Meeting documents

1. The purpose of this report is inform Members of the Risk Management update report presented to Cabinet on 24 February 2006. A copy of the report is attached for information.

2. The Corporate Risk Manager will be attending the meeting and will be available to answer Members questions.

3. That Corporate Scrutiny Sub-Committee Members note the contents of this report.

1. The purpose of this report is to give Members an insight into the work carried out by the Corporate Risk Manager and the Corporate Risk Management Group during the quarter period October - December 2005.

2. This is the first such quarterly report to be issued to the Cabinet, who have overall responsibility for risk across the Council, and the Overview and Scrutiny Corporate Sub-Committee. Future reports will include an overall summary of current major risks and a measure of the achievement against performance indicators for risk management. They are not included in this report as the Strategic and Service risks are currently being revised, and performance indicators are currently under development. This report positively responds to a Key Line of Enquiry in Use of Resources under the Comprehensive Performance Assessment.
3. To date within the Council, a large amount of work has already been carried out in shaping and developing our approach to risk management. In summary, Cabinet and the Corporate Management Team have designated the Deputy Leader of the Council and the Deputy Chief Executive (Policy and Improvement) as Member and Officer Risk Champions respectively. Together they jointly take responsibility for embedding risk management throughout the Council, and are supported by the Corporate Risk Manager. Each Service also has a designated member of staff (the Service Risk Manager) to lead on risk management at a Service level, and act as a first point of contact for staff who require any advice or guidance on risk management.
4. Collectively, the Service Risk Managers and the Corporate Risk Manager meet together as a Corporate Risk Management Group, to monitor the progress of implementing and maintaining effective risk management across the Council, advise on corporate and strategic risk issues, and agree arrangements for reporting and awareness training. The objective of the Corporate Risk Management Group is to oversee risk management activity across the Council , ensuring that risk management is embedded in our corporate business processes including strategic planning, financial planning, policy making and review, and performance management.
5. A Corporate Risk Manager, David Marshall, was appointed in August 2005. This has enabled further progress in developing the risk management arrangements within the Council, and helped us to build upon plans already in place, such as the risk management training provided in September 2005 to a number of Members and senior managers by The Risk Factor.
6. It is the responsibility of the Chief Officers to develop and maintain the internal control framework and to ensure that their Service resources are properly applied in the manner and to the activities intended. Therefore, in this context, Heads of Service are responsible for identifying and managing the key risks which may impact their respective Service.

• The revised strategic risk register has now been completed by the Corporate Risk Management Group, and will be submitted to the Corporate Management Team (CMT) for final approval when the Council’s new medium-term priorities have been agreed. In the meantime, the Head of Corporate Policy is ensuring the draft strategic risks are taken into account by each Service when they draw up their operational plans for the coming year.
• The Corporate Risk Manager and the Service Risk Managers agreed timescales for revising the service risk registers, including action plans to address the identified risks. To date, they are still on target to have their risks identified and assessed, and action plans in place to address the risk, all agreed by their respective Service management teams, by the end of February 2006.
• As well as good management practice and governance, it is a requirement of the Comprehensive Performance Assessment that we manage risks in relation to our Partnerships. The growth in Partnership working means that the Council faces increased financial, legal and reputational risk if problems arise, with the Audit Commission highlighting some cases which have resulted in a significant loss of public funds or reputation when things have gone wrong. Following the earlier issue of a draft proposal on how to manage the risks facing the Council in each of the Partnerships it enters, useful feedback was received on suggested changes. A revised draft approach for managing risk in Partnerships has now been completed, and will be ‘pilot tested’ against a small number of Partnerships to assess its effectiveness.
• In this quarter, the major items which have been identified as raising potential risks were the Government’s White Paper on future education provision, the risks surrounding a Pandemic Flu outbreak, and increasing fuel and energy costs. These have been noted by the Corporate Risk Management Group, and will be monitored, both at a strategic and Service level, to identify and address any risks that may arise.
• The Corporate Risk Manager provided facilitation and support at risk workshops for major projects underway within the Council, namely ‘Building Schools for the Future’ and ‘Waste Management’, and prior to the selection of the Northgate payroll system, to identify and assess the potential risks that may prevent their successful completion. Risk registers for the projects are now established, and this will enable the management responsible for their delivery to manage the risks throughout the lifetime of the project. Similar support has been provided to the IMSOP (Improving Services for Older People) programme in January 2006.

• In November, the Corporate Risk Manager presented:
• a risk management update to the Corporate Scrutiny Sub-Committee with responsibility for risk management, and a number of issues were debated with the Members present after the presentation.
• a risk management update to a number of Service management teams. It is anticipated that such updates will take place every six months with all Service management teams.
• The Corporate Risk Manager is currently working on developing internal risk management performance indicators. It is intended that these will be measured to ensure improvements in managing risk are being implemented, and benefit to the Authority is being derived from this.
• The Corporate Risk Manager represented the Authority at a seminar of the Association of Local Authority Risk Managers (ALARM). He will continue to attend this forum, to build networks with other public sector risk managers, and to raise the Council’s profile.

• In terms of risk management training, the Corporate Risk Manager is currently undertaking a training gap analysis, with the aim of presenting a draft plan to the Corporate Risk Management Group for training and awareness raising in the coming twelve months. The aim is to make effective use of the training support offered by Marsh (our Risk and Insurance Advisers), Gallagher Bassett (our Claims Handlers), and Zurich (one of our insurers), which is already included in the contracts with them as part of their added-value services, as well as using internal resource where appropriate in general awareness raising. This should enable us to focus the use of other external training organisations, which incur a direct additional cost, on those areas of the Council where it is clearly beneficial to do so.

• Specialist awareness raising on risk management relating to insurance has been provided to Service Direct by a combined presentation team from Marsh and Risk Management Partners.
• Specialist training on risk management relating to Health and Safety workplace inspections has been provided to Social Care and Health, and the Education Service, by Gallagher Bassett.