Agenda item

Follow Up Report on Internal Audit Recommendations

To provide members with the position on the progress made by management in implementing agreed Internal Audit recommendations as at 2 March 2021 (report of the Head of Internal Audit for South Holland District Council enclosed).


The Head of Financial Services will be in attendance at the meeting to provide a presentation on implementation of the Finance System.


Consideration was given to the report of the Head of Internal Audit which provided members with the position on the progress made by management in implementing agreed internal audit recommendations as at 2 March 2021


The Internal Audit Manager advised that, since the January meeting, many of the recommendations had moved forward to the completion stage, thanks to the hard work and quick response of officers providing the necessary evidence. A risk mitigation column had been added to some of the recommendations so that it was clear what was happening with them.


Following consideration of the report, and the information provided by the Internal Audit Manager, the following issues were raised:


·         The Chairman thanked officers for the effort that had been put into the addition of the risk mitigation section, and the thorough content within it.


·         Attention was drawn to the outstanding action around Data Protection, and completion of Information Asset Registers. How could the Committee assist?

  • Officers advised that the Information Governance Officer was liaising with Data Champions to assist in moving this action along. 

·         The Chairman responded that she would discuss the situation with the Internal Audit Manager, with either Data Champions being asked to attend the next meeting or discussions to take place mid-way between this and the next meeting of the Committee.


·         Members questioned what the Council’s plans were for the separation of SHDC and Breckland from an IT perspective, specifically regarding backups, and the data held by SHDC regarding Breckland and vice versa.

  • The Strategic, Finance and Compliance Manger confirmed that there was a large piece of work being undertaken with regard to the separation of the two authorities, of which separation of IT was one of the areas being addressed.  A comprehensive piece of work was underway to ensure that all linked systems across both authorities were separated correctly.


·         Members again questioned the issue of the removal of the network cabinet from the cleaners’ storeroom, and whether this suggestion had been passed forward since being raised at the January meeting.

  • The Internal Audit Manager agreed that it was a pragmatic suggestion which had been passed on.  She agreed to pursue this and obtain feedback for the next meeting.


·         The Chairman questioned item SH2010 on page 91 of the agenda (Procurement and Contract Management) which stated, under Risk Mitigation, that it had been proven that the annual review of spend had bought up less ‘maverick’ spend every year for the last few years.  Clarification was asked for as to what happened when this type of spend occurred, and some context around the issue was requested.

  • The Internal Audit Manager was not able to provide context but would discuss the situation with officers and report back to the Committee.


·         The Internal Audit Manager stated that a number the new financial system recommendations at Appendix 1 had moved forward to completion as the system was now capable of the controls required.  She had researched the progress of the system, and the Head of Financial Services at PSPS, who was the Project Sponsor, had been invited to the meeting to provide an update.


A presentation was given by the Head of Financial Services (PSPS) on the FinVis20 Project, and the following update was provided:


·         The current financial system (AX) had reached the end of its contract term and was to be replaced with the Unit 4 Business World (U4BW) system. PSPS had engaged Embridge Consulting to support the implementation. The project was to be delivered via a joint PSPS/Embridge Project Team and overseen jointly between PSPS, SHDC and East Lindsey District Council (ELDC) via the Project Board.   The new system would be implemented across PSPS, ELDC and SHDC, as well as Welland Homes and South Holland Homes.


·         The project had 4 stages – Evaluate; Adapt; Test; and Deploy. Since the project began, two events had occurred which had delayed the live date. The first was that the initial testing of the system identified issues with the initial build design. The initial build centred around a single client database. Testing found that the controls were unsatisfactory and the Project Board approved a re-build changing the emphasis to a multi-client data base option. The build phase and IST (Integrated System Testing) phase were therefore repeated and the project deadline extended to a new ‘go live’ date of 31 October.  The second event was the Covid pandemic. It had been necessary to provide extra support to the Council during this time and it was not possible to set aside the resources needed for the project. The Project Board approved deferral to April 2021.


·         During the User Acceptance Testing phase, to date, 2011 tests (99% of the total) had been completed – of these, 255 defects had been found but this level of defects was not unusual, and was to be expected. 18 defects were still being worked on, and these were split into 4 categories: Critical (may have an impact on “go-live”) – 2 defects; Major (do not impact on “go-live” but would impact the day to day use of the system) – 9 defects; Minor (may have some impact on the effectiveness of the system) – 4 defects; and Cosmetic (have no impact on the functionality but focus on the look and feel of the system) – 3 defects.

·         The original Project Scope identified 18 interfaces. 4 were de-scoped and 2 added, therefore 16 interfaces now formed part of the project. Testing of the interfaces was ongoing.


·         The final pre-go live phase was now underway. Over 200 specific tasks still had to be completed, more frequent meetings were taking place, and a final decision on whether to go live would be made at board level. The Launch would take place between 1 April and 28 May. That time would be used to finalise any defects, fix issues, complete training etc.


Following the presentation provided by the Head of Financial Services, the following issues were raised:


·         The Chairman questioned whether there was sufficient mitigation in place to avoid any issues with regard to the raising of invoices, purchase orders etc, when the new system went live.

o   Officers advised that all users had been advised to process as many payments as possible prior to closure of the old system. It was confirmed that a process would be in place to capture all invoices to ensure that payments could be made via Chaps and BACS, to make sure that all payments could be made. 


·         The Chairman commented that a list of 40 enhancements had been raised – were  all of the outstanding issues detailed within the audit report being dealt with as part of this?

o   Officer responded that the vast majority were.  The main issue (which was not a system enhancement) was the ‘No Purchase Order/No Pay’ issue – it was essential that where a service/payment was required, a Purchase Order was produced. It was important that this requirement was incorporated into processes in order to have proper controls in place – although it may take some time to embed this, it was being addressed.  




That the contents of the report be noted.

Supporting documents: