In accordance with the Council’s Risk Management Strategy, this report presents the annual review of the Risk Strategy.
Minutes:
Discussion:
The Chief Organisational Culture Officer introduced the report which provided the outcome of an annual review of the Risk Strategy. She explained that the report had been presented to the Audit Committee which had raised no comments.
Members then raised a number of comments and questions, which included:
· Risk evaluation – in response to a question, the Chief Operating Officer explained that risks were evaluated by officers and escalated up and down as appropriate. Changes to risks at the Strategic Risk Register level were those reported through Cabinet and then to overview and scrutiny committees.
· Level of detail – a view was expressed that there was insufficient detail for Members to fully scrutinise decisions about risks. Officers explained that they had summarised detail following comments made by Members previously that the reports had become too long. It was added that officers were carrying out a fundamental review of the framework around performance and risk monitoring which would address the concerns.
· Consultation – in response to a question about the breadth of the consultation, officers explained that the review had been light touch, in preparation for the forthcoming fundamental review which would include a much more extensive consultation exercise.
· Disbandment of the Strategic Review Management Group (SRMG) – officers explained that this group had been disbanded to allow the review of the risk register to be carried out by the Corporate Management Team in order to give the process the relevant profile and scrutiny.
· Best practice – in response to a question about what the Council’s principles of risk management were based upon, officers explained that they have gained best practice advice from the Local Government Association and had also utilised the expertise of staff that had arrived at the Council from other local authorities who had previous experience of risk management.
· Reporting frequencies – in response to a concern raised about how frequently risks were reviewed, officers confirmed that underpinning the formal quarterly reporting, sat more frequent reviews at project level. It was added that the Assistant Director, Legal and Governance, was working on a project to ensure that the approach to project management was consistent across the organisation.
· Resource risks – the point was made that within Stage 2 “identify risks” within the Risk Management Process set out within the strategy, it should include reference to resource risk.
· Risk ratings – it was also suggested that within the Risk Ratings section of the strategy, the descriptions relating to the “People / Duty of Care” impact should be expanded to reference stress and metal health and the descriptions relating to the “Environment” impact should be expanded to reference climate change and biodiversity.
· Unexpected risks – the point was also made that the strategy did not cover the response and management of unexpected risks, examples of which included Covid-19 and more currently, the cost of living crisis and the financial pressures that was causing. It was felt that this should be encapsulated in the strategy.
· Governance – a view was raised that projects which were high risk and difficult to manage should have very robust and transparent governance in place to enable increased early opportunities of identifying risks and challenges.
Decision:
The Committee considered the Risk Strategy 2023/24 as set out in Appendix 1 to the report and submitted its comments to Cabinet.
Supporting documents: