Audit, Standards & General Purposes Committee
Subject: Code of Corporate Governance and Risk Management Framework
Date of meeting: 27th January 2026
Report of: Director of People and Innovation
Contact Officer: Name: Rima Desai, Luke Hamblin
Email: rima.desai@brighton-hove.gov.uk, luke.hamblin@brighton-hove.gov.uk
Ward(s) affected: All
1. Purpose of the report and policy context
1.1
Our vision is to deliver a better Brighton & Hove for
all where everyone can thrive as part of a healthy, fair and
inclusive City and this report provides key details on the
Council’s governance and risk arrangements that underpin
delivery of the Council Plan.
1.2 The report includes the Council’s updated Code of Corporate Governance, which forms part of the Council’s constitution and sets out how the council’s governance arrangements work towards meeting the seven principles of good governance, based on the ‘Delivering Good Governance in Local Government Framework 2016’ published by The Chartered Institute of Public Finance & Accountancy (CIPFA).
1.3 The report also includes our Risk Management Framework. Cabinet is responsible for ensuring that the council has a robust risk management framework in place with Audit, Standards and General Purposes Committee providing assurance on the adequacy and effectiveness of the risk management framework.
1.4 The Code of Corporate Governance and Risk Management Framework directly support the Council Plan Outcome 4: A responsive council with well-run services – Good governance and financial resilience.
2. Recommendations
2.1 Committee approve the Code of Corporate Governance as included in appendix 1.
2.2 Committee note the current Risk Management Framework as included in appendix 2. Any feedback from the committee will be taken into account when refreshing the Risk Management Framework for approval by Cabinet.
3. Code of Corporate Governance
3.1 The Code of Corporate Governance, detailed in appendix 1, is a part of Brighton & Hove Council’s Constitution, which sets out how the council conducts its business, including: who is responsible for making decisions and how decisions are made, procedural matters (standing orders), the role of officers and standards and ethical governance
3.2 We have used the CIPFA/SOLACE guidance, refreshed in 2021, to comply with the Good Governance Framework which sets our seven core principles to achieve good governance as follows:
A. Behaving with integrity, demonstrating strong commitment to ethical values, and respecting the rule of law
B. Ensuring openness and comprehensive stakeholder engagement
C. Defining outcomes in terms of sustainable economic, social and environmental benefits
D. Determining the interventions necessary to optimise the achievement of the intended outcomes
E. Developing the entity’s capacity, including the capability of its leadership and the individuals within it
F. Managing risks and performance through robust internal control and strong public financial management
G. Implementing good practices in transparency, reporting, and audit, to deliver effective accountability.
3.3 The responsibilities of the Audit, Standards and General Purposes Committee in the Council’s Constitution includes the independent scrutiny and examination of the Council’s financial and non-financial processes, procedures and practices to the extent that they affect the Council’s control environment. Committee should ensure the council has a sound system of internal control which facilitates the effective exercise of its functions and the achievement of its aims and objectives as required by regulation 3(a) of the Accounts and Audit Regulations 2015
3.4 Performance management is a key part of our governance and leadership, and fundamental to ensuring the council delivers its intended outcomes. Following a Corporate Peer Challenge in April 2025, the council received the following feedback from the review team:
The council has a comprehensive and structured Performance Management Framework (PMF) in place, which plays a critical role in supporting the delivery of its Council Plan outcomes. The PMF enables the organisation to monitor, assess, and improve performance at the individual, service, and organisational levels.
As a Best Value Authority, the council recognises its duty to secure continuous improvement in the exercise of its functions, with a clear focus on economy, efficiency and effectiveness. The PMF is designed around eight interconnected components that collectively drive ongoing improvement. These elements ensure a holistic understanding of performance across the council. Most services contribute to multiple aspects of the framework, reinforcing a culture of shared responsibility for improvement.
Delivery against the Council Plan is tracked through a combination of corporate key performance indicators (KPIs), progress updates on the Corporate Leadership Plan, and performance reporting aligned to each of the PMF’s elements. The Corporate Leadership Plan itself translates the strategic ambitions of the Council Plan into priority activities, providing a mechanism to ensure accountability, transparency, and demonstrable impact.
3.5 Our corporate governance is aligned to our Learning Framework
4. Risk Management Framework
4.1 The council operates a Risk Management Framework, detailed in appendix 2, which outlines the processes and controls in place to manage risks that may impact the council’s ability to deliver the Council Plan. This has been updated to take account of feedback provided by the Corporate Peer Challenge team. The current Strategic Risk Register is detailed in appendix 3.
4.2 Our Risk Management approach was audited in 2024/25 and received ‘reasonable assurance’. The purpose of the audit was to provide assurances that the controls are in place to meet the following objectives:
· The Council has in place a robust Risk Management Framework which facilitates effective identification, assessment and response (where appropriate) to risks.
· Management ensure that risks are subject to appropriate identification, assessment and response (where appropriate) in accordance with the organisation’s Risk Management Framework.
· Effective mitigations are in place to minimise the impact and / or likelihood of occurrence of the risks identified.
· Robust reporting arrangements are in place to allow for effective senior officer and Member oversight.
4.3 The Peer Review team provided the following feedback on risk:
To fully maximise the benefits of this new system (Cabinet and Leader system), attention must now be given to the quality and usability of risk management information. Risk reporting should be enhanced to provide clearer, more focused outputs, including succinct executive summaries that highlight key risks, mitigations and implications. This will help both members and officers engage more effectively with risk and make well-informed, proportionate decisions. A more tailored and accessible approach to risk information will also support stronger scrutiny, oversight and assurance.
In addition, there is a need to clarify the council’s risk appetite. During the peer challenge it was not clear to the team what level of risk the organisation is willing to accept or tolerate in different decision-making contexts, whether in commercial ventures, innovation, service transformation, or capital projects. A clear articulation of risk appetite, aligned with the council’s strategic ambitions and financial resilience, would enable officers and members to take measured risks confidently and responsibly.
4.4 The responsibilities of the Audit, Standards and General Purposes Committee in the Council’s Constitution includes the independent scrutiny and examination of the Council’s financial and non-financial processes, procedures and practices to the extent that they affect the Council’s control environment. Committee should ensure the effectiveness of the council’s arrangements for the management of risk as required by regulation 3(c) of the Accounts and Audit Regulations 2015.
4.5 Our Risk Management Framework is aligned to our Learning Framework
5. Analysis and consideration of alternative options
5.1 The council regularly reviews and strengthens its Risk Management Framework to ensure that it remains fit for purpose.
5.2 Risk management is audited annually by Internal Audit and reported to Audit, Standards and General Purposes Committee, with any recommendations and feedback considered as part of the review process.
5.3 Risk management is an essential part of our governance arrangements and one of the eight elements that make up the council’s Performance Management Framework.
5.4 The council regularly reviews the Code of Corporate Governance to ensure it remains reflective of governance arrangements.
6. Community engagement and consultation
6.1 This is an internal matter to comply with legislation and as such no engagement or consultation has been undertaken in this regard.
7. Conclusion
7.1 The Code of Corporate Governance forms a key part of the council’s drive to ensure continuous improvement in the way the council operates. Members of the Audit & Standards Committee should consider and approve the proposed update.
7.2 The council believes it has a robust Risk Management Framework as evidenced by this report to meet the challenges of delivering services in the financial context that local authorities are working in.
8. Risk implications
8.1 This report invites scrutiny on the Council’s Risk Management Framework, which establishes a structured and consistent approach to identifying, assessing, and managing risks across the council. The framework is designed to strengthen governance, support informed decision-making, and enhance resilience in service delivery.
8.2 The framework aligns with statutory obligations and best practice standards, ensuring compliance and transparency. It defines the Council’s risk appetite and provides clear roles and responsibilities for managing risk at all levels.
9. Financial implications (previous text)
9.1 There are no direct financial implications arising from the report. However, the Code of Corporate Governance and Risk Management Framework ensure that the council has in place clear policy and practice for the stewardship of public money and ensures that appropriate consideration of risk is given to all decision-making at both officer and member level. They also provide clear standards of compliance and conduct and enable internal and external auditors and inspectorates to assess effectiveness of the arrangements and compliance with the code.
Finance officer consulted: John Hooton Date: 14/01/2026
10. Legal implications
10.2 The Council has delegated to its Audit, Standards & General Purposes Committee the responsibility for carrying out independent scrutiny of the Council’s processes, procedures and practices to the extent that they affect the Councils control environment and exposure to risk. This Committee is the correct body for reviewing the Council’s risk management framework, having been delegated the task of providing reassurance on the adequacy and effectiveness of that framework.
10.3 All corporate Strategic Risks potentially have legal implications. Strategic Risk details are reported to Cabinet; these include reference to key implications.
10.4 The committee is reminded that in the exercise of all its functions it must have due regard under section 149 Equality Act 2010 to the need to (a) eliminate discrimination, harassment, victimisation or other prohibited conduct, (b) to advance equality of opportunity and (c) foster good relations between persons who share a relevant protected characteristic and those who do not share it. Reference is made in the equalities implications section below to the equalities related risk identified that helps to demonstrate consideration of this duty and there is also reference to the Fair and Inclusive Action Plan and other plans and policies in the Code of Corporate Governance have equality implications included.
Name of lawyer consulted: Allan Wells Date consulted: 17/12/2025
11. Equalities implications
11.1 Being a fair and inclusive city is one of the four outcomes of the Council Plan
and the Risk Management Framework details the processes and procedures that ensure consistent and robust identification and management of risks within desired levels across the council, supporting openness, challenge,
innovation and excellence in the achievement of council objectives.
11.2 The council has a strategic risk linked to equalities detailed in appendix 3
12. Sustainability implications
12.1 The council has a strategic risk linked to Net Zero and the adaptation and mitigation of climate change detailed in appendix 3.
Supporting Documentation
1. Appendices
1. Code of Corporate Governance
2. Risk Management Framework
3. Strategic Risk Register
2. Background documents
1. None