To update the Committee on progress with the Audit Plan November 2014 to January 2015 (report of the Audit and Risk Manager (Audit Lincolnshire) and the Shared Manager Finance (SHDC) enclosed).
Consideration was given to the report of the Head of Audit & Risk Management – Audit Lincolnshire, and the Shared Manager, Finance which provided an update on progress with the Audit Plan between November 2014 and January 2015.
The purpose of the report was to:
· Advise of progress being made with the 2014/15 Audit Plan;
· Provide details of the audit work during the period;
· Provide details of the current position with agreed management actions in respect of previously issued reports; and
· Update the committee on any changes to the 2014/15 Audit Plan and any other matters that may be relevant to the Governance and Audit Committee role.
Contained within the appendices which were attached to the report was detailed information in relation to assurance definitions; audits with limited assurance; outstanding recommendations as at February 2015; outstanding recommendations as at February 2015 (detail); and the Internal Audit Plan and Schedule
Members considered the information detailed within the report, and the following issues were raised:
· Appendix 4, Item 1 (issue with reporting on rent collection) – How were periods identified with regard to arrears?
o The information could be identified for credit control purposes however, this issue was regarding automatic reporting and was a system issue. This was not considered to be operationally damaging as it was not a collection issue, but a reporting issue.
· Appendix 2 (Audits where assurance was assessed as ‘Major improvement needed’ or ‘Inadequate’) – Some key recommendations were near completion, would these be up to date by the next quarter?
o The latest date for completion was July 2015. Completion was staggered so some issues would be completed earlier. Some of the outstanding recommendations would fall within the next two reporting quarters. The issues would be picked up by the Risk and Audit Board.
· The covering report stated that progress of projects within the 14/15 plan was less than expected and that some were taking longer than expected. Why was this?
o More audits had taken place within the last six months. Some had required finer detail and were therefore taking longer than anticipated. Most should be finalised by 31 March 2015, and some would be deferred to 2015/16.
· Appendix 4, item 20. Discussions with a sample of Council staff identified that 3 out of 9 had not received training on data protection, and 1 out of 9 had not received training on FOI. Was this as a result of staff turnover?
o There had been a period where the Induction Programme (which incorporated Data Protection and FOI) had not been undertaken however, this had now restarted. Development packages were not as stringent as they could have been however, this had been identified as part of the Staff Action Plan. This issue was not a result of staff turnover.
· The report in general appeared to have become longer and there was more information on it. Was this an indication of an increase in risk?
o The purpose of Internal Audit was to identify areas for improvement that needed to be addressed. The report showed that the number of recommendations that had been actioned was actually higher than the number of outstanding items, and that for those that were outstanding, there were completion dates alongside them.
o The volume and number of recommendations could vary from year to year depending on the areas being looked into.
o There was a lot of data within the report however, it was very comprehensive. Not all Audit Committees saw this level of detail however, the amount of information to be reported was not out of step with other organisations, it simply appeared a lot, due to the detail.
o This Audit Committee had required the amount of detail within the report. A separate report could be prepared following work with the Risk and Audit Group, and then an exception report could be brought to the Committee in place of the current detailed report.
o If outstanding work was due to a management issue, the appropriate officer could be asked to attend the Governance and Audit Committee, although the Executive Director, Place cautioned that the accountable manager may not necessarily be the officer responsible for the poor performance. The Risk and Audit Board would hold the correct level of manager to account, and the minutes from that meeting could be used to select the correct person to attend a future meeting of the Governance and Audit Committee if it wished to investigate further.
o Managers should be held to account by exception, in a similar way to how performance was monitored. Rather than providing the Committee with all of the information, it would be more helpful to identify where the issues lay and to focus on this.
· Appendix 4, item 19 – ‘Review of top suppliers by payment value found that there were no tendering arrangements/contracts in place for 4 out of 10 sampled’. Why was this?
o There had been a tendency to simply roll on contracts when they came to the end of their term. The Corporate Management Team (CMT) was now focusing on this issue. In addition, many departments had their own separate list of contractors. A centralised contract register, with details of contract expiry dates, was required, to allow all suppliers the opportunity to apply for contracts.
a) That the report be noted; and
b) That following the start of the new municipal year, the Governance and Audit Committee consider the update information reported to it, and the level of detail required.