Sally Hendrick, Head of Audit and
Risk Management attended the meeting to present the Committee with
her annual internal audit opinion for 2017/18 in the order to
comply with the Public Sector Internal Audit Standards. It was noted that this was timed to inform the
review of the Annual Governance Statement (AGS).
The
Head of Audit and Risk Management advised the Committee that she
was able to provide reasonable assurance that there is a sound
system of control in place subject to some significant control
weaknesses as described in section 5.3 of the agenda report
including some general weakening in financial controls across the
Council.
During 2017/18 there had been some weakening in financial
control which had not been raised before. This was down to a number of reasons including
issues around the transaction processing of creditor payments and
debtor receipts as well as a result of the transformation process.
The Committee were advised this was due to issues with staff
sickness that had affected processing
as well as the reduction in the level
of support in departments before self- service tools are made
available to staff.
The
Head of Audit and Risk Management had also been concerned about the
reduction in the amount of monitoring of key performance indicators
(KPIs) in Finance which were an important measure to control and
assess what was happening.
Arising from the discussion the following points were
made:
- It
was explained that an internal audit provided opinions on controls
and the control environment, not just financial
control. It also provided opinions on
risk management and governance. The External Auditor assessed if
financial figures in the financial statements were true and fair
but did have sight of all internal audit reports.
- Although the definitions of assurance level were contained
within the report it was noted that the use of the word
‘significant’ was confusing as both an adjective
describing severity of issues and a positive level of
assurance. The Head of Audit and Risk
Management agreed to try to use an alternative descriptor going
forwards.
- It
was clarified that an opinion was given based on the level of
assurance and that if an area has no assurance level, the auditor
was not certain if things were happening properly therefore would
have ‘no opinion’. If an area had limited assurance
level then there were significant issues putting the objectives of
that area at risk. However the
Committee were advised that most audits were assessed at a
satisfactory assurance level.
- The Committee were updated that work was ongoing to review the
Council’s business continuity and disaster recovery plans to
reflect changes in working practices, the office move to Time
Square and that the Strategic Risk Management Group would oversee
this. To support this process the Chief
Officer for ICT would be taking a paper to CMT in late
summer.
- In
response to concerns raised by the Committee regarding the absence
of improvement in the Construction and Maintenance area highlighted
in the last three audits carried out over 18 months they were
advised that no further audit work would be undertaken in order to
allow management to address the issues raised. The Head of Audit and Risk Management agreed to
carry out a review to provide an update on their progress. The
Committee reflected that if no improvement was found, the
Governance and Audit Committee would ask the Director to
explain.
- The Head of Audit and Risk Management advised that there was
also no follow up planned for the LED lights area as the open book
contract had been audited and identified some issues resulting in a
limited assurance level. A good
relationship existed with Ringway and
they had already addressed the points raised therefore no further
audit work would have been useful as the chief officer and heads of
service monitoring the contract would
be responsible for taking issues forward.
- In
response to a question on how the Committee should proceed in
respect to concerns around weakening financial control, the Head of
Audit and Risk Management advised that the appropriate course of
action would be for the Committee to raise this with the Borough
Treasurer.
RESOLVED that the Head of Audit and Risk Management’s Annual Report setting out the Head of
Internal Audit’s Opinion for 2017/18 be
noted.