Agenda item

Report by the Director of Finance and Support Services.

The Committee is asked to review the information detailed in the report and the current Corporate Risk Register, and provide comment as necessary.

16.1   The Committee considered a report by the Director of Finance and Support Services (copy appended to the signed minutes).

16.2   Mr Clark, Children’s First Transformation Director, attended the committee following a request made at the previous meeting for clarity on the corporate risk CR69.  Mr Clark spoke through the Children’s First Improvement Plan which pulled together service improvement activity and service redesign elements.  The aim was to get the service to a good Ofsted rating.  The transformation agenda focussed on three pillars; creating the right bedrock for improvements, creating the right working environment, and improved service design.  Collaborative works with Hampshire County Council was helping with the progress through the necessary phases of work.  The Hertfordshire family safeguarding model was being used to assist with the service redesign.

16.3   The Committee made comments including those that follow.

•    Queried the current risk rating.  – Mr Clark reported that the risk rating was kept under review and that the likelihood score would remain high.  Mr Clark confirmed that he would like the risk to reduce, but confirmed that the current score was accurate.

•    Sought clarity on the use of the Hertfordshire family safeguarding model.  – Mr Clark explained that the model had not been directly copied and that the County Council’s approach reflected the different local issues.  Other local authority risks would be considered.  The corporate risks would remain on the register, but it was confirmed that there would be lower level risks monitored in specific departments.

•    Questioned how risks were identified.  – Ms Eberhart explained that the approach to risk was consistent with other local authorities in that every officer was responsible for the identification of risks.  The risk register was built from the bottom up, with the top down view catering for the County Councillors.  The Executive Leadership Team (ELT) worked to mitigate risks, and it was the role of the Committee to consider if the processes in place were appropriate.

•    Queried if EY considered the risk register and compared with other local authorities.  – Mrs Thompson explained that explicit comparisons were not made with other authorities due to the each one having unique risks and approaches.  EY considered the risks that related to value for money.  Mr Pake, Corporate Risk and Business Planning Manager, added that every quarter he liaised with local authority risk officers to consider different risk registers and approaches.

•    Asked if Cabinet Members or Scrutiny Committee Chairman should be responsible for risks on the register.  – Ms Eberhart explained that the constitution placed the responsibility of risks with officers.  Cabinet Members and Committee Members held roles related to holding the senior leadership to account, scrutiny and the lobbying of Government.  The Committee discussed the matter and felt that the risk register was clear by directorate, and that elected members were different from the corporate body.  Cabinet Members were responsible for holding officers to account for risk.  Ms Eberhart agreed to discuss the matter with colleagues and report back to the Committee.

16.4   Mr Pake introduced the report and explained that the period since the last Committee meeting had been busy with two new risks added to the register, CR70 and CR71.  Working from home had led to opportunities regarding engagement exercises and a change in format of online courses.

16.5   The Committee made comments including those that follow.

•    Queried the timing of the reduction of CR68.  – Ms Eberhart confirmed that the register was reviewed regularly for accuracy.

•    Sought clarity on the lessons earned for CR68 concerning COVID-19.  – Ms Eberhart reported that Internal Audit had been asked to look into the processes to ensure lessons were learned.  The findings would be reported in a future Internal Audit report.

•    Questioned the progress on CR11.  – Ms Eberhart confirmed that the next stage had been agreed and that the following risk report would include an update on progress.

•    Asked when the role specific training for CR39a would be delivered and queried the timescales for the reviews of ISO27001 and ISO9001.  – Ms Eberhart resolved to investigate and provide a response to the Committee.

•    Queried the schedule of review of the risk register.  – Ms Eberhart explained that ELT reviewed the risk register monthly alongside the Total Performance Monitor.  ELT also discussed risks weekly to consider any areas of relevance.

•    Asked if CR71 extended to include the welfare of subcontractors.  – Ms Eberhart resolved to take this issue away and report back to the Committee.

•    Queried if the risk impacts were listed in order, specifically relating to CR68.  – Ms Eberhart confirmed that the impacts were not in a particular order.

•    Asked if the upsides to COVID-19, such as commuting benefits, should be recorded.  – Ms Eberhart explained that the benefits were recognised, but not within the risk register.

•    Asked if risk CR39a only considered attack elements of cyber security.  – Ms Eberhart confirmed that a wider view was taken to consider multiple aspects of cyber security.

•    Queried if Cabinet Members had asked officers to review which officer roles were more effective for home working arrangements.  – Mr Hunt confirmed that the New Ways of Working programme considered home working and what accommodation was required.  It was recognised that there were difficulties with working from home, such as colleague interactions.  The mental health of staff was considered, noting that different setups were required for different roles.

•    Asked if the risk rating for CR61 should be reduced following the improvement plan refresh.  – Mr Pake confirmed that he would be discussing the rating with the risk owner.

16.6   Resolved – That the Committee notes the report.