Issue - meetings
Internal Audit - Monitoring Of Priority 1 Recommendations
Meeting: 18/09/2017 - Audit & Governance Committee (Item 23)
23 Internal Audit Monitoring Report - June to September 2017 
PDF 135 KB
(Chief Internal Auditor) To consider the attached report (AGC-010-2017/18).
Additional documents:
- AGC-010 Int Audit Monitoring EAR V1.0, item 23
PDF 97 KB
- AGC-010 Int Audit Monitoring App I V1.0, item 23
PDF 15 KB
- AGC-010 Int Audit Monitoring App II V1.0, item 23
PDF 68 KB
- Webcast for Internal Audit Monitoring Report - June to September 2017
Minutes:
The Senior Auditor, Ms S Linsley introduced the internal audit monitoring report (June to September 2017) updating members on the work completed by the Internal Audit Shared Service. She noted that good progress was being made against the 2017/18 Audit Plan and an additional audit had been included for this year to follow up the Health and Safety at Townmead Depot audit which was carried out in September 2016.
The report gave a summary of the audit reports issued since the last update in June 2017. These reports were about:
· Fire Risk Assessments – audit reviewed the policies and processes around the Fire Risk Assessments (FRAs) in Council owned residential blocks of flats and communal areas. It was found that properties requiring FRAs were complete and accurate and completed within agreed timescales. Following the Grenfell Tower incident, FRAs will now be undertaken every two years in all Council owned residential blocks.
· Cyber Security – this was a non-technical audit designed to assess the adequacy of the Council’s framework in relation to both internal and external cyber threats. It was found that the security of the Council’s computer network and servers was well managed and there were effective controls in place to detect unauthorised access and suspicious activity. Cyber awareness training was given to new staff and refresher training and security updates ensured existing staff are kept informed of current threats.
· Planning Applications Processes – this reviewed the processes around the external publicity of planning applications submitted to the Council and checked that planning applications were determined in accordance with the Council’s Scheme of Delegation. They recommended that the relevant polices, procedures and the Scheme of Delegation were reviewed ahead of adoption of the Local Plan to identify any areas where efficiencies can be made in order that processing times were not affected by any increase in the number of planning applications.
Another item that Internal Audit was involved in was the General Data Protection Regulation (GDPR) working party. In May 2018 the Council will be required to ensure compliance with the principles of the new GDPR legislation and work was in hand to ensure the Council was compliant with the new requirements. Internal Audit was playing a key role in the preparation of a Council-wide Information Asset Register. This involves identifying the Council’s information assets (manual records and electronic information) to ensure personal data was recorded and used responsibly.
Internal Audit was also actively involved in improving risk management processes throughout the Authority and as part of this work has revised the risk management strategy. They were also involved with the Corporate Fraud Team and the work they were doing.
Ms Linsley was asked who carried out the fire risk assessments for the Council. She replied that the high risk properties assessments were carried out by a specialist fire risk firm; the lower risk properties assessments were carried out by Council Officers.
She was then asked if the council needed evacuation plans for its sheltered accommodation sites. She responded that ... view the full minutes text for item 23