Issue - meetings
Strategic Risk Register
Meeting: 10/06/2019 - Audit and Risk Committee (Item 8)
8 Strategic Risk Register and Strategic Assurance Map 
PDF 256 KB
[To provide an update on the key risks the Council faces and how it can gain assurance that these risks are being mitigated]
Additional documents:
- Appendix 1 Strategic Risk Register, item 8
PDF 818 KB
- Appendix 2 Assurance Map, item 8
PDF 455 KB
- Appendix 3 Selected Risk for Review, item 8
PDF 315 KB
Minutes:
Hayley Reid, Senior Auditor took the Committee through changes to the Council’s strategic risk register since it was considered at the last meeting on March 2019.
Gail Ryder, Head of ICT was also in attendance. She gave an overview of action the Council was taking and proposed to take to mitigate and manage strategic risk 23 – cyber security. Members of the Committee welcomed the information and assurance provided on how the Council was managing its cyber security, and particularly that the council’s processes were being externally tested to ensure that the Council was as fully protected as it could be.
In response to questions from the Committee the Senior Auditor reported that risks for the Westside development were included in risk 9 - City Centre Regeneration. If it was felt that a separate risk was required for the Westside development it would be considered. Any risks on that development project would be reported through the Council’s project management system, Verto and through the Project Assurance Group. Regarding risk 28 - Health and Safety, it was rated amber because of the strength of controls the Council had in place. The Senior Auditor undertook to report direct to Councillor Philip Bateman MBE in response to his question on whether there were any reported incidents of health and safety issues from the spraying of friendly weed killers within the city.
Resolved:
1. That the latest summary of the Council’s strategic risk register as at Appendix 1 be noted.
2. That The inclusion of risk 36 – Parent Company Assurance of Tenant Management Organisations (TMOs) be noted.
3. That the reduction in the scores for the following risks be noted:
· Risk 8 – Business Continuity Management
· Risk 25 – Payment card industry data security standard
· Risk 35 – Brexit.
4. The change in target score for risk 24 - Maximising Benefits from West Midlands Combined Authority to reflect the change in the seven Council’s and other Local Authority leaderships and allow time to develop new relationships be noted.
5. That the amendment to the narrative of risk 32 – Waste Management Services to refer to the on-going management of the service following the changes to service delivery be noted.
6. That it be noted that as the target score had been achieved, risk 33 – Governance of Major Capital Projects and Programmes had been archived and replaced by risk 37 which refers to the on-going governance and management of capital projects and programmes.
7. That it be noted that as the target score for risk 34 – Wolverhampton Interchange Programme (Train Station) had been achieved, this risk had been archived.
8. That the main sources of assurance available to the Council against its strategic risks at Appendix 2 to the report be noted.