Agenda item

To receive the 2024/25 strategic risks and assurance framework.

The Head of Corporate Policy, Projects and Performance introduced the report which sets out the proposed strategic risks for 2024/25 and the 2024/25 Assurance Framework.

Confirming strategic risks for the year ahead was carried out in quarter 3, to enable the strategic risks to be approved by the Executive before the start of the reporting year (commencing 1 April 2024).

Several changes were proposed to the strategic risks for 2024/25, the detail of which was explained in the report.

As the Executive Member for Corporate Policy and Resources had explained in his earlier introduction, they reflect the anticipated closure of some risks during Quarter 4.

More generally, risk wording had also been reviewed to ensure it remained accurate and reflective of current circumstances.

The Committee was asked to note the strategic risks and make any observations for consideration by the Executive.

The Committee was also advised that the Assurance Framework was a new document introduced to support the updated Risk Management Strategy. It was primarily a management document and was therefore being presented for information.

The Framework captured the wide range of risks that the Council faced on a day-to-day basis. It recorded controls and mitigations that the Council had in place relating to each risk and provided an assessment of whether these were sufficient and within risk appetite.

Where risks recorded in the Framework were outside of the Council’s risk appetite, and receiving active management attention, they were escalated for inclusion in the relevant risk register.

In terms of SR5 (cost pressures affecting the viability of Council developments) the risk was expected to be proposed for closure in Q4 2023/24. This was because it was now being managed via business-as-usual processes, including, project management and the commercial governance framework.

In response to a Member’s question it was explained that, if Members did not support the risk being closed when closure was proposed in Q4, it would carry forward into 2024/25. The rationale for anticipating closure of SR5 was that the number of developments had reduced.

A Member asked why risks were being confirmed for the year ahead at this stage, before quarter 4 had been reported. It was explained that risks had to be approved before the start of the financial (reporting) year, but when it comes to reporting to the Committee, this takes place in arrears – this explains the ‘overlap’. Ensuring that a live risk register was in place from the start of each year is, for example, critical to support SIAP’s audit reviews.

The substitute Member explained that he was unhappy with the suggestion that SR5 might be closed without the detailed reasons being explained. Until the issues underlying the risks were concluded SR5 risk should be retained. It was explained that the rationale for closure would be presented to the Committee in Quarter 4.

It was agreed that the Audit Committee could make the observation to the Executive that SR5 should remain on the risk register in 2024/24 until Executive had considered the reasons for closing it. It was also noted that the two portfolio holders present had observed the Committee’s debate on this.

With regard to reviewing strategic risks, Members also noted that budget setting, by necessity, considered a range of risks, and the Chief Finance Officer confirmed that nothing new had arisen from the recent budget setting process that required further changes to the strategic risks.

Members observed that they found the Assurance Framework within the report very helpful.

RESOLVED that the Committee:

(i)             Notes the strategic risks (available at annex 1) for 2024/25 and makes any observations to the Executive; and

(ii)            Notes the 2024/25 assurance framework (available at annex 2) and makes any comments to the Head of Corporate Policy, Projects and Performance.