Home
The council and democracy
Democracy portal

Agenda item

Strategic Risk Register Update

This report provides the Committee with an update on the Council’s Strategic Risks as of September 2024.

Minutes:

Darren Armstrong (Deputy Director for Assurance and Resilience) introduced a report, providing an update on the Council’s Strategic Risks as of September 2024.

 

In considering the report the Committee noted:

 

·             The Strategic Risk Register had been prepared in consultation with risk leads, Departmental Management Teams and the Council Management Team and summarised the risks that were considered to have an impact and/or likelihood of materialising and which may adversely affect the achievement of the Council’s corporate objectives.

 

·             Since the report was last updated in March 2024, the Council had continued to operate in a heightened risk environment with the Council’s overall risk profile therefore continuing to reflect the challenging risk environment the Council was operating within.

 

·             In terms of the main changes since March 2024, a number of risk scores had increased including those identified in relation to the lack of affordable accommodation (Strategic Risk A) and Council’s financial resilience and sustainability (Strategic Rick H) with 8 out of 14 strategic risks identified within the Strategic Risk report included as Appendix 1 to the report sitting outside of their target risk score and one (in terms of trend) showing a small downward movement (Risk G: Cyber Attacks)

 

·             Since the update in March 2024 two new risks had been added to the Strategic Risk Report.  The first related to the risk to community cohesion (Strategic Risk D) with the risk included to reflect the Council’s awareness of emerging global and national events that could have a local impact and create tensions amongst communities. While the risk had scored highly it was felt to represent more of a precautionary measure given the proactive nature of the work being undertaken by the Council to manage and monitor the situation and the risk demonstrating the Council’s commitment to community resilience and to provide reassurances that appropriate measures were in place.  The second risk related to Emergency Preparedness, Response and Recovery (Strategic Risk: K) which had been included to reflect the risk of failing to adequately prepare for and/or respond to a major incident in Brent given the significant impact on the health, safety or well-being of residents, communities, businesses or staff and ability to deliver critical services.  It was noted this had also reflected publication of the final report from the Grenfell Enquiry, which had highlighted a number of related issues, areas and recommendations for consideration.  Members were made aware that whilst this risk had previously formed part of a wider suite of inherent risks held and monitored at the departmental risk register level, it had now been included with the Strategic Risk Report following a review of how the Council’s strategic risks were reflected and presented, in order to ensure a consistent approach.  In this respect it had not been identified as an escalated risk but had been added to reflect a change in the Council’s risk management approach as part of ongoing efforts to continue to improve and enhance the Council’s risk management framework.

 

·             The Committee’s attention was drawn to the Strategic Risk Heat Map within the Strategic Risk Report which had shown 8 of the strategic risks located within the upper quartile with the highest scoring being the risks related to Lack of Affordable Accommodation (A); cost-of-living crisis (B); increase in Dedicated Schools Grant High Needs Block deficit (C) and risk to community cohesion (D).

 

·             No strategic risk had been closed or de-escalated to departmental level since the last update to the Committee in March 2024 although members were advised the lack of supply of affordable accommodation and increase in use of temporary accommodation had now been combined into a single risk.

 

·             The amendments made to the individual scores of existing risks within the report, as outlined within the previous and updated risk score columns which had now been included, and changes made to the detailed risk plans within section 4 of the Strategic Risk report.

 

·             The wider improvements made to the Council’s risk management framework, as detailed within section 3.7 of the report which included the addition of an enhanced action plan for each of the fourteen strategic risks.  Previously, risk owners had been required to outline actions to address the risk identified but with no system to follow up and track those actions or determine the impact delivered in management and mitigating the risk.  The enhanced action plan therefore now included a section to follow up on actions outlined with these also assigned to a specific owner for accountability and monitoring purposes and the change made to reflect best practice identified by the Local Government Association London in relation to risk management following a recent review of governance and financial challenges experienced by a number of other local authorities. Whilst noting the robust arrangements already established within Brent to satisfy the majority of the recommendations made, the Committee was advised how these would be used to continue future development and enhancement of the Strategic Risk Report.

 

The Chair thanked Darren Armstrong for his report and before moving on to invite comments the opportunity was taken to remind members of the role played by the Committee in seeking to ensure sufficient assurance over the Council’s risk management arrangements that supported and underpinned the Annual Governance Statement.  Whilst reminding members that the Committee’s role was not to manage individual risks, the importance in maintaining a focus and understanding of the Council’s risk profile and in seeking assurances on the active arrangements in place to manage risk related issues and ensure these were aligned with wider assurance activities was highlighted as key.  Given the role of Internal Audit in working with risk sponsors and nominated risk leads, in an advisory capacity, to coordinate and update the risk report rather than as the specific risk owner the Committee were reminded that should any issues be raised during consideration of the report, on which further detail regarding specific risks/mitigations were required, these would need to be sought from the relevant risk sponsor outside of the meeting.  On this basis, the following comments/issues were raised:

 

·             Further clarification was sought on the reference to the additional financial pressure (£9m) identified within Strategic Risk H: Financial resilience and sustainability in relation to Supported Exempt Accommodation.  In response, the Committee was advised this had been identified as an emerging risk and involved the provision of supported accommodation for individuals with medium to low social care needs by private landlords with the pressure relating to the level of subsidy it was possible to claim back to cover the unregulated costs being charged and growing number of individuals being accommodated within the increasing number of schemes available, many of which fell outside of current local authority regulation.

 

As part of a wider query relating to the Strategic Risk H details were also sought on why the risk score had not been assessed at a higher level, given the financial issues raised earlier during the meeting.  In response, members were advised that the score had been increased to reflect the ongoing pressures and monitoring of the Council’s overall financial position.  Whilst recognising the timing involved, officers also remained confident that the proposals developed to address the budget position, whilst challenging to deliver in terms of their impact, would have a positive impact in relation to the overall risk evaluation process and assessment relating to likelihood.

 

·             Following on from the previous issue raised, members advised they would be keen to consider the incorporation within future versions of the Strategic Risk report of risk velocity as an additional factor within Risk Evaluation Matrix, which Darren Armstrong felt would be a helpful improvement as part of the process in seeking to improve the development and overall approach in terms of risk maturity.

 

·             In response to clarification sought over the allocation of resources to support actions identified in seeking to manage/mitigate any new strategic risks identified or those risks where scores had increased, the Committee was advised that these would not attract specific additional funding with the key controls and mitigating actions identified as part of the action plan including an assessment of necessary resource requirements.

 

·             In response to a query regarding the identification and management of risk across local authorities on a regional basis (as a means of sharing best practice and general themes) members advised they would be keen to seek additional clarification on the existence of any london wide local authority strategic risk register.  Whilst not aware of the existence of a london wide risk register and main focus of each local authority register on their own specific risk management frameworks, Darren Armstrong advised he would take this away as an action for further investigation with confirmation provided that risk registers and management frameworks were subject to comparison through strategic networks in order to share best practice and examine trends with many of the risks identified being as consistent across other councils.

 

·             In response to a comment regarding the management and removal of strategic risks from the register, the Committee were advised that where undertaken previously this had usually related to more short term and topical risks such as the Ukrainian resettlement scheme, which once ended could be closed as a risk and removed.  In terms of the risks currently identified on the register, these were felt to be more inherent in nature requiring a longer term focus but with the ability to increase or reduce the risk score as required, reflecting any change in circumstances or approach towards their risk management.

 

·             As a final issue, further clarification was sought on the approach towards managing risks at a departmental/operational level.  In noting the Committee’s focus around the management of risk at a strategic level across the Council, supported by the Corporate Management Team (CMT), and ability to commission deep dives around specific risks (if required) members were advised that each Council department would also be responsible for maintaining a departmental risk register to ensure that all operational risks were being effectively managed, and to ensure that, where required, risks could be escalated to the Strategic Risk Report via CMT with the approach supported through the Risk Management Strategy and risk management identified as a core element of the Council’s corporate governance framework and closely aligned to the Borough Plan priorities.

 

As no further issues were raised, the Chair thanked Darren Armstrong and his team on behalf of the Committee for their efforts and the update provided and the Committee RESOLVED to note the update on the Council’s Strategic Risks as of September 2024 along with the actions identified in relation to:

 

·             Consideration of the potential incorporation of risk velocity as an additional factor within Risk Evaluation Matrix; and

 

·             Additional clarification being sought on the existence of any london wide local authority strategic risk register.

Supporting documents:

 

Navigation