HERTFORDSHIRE COUNTY COUNCIL
AUDIT COMMITTEE
THURSDAY 30 SEPTEMBER 2010 AT 10.00AM
RISK MANAGEMENT UPDATE
Report of the Head of Risk Management
Author: Paul Dudley (Tel: 01992 555532)
1.0 / Introduction1.1 / This report provides an update of the work of the Risk Management team since June 2010.
1.2 / The following updates are included:
· Quarterly review of the Corporate Risk Register
· ‘Council for the Future’ programme risk management arrangements
· Upgrade of the Council’s Risk Management Information System
· Communicating the risk management message
· Alarm/CIPFA Risk Management Benchmarking Club
2.0 / Quarterly review of the Corporate Risk Register
2.1 / The latest iteration of the corporate risk register now includes seven risks relating to the ‘Council for the Future’ programme (see also 3.0 below). These risks relate to:
· Changes to the employment package
· Commissioning and procurement
· Achievement of efficiency and effectiveness savings and change management
· Continuity of service delivery
· Retention of skilled and experienced staff
· Engagement and communication with key stakeholders
There is also a new risk which relates to climate change.
The corporate risk register was reviewed by the Strategic Management Board (SMB) in July, and this edition is published on Compass (search under ‘corporate risk register’).
2.2 / Attached as Appendix 1 is the Corporate Risk Register dashboard report showing that there are now 42 risks (21 Red, 19 Amber and 2 yellow) regarded as ‘corporate’ on the register. This report also shows the quarterly movement of risks which have either increased / decreased or stayed the same in risk rating. It is an indication that risks are being regularly reviewed and updated.
3.0 / ‘Council for the Future’ programme risk management arrangements
3.1 / SMB approved the risk management strategy for managing risks within the programme at the end of July 2010. The strategy includes information about a three stage risk assessment and escalation procedure which aims to ensure that risks are managed at the appropriate level, and where necessary escalated from project to work stream and on the programme risk register.
3.2 / The risks on the programme register are also now reported on the corporate risk register and are part of the review of quarterly performance monitored by SMB. The overall message from the programme team is that the risk process is working well, with risks being identified and managed according to the strategy.
4.0 / Upgrade of the Council’s Risk Management Information System (RMIS)
4.1 / The Council uses a risk management information system to record and report risks at corporate level and for many projects. The upgrade to a new version of the web-based RMIS, as well as moving to a new hosting company, was successfully completed during August. The upgrade provides a number of benefits to users, including the ability to update actions more efficiently. There are also reports that the speed of access is also much improved.
5.0 / Communicating the risk management message
5.1 / Over the last 18 months there has been a series of 9 of risk management awareness sessions for senior managers which have recently concluded. These sessions have included information about: the importance of managing risk at all levels of the business; a practical exercise in risk assessment; and details of the county council’s risk management approach. A total of 160 senior managers attended and the feedback has been very positive.
5.2 / A two day course has recently been run (August) for risk co-coordinators (those officers who support departmental Risk Champions in their role) and a number of officers who support risk management within major projects.
5.3 / A risk management ILearn course has been published (August) which is aimed at providing some basic information for new and existing staff about the importance of risk management and also details of the council’s risk management approach. Staff and Members are able to access the system via the council’s intranet, Compass.
5.4 / A new interactive risk management guide is currently being produced and will be published on Compass early next month.
6.0 / Alarm/Cipfa Risk Management Benchmarking Club
6.1 / At the meeting in June, Members were advised that Alarm (The National Public Sector Risk Management Association) and Cipfa had collaborated to develop and run a risk management benchmarking club. The club was launched in March 2010 and now has over 100 members, including the County Council. A draft report was published in June and the initial results were reported to the Committee, indicating that County Council had performed well – average or above average - on a range of indicators:
• Leadership and management
• Strategy and policy
• People
• Partnership, shared risks and resources
• Processes and tools
• Risk handling and assurance
• Outcomes and delivery
6.2 / Cipfa has now published (August) two reports which show the County Council’s performance across all members as well as a ‘county’ group. This group includes Cumbria, Essex, Hampshire, Surrey, West Sussex and Worcestershire county councils, although under the terms of the benchmarking rules it is not possible to specifically identify their data in comparison charts. An analysis of the results shows that in comparison with the ‘county’ group there are 4 areas where the County Council is average or slightly above average in performance, whilst in two other areas (Policy and Strategy and Risk Handling and Assurance) performance is slightly below average. However, taken as a whole, the County Council still performed well against the range of indicators within the Alarm National Performance Model.
6.3 / The information produced by the benchmarking club has been designed as a performance improvement tool. A further analysis of the report will be conducted with Iain MacBeath, Lead Risk Champion, and suggestions for improvements will be taken to the next meeting Risk Champions Group.
7.0 / Suggested Resolution:
7.1 / That the Risk Management update report be noted.
Background Information:
Alarm/Cipfa Risk Management Benchmarking Club 2010 – County Council report
Risk Management Strategy for Council for the Future Programme
100930 Audit Committee
Item 6 – Risk Management Update
4