Agenda, decisions and minutes

To receive apologies for absence.

Apologies were received from Councillors R. Medwyn Hughes, Huw W Jones and Gethin Glyn Williams

To receive any declaration of personal interest.

No declarations of personal interest were received from any members present.

To note any items which are urgent business in the opinion of the Chairman so they may be considered.

None to note.

The Chairman shall propose that the minutes of the meetings of this committee, held on 27 May and 17 June 2021, be signed as a true record.

The Chair signed the minutes of the previous meetings of this committee, held on 27 May and 17 June 2021, as a true record.

To provide an update to the Committee on the Audit Wales work programme for Quarter 1

·         Quarterly update up to 30-06-21

·         Progress Review of the North Wales Growth Deal - North Wales Economic Ambition Board

·         Management Response Progress Review of NWEAB

To accept the reports.

Three reports were submitted updating the Committee on the Audit Wales work in Quarter 1.

·         Quarterly Update: up to 30 June 2021

·         Progress Review of the North Wales Growth Deal - North Wales Economic Ambition Board (NWEAB)

·         Managers' response to the progress on EAB's work programme

Alan Hughes (Audit Wales) and Nia Williams (NWEAB) were welcomed to the meeting to present their observations / responses. Reference was made to the Audit Wales work programme and it was highlighted that the programme was an useful summary of local work, national work and the work undertaken by other auditors during this period.

In the context of the progress review of the North Wales Growth Deal (NWEAB), six proposals were submitted for ways in which the councils through the NWEAB could improve their ability to deliver their overall goals.  It was highlighted that the NWEAB had established a clear governance framework, although not all elements were operational, together with a Portfolio Management Office with good resources to support and deliver the work.

A response was presented to the six improvement areas by NWEAB Managers in the form of a work programme with a brief explanation of the plans and work set for delivery.  The work areas were discussed individually and the results were expanded upon to ensure management and progress in the six areas in question.

Thanks was expressed for the report

In response to a question regarding the responses and the 'live' challenges facing the Officers, it was highlighted that a great deal of work was being done to try to keep a balance by setting a realistic timetable and to continue to plan ahead. It was added that the business cases for each project were very challenging and establishing the regional Corporate Joint Committee presented additional challenges. 

In response to a question regarding managing risks, the importance of the risk register was noted and the need to identify risks early together with updating and adapting the register regularly.  In addition to having to establish projects to recover the economy as a result of COVID-19, reference was made to an example of responding to a challenge within the tourism sector of being unable to get staff to work in the sector - the Tourism Talent Project had been adapted to respond to the sector's issues.   In addition, it was highlighted that external factors were also challenging. With the projects being funded by two governments, the grant requirements appeared to be adapted randomly in response to the changes in the priorities of those governments.

In response to a question regarding the substantial resources used to ensure the success of the NWEAB and the need for Gwynedd Council (as the host authority) to be fully compensated, it was noted that it was the responsibility of officers to ensure that the correct sums were claimed.  It was added that purposeful budgets had been set and employment levels were realistic. 

In response to a question regarding the North Wales Mersey Dee Business Council withdrawing from the  ...  view the full minutes text for item 5.

To inform Members of the District Auditor's conclusions and report on proposed next steps

DECISION:

·         To accept the report

·         To agree to establish a Task and Finish Group to collaborate with the Chief Executive to carry out a review of how and to what extent the principles of the 'Ffordd Gwynedd' way of working are embedded across the Council

·         To elect Councillors John Pughe Roberts, Medwyn Hughes, Selwyn Griffiths, Peredur Jenkins and Sharon Warnes as members of the Task and  Finish Group

·         That the Task and Finish Group submits a report of the review's findings to the Committee when it is completed

Submitted - a report by the Cabinet Member for Corporate Support, Councillor Nia Jeffreys, presenting the Audit Wales conclusions to a review undertaken of Ffordd Gwynedd.   It was reported that Audit Wales had undertaken a review of the Wellbeing of Future Generations in adult social care within the Council in 2019, and as a result of this review it was agreed that it would be beneficial to undertake a follow-up review of the progress of Ffordd Gwynedd across all Council services.

It was added that the Audit Committee had also highlighted a wish to establish a Task and Finish Group to review the progress achieved in the name of Ffordd Gwynedd and following a discussion at a Scrutiny Working Group (4/5/21) it was agreed to schedule the work during autumn of this year.

In accordance with the Chief Executive's wish to undertake a review to identify how and to what extent the principles of the Ffordd Gwynedd way of working are embedded across the Council, it was considered that the establishment of the Task and Finish Group was timely and the Chief Executive would work jointly with Members to produce a brief for the review. It was considered that the letter received from Audit Wales, summarising the conclusions of their review, set an initial work programme for the Task and Finish Group.

Reference was made to some of the review's conclusions. Although the Council had transformed elements of the way it works, it was considered that there were some common misconceptions and barriers that hindered further progress and limited the way in which 'Ffordd Gwynedd' embeds and becomes part of the subconscious way of working.

Alan Hughes (Audit Wales) added that he welcomed the Council's response to the review and to the intention to establish a Task and Finish Group as a means for further review.

The members expressed their thanks for the report.

During the ensuing discussion, the following observations were made by members:

·         That the result of the Auditors' report summarised the practical issues well that need to be revisited. 

·         The report was welcomed and there was a positive response to promoting the next steps.

·         It was possible to make better use of data

·         There was a need to support officers to commit to their work

·         There was a need to ensure that 'Ffordd Gwynedd' was embedded. 

·         The findings of the Task Group would be submitted to the Audit Committee once they had completed the review.

·         There was concern in the response of some members of staff to enquiries from Gwynedd residents.

In response to the observations, the Head of Corporate Support noted that he welcomed the observations accepting that 'Ffordd Gwynedd' was an ongoing task and any concerns regarding the lack of action should be referred in order to improve the situation. He added that it was proposed to conduct an information sharing session with the Task and Finish Group  ...  view the full minutes text for item 6.

To receive this report as an update on the progress made by the Council to ensure that a complete risk register is in place and is being maintained, and considers the highest risks that the Council faces.

DECISION:

·         To accept the report as an update on the steps the Council is taking to ensure there is a complete risk register in place and is being maintained

·         To accept the greatest risks the Council is facing and recommend rationalising the scoring procedure among departments

A report was submitted by the Assistant Head of Finance (Revenue and Risk) updating the Committee on developments in risk management arrangements and the next implementation steps. Members were reminded that one of the Committee's statutory responsibilities was to review and assess the authority’s arrangements for risk management, internal control and corporate governance, in accordance with part 81(1)(c) of the Local Government (Wales) Measure 2011.

It was explained that the risk register was a live document and was updated appropriately to reflect the Council's actual position. With the support of the IT Department, a new Corporate Risk Register was launched in March 2021 to facilitate the system to retain the register on Sharepoint rather than on an Excel spreadsheet.  It was reported that the new system offers a user-friendly facility for users in all departments to prioritise, update and review the register; however, ongoing work was needed to ensure that the use of the register was consistent across the Council. It was added that the evolution of the Council's performance management arrangements also included a formal discussion regarding the risk register in departmental performance management meetings once a year. It was considered that this was a motivation for departments to update the register and the actions being developed to alleviate risks.

The context of the expectation was explained and it was noted that there were 300 risks on the register, including four that had not been scored.  The scoring system was discussed and the need to alleviate this risk as low as possible within the resources and the effort available within the Departments. 

A request was made for Members to submit observations regarding the best method to present the report in the future. It was highlighted that there were 23 very high risks and these had been included as an appendix to the report and it was emphasised that it was the Departments themselves who had set the score. The need to reconcile the system was accepted and although discussions had been held with every department to challenge every very high score, it was reported that the Departments were comfortable with the score issued on the register. Members were reminded that it was the responsibility of the Committee to ensure that a risk management system was in place and this did not mean that every individual risk would be considered in detail. However, if the Committee wished to receive further information regarding a specific risk, then it would be possible to invite the Departments to a meeting to expand on this risk. 

Thanks was given for the report

During the ensuing discussion, the following observations were made by members:

·         the impact of furlough needed to be reviewed

·         the tourism score needed to be reviewed

·         serious shortages in residential and nursing and home care provision - the score needed to be reviewed and the risks of staff leaving these services needed to be considered

·         safety of maritime staff - body cameras for the service needed to be prioritised

Observations regarding the  ...  view the full minutes text for item 7.

To update the Committee about Gwynedd Council's cyber security resilience, and to give members an opportunity to scrutinise the situation. There has been coverage of cyber-attacks in the news recently, and with an increase in our dependency on and use of technology, it is timely to report on what is happening locally in the Council

DECISION:

To accept the information

To thank the Information Technology Department for its support

Submitted, for information, a report by the Assistant Head of Finance - Information Technology updating the Committee about Gwynedd Council's cyber security resilience, and the provision in place to alleviate the risk of a cyber-attack.  The measures that are in place to seek to prevent an attack were discussed as well as those that respond effectively to those risks. Reference was made to two recent local incidents that were evidence that cyber-attacks are a real threat and therefore challenged the Information Technology Service to secure the resilience of their defences and their ability to recover from a vulnerable situation if those defences fail.

Reference was made to the risks and measures that are in place and it was highlighted that the service had appointed a Cyber Security Apprentice to join the team in September 2021.  It was added that the perpetrators regularly adapted their cyber-attack methods and therefore the Council reviewed its measures regularly with third party support.  It was noted that the Council was currently in a good place, but an element of risk always existed.

Members expressed their thanks for the report and for the work the Service undertakes to protect the Council from cyber-attacks. It was added that it had to be accepted that the Service was doing everything within its powers and everyone should be confident that the Service was operating appropriately.

In response to a question if the cyber-attack risk had been included on the corporate risk register, it was confirmed that the risk had been included and was assessed as 'medium risk'

                DECISION:

·           To accept the information

·           Gratitude was expressed to the Information Technology Department for their support.