Agenda item

Aimee Jackson, Risk and Insurance Manager introduced the item and made the following points:

·  The Corporate Risk Report and Annex 1 to the report detailed the Amber risks and although these did not sit in the Corporate Report it was important that members were made aware of these as well and these were presented twice a year to the committee;

·  The authority monitors and manages its corporate risks through the Corporate Risk Register. The contents of the report highlighted the high-priority corporate risks and show the arrangements that were put in place to ensure these risks were monitored and managed appropriately;

·  The Council was dedicated to a proactive approach on risk management and required that all departments cooperate on the risk strategy with the aim of driving a robust risk model and an improved risk landscape. This would help solidify an understanding and encourage engagement around the risk journey;

·  To that end, officers had started to look at developing a new online Risk Management System, which centralised the risk registers that were also having a refresh. This approach would help create a better understanding of how the risks were tracking and identify any trends across our portfolio. This would be done in line with the Risk Management Strategy refresh next year and there would be some interesting updates to follow;

·  This report represented the position at the beginning of August 2024 and as such was a snapshot of where the risk and the mitigations sat at that point in time. It was worth noting that some of these risks may well have moved on since that point;

·  Risks had to be assessed in respect of the combination of the likelihood of something happening, and the impact arising as a result, risk management includes identifying and assessing risks and then responding to them. Risk was unavoidable, and every organisation needed to take action to manage risk in a way which justifies it to a level which was tolerable to their business needs;

·  At staff level, the Corporate Management Team (CMT) regularly considered the corporate risk register and the Governance & Audit Committee considers changes to the corporate risk register, the reasons for the changes and actions being taken to mitigate the likelihood and impact of those risks. A view was also taken regarding the extent to which the risks should be tolerated;

·  There had been no movement on the risk scores. Directors and Heads of Services had reviewed the risks and also updated the mitigations for their respective service areas as detailed in the report;

·  It was good to note that Berths 4/5 risk had now reduced significantly and would no longer feature on this report

·  There had been several new risks added since the last presentation in March. A few of the more prominent risks had been highlighted for members to comment and note;

·  Underinsurance on HRA and Estates Properties had a total score of 9, Impact was 3 and Likelihood was 3;

·  Council ran the risk of being underinsured due to poor maintenance and valuations not being completed. This led to a view of the Council being seen as being deliberately underinsured. This could mean that claims costs were not covered. The Council would be subject to higher excesses and higher premiums and also could be subject to averages which meant that full claims costs were not met in the future;

Mitigations

·  The Risk and Insurance Manager would need to reach out to both teams asking for their assurances, how they were tackling these issues and then to devise a plan. The Risk and Insurance Manager had been working with Estates initially on this matter. Some progress had been made in identifying the more high profile and high-risk properties that had an urgent need for valuations. This work was in progress and it was hoped more updates would be provided to the committee on the next reporting cycle;

·  Empty Properties and when tenants hand back the keys had a total risk score of 9 with a recorded Impact of 3 and Likelihood score of 3;

·  Properties left with services still "live": Heating/lighting and water services needed to be isolated to prevent energy costs and potential damage from frost/ice etc. This was a potential fire risk with unattended live electrical circuits;

·  There was a risk of water damage should pipework freeze and expand joints, leading to burst pipes and flooding;

·  This in turn would create a situation where the Council would be unable to re-let these properties to potential tenants, causing loss of revenue and additional repair costs. Insurance claims were possible, however there was inadequate cover from the Council’s insurers as they did not cover certain risks;

Mitigations

·  Create protocol whereas all properties that became vacant would have compliance inspections and all but necessary services (excluding fire/alarms) would be isolated;

·  Adopt a form for vacant property handover;

·  Channel failure: There were total scores of 8, an Impact of 4 and Likelihood of 2;

·  Much of the Council's communication was now digitally led;

·  The Communications Team was heavily reliant on digital channels including the Council's own website and its social media channels;

·  The risk was that if one of the channels had an outage/crashed, particularly during an emergency. The Council’s ability to transmit important information directly to residents and stakeholders would be severely curtailed.

Mitigations

·  The Council's website was cloud hosted and as part of the contract required 99.9% uptime. Risks around this were picked up as part of the Digital Risk Register;

·  There was a need to ensure that the Council’s business continuity plan was updated to identify potential other more traditional means of communication in the event of any digital points of failure;

·  This would include activity such as direct mail to properties, using the media to share any key messages, posters and notices in public places and relying on the support from other community group networks. This would be picked up in the new disaster recovery plan led by ICT and Digital.

Committee members asked questions and made comments as follows:

·  One member asked why Berth 4/5 had come off the risk register;

·  Another member said that the risk had dropped from £500k to £200k.

Mike Humber, Director of Environment and Aimee Jackson responded as follows:

·  It was the financial risk that had Berth 4/5 on the risk register;

·  Berth 4/5 was still on the risk register but not high enough to be in this report before the committee.

Councillor Britcher proposed, Councillor Davis seconded and members agreed that the following recommendation be forwarded to the next quorate meeting of the Governance & Audit Committee for confirmation:

To approve the corporate risk report.