Meeting to be held on 28 November 2024
(Appendix 1 - Corporate Risk Register & Appendix 2 - Risk Matrix refer)
Contact for further information – Esma Alicehajic, Senior Business Continuity and Emergency Planning Officer
Tel: 01772 866 6874
Executive SummaryIn March the Audit Committee supported the updated Lancashire Fire and Rescue Service (LFRS) risk management policy, procedure, and the associated organisational risk register; this aligns with ISO 31000:2018 standards and is in line with the National Fire Chiefs Council (NFCC) template and represents good practice in the sector. Effective risk management practices are integrated into quarterly Corporate Performance Board (CPB) meeting agendas, provides strategic oversight, ensures legislative compliance, optimises resource allocation, and facilitates risk reporting to the Combined Fire Authority.
The Audit Committee provides independent assurance to governance stakeholders regarding the adequacy of LFRS's risk management processes. This report provides the Committee with the latest Risk Register and its content and is an opportunity to consider the adequacy of LFRS’s risk management arrangements.
Recommendation(s)· The Audit Committee is requested to endorse LFRS’s risk management arrangements and note the up-to-date Corporate Risk Register and its content.
|
The Audit Committee is a cornerstone of the Authority’s governance framework, tasked with providing independent assurance to governance stakeholders regarding the adequacy of LFRS's risk management framework, annual governance processes, and internal control environment. Its primary function includes evaluating the effectiveness of the Authority’s risk management arrangements.
The Civil Contingencies Act (CCA 2004) sets out the legal framework for contingency arrangements to assess, plan and advise against LFRS organisational risks, be it departmental or corporate, however, there is no prescriptive way within the framework of doing this. Therefore, the Service has the freedom to manage risk using a method that ensures a clear governance structure that best meets the needs of the business.
This moral and statutory duty not only requires LFRS to take all reasonable actions to safeguard its employees, assets, and the public, but also to ensure that it is not financially or operationally disrupted. It can meet this duty by ensuring that risk management plays an integral part in the governance of the Service at a strategic, tactical and operational level.
The risk management policy and procedure at LFRS ensures compliance with legislative requirements andNFCC good practice. The policy and procedure are aligned with ISO 31000:2018, to ensure an accurate description and appropriate monitoring and management of LFRS risks. Additionally, a tiered approach to risk is in place, allowing for escalation or de-escalation as needed.
Effective risk management practices aligned with ISO 31000:2018 yield numerous benefits for LFRS, including proactive risk mitigation, enhanced decision-making, clear accountability, and improved financial control.
Risk management is integrated into quarterly CPB meetings, as a standing agenda item LFRS aims to provide strategic oversight of the risk management process. Overall, these measures enable LFRS to fulfil its legislative duties and optimise resource allocation while providing a structured mechanism for reporting on risk to the Audit Committee.
The Corporate Risk Register is reviewed quarterly, and updates provided by all pertinent risk managers and owners. It is included as Appendix 1 for the Audit Committee’s review. Additionally, a visual representation of the current LFRS risks can be found in Appendix 2.
The business risk to LFRS of not implementing an efficient and effective risk management system can be catastrophic in terms of financial impacts, service provision, health and safety, service objectives, KPIs, reputation and for government relationships.
There are no identified impacts on sustainability or the environment.
There are no identified implications on equality and diversity.
Data Protection (GDPR)
Will the proposal(s) involve the processing of personal data? N
If the answer is yes, please contact a member of the Democratic Services Team to assist with the appropriate exemption clause for confidential consideration under part 2 of the agenda.
The long-term outcome of this proposal is that risks will be managed more efficiently therefore having a positive impact on mangers time in dealing with risk impacts.
The long-term implications of this proposal will allow LFRS to make evidence-based decisions and consider the cost benefit of risk versus the acceptance of the risk impacts.
Failure to establish robust mechanisms for identifying and managing organisational risks within LFRS could lead to non-compliance with the Civil Contingencies Act (CCA) 2004.
Paper:
Date:
Contact:
Reason for inclusion in Part 2 if appropriate: Insert Exemption Clause