Government changes risk-management model for major suppliers in light of Carillion collapse

No more RAG ratings as centralised risk registers replaced with individual memoranda of understanding with each company


Credit: Pixabay   Image has been altered and added to

In light of the collapse of Carillion, government has changed the way it monitors and manages risk in its work with major suppliers, including its relationships with tech giants such as IBM, Microsoft, and Fujitsu.

Previously, the Cabinet Office maintained centralised confidential ‘risk registers’ for government’s biggest ‘strategic suppliers’. These documents contained information and assessment of companies’ financial state and their performance against the commitments of their Whitehall contracts. 

The registers used a red-amber-green (RAG) ratings system to indicate levels of risk.

But the registers have now been ditched in favour of individual, bespoke agreements between government and each supplier, according to John Manzoni, permanent secretary of the Cabinet Office and chief executive of the civil service.

The new system comes as a result of an examination of government’s strategic supplier relationships conducted last year by the House of Commons Public Accounts Committee. That inquiry was launched on the back the of the problems caused by the collapse of Carillion.

Related content

Appearing before the same committee this week, Manzoni was asked if he could provide members with an updated version of the risk registers. But he revealed that the findings of last year’s investigation, and the recommendations made in the resultant PAC report, had prompted the Cabinet Office to change its risk-management models and get rid of the registers.

He suggested that the presence of the RAG system in itself increased risk – as it brought with it the possibility of a company’s red-light rating being exposed. This, in turn, could have a major impact on a company’s stock price, according to Manzoni, thereby worsening, or even causing financial plight.

“The very existence of the risk registers themselves could precipitate a [negative] condition for the company – if it were to get public – and we concluded that, therefore, we were going to change that process,” he said. “We replaced the risk registers with memoranda of understanding between us and each company. One of your recommendations, I think, in a previous report, was that the risk register wasn’t working very well, so we had a rethink, and changed the process.”

Manzoni told PAC that, in the absence of the registers, he would find other sources of information on risk management that he could provide to MPs.

In response, committee chair Meg Hiller said that it was important that some documentation was available for confidential assessment by MPs and that those compiling such risk information knew that their work might ultimately be read be an independent arbiter “outside the civil service”. 

“I don’t disagree,” Manzoni responded.

Strategic thinking
In response to another select committee, late last year the Cabinet Office said it was considering the creation of a pan-government database that would house information on big contracts with major external providers – including analysis of five key performance indicators.

The most recently available information, which dates from April 2019, indicates that there are 34 private companies considered by government to be strategic suppliers. Among these are a number of major IT and telecoms vendors, including BT, Fujitsu, IBM, Microsoft, Motorola, and Oracle.

“The very existence of the risk registers themselves could precipitate a [negative] condition for the company – if it were to get public – and we concluded that, therefore, we were going to change that process.”
John Manzoni, Cabinet Office permanent secretary

Also on the list are an array of outsourcers, facilities firms, construction and engineering companies, and consultancies. Accenture, Atos, Capgemini, EY, G4S, PwC, Serco, and KPMG all feature on the list.

Government’s relationship with each firm is overseen and managed by a named individual drawn from the Cabinet Office’s network of Crown Representatives. The April 2019 data shows that 16 representatives are each responsible for managing one or more of the 34 strategic suppliers.

The number of companies counted among government’s biggest private sector partners has risen since the publication of the PAC report a year ago – at which time there were 27.

PublicTechnology had contacted the Cabinet Office for further comment for this story and was yet to receive a response at time of publication.


Sam Trendall

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you! Your subscription has been confirmed. You'll hear from us soon.
Subscribe to our newsletter