Mr Paul Rock, Head of Internal Audit, Fraud and Risk presented the Risk Management Report. He said he was pleased with the progress made on the corporate risk register and said management of risk had improved during the pandemic, with increased responsiveness to Gold and Silver command. Mr Rock said the review of the risk registers at CLT and DLT had improved with owners being fully engaged in the management of the risk. He said the dedicate risk champions met regularly and whilst there were always areas to improve overall it was a positive picture.

Ms Ann Sutcliffe, Corporate Director for Place then presented the deep dive into her Directorate’s risk register.

Ms Sutcliffe said she endorsed Mr Rock’s view that there was increased ownership of risks and this had been embedded to be an integral part of business in day to day activity. Ms Sutcliffe said the Place Directorate had lost some of the momentum in updating and keeping abreast of risk register when the Officer responsible retired. However, this had been resolved with a new member of the team taking on the role, who had received training from Mr Rock’s team.

Ms Sutcliffe said a review of the Directorate risk register and the service register commenced in November 2020, with five risks on the Directorate risk register being closed. Ms Sutcliffe said risk PMP0008 would be reallocated to the Children and Culture Directorate, as Place are responsible for the asset management for the building and not the day to day running of it.

Ms Sutcliffe said one of the big issues for the Directorate had been fire safety. She said this was discussed at the last meeting of the Audit Committee and work was underway to adjust the risk in line with the Building Safety Bill, whereby Council’s will be responsible for the safety of high-rise buildings. Ms Sutcliffe said a report was being prepared for CLT and Cabinet which would set out the roles and responsibilities; and the resource implications this would have. Ms Sutcliffe said emerging risks would be added to the Service and Directorate risk registers.

Other areas that required monitoring were risk associated with Judicial Reviews and the Capital works programme.

In response to questions from members the following was noted:

·         Councillor Wood said he was surprised only five risks were on the Directorate risk register and asked how risks were recorded on the register. Ms Sutcliffe said risks are removed from the register once they had been mitigating against. For example, the management of the new Town Hall and the discovery of asbestos. This was on the risk register, throughout the period when decisions had to be made regarding the removal of asbestos however came off the register once it had been dealt with. Ms Sutcliffe said the real challenge facing her Directorate were risks associated with fire safety, cladding and tall buildings. She said the Council had to ensure it gets this right. Ms Sutcliffe said work was underway to identify the risks and what this would mean for the Council.

·         Mr Paul Rock added that there was a staged risk management system in place, with service level, project level, Directorate or Corporate level registers. He said it was difficult provide a complete list of risks, as risks can change weekly. The register was providing a snapshot of risks currently on the Place Directorate’s register.

·         In respect to the two COVID-19 related risks on the Corporate register, Mr Rock explained these were seen as the overarching risks however there were an array of risks identified as high and medium risks which the Gold and Silver Command were managing separately from the Councils risk management software JCAD.

·         Discussion regarding the scoring of risks took place. Mr Rock explained a 5x5 matrix was used, with descriptors to help the risk owner score the risk objectively. Ms Webster said risk owners needed to be mindful that sometimes from an impact perspective, the existing control measures and target controls could not be reduced due to circumstances which were beyond their control.

The Audit Committee RESOLVED to:

1.    Note the corporate risks, and where applicable request risk owner(s) with risks requiring further scrutiny to provide a detailed update on the treatment and mitigation of their risk including impact on the corporate objectives at the next Committee meeting (or separately before the meeting if urgent).

2.    Note the Place Directorate risks and where applicable request risk owner(s) with risks requiring further scrutiny to provide a detailed update on the treatment and mitigation of their risk including impact on the directorates objectives at the next Committee meeting (or separately before the meeting if urgent).

3.    Note the progress made against the Annual Action Plan for Risk Management.