Agenda item

The Director of Corporate Services presented the report to Members.

In November 2024, the Audit Committee supported the updated Lancashire Fire and Rescue Service (LFRS) risk management policy, procedure, and the associated organisational risk register. This aligned with ISO 31000:2018 standards, was in line with the National Fire Chiefs Council (NFCC) template and represented good practice in the sector. Effective risk management practices were integrated into quarterly Corporate Performance Board (CPB) meetings agendas, provided strategic oversight, ensured legislative compliance, optimised resource allocation, and facilitated risk reporting to the Combined Fire Authority.

The Audit Committee was a cornerstone of the Authority’s governance framework, tasked with providing independent assurance to governance stakeholders regarding the adequacy of LFRS’s risk management framework, annual governance processes, and internal control environment. Its primary function included evaluating the effectiveness of the Authority’s risk management arrangements.

The Civil Contingencies Act (CCA 2004) set out the legal framework for contingency arrangements to assess, plan and advise against LFRS organisational risks, be it departmental or corporate, however, there was no prescriptive way within the framework of doing that. Therefore, the Service had the freedom to manage risk using a method that ensured a clear governance structure that best met the needs of the business.

This moral and statutory duty not only required LFRS to take all reasonable actions to safeguard its employees, assets, and the public, but also ensured that it was not financially or operationally disrupted. It could meet this duty by ensuring that risk management played an integral part in the governance of the Service at a strategic, tactical, and operational level.

The risk management policy and procedure at LFRS ensured compliance with legislative requirements and NFCC good practice. The policy and procedure were aligned with ISO 31000:2018, to ensure an accurate description and appropriate monitoring and management of LFRS risks. Additionally, a tiered approach to risk was in place which allowed for escalation and de-escalation as needed.

Effective risk management practices aligned with ISO 31000:2018 yielded numerous benefits for LFRS that included proactive risk mitigation, enhanced decision-making, clear accountability, and improved financial control.

Risk Management was integrated into quarterly CPB meetings, as a standing agenda item LFRS aimed to provide strategic oversight of the risk management process. Overall, the measures enabled LFRS to fulfil its legislative duties and optimise resource allocation whilst providing a structured mechanism for reporting on risk to the Audit Committee. The Corporate Risk Register was reviewed quarterly, and updates provided by all pertinent risk managers and owners.

Members noted that the top risks identified in the risk register were:

-        Loss of Funding.

-        Retention and Recruitment of On-Call Staff.

In response to a question from County Councillor Buckley in relation to adding the risk relating to potential local government reorganisation, the DoCS explained that changes in government structures were constant but would not necessarily impact the risk profile of the service but could impact on governance. He would take forward the suggestion.

In response to a question from the Chair in relation to the reduction of risk surrounding management of personal data, the DoCS advised that the Service had recruited to a vacant post which had resulted in reducing the risk.

Resolved: - That the Committee: -

i)                Endorsed LFRS’s risk management arrangements: and

ii)              Noted the up-to-date Corporate Risk Matrix and Register.