Agenda item

To consider the report of the Audit Managers.

The Audit Manager (HK) presented the report on the internal audit work carried out during the period 1 July to 30^th September 2017, advising Members on the overall progress against the Audit Plan highlighting that of the six audits undertaken, five had been reported as good with one area assessed as ‘some improvement required..

There had been good progress during the first half of the year, but due to the loss of the finance apprentice and a staff member on long term sick leave, progress during the second half of the year had been impacted with an expected 40 day shortfall. The Audit Manager and Section 151 Officer proposed to fill this shortfall by existing staff members  working additional hours, with a supplementary budget of £7,800 required to provide the additional staffing resources to deliver the approved audit plan.

She discussed the issue of the trade waste report which had been the one instance in this quarter where remedial action had not been agreed by management. She explained reconciliations were not currently carried out by cleansing between the incomes received. The Managers response had been “The system should be fully automated by 1 December 2017, and data should transfer from the relevant field on Bartec to that on Ash Debtors. There would be no risk that the two systems would not balance”.  It was considered this be approved by Council as a recommendation.

She explained that the annual governance statement (AGS) identified significant issues to Governance throughout the year, but the Council would continue to make improvements using an action plan, which is monitored by the Audit and Governance Committee quarterly and for which an update had been provided.

The new section on emerging issues and risks was discussed, which would inform Members of any emerging issues. Three risks highlighted were the replacement of the Data Protection Act with the General Data Protection Regulations (GDPR),  the amendments to the IR35 (the Intermediaries legislation) responsibilities and Organised Crime procurement following a study by the Home Office.

A Member discussed the GDPR, and how Strata were working on incorporating security improvements to protect data. However it was the responsibility of the Members and not the Council, to ensure all confidential information in relation to their constituents was protected from risk.

In response to Members’ questions, the Audit Manager (HK), Chief Finance Officer and Corporate Manager Executive Support Unit informed:-

·         The staff member from the team was able to work in short periods, but has been signed off on long term sickness. The existing team members have the experience to cover the interim period and had originally worked full time hours, which had been reduced to part time hours to avoid redundancy. The option to extend hours would revert working hours back to full time and would not cause any issues which the audit team had agreed to do during the interim period;

·         The representative for the Monkerton Heating Company was an individual, rather than the Planning Department. They would be the only one with any conflict of interest, which internal audits checks would check and the person be excluded accordingly;

·         The data protection regulations were being replaced and action was required to ensure compliance with the new regulations;

·         A working group has already been established with the Councils data protection officer to ensure that staff and Members received appropriate training on the Data Protection Regulations. Guidance can also be provided to Members from the Policy Officer;

The Audit and Governance Committee noted the Internal Audit Report and requested Executive note and Council approve:-

(1)  The supplementary budget to cover the additional staffing costs to meet the approved audit plan; and

(2)  The manager’s response for reconciliations on remedial actions.