Agenda item
Corporate Risk
- Meeting of Senedd Commission Audit and Risk Assurance Committee, Friday, 18 June 2021 10.00 (Item 8.)
- View the background to item 8.
Minutes:
ARAC
(03-21) Paper 5 – Corporate Risk
ARAC
(03-21) Paper 5 – Annex A - Summary
Corporate Risk Register
ARAC
(03-21) Paper 5 – Annex B – Corporate Risks plotted
8.1 Dave introduced this item. He outlined
the proposed removal of the risk around the Senedd Elections 2021 transition
from the Commission’s Corporate Risk Register and the proposed reassessment of
the Coronavirus risk by Executive Board.
8.2 Siwan provided an update on the
ongoing assessment of risks around constitutional change and Senedd reform. She
added that the risks would focus on the Commission’s response to political
decisions which would begin to emerge as Senedd business got underway following
the election.
8.3 Dave reminded the Committee that this
was a summary report of the status of the risks and that the Directors and the
Executive Board regularly reviewed more detailed reports. In response to a
question around ownership, Dave also clarified that each corporate risk was
owned by a lead Director with input from the relevant Heads of Service.
8.4 In relation to the risks around
Standards of Conduct for Members of the Senedd, Ann Beynon asked whether there
was merit in the Committee engaging with the new Standards Commissioner. The
Chair noted that, as the Commissioner was an independent office holder, the
focus for the Committee should be on reviewing the management of risks in
relation to the support provided by the Commission. Siwan reminded the
Committee that the focus of this risk had been on how Commission officials had
supported the Senedd to maintain public confidence in the standards regime,
including the revised Code of Conduct for Members of the Senedd and appointment
of a new Standards Commissioner. She added that, as these were now both in
place, the focus would shift to supporting the Standards of Conduct Committee,
once established, to carry out a review of the complaints procedure.
8.5 Manon added that, in response to
feedback during the induction of new Members, a briefing was being prepared to
clarify the roles and remits of the Standards Commissioner and Remuneration
Board. This would also include details of the Accounting Officer rules.
8.6 Suzy welcomed any clarity on the
Commission’s duty to support the independent Remuneration Board.
8.7 In response to a question from Suzy
around the budget and support for the Standards Commissioner, Siwan reminded
the Committee that it was a statutory requirement for the Commission to provide
resources to the Commissioner’s office. She explained that a Protocol was being
drawn up with the new Commissioner based on the principle of a continued
flexible approach, whereby Commission staff were seconded to their office.
8.8 In relation to the risk around
Dignity and Respect for Commission staff, Suzy suggested some evaluation by
internal audit on the effectiveness of training developed to provide staff with
the confidence to challenge behaviour which officials agreed to consider.
8.9 In response to points raised by Aled
in relation to political decisions around Senedd reform, Siwan provided
assurance that the UK constitutional framework, including issues such as the
reduction in the number of Welsh MPs, local government boundary changes, would
be taken into account when assessing the risks to the Commission.
8.10 The Chair would be discussing the
forthcoming review of the Commission’s Assurance Framework with officials in
advance of the Committee’s July meeting, specifically around how the
independent Remuneration Board fits alongside it and the Committee’s role in ensuring
the processes to support it were effective.
8.11 The Chair would also hold discussions
with Dave around re-structuring the updates it received on cyber security
risks. In response to a specific query from Aled around the use of Mac
computers, Dave provided assurance that changes to the way these connected to
the network formed part of the measures to improve defences and ensure security
of the network.
8.12 The Chair thanked officials for the
assurances provided on the points raised and was happy with the risk reports
and risk management processes.