Meeting documents
Corporate Scrutiny Sub-Committee (DCC)
Tuesday 29 August 2006
Meeting: Corporate Scrutiny Sub-Committee (County Hall, Durham - Committee Room 1A - 29/08/2006 10:00:00 AM)
Item: A3 Corporate Risk Management. (a) the work of Corporate Risk Management in relation to the quarter period April - June 2006 (b) Risk Assessment of Key Decisions
Scrutiny Sub-Committee for Corporate Management Issues
29 AUGUST 2006 Corporate Risk Management |  |
| Report of the Deputy Chief Executive on behalf of the Corporate Risk Management Group |
Purpose of Report
1. The purpose of this report is to inform Members of the Risk Management update report presented to Cabinet on 22 August 2006. A copy of the report is attached for information.
2. Members to note that Councillors’ Forster & Henderson have been identified as the lead Overview & Scrutiny Members for Risk Management. They will be liaising with the Corporate Risk Manager on a regular basis and be kept informed on relevant issues as they arise.
Comments
Recommendation
| Contact: David Marshall, Corporate Risk Manager on behalf of the Corporate Risk Management Group - Tel: 0191 3835726 |
| Briefing to Cabinet 22 AUGUST 2006 The Work of Corporate Risk Management in relation to the Quarter period April - June 2006. |
| Report of the Deputy Chief Executive on behalf of the Corporate Risk Management Group |
Purpose of Report
1. The purpose of this report is to give Members an update on the work carried out by the Corporate Risk Manager and the Corporate Risk Management Group during the quarter period April - June 2006. As well as good management practice, this report also positively responds to a Key Line of Enquiry in Use of Resources under the Comprehensive Performance Assessment.
Background
2. To date within the Council, a large amount of work has already been carried out in shaping and developing our approach to risk management. In summary, Cabinet and the Corporate Management Team have designated the Deputy Leader of the Council and the Deputy Chief Executive as Member and Officer Risk Champions respectively. Together they jointly take responsibility for embedding risk management throughout the Council, and are supported by Keith Thompson (Assistant County Treasurer) and Burney Johnson (Head of Transport Strategy and Design), the lead officers responsible for risk management, as well as the Corporate Risk Manager. Each Service also has a designated member of staff (the Service Risk Manager) to lead on risk management at a Service level, and act as a first point of contact for staff who require any advice or guidance on risk management.
3. Collectively, the Service Risk Managers and the Corporate Risk Manager meet together as a Corporate Risk Management Group. This group monitor the progress of risk management across the Council, advise on corporate and strategic risk issues, identify and monitor corporate cross-cutting risks, and agree arrangements for reporting and awareness training.
4. It is the responsibility of the Chief Officers to develop and maintain the internal control framework and to ensure that their Service resources are properly applied in the manner and to the activities intended. Therefore, in this context, Heads of Service are responsible for identifying and managing the key risks which may impact their respective Service.
Current Status of Risk
- A revised draft Strategic Risk Register has now been prepared by the Corporate Risk Management Group, and will be submitted to the Corporate Management Team (CMT) for final review and approval.
- The top five risks in each Service are summarised in Appendix 2 of this report, and are supported by a level of greater detail in Appendix 3.
- In this quarter, the major item which emerged as raising potential risks was the Lyons Enquiry on local government.
Key Highlights in this Quarter
- A process to ensure effective assessment and highlighting of risks associated with Key decisions has approved by the Corporate Management Team, and is awaiting Cabinet approval.
- The Corporate Risk Manager provided facilitation and support at risk workshops for major projects and initiatives underway within the Council, such as the Local Area Agreement.
- Internal risk management performance indicators have been developed, and data is being collected to establish their adequacy and effectiveness in measuring performance.
- A risk management training plan has been developed, making effective use of the training support offered by Marsh (our Risk and Insurance Advisers), Gallagher Bassett (our Claims Handlers), and Zurich (one of our insurers), as part of their contracted services. Internal resource will also be used, where appropriate, in general awareness raising. This approach will enable us to minimise the costs of training provision.
Recommendation
The Cabinet are requested to note this report.
| Contact: David Marshall, Corporate Risk Manager Tel: 0191 3835726 on behalf of the Corporate Risk Management Group |
| Appendix 1: Implications |
Finance
Addressing risk appropriately reduces the risk of financial loss.
Staffing
Staff training needs will be addressed in the 2006-07 training plan.
Equality and Diversity
Addressing risk appropriately reduces the risk of failing to achieve the 5 levels of the Equality Standard for Local Government, which the Council has set out as a target to achieve.
Accommodation
None
Crime and disorder
None
Sustainability
None
Human rights
None
Localities and Rurality
Managing the risk surrounding the Local Area Agreement will positively impact localities through better service delivery.
Young people
Managing the risks surrounding Children and Young Peoples Service will support the delivery of a high quality service.
Consultation
None
Health
Managing the risk surrounding the major partnerships with Healthcare providers will positively impact citizens through better service delivery
| Appendix 2: Highest Risks in Each Service (Summary) |
The following is a summary of the top five Net risks for each Service, derived from the risk register of each Service. These are based on an assessment by the Service of the impact and likelihood of the risk occurring with existing controls in place.
In this report, risks reported under Children and Young Peoples Services and Adult and Community Services are broken down into categories which reflect the different areas brought together to form these Services. Clearly, at the present time, a major inherent risk for these Services is the transition from the existing Service structure to the new Service structure.
Although Customer Services is a division of the Chief Executive’s Office, it has been highlighted separately below due to the high dependency on it by other Services in the Council.
Adult and Community Services
- Adult Services - Given the context of demographic shift, the major risks are insufficient funding to meet the demand for eligible Adult services, and the need to improve services to meet changing national standards and changing user expectations, which will impact on the role and size of the internal provider of Learning Disability, Older People and Physical Disability and Sensory Impairment services. Other major risks focus on a reduction in funding for ‘Supporting People’ (note the stakeholder risk in the relationship with Districts), failure to deliver the Local Area Agreement target for direct payments, and the market being unable to satisfy demand for funded services at an acceptable cost.
- Community Support - The major risks facing this Division are reputational, relating to Gypsy and Traveller issues and connected to the lack of capacity in the Gypsy and Traveller service, specifically the management of Gypsy and Traveller sites, litigation around health and safety and Human Rights, and the lack of a strategy for Gypsy and Traveller services. Other major risks are cuts to the Welfare Rights Service, and non-delivery of the Community Safety Strategies.
- Culture and Leisure - The major risk is reducing budgets, which diminish the Service’s ability to sustain a ‘comprehensive and efficient’ public library service under the Public Libraries and Museums Act 1964, and other front line services. Other risks include ongoing difficulties with recruiting and retaining front line staff, effects on service from anti social behaviour and vandalism in certain areas of the County, and the effective delivery of capital build schemes.
- Attainment - The major risks are failure to meet targets in Key Stage 3 and Key Stage 4 attainment and staying on into post-16 structured learning, and a deterioration in judgements in the next Inspection of the LEA / Annual Performance Assessment / Joint Area Review. Also, the increasing likelihood that the quality of school buildings will deteriorate at a faster rate than the Council can afford to maintain them. These are linked to the ongoing Building Schools for the Future programme, and the Durham Johnston School project. Failure to promote access to and expansion of service delivery, such as in vocational education, and Schools opting to become foundation or trust schools, leading to an un-coordinated approach to school admissions and school improvement, are also considered important risks.
- Safeguarding - The major risks are the closure of part of the Secure Unit due to underutilisation, reduced performance against CSCI, CPA ratings and duties to Safeguard, and the increasing cost of social care provision for children returning from out of County residential schools. Other major risks surround the transition of children and families from Children Services into Adult Services, and the failure of Partnerships to deliver required performance benefits.
The major risks facing this Service are the potential reduction over the next two years of external funding which is used to fund Social and Economic Regeneration Projects in County Durham, and a failure to implement effective partnership arrangements, such as the County Durham Strategic Partnership and the County Durham Economic Partnership. Other key risks include not adequately improving service delivery and access to services through the Contact Centres, and failure to develop policies which reflect national policy.
Customer Services
The major risks facing this Service are a breakdown in working relationships with the third party IT provider on the BSF programme, inadequate level of service delivery to end-users, and a major interruption to IT service delivery. Other major risks surround the lack of an adequate and effective IT strategy, and the relocation of the primary data centre
Corporate Services
The major risks facing this Service are related to procurement, in terms of failing to manage assessments of issues surrounding procurements, and external influences on the procurement strategy. Other major risks include low quality transport monitoring, such as the financial/revenue control for bus services, and the lack of a central programme of training or inspection of vehicles. The failure to undertake recruitment checks, and the inability to attract and retain skilled staff in specific areas, are also major risks.
County Treasurers
The major risks facing this Service are failing to achieve the target savings in the 2006/07 budget, not achieving CPA Use of Resources level 3 and thus losing four-star status, and not setting a budget within the statutory date. Failure to set a robust budget to manage the Authority’s finances, and the anticipated benefits of the Dual Responsibility arrangements not being delivered, are the other major risks.
Environment
The major risks facing this Service are those surrounding the Waste Management project. Other significant risks are planning enforcement procedures not being procedurally correct, the collapse of a lighting column, and failure to deliver the environmental improvements identified in the Urban and Rural Renaissance Initiative.
Service Direct
The major risk facing this Service is the proposed relocation to the Meadowfield site. Other key risks include reduced core workload, uneven workflow patterns, failure to plan for changes in legislation, and the risks associated with maintaining profit levels and reserve fund.
| Appendix 3: Highest Risks in Each Service (details) |
TO VIEW APPENDIX 3 PLEASE CLICK ON PDF ATTACHEMENT OR REFER TO HARD COPIES LOCATED IN CORPORATE SERVICES AND THE COUNTY RECORD OFFICE
Scrutiny Sub-Committee for Corporate Management Issues
29 AUGUST 2006 Corporate Risk Management | |
| Report of the Deputy Chief Executive on behalf of the Corporate Risk Management Group |
Purpose of Report
1. The purpose of this report is to inform Members of the report ‘Risk Assessment of Key Decisions’ presented to Cabinet on 3 August 2006. A copy of the report is attached for information.
Comments
Recommendation
| Contact: David Marshall, Corporate Risk Manager on behalf of the Corporate Risk Management Group - Tel: 0191 3835726 |
| Cabinet 3 August 2006 Risk Assessment of Key Decisions | |
| Report of the Deputy Chief Executive | |
1. The purpose of this report is to recommend a process to improve the assessment and reporting of risks and opportunities surrounding Key Decisions made by the Council.
2. As well as good management practice and governance, the Key Lines of Enquiry in Use of Resources under the Comprehensive Performance Assessment require that ‘Reports to support strategic policy decisions include a risk assessment.’ 3. Currently, each Key Decision Report includes an Implications section, which highlights the potential impact of the recommended decision, but does not require a formal assessment of the risks involved.
4. To ensure that the Corporate Management Team and Cabinet are fully informed of the major risks associated with the Key Decision, and as a positive response to the Key Line of Enquiry, the process needs to be improved to ensure formal risk assessments are undertaken. It is essential that an appropriate level of risk assessment is applied, which is documented and covers a broad range of risks.
5. A proposed new process, which includes guidance for those officers who need to implement it, is attached to Appendix 2 of this report. The objective of this process is to first identify those Key Decisions which require a risk assessment. This should ensure that the amount of work undertaken is proportionate to the particular decision. Then perform that assessment and report the major risks to the Corporate Management Team and Cabinet. Any assistance required in applying the process will also be available from the Corporate Risk Manager and Service Risk Managers 6. Over the coming months, the Corporate Risk Manager will work with the Acting Director of Corporate Services, amending the process where necessary to ensure that the benefits are optimised and the associated bureaucracy minimised.
7. It is recommended that the Cabinet approve the implementation of this process for Key Decision reports.
| Contact: David Marshall, Corporate Risk Manager Tel: 0191 3835726 on behalf of the Corporate Risk Management Group |
Appendix 1: Implications
| Finance Addressing risk appropriately reduces the risk of financial loss. Staffing None. Equality and Diversity Addressing risk appropriately reduces the risk of failing to achieve the 5 levels of the Equality Standard for Local Government, which the Council has set out as a target to achieve. |
GUIDANCE FOR RISK ASSESSMENT OF KEY DECISIONS
Introduction
This process details how to evaluate risks associated with Key Decisions, using the definition of a Key Decision in the Council constitution. The process will ensure that CMT and Cabinet are fully informed of the major risks associated with proceeding or not proceeding with a Key Decision, prior to making that decision, thus increasing the probability of successfully delivering our aims. Identifying these risks at an early stage also ensures that, where it is practical, they can be effectively managed to prevent them materialising into actual problems.
This is a two-step process, which should be carried out by the person who prepares the report:
· Firstly, do an initial review of the proposed solution/ issue raised in the report supporting the ‘Key Decision’, to determine if a full risk-assessment is needed;
· Secondly, perform the risk assessment (as defined in Step 2 of this process of the following page).
If you need any assistance in implementing this process, please contact your service risk manager.
Step 1 - Initial Review
I. The criteria are set out below for this initial review. II. If any of these criteria score Significant, (either in terms of impact on the Council, or on the community at large) then a full risk assessment should be undertaken. If none of these criteria score significant, then summarise any risks under the appropriate Headings in the Implications section of the report. Note that some of these will require your subjective opinion. III. You should retain the results of this initial review as evidence to support why the approach chosen, and this should be signed-off by the Head of Service.
NB: Where a register of the key risks is already in place and being managed for this Key Decision (typically, this will apply to major projects and Partnerships), then it is unnecessary to perform the risk assessment again. It is sufficient to refer to the project or Partnership risk register and highlight any key risks from it. Any such key risks should still be presented in the Key Decision report in the same format as Figure 1 below.
Criteria for Initial Review
· Potential impact on stakeholders (employees, citizens, Partners and other local authorities and public service organisations, voluntary bodies, central government)
Minimal = minimal impact on stakeholders
Minimal = minimal impact on delivery of policy or initiative
Minimal = this key Decision will not impact the existing status rating
Minimal = implementing or not implementing this Key Decision will not prevent delivery of the Council’s corporate objectives or priorities
Minimal = up to and including £500k
Minimal = up to and including £500k
Minimal = up to and including £500k
Minimal = involvement by two Services, or within a Service
Minimal = no critical dependence on external suppliers
Minimal = all critical partners agreed to commit to this course of action
Step 2 - Full Risk Assessment
The author of the report should perform the risk assessment. If more than one Service will be impacted by the ‘Key Decision’, the author of the report should involve the other Services in the risk assessment, to ensure all major risks are identified and adequately assessed.
To perform the full risk assessment, you will need to complete the risk assessment spreadsheet (available on the Intranet) by going through the following process:
I. Identify the potential risks faced by implementing or not implementing this Key Decision. As a starting point, use the guide (available on the Intranet) of the typical risks that you may wish to consider. It is not mandatory to include any of these in your risk assessment if they are not appropriate, as they are for guidance only. II. Consider the potential impact of each risk III. Then assess each risk by using the Impact and Likelihood Factors (available on the Intranet), and enter the scores into the risk assessment spreadsheet. This is done by adding together the scores for financial, service delivery and stakeholder impact. Then multiply this sum by the likelihood, to create total risk score for that risk. IV. Identify any potential actions that could be taken to treat the risk. V. The completed risk assessment spreadsheet should be retained for evidence. VI. Where the Head of Service is not performing the risk assessment, they should sign-off their approval of the final version of the assessment. VII. If the total risk score for any risk is 13 or above, or if any of the individual impact factors are 4 or above, then it is classed as a Reportable Risk. VIII. A table of only those Reportable Risks on the risk assessment spreadsheet should be reported as an appendix at the end of the Key Decision report in the following format:
Figure 1
(THIS IS AN EXAMPLE ONLY TO DEMONSTRATE PRESENTING A RISK ASSESSMENT)
TO VIEW FIGURE ONE PLEASE CLICK ON PDF ATTACHEMENT ABOVE OR REFER TO HARD COPIES LOCATED IN CORPORATE SERVICES AND THE COUNTY RECORD OFFICE
Attachments
06-07 - Quarterly Report - Quarter 1 - CABINET.pdf;
06-07 - Quarterly Report - Quarter 1 - O&S - Key Decisions.pdf;
Report to Cabinet Briefing on proposed process 21 July 2006.pdf;
06-07 - Quarterly Report - Quarter 1 - O&S - Update.pdf