Agenda item

Risk Management Framework

To review a revised Risk Management Framework (report of the Assistant Director – Governance (Monitoring Officer) enclosed).

Minutes:

Consideration was given to the report of the Assistant Director – Governance which asked the Governance and Audit Committee to review a revised Risk Management Framework.

 

The Business Intelligence and Change Manager introduced the report which outlined the following main areas:

o   Introduction and definition;

o   Key principles and objectives of the Risk Management Framework;

o   Risk Management;

o   Benefits of Risk Management;

o   Key tasks of Corporate and Executive leaders;

o   Responsibilities of the Governance and Audit Committee;

o   Responsibilities of officers;

o   The role of Internal Audit to provide independent assurance;

o   Key components of risk management; and

o   The risk management process.

The draft Risk Management Framework was detailed at Appendix A

 

Members considered the update and made the following comments:

 

  • Members noted that both Boston Borough Council and East Lindsey District had already approved Risk Management Frameworks at their authorities, and asked whether comments from members at the current meeting would shape the framework to be adopted at South Holland District Council.
    • The Business Intelligence and Change Manager responded that:
      • Comments from the Committee would be taken forward in the final version of the framework to be recommended to the SHDC Cabinet for adoption; and
      • Whilst the approach to risk management was aligned across the partnership, each sovereign council held its own respective Risk Management Framework, and a unique risk register.
    • The Assistant Director – Governance responded that:
      • Due to the approval scheduling differential of Risk Management Frameworks across the partnership, the Assistant Director – Governance had been granted delegated authority to make minor amendments to frameworks should these be identified; and
      • In relation to this, the scheduling of processes in respect of policy approvals across the partnership would be reviewed.

 

  • Members asked whether the designated ‘Risk Officer’ and the ‘Risk Owner’ were the same.
    • The Business Intelligence and Change Manager responded that:
      • The ‘Risk Owner’ applied to the respective Assistant Director of the department where a specific risk had been identified; and
      • The ‘Risk Officer’ applied to the role of the Assistant Director – Governance. This role included responsibilities for the risk register with support provision from the Business Intelligence and Change Manager.

 

  • Members requested the following additions/amendments:
    • Regarding responsibilities of the ‘Governance and Audit Committee’ detailed on page 41 of the agenda:
      • Members noted a text amendment was required to the first Governance and Audit key task;
      • Members requested that wording reflect risk ‘mitigation’ treatment measures; and
      • Regarding self-assessment, members requested that the upcoming self-assessment questionnaire be forwarded to members in advance.
    • Regarding key tasks of the ‘Insights and Transformation Team’ on page 42 of the agenda:
      • Members asked that ‘weaknesses’ be described as ‘perceived weaknesses’
    • Regarding the demonstration of commitment of ‘Managers’ to risk management on page 42 of the agenda:
      • Members asked that where owned risks were monitored and updated that any changes be ‘circulated accordingly’ to ensure that knowledge and learning was shared.
    • Regarding the ‘All Staff’ narrative on page 43 of the agenda:
      • Members requested that this clarified that the council understood the nature of the different risks that could impact on its daily activities and goals.
    • Regarding ‘Procedure for Escalation and Delegation’ on page 44 of the agenda:
      • Members requested the insertion that ‘risks still needed to be reassessed regularly’.
    • Regarding ‘Risk Description’ on page 47 of the agenda:
      • Members requested that the description of the risk be written as ‘short and adequate’.
    • Regarding recommendations when risks were being reviewed or considered on page 48 of the agenda:
      • Members requested that where ‘risk owners were correctly identified’ that they also fully understood the nature of the risk being accepted.
    • Regarding the ‘Risk Response Transfer’ risk control on page 48 of the agenda:
      • Members asked that this be strengthened and include necessary action that needed to take place if the risk occurred.

 

  • Members asked whether interpretation of risk management training was given to new employees.
    • The Business Intelligence and Change Manager responded that following agreement/adoption of the new framework, risk management training would be formulated for both new and existing staff.

 

AGREED:

 

After consideration of the Risk Management Framework by the Governance and Audit Committee:

 

a)    That the comments of the committee be noted; and

 

b)    That the Risk Management Framework be supported and recommended to the Cabinet for adoption.

Supporting documents: