Agenda item

To consider the Internal Audit Annual Report 2013/14 and the assurance from the work undertaken during the year on the level of internal control within the systems audited during the year.

11.1           Attention was drawn to the report of the Policy and Performance Group Manager, circulated at Pages No. 63-74, which provided Members with a summary of the internal audit work undertaken for the financial year 1 April 2013 to 31 March 2014, together with an opinion on the overall adequacy and effectiveness of the organisation’s control environment.  Members were asked to consider the report and the assurance that, overall, a satisfactory level of internal control existed within the systems audited during the year.

11.2           Members were advised that the annual audit plan was compiled using a risk-based approach and was informed by governance issues and work relevant to the production of the Annual Governance Statement; work on fundamental financial systems; work of a service-based nature; corporate improvement work; follow-up work; and consultancy and advice.  This approach resulted in a comprehensive range of audits that were undertaken over the course of the year to support the overall opinion on the control environment.  In compliance with the Public Sector Internal Audit Standards (PSIAS), regular monitoring reports of internal audit activity were presented to the Audit Committee on a quarterly basis.  A list of the audit work undertaken in the year was set out at Page No. 65, Paragraph 2.2 of the report.  There was one outstanding audit from the 2013/14 audit plan in relation to risk management.  A new corporate risk register was in the process of being compiled and would form part of the performance management report for quarter 1 2014/15.  The implementation of the register would support the Council’s existing risk management arrangements.  In addition to this work, the internal audit team also undertook a variety of corporate improvement work initiatives and the audit plan included an allocation of days for work of this nature.  Managers were aware of the allocation and could request internal audit to assist with areas of work that needed to move forward.  During 2013/14 this had included procurement; customer service standards; ‘Selling to the Council’ guide; update of the Business Continuity Plan; and the tree management projection plan.  The team was also represented on key corporate groups in order to keep abreast of emerging issues.

11.3           In terms of the opinion on the overall adequacy of the control environment, Members were informed that internal audit provided a split opinion which meant that individual opinions were given for different parts of the system being audited.  A total of 65 opinions had been issued during 2013/14, the majority of which had been good or satisfactory.  Two limited opinions had been issued, one in relation to the audit of the flood alleviation grants and the other in respect of the proposed action to produce a corporate risk register.  There had been one fraud incident brought to the attention of internal audit during the year, which had been discussed under the previous Agenda item, and the Monitoring Officer had confirmed that no allegations had been reported through the Council’s Whistleblowing Procedure.

11.4           The performance monitoring information for achievement against the audit plan was based on the number of completed audits against the number of planned audits. The outturn for the 12 month period was 92% which was above the industry benchmark of 90%.  An assessment against PSIAS demonstrated that internal audit was broadly compliant.  An action plan to strengthen arrangements had been produced but there were no material areas of concern.  The team had now started work on the 2014/15 audit plan, which had been approved by the Committee in March, and included a number of key areas where there was significant change to current systems i.e. new leisure centre, garden waste database, recycling, payroll self-service, behaviours framework, individual electoral registration.  Members were advised that any audit activity undertaken on health and safety would now be formally reported to the Audit Committee.  The Council’s Environmental Safety Officer would be seconded to internal audit and would report using the internal audit methodology when undertaking this work.  Corporate improvement days included the provision of support to the Revenues and Benefits Improvement Programme which was a significant piece of work.  CIPFA had recently issued an updated document on good practice and evaluating the effectiveness of the Committee which would be brought to the Committee for evaluation during 2014/15.  Based upon the work undertaken during the year, internal audit could provide reasonable assurance that there was a good level of control in relation to risk; there was a risk management framework in place but this needed to be enhanced through the delivery of the corporate risk register.  The internal audit opinion was one of the sources of assurance that was used to support the Council’s Annual Governance Statement.

11.5           A Member sought clarification as to when the corporate risk register would be ready and was informed that it would be taken to the Overview and Scrutiny Committee as part of the quarter 1 performance management framework report in September 2014.  It was subsequently

RESOLVED          That the internal audit annual report be NOTED.