Agenda item

To receive a report by the Strategic Planning and Performance Officer (copy attached) to provide an update on the September 2024 review of the Corporate Risk Register.

 

The Lead Member for Corporate Strategy, Policy and Equalities, Councillor Julie Matthews, introduced the Corporate Risk Review, September 2024 report (previously circulated).

 

Councillor Matthews asked for her thanks to be recorded for all staff involved in collating the information within the Corporate Risk Review. 

 

The Corporate Risk Register was developed and owned by SLT alongside Cabinet.  It was reviewed twice yearly by Cabinet and at Cabinet Briefing.  Following the February and September reviews, the revised register was presented at Performance Scrutiny Committee and Governance and Audit Committee.  A summary of reviews was shared for information only at these Committees at their January and July meetings.

 

The council currently had 13 Corporate Risks on the Register.  No risks had been de-escalated during this review but a new risk (risk 53 in Appendix 4 of the report) would bring the Corporate Risk Register to 14 Risks.

 

Lead Member, Councillor Diane King had replaced Councillor Gill German for Risks 01, 21, 34 and 50.

 

It was confirmed that a training session had taken place recently which had been extremely helpful to  those in attendance.

 

During discussions, the following points were raised –

(i)    Risk appetite currently indicated for workforce issues.  Nigel Rudd asked for confirmation of this current risk appetite. 

Helen Vaughan-Evans stated that the council recognised that its employees were critical to the achievement of its objectives and that staff support the developments are key to making the council a place of work which inspires good performance.  It places importance on equality, diversity, dignity and respect and the wellbeing and safety of staff.  In recent times to support wider effort to tackle challenges in recruiting staff we are making some recruitment processes more flexible in a safe way to alleviate difficulties in filling roles.   Therefore, the council has a cautious risk appetite in relation to standards in terms and conditions and learning and development.  Where we are wanting to alleviate difficulties in filling roles a riskier approach may be considered, but as a base there is a cautious risk appetite for workforce and people. 

That is defined as cautious will weigh up the potential rewards of new untested approaches but only where the risk is low and can be managed.

 

Nigel Rudd explained he saw an inconsistency in the approach by the council seeking a transformational council with an appetite for cautious around its workforce.  He did not believe this was an appropriate measure under cautious because radical change required radical review and risk taking and that was clearly what the council was seeking to do if it was going to be transformational. 

Helen Vaughan-Evans confirmed that the largest expenditure was staff and for the benefit of delivery but also if there were to be savings, that would very likely involve something around staff.  Maybe take in turn of financial risk and staff risk.  That point can be taken back to the Budget and Transformational Board to review and can reflect the discussion at this Committee and you would see that at your next Review.  Our staff are our greatest asset.  It was also confirmed to liaise with the Lead Member, Councillor Julie Matthews. 

(ii)   The Risk Register was reduced from approximately 21 down to 13 items.   Did that suggest historically that the Risk Register was not managed as tightly as it should have been in the past.

Helen Vaughan-Evans stated that lessons had been learnt from how the Risk Register was managed in the past. The process had been streamlined and what had been presented was a mature way of managing risks. 

The Monitoring Officer confirmed the process had moved to manage risks in a different way in that better at looking at what risks could be amalgamated or relegated down to service level.  The important thing to remember was that if a risk was taken off the Corporate Risk Register it did not disappear, it would be placed on a Service Risk Register.   The process was different and better to how it was done in the past.

(iii) In the view of Nigel Rudd, the Corporate Risk Register should drive both the focus and work of the council as complimentary to a number of other political policy issues and was that being seen in reality.  A specific case of interest was the waste review and the change in delivery of waste in terms of whether the Corporate Risk Register was employed in any way both in the approach and the implementation of that proposal. 

Helen Vaughan-Evans responded regarding the waste project, it was managed as a project, there was an active Risk Register developed at the start and regularly reviewed.  In any review they would look at the processes and procedures that were in place, and that would be risk.  That would be a good learning process to take back to the Risk Management Framework an also the Project Management Framework. 

(iv) Recruitment and Retention of staff had been raised at previous meetings and account needed to be taken of the impact on governance services, for example, internal audit, legal, data protection etc. 

(v)  Risk 53, no reference in it to the waste collection roll out and fall out.  Risk 53 mentions successes of projects but the waste was the opposite and needed to ask about the suitability of the project management arrangements and how much confidence do we have in the project management systems.  This could be a key issue. 

(vi) Risk 52 to provide services for Denbighshire and was 12 months out of date so would that be updated ? 

Helen Vaughan-Evans clarified that the settlement for 2025/26 had not been received and hence the use of the figures within the report.  She confirmed she would take the point back to ascertain if there were any up to date figures.

(vii)                  Page 177, paragraph 4.6 – no changes on risk scores – is there an assurance that there is a clear understanding what constitutes a risk as opposed to an issue.   All the risks shown are marked as risks reviewed and shown scoring narrative as accurate but is there assurance that the use of risks are efficiently challenged? 

It was confirmed there had been a deep dive into risks recently at CET.  Risk 1, safeguarding had been done recently and there was an ongoing programme of each one.  They go to CET at which other members of CET were able to challenge the risk owner in respect of the narrative.   Robyn Lovelock and her team also attend.

(viii)                Suggestion that a possible new risk be considered.  Had consideration been given to the risk of the Council’s culture?  It was essential that basic values such as the Nolans principles remain in place. 

It was confirmed this would be taken back to the next Risk Review and input it into the Well Run High Performing Council Board which has a workstream on culture.

(ix) Risk 21 – Integration of Health and Social Care Services.  Had the review of the risk been viewed by the recent Audit Wales Report on Flows out of Hospitals which was considered at the last meeting.  

Officers confirmed they would take that question back to find out the response.

(x)  Risk 21 – Fraud and Corruption.  Why do the scores and trend remain the same when there are increased incidents of fraud in Wales.  An Audit Wales Press Release had recently been received which showed an increase of £0.6milllion in fraud compared to the previous year, a total of £7.1million in total in Wales.  Although Fraud did not appear as a risk in Denbighshire, there was an issue in Wales.  Could consideration be given to this issue when the Risk Register was next reviewed.

(xi) Concern around the Welsh culture and language in the future with cuts and less staff speaking Welsh within the Council.  Also the financial situation affecting social services and schools, this is a risk which needs to be looked at in the future.

Officers confirmed that social services and education had been picked up in the Risk Register – Risk 51 and Risk 52.  Regarding Welsh language, it would be important for Councillors to look at the budget papers in the New Year to note the accumulative impact assessment work which was carried out on the budget where Welsh language as part of the wellbeing goals was considered. 

 

The Chair requested Managing Risks for Better Service Delivery Guidance that in the future when the report was presented, there was a page for Governance and Audit Committee Members, could it be included as an Appendix to help to focus on the role of the Committee.

 

A summary of the comments were as follows and officers agreed to take these back for further consideration –

 

• Risk Appetite for People related risks  - consider move  from Cautious to Open, but with safeguards,
• Risk 21. Integration of Health & Social Care etc  -  did this take account of the recent AW report on flows out of hospitals (to be considered by Scrutiny Chairs and Vice-Chairs Group)
• Risk 31 Fraud - does the scoring adequately take account of:
• the increased  incidence of fraud in Wales ( as reported in the Audit Wales NFI report),
• a possible increase in local fraud at DCC  and
• the pressure on internal controls (management and supervision) due to budget pressures impacting structure?
• Is there a need for an additional risk to the Council’s culture and the Nolan  principles etc due to financial pressures and an increasingly hostile media / social media environment?
• Proposed Risk 53 re Transformation
• How effective is Project Management (review following Reuse Rounds investigation)
• Adequate consultation with stakeholders and staff on implementation of new working methods / structures?

 

 

RESOLVED that the Governance and Audit Committee –

(i)    Considered the suggested amendments to the Corporate Risk Register as at September 2024 (appendix 2),

(ii)   Considered the status and risk appetite (appendix 3) of each risk, the appropriateness of risk owners and the effectiveness of risk controls.

(iii) Provided feedback as to the council’s present Risk Appetite Statement, having taken into account CETs feedback in paragraph 4.9 below and the recommendation to move to an “open” risk appetite for financial projects.