·        

the operational risk register linked to departmental business plans and focused upon risks posed by failed systems or processes. The strategic risk register focused upon risks that affected the organisation as a whole;

·        

headlines from the report included: there were three new risks added to the strategic risk register bringing the total to 20 risks. These new risks focused upon cyber-attacks, staff resilience linked to stress and the additional contributions to offset the council’s pension deficit in 19/20;

·        

there were currently 126 risks on the operational risk register; red risks had increased from three in October 2021 to four as provided in the update. The red risks related to risk of loss of life or injury or property damage due a tree falls in the city, management arrangements of asbestos, risk of injury linked to traffic management and segregation at council depots and risk of loss of confidential and sensitive data. Action had been taken to reduce risk however the impact of mitigation was highlighted as not being immediate in all instances.

·        

was the risk register interrogated anywhere else in the authority by Members?; it was responded that the appropriate Cabinet Member would consider the documentation and that risks were also considered by senior officers of the Council at departmental and senior management team meetings;

·        

concerns were highlighted regarding the 120 operational risks included in the register – it was considered that the number was too large for the committee to break down, that trend data wasn’t included, that mitigation wasn’t provided for all risks and there was no way of testing if mitigation was effective. It was queried where the register was considered and by whom, how was it scrutinised and what should be prioritised? There was a request that these points were included in the review of the register that was referred to in the report as taking place in May 2022 in order to ensure its effectiveness and ensure that action was taken and completed. This was supported by Councillor Shayer (Cabinet Member for Finance and Economy) who agreed that the register could be considered as being unwieldy therefore would focus on risk reduction, reporting and the number of risks currently included. As part of this discussion at committee, Members were advised that it was not the role of the Audit and Governance Committee to scrutinise the register, but to gain assurance that there was a workable system of risk assurance and assessment however input into an informal review would be welcomed;

·        

it was queried why a risk relating to the workforce in adult social care was referred to in the report, however reference was not made to the childrens social care workforce despite known recruitment and retention issues; it was responded that information contained within the report was provided by the childrens department and it was likely that this information had been unintentionally omitted;

·        

it was queried if the costs associated with the operational risks were identified in the earmarked reserves? It was responded that operational risks would be expected to be managed within existing resources.

1.      

request that their concerns of the risk register, specifically regarding the number of risks, the lack of trend data and mitigation, who and where the register was considered, how risks were scrutinised and prioritised, were considered as part of the informal review scheduled for May 2022;

2.      

note the current position with regard to the Strategic Risk and Opportunity Register.