Agenda item

Internal Audit Progress Report

To provide the Committee with details of audit work carried out from October 2022 to February 2023, advise on progress with the 2022/23 Audit Plan and raise any other matters relevant to the Audit Committee role (report of the Head of Internal Audit enclosed.)

Minutes:

Consideration was given to the report of the Head of Internal Audit which provided the Committee with details of audit work carried out from October 2022 to February 2023; advised on progress with the 2022/23 Audit Plan; and raised other matters relevant to the Audit Committee role.

 

The Head of Internal Audit introduced the item by referring members to page 3 of the report which outlined the key messages, audits completed and their associated assurances, and work in progress.

  • Appendix 1 detailed the 2022/23 Audit Plan to date;
  • Appendix 2 explained the assurance definitions; and
  • Appendix 3 was a record of changes to the Internal Audit Plan 2022/23

 

  • Members referred to the IT Problem and Change Management audit summary and asked for the scope of the Halo Services Desk System.

o   The Deputy Chief Finance Officer responded that the Halo Desk System was the system by which IT specific issues were logged with IT and job tickets raised. It was a separate system to the new telephony system.

 

  • Members referred to the Financial Services Key Controls – Accounts Receivable and noted an absence of associated priority level.
    • The Head of Internal Audit stated that priority levels would be included in future reports and the priority levels of the three stated recommendations were confirmed as follows:
      • credit notes at high priority
      • recovery action at medium priority; and
      • corporate payment terms at medium priority.

 

  • Members welcomed that the credit note recommendation be classed as high priority. Regarding corporate payment terms, members asked for the sample size of the audit.
    • The Head of Internal Audit confirmed that CIPFA guides of best practice regarding sample sizes were adhered to. The specific size of the sample would be checked and circulated to the Committee.

 

Regarding the Financial Services Key Controls – Accounts Payable audit, the Head of Internal Audit confirmed that:

  • all three recommendations were classed as medium priority;
  • the £26,000 value of duplicate invoices was classed as not material; mitigations were in place and the identification of duplicates by the team had demonstrated good practice.
    • The Deputy Chief Finance Officer responded to the recommendations of the audit as follows:
      • regarding the ‘verification of a change made to supplier’s bank details’ recommendation:
        • officers were required to upload a memo to the supplier record; and
        • it was unfortunate that the sample size included a missing memo as there was evidence and confidence that the process was being followed;
      • regarding the ‘duplicate invoices’ recommendation:
        • the Unit 4 system identified duplicate invoices where the unique invoice number was accurately input however this was subject to user error where a similar but unidentical character was used, for example a number ‘0’ used in place of a letter ‘O’;
        • where duplicates were made, a system was in place to recover the funds from suppliers; and
        • the rate/value of recoveries from duplicate invoices would be circulated to the Committee.
      • regarding the ‘non-Purchase Order’ (PO) recommendation:
        • the PO requirement was on hold during the roll-out of the Unit 4 system to Boston Borough Council; and
        • the PO process represented a culture change for suppliers and therefore a transition period would be required to allow the system to be embedded and wider communications to take place.

 

  • Members referred to the ‘reasonable assurance’ rating given for the £26,000 duplicate invoices, and queried the value which would raise the rating to ‘limited assurance’.
    • The Head of Internal Audit responded that assurance given depended on wider circumstances and that both the value and the number of cases would be considered.

 

AGREED:

 

That after consideration by the Governance and Audit Committee, the content of the report be noted.

Supporting documents: