Agenda item

Corporate Risk Management

To consider and present to Corporate Policy and Resources Committee the significant strategic risks and issues highlighted in the report from the Internal Audit Manager.



As part of Risk Category 7 “Corporate Capacity, Resources, Recruitment and Retention” members discussed the impact of the Council’s hybrid working policy, focussing particularly on the risks involved.  The Group Head Commissioning and Transformation presented a report on hybrid working which set out many of its benefits and associated challenges (risks).  She stressed that the mixture of office and remote working was always in line with business need and that most staff were expected to work in the office two days a week.  Those who wanted to work in the office full time were able to do so.  Working from home had become the norm during the Covid-19 pandemic, particularly for public sector workers.  This had become an expected benefit for staff and assisted with recruitment.  From an environmental perspective, working from home reduced the Council’s carbon footprint.  Members noted that public facing services were still provided to residents by office-based staff and that not all employees had the option of working from home.


Members gave their own examples and experiences of hybrid working, some good, others less so.


The efficiency and effectiveness of hybrid working was due to be considered as part of the forthcoming Corporate Establishment Review requested by the Corporate Policy and Resources Committee.


The Committee agreed that Risk Category 7 of the Corporate Risk Register be widened to incorporate hybrid and flexible working.


The Committee took a break between 9.30pm and 9.43pm.


It was proposed by Councillor I Harvey and seconded by Councillor Bateson that standing orders be suspended in order to continue the meeting until 10.30pm.  This was agreed by the Committee.


The Internal Audit Manager presented a report on Corporate Risk Management.  This included an updated Corporate Risk Register (CRR), with red-amber-green (RAG) colour coding at the top of each risk category and blue highlighting within the report to show the risks which were significantly impacted by wider externalities, and a colour coded Risk Action Plan.  Risks had been assessed taking into account current controls and mitigations, in line with good practice.


The Internal Audit Manager highlighted external risk areas over which the Council had limited scope for risk mitigation; these included the current economic crisis and macroeconomic environment, such as inflationary pressures, increased rates of borrowing, and the continued cost-of-living crisis.  She noted an indicative risk score moving in a favourable direction if all risk actions in the Risk Action Plan were completed.  Continued visibility and recognition of all strategic risks in the Corporate Risk Register was important.


The Internal Audit Manager introduced three new actions in the Risk Action Plan; developing a long term relationship management in relation to existing tenants, any forthcoming recommendations from CIPFA and DLUHC reports in relation to capital risk mitigation, and the medium-term financial strategy and efficiency savings plan for addressing the budget deficit.


The Committee had an initial discussion of risk management software and whether it should be used by the Internal Audit team to support presentation of the Corporate Risk Register which has continued to evolve .  The possibility of using an in-house system was mooted.  The Independent Member recommended seeking advice from other local authorities who already used such systems. The importance of risk ownership was also discussed as it is important that risk management processes and reporting continue to embed this principle.


The Committee resolved


1.     to note the significant strategic risks and issues highlighted in the report, subject to the changes discussed, and

2.     to recommend that the Corporate Risk Register and Risk Action Plan be presented to the Corporate Policy and Resources Committee, and

3.    to note the discussion in relation to hybrid working and to add hybrid and flexible working to risk category 7 of the Corporate Risk Register.



Supporting documents: