Paper 4: 24 March 2023

Page 1 of 2

For Dis­cus­sion

Title: Stra­tegic Risk Management

Pre­pared by: Dav­id Camer­on, Deputy Chief Exec­ut­ive & Dir­ect­or of Cor­por­ate Services

Pur­pose

1. This paper sup­ports a review by the Com­mit­tee of the Cairngorms NPA’s stra­tegic risk man­age­ment position.

Recom­mend­a­tions

The Audit and Risk Com­mit­tee is asked to:

a) Con­sider the cov­er­age and adequacy of the Cairngorms NPA’s stra­tegic risk man­age­ment pos­i­tion and advise on any gaps or amend­ments required to the cur­rent stra­tegic risk register.

Exec­ut­ive Summary

1. The Cairngorms NPA’s most recent stra­tegic risk register and stra­tegic risk man­age­ment pos­i­tion is set out as Appendix 1 to the Azets Intern­al Audit Plan for ²⁰²³⁄₂₄. This doc­u­ment has not been repeated as an Annex to this item, with mem­bers able to cross-ref­er­ence the stra­tegic risk pos­i­tion as set out in sup­port of the Intern­al Audit Plan.

2. The Park Author­ity is now at a trans­ition­al point as regards its stra­tegic risk man­age­ment. The new cor­por­ate plan for ²⁰²³⁄₂₄ to ²⁰²⁶⁄₂₇ will be con­sidered by the board meet­ing which pre­cedes this Com­mit­tee meet­ing. We plan to have a risk man­age­ment work­shop with the full board on Fri­day 26 May in order to both train board mem­bers on approach to stra­tegic risk man­age­ment and also con­sider the redevel­op­ment or renew­al of the stra­tegic risk register to best suit the new Cor­por­ate Plan and views of the board on the stra­tegic risks around deliv­ery of the agreed stra­tegic object­ives set out in that plan. The cur­rent stra­tegic risk register there­fore has a lim­ited peri­od of remain­ing validity.

Page 2 of 2

1. It remains import­ant to con­tin­ue con­sid­er­a­tion of the Park Authority’s cur­rent stra­tegic risk envir­on­ment in this trans­ition­al peri­od. The Com­mit­tee is there­fore invited to con­sider the cur­rent cov­er­age of the stra­tegic risk register as set out in Appendix One to the Intern­al Audit Plan. Poten­tial risk move­ments are noted as:

a. A1 Down­ward trend in fin­an­cial risk giv­en budget pos­i­tion presen­ted to board on 24 March and sub­ject to board views on that budget pos­i­tion. b. A13 Escal­at­ing risk of CNPA IT ser­vices are not suf­fi­ciently robust/​secure/​or well enough spe­cified to sup­port effect­ive and effi­cient ser­vice deliv­ery in con­text of Azets data man­age­ment report. c. A16 Down­ward trend assess­ment regard­ing scale of asset respons­ib­il­it­ies such as for paths, out­door infra­struc­ture is not adequately recog­nised and does not secure adequate for­ward main­ten­ance fund­ing giv­en ongo­ing fund­ing alloc­ated in budget and sub­ject to board views on the budget pos­i­tion. d. A17 Escal­at­ing risk of increas­ing ICT depend­ency for effect­ive and effi­cient oper­a­tions is not adequately backed up by ICT sys­tems sup­port in con­text of Azets data man­age­ment report.

1. The Committee’s views on these poten­tial amend­ments are wel­comed as are any oth­er thoughts on the cur­rent status of the stra­tegic risk register.

Dav­id Camer­on 16 March 2023 davidCameron@​cairngorms.​co.​uk