Agenda item
Risk Management Strategy and Update
- Meeting of Audit Committee, Tuesday, 21st July, 2020 5.30 p.m. (Item 5.5)
- View the background to item 5.5
Minutes:
Mr Paul Rock, Head of Internal Audit, Fraud and Risk presented the Risk Management Strategy update. Mr Rock said BDO, an external partner undertook an audit of risk management function, for him to maintain organisational independence. He said whilst a ‘substantial’ opinion was given to the framework adopted, ‘limited’ assurance had been given to its implementation. Mr Rock said he had been working to update the Risk Management Strategy and plan and was looking at ways to move this forward for the organisation. He said the recruitment of a Risk Manager had been unsuccessful and as such he was talking to neighbouring boroughs about sharing resources for risk management. He said the report also included the five-year risk strategy, which had been updated to reflect the risk appetite.
In response to questions from Members the following was noted:
· Mr Rock informed Members the recruitment of a Risk Manager had proven to be difficult because the initial advert was placed just before the pandemic and did not produce the response he was seeking. He said that with the help of the Communication’s Team, the advert was rewritten which resulted in a better response. However, of the applicant’s interviewed, Mr Rock said he did not feel they had all the qualities to move Risk Management in the direction he wanted. Mr Rock said he was open to exploring alternative delivery methods and would look to rerun the recruitment process once the pandemic situation had improved.
· In response to how the Corporate Leadership Team would improve its review of the Corporate Risk Register, Mr Will Tuckley, Chief Executive responded saying that the management team had through the pandemic acted quickly and concisely responding to the changing risks. He said it was vital to keep the Register up to date and take mitigating actions against moving events. He said the report described how the system needed to improve and it was not just about management taking account of risks; this was what they do all the time, but to have a system in place which was pertinent and adaptable to mitigate against the risk. Mr Tuckley said it was necessary to ensure risk assessment and mitigation was part of everyday business and embedded within the organisation. Mr Rock concurred the experience of the pandemic had tested the flexibility of the risk management process and said the Gold and Silver Command responses were a stark contrast to his experience when he initially joined the Council.
· In response to if the current plan was realistic and deliverable, Mr Rock acknowledged it would need revision again in light of the limited resources he had but said the employment of agency/temporary staff would incur significant cost, which is why he was looking to alternative ways to manage this, such as working with neighbouring boroughs. He agreed it was crucial not to lose the momentum that the pandemic had highlighted to maintain the importance of risk management.
The Audit Committee RESOLVED to:
1. Note the outcome of the audit of Risk Management;
2. Approve the Risk Management Strategy for 2020 to 2025; and
3. Approve the Annual Plan for Risk Management.
Supporting documents:
- Risk Management Strategy and Update, item 5.5 PDF 361 KB
- Enc. 1 for Risk Management Strategy and Update, item 5.5 PDF 881 KB
- Enc. 2 for Risk Management Strategy and Update, item 5.5 PDF 113 KB