Agenda and draft minutes

To receive apologies for absence from Committee Members.

Apologies were received from Councillors Mitchell, Banyard and Atkinson.

Apologies were also received from the Chief Executive.

To approve and sign the minutes of the meeting held on 4 September 2025.

The minutes of the meeting held 4 September 2025 were taken as read, approved and signed by the Chair as correct.

No declarations of disclosable pecuniary interests were made.

To hear an update on work on the new risk register in line with the new corporate plan, including expert information from Zurich Resilience Solutions.

The Chair advised that this item would be heard first.  

The Strategic Director for Corporate Services introduced the report advising Members that work had been carried out with Zurich to strengthen the Council’s approach to risk and the Risk Register, and to ensure the updated Corporate Risk Register was inline with the new Corporate Plan.  

The Principal Risk Consultant from Zurich Risk Engineering UK gave a presentation to the committee, making the following points:  

• he had been working with Exeter City Council for 2 years;  

• training had been delivered to officers and senior officers;  

• risks were not just a list of bad things, but should be meaningful and targeted;  

• risk management supported objectives and decision making;  

• it helped to protect reputation, finances, and confidence;  

• risk was negative by nature, but when done well it could encourage innovation;  

• risk identification was the most important part and when done correctly it could make the rest easier;  

• management of risk should sit with officers;  

• officers should maintain the Risk Register, and Members should make sure it linked to priorities;  

• it was important to report emerging risks and keep accountability;  

• information about risks needed detail to enable proper scrutiny;  

• risks should be owned by an individual, and they should be able to provide necessary information about the risks;  

• there were some elements of risk that must be accepted and some higher-level risks needed to be tolerated;  

• risks that never changed were business as usual and were therefore not really risks and could lead to missing genuine risks;  

• the Risk Register was necessary, but the conversation surrounding it was important; and 

• it was vital to ensure openness and transparency within risk reporting;  

The Strategic Director for Corporate Resources and the Principal Risk Consultant responded to Members’ questions in the following terms:  

• the different functions of the Executive and Councillors was dependent on the organisation;  

• directorate leads and Heads of Service take ownership of the Risk Register for their own services;  

• the Risk Register would be brought to the Audit and Governance Committee in March 2026;  

• 6 of the 13 Heads of Service had had their management team doing risk training on specific to service risks; and 

• finance was always on the risk register and now the risks were being looked at to establish options for mitigation.  

It was agreed that the presentation would be shared with the minutes.  

The Audit and Governance Committee noted the Review of Corporate Governance Risk Register report. 

To consider the report of the Council’s External Auditor.

The Audit Manager, Grant Thornton presented the progress report making the following points:  

• the findings report would not come until February;  

• they were working closely with the Strategic Director for Corporate Resources, the Head of Service – Finance, and the Accountancy Services Manager;  

• the ultimate timeline was the backstop date, but a buffer would be built into the process;  

• the Value for Money work was completed and would be reported in the next item; and 

• they were on track to deliver the Audit Findings Report and the Auditors Report on time.   

The Strategic Director for Corporate Resources responded to Councillor Palmer by advising that there had been a delay due to a new asset valuation contract that had begun there was now a dedicated officer liaising and there was a much clearer agreement.  

The Audit and Governance Committee noted the External Audit Progress Report 

To consider the report of the Council’s External Auditor.

The Audit Manager, Grant Thornton presented the progress report making the following points:  

• there was a new requirement to bring the report before the end of November;  

• they had identified three key recommendations, but these were continuations from prior findings; 

• there had been no evidence of any further training on the counter-fraud arrangements;  

• recommendations regarding performance reporting had been responded to by the Council, but were yet to be embedded; and  

• progress was being made regarding the recommendations for procurement, however there was no contract management training in place. 

The Audit Manager, Grant Thornton, the Strategic Director for Corporate Resources, Head of Service – Finance, and the Procurement Manager responded to Members’ questions in the following terms:  

• recommendations and responses from the Strategic Management Board could be found on page 65;  

• counter-fraud used to be run by internal audit, however, following our management restructure this took time to put in place;  

• there had been a series of counter-fraud procedures put in place across key risk areas;  

• the forward arrangements remained robust but there would be a meeting with the internal auditor soon; and  

• there would be an updated counter-fraud strategy coming to the Audit and Governance Committee next march.  

• training staff had been a priority for procurement and 145 members of staff had had procurement training to date;  

• the procurement team had adopted a strategy, but this would be reviewed later on;  

• free Cabinet Office contract management training would be implemented in the future;  

• there was no risk of statutory recommendations due to the great work of the procurement team; and  

• the External Auditor’s Annual Report was backdated work to March 2025 rather than the 25/26 financial year.  

The Audit and Governance Committee noted the External Auditor’s Annual Report.

To consider the report of the Assistant Director, SWAP.

The Assistant Director, SWAP presented the report for the second quarter of 2025/26 making the following points:  

• 36% of the plan had been completed or was currently in progress;  

• there had been one limited assurance report, which would be discussed in further detail in the next item;  

• 96 active green actions had been identified, and 30 were overdue. In the September meeting there were 106 active green actions with 4 overdue; and 

• social housing decarbonisation had been brought back into plan.  

The Assistant Director, SWAP and the Strategic Director for Corporate Resources responded to Members’ questions in the following terms:  

• SWAP were extremely experienced, and were confident that the plan would be completed by the end of the year;  

• it was up to management to implement the actions, SWAP were able to follow up when completed;  

• work was close to agreement regarding the CIL review; 

• the concern of Members regarding the response to St James Community Trust had been noted, and a timeframe would be sought.  

The Audit and Governance Committee noted the Internal Audit Progress Report. 

To consider the report of the Strategic Director for Corporate Resources.

The Head of Service – Finance presented the Limited Assurance Report and advised the Committee that there had been one Limited Assurance audit report on Community Safety and Antisocial Behaviour.

The Head of Service – Finance, Head of Service – City Centre and Net Zero, and the Strategic Director for Corporate Resources responded to Members’ questions in the following terms:

• the audit had been carried out over the summer; and
• there would be a review of the Community Safety Partnership and this was on track to be completed by January 2026.

The Committee were advised that the actions would be fed back to the Committee, and would also be included in the SWAP quarterly update.

The Audit and Governance Committee noted the Limited Assurance Report.

To receive the report of Devon Audit Partnership.

The Head of Devon Assurance Partnership (DAP) and Chief Internal Auditor presented the report making the following points:  

• the overall assurance opinion was reasonable assurance;  

• views had been fed in from East Devon District Councils, Teignbridge District Council, and Exeter City Council;  

• there was good trajectory around the work that Strata were doing and they had had a new Director of IT and Digital Transformation for the last 2 years;  

• it would be beneficial to draw attention to the aspects of delivery that were still within the Council’s remit; and  

• this was a positive report and the recommendations had been taken on board.  

The Audit and Governance Committee noted the Strata DAP Internal Audit ICT Annual Report 2024/25.  

To consider the report of the Strategic Director for Corporate Resources.

The Procurement Manager presented the Quarterly Waivers Report, making the following points:  

• this had been a recommendation from both the external and internal audit;  

• it was typical for this to be reported quarterly or every six months within Local Authority;  

• since staff training had begun there had been a reduction in the number of waivers; 

• a number of breaches were due to grants from central government;  

• there had been no deliberate breaches; and 

• it was normal for there to be a lot of breaches.  

The Strategic Director for Corporate Resources provided context for a breach regarding CCTV and advised that it had been necessary for the function of CCTV in the City Centre to use the same supplier.  

The Procurement Manager, and the Strategic Director for Corporate Resources answered Members’ questions in the following terms:  

• tenders in excess of £100,000 had to be signed off by the Procurement Team, which involved a rigorous process;  

• some direct awards were through framework with another organisation, such as a contract for Trews Weir with the Environment Agency;  

• a grant had been given by MCHLG, which required a short-term waiver;  

• Portfolio Holders were involved in approving and signing off waivers over £215,000.  

The Audit and Governance Committee noted the Quarterly Waivers Report.