Issue - meetings

To set out the revised annual plan for internal audit activity for 2020/21 (report of the Head of Internal Audit for SHDC enclosed).

Consideration was given to the report of the Head of Internal Audit which set out the revised annual plan for internal audit activity for 2020/21.

The 2020/21 Internal Audit Plan was approved by the Governance and Audit Committee on 12 March 2020.  However, in line with the PSIAS, the risk-based plan was required to be sufficiently flexible to reflect the changing risks and priorities of the organisation.

The Coronavirus pandemic had impacted the Council significantly in several ways and Internal Audit therefore needed to remain responsive to the needs and risks of the Council by revising the agreed Internal Audit Plan.

In response to the significant pressure placed on the Council to react effectively to the pandemic, the Chief Executive requested that all 2020/21 Internal Audit activity be paused until at least quarter 2.  In addition, the Internal Audit contractors TIAA took the decision to furlough their workforce until 1 July 2020.

The Internal Audit Plan for 2020/21 would therefore be revised to respond to the changing risk profile of the Council, to ensure that Internal Audit and Officer resources were able to support the assurance work required to formulate an opinion on the governance, risk and control framework for 2020/21.

Members were advised that the revised plan had been agreed by managers in October, TIAA had started work on the plan and it had reduced the number of audit days from 225 to 150.  The revised plan covered the necessities for the current year, and included a change of direction for some of the audits.  This included an assurance mapping exercise to understand how the initial Covid outbreak had impacted on systems and processes and whether anything from the outbreak had impacted enough to warrant further audit work, impacted on the plan for the current or next year, or whether the internal audits being undertaken in the current year needed to be revised.  Consideration had been given to the Council’s response to the outbreak, and how anything around the governance and assurance processes affected the plan.  It also included a reduction in the remaining areas, and a Covid audit to be undertaken in quarter 4 to follow on from the assurance mapping exercise.  This would look at the Council’s long-term response to Covid, how it was managed, and how it was managing the governance, risk and assurance around the Council.

The following issues were raised:

·         The report stated that Internal Audit reviews that were included in the original plan for 2020/21 would be deferred to 2021/22, and that a risk assessment would be undertaken to establish whether each area was still required early in 2021 when the risk based internal audit plan for the year ahead was developed.  What risk assessment had been undertaken relating to them being deferred in the first place?

o   This was part of the assurance mapping exercise.  As part of the exercise, the auditors would be looking to see what was removed from the plan that was a key area to be included, and  ...  view the full minutes text for item 16