Venue: Meeting Room 1, Council Offices, Priory Road, Spalding
Contact: Christine Morgan 01775 764454
To sign as a correct record the minutes of the meeting held on 18 December 2014 (copy enclosed).
The minutes of the Governance and Audit Committee meeting held on 18 December 2014 were signed by the Chairman as a correct record.
To update the Committee on the state of risk management within the organisation (report of the Executive Director of Commissioning and Governance enclosed).
The Chairman advised that with his agreement, this item be moved up the agenda for consideration.
Consideration was given to the report of the Executive Director of Commissioning and Governance, which updated the Committee on the state of risk management within the organisation.
The updated strategic risk register included 10 strategic risks. These covered the over-arching risks that may affect the strategic direction of the council, rather than risks linked to business continuity or those that affected discreet service areas.
Risks were grouped into two categories:
· Strategic – these were risks that affected the whole and long term plan of the council. These risks could fundamentally impact upon the Authority’s reputation, the organisation that it was, and the dependable, accountable delivery of public services.
· Operational – these risks concerned the day to day activities in the delivery of functions and services.
Risks were rated using a 3x3 matrix through a numerical number that combined the impact score of the risk occurring, with the likelihood score of it happening. Risks were then classed as High, Medium or Low risk, dependent on their rating.
The risk summary covered two areas: a) The risk summary table showed the total number of risks by category and the percentage of high, medium and low risks within each category; and b) The exceptions report, a detailed report to provide focus on high level risks.
Two Risk Summary Tables were detailed within the report, showing the risk position at 30 September 2014 (Quarter 2, 2014/15) and 31 December 2014 (Quarter 3, 2014/15). The tables detailed 9 strategic risks and 64 operational risks and 10 strategic risks and 65 operational risks respectively. This information informed that:
· Strategic risks were predominantly medium;
· One strategic risk had been closed, two had been created;
· Operational risks were predominantly medium and low level risks;
· Two operational risks had been created within Environmental Health and Human Resources;
· One risk had been closed in Community Development;
· One operational risk had increased from a medium to a high rating within Corporate Improvement and Performance; and
· Two operational risks had been reduced from medium to low rating within Environmental Services and Corporate Improvement and Performance.
· Strategic Risk Overview: Overall rating was medium; and
· Operational Risk Overview: Overall rating was evenly spread across medium and low.
The Business Intelligence Officer advised that an additional level had been built into risk reporting. A Risk Board, let by officers, had been set up to examine risk ratings given to corporate risk, and the Board met on a monthly basis.
Consideration was given to the report, and the following issues were raised:
· Risk Reference S-09 – Staff recruitment and retention at all levels within both organisations. Had any risks arisen due to short-staffing?
o The Business Intelligence Officer advised that attention was being paid to this risk. There were currently no results from the first Risk Board meeting due to its first meeting falling so close to this one however, information from the Risk Board would be included in ... view the full minutes text for item 32.
South Holland District Council (report of KMPG enclosed)
Consideration was given to KPMG’s External Audit Plan for 2014/15, which was presented to the Committee by the Audit Manager, KPMG.
The external auditor’s statutory responsibilities and powers were set out in the Audit Commission Act 1998 and the Audit Commission’s Code of Audit Practice.
The Audit Commission was due to close at 31 March 2015. However, audit responsibilities under the Audit Commission Act 1998 and the Code of Audit Practice in respect of the 2014/15 financial year remained unchanged. Details of the new arrangements were set out in Appendix 4 of the report.
The Code of Audit Practice summarised the auditor’s responsibilities into two objectives, requiring them to audit/review and report on the Authority’s:
· Financial statements (including the Annual Governance Statement): providing an opinion on the Authority’s accounts; and
· Use of resources: concluding on the arrangements in place for securing economy, efficiency and effectiveness in the Authority’s use of resources (the value for money conclusion).
Section two of the report included headline messages, focusing on the key risks identified for the year. The following risk was identified:
· The impact of changes in accounting standards on the consolidation of the Council’s joint venture company, Compass Point Business Services (East Coast) Ltd (CPBS)..
Section three of the report outlined KPMG’s audit approach. This was undertaken in four stages: Stage 1 – Planning (January to February); Stage 2 – Control evaluation (March to April); Stage 3 – Substantive procedures (August to September); and Stage 4 – Completion (September).
Section four of the report provided more detail on the impact of changes in accounting standards on the consolidation of the Council’s joint venture company, Compass Point, as detailed above. KPMG would assess the Authority’s progress in addressing this risk area as part of its interim work, and conclude this work at year end.
Section five of the report explained KPMG’s approach to Value for Money (VFM) work. In meeting their statutory responsibilites relating to economy, efficiency and effectivess, the Commission’s Code of Audit Practice required auditors to:
· Plan their work based on consideration of the significant risks of giving a wrong conclusion (audit risk); and
· Carry out only as much work as was appropriate to enable them to give a safe VFM conclusion.
The VFM audit methodology remained unchanged from last year, There were only relatively minor amendments to reflect the key issues facing the local government sector. The specified criteria for VFM conclusion were:
· The organisation had proper arrangements in place for securing financial resilience; and
· The organisation had proper arrangements for challenging how it secured economy, efficiency and effectiveness.
Section six of the report provided information on the audit team, its proposed deliverables, the timescales and fees for their work.
Under the audit deliverables, the following information would be provided to the Committee
· External Audit Plan – March 2015;
· Report to Those Charged with Governance (ISA 260 report) – September 2015;
· Auditor’s Report – September 2015;
· Whole of Government Accounts – September 2015; and
· Annual Audit Letter – November 2015
Annual report (report of KPMG enclosed)
Consideration was given to KPMG’s Certification of grants and returns 2013/14. In 2013/14, certification work was carried out on the following claims/returns:
· Housing Benefit Subsidy Claim – Certified value £18,974.66
· Pooling of Housing Capital Receipts – Certified value £585,619
Housing Benefit Subsidy
As in previous years, KPMG’s certification work identified a range of issues in relation to the Housing Benefit Subsidy claim as follows:
· Due to issues identified in the previous year and, as a result of KPMG’s initial testing of a sample of non-Housing Revenue Account (HRA) rent rebate cases, testing of the accuracy of 100% of the cases within this section of the claim was performed. This resulted in a number of small amendments to the claim being necessary, without any effect on the subsidy claimed.
· KPMG had to issue a qualification letter due to various issues identified as a result of sample testing from which no conclusion could be reached as to whether the claim was fairly stated. These issues included errors relating to the misclassification of overpayments within the subsidy claim form and errors relating to the incorrect processing or application of:
o weekly earnings resulting in both under and over paid benefit for rent rebates;
o pension savings credits resulting in both under and over paid benefit for rent rebates;
o termination date of a claim resulting in overpaid benefit for rent rebates;
o the appropriate Local Housing Association (LHA) rate resulting in underpaid benefit for rent allowances;
o eligible rent resulting in both under and over paid benefit for rent allowances; and
o weekly earnings resulting in both under and over paid benefit for rent allowances.
As there are no specific causes for these errors, with all arising from general processing errors, KPMG had made no recommendations to the Authority to improve its claims completion processes in respect of this claim for this year.
In their 2012/13 Certification Annual Report two recommendations had been raised relating to:
· The need for refresher training for staff involved in the completion of Audit Commission housing benefit workbooks; and
· The requirement for the S151 Officer to produce, and for Members to approve, an annual report on the Authority’s Risk Based Verification policy.
KPMG were satisfied that the Council has improved its arrangements and had addressed both of these recommendations. Full details were included in Appendix 1, attached to the report.
Pooling of Housing Capital Receipts
KPMG’s certification work in respect of this claim identified a small number of errors in relation to the Authority’s overpayment of pool-able capital receipts in relation to Housing Act Advances repayments, resulting in an adjustment of £479 to the return.
The Authority had identified the cause of this error and had already put in place corrective action to ensure that it did not re-occur. Consequently KMPG had made no recommendations to the Authority in respect of this claim for this year.
The Executive Director Place advised the committee that there was a risk with regard to the Local Authority Subsidy Claim Certification. The ... view the full minutes text for item 34.
To update the Committee on progress with the Audit Plan November 2014 to January 2015 (report of the Audit and Risk Manager (Audit Lincolnshire) and the Shared Manager Finance (SHDC) enclosed).
Consideration was given to the report of the Head of Audit & Risk Management – Audit Lincolnshire, and the Shared Manager, Finance which provided an update on progress with the Audit Plan between November 2014 and January 2015.
The purpose of the report was to:
· Advise of progress being made with the 2014/15 Audit Plan;
· Provide details of the audit work during the period;
· Provide details of the current position with agreed management actions in respect of previously issued reports; and
· Update the committee on any changes to the 2014/15 Audit Plan and any other matters that may be relevant to the Governance and Audit Committee role.
Contained within the appendices which were attached to the report was detailed information in relation to assurance definitions; audits with limited assurance; outstanding recommendations as at February 2015; outstanding recommendations as at February 2015 (detail); and the Internal Audit Plan and Schedule
Members considered the information detailed within the report, and the following issues were raised:
· Appendix 4, Item 1 (issue with reporting on rent collection) – How were periods identified with regard to arrears?
o The information could be identified for credit control purposes however, this issue was regarding automatic reporting and was a system issue. This was not considered to be operationally damaging as it was not a collection issue, but a reporting issue.
· Appendix 2 (Audits where assurance was assessed as ‘Major improvement needed’ or ‘Inadequate’) – Some key recommendations were near completion, would these be up to date by the next quarter?
o The latest date for completion was July 2015. Completion was staggered so some issues would be completed earlier. Some of the outstanding recommendations would fall within the next two reporting quarters. The issues would be picked up by the Risk and Audit Board.
· The covering report stated that progress of projects within the 14/15 plan was less than expected and that some were taking longer than expected. Why was this?
o More audits had taken place within the last six months. Some had required finer detail and were therefore taking longer than anticipated. Most should be finalised by 31 March 2015, and some would be deferred to 2015/16.
· Appendix 4, item 20. Discussions with a sample of Council staff identified that 3 out of 9 had not received training on data protection, and 1 out of 9 had not received training on FOI. Was this as a result of staff turnover?
o There had been a period where the Induction Programme (which incorporated Data Protection and FOI) had not been undertaken however, this had now restarted. Development packages were not as stringent as they could have been however, this had been identified as part of the Staff Action Plan. This issue was not a result of staff turnover.
· The report in general appeared to have become longer and there was more information on it. Was this an indication of an increase in risk?
o The purpose of Internal Audit was to identify areas for improvement that needed ... view the full minutes text for item 35.
To present to the Committee the draft Internal Audit Plan for 2015/16 (report of the Audit and Risk Manager (Audit Lincolnshire) and the Shared Manager Finance (SHDC) enclosed).
Consideration was given to the report of Audit Lincolnshire which presented to the Committee the Draft Internal Audit Plan 2015/16.
The Internal Audit Plan 15/16 had been developed with Management and a risk assessment of Council functions. The detailed plan was attached at Appendix A.
Internal Audit was a statutory service required under the Account and Audit regulations 2011. It provided independent assurance designed to add value and improve how the Council operated. It helped the Council achieve its priorities and objectives by bringing a systematic, disciplined approach to evaluate and improve the management of risk, control and governance processes.
Internal Audit’s work was carried out in conformance with the UK Public Sector Internal Audit Standards. These required that the scope of Internal Audit covered the whole range of Council activities – seeking to provide an annual internal audit opinion of the governance, risk and internal control environment of the Council, which had been established to:
· Achieve strategic objectives;
· Ensure effective and efficient operational systems and programmes;
· Safeguard assets and interests of all kinds (including risks that related to work it undertook through partnerships);
· Ensure the reliability and integrity of financial and operational information;
· Ensure economic, efficient and effective use of council resources;
· Ensure compliance with established policies, procedures, laws, regulations and contracts
In developing the Internal Audit Plan, Audit Lincolnshire had:
· Taken into account management’s assessment of risk (including those set out in strategic and operational risk registers);
· Obtained assurances present on the Council’s critical systems and key projects;
· Used their own risk assessment against each activity, assessing their significance, sensitivity and materiality – ranking the activity as high, medium or low risk.
Their aim was to align their work with other assurance functions – seeking to look at different ways of leveraging assurance to help maximise the best use of the Internal Audit resource and other assurance functions in the Council.
The Audit Plan had been considered by CMT.
The proposed audits were detailed in Appendix C within the Internal Audit Plan, and a schedule of audits would be developed with management once the plan had been approved.
The Executive Director, Place commented that the Audit Plan was a management responsibility, ensuring that risks were identified and discussed at CMT and other relevant forums. Members had the opportunity to sit outside of this process and raise any potential issues that they felt were risks.
Members raised the following issues:
· Would the new housing company be audited?
o If members agreed that the company be established, as a company it would be audited in its own right, and would also be audited through the internal audit process.
· Would Legal Services be audited?
o This area had been identified by the internal auditors. A specific focus had to be agreed, and this would be agreed once the outcome of the current review into Legal Services had concluded.
That the proposed Internal Audit Plan for 2015/16 be approved.
To confirm the response to the external audit mandatory enquiries (report of the Shared Manager Finance enclosed)
Consideration was given to the report of the Shared Manager, Finance which asked members to confirm the response to the external audit mandatory enquiries.
In order to comply with a number of International Standards of Auditing, external auditors were required to obtain an understanding on how those charged with governance exercised oversight of management’s process in relation to fraud, laws and regulations and going concern. To assist this work, which formed part of the annual audit, the external auditor issued a number of questions to those charged with governance. In previous years these enquiries had been directly to the Chairman of the Governance and Audit Committee. In order to recognise the whole Committee’s governance role, this year these audit enquiries were being brought before the Committee.
Appendix A set out the enquires to those charged with governance. It had been pre-populated to a large extent, where possible, following discussion between the Chairman of the Governance and Audit Committee and the Shared Manager, Finance. However, one question on fraud asked for an opinion and it was therefore felt inappropriate to pre-empt the Committee’s response.
Members were asked to consider these responses and to be satisfied that they corresponded to the Committee’s own view of affairs, or whether the responses required modification.
The Committee agreed that they did not have any great concerns, based on identified fraud, and that no trends had been identified. Procedures were felt to be fairly robust. No large fraud risks had been identified by Internal Audit. The Auditors confirmed that Lincolnshire Counter Fraud Partnership funding had been successful. Improvement of processes was always being looked at and intelligence sharing with peers was encouraged. The Chief Executive added that a robust Whistleblowing Policy was also a benefit to the Authority.
a) That the report of the Shared Manager, Finance be noted; and
b) That the responses to the mandatory enquiries be approved, to include the Governance and Audit Committee’s satisfaction with regard to fraud risks, including the nature, extent and frequency of such assessment, so that these could be issued to the external auditor.
To set out the Work Programme of the Governance and Audit Committee (report of the Democratic Services and Legal Manager enclosed).
Consideration was given to the report of the Democratic Services and Legal Manager, which presented the Work Programme of the Governance and Audit Committee, as set out in Appendix A within the report.
The schedule of meetings for 2015/16 was now available, and dates for Governance and Audit meetings had been added to the Work Programme. Regular items had been transferred from the 2014/15 municipal year to the appropriate meeting dates for the new municipal year. Contributors were requested to confirm that the reports requested, and the meeting dates on which they were to be reported, were correct.
The Committee considered the report and the Work Programme for the forthcoming year and agreed all items on it were correct.
That the report be noted.