Q4 Risk Report 2023/24:
To receive a report from the Group Manager, Insights and Transformation.
Minutes:
Suzanne Rolfe, Group Manager - Insights and Transformation presented Members with the Q4 Risk Report 2023/24, pages 23 to 36 of the Agenda refer. A copy of the Quarter 4 Strategic Risks Register (SRR) was attached at Appendix A, pages 29 to 36 of the Agenda refer.
Members were invited to put their comments and questions forward.
· A Member commented on risks that required more visibility which included business rate rebate uncertainty and divesting of property bonds due to impending MRP changes and supported that these potential risks needed to be clearly identified.
· In reference to Paragraph 2.4, where Ash tree dieback was classified as a high operational risk, a Member queried the extent of the risk and whether financial and environmental impact considerations were included, page 26 of the Agenda refers. In response, the Group Manager – Insights and Transformation advised Members that further clarification on the risk would be obtained from the lead officer.
· In further reference to Paragraph 2.4, Members queried the reasons that ‘Skegness Waterway’ and ‘sand’ was classified as a high operational risk and made comment on the risks that had not been included.
The Group Manager - Insights and Transformation advised Members that the headlines of risks had been simplified to balance the level of detail against the Committee’s responsibility to have assurance. The Group Manager - Insights and Transformation confirmed that additional detail would be included in the Risk Register and further details would be shared.
· A Member commented on the hard copy format of the Q4 Strategic Risks included at Appendix A, pages 29 to 36 of the Agenda refer. In response, the Group Manager - Insights and Transformation advised Members that future papers would be circulated to Members on A3 paper to ensure good readability.
· A Member further spoke in support of increasing the level of detail under risk headlines and agreed that a sub section should be created for business rate rebate risks and for risks to include elements of the budget. In response, the Group Manager - Insights and Transformation advised Members that a review of the wording would be undertaken with the Section 151 Officer.
· In reference to ELDC19 - Identification and Suitability of future Depot Accommodation, a Member queried the details behind the risk score that was allocated and whether internal communications were improving, page 31 of the Agenda refers. In response, the Group Manager - Insights and Transformation confirmed to Members that the risk scores included current and target risks and that the depot accommodation was currently a high risk with mitigating actions aimed to reduce the risk to medium. Members were advised that directions of travel and whether target risks were being met would be observed across the next few financial quarters.
· In reference to ELDC12 & ELDC13 – Technology Infrastructure failure and Cyber Incident, a Member commented on the high-risk score following mitigation measures and queried whether it was ELDC or PSPS who wished to tolerate the high-risk situation, page 30 of the Agenda refers. In response, the Group Manager - Insights and Transformation explained to Members that challenges existed for reducing IT risk from high and that while mitigation action would continue, the risk from the impact of an incident would always remain high.
The Group Manager - Insights and Transformation further advised Members that the IT Manager and the Client Lead had worked together to make the decision on classifying the risk and that further information would be provided to the Committee following subsequent risk reviews.
· In reference to Paragraph 2.3 and the supporting table, a Member commented that four out of the eight risks did not have any mitigations and queried whether risks to the benefits to the Partnership had been identified and included in the risk register, page 25 of the Agenda refers. In response, the Group Manager - Insights and Transformation informed Members that the risks originated from the Memorandum of Agreement (MOA) and that there were opportunities for scrutiny of the risk register annually which would incorporate risks in relation to benefits to the partnership.
· A Member queried whether the Council’s risks were affected by relationships with Local Authority Company’s (LACo) and commented on Triton Knoll and the windfall investment of £9m for market towns and villages. In response, a Member commented that communications across the Partnership and between Members were a risk where information was not disseminated.
· In relation to fraud risk, a Member requested assurance that the fraud risk register was reviewed and all aspects were assessed. In response, the Group Manager - Insights and Transformation confirmed that fraud risk headlines had been included in the current report and that the risk register would be updated as part of ongoing reporting.
The Section 151 Officer informed Members that a full review was undertaken in 2023 with the assistance of the internal auditor to mainstream the fraud risk assessment and management process. The Council did not hold a separate risk register as the risks were consolidated into one register. Further assurance was provided that other arrangements were in place to minimise and mitigate against fraud including a control framework which had recently been enhanced across the Partnership to include counter fraud arrangements.
No further comments or questions were received.
Following which, it was
RESOLVED:
That the Q4 Risk Report 2023/24 be noted.
Supporting documents:
- Q4 Risk Report 2023-24 240619, item 8. PDF 248 KB
- Appendix A - Q4 strategic risks 240619, item 8. PDF 225 KB