The Committee to review and update the Strategic Risk Register.
The Chief Finance Officer presented the report. The Strategic Risk Register was presented to the Governance and Audit Committee every six months as part of the Committee’s Terms of Reference. The Chief Finance Officer confirmed that the Risk Register was a live document. There was no end date and it reflected the environment of the authority in respect of internal and external risks.
A thematic approach to risks had been taken by the Committee a year ago to move away from corporate risks to thematic risks. A mapping exercise was carried out to move the risks into a thematic style and allowed for live risks to be categorised under the headings and allowed for the register to be kept more up to date.
The report listed the actions and activities that had taken place since the register was last before the Committee under the seven headings. Significant progress had been made within the controlled environment of each risk.
The Chief Finance Officer reminded Members that the residual risk was placed on the risk after the controls had been implemented. A risk would have a gross risk score which would be the risk, if no controls were in place and that was measured by impact and likelihood.
The report contained a table which explained the risk which did have a subjective element in respect of the Officers who were taking responsibility for managing the risk. The residual risk was the risk the Council was exposed to after the controls are in place. The column on the right of the document detailed the actions being undertaken to help mitigate the risks listed and it was expected that the headings and responses would change going forward as new risks were added or became more urgent.
It was noted that all the residual risks currently sat either in the amber or green section. If a risk was in red, then the controls in place are potentially not sufficient to reduce the risk to an acceptable level. A further report would come to the Committee in the Autumn.
Strategic Risk Register to be included to the Work Programme to return to Committee in the Autumn.
The Chairman stated that the risk register was not in relation to specific risks, but more in respect of common themes that went through the authority.
The Chief Finance Officer stated that the themes within the risk register were looked at from a corporate perspective, they were not specific but were on a broader perspective, some were internal, others external and he gave examples of how this worked to the Committee which enabled them to be more stable and less volatile than other risk registers.
One Member asked if there was an Operational Risk Register that sat underneath the Strategic Risk Register, did it use the same risk scoring matrix. The Chief Finance Officer replied that there was an Operational Risk Register which was managed by Heads of Service specific to each section and risks and the methodology for control was the same with both gross and residual risks, however, it did not come under the remit of the Governance and Audit Committee.
It was proposed, seconded and AGREED to note the content of the report and the review of the updated Strategic Risk Register attached to the report at Appendix A.