Agenda item
Risk management policy
This report sets out proposals for the development of risk management across the council.
Minutes:
Simon Lane introduced this item and advised that the previous risk management policy had been rendered impracticable after the IT tools used had been decommissioned. The report before committee had been delayed to allow for further consultation across the council and changes had been made in respect of how the policy would be rolled out. The policy would be championed by the Corporate Management Team and the Audit Team’s role would include consolidating the risks involved and to report findings to the committee. Risks had been identified under various categories with the help of Deloitte and discussions with DMTs. Simon Lane stated that it was intended to provide further details in respect of the Corporate Strategic Risk and report this back at the next meeting. The committee noted that the responsibility for developing and re-engineering risk management had been transferred from the Procurement and Risk Management Team to the Head of Audit and Investigations, however no additional resources had been allocated to Audit and Investigations for this and nor was there any spare capacity. The report set out the proposed mechanism for identifying and monitoring risks across the council. Aina Uduehi added that guidance with regard to risk management policy was also being rolled out.
Andrea White added that the report followed up on the previous Annual Audit Commission letter highlighting the need to embed risk management as a key area to address. With regard to there being no additional resources, she enquired what steps were being taken to ensure the risk management policy could be embedded. In noting that the policy would be reviewed by the Audit Committee annually, Andrea White enquired what steps were being taken in between.
During discussion by Members, Councillor Ashraf commented that clarification was needed with regard to who was responsible for overseeing a particular risk and how it would be monitored. He suggested that a risk register table be produced providing a brief summary of each risk and who were responsible for it. Councillor Al-Ebadi stressed that risk management was a big issue and of particular interest was the move to the Civic Centre. He suggested that there be details of the risk assessment with regard to the Civic Centre at the next meeting.
The Chair also acknowledged that resources were an issue and noted that this could be a potential risk to the policy itself. He also commented that there did not appear to be high level Member involvement and suggested that the policy should also be monitored by the Executive, whilst major projects would also present risks. The Chair commented that the risk management policy report had also been delayed when previously reported to the committee and he sought assurances that it was seen as high priority. Whilst the Audit Committee could monitor the risk register, the Chair stressed the importance that the right staff was managing these risks and he requested that the policy be amended to reflect this. He requested that the committee be kept informed of updates to the departmental risk register, including what risks existed and also consideration be given as to how often it should be reported to committee.
In reply to the issues raised, Simon Lane referred the committee to page 197 in the report which outlined how the risk management policy would be monitored, including the role of the Audit Committee which would approve and monitor the risk management strategy and risk registers. It also set out the responsibilities of the Corporate Management Team, departmental managers, service managers, heads of service, Project Management Office, Strategy Partnerships and Improvement department and the Audit and Investigations Team. In addition, an annual report on the effectiveness of the risk management policy would be presented to the Audit Committee. Each identified risk had a risk owner, however if any particular risk became of greater concern, it would be reported to the Corporate Management Team. Every effort would be made to minimise the impact with regard to resource limitations and assistance was also being given on this matter by the Improvement Team. It was anticipated that the necessary training would also be undertaken before the end of the financial year.
Clive Heaphy advised that a tick box approach could not be taken towards risk management and that it required careful consideration, meaningful assessment and proper ownership and to be properly embedded. With regard to the move to the Civic Centre, a comprehensive project addressed this under the One Council Programme, however he suggested information on risk issues on this could be presented at the next meeting. He added that as the move to the Civic Centre project was initiated prior to the risk management policy, there was no standardisation as such between the two. Clive Heaphy acknowledged that the Audit Committee needed to be informed of the key issues in order to assist their monitoring and decision-making roles.
The Chair indicated that progress on risk management policy was needed. He clarified that a report on the Corporate and departmental risk register would be reported back to the next meeting and in addition the risks with regard to the move to the Civic Centre would also be reported. The Audit Committee’s role with regard to monitoring the risk management strategy and risk registers and in approving the strategy was acknowledged. At member level however, overall ownership would exist with the Executive.
RESOLVED:-
(i) that the proposed risk management policy and strategy as set out in appendix one be agreed; and
(ii) that a report on the Corporate and departmental register and on the risks of the move to the Civic Centre be presented at the next meeting.
Supporting documents:
- 10- Risk Management Report to Audit Committee, item 9. PDF 77 KB
- 10a- LB Brent - Risk Management Policy - Final, item 9. PDF 132 KB