The Risk and Insurance Officer presented the report of the Strategic Director of Transformation and Resources and gave a presentation on the development of a revised Corporate Risk Management Policy. He indicated that the need to improve the Council’s approach to managing risk had been recognised for some time and had been flagged as a priority in last year’s Internal Audit report and in the Peer Review. In addition, a key element of the Council’s vision for 2016, that the organisation would be ‘risk aware, not risk averse’, made the need for a revised and more effective approach to handling risk even more important. He set out the role of the Policy within the Risk Management Framework and highlighted what should an effective risk management policy should contain, with reference to the British and International Standard for risk management (BS ISO 31000:2009). In developing the Policy, he had also included topics covered in a risk management strategy and had taken account of discussions with risk managers in a number of authorities and other professionals within the Council, prior to it being shared with the Cabinet Member for Governance and Improvement and being approved by the CESG in October 2013.

He highlighted the key points of the new Policy, which envisaged a key role in the Council’s risk management arrangements to be played by the Committee and by Internal Audit. The Policy would result in clearer risk analysis, enhanced reporting arrangements, more guidance and training for Members and a clearer, specific reference to risk management in Council policies and strategies.

In response to comments from Members, he confirmed that the CESG were responsible for the Corporate Risk Register and would continue to review it each quarter. Directorate management teams reviewed their risk registers on a monthly basis, in order to inform the reviews of the Corporate Risk Register. It was also proposed to identify ‘Risk Champions’ in each Directorate and, whilst the full extent of their role was yet to be agreed, he proposed that it could include the provision of support to each DMT with managing the Directorate Risk Register, assisting with training and acting as the main point of contact for Internal Audit reviews. In response to a further comment, he proposed to clarify within the Policy the link between the role of the Committee in testing the effectiveness of controls and the Annual Audit Plan.

Resolved –

(1)  That, subject to the views of the Committee being incorporated, the draft Risk Management Policy be approved and referred to the Cabinet for formal adoption on behalf of the Council.

(2)  That regular reports on progress towards implementation of the risk management action plan be presented to future meetings.