Risk and Assurance Committee

Open Minutes

Commencing:               Thursday 7 December 2023, 9.30am

Venue:                           Council Chambers, Regional House, 1 Elizabeth Street, Tauranga

Chairperson:                 Cr Stuart Crosby

Deputy Chairperson:   Bruce Robertson (Independent Member)

Members:                      Cr Ron Scott

Cr Andrew von Dadelszen

Cr Te Taru White

Cr Kevin Winter

In Attendance:             Councillors: Cr Matemoana McDonald (via Zoom); Cr Jane Nees (via Zoom)

Staff: Fiona McTavish – Chief Executive; Mat Taylor – General Manager Corporate; Chris Ingle – General Manager, Integrated Catchments; Reuben Fraser – General Manager, Regulatory Services; Steve Groom – Governance Manager; Evaleigh Rautjoki-Williams – Digital Manager (Chief Digital Officer); Steve Slack – Risk & Assurance Manager; Aaron Huggins – Principal Internal Auditor; Mark Lennard – Internal Audit Advisor; Jo Pellew – Rates Manager; Annabel Taylor – Manager, Special Projects; Monique Brooks - Legal and Commercial Manager; Jenny Teeuwen – Committee Advisor

Apologies:                    Chairman Doug Leeder (Ex Officio)

 

 

Committee members and the public were reminded that the public section of the meeting was being livestreamed and recorded and that the recording would be available on the Bay of Plenty Regional Council YouTube channel following the meeting.

Recording link:  Risk and Assurance Committee - 7 December 2023 - YouTube

 

1.     Apologies

Resolved

That the Risk and Assurance Committee:

1         Accepts the apology from Chairman Doug Leeder for absence tendered at the meeting.

Crosby/von Dadelszen

CARRIED

 

2.     Order of Business

There was no change to the order of business; however, it was noted that Item 8.3 - Audit Engagement Letter: Audit of the Consultation Document on Long-Term Plan for the period commencing 1 July 2024 – has been withdrawn from the agenda.

 

3.     Declaration of Conflicts of Interest

Bruce Robertson, Independent Member, declared an interest that, as the Independent Member for Tauranga City Council’s (TCC) Strategy, Finance and Risk Committee, he had been engaged to undertake some work for TCC around the development of Tauriko West which would involve a level of consenting with Bay of Plenty Regional Council Toi Moana (BOPRC).  Whilst this conflict was not an issue for this agenda, this Committee needed to be mindful of this conflict going forward.

 

4.     Minutes

Minutes to be Confirmed

4.1

Risk and Assurance Committee Minutes - 5 October 2023

 

Resolved

That the Risk and Assurance Committee:

Confirms the Risk and Assurance Committee Minutes - 5 October 2023 as a true and correct record, subject to the following amendment:

·          Item 3.3 – Progress update on the Draft Annual Report for the year ended 30 June 2023 – third bullet point under In Response to Questions, PPS was incorrectly recorded as price per share, this should read perpetual preference shares.

von Dadelszen/White

CARRIED

 

5.     Reports

5.1

Chairperson's Report

Presented by:    Mat Taylor – General Manager, Corporate

Key Points

·         Noted that the March 2024 – September 2024 work programme may be amended as/if required to address any new government directives.

In Response to Questions

·         Requested that a report on BOPRC’s employment practices and associated risks be included in the work programme.  A report on this would be considered for a future meeting of this Committee.

9.37am - Cr Nees entered the meeting (via Zoom)

·         Discussion occurred on the review of BOPRC’s risk register and when this was likely to occur in the work programme, particularly in view of the risks being identified through the long term plan (LTP) process.  The draft LTP and consultation document would be presented to Council at its public meeting on 14 December 2023 for adoption for audit. A risk workshop would then be held to consider BOPRC’s risk register, including the risks that flowed from the delivery of the LTP objectives.  This workshop was scheduled for March 2024.

·         The scope of how the risks associated with BOPRC’s operational expenditure may be considered by this Committee, would be brought back to the March 2024 meeting, with a view for this to be to discussed, if approved, at the June 2024 meeting following completion of LTP deliberations when the operational expenditure totals would be known.

 

 

Resolved

That the Risk and Assurance Committee:

1         Receives the report, Chairperson's Report.

Crosby/Robertson

CARRIED

 

5.2

Assessment of Bay of Plenty Regional Council's practice in relation to the Ombudsman's "Open for Business" report on the use of workshops

Presented by:    Steve Groom – Governance Manager

Key Points

·         Provided a brief overview of the Ombudsman’s report. 

·         25 ‘expectations’ had resulted from the investigation.  BOPRC was currently in full alignment with 16, partially aligned with a further five, and not aligned with four.

In Response to Questions

·         Mechanisms were already in place through Standing Orders to note divisions/abstentions when voting.  If recording individual votes for every item was made compulsory, this would require an amendment to Standing Orders.

Key Points - Members

·         The recording of individual elected members votes for every item was not supported.

 

 

Resolved

That the Risk and Assurance Committee:

1         Receives the report, Assessment of Bay of Plenty Regional Council's practice in relation to the Ombudsman's "Open for Business" report on the use of workshops;

2          Endorses the actions identified in section 2.2 of this paper for internal implementation; and

3          Endorses the preparation of a paper for consideration by full Council in February 2024, seeking Council’s endorsement of the proposed ‘Council-owned actions’ in section 2.2 of this paper.

Crosby/White

CARRIED

 

5.3

Artificial Intelligence Update

Presentation:     Artificial Intelligence (AI): Objective ID A4559468  

Presented by:   Evaleigh Rautjoki-Williams - Digital Manager (Chief Digital Officer)

Key Points

·         Provided examples of how BOPRC staff were using artificial intelligence (AI) in everyday work.

·         Provided a demonstration of Microsoft Bing Chat.  This platform was being promoted for staff to use.  Bing Chat was a secure generative AI platform that followed ethical guidelines and protected the organisation’s data.  It was part of the organisation’s existing Microsoft licence agreement so did not come at an extra cost.

·         Bing Chat would be used for publicly available information only.

·         Demonstrated how AI could be used to change the way BOPRC worked and provide real efficiencies, using water meter photos and consent submissions for notifiable consents as examples.

In Response to Questions

·         The Bing Chat product protected the organisation’s information i.e. did not save the information and use it to train the AI, whereas other tools e.g. Chat GPT, captured information and stored it within their system.

·         A privacy assessment had been undertaken for Bing Chat to ensure it was secure for BOPRC use. 

·         Acknowledged that this was still an emerging learning space, both for opportunities and risks.  Staff were continually monitoring the best practice advice via BOPRC’s vendors as well as other government agencies, and were working collaboratively to share information and how risks were being addressed.

·         A staff network had been established to explore emerging AI opportunities and maintain guidelines according to those emerging opportunities.  BOPRC would continue to ensure staff had the support they needed to ensure they could utilise these tools safely.

·         It was expected that some submissions to BOPRC’s LTP would be generated using an AI tool. 

·         It was hoped that the use of AI tools would alleviate some of the work pressure on staff working though submissions and other administrative heavy processes.

·         Staff effort/time/cost invested in AI had been integrated into business as usual. 

·         Bing Chat had different settings which could be applied; however, it was recommended that generated content was reviewed to ensure that the information was correct and read as required.

Key Points - Members

·         Suggested an update be provided in 12 - 18 months time to track how AI was advancing within the organisation.

 

 

Resolved

That the Risk and Assurance Committee:

1        Receives the report, Artificial Intelligence Update.

von Dadelszen/White

CARRIED

 

5.4

Rates Risk Report - Implementation of the Rates Assessment and Collection Process

Presented by:    Jo Pellew – Rates Manager

Annabel Taylor – Manager, Special Projects

In Response to Questions

·         The spike in customer queries and long wait times in the first year of rates collection was only for a short period of time (two to three days) and was management quickly – 1,100 queries reduced to 100 within four days.  Response times had been much quicker this year.

 

 

Resolved

That the Risk and Assurance Committee:

1          Receives the report, Rates Risk Report - Implementation of the Rates Assessment and Collection Process.

Crosby/Winters

CARRIED

 

5.5

Internal Audit Status Update

Presented by:   Aaron Huggins – Principal Internal Auditor

In Response to Questions

·         The internal audit programme was currently on track.  The programme could be fluid at times and flexibility was needed.

·         Currently, there were no particular roadblocks to closing out management actions but this was dependent on the workload of the team responsible and the complexity of the audit actions.  Progress/slippage would be reported in status updates going forward.

·         The risk management review was a long term project and was currently in progress.  This review was an improvement recommendations only project, not an audit.

 

 

Resolved

That the Risk and Assurance Committee:

1          Receives the report, Internal Audit Status Update.

Crosby/von Dadelszen

CARRIED

 

6.     Public Excluded Section

Resolved

Resolution to exclude the public

1       Excludes the public from the following parts of the proceedings of this meeting as set out below:

The general subject of each matter to be considered while the public is excluded, the reason for passing this resolution in relation to each matter, and the specific grounds under section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are as follows:

Item No.

Subject of each matter to be considered

Reason for passing this resolution in relation to each matter

Grounds under Section 48(1) for the passing of this resolution

When the item can be released into the public

3.1

Public Excluded Risk and Assurance Committee Minutes - 5 October 2023

As noted in the relevant Minutes.

As noted in the relevant Minutes.

To remain in public excluded.

3.2

Completed Internal Audit Reviews & Overdue Actions Update

Withholding the information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely to prejudice the supply of similar information, or information from the same source, and it is in the public interest that such information should continue to be supplied.

48(1)(a)(i) Section 7 (2)(c)(i).

On the Chief Executive's approval.

3.3

Key Risk Register

Withholding the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

48(1)(a)(i) Section 7 (2)(j).

On the Chief Executive's approval.

3.4

Flood Implications Work Programme

Withholding the information is necessary to maintain legal professional privilege.

48(1)(a)(i) Section 7 (2)(g).

To remain in public excluded.

Robertson/Scott

CARRIED

 

10.35am – the meeting adjourned.

 

11.00am – the meeting reconvened in Public Excluded.

 

11.40am – the meeting closed.

 

 

Confirmed                                                                                                                   

                                                                                                             Cr Stuart Crosby

Chairperson, Risk and Assurance Committee