Agenda item

This report outlines the work undertaken by Internal Audit in respect of delivery of the 2021-22 Internal Audit Plan and also includes the Head of Internal Audit’s annual opinion on the Council’s system of internal control.

Darren Armstrong, Head of Audit and Investigations introduced the report which outlined the work undertaken by Internal Audit in respect of delivery of the 2021-22 Internal Audit Plan.  Members were advised that the report had been provided in order to provide assurance about the Council’s framework of governance, risk management and internal control.

In considering the report the Committee noted the annual opinion provided by the Head of Audit on the Council’s overall arrangements for its systems of internal control, risk management and governance which had been rated as “reasonable assurance”.  The basis of the opinion had been detailed within the Annual Report, attached as Appendix 1 the Committee report.  Whilst some high risk rated audit recommendations had been identified as a result of individual audit reviews, these had been broadly isolated to specific systems or processes with no critical risk issues raised in-year.  Members noted the opinion as being consistent with that provided in previous years.

In considering the detailed updates included within the Annual Report in relation to status and delivery of the 2021-22 Plan, the summary of completed audits in Q4 2021-22 and summary of follow up activity, responses were provided on the following issues raised:

·                Members welcomed completion of the audits in relation to the Council’s key financial controls (following Oracle Cloud implementation) and in relation to the Council’s companies and governance arrangements with it noted that the final outcomes were due to be reported to Committee as part of the Q2 Internal Audit Plan Monitoring update.   The draft reports had contained a range of medium and low risk actions which, whilst not identifying any significant issues had been focussed on enhancing controls and best practice. (Action: Darren Armstrong)

·                Officers confirmed the Fire Safety Audit initially included within the 2021-22 Plan would now be carried forward within the 2022-23 Plan with outcomes to be reported back to the Committee upon completion of the review, currently scheduled as part of the Q2 progress update. (Action: Darren Armstrong)

·                Focussing on the summary of audits completed in Q4 2021-22 clarification was provided that the audit review on Leaseholder Repairs had been focussed on the arrangements in place around Housing Management Landlord responsibilities for Council Leaseholders rather than those managed through the Council’s subsidiary companies.  It was, however, recognised that scope existed to apply the key findings across these arrangements as well.  In terms of timescale for implementation of the findings it was noted that these would be provided once the final management response had been provided.

·                In response to a Committee question regarding the management of the two high risk findings in relation to cyber security, officers highlighted that no gaps had been identified within controls with the findings designed to enhance the existing arrangements already in place to mitigate risks.

·                In terms of follow-up activity, whilst recognising the slippage in some areas as a result of core activity needing to be refocussed in support of the response to the pandemic, members were advised of the efforts and programme in place to progress this work.  No specific concerns were identified in relation to persistent non-compliance or implementation, with the Committee assured of the mechanisms in place to address such issues, should the need arise.

The Chair thanked Darren Armstrong and his team for the work undertaken and update provided and it was RESOLVED, subject to the actions identified above, to note the contents of the report.