Agenda item

Risk Management Update

Report of the Chamberlain.

Minutes:

Members considered a report of the Chamberlain which provided an update on the corporate and top red departmental risk registers, following their review by the Chief Officers Risk Management and Summit Groups. 

 

Members noted that the IT Sub Committee had considered the downgrading of  GDPR to a departmental risk but, in light of a couple of recent breaches, had not reached a unanimous decision.  Members noted that Mazar’s had been reviewing this risk and their report and conclusions would inform a decision. 

 

Members also suggested that it would be helpful if future reports could show trends/impact/likelihood and control.

 

RESOLVED, that :

 

1.         The report be noted.

 

2.         Corporate Risk CR25 – GDPR, remain as a Corporate Risk, for the time being, subject to a review at the next meeting of the Audit and Risk Management Committee.

Supporting documents: