Issue - meetings

This report presents the proposed Internal Audit Plan for 2025-26.  The report also includes an assessment of the progress made at the end of Year 1 towards achieving the objectives outlined in the Internal Audit Strategy 2024-27, which was approved by Audit and Standards Advisory Committee in March 2024.

This report sets out the Internal Audit Strategy for the period 2024-2027, and the Internal Audit Plan for 2024-2025.

Darren Armstrong (Head of Audit & Investigations) introduced a report setting out the Internal Audit Strategy for the period 2024-2027 and the Internal Audit Plan 2024-2025.  In presenting the report the following key areas were highlighted:

·             The introduction of the Internal Audit Strategy as a newly developed document designed to outline the way in which the Council would continue to enhance the effectiveness and delivery of its Internal Audit function.  In covering a three year period, the Strategy set out a number of objectives, priorities and initiatives to ensure that the work carried out by Internal Audit was aligned with the Council’s strategic objectives and assurance needs as well as introducing a new approach to audit planning and delivery.

·             The requirement to develop and implement a strategy for the Internal Audit function had been introduced under the new Global Internal Audit Standards, which would officially come into force in January 2025, with the Strategy having been attached as Appendix 1 to the report.

·             In view of the growing challenges and risks faced by the Council, and increasing demand and stakeholder expectations, the Strategy had identified the need to ensure the Internal Audit service remained agile, responsive and closely aligned with the strategic objectives, risks and needs of the Council and was able to provide a programme of robust assurance in the highest risk areas. In developing this strategy, the opportunity had therefore been taken to re-consider and evaluate how the level of assurance and advisory services were delivered with the following four strategic objectives being developed to guide and shape the services work across the next three years - To adopt a more agile and enhanced risk-based approach to planning and delivery; To provide an ongoing and robust programme of core assurance; To offer and provide high-quality insight, foresight and advise; and lastly To lead and coordinate the implementation of an integrated assurance framework.

·             In addition to the Strategy, the Head of Internal Audit was also responsible for creating an Internal Audit Plan based on an assessment of the Council’s strategies, objectives and risks, informed by input senior management as well as the Internal Audit function’s understanding of the Council’s governance, risk management and control processes.  Under the new Global Internal Audit Standards the Plan would now be subject to more frequent update and in view of these new requirements (and in-line with the objectives set-out within the supporting Strategy) the Committee were advised of the new approach and method to audit planning reflected within the Plan (attached as Appendix 2 to the report), which (whilst still focussed around the provision of assurance around core/key systems and processes) moved away from the more traditional ‘annual plan’ to a less rigid, more flexible and agile approach.

·             The Plan had been divided into four sections split between core assurance work; a list of audit areas identified under an agile risk based approach designed to provide enhanced flexibility in order to respond to changing risks and priorities; consultancy & advice work  ...  view the full minutes text for item 12