Cabinet considered the recommendation from the Audit Committee on the Corporate Risk Register.
Resolved to approve the Corporate Risk Register as submitted.
Reason for Decision
To continue to support the Authority in its mitigation and management of risks which may pose a threat to the Council’s business delivery.
The Internal Audit Manager summarised the risks affecting the Council as outlined in the report and highlighted a number of issues, specifically information governance risks relating to organisational measures, business continuity planning, readiness for the Homelessness Reduction Act, and the robust framework being developed to support property acquisitions and investment processes. The reasoning behind separating GDPR into two strands, organisational measures and technological measures, and for highlighting as red was explained. The Committee were informed that extra support had been provided on a short term basis to assist in pulling the asset registers together and progress was being monitored with regular reports to the Management Team.
The Committee discussed the risks associated with the development work being undertaken as a result of property acquisitions and asked that consideration is given to adding this to the register.
After discussion about what criteria needed to be met for an item to move from amber to green status, it was suggested that it would be useful for an additional sheet to be included showing items at amber status where only monitoring was required. The Internal Audit Manager agreed to consider this.
The revised Register was considered to be an accurate reflection of the high level risks affecting the Authority and progress on actions was documented on the Register.
Resolved that:
1. The contents of the Corporate Risk Register be noted and accepted;
2. That the Corporate Risk Register be recommended to Cabinet for approval.