|
Report to: |
Audit & Governance Committee |
|||
|
Date: |
14th December 2023 |
|||
|
Title: |
Strategic Risk Update and Framework |
|||
|
Portfolio Area: |
Councillor Julian Brazil Leader of the Council |
|||
|
Wards Affected: |
All |
|||
|
Author: |
Neil Hawke |
Role: |
Assistant Director – Strategy |
|
|
Contact: |
||||
RECOMMENDATIONS
That the Audit & Governance Committee:
1. Consider the updated Risk and Opportunity Management Strategy (Appendix A);
2. RECOMMEND to Council that the updated Risk and Opportunity Management Strategy be adopted; and
3. Consider the updated Strategic Risk Register (Appendix B)
1. Executive summary
1.1 The Council has an adopted Risk and Opportunity Management Strategy which has been in place since 2018.
1.2 The strategy has been updated with a particular focus on ensuring that risk reporting and escalation procedures and responsibilities are accurately reflected. The updated strategy can be found at Appendix A to this report.
1.3 This report also sets out an update to the Strategic Risk Register for the Council which can be found at Appendix B to this report.
2. Background
2.1 The Audit and Governance Committee receive six-monthly updates on the Council’s Strategic Risk Register.
2.2 Strategic Risks are those that are subject to significant management actions, control, evaluation and monitoring. The Strategic Risk register forms only part of the overall risk management approach with each service and project having its own operational risk register.
2.3 The Council’s adopted Risk and Opportunity Management Strategy has been in place since 2018. While the strategy has served the Council well, it is considered that it requires an update to reflect enhancements to the internal governance and structures of the Council.
2.4 Officers of the Council and Devon Audit Partnerships Risk Management Lead delivered an informal briefing on the approach to risk management and outline of the refreshed risk management strategy.
2.5 Of particular note, an addition to the strategy is the introduction of an officer level ‘Performance Board’. This board meets on a monthly basis to consider the overall operating environment and organisational performance which helps inform any updates to the strategic risk profile. This addition to the internal governance arrangements has been reflected in the updated strategy.
2.6 During the informal briefing, Members raised a number of points which are addressed as follows.
Q. What risks are not featuring on the current Strategic Risk register but getting close to featuring?
A. At its last meeting, the Performance board considered a number of risks for potential inclusion on the Strategic Risk register.
· Cyber Security threat to the Council. This was considered based on information from the Councils Head of IT and a continual increase in the number of cyber-attacks against local authorities and key suppliers to local authorities. As a result this risk was agreed to be escalated to the Strategic Risk Register
· Ability to achieve our Climate and Biodiversity targets. This was considered but at this time has not been escalated to the Strategic Risk Register pending the refresh of the Climate and Biodiversity Strategy and Delivery Plans.
· Increases in the amount of temporary accommodation. This was considered based on performance data highlighting the continual increase in requirements for temporary accommodation. At this point in time, while one to watch closely, it is not considered to meet the threshold for escalation to the Strategic Risk register as we have a range of emerging initiatives to mitigate the risk and are able to source sufficient temporary accommodation to meet the demand at the moment.
Q.The Strategy sets out how the Council assess the financial levels of each risk but it would be helpful to understand the materiality level set by the External Audit Team Could this be set out in the strategy document?
A. The materiality level set by the External Audit Team for 2022/23 is £1.140million. The scoring framework has been updated to take this into consideration.
Q. Which risks go to the performance board and which ones go on the strategic risk register?
A. Risks identified through, for example, service planning and operational delivery will be considered by the performance board where they score 12 and above. The performance board will consider the scoring and if it needs to be included on the strategic risk register or if, at that point in time it is kept under review. It is important that the strategic risk register focus on those critical risks to the Councils overall operating picture.
3. Proposal and Next Steps
3.1 That the Audit & Governance Committee note the updated Risk and Opportunity Management Strategy (Appendix A) and the latest Strategic Risk Register (Appendix B).
4. Implications
|
Implications
|
Relevant |
Details and proposed measures to address |
|
Legal/Governance
|
Y |
Effective risk management and horizon scanning is an essential aspect of our Performance Management Framework, as is the scrutiny of these risks by the Audit & Governance Committee.
|
|
Financial implications to include reference to value for money
|
Y |
Effective risk management is an important aspect of ensuring value for money services.
|
|
Risk |
Y |
This report sets out the strategic risk assessment of the Council. |
|
Supporting Corporate Strategy |
Y |
All |
|
Consultation & Engagement Strategy |
N |
|
|
Climate Change - Carbon / Biodiversity Impact
|
N |
|
|
Comprehensive Impact Assessment Implications |
||
|
Equality and Diversity
|
N |
|
|
Safeguarding
|
N |
|
|
Community Safety, Crime and Disorder |
N |
|
|
Health, Safety and Wellbeing |
N |
|
|
Other implications |
N |
|
Supporting Information
Appendices:
Appendix A – Updated Strategic Risk and Opportunity Management Strategy
Appendix B – Strategic Risk Assessment – November 2023
Background Papers:
None