City of Tampere — Strategic risk management

With 245,000 residents, Tampere is the third largest city in Finland and, with its surrounding municipalities, the second largest urban area in Finland. The largest inland city in the Nordic countries, Tampere, is evolving with determination and manages its growth strategically.

The development goals of the City of Tampere have been defined, taking into account the future factors of change, in cooperation with the city’s personnel, residents and stakeholders. Systematic risk management is a tool for achieving Tampere’s strategic goals.

Strategic management requires consistent and dynamic risk management.

Annina Nääppä, Risk Manager, City of Tampere

Comprehensive risk management is a management tool that is used to promote strategic goals at a practical level.
The city administration’s ambition to incorporate risk management into decision-making and management is at the core of risk management at the City of Tampere.
In the municipal sector, the principles of risk management have traditionally been understood particularly from the perspective of legislation and guidelines, which is why risk management has in many cases remained at the level of minimum requirements, such as statutory reporting.
However, the operating environment of municipal operators is undergoing a major change, and the old models and principles are not sufficient to support the needs of strategic management. Therefore, the goals of the multi-sectoral organisation of the City of Tampere specifically require the development of the risk management process in order to be realised.

With Granite, we created visibility into a multi-sectoral organisation’s risk management.

Annina Nääppä, Risk Manager, City of Tampere

When it comes to developing a city group consisting of several very different service areas, operating units and city-owned enterprises, there is no shortcut or silver bullet that could eliminate the challenges once and for all.
Risk management is continuous work, and at the City of Tampere, risk management examines multi-sectoral activities in several subordinate organisations whose activities are critical to the well-being of local residents.
The City of Tampere’s risk management is working to put the city strategy into practice, but particularly in a frequently changing operating environment, things do not happen of their own accord.

When the City of Tampere started to work on its risk management process, the lack of visibility was identified as the primary obstacle to the development of risk management. The risk management tools and models that had traditionally been considered adequate for the multi-sectoral organisation did not meet the current need or purpose. Challenges related to communications about the risk situation were identified as another major issue.

Information on risk identification and corrective measures is important for successful management. Risk management is a tool for development, and risk management is ideally part of, for example, the planning of the organisation’s budget and operations, whether the risk situation is reviewed at unit level, service area level or city level. For Tampere’s growing risk management needs, the most traditional risk management tools were too rigid and difficult to maintain in a large organisation. They were unable to support the evolving risk management, even if the process was managed with expertise and professionalism.

The right tools enable strategic risk management.

Annina Nääppä, Risk Manager, City of Tampere

The maturity level of an organisation’s risk management must be developed in relation to its risk management goals. Compared to the principles of modern management, traditional risk management methods serve determined decision-making.
In the risk management work carried out at the City of Tampere, the risk profiles tended to remain static. Where required by regulations or reporting needs, risks were mapped and identified for reporting purposes, but even high-level risks were not necessarily always assigned sufficient control measures or clear deadlines for their implementation. The risk management process was inadequate, and the outdated Excel-based tools did not properly support the systematic management of risks.

Granite provides a systematic framework to risk management. Transparency, a guided process, the clear assignment of responsibility for measures and a better information flow enable the development of risk management and a dynamic approach.

Annina Nääppä, Risk Manager, City of Tampere

Risk management does not only mean the tools or systems used for risk management. In the operations of the City of Tampere, it meant a comprehensive change of approach.

The goal of the City of Tampere’s risk management was to create a process in which risk management is a development tool that can be used to identify, prioritise and systematically monitor management and development measures related to strategic goals.

The city wanted risk data to be more consistent, uniform and up-to-date for use in development and decision-making.
When the risk management process is consistently managed and reviewed, risk management can be developed into concrete measures, instead of it being an Excel exercise done once a year and then ignored for the rest of the year.

Changing the operating model of risk management requires the organisation to have the right mindset and resources, but also training and monitoring. The selected tools must support the process and adapt to the goals of the operations. The City of Tampere wanted to implement its risk management throughout the organisation and chose Granite’s customised risk tools as its system.

City of Tampere – concrete risk management with Granite

With appropriate tools, risk management can be conducted proactively as part of business planning rather than reactively. The development of risk management at the City of Tampere has not been a straightforward operation, but it has required specifications to be made and responsibilities to be assigned.

The ease of use of the risk management system is important for the practical implementation of risk management, but no risk tool does risk management on behalf of the organisation.

However, Granite’s visual reporting features highlight the bottlenecks in risk management and enable the development of risk data and risk management expertise. With Granite, the city has been able to update the risk profiles to reflect the situation as it is. This enables informed decision-making and brings efficiency to the implementation of the city’s strategy. Risk management implemented across the entire organisation enables the realisation of the strategy and supports the development of a resilient city organisation.

Read more on how we have helped other customers from the public sector and see if we’re a right fit for you as well!