The Head of Internal Audit and Corporate Anti-Fraud will submit a report presenting a comprehensive overview of the key activities and findings of Internal Audit based on the Service’s work for the whole of the second quarter of the 2017/18 audit year.
The Head of Internal Audit and Corporate Anti-Fraud submitted a report providing a comprehensive overview of the key activities and findings of Internal Audit based on the Service’s work covering the whole of the second quarter of the 2017/18 audit year.
The report covered:
· The issues arising from completed Internal Audit work in the period
· Matters that had required investigation
· An opinion on the ongoing overall assurance Internal Audit was able to provide based on the work undertaken regarding the adequacy and effectiveness of the Authority’s internal control environment
· Progress on the delivery of the Internal Audit Plan for the period up to the end of the second quarter of 2017/18
· Details of Internal Audit’s performance for the quarter utilising performance indicators
Internal Audit work undertaken during the period did not identify any fundamental recommendations, however, a notional ‘no assurance’ opinion was given arising from the review into the Highways Design and Construction Service
The internal control assurance opinion overall remained adequate based on the results of the work undertaken during the quarter.
Of the 39 recommendations followed up, 33% had been implemented by the original target date, 23% had been implemented after the original target date and 44% had not been implemented, with revised implementation dates being agreed by management.
In relation to the Audit Plan, actual days delivered were in line with the profile for the first half of the year.
Quarterly performance of the function was generally satisfactory. The Performance Indicators relating to chargeable time was slightly below profile but this was due, in the main, to the bedding in of the newly appointed Audit Manager and Principal Auditor. These officers were now working to capacity and the percentage of chargeable time was rising accordingly.
In the ensuing discussion, and in response to detailed questioning, the following matters were highlighted:
· 16 reviews were currently ongoing with five in the draft report stage
· Work was ongoing to understand why audit recommendations were not being implemented by the agreed target dates given that these were agreed by the service in question. Internal Audit were providing challenge about the setting of dates and how achievable these were.
· Appendix 2 to the report indicated that whilst only one report had been issued during the quarter, this did not represent the entire output of the Service. Outcomes from the Service’s increasing consultancy based audit work were not included. It was noted that such reviews tended to be less tangible and/or less formal than the traditional audit reporting reviews. The objective when conducting this type of work was to deliver a more flexible approach to Internal Audit by providing ‘real time’, added value feedback during the audit year. The Head of Internal Audit and Corporate Anti-Fraud emphasised that all internal audit work contributed to the overall annual opinion
· In relation to the failure to adhere to timescales, there was a discussion as to how various aspects of a Manager’s Performance Indicators in relation to the requirement to meet corporate compliance targets could or should be incorporated into the organisations Improvement Framework. In this way, Managers could then be held fully accountable for their actions in relation to the implementation of audit recommendations. The Head of Internal Audit and Corporate Anti-Fraud commented on the varying reasons for the delay in implementing recommendations and that a further analysis of those reasons would assist in challenging whether or not originally suggested timescales were relevant/appropriate
· It was noted that one fundamental recommendation had been given a revised target date for completion. An update on this would be provided to a future meeting
· In response to specific questioning, there was a discussion about subsidiary companies/organisations and the way in which systems and processes were audited or scrutinised in terms of financial management and governance.
· The Head of Internal Audit and Corporate Anti-Fraud gave a brief outline of the organisations in which the Authority was involved. He made reference the varying methods in which such organisations were held to account and within this context commented on financial management arrangements, the partnership and relationship/governance arrangements as well as the ways in which issues of concern could be escalated.
· The Risk and Governance Manager commented that these types of issue were being expressed within the AGS Framework document an update on which was to be submitted to the next meeting. In this respect, the Committee could, under its new Terms of Reference, call in the lead officer concerned if Members had any particular concerns.
· Arising out of the above discussion, the Executive Director Core Services briefly commended on lessons learned from the Digital Region Company in relation to the identification and management of risks
· The Committee noted that the Council’s External Auditor KPMG audited companies that were 100% owned by the Authority
(i) that the issues arising from the completed internal audit work for the period along with the responses received from management be noted;
(ii) that the assurance opinion on the adequacy and effectiveness of the Authority’s Internal Control Framework based on the work of Internal Audit in the period to the end of September 2017 be noted;
(iii)that the progress against the Internal Audit Plan for 20117/18 for the period to the end of September 2017 be noted; and
(iv)that the performance of the Internal Audit Division for the second quarter be noted.