To receive the annual Civil Contingencies Update.
Minutes:
The Resilience Manager introduced this item. She said that the last 12 months had been very busy with 16 recorded incidents compared to two the previous year.
She explained that the Council was working with partners in the Norfolk Resilience Forum to help plan for a no-deal exit from the EU. Most of the planning was sensitive so she advised that any questions relating to this should be directed to herself.
The Resilience Manager then outlined the business continuity incidents from the previous 12 months, highlighting the media response to the sand martins netting as a particularly challenging incident.
She then spoke about business continuity management arrangements and the introduction of new more user-friendly templates for Business Impact Analysis (BIA) and Business Continuity Plan documents. The BIA template would be introduced by the end of March 2020, with the Corporate Business Continuity Plan being revised based on the data from the BIAs.
The Resilience Manager then outlined emergency planning incidents from the previous 12 months. She explained that staffing issues within the Environment Agency were having a knock-on effect causing issues for flood wardens and local communities. A session was being planned with other local authorities and community representatives to address concerns.
She concluded by saying that there was a resource issue in the Civil Contingencies team and this meant that it was less strategic than she would like. It was hoped that this could be addressed by providing a development opportunity within the team.
1. The Chairman asked for more information on the proposed session regarding the Environment Agency. The Resilience Manager explained that it would involve flood forecasting and talking through models. It was hoped that it could take place before the December high tides but this was looking unlikely. The purpose of it was to increase partners’ confidence levels. She confirmed that it was open to members to attend.
2. Cllr N Dixon asked the following in relation to the IT disruption at the Council offices in June 2019; was she satisfied with the adequacy of the action plan?, had the action plan been shared with the Governance, Risk & Audit Committee (GRAC) at all? And were there plans to include a process or mechanism to notify members of future IT problems – for example, by text message? The Resilience Manager replied that she was satisfied with the action plan. She had prepared it with input from the Head of IT & Business Transformation. The action plan had not been shared with GRAC and she was not sure who had signed it off. The Internal Audit Manager added that a business continuity audit was planned for Q4 and the action plan would be picked up as part of this process. In response to the last question regarding notifying members, the Resilience Manager confirmed that she would notify the Democratic Services Manager and that the IT department were looking at an NNDC wide option – such as WhatsApp groups.
3. The Chairman asked when the Resilience Manager saw the report from the Head of IT. She replied that she had provided her report to him in September but had not seen his response. The Monitoring Officer added that the Action Plan was shared with members as part of the Leader’s portfolio report to Council in September 2019.
4. Cllr Dixon said that he was mindful of the impact that the IT outage had had on the organisation and he felt that it should be scrutinised by a committee so that there was a higher degree of assurance. The Monitoring Officer replied that it could be brought back to GRAC. The Internal Audit Manager added that it could be incorporated into the scope of the Q4 audit review of business continuity.
5. The Chairman said that he wanted to clarify the process for agreeing the action plan for the IT disruption. He asked the Resilience Manager to confirm that she had prepared the initial document which the Head of IT had then contributed to before it was shared at Full Council. She said that this was correct. He then asked whether the information that the Head of IT had added was important to her and her role. She said that it was.
Supporting documents: