Issue - meetings

Risk Management - Corporate Risk Register Update

Meeting: 17/10/2024 - Audit and Governance Committee (Item 42)

42 Risk Management - Corporate Risk Register Update pdf icon PDF 258 KB

This report updates councillors on the position of the Council’s Corporate Risk Register. The main updates are as follows:

 

·       One new risk was added – CR26 Risks associated with the availability of Generative Artificial Intelligence (GenAI)

·       CR08 – We may fail to run a fair and open election/referendum – this risk was removed during the quarter and continues to be considered at Director level.

 

Material updates for this quarter are outlined in sections 10.

 

Additional documents:

Minutes:

The Risk and Insurance Manager presented a report, a copy of which had been circulated to each Member and a copy of which appears as Appendix 'C' to these Minutes in the Minute Book.

 

The report provided an update on the position of the Council’s Corporate Risk Register for Quarter 2, 2024/25. Material changes in risk during this period were outlined in paragraphs 10 to 13 of the report, with two main updates provided. One new risk had been added, listed as ‘CR26: Risks associated with the availability of Generative Artificial Intelligence (GenAI)’. ‘CR08: Risk of failing to run a fair and open election/referendum’ had been removed but would continue to be considered at Director level. As requested by the Committee, the report provided further information on measures to mitigate the risk around retention and recruitment within CR15. In addition, the Director of Marketing, Communications and Policy provided further information in relation to CR16 in her role as risk owner.

 

As a result of questions and comments on the report, the following actions were noted for future response:

 

  • The Risk and Insurance Manager agreed to liaise with the Monitoring Officer to provide a response on how risks associated with the disclosure of confidential/exempt information by councillors should be managed. It was suggested that this could be expanded to include risks associated with staff confidentiality settlement agreements and industrial tribunals.
  • CR26 - It was agreed to provide an update in the next report on the progression of the Gen AI Strategy. The Monitoring Officer confirmed that councillors training on Gen AI would be picked up when the Standards Committee reviewed the councillors training programme.

·       CR23 – As a reflection of the worsening position of the DSG, more detailed narrative was requested in the next report. In response to questions on how much the Council could control the market, it was agreed that the Risk and Insurance Manager liaise with the Director of Children to ensure the risk reflects what can/cannot be done and whether feasible to include this in any further Government lobbying.

·       The Head of Audit and Management Assurance agreed to seek views of the Chair and Vice Chair on whether the current requirement to note the Risk Management Policy on an annual basis should be changed. The Risk and Insurance Manager agreed to confirm the timescales involved for the new policy, framework and strategy.

·       CR18 – The Risk and Insurance Manager agreed to feedback to the risk owner the negative experiences in using customer interfaces which councillors and their residents continued to experience, as described by committee members. It was agreed to arrange a meeting between the Director of IT and Programmes and a sample group of councillors so that they could demonstrate the frustrations experienced, particularly in using the Council’s website.

 

In response to a point raised about risks associated with asset sales, it was noted that the forthcoming ‘deep dive’ presentation to the committee on governance surrounding the disposal of Council land and property would provide  ...  view the full minutes text for item 42