To receive an update from officers on progress made since the last meeting of the Committee.
Minutes:
The Chairman reminded the Committee that they had considered the Risk Management Policy and Corporate Risk Register at the meeting in November 2016, and had agreed to revisit this matter at the March meeting following an informal risk workshop with Zurich Municipal in January 2017.
The Committee had met with Zurich to understand the methodology for producing the corporate risk register, and had heard from the Strategic Director of Finance & Resources and the Risk & Insurance Officer about how the register was updated.
Cllr Hyman advised that from a residents’ perspective there was a perception that risks were not assessed at a practical level. However, as a member of the Audit Committee he could now see that there was no substantive problem, but he did have concerns about policy gaps in key areas leading to risk exposure for the Council.
The Committee discussed the specific role of the Audit Committee in reviewing the risk register, and agreed that their purpose was to seek assurance that there were arrangements in place to identify and assess risks, and that these were working effectively. It was not the Audit Committee’s role to make a quantitative or qualitative assessment of risks, or to question the quality of decision-making; the Overview and Scrutiny Committees had the remit to do this.
The Committee discussed whether there was a strong risk management culture across all levels of staff. The Strategic Director of Finance & Resources advised that whilst the external auditors did not form a specific view on the risk culture in the organisation, the Strategic Review undertaken by Cratus had looked at the risk culture: they had concluded that the officer team was too risk averse, and too focussed on keeping Waverley safe.
Cllr Hesse referred to his work on the Overview & Scrutiny review of the Leisure Centre contract management: conversations with Places for People managers at Waverley’s leisure centres led him to understand that they had a strong understanding of their risk management system. In contrast, he had not got the same sense of understanding from Waverley officers working on the contract client management.
The Strategic Director of Finance & Resources and the Internal Audit Client Manager advised that they felt that colleagues did have good risk awareness, although they might not articulate that understanding in risk management terms.
The Chairman agreed that there was not one ‘right’ approach to risk management, and Waverley’s arrangements could still be adequate whilst being different to those that members were familiar with in a different context. His perception was that this was the case.
Cllr Band agreed that his experience as Finance Portfolio Holder was that risk had been discussed in project management meetings, and he was confident that this was still happening, although it might not be in the way that Cllr Hesse would expect it to be discussed.
The Committee concluded that Waverley had the essential elements of a risk management system, and that Members might have to accept that it looked different to other arrangements with which they were familiar. The Committee did feel that it might be helpful to work through the risk management process for a specific area of the Council’s work in a pre-meeting. The Committee also asked for a briefing on the LEAN systems work being undertaken in Benefits.