Agenda item

As requested at the June 2016 Audit Committee the final report regarding the audit of planning applications is presented for consideration by Members.  An Officer from the service will attend to answer any questions.

The Chair reminded the Committee that its purpose in reviewing 'limited assurance' audit reports was not to re-examine all the issues raised, but to gain assurances that the issues identified were being properly addressed by management.

Vanessa Bateman (Interim Head of Audit and Investigation) presented a report on Planning Applications produced following a request made at the June 2016 Audit Committee. PriceWaterhouseCoopers(PwC) undertook the review and a final report was produced in November 2016. The document provided Limited Assurance and raised recommendations related which to the following areas of concern

•      Approval of planning applications: System audit trail and workflow

•      Acolaid system user access

•      Anti-bribery arrangements

•      Pre-application review

•      Management information

Vanessa Bateman highlighted that new management had been in place since May 2016 and there was evidence of improvements made to the system of controls within the planning application assessment process. She drew the Committee’s attention to page 83 of the Agenda Pack which contained the Executive Summary of the Internal Audit Report 2016/2017 prepared by PwC. She informed the Committee that 11 actions had been identified and the service had responded. Two actions had been completed, five were due by the end of January 2017 (they had been identified as high risk), and two had been scheduled for completion by the end of April 2017 (they had been assigned medium priority). Vanessa Bateman suggested that if the tasks that were due in January 2017 were completed, this would increase the assurance level and she informed Members that a report on the recommendations was to be presented to a future meeting of the Committee.

Matt Cavanaugh (Engagement Manager at PwC) confirmed that PwC was satisfied by the report and declared that he welcomed any questions Members had.   

Adrian Harding (Acting Development Management Manager) provided an update on all actions contained in the Action Plan which were either completed or moving towards completion, with the project running on track. He focused his presentation on the following actions

•      1a - Audit trail (page 90 of the Agenda Pack) which had been completed and recorded the activities of the Team.

•      1b – Segregation of duties (page 90 of the Agenda Pack) which had been completed, with the system separating key parts of the process.

•      2a, 2b and 2c – User access levels (page 92 of the Agenda Pack) where it was identified that Digital Services (IT) needed training by the software provider and where IT would provide a listing of access rights on a quarterly basis to enable the review of access rights and process any changes required. Moreover, user access rights were to be reviewed and restricted as a priority by the end of January 2017. 

•      2d – Monitoring user activity (page 92 of the Agenda Pack) – a performance management report had been drafted to show user activity. 

•      2e – Removing leavers (page 92 of the Agenda Pack) – IT would review its procedures for processing leavers and removing access to Acolaid, while Planning would notify IT of any leavers, requesting their accounts to be closed.

•      3a, 3b and 3c – Anti-bribery risk arrangements (page 94 of the Agenda Pack)  – a bribery risk assessment had been progressed with the Council’s legal service, anti-bribery training had taken place on 4 November 2016, and the Team was in the process of completing declarations of interest.

•      4 – Pre-application advice (page 95 of the Agenda Pack) – the same level of progress as the segregation of planning duties, with the system preventing officers from reviewing and approving their own written advice to customers (excluding Duty Officer query responses).

•      5 – Management Information (page 96 of the Agenda Pack) – management reports on a range of issues had been produced, with additional reports to follow shortly, including individual and overall performance reports.

The Vice-Chair asked a question which related to the way information was extracted for reporting purposes (whether this was manual or via information management). Adrian Harding explained that there were two ways of extracting information for report – by searching and downloading data into a spreadsheet or by using specialised software, Aconet, which browsed the system and could be used to create a number of reports depending on the preferences of the report-writer. He added that part of the reporting was ‘accounting-flavoured’ as it dealt with the number of applications received, determined, and those which remained on the system.

A member of the Committee asked to what extent the audit and its recommendations had been anticipated and whether there had been any self-assessment conducted by the Team. Vanessa Bateman said that self-assessments were not routinely completed in advance of an audit but that it was Management’s responsibility to implement a robust system of internal control and that the scope of the audit and the risks covered by the work would have been agreed with Management as part of the audit planning process.  Alice Lester (Head of Planning, Transport and Licensing) clarified that the scope of the audit had been agreed with the Team and, therefore, there were no unexpected actions.         

The Chair said that there had been a number of tasks to be completed by 31 January 2017 and expressed concern whether the target would be achieved. Adrian Harding explained that the Team was dependent on IT for some actions which meant that some may not be completed by the deadline. Alice Lester stated that an update on the matter would be provided at the next meeting which was supported by the Chair. This led to a short discussion whether the contract for IT services covered training. It was decided that Planning Officers would report to the Chief Finance Officer in respect of this.

Mr Sullivan commented that the software included proper audit controls.  He made the point that as these controls were not working then either these controls had not been properly configured by the software company, or they had been and then switched off by management. Depending on which answer was provided a fundamentally different approach to the further actions required would be indicated.  The Planning Officers undertook to update the Chief Finance Officer within a week, and would in turn update the committee.

The chair thanked PwC for its work on the report.

RESOLVED that:

(i)    The contents of the Planning Applications Audit Report be noted;

(ii)  A progress update on actions that were due to be completed by 31 January 2017 be provided at the next meeting of the Committee.

(iii)A response whether audit control on Acolaid had been switched on or off when the Council bought the software be provided at the next meeting of the Committee.