Contact: Michelle Smith, ext 01962 846666 [email protected]

1 Introduction

1.1 The purpose of this report is to provide members with an update on risk management arrangements in the County Council. It will cover the approach to the management of risks at a strategic level and will explain some of the developments that have been taking place corporately to promote an effective risk management culture.

1.2 This report will also highlight a number of developments taking place nationally which could impact on the way risks are managed in the public sector.

2 Risk Management - the challenge

2.1 When considering the management of risk it is important that a proportionate view is taken. The following extract from the Corporate Risk Management Strategy summarises the approach being adopted:

" The challenge is to achieve the right balance between taking risks to be innovative and improve performance, and managing risks to protect services'

In summary it is about being risk aware not risk averse.

2.2 A robust framework for the identification and assessment of risks has been developed which is used across the County Council. The focus is identifying those risks which could seriously impact on the County Council's ability to deliver its corporate aims. The methodology used assesses risks, the effectiveness of controls used to manage them and identifies a risk owner for each risk. This information is all captured in the corporate register of risks and enables the production of a corporate risk map.

2.3 The annual review of risk assessments is currently taking place. The outcomes from this will be considered by departmental management teams and the Risk Management Board.

3 New Developments

3.1 In the last 12 months there have been a number of developments aimed at embedding risk management processes into the core of the organisation. These have included both organisational and system changes.

3.2 Following a review of the management arrangements it was decided to integrate health and safety and risk management at a corporate level - this has been done to ensure that health and safety is dealt with within the risk management framework to focus the use of resources. A new corporate risk manager has been recruited with the key accountability of developing a corporate performance improvement plan for H&S and risk. Line management responsibility for the Health and Safety advisers based in departments has been transferred to the relevant departments to clarify lines of accountability.

3.3 The structure and terms of reference of the corporate groups associated with the above have been revised to lead the development and implementation of a corporate plan to drive improvement in risk and heath and safety performance taking into account statutory requirements, the County Council's risk profile and best practice.

3.4 A new risk management system, MK Insight, has been procured and implemented. This exercise has been carried out jointly with Audit who required an audit management system. The system provides for comprehensive coverage of risk information in the risk register. It will also enable automatic alerts for risk owners and comprehensive risk tracking.

3.5 Other Corporate development include the need to link risk with performance management - corporately there is work taking place on a `key themes portal' to provide guidance an a range of topics such as risk management and health and safety to provide guidance to managers on the types of questions they should be considering in different circumstances e.g. writing a service plan, recruiting staff etc. It will also point to further guidance that is available.

3.6 Work has also begun to identify the existing level of knowledge across the organisation in relation to risk and health and safety. An online questionnaire was sent to senior/ DMT level managers, the results of this are being analysed and will be used to develop the future training framework for these areas.

4 Focus for the future

4.1 There are a number of developments that are happening at a national level which are of interest. The House of Lords Economic Affairs Committee has launched an enquiry into the policies principles and practicalities behind government risk management. Some of the questions it is asking are:

· Can appropriate monetary values be estimated and attached to risk related factors?

· Is it possible to identify fundamental principles that should be applied across the public sector?

· How should policy deal with cases where public perceptions of risks diverge significantly from expert assessments?

· How to deal with unknown or poorly understood risks?

· How to balance Health and Safety interests of current population v future generations?

The Committee has been taking oral and written evidence since last October and is due to publish its findings and recommendations later this year.

4.2 There are a number of new and proposed pieces of legislation that are relevant to risk management. In March 2005 the Government introduced a draft Corporate Manslaughter Bill with a short consultation period and in November indicated an intention to implement by the end of the 2005-06 parliamentary session.

4.3 The Compensation Act which received Royal Assent in July 2006 is aimed at providing a statutory framework for the regulation of claims management services. One aim of the Compensation Act is to stamp out the perception of a compensation culture and to help ensure that invalid claims are discouraged and resisted. The impact that these will have in practice will has yet to be seen.

4.4 The Civil Contingencies Act has also increased the emphasis on the need for risk and business continuity management. Requirements of the Act include the need to:

· Assess the risk of emergencies occurring and use this to inform contingency planning;

· Put in place emergency plans and business continuity management

· Make information available to the public about civil protection matters and maintain arrangements to warn, inform and advise the public in the event of an emergency;

· Share information and co-operate with other local responders to enhance co-ordination and efficiency;

· Provide advice and assistance to businesses and voluntary organisations about business continuity management

The Civil Contingencies Act also requires Category 1 responders to maintain plans to ensure that they can continue to exercise their functions in the event of an emergency so far as is reasonably practicable.

4.5 As the environment in which the County Council operates changes it is important to continue to refine the approach to risk management. The following were identified as potential areas for Policy and Resources Scrutiny and will also be of interest to this Committee:

· Ensuring risk management is embedded in policy making and planning processes

· How risk tolerance levels are defined

· Dealing with risks related to partnership working

· Seeking assurance in relation to controls used to manage risks

4.6 A further area which needs to be considered is how to make risk management more positive. There is a need to promote risk taking to ensure that opportunities are taken advantage of when they arise.

5 Recommendations

5.1 That the Governance Committee reviews the progress made on risk management and considers nominating a lead member for risk management.

Section 100 D - Local Government Act 1972 - background papers

The following documents disclose facts or matters on which this report, or an important part of it, is based and has been relied upon to a material extent in the preparation of this report.

NB the list excludes published works and documents which disclosure exempt or confidential information as defined in the Act:

None