Agenda item
CORPORATE RISK REGISTER REVIEW
To consider a report by the Head of Business, Improvement
and Modernisation (copy enclosed) which provided the latest version of the Corporate Risk Register, as agreed at Cabinet
Briefing.
Minutes:
A report by the Head of Business, Improvement and Modernisation, to
present the latest version of the Corporate Risk Register agreed at Cabinet
Briefing, had been circulated previously.
The Corporate Improvement Officer (CIO) introduced the report and
explained that the Corporate Risk Register (CRR) enabled the Council to manage
the likelihood and impact of risks it faced by evaluating the effect of any
current mitigating actions, and recording deadlines and responsibilities for
further action that should enable tighter control. The Register had been developed and was owned
by the Corporate Executive Team and Cabinet.
The process for reviewing the CRR had been included in the report.
The review process for the CRR had been included in the report and
following each formal review, twice per annum, the revised document was
presented to the Corporate Governance Committee. Actions identified to address corporate risks
would be included in Service Plans which enabled the Performance Scrutiny
Committee to monitor progress. Any
performance issues in relation to the delivery of these activities should be
highlighted as part of the Service Performance Challenge process.
The Internal Audit function
provided independent assurance on the effectiveness of the internal control
procedures and mechanisms in place to mitigate risks across the Council. It
also offered independent challenge to ensure the principles and requirements of
managing risk were consistently adopted throughout the Authority. Internal
Audit Services utilised information from the service and CRR to inform its
forward work programme.
An annual review and report on progress of the Risk Management Policy
identified weak areas which required strengthening to improve the risk
management process. The purpose of the
CRR was to identify the potential future events which may have a detrimental
impact on the Council’s ability to deliver its objectives and its Corporate
Priorities.
The CIO provided a summary of the main changes made to the
CRR, Appendix 1, and the following areas were highlighted:-
-
Revision
to DCC004: ‘The risk that the HR
framework doesn't support the organisation's aims’.
-
Revision
to DCC006: ‘The risk that the economic
and financial environment worsens beyond current expectations’.
-
Revision
to DCC016: ‘The risk that the impact of
welfare reforms is more significant than anticipated by the council’.
-
Revision
to DCC017:‘The risk that the ICT
framework does not meet the organisation's needs’.
-
Revision
to DCC018: Formerly worded, ‘The risk
that change/modernisation programme and project benefits are not fully
realised’.
In response to issues raised by Members, confirmation was
provided by the CIO that the findings of the WAO's audit of risk management
would be reported when available, and she explained that the reporting of 'near
misses' would be added to the H&S mitigating actions. The CIO also agreed to discuss
weather-related risk with CET, and obtain further detail about other mitigating
actions regarding Arm's Length Organisations from the HIA.
With regard to budget-related risk, the CIO explained that
the mitigating actions listed described the steps taken to enable informed and
democratic decision-making around the programme of managing the budget. Budget reports presented to Cabinet on a
monthly basis included a risk section.
Each proposal or project associated with the programme of managing the
budget would be presented to Council and/or Cabinet with a covering report
which included a risk section. Risk management was an integral and active part
of service and project management. It
was felt that the risk management process featured the necessary components to
provide assurance. The Committee advised
to reference appropriate documentation for projects and proposals, including
risk registers, cover reports, to seek assurance that risk was being managed.
The CIO agreed to discuss weather-related risk with CET, and
obtain further detail about other mitigating actions regarding Arm's Length
Organisations from the HIA. She explained that the Risk Management Policy
had been reviewed at presented to the Committee in 2012, and an annual review
had also been submitted to the Committee.
In response to a question from Mr P. Whitham in relation to DCC021, the CIO explained that
discussions would be commencing with Cabinet and CET in September and an update
report detailing any related risks would be presented to the Committee.
In reply to concerns raised by Councillor
G.M. Kensler regarding the possible risks to
Denbighshire which might emanate from Welfare Reforms, and the adverse findings
encompassed in the Internal Audit Report, the Committee noted the concerns
expressed and it was agreed that the Internal Audit Report, which refers to
Welfare Reforms, be included on the forward work programme for the 3rd
September, 2014.
RESOLVED – that, subject to the above comments,
the Corporate Governance Committee:-
(a)
receives the report and notes the deletions,
additions and amendments to the Corporate Risk Register, and
(b)
agrees
that Internal Audit Report be included on the forward work programme for the 3rd
September, 2014.
Supporting documents:
- Corp Risk Reg Report, item 8. PDF 59 KB
- Corp Risk Reg App 1, item 8. PDF 155 KB
- Corp Risk Reg App 2, item 8. PDF 630 KB