Agenda item

To receive an update report by the Strategic Planning and Performance Officer, on the September 2023 Review of the Corporate Risk Register and the Risk Appetite Statement (copy enclosed).

The Chair thanked officers for the training session provided on risk management prior to the meeting. It was beneficial and very informative to all.

The Head of Corporate Support: Performance, Digital & Assets introduced the report (previously circulated). The report provided an update on the September 2023 Review of the Corporate Risk Register and the Risk Appetite Statement.

The Head of Corporate Support: Performance, Digital & Assets advised members that the Corporate Risk Register update report had been compiled following a review in September where a number of changes had been made. Appendices to the report highlighted:

1.     Appendix 1 – summary of significant changes

2.     Appendix 2 - table and trend analysis of the Corporate Risks

3.     Appendix 3 – detailed information on the 13 Corporate Risks

4.     Appendix 4 – a reminder of the Risk Appetite Statement - agreed November 2022 to be reviewed in February 2024.

The Strategic Planning and Performance Officer provided further detail of the process of how the risk register had reviewed and updated. The report sought committee’s assurance that a robust management process within the Council with a view to find any governance related risks that warrant further consideration.

It was noted that following the review the number of risks had reduced from 20 risks to 13. A number of the risks had been amalgamated and a number deescalated with two new additions. Details of the risks were provided in the papers.

The Chair thanked the officers for the report and also for the guidance information that was issued to Members following the training session on managing risks for better service delivery.

In his opinion the report demonstrated a proper and robust approach to risk management. This was a tool, that was understood and used by Members and officers to prioritise the risks faced by the council.

Following the introduction, officers responded to Members questions as follows:

·         Risk 18: The risk that programme and project benefits were not fully realised had been removed. It was to be incorporated in the Financial Risk 51.

·         The risk appetite statement was agreed by the Corporate Executive Team and was based on various impact level determined the risk appetite. Given the uncertain financial future it was important for officers monitor the risk appetite against risks. The Head of Finance stated the risk appetite for the council was lower. The context of which the authority was operating was outside the council’s control. The financial context at present is higher to what the authority would want at this point in time.

·         All budget saving schemes are required to complete a wellbeing impact assessment. Those would be collated to identify any impacts on key goals on the authority, the findings would be presented alongside the budget proposals in the new year. The wellbeing assessments were lie reports and could be updated and amended over time.

·         Officers agreed to provide Members with some additional information on independent schools in relation to risk 01.

·         Members agreed that following an update to the Corporate Risk Register a brief summary be provided as an information report to Governance and Audit committee. Members also suggested a single summary report be presented on a more regular basis to illustrate any changes to identified risks. The Monitoring Officer stated if committee wanted information on a more regular basis that could be requested to officers.  Officers suggested taking the comments back to the team for observations in ways of providing more regular information to the committee.

·         The risk of flooding was covered in Risk 11 – Ineffective response to a serious event.

·         Members were encouraged to contact Lead Members with any concerns they felt should be included for specific concerns such as the Welsh Language and Culture. There were different ways of managing risks, each service area also had a risk register which detailed certain specific risks.

·         Members were pleased to see fraud and corruption were still included as a risk to the authority.

·         Members asked if the detail of cyber-attacks in Risk 11 needed further detail. Officers stressed greater detail had been placed on this particular risk in the service risk register although it still merited being included in the Corporate Risk Register.   

·         The correct scoring for the residual risk score remains unchanged as C2 for Risk45. Officers thanked members for identifying the discrepancy.

·         Members asked if the details listed on the anticipated direction of travel were accurate. In response the Monitoring Officer stating with fewer vacant posts the authority would be less likely to recruit to those posts or retain staff.

The Chair thanked all officers and Members for the detailed discussion and it was;

RESOLVED, that

     I.        Governance and Audit Committee note the review process of the Corporate Risk Register;

    II.        The guidance notes related to risk management be adjusted to reflect the Governance and Audit Committees role and

  III.        Officers to review and devise a more frequent summary report in respect of the Corporate Risk Register.