Agenda Item: 13 NOT PROTECTIVELY MARKED Report to: AUDIT AND RISK ASSURANCE COMMITTEE Report Number: C/ARAC/08-15 Date: 4 MARCH 2015 Report By: DIRECTOR OF FINANCE & CONTRACTUAL SERVICES Subject: REVIEW OF CORPORATE RISK REGISTER 1. PURPOSE 1.1 The purpose of this report is to provide the Audit & Risk Assurance Committee with an update on the Corporate Risk Register. 2. RECOMMENDATIONS 2.1 The Committee is asked to note the contents of this report. 3. BACKGROUND 3.1 The Audit and Risk Assurance Committee is responsible for advising the Board and Accountable Officer on the arrangements for risk management and has oversight of the Service’s Corporate Risk Register. 3.2 The Strategic Leadership Team have responsibility for the identification and management of strategic risk and will ensure that the risk register presents a fair and reasonable reflection of the most significant risks impacting upon the organisation. The SLT will champion the importance of risk management in supporting the achievement of the Service’s strategic aims and objectives. 3.3 A report was presented to the Audit and Risk Assurance Committee on 9th December 2014 asking the Committee to note the updates/changes made to the Corporate Risk Register (CRR). 3.4 The CRR, which is integral to the risk management framework, is intended to provide a profile and record of the significant risks facing the SFRS. The CRR is now supported through the development of Directorate and Project Risk Registers, identifying the significant risks impacting upon each Directorate of the service. 04/03/2015-ARAC/Report/ReviewOf CorporateRiskRegister Page 1 of 5 Version: 1.0 25/02/2015 NOT PROTECTIVELY MARKED 4. REVIEW OF 2014/15 CORPORATE RISK REGISTER 4.1 The September Committee Report detailed that the 2014/15 CRR would remain live for 18 months, until 1st April 2016, and would be subject to quarterly reports to the Audit & Risk Assurance Committee. Similar reporting would also be put in place for Directorate Risk Registers. 4.2 The 2014/15 CRR currently identifies 15 Strategic Risks and Appendix 1 to this report provides a copy of the Corporate Risk Register. 4.3 Each risk was assigned to a member of the SLT and these responsible officers have each provided an update. The update has considered the current description and assessment of the risk and reviewed the actions in place and those still to be completed. 4.4 The risks have each been assessed based upon the controls currently in place at the date of review. The service recognises that it cannot entirely eliminate risk from service provision and that a residual level of risk will always remain. The purpose of assessing the risk, based upon the current controls in place, is to ensure that we understand the current potential likelihood and impact of the risk today and how this can be managed going forward. 4.5 Following a review by each risk owner there have been no change to the risk ratings following the last report. Whilst the risk ratings have not altered a number of the Additional Management Actions have been completed and the register has been updated to reflect this. Information on some of these actions has been outlined below: 4.6 Corporate Risk 2 – there is a risk for SFRS where it fails to standardise and align resources, taking account of national and local factors. Action 1 in relation to a Specialist Resources report to the Board is complete with the report forwarded to the meeting on 29 January 2015. The reports aim was to improve equity of access to fire and rescue resources and to deliver required efficiencies across Scotland. The recommendations forwarded from the report will ensure a more balanced disposition of specialist resources across Scotland, based on risk and activity. The approved recommendations will see some resources increased where gaps have been identified and decreased where clear overlaps or unnecessary overprovision exists. 4.7 Corporate Risk 6 – there is a risk to SFRS where it fails to meet performance targets set within both the Strategic and the Annual Operating Plan. A Senior Management Group comprising Heads of Functions, DACO’s and others has been established to ensure that agreed corporate strategy is implemented 04/03/2015-ARAC/Report/ReviewOf CorporateRiskRegister Page 2 of 5 Version: 1.0 25/02/2015 NOT PROTECTIVELY MARKED across the organisation. This forum will also be used to measure performance across sectors/LSO areas and to identify and learn from best practise. In addition to this forum a Performance Improvement Group will meet monthly to consider progress against actions detailed in the Annual Operating Plan and to consider progress against actions identified thorough recommendations contained within HMFSI reports and any recommendations from Audit Scotland or other Auditors. Progress against actions plans will be reported to the Audit & Risk Assurance Committee and wider performance matters scrutinised through a new Performance Sub-Committee. 4.8 Corporate Risk 8 – There is a risk to SFRS where it fails to attract and retain staff with the appropriate skills. The risk has 4 separate approved managed actions. Three of these actions remain on target to achieve completion dates with the 4th action (Develop and implement a plan to embed the SFRS working Together Framework) revised from April 2015 to December 2015. An action plan has been develop to further embed the Working Together Framework and work with trade unions is continuing to progress this action. The revised date reflects delays experienced due to changes within the trade union structure. Action in relation to the implementation of a working structure is continuing with a workforce plan and action plan produced and supported by a Workforce Planning Forum. In relation to the development of a succession planning model the introduction of DACO’s, in support of Gold Command, will support succession planning at a strategic level. Separate work is being undertaken to develop a projected retirement database which will be able to look ahead to anticipated retirements to forecast and address potential skills gaps. A change management team continues to support Directorates in relation to the implementation of organisational change management plans and regular communications are published to ensure effective engagement with staff. 4.9 Corporate Risk 11 – There is a risk to SFRS where communication and engagement with partners, both National and Local, fails to deliver on identified priorities. The appointment of new DACO’s in the 3 SDA’s will support better engagement with the 32 Local Authorities. A number of new LSO’s will also be appointed in February and March and will enhance the engagement programme. SFRS are revising the Service Delivery Engagement Loop to ensure it can maximise the value of our engagement and the contribution of Board Members. This will be further discussed at the Local & Stakeholder Engagement Committee in March 2015. 04/03/2015-ARAC/Report/ReviewOf CorporateRiskRegister Page 3 of 5 Version: 1.0 25/02/2015 NOT PROTECTIVELY MARKED A new Business Engagement Forum Framework 2015-2018, a Business Plan and Action Plan 2015-2016 have been developed and agreed by the group. documents will go live as of 1 st These April 2015 and assist in strengthening the links between SFRS and Scotland’s Business Community. 4.10 Corporate Risk 12 – There is a risk to SFRS where the Transformation Programme fails to achieve its stated objectives. Action 15 (develop and implement a SFRS ICT Technical Security Strategy) and Action 24 (Develop and implement ICT Software Licence Management policies and procedures) have both been removed from the register and incorporated within Action 16 – Deliver all ICT projects, including capital and transitional projects within the agreed programme. Changes to actions and project delivery times are managed through the programme office and Service Transformation Programme Board. This will ensure that the impact from any delay or change is mitigated and does not compromise the delivery of the overall programme. Where a delay is significant this is highlighted to the Transformation Committee so that effective scrutiny of the programme can take place. Particular attention is given to those projects that have been assessed through the scrutiny value as a key project. 5. PROPOSSED NEW CORPORATE RISK 5.1 Discussions with Board Members and Senior Officers have identified that the Firelink Replacement Project is an area which should be considered further within the Corporate Risk Register. 5.2 A draft risk profile is included within the attached risk register as Corporate Risk 16 for further discussion. 6. MONITORING AND REVIEW 6.1 The 2014/15 CRR will be monitored over a period of 18 months with a new CRR prepared for 1st April 2016, and annually thereafter. 6.2 Over this 18 month period, from September 2014, the CRR will be reported quarterly to the SLT and the Audit & Risk Assurance Committee. Directorate Risk Register will be submitted quarterly to the SLT for review. 7. EMPLOYEE IMPLICATIONS 7.1 There are no employee implications directly associated with this report 04/03/2015-ARAC/Report/ReviewOf CorporateRiskRegister Page 4 of 5 Version: 1.0 25/02/2015 NOT PROTECTIVELY MARKED 8. FINANCIAL IMPLICATIONS 8.1 There are no financial implications directly associated with this report. 9. LEGAL IMPLICATIONS 9.1 There are no legal implications directly associated with this report. SARAH O’DONNELL DIRECTOR OF FINANCE & CONTRACTUAL SERVICES 4 March 2015 04/03/2015-ARAC/Report/ReviewOf CorporateRiskRegister Page 5 of 5 Version: 1.0 25/02/2015
© Copyright 2024