Agenda and minutes

Governance and Audit Committee - Thursday, 26th July, 2018 6.30 pm

Venue: Meeting Room 1, Council Offices, Priory Road, Spalding

Contact: Christine Morgan  01775 764454

Items
No. Item

9.

Declaration of Interests

(Where a Councillor has a Disclosable Pecuniary Interest the Councillor must declare the interest to the meeting and leave the room without participating in any discussion or making a statement on the item, except where a Councillor is permitted to remain as a result of a grant of dispensation).

 

Minutes:

There were no declarations of interest.

10.

Minutes pdf icon PDF 79 KB

To sign as a correct record the minutes of the meeting held on 24 May 2018 (copy enclosed).

Minutes:

The minutes of the Governance and Audit Committee meeting held on 24 May 2018 were signed by the Chairman as a correct record.

11.

Quarter 1 2018-19 Risk Report pdf icon PDF 65 KB

To inform the Committee on the current status of the Council’s strategic risks (report of the Executive Director Strategy and Governance enclosed).

Additional documents:

Minutes:

Consideration was given to the report of the Executive Director Strategy and Governance which informed the Committee of the current status of the Council’s strategic risks.

 

The committee noted the following:

 

There was currently one risk in the high risk category.  This related to the critical breach of ICT which had remained at the same score at it was in the last quarter.  Whilst this risk remained at a high level, there had been positive mitigations that had been put in place over the last quarter, such as the introduction of a dedicated security analyst role within the service, as well as the implementation of business approved ICT maintenance windows which allowed the ICT service to implement necessary security patches and updates.

 

There were currently thirteen risks which fell into the medium category. Of these risks, all remained at the same score as last quarter.

 

Of the thirteen risks, it was noted that the risk around the impact of the Homelessness Reduction Act remained quite high however, there had been some very promising mitigations and actions undertaken by the service to ensure that it could cope with the level of demand.  Such implementations included new specialist case management software, as well as adding new key experienced members of staff onto a fixed term contract.  In addition, recent changes in accommodation and offices ensured that all housing staff were working together and building a customer centred focus.

 

An additional risk was the implementation of GDPR (General Data Protection Regulations), and how this had affected the council.  Whilst the risk remained unchanged due to work still ongoing, there had been much progress made in ensuring the council managed its data properly, and in accordance with GDPR (such as the development of new policies and procedures, as well as the preparation and implementation of privacy notices and the Information Assets Register).  A formal audit had also been agreed, to commence in December 2018 – when the outcomes of the audit were known, the risk would be re-assessed.

 

Members stated that all potential risks which were rated red (high impact, high likelihood) for risk score were all potential risks which were felt by Local Authorities nationwide. Therefore it was considered that such risks were unavoidable.

 

The Chairman asked if, with the risk of cyber security, the authority would do anything to combat this risk. Officers stated that the authority was in a good place to deal with such a cyber risk already, with all recommendations raised by Internal Audit in this regard having been actioned.

 

AGREED:

 

That the contents of the report be noted.

12.

Progress Report on Internal Audit Activity pdf icon PDF 106 KB

To examine the progress made between 28 February 2018 and 13 July 2018 in relation to the completion of the Annual Internal Audit Plan for 2017/18 (report of the Head of Internal Audit enclosed).

Additional documents:

Minutes:

Consideration was given to the report of the Head of Internal Audit which examined the progress made between 28 February 2018 and 13 July 2018, in relation to the completion of the Annual Internal Audit Plan for 2017/18.

 

The Head of Internal Audit introduced the report.

 

In terms of budget management there would be no conclusion at this meeting and would it be brought to the committee on a later date.

 

The Head of Internal Audit stated that there had been a lot of work undertaken over the last 4 months, which had meant that audit reports were finalised late in the financial year.

 

Members asked if the risk of confusion caused by the introduction of Universal Credit was being considered. The Head of Internal Audit stated that because the authority was late coming into the Universal Credit system in comparison with other authorities, a lot of the issues that early adopters faced had already been resolved. Furthermore, the Head of CPBS Operations stated that a lot of work had been done to prepare for the adoption of Universal Credit.

 

It was stated that the Accounts payable report had been finalised in April 2018.

 

The topic of the CPBS Audits was raised by members. They asked for clarification on why TIAA offered an assurance called a ‘reasonable assurance’ whereas the CPBS equivalent was called a ‘substantial assurance’. Members felt that ‘reasonable’ and ‘substantial’ had different meanings, yet both seemed to offer the same level of assurance. The Head of Internal Audit reminded the Committee that this was explained to the Committee in every Progress Report that they received, and that the explanations / definitions behind the assurance are similar, hence the TIAA terminology being used for ease of comparison for Members

 

Members raised the matter of the limited assurance for Human Resources, asking whether the urgent recommendations would have deadlines applied to them. The Head of CPBS operations answered that deadlines were already in place and were set for September. It was further stated that regular updates would be brought to the Governance and Audit Committee.

 

AGREED:

 

That the completion of the internal audit plan of work for 2017/18 be noted.

13.

Follow up report on Internal Audit Recommendations pdf icon PDF 88 KB

To provide members with the position on progress made by management in implementing agreed Internal Audit recommendations as at 31 March 2018 (report of the Head of Internal Audit enclosed).

Additional documents:

Minutes:

Consideration was given to the report of the Head of Internal Audit for South Holland District Council which provided members with the position on the progress made by management in implementing agreed Internal Audit Recommendations as at 31 March 2018.

 

The Head of Internal Audit stated that in relation to the audit recommendations raised in 206/17, 80 recommendations were complete, 2 had been superseded and 6 were outstanding.

 

The Head of Internal Audit further confirmed that in relation to the 90 recommendations raised in 2017/18, 18 were complete, 69 were not yet due and three were outstanding. The Committee’s attention was drawn to the 69 recommendations that were not yet due but did still present a risk to the Council

 

The Chairman, in reference to the outstanding recommendations asked for a summary of how work to resolve these recommendations was progressing. The Head of Internal Audit stated the Council  had agreed an action plan and at the time of this meeting was addressing this, but that a close eye should be kept on the outstanding recommendations to ensure they did not get out of hand.

 

AGREED:

 

That the report be noted.

14.

ISA 260 Report 17/18 pdf icon PDF 2 MB

To receive the ISA 260 Report 17/18 (report of KPMG).

Minutes:

Consideration was given to KPMG’s report to those charged with governance (ISA260) for 2017/18.  It summarised the key findings arising from their audit of South Holland District Council’s 2017/18 financial statements and their work to support their 2017/18 conclusion on the Authority’s arrangements to secure economy, efficiency and effectiveness in its use of resources.

 

The Audit Manager (KPMG) summarised their work for the year (pages 86 and 87). The audit was substantially complete. It had been a challenging year for creation of accounts and conclusion of the audit. It was hoped that the conclusions would meet the deadline at the end of July.

 

Issues were raised around the super user access in the payroll system. It was recommended that a 3rd party assurance report be requested for the following year.

 

The Auditors stated that the working papers were good and so were the audit trails. Two risks had been raised in the past year, but there were no further issues to raise.

 

The area of audit focus was on closing issues faster, this work had not raised any further problems.

 

The Audit Manager (KPMG) said that there was one new recommendation around access controls for payroll and one risk related to financial resilience.

 

The Chairman asked if there was anything in the report worthy of concern. The Audit Manager (KPMG) stated that they felt there was no detail in the report which they considered concerning.

 

Members thanked KPMG for a concise and easy to read report.

 

 

AGREED:

 

That the ISA 260 report for 2017/18 be noted.

 

 

15.

Approval of Annual Governance Statement, for inclusion with the Council’s published financial statements, and approval of the audited 17/18 Financial Statements pdf icon PDF 61 KB

To approve the audited 17/18 Financial Statements, including the Annual Governance Statement (report of the Executive Director Commercialisation S151)).

Additional documents:

Minutes:

Consideration was given to the report of the Executive Director – Commercialisation (S151) which sought approval for the Annual Governance Statement for inclusion with the Council’s Published Statements 2017/18.

 

Officers stated that this was the final stage for approval. An un-audited statement had been received in May by the Governance and Audit Committee, the main change being with reference to the points raised by the Head of Internal Audit.

 

Members asked if it was possible to be penalised for consistent poor performance on capital. The Executive Director - Commercialisation responded that, no, it was not and that due to the administration of capital, the authority’s position on capital was better than it appeared to be in reports and this position was being refined and improved upon for future reports.

 

AGREED:

 

That the Governance and Audit Committee

 

1)    Approve the Financial Statements 2017/18;

 

2)    Approve the Annual Governance Statement 2017/18; and

 

3)    Approve the Letter of Representation to KPMG

16.

Any other items which the Chairman decides are urgent.

 

 

NOTE:            No other business is permitted unless by reason of special circumstances, which shall be specified in the minutes, the Chairman is of the opinion that the item(s) should be considered as a matter of urgency.

Minutes:

There were none.

17.

Governance and Audit Committee Work Programme pdf icon PDF 55 KB

To set out the Work Programme of the Governance and Audit Committee (report of the Executive Manager Governance (Deputy Monitoring Officer) enclosed).

Additional documents:

Minutes:

Consideration was given to the report of the Executive Manager Governance (Deputy Monitoring Officer) which set out the Work Programme of the Governance and Audit Committee, as set out in Appendix A within the report.

 

Follow up reports to be produced by the Internal Auditors and brought to all further meetings.

 

AGREED:

 

That the report and content of the Work Programme be noted.