To receive a report on the Council’s Strategic Risk Register for Quarter 2.

Paul Harrington, Chief Auditor, submitted a schedule updating the Committee on the Q2 status of the Council’s 2020/21 Strategic Risk Register (SRR), in line with the requirements of the Council’s Risk Management Strategy.  The SRR was attached to the report at Appendix 1.

The report explained that the SRR had been developed to provide a focused and high level overview of strategic risks for staff, councillors and other stakeholders, and was supplemented by more detailed directorate, service and project risk registers.  The primary aim of the Strategic Risk Register was to identify those key vulnerabilities that needed to be closely monitored.  Risk appetite had been introduced to the SRR in 2018, which established the level of risk that an organisation was willing to seek or accept in order to meet its long-term objectives. This approach was consistent with the Institute of Risk Management which advised that risk appetite should be identified for each risk.  In order to focus attention on areas of greatest risk, the SRR should only include the key current risks that did not exceed the risk appetite level. As a result, it was recommended that where risks had been rated as ‘green’ for two or more consecutive quarters they should be removed from the Register and would only be re-instated should the risk level rise again.

The SRR highlighted fourteen risks, five of which were rated as ‘red’ as follows: ‘The Council does not create and deliver a sustainable Medium-Term Financial Plan and/or achieve a balanced budget; Provider Failure & Market Sustainability Issues and Failure of major contract causes financial, service delivery, legal and H&S issues which directly impact the Council; Insufficient vision and strategy for sustainable economic development and resilience; BFfC – Failure of the new Children’s Company to improve service levels and financial overspend; and Cyber-attack results in service disruption, data loss or damage, financial loss and/or reputational damage’.

Resolved:     That the Council’s Strategic Risk Register, as at September 2020, be noted.