Agenda item

(Chief Internal Auditor) To consider the attached report (AGC-004-2016/17).

The Chief Internal Auditor presented their Annual Report for 2015/16.

The Chief Internal Auditor informed the Committee that this report was presented in support of the Internal Audit opinion on the adequacy of the Council’s internal control environment and provided a summary of the work undertaken by the Internal Audit shared service during 2016/17. The Accounts and Audit Regulations 2015 also included a requirement for the Authority to carry out an annual review of the effectiveness of its system of internal audit as part of the wider review of the effectiveness of the system of governance.

The Chief Internal Auditor reminded the Committee that, in March 2016, it had approved the Internal Audit Plan for 2016/17, which was designed to allow sufficient audit coverage to support the overall opinion for the Council. There had been some variations to the Plan throughout the year, which had been approved by the Committee, but there had been sufficient audit coverage to allow an overall opinion to be given. A total of 18 audits had been completed during the year, of which 17 had been awarded Substantial Assurance and one had been awarded Limited Assurance; no audits had been awarded No Assurance.

The Chief Internal Auditor reassured the Committee that the one report given Limited Assurance had related to a specific area rather than a more general breakdown of internal controls across the Council. A common theme during the audits in 2016/17 had been the need to consult with interested parties such as Legal, Accountancy and Procurement at a much earlier stage. Although not a control weakness in itself, earlier engagement would ensure a more orderly process when letting contracts or delivering projects. Overall, there was a good alignment between the work of Internal Audit in 2016/17 and the Council’s Corporate Risks, but this could be improved still further and would be kept under review during 2017/18.

The Chief Internal Auditor also stated that her opinion did not rely solely upon the formal audits undertaken, but also took account of special investigations undertaken by the Internal Audit or the Corporate Fraud Team, attendance at and advice given to various Corporate Working and Project Groups or Parties, and specific anti-fraud and corruption work undertaken by the Corporate Fraud Team.

The Chief Internal Auditor reminded the Committee that an external quality assessment of the Internal Audit shared service had been undertaken in November 2016, which concluded that the shared service fully complied with the Public Sector Internal Audit Standards. In addition, the shared service’s performance compared very favourably when benchmarked against other provision in the public sector and the wider industry. The performance indicators for the service in 2016/17 were as follows:

The Chief Internal Auditor reassured the Committee that the reasons why some of the performance indicators were not meeting their targets would be explored at team meetings and actions would be developed to address the issues. Internal Audit staff also participated in continuous professional development.

The Chief Internal Auditor concluded that no system of control could provide absolute assurance against material misstatement or loss, and the work of Internal Audit was only intended to give reasonable assurance on controls. However, based on the results of the work undertaken during the year, it was the overall opinion of the Chief Internal Auditor that the Council had an adequate and effective governance, risk management and control framework.

The Vice-Chairman welcomed the inclusion of Appendix 2 of the report, which gave a summary of the work performed by the Internal Audit Service throughout the year and the associated links to the Council’s corporate risks. N Nanayakkara, one of the co-opted Members, was pleased that the implementation of audit recommendations had been so positive; in contrast, the management responses had not been so positive and this was something that had been experienced by the co-opted Member at other organisations. It was suggested that Managers could be requested to attend meetings of the Committee to explain their lack of response.

The Chief Internal Auditor reiterated that the Service was looking to get different sections of the Council talking to each other at an earlier stage of proceedings, and this issue was being helped by the Transformation Programme which was starting to break down some of the silos within the Council. Covalent was the Project Management system being used to manage projects in the Transformation Programme which cut across Directorates; it was intended to allow all Officers and Members to access this system in the future. The Director of Governance added that a demonstration of the Covalent system could be given to any Members that were interested.

The Chief Internal Auditor confirmed that there was not one particular reason for the Internal Audit shared service failing to meet their target to issue the draft audit report within 10 days of the final meeting. The issues would be examined by the Team and the conclusions reported back to the Committee at a future meeting. The Director of Governance suggested that a target of 95% completion of the Audit Plan in the first year of the shared service might have been a little too ambitious.

Resolved:

(1)        That the Annual Report of the Chief Internal Auditor for 2016/17 and the Assurance Level given be noted;

(2)        That the Annual Report of the Chief Internal Auditor for 2016/17 be included as part of the review by the Committee of the adequacy and effectiveness of Internal Control; and

(3)        That, for the twelve-month period ending 31 March 2017, the confirmation by the Chief Internal Auditor that the Council had an adequate and effective Governance, Risk Management and Control Framework be noted.