To consider the status of the council’s corporate risk register in order to monitor the effectiveness of risk management within the performance management framework.

The committee considered the status of the council’s corporate risk register.

The head of corporate performance presented the report, highlighting the following: the three new corporate risks, one risk that had been escalated to the corporate risk register, and the three risks that had been de-escalated; the changes to the corporate risk register since the last report were shown in red text in Appendix A; the directorate risk registers were provided in Appendices B to E, with a summary of changes shown in paragraph 8 of the main report; the risk maturity assessment provided in Appendix F provided a good foundation for progression, with the intention to undertake a risk management audit, to provide additional training throughout the council to embed risk management, and to build the developments required into the risk management plan; and the identification of potential software solutions to improve efficiency and to free officer capacity to work to embed risk management within the directorates.

The main points made during the discussion included:

i.             The risk maturity assessment was the first one undertaken with South West Audit Partnership internal audit services (SWAP), so comparison with other local authorities was not yet possible.

ii.            With attention drawn to certain references in the economy and environment risk register, it was explained that the risk registers related to the situation as at the end of February 2022 and some matters had been addressed in the intervening period.

iii.          In response to comments about potential risks associated with inflation and increasing costs of living, the head of corporate performance commented that the risk management framework was becoming more dynamic and reported on discussions with the leadership team on strategic and longer term risks.

iv.          It was suggested that the risk registers should make reference to strategic partners where the council relied upon those partners to deliver activities for the council.

v.           The director of finance resources and assurance acknowledged the need to reduce the lead-in time between the preparation and presentation of the papers but was not aware of any other significant risks that should have been identified as at the end of February 2022, albeit various reassessments had been undertaken subsequently during March and April.

vi.          The chief executive made a number of observations, including: the opportunity to present the risk registers was welcomed; the value of regular dialogue between the head of corporate performance and the leadership team regarding strategic risks for specific directorates and for the council as a whole; the need to reflect matters included in the annual governance statement and the external auditor’s annual report; the importance of ensuring that partnerships, such as the Herefordshire and Worcestershire Integrated Care System, worked well; and other challenges included workforce recruitment and retention, the delivery of major projects, the increasing demand for services, the ability to continue to deliver savings, and minimising exposure to cyber-attacks.  Reflecting on experiences in other local authorities, the chief executive emphasised the importance of a broad and deep approach, raising the profile of risk  ...  view the full minutes text for item 84