Agenda item

To present the report of the Head of Audit and Risk.

The report of the Head of Internal Audit and Risk which provided an update on Internal Audit’s latest progress with regard to service delivery, assurance provision, and reviews completed was presented for the Committee’s consideration.

The Head of Audit and Risk reported on the main considerations as follows –

•           That five reports were finalised during the period which were all grant certification audits  – Pupil Development Grant (Looked After Children); Teachers Pay Awards and Cost Pressures; Pupil Development Grant (Access); Ethnic Minority & Gypsy Roma Traveller Learners Grant and Additional Free School Meals Costs due to rollout of Universal Credit (Copies were provided to the Committee’s members). The first four reviews produced a Substantial Assurance opinion whilst the fifth resulted in a Reasonable Assurance opinion. Internal Audit did not identify any risks for management attention for any of the five reviews.

•           A second follow-up review of Sundry Debtors (the original review and first follow-up having resulted in a Limited Assurance opinion) concluded that Management have undertaken much work to address the issues/risk outstanding after the first follow-up thereby enabling Internal Audit to increase the assurance provided to Reasonable. However, in light of the fact that 8 issues/risks remain outstanding (which are in progress of being addressed) and the potential impact these would have in those areas, Internal Audit will follow-up the action plan again in May, 2020.

•           That there are two follow-ups of reports with a Limited Assurance rating currently in progress – Primary Schools Income Collection and Direct Payment. There is also a follow-up of a Schools Information Governance Health Check conducted by an external consultant for which an assurance rating was not provided. Two follow-ups are scheduled for the next six months – System Controls: Logical Access and Segregation of Duties, and Sundry Debtors. These may be added to dependent on the assurance provided for reviews conducted throughout the year.

•           That management performance in addressing issues/risks and implementing actions continues to improve. There are no High or Red issues/risks currently outstanding and performance in addressing Amber rated issues/risks has improved since the last update to Committee on 3 September with the overall implementation percentage for High/Red/Amber issues/risks at 94%.There has also been an improvement in performance in addressing outstanding Medium/Yellow risks. However progress with implementing the new and upgraded version of the action tracking system has been hampered by an IT compatibility issue which has only recently been resolved.

•           That work is currently in progress on six audits form the Operational Plan for 2019/20 as listed in Paragraph 37 of the report.

•           That the resource available to the Internal Audit Service has increased by 120 days (which after training and annual leave have been factored in allows for 70 days which can be used on outstanding projects) with the addition on a temporary basis of an accountant from the Accountancy Service, the objective being to provide the employee with a development opportunity in audit services as well as providing Internal Audit with extra support.

The Committee discussed the report and sought further clarification with regard to the following matters –

•           The reasons why the Grant Certification audit in relation to Additional Free School Meals due to rollout of Universal Credit was given a Reasonable assurance rating even though no risks for management action were identified when all the other grant certification audits referred to were rated Substantial assurance. Also, given that the Operational Programme is risk based why were the grant audits prioritised when the assurance rating for all five indicate that they were low risk?

The Head of Audit and Risk clarified that Welsh Government requires that the specific grants referred to be certified as having been audited. Not all grants are subject to the same requirement. Also, as one-off projects the Teachers Pay Award and Cost Pressures Grant and the Additional Free School Meals Costs due to Rolling of Universal Credit grant are viewed as slightly higher risk. 

With reference to the assurance rating given the Additional Free School Meals Costs due to Rollout of Universal Credit grant audit, the Director of Function (Resources)/Section 151 Officer set out the background to the matter explaining that the purpose of this additional funding was to reimburse the Council for costs incurred in funding additional free school meals in the 2018/19 financial year because of the rollout of Universal Credit. However, due to the late rollout of Universal Credit on Anglesey in December 2018 the Council had limited direct costs associated. A spending plan to support free school meal pupils was proposed and was accepted by Welsh Government (details of which were given in the final report provided). The amounts in the plan were estimates of how the Council would spend the money but it did not spend the estimated amounts in full. Welsh Government agreed that the unspent funding could be used to write off 2018/19 debt in relation to free school meals but the grant would only support costs incurred during the 2018/19 financial year. Internal Audit was unable to verify the amount claimed to be written off in relation to free school meals, as it has not yet occurred i.e. Internal Audit has not seen evidence of the write off and cannot verify if the debt is specifically in relation to free school meals hence the Reasonable rather than Substantial Assurance opinion.

•           The reasons why the third follow-up of Sundry Debtors has been scheduled for May, 2020 when the expectation might be that the outstanding issues/risks would have been resolved in a shorter timeframe?

The Director of Function (Resources)/Section 151 Officer clarified that many of the issues in relation to Sundry Debtors stem from the capacity of the team to deal with the historic volume of work. During the last four years the team has undergone restructure with work also ongoing on modernising the service’s operating systems with the objective of moving towards increasingly digital payments processes thereby reducing the number of invoices raised. It is also intended to appoint to a new post of Systems Administrator which will also encompass developing the service’s cash income collection systems. Steps to rationalise the volume of work are therefore being taken which are expected to address many of the issues outstanding from the audit. Additionally, the time taken to approve new debtors and raise new invoices has significantly improved. Developing new IT systems and ensuring they are properly integrated with associated systems takes time; it is however expected that by May 2020 with the support of the extra resource further improvements will have been made notwithstanding the development work is additional to staff’s day to day work.

In response to a query by the Committee regarding the merits of bringing in external expertise to undertake the systems development work the Officer said that the Council’s financial situation means that it has to maintain a  balance between investing in back office functions and frontline services. Whilst back office costs have been reduced over time as part of efficiency measures to balance the Council’s budget, further reductions are not feasible. However, should the Council’s financial prospects improve it may be possible to reconsider re-investing in back office functions which would generate savings and improvements in efficiency.

•           The recurrence in reports of IT compatibility issues as hampering progress and whether these issues are due to the quality of the technical specification given to providers in terms of what the product/software is expected to do and how the process is then managed to ensure that the product is delivered accordingly?

The Director of Function (Resources)/Section 151 Officer explained that with regard to local government operating systems the number and choice of providers is limited with these few providers serving a large number of local authorities. As a smaller sized authority Anglesey is disadvantaged in terms of the influence it can bring to bear on providers compared with a large authority with a proportionally larger budget. Additionally, applications have to meet the Council’s bilingual requirements which can sometimes create difficulties leading to delay in implementation and unforeseen issues can also arise after the specification has been written. The differences in the way other councils in Wales apply the Welsh Language Standards and variations in operating systems also make collaborating on IT matters problematic.

•           In response to a question about productivity, the Head of Audit and Risk clarified that conversations with colleagues in other local authorities and with Welsh Government have shown that they do not include annual leave and maternity leave in their statistics. Therefore for the next year the Internal Audit Service will measure productivity differently. The Officer also confirmed that the Operational Plan does not specify a delivery date for individual audits because the Plan is a live document and changes as the risk register changes. Internal Audit seeks to ensure that the Plan remains flexible so that any emerging areas of risk can be introduced to the Plan during the year.

Having considered the report and the further clarifications and assurances provided by the Officers at the meeting, the Committee resolved to note Internal Audit’s latest progress in terms of service delivery, assurance provision, reviews completed, performance and effectiveness in driving improvements.

THERE WERE NO PROPOSALS FOR ADDITIONAL ACTION