Agenda item

To consider a report by the Head of Business, Improvement and Modernisation (copy enclosed) which provided the latest version of the Corporate Risk Register, as agreed at Cabinet Briefing.

A report by the Head of Business, Improvement and Modernisation, to present the latest version of the Corporate Risk Register agreed at Cabinet Briefing, had been circulated previously.

The Corporate Improvement Officer (CIO) introduced the report and explained that the Corporate Risk Register (CRR) enabled the Council to manage the likelihood and impact of risks it faced by evaluating the effect of any current mitigating actions, and recording deadlines and responsibilities for further action that should enable tighter control.  The Register had been developed and was owned by the Corporate Executive Team and Cabinet.  The process for reviewing the CRR had been included in the report.

The review process for the CRR had been included in the report and following each formal review, twice per annum, the revised document was presented to the Corporate Governance Committee.  Actions identified to address corporate risks would be included in Service Plans which enabled the Performance Scrutiny Committee to monitor progress.  Any performance issues in relation to the delivery of these activities should be highlighted as part of the Service Performance Challenge process.

            The Internal Audit function provided independent assurance on the effectiveness of the internal control procedures and mechanisms in place to mitigate risks across the Council. It also offered independent challenge to ensure the principles and requirements of managing risk were consistently adopted throughout the Authority. Internal Audit Services utilised information from the service and CRR to inform its forward work programme.

An annual review and report on progress of the Risk Management Policy identified weak areas which required strengthening to improve the risk management process.  The purpose of the CRR was to identify the potential future events which may have a detrimental impact on the Council’s ability to deliver its objectives and its Corporate Priorities.

The CIO provided a summary of the main changes made to the CRR, Appendix 1, and the following areas were highlighted:-

-                      Revision to DCC004: ‘The risk that the HR framework doesn't support the organisation's aims’.

-                      Revision to DCC006: ‘The risk that the economic and financial environment worsens beyond current expectations’.

-                      Revision to DCC016: ‘The risk that the impact of welfare reforms is more significant than anticipated by the council’.

-                      Revision to DCC017:‘The risk that the ICT framework does not meet the organisation's needs’.

-                      Revision to DCC018: Formerly worded, ‘The risk that change/modernisation programme and project benefits are not fully realised’.

In response to issues raised by Members, confirmation was provided by the CIO that the findings of the WAO's audit of risk management would be reported when available, and she explained that the reporting of 'near misses' would be added to the H&S mitigating actions.  The CIO also agreed to discuss weather-related risk with CET, and obtain further detail about other mitigating actions regarding Arm's Length Organisations from the HIA.

With regard to budget-related risk, the CIO explained that the mitigating actions listed described the steps taken to enable informed and democratic decision-making around the programme of managing the budget.  Budget reports presented to Cabinet on a monthly basis included a risk section.  Each proposal or project associated with the programme of managing the budget would be presented to Council and/or Cabinet with a covering report which included a risk section. Risk management was an integral and active part of service and project management.  It was felt that the risk management process featured the necessary components to provide assurance.  The Committee advised to reference appropriate documentation for projects and proposals, including risk registers, cover reports, to seek assurance that risk was being managed.

The CIO agreed to discuss weather-related risk with CET, and obtain further detail about other mitigating actions regarding Arm's Length Organisations from the HIA.  She explained that the Risk Management Policy had been reviewed at presented to the Committee in 2012, and an annual review had also been submitted to the Committee. 

In response to a question from Mr P. Whitham in relation to DCC021, the CIO explained that discussions would be commencing with Cabinet and CET in September and an update report detailing any related risks would be presented to the Committee.

In reply to concerns raised by Councillor G.M. Kensler regarding the possible risks to Denbighshire which might emanate from Welfare Reforms, and the adverse findings encompassed in the Internal Audit Report, the Committee noted the concerns expressed and it was agreed that the Internal Audit Report, which refers to Welfare Reforms, be included on the forward work programme for the 3^rd September, 2014.

RESOLVED – that, subject to the above comments, the Corporate Governance Committee:-

(a)                receives the report and notes the deletions, additions and amendments to the Corporate Risk Register, and

(b)                agrees that Internal Audit Report be included on the forward work programme for the 3^rd September, 2014.