Issue - meetings

Report by the Chief Operating Officer

8.1       The Chief Executive introduced the report.  The Committee noted that Cyber Attack had been added to the register, and been rated Red owing to the potential scale of the impact of the risk.  

8.2       The Committee discussed a number issues including:

·        The timing of adding Cyber Attack to the register;

·        General emergency responses to disasters, in the light of Grenfell Tower; and 

·        School funding, and in particular the effectiveness of lobbying on behalf of small rural schools. 

Cyber Attack

8.3       The Chief Executive set out that while Cyber Attack has always been under consideration, recent targeting of government organisations such as the NHS, and the scale of those attacks, had led to its elevation to a strategic risk. 

8.4       The Chief Operating Officer reassured the Committee of the Council’s efforts to mitigate the risk, including maintaining up to date software, an investment in off-site back up and data retrieval, and the development of a corporate data centre resilience review.  Partly this has been driven by closer integration with Health colleagues, though East Sussex Better Together and Connecting 4 You, and the need for each partner to have confidence in the IT systems of the other.

8.5       The Committee expressed the view that staff training, especially in identifying, and the correct responses to, ransomware and other malware was a key component of the mitigation of the risk of cyber attack.

Emergency Planning

8.6       The Chief Executive confirmed that the Strategic Risk Register under discussion was the register of those risks that, due to their nature, the severity of the potential harm or the nature of the control measures, Chief Officers consider to be strategic.  They sit on top of departmental risk registers, and as such not all of the activities undertaken by the County Council that could be considered risky, appear on the Strategic Risk Register. 

8.7       The Chief Executive used the example of the Emergency Planning team which is well-rehearsed and practised to responding to disasters.  She also highlighted the multi-agency work that the Council engages in, including the pan-Sussex Resilience Forum.  

8.8       The Committee RESOLVED to (1) note the current strategic risks and the risk controls/responses being proposed and implemented by Chief Officers;

(2) note that officers would review Risk 7 (Schools) in the light of the funding situation, and the effect on the Council’s models and future funding; and

(3) request further consideration of the new Cyber Attack risk by the Audit, Best Value and Community Services Scrutiny Committee.  

Report by the Chief Operating Officer

57.1     The Chief Operating Office introduced the report. The Committee noted that the Apprenticeship Levy has been added to the strategic risk register and the other current strategic risks, controls and responses. The Committee underlined its concern about the potential cumulative financial impact and risk to rural primary schools, arising from the proposed changes to the schools funding formula and the introduction of the Apprenticeship Levy.

57.2     The Committee RESOLVED to note the current strategic risks, and the risk controls or responses being proposed and implemented by Chief Officers.

Report by Chief Operating Officer

24.1     The Committee considered a report by the Chief Operating Officer which provided an update on the current strategic risks faced by the Council, their status and the risk controls or responses.

24.2     The Committee RESOLVED to note the current strategic risks and the risk controls or responses being proposed and implemented by Chief Officers.

Report by the Chief Operating Officer

11.1     The Committee considered a report by the Chief Operating Officer.  It was confirmed that the September report would reflect national changes in the political landscape, and that implications of the Referendum result would be addressed through the Reconciling Policy Performance and Resources process. 

11.2     RESOLVED to note the report. 

Report by the Chief Operating Officer

50.1     The Committee considered a report by the Chief Operating Officer which provided an update on the current strategic risks faced by the Council, their status and risk controls and responses.

50.2     The Risk Framework, which sets out the escalation process from departmental to strategic risk, along with the work of the Risk Manager in assisting departments to review their risks on a quarterly basis, was highlighted to Members.   

50.3     The Committee discussed the following risks:

7. Schools – the relative performance of local authority schools and academies was highlighted by Councillor Whetstone.  Councillor Barnes volunteered to draft a revised description of the Strategic Risk for consideration by the Director of Children’s Services, addressing the lack of powers of intervention and the effect on the skills base of the county, and the resultant economic effects.  The value of Local Authority nominated School Governors in mitigating risk was recognised by the Committee, and the Head of Assurance agreed to feed comments to the Schools Risk Group.

4. Health and 10. Welfare Reform – and in particular a potential £10m shortfall in the Community Care budget was raised by Councillor Webb as not having been identified as a specific risk.  It was set out that budget pressures were reported on as part of the Quarterly Monitoring reports to Cabinet, as is the Strategic Risk Register.  

1. Roads – and in particular drainage and the establishment of passing places on rural roads, to minimise vehicles mounting the verge and affecting ditches.  The Scrutiny Review of Highway Drainage by the Economy, Transport and Environment Scrutiny Committee was highlighted.  

50.4     The Committee RESOLVED to (1) note the current strategic risks and the risk controls/responses being proposed and implemented by Chief Officers; and

(2) support efforts to recruit and retain candidates to be nominated as Local Authority School Governors.    

Report by the Chief Operating Officer

37.1     The Committee considered a report by the Chief Operating Officer which provided an update on current strategic risks faced by the Council, their status and risk controls and responses.

37.2     The Committee noted the revised wording of the strategic risks and the changes to their red, amber, green (RAG) rating after mitigation measures have been put in place.

37.3     The Committee discussed the emerging cost pressures facing small schools caused by projected salary and pensions increases, and highlighted that this may have implications for the financial viability of some small schools. The Chief Finance Officer commented that this was more an issue of financial viability, than one of financial management. The Finance Team does provide support to schools through a budgetary advice service to schools.

37.4     The Committee RESOLVED to note the current strategic risks and the risk controls/responses being proposed and implemented by Chief Officers.

Report by the Chief Operating Officer

26.1     The Committee considered a report by the Chief Operating Officer which provided an update to the Committee on current strategic risks faced by the Council, their status and risk controls and responses. 

26.2     The Committee discussed:

• Risk 7 – Schools, and in particular the deficiency of regulatory powers granted to the local authority, and whether the Council had contacted the Department for Education with concerns about Academy performance in the light of recent reported results;
• Risk 6 – Local Economic Growth, and the link between Risk 7 and the development of a skilled workforce

26.3     The Committee discussed whether the Broadband project should be considered a strategic risk, in terms of performance and value for money.  A report to the September meeting of the Economy, Transport and Environment Scrutiny Committee about Strategic Infrastructure, including Broadband, was highlighted to the Committee.  

26.4     The Committee discussed a review of the departmental risk registers, to gain an insight into those risks that were considered not to be strategic.  It was considered that individual Scrutiny Committees would be in a better position to assess those risks. 

26.5     RESOLVED to (1) note the current strategic risks and the risk controls/responses being proposed and implemented by Chief Officers;

(2) request a report on the Business Services departmental risk register; and

(3) recommend that the other Scrutiny Committees consider an annual report on the relevant departmental risk registers. 

Report by the Chief Operating Officer

11.1     The Committee considered a report by the Chief Operating Officer which presented an update on current strategic risks faced by the Council, their status and risk controls/responses.  It was set out that there had been no change to any scores, only to certain narratives.

11.2     The Committee discussed the following Strategic Risks:

·        4 – Health: whether the risk should be rated as Red.  It was explained that the score shown was the post mitigation score, which took into account the proposed risk controls.  An email explanation was requested.

·        7 – Schools: the nature of the risk was discussed, and alternatives to the use of the words “fragmentation” and “reputation” were suggested, including the risk of the lack of power to intervene in failing schools and consequential drop in children’s performance.  It was explained that the Department kept the risks under review and that the comments of the Committee would be shared with the Department, but ultimately the matter was one for the Department to resolve, taking into account the comments and advice of the Committee.

·        9 – Workforce: the Committee commented on the proposed trade union legislation and the effects of a high degree of change on staff welfare, and in particular stress.     

11.3     RESOLVED to note the current strategic risks and the control/response being proposed and implemented by Chief Officers.