Minutes:
The Committee considered an overview of changes made to the risk management processes.
The report indicated that the following developments to the risk management process had taken place and were approved by Future Fit Programme Board (FFPB) on 27 May 2014:
· the Corporate Risk Register (CRR) had been reviewed and the number of risks reduced from 24 to 10
· a Transformation Risk Register had been produced which included the 'shared risks' and also the top three transformation risks for each directorate
· the risk register template had been amended to provide opportunity to make the CRR and Transformation Risk Register more dynamic documents
· a rank had been set for each risk. The rank had been calculated using the information provided by each directorate, and
· an owner had been suggested for each risk. The role of the risk owner was to take responsibility for the risk and to have sufficient authority to ensure that the risk was managed effectively.
The Risk Management Strategy had been reviewed and updated to support the revised approach for the management of both corporate and transformational risks. The strategy included a revised corporate governance structure as well as roles and responsibilities for members, officers and staff throughout the organisation. The strategy was supported by a Guide to Managing Risk which provided information for managers on how to set and manage risk, enabling a consistent approach. The Risk and Business Continuity Manager was currently creating a forward plan for reporting risk management for the next twelve months.
In the ensuing debate, the following principal points were raised:
· How did the Council determine its risk appetite? The Risk and Business Continuity Manager explained that the overall risk appetite for the Council would be signed off by Cabinet which would occur as part of the reporting process. Before it got to that stage, it was important that officers understood the implications for the Council
· In an organisation that was innovative/trying new things, in other words having an appetite for risk, it should be expected that things might not go to plan
· There were potential for conflicts between different areas of risk to arise, how were these tensions resolved? Risks were managed at Directorate level and periodically each Directorate discussed risk management and potential conflicts. If there were conflicts then the issue would need to be referred elsewhere eg. The Future Fit Programme Board
· Was any account taken of the skills and experience of staff in terms of their willingness to take risks? The Risk and Business Continuity Manager commented that no specific approach to risk-taking had been instigated. However it was important to have the right people in the right posts therefore people's experience/skills in relation to commercial knowledge and contract expertise was taken into account as part of the evaluation of candidates for posts
· It was proposed that a report be brought to the Committee meeting on 12 December 2014 with further reports being brought on a 6 monthly basis.
RESOLVED that:
a) The changes made to the Council's Risk Registers and the risks that have been identified as a result of the review of risk management be noted;
b) The revised Risk Management Strategy and accompanying Guide to Managing Risk, taking note of the proposed governance arrangement be noted; and
c) a report be brought to the Committee meeting on 12 December 2014 with further reports being brought on a 6 monthly basis.