Issue - meetings


Meeting: 11/03/2021 - Audit and Assurance Committee (Item 121)

121 2020/21 QUARTER 3 CORPORATE RISK REPORT pdf icon PDF 555 KB

To consider a report from the Director of Finance (s151 Officer).


Additional documents:


Members considered a report from the Director of Finance (s151 Officer) which provided the Committee with a progress update on the Corporate Risk Register for the third quarter to 31 December 2020.


The Director of Finance (s151 Officer) introduced the report before welcoming the Senior Risk Officer to provide a detailed overview. This began by informing members that there had been no further risks added to the register during Quarter 3 and no risks removed from the register and there were no proposed changes to the risk scores for Quarter 3. Throughout Quarter 3 there remained the emerging risk of climate change and its potential impact on Council services. The Senior Risk Officer stated that though there had been no changes to the risk scores in Quarter 3, risk management activity had intensified, and this was reflected in the volume of risk mitigation work which had been undertaken.


During the third quarter of 2020/21, the Council along with other Local Authorities faced a particularly challenging period with significant rises in COVID-19 cases leading to the second national lockdown and introduction of the tiering system across the UK. As discussed in the Committee meeting in January 2021, in Quarter 3 the Council anticipated additional pressures and impacts from severe weather, seasonal flu, the end of the EU Exit period and the increasing pressure on Health & Social Care systems. In anticipation of this combination of events, the Council had been proactive in analysing and developing a suite of response arrangements including; Adult Social Care Winter Plans, EU Exit risk assessments, business continuity and emergency response plans in order to deal with the potential complexity of the concurrent impacts from these events.   


Members were reminded that Quarter 3 saw the new UK-EU Trade and Cooperation Agreement come into effect at 11pm on 31 December 2020 and were informed that the EU Exit Officer Working Group would continue to meet quarterly to monitor relevant risk assessments, provide oversight of any further key milestones to ensure compliance with the new UK-EU Trade and Cooperation Agreement and to provide a wider horizon scan of the impact of new EU Policy changes as well as the medium to long term impact on the Economy and Communities across Cumbria. Members were assured that there had been no immediate impacts experienced by the Council in relation to exiting the EU however, the wider impact on certain sectors of the Cumbrian Economy such as the Haulage Sector were being closely monitored.


The Executive Director – Corporate, Customer and Community Services Members provided assurance regarding a question of risk in relation to cyber security. The Senior Manager - ICT Delivery addressed a specific question regarding the exploitation of vulnerabilities found in the Microsoft Exchange Server mail and calendar software for corporate and government data centres. He explained that on 4 March 2021 the Council were informed of the vulnerability by the Microsoft account manager and the National Cybersecurity Centre, the servers were successfully patched within hours and a subsequent check on  ...  view the full minutes text for item 121