To provide an update on the council’s approach to risk management arrangements. 

The Director of Finance (DOF) introduced the report the purpose of which was to update the committee on the council’s approach to risk management arrangements. The following principal points were noted.

1.     The committee were reminded that under the constitution it was not their function to examine specific risks but was to monitor the development and operation of risk management processes and receiving assurance from internal and external sources of the effectiveness of arrangements.

2.     The revised Risk Management Strategy had been completed, incorporating a new Risk Appetite Statement which defined the level of risk the council would be willing to accept to deliver the priorities of the Herefordshire Council Plan 2024-28 and annual Delivery Plan.

3.     The Strategy set out the approach and principles of risk management, outlining the council’s risk appetite, risk management objectives and confirms the roles and responsibilities of elected Members and Officers across the council.

4.     Effective risk management is essential to the delivery of the priorities set out in the Council Plan. Specially, the Council plan commits the council to ‘develop a Corporate Risk Strategy to improve the process for managing corporate and directorate risks.

5.     A risk manager had been appointed and was responsible for co-ordinating the approach, ensuring consistency in scoring and highlighting areas of best practise. They would report the corporate risks to the corporate leadership team (CLT) and the Audit & Governance Committee and work with colleagues across the council to help identify, assess and manage strategic risks.

6.     The Draft Strategy was included at Appendix A and would be formally approved by Cabinet in June 2025. Risk management arrangements in 2025/26 would include monitoring and reporting of Corporate Risks via quarterly reports to Cabinet.

In response to committee questions it was noted.

      I.         Part of the role of the risk manager is to champion risk activity across the organisation as well as promoting and providing training and development. Their role is to ensure risks are consistently being scored using the same risk appetite set against the Council priorities.

     II.         Risk owners are responsible for ensuring arrangements are in place within their directorates and services to identify and manage risks in accordance with the council’s risk management framework.

   III.         Spreadsheets are currently in design to ensure consistency in data collection, reporting and aligns back to the risk appetite statement and the Council plan priorities. Risk owners are responsible for this action.

   IV.         The strategy is a live document that would be reviewed annually to ensure the risk appetite remains and to review the ever-evolving strategic risks. *The committee suggested that the frequency of review be recorded in the “Step 6: Monitor and update” section.

    V.         The corporate risk registers had been reviewed in collaboration with the Cabinet member, CLT and Cabinet. Historically it had been a large document which had been made leaner to include the corporate risks and strategic risks that were being managed that threatened the delivery of the Council plan objectives.

   VI.         Members were now clearly identified  ...  view the full minutes text for item 53