Agenda item

The Chief Internal Auditor to submit a report to update Members on

the progress made in delivering the 2021/22 Internal Audit Plan and

key findings arising from audit assignments completed.

Rachel Ashley-Caunt, Chief Internal Auditor introduced the report updating Members on the progress made in delivering the 2021/22 Internal Audit Plan and key findings arising from audit assignments completed.

Ms. Ashley-Caunt highlighted the Internal Audit Progress Report at Appendix A, which set out all assignments within the current year's Internal Audit Plan, the status of the assignments as at the time of reporting and the outcomes of the assignments which had been completed.  Good progress against delivery of the Internal Audit Plan had been made, with good outcomes and the positive assurance opinions should provide reassurance to Members on key areas.  Any uncompleted assignments were progressing well and those finalised following this meeting would be included in the Annual Report at the next Committee meeting.

Ms. Ashley-Caunt advised that at the time of reporting, a further 4 audits had completed, as detailed at section 2.5 of the report.

·       Procurement Compliance – This was an annual audit, whereby a sample of contracts awarded during the last 12 months were reviewed to confirm if they had complied with the Council's Contract Procedure Rules and if the Contracts Register was up to date.  In previous years, Internal Audit had made a number of recommendations, particularly on retaining a good audit trail to evidence the procurement process and the compliance with the key rules and conditions.  This year, compliance with the Contract Procedure Rules was confirmed on all samples tested and only minor issues, relating to sealing contracts and publishing award notices were identified.  This reflected the training and awareness completed as a result of previous actions from audits over the last few years.  There were some areas of the Contracts Register which needed to be developed and updated but as this was a work in progress, no formal recommendations had been made.  This would be reviewed again next year.  No formal recommendations had been made on Procurement Compliance and a good level of assurance overall had been issued.

·       Performance and Risk Management Framework. Having reviewed the new Framework to check it was robust and how it was being complied with in practice, Internal Audit were satisfied.  It was clear, concise, covered all key areas and focused on the Council's Corporate Strategy.  Internal Audit were also satisfied on the coverage of the risk registers (Corporate and Directorate).  There were no areas of concern on Performance, which worked well, ensuring accountability and transparency on how services were being delivered.  There were no formal recommendations and a good level of assurance was issued.

·       Covid-19 Recovery – This audit had been undertaken with all councils within the shared internal audit service.  Internal Audit considered how the Council had responded to the pandemic (governance and decision making) and how it recovered effectively (lessons learned, changes to ways of working, business continuity plans links to general corporate and service planning etc). There were no areas of concern, no formal recommendations and Internal Audit had issued a substantial assurance opinion (the highest of all councils in the shared service).

·       Project Management – Having reviewed a sample of five projects to consider if the Council's Project Management Framework was robust, covered all key areas and how it was being applied in practice, Internal Audit was impressed with the Framework.  The Framework in place for project management was aligned with PRINCE2 (internationally recognised methodology, which many councils aspire to).  There was a good, effective and consistent audit trail of how the projects had been managed and compliance was assessed easily due to the level of documentation available.  An area for improvement was to ensure external advisers used the same methodology, to ensure consistency across all projects including those using external support.  Whilst risk management was being well embedded within the projects, there was not a clear link between the Council's risk registers and the project risk registers, although, it was evident escalated risks had been added to the Strategic Risk Register (there was evidence in practice but not on the Framework and the procedures).  There were no areas of concern but Internal Audit had made recommendations to strengthen some of the controls.  A substantial assurance opinion was issued on the design for the very robust Framework and a good assurance opinion was issued for compliance, based on the sample of projects reviewed.

Ms. Ashley-Caunt highlighted the Implementation of Audit Recommendations, as detailed at Appendix 3, confirming that 10 recommendations had been implemented since the last Committee meeting.  Of the overdue actions, 3 were high priority, with 1 being over 3 months overdue (Effectiveness of Case Management Arrangements 2019-20).  This was detailed at Appendix 4 and included current status and a revised completion date of date of 30 April.

During discussion the following points were noted:

·       Members noted the progress made and thanked staff for their work.

·       In response to a concern raised over why all overdue actions were not detailed at Appendix 4, the Chief Internal Auditor clarified that Appendix 4 detailed only those high priority recommendations, which were overdue for implementation by 3 months or more.  The 2 high priority recommendation due within the last 3 months but not implemented would be detailed in Appendix 4 if they reached over 3 months overdue.

·       The Chief Internal Auditor clarified that the Compliance Assurances table detailed the various assurance statements which Members could receive at the completion of audit assignments.  The audits reported to Members at this meeting had all been of good or substantial assurance.

·       The Director for Corporate Services confirmed that the Intensive Housing Management Service had been in place for a considerable time (and may have been termed Supporting People previously).  The service was for those who were vulnerable and required additional support such as a warden scheme etc.

·       The Chair clarified that Internal Audit had completed its filed work and would report findings but the Planning Service Review was still underway, although temporarily paused.

RESOLVED that the report and progress made by the Internal Audit team in the delivery of the Audit Plan be NOTED.