To consider and note the report of the Internal Audit Manager on the risks and opportunities faced by the Council in relation to the COVID-19 pandemic.
Minutes:
The Internal Audit Manager presented a report to the Committee setting out the most significant risks and opportunities to Spelthorne Borough Council relating to the Covid-19 pandemic. The risk assessment attached as Appendix 1 to the report detailed the risk categories, set out mitigation measures and identified actions considered necessary.
The Committee were advised that this was the fourth update since the start of the pandemic and was a detailed and comprehensive risk assessment to capture relevant significant information and provide a reference point for officers and members. It also aligned with the wider recovery plan.
The economy continued to be a significant risk, and whilst initiatives were underway to support the recovery of businesses through a range of schemes, some factors were beyond the Council’s control.
The Committee’s attention was drawn to the Council’s property investment portfolio which was performing significantly better than the commercial sector, and the income collection rate for 2020/21 was, at the time the report was produced 98.17% subsequently improved to 98.4% by date of the meeting. This was due to a robust approach in monitoring and recovering income due.
Housing had been identified as an emerging risk following the end of the moratorium on residential evictions as this could result in an increased demand on the Council for managing homelessness and housing service provision.
The Committee discussed the risks in some depth and when considering the staff resource, asked if the arrangements for staff returning to work/flexible working arrangements could be communicated to members to give a greater understanding of the arrangements and how they would operate across the services. The pingdemic was raised and members given details of the number of staff affected and the impact on services. The route map for return to work in the offices had slowed because of this, however the Reception area opened last Wednesday.
The Committee asked for more information about the ICT security vulnerabilities identified and if all necessary action had been completed in relation to the phishing exercise or when it would be. They also asked if any data was held on trends relating to phishing attempts and other security incidents. They were advised that regular short IT training videos were sent to staff on cyber security issues which were mandatory.
It was confirmed that the Additional Restrictions Grant should be £2.2m and not £1.6m as stated on page 33 of the agenda pack.
The Committee discussed whether the Covid-19 risk assessment should continue in its present format or whether it should be pared down to focus on the high risk Covid-19 specific areas and incorporated into the Corporate Risk Register and linked to the corporate objectives on recovery. It was considered important not to lose sight of the potential risks but agreed that it might be an appropriate time to review the way in which the information was presented. The Internal Audit Manager agreed to review and send revised risk details to members for comment.
The Committee also noted that many risks were influenced by external factors over which the Council had no control, and it would be useful to identify these in some way. The Internal Audit Manager agreed to review and consider if risk factors could be identified as internal or external.
The Committee resolved to note the report
Supporting documents: