TO: GOVERNANCE AND AUDIT COMMITTEE
23RD MARCH 2021
INTERNAL AUDIT PLAN 2021/22
(Head of Audit and Risk Management)
1 PURPOSE OF REPORT
1.1 The purpose of this report is to set out the underlying principles applied in the Internal Audit planning process and seek the Governance and Audit Committee’s approval of the Internal Audit Plan for 2022/23.
2 RECOMMENDATION
2.1 To approve the Internal Audit Plan for 2022/23 attached at Appendix A.
3 REASONS FOR RECOMMENDATION
3.1 To ensure that the Council meets its statutory responsibilities for internal audit.
4 ALTERNATIVE OPTIONS CONSIDERED
4.1 There is no alternative option.
5 SUPPORTING INFORMATION
Internal Audit Requirements
5.1 All local authorities must make proper provision for internal audit in line with the 1972 Local Government Act (S151) and the Accounts and Audit Regulations 2015. The latter states that authorities must “undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes, taking into account public sector internal auditing standards or guidance.” The Council delegates it statutory responsibilities for the provision of the internal audit service under the Accounts and Audit (England) Regulations 2015 to the Executive Director: Resources.
5.2 More specifically, Internal Audit aims to: -
· satisfy the legal requirements of a Local Authority Internal Audit Service and provide an annual opinion on the adequacy of the Council’s control environment risk management and governance processes;
· comply with Public Sector Internal Audit Standards;
· examine, evaluate and report independently and objectively on the adequacy of management’s arrangements to secure the proper use of resources (economy, efficiency and effectiveness);
· assist management in achieving its objectives, managing its risks and establishing and maintaining adequate systems of internal control;
· assist management, where appropriate, in the investigation of alleged fraud, theft, corruption or other irregularity; and
· ensure External Audit can place reliance on Internal Audit’s work to inform their planning, avoid duplication and minimise audit fees.
5.3 Internal Audit provides independent assurance on the control environment but for Internal Audit to provide full assurance on all activities and transactions across the organisation, the Council would need to commit significantly more resources to internal audit services than is realistically available. Historically, the Council has taken the view that spend on internal audit should be limited to only what is necessary to undertake sufficient audit work to enable an annual evidence based opinion to be given. Responsibility for the prevention and detection of fraud rests with management. However, in undertaking all audit assignments audits are mindful to the risk of fraud and fraud and look to ensure that managers have put adequate procedures in place to address the risk of fraud.
5.4 The 2022/23 programme will incorporate audits that had to be deferred from 2021/22. Delivery of these deferred audits will be prioritised during 2021/22.
5.5 The audits in the Council’s internal audit plan are delivered via a hybrid of in-house resource and outsourcing. Two external providers are used for audit. IT audit is delivered by TIAA Ltd and around a third of general audits are carried out by Wokingham Council Internal Audit Team. An in-house team was set up during 2021/22 with one senior auditor and one vacant senior auditor post. Two temporary senior auditors are currently backfilling and assisting with the backlog of audits due to the vacant post. Counter fraud is provided by Reading Borough Council Fraud Investigation Teams.
6 ADVICE RECEIVED FROM STATUTORY AND OTHER OFFICERS
Legal Advice
6.1 Nothing to add.
Financial Advice
6.2 There are no financial implications arising from the report. However, a strong internal control environment helps ensure that the Council is not exposed to unexpected financial risks and ensure value for money. The Internal Audit programme is focused primarily on key financial controls as well as high risk areas identified by the Head of Internal Audit and senior managers across the organisation. As such, it is to be expected that some areas may receive limited assurance reports. Where weaknesses are identified it is important that they are addressed as quickly as possible.
Equalities Impact Assessment
6.3 Not applicable.
Strategic Risk Management Issues
6.4 Robust internal audit arrangements are an important part of effective risk management. Audit plans should be targeted to areas of greatest risk to the Council and individual internal audit reviews should focus on controls in place to mitigate risk and highlight any gaps in assurance.
Climate Change Implications
6.5 Not applicable.
Health & Wellbeing Considerations
6.6 Not applicable.
7 CONSULTATION
Principal Groups Consulted
7.1 The Chief Executive, S151 Officer (Executive Director: Resources) , Directors and Assistant Directors, ICT and the Council’s internal audit services contractors (TIAA), DMTs and CMT.
Method of Consultation
7.2 The development of the Annual Internal Audit Plan has involved extensive consultation with a range of stakeholders, to ensure that their views on risks and current issues, within individual departments and corporately, are identified and considered. This was based on one to one discussions with senior officers noted above and TIAA as our key internal audit service providers for IT audit.
Representations Received
7.3 Not applicable.
Background Papers
Public Sector Internal Audit Standards
Internal Audit Charter
Contact for further information
Sally.hendrick@bracknell-forest.gov.uk
01344 352092