official arrangement with the University or a University organisation. A student refers to any registered student of the University and those students approved as off-register for a defined period i.e. ‘off-books’.

How do I report suspected fraud?

All University staff and students should report any suspicions of fraud without delay There are defined processes for reporting suspicions of fraud and the for subsequent investigations of the reported fraud, these can be they can be found in the TCD Fraud Policy.

What is a protected disclosure?

A protected disclosure is defined as the disclosure by an individual, of a reasonably held belief, that tends to show one or more relevant wrongdoings which came to the attention of the relevant person as part of their work at the University and the disclosure of which is perceived to be in the public interest.

Further information on protected disclosures, including when or how to make a protected disclosure can be located in the TCD Protected Disclosure Policy

How do I make a protected disclosure?

There are defined processes for making protected disclosures and it can be found in the TCD Protected Disclosure Policy. All reports will be investigated by the Protected Disclosure Group convened to investigate that disclosure.

Further information on protected disclosures, including when or how to make a protected disclosure can be located in the TCD Protected Disclosure Policy

What is risk management?

Risk is “the possibility that events will occur and affect the achievement of strategy and business objectives” (COSO). Risk management is therefore a process of proactively identifying issues and assessing their potential likelihood and impact on an entity to ensure it is focusing on the right and its ability to access the right opportunities at the right time.

Where can I find out more about risk management?

The primary source for risk management information at TCD is the webpages of the Office of the Chief Risk Officer, which offer information on risk management governance, framework and training. Additional external sources on information on the topic of risk management can be accessed here.

Where can I find risk-related policies?

All TCD polices are located on the College Policies web page. The Risk Policy can also be located by clicking here.

What is a risk register

The tool used to capture risks to an entity's objectives at a granular and portfolio level for the purposes of performing risk assessments, including risk identification, risk analysis, and risk evaluation.

How often do I need to update my risk register?

At a minimum, risk registers are required to be updated on an annual basis. It is good practice, however, to review the risk register and update it as new risks are identified or emerge to ensure all relevant risks are tracked and monitored.

What is risk assessment?

Risk assessment is the method used to evaluate risks identified in the risk register using concepts such as ‘likelihood’ and ‘impact.’ Assigning a numeric value to likelihood and impact can drive the calculation of a score that can then be used to prioritise the residual risks by potential to impact the achievement of objectives. This provides management with a valuable tool to ensure they are focusing on the right risks at a given point in time.

Where can get more information on completing my risk register?

Information on completing your risk register can be located on our Sharepoint Site. (You will require your log-in credentials to access this information).