Agenda item
CORPORATE RISK REGISTER REVIEW
- Meeting of Governance and Audit Committee, Wednesday, 5 November 2014 9.30 am (Item 6.)
- View the declarations of interest for item 6.
To consider a report by the Head of Business, Improvement and Modernisation (copy enclosed) which
sought consideration on the formally updated
version of the Corporate Risk Register.
Minutes:
A report by the
Head of Business, Planning and Performance (HBPP), which sought consideration
of the formally updated version of the Corporate Risk Register (CRR) agreed at
Cabinet Briefing, had been circulated previously.
With the aid of a
PowerPoint presentation, which detailed the VERTO system available to all
Members on the Council’s Intranet Web Site, the Corporate Improvement Officer
(CIO) provided a detailed summary of the report.
The CRR enabled the
Council to manage the likelihood and impact of risks that it faced by
evaluating the effect of any current mitigating actions, and recording
deadlines and responsibilities for further action which should enable tighter
control. It had been developed and owned
by CET and the revision process had been detailed in the report.
The Register was
formally reviewed twice yearly by Cabinet and CET. Any significant new or escalating risks
identified would be presented to CET, via Corporate Improvement Team. CET would then decide as to whether the risk
should be included in the CRR.
Following each
formal review of the Register the revised document would be presented to the
Corporate Governance Committee. Actions
identified to address corporate risks would be included in Service Plans, where
appropriate, which would enable the Performance Scrutiny Committee to monitor
progress. Any performance issues
relating to the delivery of these activities should be highlighted as part of
the Service Performance Challenge process.
The Council’s
Internal Audit (IA) function provided independent assurance on the
effectiveness of the internal control procedures and mechanisms in place to
mitigate risks across the Council. It
also offered independent challenge to ensure the principles and requirements of
managing risk were consistently adopted throughout the Council. IA Services
also utilised information from the service and CRR to inform its forward work
programme.
The CIO referred to
Appendix 1 to the report which incorporated the main changes made to the
Corporate Risk Register, along with any points of note. A summary of the following Actions was
provided by the CIO:-
-
Revision
to DCC007: ‘The risk that critical or confidential information is lost or
disclosed’.
-
New
risk, DCC027: ‘The risk that the decisions that are necessary
to enable the delivery of a balanced budget are not taken or implemented
quickly enough’.
-
New risk, DCC029: ‘Risk of successful challenge that we are
illegally depriving people of their
liberty’.
The CIO responded
to questions from Members, and the following issues were highlighted:-
-
DCC013:
‘The risk of significant financial and reputational liabilities resulting from
management of some Arm's Length organisations’. Councillor G.M. Kensler questioned the expected delivery date of March 2015
in view of the proposed budget cuts. The
CIO confirmed that the risk identified related to the management of the
organisations.
-
DCC018:
‘The risk that programme and project benefits are not fully realised’. The COI
confirmed the action ensured that the projects implemented realised the
benefits on which the Business Case had originally been agreed.
-
DCC021: ‘The risk that effective partnerships and interfaces between BCU
Health Board and Denbighshire County Council (DCC) do not develop, leading to significant
misalignment between the strategic and operational direction of BCUHB and
DCC’. The CIO confirmed that the risk
would be reviewed in March of April, 2015.
-
DCC028: ‘The risk that the services that we scale back have a
greater negative impact than we anticipated’. It was explained that the
mitigating risks would be submitted to
the Committee following a six month period.
In response to concerns expressed that the three identified red residual
risks could be subject to regular reporting, the HIA provided details of the
remit of Internal Audit in monitoring high residual risks.
The HLHDS provided
details pertaining to the role and remit of the Corporate Governance Committee
which was to ensure that there was a proper Risk Management process and
procedure in place, and that the management of individual risks would be a
performance scrutiny function. He
confirmed that issues could be recommended by the Corporate Governance
Committee for scrutinisation.
RESOLVED – that
Corporate Governance Committee:-
(a)
notes the deletions, additions and amendments to the
Corporate Risk Register, and
(b)
requests that Members
comments during the debate be noted accordingly.
(GW & NK to Action)
The Chair informed the Committee that the remaining agenda items would
be taken in the following order:- 9, 10, 11, 12, 7, 8,
13, 14, 15.
Supporting documents:
- Corp Risk Register Report, item 6. PDF 70 KB
- Corp Risk Register App 1, item 6. PDF 75 KB
- Corp Risk Register App 2, item 6. PDF 38 KB