Agenda item

This report provides an update on risk management within the Authority, and presents the Corporate Risk Register for consideration.

David Hughes (Director of Audit, Fraud, Risk and Insurance) presented the report that provided members with an update on risk management within the Council, including the key corporate risks and how management are addressing them.

The Chair noted that the risk level against the coroner’s office had been substantially reduced and asked for an update on the situation. Mike Sloniowski (Risk Manager) noted that there had been an independent review of the service and an action plan was in place that could be reported to the next meeting. Kim Dero added that the six boroughs served by the coroner had agreed a joint action plan and investment to improve the service.

The Chair asked what the outcome of the case against the Senior Coroner had been. Kim Dero said the coroner had been issued a reprimand by the Lord Chief Justice and Lord Chancellor for bullying a member of Coronial staff and that his behaviour amounted to serious misconduct. The Senior Coroner had since undertaken a schedule of training and was assigned a mentor to support him and the Chief Coroner said he was fit to return to work. The Council had judicially reviewed the lack of reasons for the decision and subsequently the process leading to the decision, the proceedings are ongoing.

Councillor Alex Karmel asked how robust the Council’s defences against cyber attacks were. David Hughes said the Council was required to do an annual review of IT security, including firewall penetration testing, to be able to access the Government’s Public Service Network. This year’s test was scheduled for next week. Officers added that the Council’s network was attacked every day and it was very closely monitored.

Councillor Jonathan Caleb-Landy, noting the Brexit risk, asked if that was to be taken as a general risk or if it led to a multitude of more specific risks. Hitesh Jolapara replied that this was a wide-ranging risk due to the potential consequences of a number of outcomes. A ‘no deal’ scenario was of particular concern given the likely impacts on citizenship, the financial markets, and the labour markets (particularly affecting staffing for the NHS and social care sector). Mike Sloniowski noted that the Government had published 90 risk scenarios but they were very high level, lacking the detail required for detailed risk modelling. A key area of risk for the Council was the impact on the procurement market - that affected services across the Council and there was very little information on it from the Government or other public bodies.

Kim Dero said that of particular concern to her was the workforce - the Council employed a number of EU citizens and there needed to be assurances about their status. Councillor Rebecca Harvey asked how many staff had permanent right to residence. Officers said they would check and provide that information to the Committee after the meeting.

ACTION: Mark Grimley

The Chair added that this also applied to the Council’s contractors. He also noted, by way of an example, that in Fulham Reach Ward EU citizens made up around 20 percent of the population. He asked for a report on the risks of Brexit, focussing on the Council’s staffing, partners, and local businesses.

ACTION: David Hughes, Mike Sloniowski, Peter Smith

The Chair asked for an update on BT Managed Services. Hitesh Jolapara informed the Committee that the Council was moving to a new system developed and managed by Hampshire County Council. Officers had recently completed user acceptance testing and the system was due to go-live on 1 December. There was still some further work to do on payroll, with one more test run to be completed - then it would move to parallel running ahead of the go-live date.