Agenda item

To receive an update on the impact of COVID-19 on the Internal Audit team. 

9.1             The report of the Head of Corporate Services, circulated at Pages No. 62-66, provided Members with an update on the status of the Internal Audit team and their redeployment as a result of COVID-19.  Members were asked to consider the report.

9.2             The Head of Corporate Services considered that it was important to update the Committee on the status of the Internal Audit team which was pivotal to providing independent assurance on the internal control environment.  The very early stages of the COVID-19 response had involved redeploying resources to priority areas and the Internal Audit team had been tasked with supporting the administration of business grants which had seen almost £17million awarded to nearly 1,500 businesses.  As a result, all business as usual internal audit work had been suspended for the interim and this was likely to remain in force until the end of August.  It was therefore intended to bring a revised Internal Audit Plan to the Committee in September; this would involve discussions with key officers to assess what the new internal control environment looked like and where significant changes had occurred that may present additional risk to the Council, for example, IT risks in respect of remote access/cyber security, HR related activities such as annual leave and absence management reporting etc.  As part of the Council’s emerging recovery framework, each service area had been tasked with documenting their recovery actions.  Page No. 64, Paragraph 2.2. of the report identified four key internal audit recovery actions: work with responsible officers to review the whole suite of internal audit recommendations and determine whether the implementation dates and recommendations remained relevant and feasible; produce a new six month internal audit plan for October 2020-March 2021; review actions within the Internal Audit Quality Assurance and Improvement Programme; and to review the work programme for the Audit and Governance Committee which had been discussed earlier in the meeting.  In terms of the Internal Audit Plan, it would be necessary to take into consideration that Council services were still in recovery mode – with some elements potentially still in response mode – therefore it may not be feasible to support internal audit assessments in certain areas.  Similarly, with the Internal Audit team and customers likely to still be remote working, the challenges of undertaking such audits would need to be factored in.  The Head of Corporate Services explained that, although all internal audit work had been suspended, this did not mean the control environment had lapsed as it was the responsibility of management to ensure controls were in place and working effectively; nevertheless, the Internal Audit team was unable to give independent assurance between April and August 2020.

9.3             A Member queried how internal audits would be effectively managed if they were carried out remotely.  In response, the Head of Corporate Services explained that the whole organisation had adapted well to using new technology, such as Microsoft Teams, so there was no reason the Internal Audit team could not engage with other services remotely; however, it would be challenging, particularly if the evidence needed was in hard copy format within the Council Offices.  The Engagement Lead from Grant Thornton indicated that, as external auditors, the team had also been required to do a lot of work in the virtual environment and, whilst there were challenges, there had also been a lot of opportunities and benefits as well.  One of the biggest changes was the reliance on paper documents and files that could not be managed in a digital environment.  Going forward, she felt it would be important for the Committee to focus on the imperative for management to maintain the control environment and she asked Members to reflect on these considerations when discussing the Annual Governance Statement, both for 2019/20 and 2020/21, as internal audit work was a principle source of evidence for that.  It was important that the Committee understood any limitations around what could be covered and the alternatives to gain any assurance it needed.

9.4             The Chair welcomed the key recovery actions that had been identified for the Internal Audit team and the desire to get to the “new normal” as soon as possible whilst recognising that challenges would be faced.  He thanked the team on behalf of the Committee for the work that had been done in administering the grants which had been a lifeline to businesses in these unprecedented times.  The Head of Corporate Services also wished to thank the Revenues and Benefits Manager and the Finance Manager who had been overseeing the process.  He acknowledged it had been a challenging time for the Internal Audit team who had been working on the frontline taking difficult telephone calls which was very different from their usual role as a support service within the authority.  It was subsequently

RESOLVED          That the internal audit update be NOTED.