Agenda item

To present the report of the Internal Audit Manager.

The report of the Internal Audit Manager on the Internal Audit Service’s performance to date relative to the 2016/17 Audit Plan was presented for the Committee’s consideration.

The Internal Audit Manager reported as follows –

•           The report analyses the performance of the Internal Audit Service for the period from 1 April, 2016 to 31 December, 2016 and is supported by Appendices A to G which detail progress against performance targets for 2016/17 and the work undertaken by the Service during this period.

•           The amount of work allocated to work in progress during 2016/17 to the end of December, 2016 accounts for 111.55 days and will be met from closure of previous year’s work contingency.

•           The schedule of performance targets for the period ending 31 December, 2016 at Appendix A shows that 56.06% of planned audits have been completed up to 31 December, 2016 against an annual target of 80%.

•           There were 2 additional unplanned audits performed during the period from 1 April to 31 December, 2016 amounting to 10.36 days work as documented at Appendix B.

•           A summary of all audit assignments completed during the year to date including work in progress from 2015/16 is provided at Appendix D. Two of the planned audits completed since 1 September 2016 are assessed as not providing positive levels of assurance. The Child Care Court Orders under the Public Law and the Extra Care Housing Commissioning Arrangement were both assessed as providing Limited Assurance. Details of the audits are summarised in Appendix D to the report.

•           The percentage rate for the implementation of internal audit recommendations as at 31 December, 2016 was 82%.A graph showing the breakdown of recommendation implementation by service is provided in Table 2. Those recommendations outstanding as at 31 December, 2016 are listed in Appendix E.

•           A schedule of the 10 follow up audits conducted during the period from 1 April to 31 December, 2016 is provided at Appendix F. This shows the number of recommendations accepted and subsequently implemented by management in each area along with a revised audit opinion regarding the adequacy of the internal control environment.

•           A summary of special investigations undertaken by Internal Audit during the period is given in Appendix G; these amount to 141.08 days.

•           Sickness absence accounted for 5 days absence up to the period ending 31 December, 2016 against an annual target of 45 days.

•           An analysis of the Service’s performance in the period in question demonstrates that performance levels are on target. However, the ability of the service to achieve the Operational Plan will be dependent on the level of demand for audit resources in respect of referrals, unplanned work prior to the year end and sickness absence levels.

The Committee considered the information presented and made the following points –

•           The Committee noted with regard to the Council’s management and assurance processes and controls for Corporate Safeguarding (Appendix D) that this area which has been assessed as providing Limited Assurance, has been under consideration for some time. In light of the risks inherent in corporate safeguarding due to the vulnerability of the individuals who are assessed as being in need of protection, the Committee sought clarification of the position with regard to acting on the key findings from the audit of this area. The Internal Audit Manager informed the Committee that Internal Audit is scheduled to report on the follow up to the audit of Corporate Safeguarding to this Committee in June, 2017. All Limited Assurance audits are followed up and the outcome along with the revised audit opinion are reported to the Committee.

•           The Committee noted that during 2013/14 the Council brought together responsibility for safeguarding children and adults under one Head of Service (Children).The Committee sought clarification whether this organisational change has been reviewed for effectiveness and whether the restructure has helped in terms of contributing to improving the Council’s controls and processes for managing risks associated with Corporate Safeguarding. The Chief Executive said that safeguarding is a corporate responsibility and is an aspect which all Heads of Service were required to address both last year and this year, and for which they are held accountable. The Children’s Services is currently under review and the point made will be taken into account as part of the review.

•           The Committee sought clarification of the processes for monitoring work undertaken under contract to the Council and for identifying and following up instances where the workmanship is not to standard, is incomplete or does not meet with contract specifications meaning there could be a risk of financial loss to the Council especially where payments have already been made. An example of such a scenario was given. The Internal Audit Manager said that the Internal Audit Services has recently commenced an audit of Housing Maintenance and will include the point raised as part of the examination of the controls, processes and practices in this area.

•           The Committee sought assurance that action is being taken to ensure that recommendations are implemented and that reasons for non-implementation or issues that could hinder implementation e.g. a lack of staff resources are identified and flagged up be that via the Corporate Risk Register or elsewhere. The Committee emphasised that early identification and timely reporting of potential risks are essential to help prevent those risks from materialising. The Chief Executive said that there is a procedure for identifying and escalating risks where necessary. Service risk registers are regularly reviewed and any issues are fed through to the Senior Leadership Team; if they are deemed to pose a corporate risk they are then escalated to the Corporate Risk Register.

It was resolved to accept the report as providing assurance regarding the internal control, risk management and corporate governance processes that are in place to manage the achievement of the Authority’s objectives.

NO FURTHER ACTION ENSUING