Agenda item

To receive and consider the Head of Audit’s annual internal audit opinion as required under the Public Sector Internal Audit Standards.

The Committee recived a report setting out the Head of Internal Audit’s Opinion for 2019/20.

The Council was required under the Accounts and Audit Regulations to undertake an adequate and effective internal audit of its accounting records and of its system of internal control in accordance with the proper practices in relation to internal control.

The Public Sector Internal Audit Standards applicable to local government requires that the Head of Internal Audit  provides a written report to those charged with governance timed to support the Annual Governance Statement. The report should include an overall opinion on the adequacy of the control environment, a summary of the work that supports the opinion and a statement on conformance with the Public Sector Internal Audit Standards (PSIAS).

The report set out the Head of Internal Audit’s Opinion for 2019/20, summarised the results and conclusions of Internal Audit’s work for 2019/20 and provided a

statement on compliance with the PSIAS.

A limited assurance opinion was given for the control environment for 2018/19 during 2019/20 audits have shown there has been real improvement throughout, however there are still quite a few audits where an adequate opinion hadn’t been given. In addition, when going back to re audit areas where significant weakness had previously been found in 2018/19 some of the weaknesses had still not been fully addressed.

 In some areas, management had asked for audits to be deferred to allow time for the improvements to be implemented, these were supposed to be happening in quarter 4, however due to the Covid-19 pandemic, staff were unable to access systems from home to do testing that was originally planned and theses area had other priorities due to the pandemic, so the audits had not taken place.

Due to all these factors a limited assurance had again been given for 2019/20, however read improvement had been made over the past year and real progress had been made in areas where major recommendations had been made. It was specifically noted in the opinion that the direction of travel was positive and if sustained a more favourable opinion was likely in 2020/21.

Attention was brought to section 4.3 of the report which set out the areas of significant weakness and controls and section 4.4 which showed the outcome of the follow up audits.

As a result of Members comments and questions, the following points were made:

·        The word adequate had been highlighted in bold on page 15 of the report, the Head of Audit and Risk Management explained that this was because she was confident that there were satisfactory controls around those areas and that proper arrangements were in place for effective risk management and governance.

·        P16 set out the scale, and adequate fell between good and partial.

·        The audit results were heading in the right direction, but this was a journey. In 2018/19 there was a significant number of areas with weaknesses found. These issues had been raised for a number of years but not addressed. The council was doing a lot of work to improve these areas.

·        A reduction of the number of major recommendations was needed going forward for the Head of Audit and Risk Management to be comfortable with the control environment.

·        There were still some areas of control that needed work, but a number of strategies and plans had been put in place to address these matters. Some of these were in areas that would take a while for results to be visible.

·        The Director: Resources agreed that it was not acceptable that there were continuous issues with purchase cards. The report did however detail that there had been significant improvements for example previously there had been lengthy delays between the purchase being made then authorised and this was now much tighter. There was also fewer issues with inadequate descriptions then this time last year. It was about record keeping which was important to get on top on rather then issues around spending. CMT had discussed that if there were continuous issues in areas then the cards would be withdrawn.

·        It was important that there be consistency with purchase cards.

·        CMT was taking the audits very seriously and were addressing the key areas of concern.

·        Some of the audits and actions had been taken by officers that were no longer with the Council and new officers had taken over the responsibility.

·        Positive progress was being made in areas where there had been concerns for a number of years.

·        CMT had decided that a working group was needed to look at the purchase card compliance and to identify what more needed to be done to tackle the issues.

·        The Chair was pleased to see that working groups had been set up to look at purchase cards and officer expenses.

·        Members asked if they could be part of the working group to assist in these matters.

·        There was a sense of frustration amongst the Committee members in regard to the progress, which was shared with the Director: Resources.

·        It would be difficult to sent timescales within the report, as it set out the situation at present and was out of the Head of Audit and Risk Management’s control. Within each internal audit there were timescales set against the recommendations. It was hard at present to give an estimate of when these might be met.

·        It was suggested that the working group set timescales for the recommendations and progress updates be brought back to the Committee.

·        It was commented that the issues around purchase cards were a procedural and management failure.

·        Opinions are given when audits are undertaken, in addition some audits are just a follow up and are limited to just focusing on the recommendations previously raised. In these cases, an opinion Is not given. If the weaknesses have not been met in the follow up then a major recommendation is raised instead.

·        The average spend on purchase cards was £200 per month per card.

·        IT auditors were brought in for IT audits and The Head of Audit and Risk Management would raise the question with the IT auditors around the cloud software on p20 and whether migration would remove this from the list and resolve a number of issues.

·        The Head of Audit and Risk Management felt very confident about Forest Care,as there had been a number of strategies put in place.

·        Social Care annual reviews had been an issue for many years and was quite a common problem in Local Authorities. They had done a lot of work and brought the numbers down from 246 that that were overdue, to 161. A program was in place to look at these, but this was an issue that had been raised for a number of years.

·        Public Health was an area of concern, the grant money was coming in every year but not being spent. This was followed up recently and they still hadn’t spent the unspent monies from over a year ago nor had the finalised a plan to how best utilise the money. As it could affect future funding in this area.

·        It was not a full review on Social Care, It was a partial review on a social care pathway, the whole system hadn’t been looked at in its entirety, therefore an opinion couldn’t be given.

·        The Head of Audit and Risk Management would have to report back to the committee in regards to the question about whether the audits were being looked against the GDPR excluding the derogations and if so why wasn’t the data protection act being used as the bench mark.

The Governance and Audit Committee noted the Head of Audit and Risk Management’s Annual Report setting out the Head of Internal Audit’s Opinion

for 2019/20.