MINUTES OF A meeting of the Corporate and Strategic Committee

 

 

Date:                          Wednesday 17 February 2016

Time:                          9.00 am

Venue:

Council Chamber

Hawke's Bay Regional Council

159 Dalton Street

NAPIER

 

Present:                     D Hewitt - Chairman

R Barker

T Belford

A J Dick

R Graham

RM Maaka

M Paku

D Pipe

C Scott

F Wilson

 

In Attendance:          E Lambert – Chief Executive

P Drury – Group Manager Corporate Services

M Adye – Group Manager Asset Management

L Hooper – Governance & Corporate Administration Manager

V Moule – Human Resources Manager

A Redgrave – Transport Manager

 

 


1.       Welcome/Apologies/Notices

The Chairman welcomed everyone to the meeting.

Resolution

C&S1/16    That the apologies from Councillor Graham for lateness and Councillor Beaven for absence are accepted.

Wilson/Pipe

CARRIED

 

2.       Conflict of Interest Declarations

There were no conflict of interest declarations.

 

3.       Confirmation of Minutes of the Corporate and Strategic Committee Meeting Held on 18 November 2015

C&S2/16

Resolution

Minutes of the Corporate and Strategic Committee held on Wednesday, 18 November 2015, a copy having been circulated prior to the meeting, were taken as read and confirmed as a true and correct record.

Scott/Paku

CARRIED

 

4.       Matters Arising from Minutes of the Corporate and Strategic Committee Meeting Held on 18 November 2015

There were no matters arising from the minutes.

 

5.

Follow-ups from Previous Corporate and Strategic Committee Meetings

 

Mrs Lambert provided an overview of the status of the follow-ups.

C&S3/16

Resolution

1.      That the Committee receives the report “Follow-ups from Previous Corporate and Strategic Committee Meetings”.

Wilson/Dick

CARRIED

 

6.

Call for any Minor Items not on the Agenda

 

Recommendation

That the Corporate and Strategic Committee accepts the following minor items not on the agenda, for discussion as Item 12:

1.         Water Storage Forums (Belford)

2.         CHB Wastewater Issues (Belford)

3.         Energy Conservation (Belford)

4.         Wairoa Maori Committee meeting (Wilson)

5.         Zone 3 Meeting (Scott)

 

7.

Report and Recommendations from the Finance Audit & Risk Sub-committee

 

Mr Drury provided an overview of discussions at the 11 February meeting of the sub-committee, and presentations received.

It was agreed that the function of undertaking systematic reviews of Council operational activities, contained in the sub-committee’s terms of reference, is to be added to the Charter.

Councillor Graham arrived at 9.13am

Discussion and debate traversed:

·      the role of the sub-committee and decision making, reporting lines

·      risk management framework and the management and reporting of risks.

C&S4/16

Resolutions

That the Corporate and Strategic Committee:

1.      Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy.

2.      Receives and notes the verbal report from the 9 November 2015 Finance Audit and Risk Sub-committee.

Charter for the Finance Audit and Risk Sub-committee

3.      Approves the HBRC Finance Audit and Risk Sub-committee Charter as amended (following)

Risk Assessment and Management

4.      Adopts the reviewed HBRC Risk Management Policy (following)

5.      Adopts the reviewed Risk Management Framework (following)

6.      Approves the undertaking of a Cyber Security internal audit within existing budgets, to be reported back to the 18 May 2016 meeting of the Finance Audit and Risk Sub-committee.

Reports Received

7.      Notes that the following reports were provided to the Finance Audit and Risk Sub-committee and feedback provided to staff:

7.1.      Audit Management Letter Covering Annual Report Year Ending 30 June 2015

7.2.      2016 Work Programme

7.3.      Cyber Security.

Scott/Dick

CARRIED

 

Finance Audit and Risk Sub-committee Charter

Introduction

The Finance, Audit and Risk Sub-committee is a committee established by resolution of the Hawke’s Bay Regional Council. It makes recommendations to the Corporate and Strategic Committee which, in turn, reports to Council.

Objective

The objective of the Finance, Audit and Risk Sub-committee is to assist the Council to fulfil its responsibilities in relation to:

·       The robustness of risk management systems, processes and practices;

·       The provision of appropriate controls to safeguard the Council’s financial and non-financial assets, the integrity of internal and external reporting and accountability arrangements;

·       The independence and adequacy of internal and external audit functions;

·       Compliance with applicable laws, regulations, standards and best practice guidelines. ;

·       The review of Council’s expenditure policies and the effectiveness of those policies.

Composition

Members of the Finance, Audit and Risk Sub-committee shall comprise four members of Council and an external appointee.

The Chairman shall be a member of the sub-committee as elected by the Council.

A quorum shall be not less than three councillor members.

Responsibilities and Duties

In order to meet its objective, the responsibilities and duties of the Sub-committee on behalf of the Council will include the following.

Risk Management

·       Reviewing the principal risks contained in the risk profile for Council on a twice-yearly basis

·       Ensuring that management has established a risk management framework which includes policies and procedures to effectively identify, manage and monitor principal business risks, and the identification of Council’s risk appetite and profile

·       At least annually assessing the effectiveness of the implementation of the risk management system

·       Monitoring compliance with the risk management framework

·       Receiving and recommending for approval, Council’s insurance arrangements

·       Reviewing of management delegations

External and Internal Reporting

·       Reviewing, and challenging where necessary, the actions and judgements of management in relation to Council’s financial statements, operating and financial reviews and related formal statements, before submission to Council and clearance by the external auditors

·       Providing advice to Council regarding the financial statements (including whether appropriate action has been taken in response to audit recommendations and adjustments) and recommending their adoption by the Council

·       Satisfying itself that the financial statements are supported by appropriate management sign-off on the statements and on the adequacy of the systems of internal controls

·       Reviewing the processes in place to ensure that the financial information included in the Annual Report, including the statement of service performance, is consistent with the signed financial statements

·       Undertake systematic reviews (at least one per annum) of significant Council operational activities against Council stated performance criteria to determine efficiency/effectiveness of management and delivery of Council services

External and Internal Audit functions

·       Overseeing Council’s relationship with the external auditor

·       Approving the terms of engagement and the remuneration to be paid to the external auditor in respect of audit services provided

·       Discussing with the external auditor, before the audit commences, the nature and scope of the audit

·       Reviewing reports from the auditors on any material findings in accounting and internal control systems that come to the auditors’ attention

·       Ensuring that recommendations in audit management reports are considered and, if appropriate, actioned by management

·       Reviewing the objectives and scope of the internal audit function, and ensuring those objectives are aligned with Council’s overall risk management framework

·       Reviewing significant matters reported by the internal audit function and how management is responding to them

·       Assessing the performance of the internal audit function, and ensuring that the function is adequately resourced and has appropriate authority and standing within Council


Legislative Compliance

·       Determining whether management has appropriately considered legal and compliance risks as part of Council’s risk assessment and management arrangements

·       Reviewing the effectiveness of the system for monitoring Council’s compliance with relevant laws, regulations and associated government policies

Expenditure policies

·       Reviewing whether management’s approach to maintaining effective expenditure policies, including over external parties such as contractors and consultants, is sound and effective

·       Reviewing whether management has in place relevant expenditure policies and procedures and that these are periodically reviewed and updated

·       Determining whether the appropriate procedures are in place to assess, at least once a year, whether expenditure policies and procedures are complied with.

·       Be advised of any breaches of the liability management policy

Members’ Power And Authority

The Finance, Audit and Risk sub-committee has the authority of Council to:

·       Obtain external legal or independent professional advice within its approved budget in the satisfaction of its responsibilities and duties

·       Secure the attendance at meetings of third parties with relevant experience and expertise as appropriate

·       Receive all of the information and documentation needed or requested to fulfill its responsibilities and duties, subject to applicable legislation

Management is responsible for:

·       The preparation, presentation and integrity of the financial statements

·       Implementing and maintaining appropriate accounting and financial reporting principles and policies and internal controls and procedures that ensure compliance with accounting standards and relevant regulations

·       The risk management framework and compliance with policies and regulations

·       The provision of information and material requested by the committee, subject to relevant legislation

Review

The sub-committee shall undertake an annual self-review of the Charter and of its Terms of Reference. The Charter and Terms of Reference shall also be reviewed by Council.

 

HBRC Risk Management Policy

Adopted 17 February 2016

Policy Statement

1.       HBRC is a public organisation with the role and responsibilities set within legislation.  It is the primary organisation for management of  the economic development and environmental practice in the Hawke’s Bay

2.       As an organisation, HBRC enables the wise use of the region’s natural resources, taking on a leadership role in areas of:

a.        Natural resource knowledge and management

b.       Natural hazard assessment and management

c.        Regional strategic planning

d.       Regional scale infrastructure and services, and

e.       Economic development

3.       HBRC is a public organisation funded largely by money sourced from the Hawke’s Bay community.  It must use that money wisely and carry out its duties cost effectively.  HBRC must demonstrate it is a prudent manager and user of public funds.

4.       Effective management of risk is a requirement to allow HBRC to achieve its goals and objectives whilst fulfilling the expectations of rate payers and other key stakeholders.

By managing risk, the uncertainty of business performance reduces and allows HBRC the appropriate risk platform for the efficient and effective use of resources.

Risk is anything that may impact HBRC’s ability to achieve goals and objectives therefore interlocked with our Strategy and Long Term Plan. Risk is assessed in terms of a combination of the impact and likelihood of an event occurring.

Definitions

5.     Definitions used within this Policy include:

a.     Principal Risks are the vital risks faced by HBRC and are identified and reviewed by the Finance, Audit and Risk Sub Committee every six months. The Finance, Audit and Risk Sub Committee regularly monitors the Executive Team’s management of these Principal Risks.

b.     Risk appetite describes HBRC’s acceptable levels of risk. This brings together risk metrics and risk management so this can be applied into everyday business decisions, reporting and discussions.

c.     Risk management is the process whereby risk is managed and includes risk identification and reporting as well as allocating risk ownership and risk mitigation.

d.     Council means elected members as a governing body of Hawke’s Bay Regional Council.

e.     HBRC means Hawke’s Bay Regional Council.

f.      Finance, Audit and Risk Sub Committee means the Finance Audit and Risk Sub Committee of the Corporate and Strategic Committee.

Objectives

6.       The key objectives of this policy are to:

•    Enable the Finance, Audit and Risk Sub-committee to review the principal risks to which HBRC is exposed every six months set and to communicate the level of risk exposure they believe is prudent for HBRC to the Chief Executive. 

·       Provide the Chief Executive and Executive Management Team the discretion to select an approach for managing risk, within guidance from this policy, and reporting to the Finance, Audit and Risk Sub Committee.

·       Define HBRC’s staff responsibility to manage risk.  Management staff are responsible for encouraging good risk management practice within their groups and teams

·       Mandate for regular measurement and reporting on effectiveness of the risk management process.

Methods of Implementation

7.       The Council’s ability to conduct effective risk management is dependent upon having an appropriate risk governance structure and well-defined roles and responsibilities.

The Council’s risk management policy is applicable to all HBRC staff. It’s of paramount importance that each individual staff member is aware of his/her collective risk management responsibilities.

To create a risk aware culture within HBRC, the Council is committed to actively managing its risk management practices and processes by utilising the following risk management tools:

·       Education – as part of the Council’s risk management programme, all staff at different levels will receive appropriate risk and compliance training, and support so they can take ownership and adequately deal with risks as they are identified.

·       Risk register – The physical risk register will record information about the identified risk. This is a living document that is updated continually and is part of the overall compliance process of the Council.

·       Identification tools – Additional risk analysis, advice and opinions may be sought from experts outside of the HBRC in specialised fields.

Risk Management Governance Structure

8.       HBRC’s risk management governance structure illustrates the different levels or responsibilities within the risk management framework.

It also highlights that risk management is not the sole responsibility of an individual but rather a process that is supported from all levels throughout HBRC.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


Roles and Responsibilities

Role of Council

9.       Council as the governance body for HBRC has a fundamental governance role to play in financial and operational management and the management of risk.  Its role is to:

·         Set the tone and influence the culture of risk management within HBRC.  This includes:

•   Understanding that there is risk in the activities undertaken to achieve or support the desired organisational outcomes.

•   Providing clarity on the level of risk that HBRC should be exposed to in undertaking specific activities.

•   Setting the standards and expectations of staff with respect to conduct and probity.

·         Appoint the Finance, Audit and Risk Sub Committee and continue to monitor its implementation.

·         Approve major decisions that may affect HBRC’s risk profile or exposure.

Finance, Audit and Risk Sub-committee

10.    In order for the Finance, Audit and Risk Sub-committee to meet its objectives in relation to Risk Management, the Finance, Audit and Risk Sub-committee will:

·         Review the principal risks contained in the risk profile for Council on a twice yearly basis.

·         Ensure that management have established a risk management framework which includes policies and procedures to effectively identify, manage and monitor principal business risks.

·         At least annually assess the effectiveness of the implementation of the risk management system.

·         Monitor compliance with the risk management framework.

Chief Executive and Executive Management Team

11.    Key roles of the Chief Executive and the executive management team relevant to Risk Policy are to:

·         Implement policies on risk management and report on compliance and performance.

·         Identify, evaluate and manage (excluding governance risks) the risks faced by HBRC.

·         Provide adequate information in a timely manner to Finance, Audit and Risk Sub Committee on the status of significant risks to which HBRC is exposed and the controls to manage those risks.

12.    The Chief Executive has responsibility for overseeing risk, financial and operational management within the whole of HBRC and shall report to the Finance, Risk and Audit Sub Committee on these issues in accordance with this policy.

13.    The Chief Executive and Executive management will report to Council all new and emerging risks with the potential to significantly impact on HBRC.

Review of effectiveness

14.    The Chief Executive is responsible for reviewing the effectiveness of HBRC’s risk controls.  The frequency and scope of such a review shall be dictated by the Finance, Audit and Risk Sub Committee.  The review may be required for all or part of HBRC’s activities.  The outcome of such a review will be reported to the Finance, Audit and Risk Sub-committee.

15.    For each risk identified, the Chief Executive will:

·         Review the previous risk review and examine HBRC’s record on risk assessment and control.

·         Consider HBRC’s future risk profile and consider if current risk control arrangements are being effectively implemented.

16.    In making their decision the Chief Executive will consider the following aspects:

a.        Control environment:

·         HBRC’s objectives and its financial and non-financial targets

·         Organisational structure and calibre of the senior management team

·         Culture, approach, and resources with respect to the management of risk

·         Delegation of authority

·         Reporting to Council

b.       On-going identification and evaluation of risks:

·         Timely identification and assessment of risks

·         Prioritisation of risks and the allocation of resources to address areas of high exposure.

c.        Information and communication:

·         Quality and timeliness of information on risks

·         Time it takes for control breakdowns to be recognised or new risks to be identified.

d.       Monitoring and corrective action:

·         Ability of the organisation to learn from its experiences

·         Commitment and speed with which corrective actions are implemented.

Ownership and Review

Approver/Reviewer:  Finance, Audit and Risk Sub Committee

Ownership: Chief Executive

Review: Annual or as needed

 

Risk Management Framework

Adopted 17 February 2016

The risk management control system encompasses a number of elements that together facilitate an effective and efficient risk assessment, enabling HBRC to consider a variety of strategic, operational, financial, and commercial risks.  These elements include:

a.       Policies and procedures

Many of the organisational risks are managed through policies and plans adopted by the Council.  These include Regional Plans developed according to relevant legislation, their associated implementation plans, and policies or protocols specific to a particular issue. The policies adopted by Council are implemented and communicated through the Chief Executive to staff.  Written procedures support the policies were appropriate.

b.       Reporting

Comprehensive reporting is designed to communicate the monitoring of key risks and their controls.  Decisions to rectify problems are generally made by staff, but may be at the direction of Council where a significant potential risk is identified.

c.        Annual and 10 year planning and budgeting.

The annual and 10 year planning and budgeting processes are used to set objectives, a performance framework through which to monitor progress towards achieving those objectives, develop and communicate work programmes, and allocate resources.  A number of the work programmes are designed specifically to mitigate strategic risks.  Progress towards meeting annual and 10 year plan objectives is monitored regularly.

d.       Risk management framework

This framework helps to facilitate the identification, assessment and ongoing monitoring of risks to which HBRC is exposed.  The framework is formally reviewed in accordance with the timelines set out in Table 1 below, with all existing risks reviewed and new and emerging risks added.

e.        Risk review programme.

The risk review programme is an important element of the risk management process.  Apart from its normal programme of work, each member of the executive management team is responsible for the review of the effectiveness of the risk management framework within HBRC as set out in Table 1.

Table 1: Risk Management Allocation

Responsible Group

Decisions areas

Frequency of review/reporting

Council (through Finance, Audit and Risk Sub Committee)

·        Organisation risk profile

·        Top 10 residual risks

·        Top 10 controls

·        Significant new or emerging risks

·        Governance risks

Six months

Six months

Six months

As they arise

Six months

Chief Executive (together with Exec Managers)

·       Review and monitoring Organisational risks including controls

·       New and emerging risks reporting to Council

6 monthly

 

As they arise

Group Managers (together with 3rd tier managers)

·        Review and monitoring of:

-       Risks associated with Group’s risks including controls

-       New and emerging risks within group

 

6 monthly

 

As they arise

Staff

·       Effective management of operational risks through implementation of controls

·       Reporting new or emerging risks as they arise

Ongoing

 

As they arise

f.         Internal audit.

An internal review of risks may be requested by Council or commissioned by the Chief Executive from time to time as they deem appropriate.  Such an external review may cover the risk framework and all of the risks to which HBRC is exposed, or may be restricted to specific risks or aspects of risk.  This internal audit function may be contracted to an external provider.

g.       Audit of HBRC’s Long Term Plans and Annual Plans

These audits are carried out by Audit NZ on behalf of the Controller and Auditor General.

Risk management is a continual process and is conducted across the Council’s operations. Staff should continually apply this process when making business decisions and in day to day management.

The key process steps within the Council’s risk management procedures are:

1.       Communicate

2.       Establish the context

3.       Identify risks

4.       Analyse risks

5.       Evaluate risks

6.       Treat risks

7.       Monitor and review

Table 2: Risk Management Process

Step1: Communicate and consult

It is important that Council regularly receives updates on the implementation of its Risk Management Policy in public.  This signals to its external stakeholders and the general public the key risks that the organisation has recognised, and what mitigation measures are in place to effectively manage these risks.  I also provides a transparent insight into the level of risk the organisation recognises associated with individual goals and objectives.

Public ratepayers have the opportunity to comment and/or submit on the level of risk associated with Councils activities through consultation process.

Step 2: Establish the context

Establishing the risk management context is a key step in the risk management process.

HBRC activities involve the management of a range of risks.  The range includes risks with a very low likelihood but very high potential consequence to the organisation and Hawke’s Bay community.  There are also risks with high likelihood but low consequence.  The risk framework is designed to identify and manage risks with the potential significant financial, regulatory and operational capability consequences.  Day to day risks are expected to be managed by HBRC staff who have experience and expertise in the ongoing management of such risks.

Establishing the risk management context takes into account the goals, objectives, strategies, scope and sets the parameters of the risk management process.

Step 3: Identify Risks

Risk identification is a key step in ensuring all the risks are identified and listed. The identified risks will determine the “what”, “why”, and “how” things can happen as a basis for further analysis. These risks can derive from different sources.

Sources of Risk

Sources of risk have the potential to create:

·         People risks e.g. health and safety.

·         Local government risks e.g. reputation/ image, legislative.

·         Organisational management risks e.g. loss of service, financial

·         Environmental risks.

Each risk identified will be entered into the Council’s risk register by the Risk Manager.

 

Step 4: Analyse Risk

After risks are identified it is important to adequately describe them. The key to describing the risks include:

·         What is the event? (e.g. Negative media publicity)

·         The cause of the event? (e.g. Breakdown in communication)

·         The impact of the event. (e.g. Reputational damage which leads to rate payers/stakeholder dissatisfaction)

Risk analysis aims at understanding the level of significance of a risk by assessing its likelihood and consequences and taking into account the processes and controls to mitigate it.

Inherent risk level (Gross risk) would exist if the controls did not work as they were intended. Residual risk level is the leftover risk after applying identified controls effectively and risk treatment.

The aim of controls is to reduce risk to an acceptable level, within the Council’s risk management process. When evaluating the effectiveness of controls, factors to consider are the consistency of application, understanding of control content and documentation of the control. Furthermore, the evaluation of the control process can include:

·         Control self-assessment

·         Internal Audit reviewing the effectiveness of controls

·         External audit reviewing the effectiveness of controls

The likelihood ratings identify how likely, or often, a particular event is expected to occur, these are shown in Table 3 below. The descriptors are not a mandatory category requirement, but act as a guide to assist in ranking the probability in line with the nature of each risk.

Table 3: Likelihood of occurrence


Name

Full Description

Almost Certain

Occurrence of the event within this 10-yearly LTCCP may be credibly regarded as a ‘real possibility’ i.e. the probability of occurrence is greater than non-occurrence.  Documented and frequent incidents.  Is likely to occur more than once in this 10-year LTCCP period.

Likely

Occurrence of the event within this 10-yearly LTCCP may be credibly regarded as a ‘real possibility’ i.e. the probability of occurrence is similar to non-occurrence.  Documented and regular incidents.  Is likely to occur once in this 10-year LTCCP period.

Unlikely

Occurrence of the event within this 10-yearly LTCCP would be considered as having some potential to occur – ie, a reasonable probability of occurrence over time, but less than the probability of non- occurrence.  Documented but infrequent incidents.  Has less than 50% chance of occurrence in this 10-year LTCCP period.

Highly Unlikely

Whilst possible, occurrence of the event within this 10-yearly LTCCP would be regarded by most people as unlikely i.e. the probability of non-occurrence is somewhat larger than occurrence.  Documented but few incidents.  Has less than 10% chance of occurrence in this 10-year LTCCP period.

Rare

It is not expected that the event would occur within this 10-yearly LTCCP. Occurrence of the event would probably be regarded as unusual - (the probability of occurrence is quite small).  Has less than 1% chance of occurrence in this 10 year LTCCP period.

The consequence descriptors in Table 4 indicate the level of possible consequences for a risk.

Tables 4: Consequence Rating

2.1 Financial Consequences

Level 1

Value of investment(s) decreases by 30%.Loss of cash flow/income or increase in unplanned expenditure of $5m over  Note: Language to be appropriate for all sections of council

Level 2

Value of investment(s) decreases by 20%.Loss of cash flow/income or increase in unplanned expenditure of $3m over

Level 3

Value of investment(s) decreases by 10%.Loss of cash flow/income or increase in unplanned expenditure of $2m over

Level 4

Value of investment(s) decreases by 5%.Loss of cash flow/income or increase in unplanned expenditure of $1m over

Level 5

Value of investment(s) decreases by 3%.Loss of cash flow/income or increase in unplanned expenditure of $0.5m over

No Financial Impact

No measurable financial impact

2.2 Stakeholder/Reputation

Level 1

Extreme dissatisfaction and loss of confidence.  Central government investigation and/or statutory management installed.  Regulatory action resulting in major prosecution and conviction of council (eg - fine of >$100k).Note: ‘Stakeholder’ means clients, public, industry groups (such as forestry/agriculture), local government bodies, lobby groups, or Iwi.

Level 2

Major loss of stakeholder confidence.  Extensive stakeholder dissatisfaction expressed through media resulting in a long period of negative coverage (>2 months).  Widespread, unified, coordinated revolt by consent holders and/or ratepayers against fees/conditions.  Regulatory action resulting in moderate prosecution and conviction of council (eg - $25-$100k)

Level 3

2-3 stakeholders sectors dissatisfaction expressed through media resulting in a long period of negative coverage (>2 months).  Central Government impose statutory sanctions.  Regulatory action resulting in prosecution but no conviction.

Level 4

Single stakeholder sector express dissatisfaction through media for up to one month.  Central Government – CEO MFE directed by Minister to make enquiries. Individual(s) express dissatisfaction through media or directly.

Level 5

Individual(s) express dissatisfaction through media or directly.  Individual(s) refuse to pay fees/rates as a stand against council activities.  No significant impact on stakeholders or image

No Impact

No significant impact on stakeholders or image

2.3 Operational Capability

Level 1

Event results in management diversion from strategic objectives for a period of > 2 months.  Delivery of LTCCP outcomes across work area significantly affected for greater than six months.  Critically detrimental effects on stakeholders.  Long term loss of capability (>2 months).Event results in management diversion from strategic objectives for a period of <2 months.

Level 2

Event results in management diversion from strategic objectives for a period of <2 months.  Delivery of LTCCP outcomes across work area significantly affected for up to six months.  Moderate detrimental effects on stakeholders.  Event results in loss of operational capability for up to 2 months.  Event results in management diversion from strategic objectives for a period of a few days.

Level 3

Event results in management diversion from strategic objectives for a period of a few days.  Delivery of LTCCP outcomes across work area significantly affected for up to one month.  Minor detrimental effects on stakeholders.  Event affects limited efficiency or effectiveness of service.  Managed internally.

Level 4

Event affects limited efficiency or effectiveness of service.  Managed internally.  Moderate staff morale problems resulting in some staff resignations but managed through minor restructuring.

Level 5

Event causes minor disruption felt by limited small group of stakeholders.  Minor staff morale impact resulting in minor dissention but managed over a short period of time.

No impact

No impact on operational capability

Step 5: Evaluate Risk

After the likelihood and consequence factors have been determined, the level of risk is calculated using the Likelihood of occurrence (Table 1) and Consequence Rating (Table 2).

Raw Risk = the likelihood of an event occurring X the consequence of such an event

Table Five: Risk Assessment Matrix

The final outcome is a risk rating. The risk rating enables definition between those risks that are significant and those that are of a lesser significance.

 

 

Table 5: Risk rating

Comparative Levels of Risk

E

Extreme Risk

Immediate action required to manage risk

H

High Risk

Senior management attention to manage risk

M

Medium Risk

Management responsibility must be specified and risk controls reviewed

L

Low Risk

Managed by routine procedures

I

Insignificant Risk

Examine where un-needed action can be reduced

 

Once the impact has been assessed according to the relative risk level it poses, it is then possible to target the treatment of the risk exposure, by beginning with the highest level risks (Extreme risks) and identifying the potential mitigation measures to reduce the risk to a level acceptable to the organisation (risk appetite).

Initially, the Raw Risk needs to be calculated, so the likelihood and consequences need to be considered as if there were no controls or events in place to prevent or mitigate the risk occurrence.

Step 6: Treat Risks

Risk treatment involves determining possible treatment options to determine the most appropriate action for managing the risks identified.

Treatment options are required where the current controls are not mitigating the risk within defined tolerance levels as determined by the first step (defining the context). This is called the treatment plan.

This process may include consideration of a range of options, each will have a different cost and provide a different level of certainty.  The Finance, Audit and Risk Sub-committee will need to consider the options and recommend which they believe to be the most appropriate.

Once the Raw Risk is determined it is possible to investigate the current systems and processes starting with the highest ranked risk.  Then formulate an action plan to:

1. Reduce the likelihood or;

2. Reduce the consequence identified

Treatment options:

Treatment options could involve applying existing or implementing additional controls. Furthermore, treatment options can involve one or more of the following:

1.       Accept Risk – Accept risk and consider options for treatment

2.       Reduce Risk - Either reduces the likelihood that a risk occurs, or minimises the negative consequences if it does occur.

3.       Transfer/Share RiskPass the risk in part or whole to others (insurance or third party).

4.       Retain Risk – Retain the risk after evaluating its impact which is found to be minimal.

When determining the preferred treatment option consideration should be given to factors such as cost and potential effectiveness (Cost benefit analysis).

Treatment Actions:

Once the treatment option is identified each emerging risk should be assigned a treatment action.

·         The treatment action should contain at a minimum the following: The cost of the action.

·         Assigned responsibility to a person/position.

·         A due date (if appropriate), and;

·         Monitoring and reporting requirements.

Progress of the treatment action should be recorded in the risk register.

Note: Risk Mitigation processes may involve work streams determined through the Resource Management Act and/or Annual or Long Term plan processes.  These sort of projects are particularly relevant to HBRC strategic goals.

Residual Risk:

Residual risk level is the risk left after the risk treatment process has been implemented and controls applied. Residual risk needs to be monitored and reported on a regular basis to identify changes in any performance level.

Step 7: Monitor and review

Risks are constantly changing due to the Council’s operating landscape. Therefore, risks must be monitored and reported on a regular basis to ensure they are current.

Furthermore, risk owners and treatment action owners have key risk, control review and updated responsibilities to ensure the information pertaining to those risks are current. Also the Council’s risk register should undergo a six monthly review to ensure all information captured are current.

The effectiveness of the Council’s risk management framework also needs to be monitored and reviewed six monthly. This review process will help refine the Council’s risk management framework to facilitate continuous improvement and overall risk maturity

 

8.

Draft Councillor Meeting Attendance Records Policy

 

Mrs Lambert outlined the policy, which is based around requirements contained in the Local Government Act, the Remuneration Authority and Office of the Auditor General.

Discussions traversed:

·      requirement for reporting elected representatives’ salaries in the Annual Report

·      parameters around mileage claims and definition of formal/ informal meetings as per the Public Records Act

·      suggest 4.2 of Policy should include fieldtrips – as they are considered “Council business”

·      suggested that Councillors submit a monthly ‘Travel Claim Form’ as a matter of course, even if not eligible for the allowance

C&S5/16

Resolutions

1.      That the Corporate and Strategic Committee receives and takes note of the report titled “Draft Councillor Meeting Attendance Records Policy”.

2.      The Corporate and Strategic Committee recommends that Council:

2.1.      Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that Council can exercise its discretion and make decisions on this issue without conferring directly with the community.

2.2.      Adopts the Recording and Publication of Councillor Meeting Attendance Policy as amended.

Scott/Wilson

CARRIED

 

10.

Health and Safety Update Report for the Period 1 November 2015 - 31 January 2016

 

Mr Viv Moule, Human Resource Manager, provided the HR update and advised that there had been one vehicle accident during the reporting period but nothing else of note, and also outlined shared local authority Health & Safety initiatives around pre-qualifying contractors that are used by all three councils (HBRC, HDC, NCC).

Mrs Lambert outlined the process to be undertaken by HBRC management in order to enable councillors to be properly informed about their responsibilities under the new Health and Safety legislation and carrying out their own due diligence to have confidence the Council systems and processes are adequate.

C&S6/16

Resolution

1.      That the Corporate and Strategic Committee receives the “Health and Safety Update Report for the Period 1 November 2015 to 31 January 2016”.

Wilson/Barker

CARRIED

 

11.

February 2016 Public Transport Update

 

Mrs Anne Redgrave, Transport Manager, provided an update on public transport programmes and use, as well as an overview of the options for offering SuperGold fares in light of the new funding regime, new ‘Small Passenger Vehicle Hire’ legislation, findings of the Regional Ticketing consortium in looking at new ticketing systems, and NCC process for formalising bus stops.

Mrs Lambert provided further information around the issues surrounding SuperGold funding changes and advised the Regional Sector is putting forward a submission on behalf of all regional councils.

C&S7/16

Resolution

1.      That the Corporate and Strategic Committee receives the February 2016 Public Transport Update report.

Wilson/Belford

CARRIED

The meeting adjourned at 10.20am and reconvened at 10.30am

9.

Napier City Council Multi-use Velodrome Proposal

 

Mayor Bill Dalton introduced the project team - Jenny Giblin (Funding Manager), Geoff Balm (Project Manager) and Wayne Jack (NCC Chief Executive) – before outlining the proposal for a multi-use facility incorporating a velodrome.

Mr Balme ran a video showing multi-use facilities containing a velodrome in other locations throughout New Zealand and the world, prior to outlining the proposal through a Powerpoint presentation.

Ms Giblin provided an overview of possible funding sources being approached in order to achieve the estimated $15M required to build the facility.

Discussion traversed:

·      commitment by HBRC sought of $3M and the consultation process required for material variations (as this would be) to the Long Term Plan

·      community support, specific cycling and recreation sector support

·      proposal is part of the Regional Facilities Plan, strategies for increasing participation in active recreation to better HB health statistics and changes to the way people participate in sport/recreation activities

·      building and lighting requirements and costs in terms of use for ‘elite’ cycling events and for use as a cycling training ‘hub’

C&S8/16

Resolutions

That the Corporate and Strategic Committee:

1.      Receives and notes the details of the Community Facilities Fund policy expenditure and funding

2.      Receives and notes the information provided by the Velodrome project team.

Scott/Wilson

CARRIED

 

Item - 10. Health and Safety Update Report for the Period 1 November 2015 - 31 January 2016 - was considered immediately following item 8.

 

Item - 11. February 2016 Public Transport Update - was considered immediately prior to item 9.

 

12.

Minor Items not on the Agenda

 

 

Item

Topic

Councillor / Staff

1.   

Water Storage Forums

Invite all councillors to series of public forums on dam and water storage issues – organised by Crs Belford, Beaven, Graham & Barker – on 3/3 Karamu High School, 10/3 CHB Municipal Theatre, 21/3 Wairoa Gaiety Theatre & 23/3 Napier Boys High School

 

Cr Belford

2.   

CHB Wastewater Issues

Brought article in CHB mail to attention of councillors

Cr Belford

3.   

Energy Conservation

EECA released details of a deal with Waikato councils for energy savings and suggests HBRC may avail itself of same

Cr Belford

4.   

Wairoa Maori Committee meeting

Meeting went well, and thanks to staff and committee members who attended

Cr Wilson

5.   

Zone 3 Meeting

LGNZ meeting recently, where discussions covered riparian planting, Mayors taskforce and Tui mentoring programme – suggests HBRC look into participating in similar type of mentoring programme

Cr Scott

 

 

 

13.

Confirmation of the Public Excluded Minutes of the Corporate and Strategic Committee Meeting held on 18 November 2015

C&S9/16

Resolution

That the Committee excludes the public from this section of the meeting being Confirmation of Public Excluded Minutes Agenda Item 13 with the general subject of the item to be considered while the public is excluded; the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:

 

GENERAL SUBJECT OF THE ITEM TO BE CONSIDERED

REASON FOR PASSING THIS RESOLUTION

GROUNDS UNDER SECTION 48(1) FOR THE PASSING OF THE RESOLUTION

Independent Member Recommendation from the Finance Audit and Risk Sub-committee

7(2)(a) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to protect the privacy of natural persons

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

 

Wilson/Pipe

CARRIED

 

13.     Confirmation of Public Excluded Minutes of the Corporate and Strategic Committee Meeting Held on 18 November 2015

C&S10/16

Public Excluded Minutes of the Corporate and Strategic Committee held on Wednesday, 18 November 2015, a copy having been circulated prior to the meeting, were taken as read and confirmed as a true and correct record.

Wilson/Scott

CARRIED

 

Matters Arising from Public Excluded Minutes of the Corporate and Strategic Committee Meeting Held on 18 November 2015

There were no matters arising from the minutes.

 

Resolution

That the meeting moves out of Public Excluded session.

Graham/Dick/

CARRIED

 

The meeting went into public excluded session at 11.50am and out of public excluded session at 11.52pm

 

Closure:

There being no further business the Chairman declared the meeting closed at 11.52am on Wednesday 17 February 2016.

 

Signed as a true and correct record.

 

 

 

DATE: ................................................               CHAIRMAN: ...............................................