Agenda item

Risk Management 2021/22

To receive the Assistant Chief Executive Report No. ACE2203 (copy attached), which provides an update on risk management activity during 2021/22, in line with arrangements set out in the Council’s Risk Management Policy (2021).

 

Minutes:

The Committee received the Assistant Chief Executive Report No. ACE2203, which provided an update on the Council’s risk management activity which had taken place during 2021/22 in line with the Council’s Risk Management Policy (2021) and outlined work planned for 2022/23.

 

The Report advised that, over the past twelve months, the focus with risk had been to review and then embed the risk management process consistently across the Council.   This work had begun in January 2021 with the roll-out of a revised Risk Management Policy and associated training and briefing for staff and Members of the Committee. The key changes and amendments implemented had included:

 

·                The introduction of three types of risk onto the Corporate Risk Register (strategic risks; corporate standing risks; and, escalated service risks) with a consistent approach to identifying these.

 

·                Setting the expectation that, whilst risks might be managed by a number of people across the Council, there should be a single risk owner identified for risk management purposes.

 

·                A clear expectation that risk registers should be reviewed on a monthly basis by each service.

 

·                The Council’s risk management process would be overseen by the Assistant Chief Executive, with the day-to-day management and maintenance of the risk management system being the responsibility of the Corporate Risk Manager.

 

·                Risk would be on the Council’s Corporate Management Team agenda at least every two months to ensure that regular, routine, collective oversight was given to risk at a senior level.

 

It was noted that, in light of these changes and to bring risk management more closely to corporate planning and performance management, responsibility for the management of risk had been moved in July 2021 to the Democracy, Strategy and Partnerships Portfolio Holder.

 

The Committee was advised that, over the course of 2021/22, the Risk Management Policy had been adhered to and the arrangements had been subject to an internal audit, which had concluded in February 2022.  The Internal Audit Manager’s Report No. AUD2205 had recognised the improvements in the risk management process since 2017 and that the current Policy was being applied.   The Internal Audit Update Report (AUD2205) made six recommendations following the risk management audit, which would be addressed as set out in the management responses over the course of 2022/23,  with a view to all six identified actions being addressed by the end of June 2022.  It was felt that addressing these actions would further strengthen the risk management processes across the Council and allow for greater alignment between performance and risk management and more real-time reporting of the Corporate Risk Register.   The Risk Management Policy would be updated later in 2022 and a training session had been scheduled for September 2022 for the Committee.

 

It was noted that, as set out in the Risk Management Policy, reports on risk had been presented to the Council’s Corporate Management Team on a regular basis and presented to the Cabinet alongside the quarterly performance reports.  In addition, risk was discussed with greater frequency outside these meetings, with regular discussions and risk register reviews taking place across projects and programmes and with risk being discussed by the Policy and Project Advisory Board as the new Council Plan 2022-2025 had been developed.

 

During discussion, Members raised questions regarding: how financial risk was managed; what steps the Council had taken to increase training on risk; the sharing with the Committee of the Corporate Risk Register; the review of project risk; and, the need for a risk guidance document to assist managers.

 

RESOLVED:  That the Assistant Chief Executive Report No. ACE2203 be noted.

 

Supporting documents: