GOVERNANCE ASSURANCE/RISK MANAGEMENT UPDATE
06.02.26
Lee O’Neil, Deputy Chief Executive
i. Following the decision to move to a new Governance Assurance approach to risk management we have continued to work with Rob Winter (RW) to develop the necessary documentation, processes and systems to enable implementation from April 2026. In doing so, we are trying to deliver this new approach in around half the time that it would normally take.
ii. A Governance Assurance Policy and Framework has been developed and was approved by the Corporate Policy and Resources Committee on 19 January 2026. This specifies how the Council will capture and manage its key areas of assurance (risks) under this new approach; outlining the assessment process, roles and responsibilities, how and where this will be reported and the training resources required. See link:
SBC Governance Assurance Policy and Framework 1.pdf
iii. At present there are 12 identified Governance Assurance Areas in development relating to:
1. Ensuring we address affordable housing supply and demand to meet local need.
2. Ensuring an inclusive and prosperous economy.
3. Ensuring we meet our zero carbon targets and wider environmental responsibilities.
4. Ensuring and maintaining organisational resilience.
5. Ensuring we meet our Equality, Diversity and Inclusion duties and responsibilities.
6. Ensure our programme and change management arrangements are effective to support the successful transition to the new unitary council.
7. Ensuring effective procurement and contract management arrangements.
8. Ensuring there are effective governance arrangements in place to deliver the IRP.
9. Ensuring the Council’s financial management and long-term planning arrangements are effective to secure financial sustainability.
10. Ensuring the Council has robust mechanisms in place to prepare for, respond to and recover from civil emergencies and business interruptions.
11. There is a need to recognise the increasing and constant threat of a cyber-attack against the Council which could have catastrophic consequences for the loss of systems as well as reputational damage and potential financial loss.
12. There is a need to recognise the increasing threat of fraud being committed against the Council.
iv. All risks contained in the last version of the Corporate Risk Register have been reconciled against these new assurance areas and will form part of a new Governance Assurance Register. RW is currently considering whether there any other areas of assurance needed before this is finalised, e.g. one area currently under consideration is around assurance relating to partnerships.
v. Risk owners for each of these areas have been identified and asked to input into development of the actions/key aspects of governance that will be used/required to deliver assurance. To deliver this they have been provided with:
a. A Word document covering the basic format for what will go to the Audit Committee with the Governance Assurance Register - a summarised view of the assurance area, the actions and the latest position. This will be generated from a new Granicus Form/Power Bi based system.
b. An Excel document where more of the detail will be captured and will 'feed' the summary.
As there are no scores this provides a simpler more objective approach.
For some of these areas, RW has pre-populated some of the likely information required based on his experience with other authorities.
RW and I have met with the risk owners (plus their team managers) to ensure that they understood what was required and to offer support should they need it. We are looking for these to be returned by the risk owners by 13 February. Further work will then be undertaken to develop the systems, processes and documentation to be used to record and present assurance information which would then be provided to the relevant service committees or Audit Committee.
vi. ICT have worked with RW to develop a new Granicus form for inputting required data and Power Bi reports (referenced in section v. above) for presenting the relevant information to provide the necessary levels of assurance to the relevant Committees. The Audit Committee received an early demonstration of this prior to their meeting on 22 January. Additional work is in progress to further develop these forms/reports and a further update will be provided to the Audit Committee on 24 February.
vii. Further training is being arranged for relevant officers and Councillors on 9 - 11 March. RW will be providing this at Knowle Green and all Councillors will be invited to attend one of three planned sessions. Members will be encouraged to attend in person. Chairs/Vice-Chairs, members of the Audit Committee and other Cllrs can attend any of these sessions as the training will touch on the different roles and responsibilities of each committee under the new arrangements. Our internal auditors (SIAP) have also been offered the opportunity to join one of those training sessions and we have discussed with Iona Bond (Deputy Head of SIAP) putting a review of our Governance Assurance (Risk Management) Arrangements on their plan of work for 2026/27 (once all the arrangements are in place and have been operating for a while).
viii. Risks around the Council’s Improvement and Recovery Plan have been reviewed and aligned with the new Governance Assurance approach to risk management.
ix. A further update on progress with development of the Governance Assurance system of risk management will be provided to the Audit Committee on 24 February, including progress with the development of the Governance Assurance Areas and the new Governance Assurance Register.
Summary of next steps:
· Currently continuing to develop actions required under 12 Governance Assurance Areas (target date 13 February)
· Further development of Governance Assurance documentation/reports etc. for inputting and presentation of information for Committees (13 February – 8 March)
· Update on progress of work to be provided to the Audit Committee (24 February)
· Training for relevant officers and Councillors on new Governance Assurance processes, documentation, reports etc. (9 - 11 March).
· New reporting processes for service committees and Audit Committee implemented (planned to commence from April Committee cycle)