South and Vale Corporate Risks
We reviewed the top 10 corporate risks for South and Vale and considered the need for internal audit work in 2024/25 as noted below:
No. |
Risk Ref |
Description |
Risk Score |
Internal audit work in 2024/25 |
1 |
Exempt by virtue of paragraph 3 of Pat 1 of Schedule 12A of the Local Government Act 1972 |
|||
2 |
86/88 NEW |
Failure to implement Idox for South and Vale with no alternative option/plan B |
8/8 |
This forms part of our Idox Implementation advisory work. |
3 |
87/89 NEW |
Current proposed Idox functionality falls short of that originally contracted to the council to deliver. (Risk 80/82 Failure to plan for smooth transition of Ocella replacement to Idox) |
8/8 |
|
4 |
81/83 |
Third party supplier suffers a cyber attack or data breach |
8/8 |
Information Security audited in 2022/23, with management actions followed up quarterly. |
5 |
58/62 |
IT and data security compromised due to remote working and naive user behaviour, which may result in data breach and fines/loss of reputation. |
8/6 |
|
6 |
9/9 |
Failing to have an effective health and safety management system in place and lack of resource to support, may result in a fatality, illness or injury to staff or anyone else affected by our business; damage to property; legal action by HSE; civil claims and increased costs. |
8/6 |
Health & Safety audited in 2022/23, with management actions formally reported every quarter, in addition to monthly reviews between Internal Audit and Health & Safety. |
7 |
72/74 |
The
transformation programme key four
outcomes: |
8/6 |
This forms part of our Transformation Programme Board advisory work. |
8 |
91/93 NEW |
A number of key third party contracts are up for review/renewal within a similar time period, a failure to plan and resource each project may result in the council failing in its statutory duties provide poor service to residents, loss of reputation and increased costs. |
8/6 |
|
9 |
71/73 |
Failure to deliver a full range of leisure centre activities with GLL through high fuel costs and economic downturn |
8/5 |
GLL contract will be reviewing in the contract management audit, where we will provide assurance over the contract management controls within service teams |
10 |
76/78 |
Failure to plan for 5CP exit and ensure seamless transition, will impact IT and services revs and bens/land charges loss of reputation etc. |
8/5 |
This forms part of our 5CP Exit - IT Programme audit work. |