Agenda item

Risk and Opportunity Management Strategy 2020 - 2022

Minutes:

The Senior Policy Officer presented the Risk and Opportunity Management Strategy 2020 – 22 and advised Members that the strategy had been refreshed to improve the effective risk and opportunity management in Plymouth, to comply with good practice and to effectively manage the potential opportunity of threat to the council in achieving its objectives. The intention was to increase the engagement and dialogue around risk and as a result the cycle with which the register of strategic risks was updated was increased in frequency from six monthly to three monthly.

 

Prior to questioning, Councillor Bingley praised the work of officers in creating the strategy which was considered to be coherent, sequential and chimed with what risk management should look like – the Senior Policy Officer confirmed that whilst he oversaw the work of the strategy, it was the Interim Senior Policy Officer who created the document.

 

Key areas of questioning from Members related to the following:

 

·        

what was the Leader’s span of control in dealing with risk management as it was considered that the overall decision maker might be prone to overriding the risks within the strategy – was there a firewall between who was leading this and the overall decision maker? It was responded that the Leader was active in reviewing the strategic risk register however the rating of the risk was the responsibility of the relevant director or service director who were accountable for the mitigation and implementation. There was considered to be a robust yet complex overall net of checks and balances whereby risk was checked at a numbers of levels within the Council;

 

·        

there was concern regarding the adult social care workforce and its fragility, was there anything further to add as the situation seemed to be worsening? It was responded that officers would continue to monitor the situation and would work to reinforce the residual element of the strategy to forecast the impact of mitigation and give timings to that which was key to managing risk;

 

·        

how many risk champions were there within the Council, who were they, who chose them and were they spread evenly across directorates? It was responded that there was at least one risk champion in each service area, directors were responsible for selecting who they felt was suitably placed to deliver the role and they helped with updates and coordination and carrying messages to and from the corporate centre;

 

·        

the Leader’s involvement with the risk register; it was responded that the Leader would discuss the register with Cabinet Members and they would lead the charge from the administration point of view. The responsibility and accountability for delivering the mitigation was worked up inside the service with the Director and Service Director. In terms of performance management, the increase in frequency enabled the ability to hold people to account. It was considered that 6 months was too long a period for red risks for formal monitoring and ensuring oversight in a formal way;

 

·        

how much time was there between a risk between reported as red, some action being taken, changes being implemented and then a report being published? Which Cabinet Members were responsible for the risks? In response it was highlighted that Members could be included in the document so they could be easily identified. It was also highlighted that Cabinet Members attended regular portfolio holder meetings during which red risks were discussed – the portfolio holder would be aware of the red risk before it reached the strategic risk register. It was clarified that risk registers were important and had two key functions - at a management level they had a role as a risk management document. For the Audit and Governance Committee they were risk assurance documents giving assurance that there was a sophisticated system to identify risks, score them and deal with them in the way described;

 

·        

what was the risk management process? In response Andrew confirmed he would provide Members with a process note describing the flow of the risk management process and would provide a timeline. A recent example of how something had been on the register and had been changed would also be provided;

 

·        

was an assessment carried out on moderation between risks? In response it was confirmed that consequences and probability of impact of risks in terms of identifying the score and if red, amber and green was undertaken. Moderation of risks was assessed by the corporate management team to ensure the risk was correctly scored and mitigation was in place to effectively deal with the risk;

 

·        

there was concern that the document was simply a risk strategy and was held by the Leader of the council making the risk assessment political. It was considered that a risk strategy should be a firewall with someone who owns it and then someone who was responsible for the executive decision making; in response it was confirmed that this would be considered by officers.

 

The Audit and Governance Committee agreed to note the Risk and Opportunity Management Strategy 2020 – 2022.

 

It was also agreed that Members would be provided with a process note describing the flow of the risk management process and would provide a timeline. A recent example of how something had been on the register and had been changed would also be provided.

 

 

 

Supporting documents: