Agenda item

The Head of Internal Audit and Corporate Anti-Fraud will submit a report providing a comprehensive overview of the key activities and findings of Internal Audit based on the Division’s work covering the fourth quarter ending 31^st March, 2017.

The Head of Internal Audit and Corporate Anti-Fraud submitted a report providing a comprehensive overview of the key activities and findings of Internal Audit based on the Division’s work covering the fourth quarter ending 31^st March, 2017.

The report covered:

·         The issues arising from completed Internal Audit work in the period

·         Matters that had required investigation

·         An opinion on the ongoing overall assurance Internal Audit was able to provide based on the work undertaken regarding the adequacy and effectiveness of the Authority’s internal control environment

·         Progress on the delivery of the Internal Audit Plan for the period to the end of the final quarter of 2016/17

·         Details of Internal Audit’s performance for the quarter utilising performance indicators

Reports issued and the Internal Audit work completed during the period had raised one fundamental recommendation relating to a data management issue. 

Internal control assurance opinion overall remained adequate based on the results of the work undertaken during the quarter.

Of the 9 recommendations followed up, 67% had been implemented by the original target date and 33% had not implemented with revised implementation dates being agreed by management.

In relation to the Audit Plan, actual dates days delivered were 97 (7%) below that planned at the end of the financial year.

Overall, Divisional performance remained satisfactory and all Performance Indicators were either on or exceeding target levels.

The annual report would be presented to the June meeting of the Committee and this would summarise all Internal Audit activity and performance for the year.  This would be presented for consideration alongside the draft Annual Governance Statement.

In the ensuing discussion, and in response to detailed questioning, the following matters were highlighted:

·         As reported at the January meeting, the number of days delivered was below that planned because the final quarter of the year had been geared primarily towards external clients.  It was important to note, however, that none of the variances impacted on the ability to provide an assurance opinion

·         Arising out of the above discussion, reference was made to the rationale for the deferral or deletion of items from the Audit Plan which had been undertaken and agreed in consultation with management.  In this respect, particular reference was made to the deletion of the Process re-engineering Review (Highways, Local Roads) on the basis that the client no longer required the review as this was being covered through a different piece of work.

·         It was noted that the statistical data showed an improving position compared to the previous year

·         It was pleasing to note the positive feedback for the work undertaken within the fourth quarter

·         Concern was expressed in relation to the Management of Personnel and Confidential Information and the use of ‘H’ drives as this had implications for the accessibility of information and potentially impacted on management reporting and decision making.  The recommendation had an implementation date of 30^th June, 2017 but an update would be provided for the next meeting.  This piece of work had been commissioned by Children’s Services but was in fact a far wider issue.  Arising out of the discussion, reference was made to the reasons for staff continuing to use network drives which were largely based upon historical factors as well as a legacy system that had proved problematical.  The Authority had now adopted ‘SharePoint’ as its primary repository for the storage and retrieval of information and services were being moved onto this system on a phased basis.

·         Referring to the Receipt and Banking of Income and particularly as this related to the merchant copy of receipts retained by Cannon Hall, the Head of Internal Audit and Corporate Anti-Fraud commented that an update would be provided on the safe custody of receipts as in various areas, the Authority was not compliant with industry standards.  In this respect reference was also made to the incorrect allocation and collection of VAT which, although not of great value, was nevertheless being addressed

·         In relation to the follow up protocol of key issues, it was noted that this was dependent upon the significance of the issue identified

·         Reference was made to the importance of services maintaining operational independence and in response to questioning the Head of Internal Audit and Corporate Anti-Fraud stressed that the service was not in a position to veto management decisions.  The Internal Audit Service was there to act as critical friend and to challenge and there was a good understanding within the Authority of the role of Internal Audit

·         The Director of Core Services reported that work on the Register of Interests had been deferred until 2017/18 which was to allow flexibility within the work plan.  The audit had been instigated to ensure that systems were compliant, however, the Governance and Member Support Service was extremely proactive in ensuring that the Register was maintained

·         Referring to Appendix  1 of the report, Mr Moore (KPMG) stated that it was important for him to meet with representatives from Internal Audit to ensure that there were no significant issued relating to areas where there was only limited assurance opinion

RESOLVED

(i)            that the issues arising from the completed internal audit work for the period along with the responses received from management be noted;

(ii)          that the assurance opinion on the adequacy and effectiveness of the Authority’s Internal Control Framework based on the work of Internal Audit in the period to the end of March 2017 be noted;

(iii)         that the progress against the Internal Audit Plan for 2016/17 for the period to the end of March, 2017 be noted; and

(iv)         that the performance of the Internal Audit Division for the final quarter be noted.