Issue - meetings

To present the report of the Head of Audit and Risk.

It was resolved to accept the Internal Audit Annual Report for 2019/20 and to note that the Head of Audit and Risk is satisfied with the adequacy and effectiveness of the Council’s overall arrangements for risk management, governance and internal control subject to introducing and/or improving internal controls in some areas.

NO ADDITIONAL ACTION WAS PROPOSED

The Annual Report of the Internal Audit Service for 2019/20 was presented for the Committee’s consideration. The report outlined the Internal Audit work carried out during the year ended 31 March, 2020 based on which the Head of Audit and Risk gave her overall opinion on the adequacy and effectiveness of the Council’s framework of governance, risk management and control during the year which also informs the Council’s Annual Governance Statement.

The Head of Audit and Risk reported that for the 12 months ended 31 March, 2020, the Isle of Anglesey’s Chief Audit Executive i.e. the Head of Audit and Risk is of the opinion that the organisation had an adequate and effective framework for risk management, governance and internal control. While the Head of Audit and Risk does not consider there to be any areas of significant concern, some areas require the introduction or improvement of internal controls to ensure the achievement of objectives, and these are the subject of monitoring. There are no qualifications to this opinion.

The Officer said that the opinion above was reached based on the work and activities undertaken by the Internal Audit Service during the year specifically with reference to the following –

•           During 2019/20, the Internal Audit Service reviewed 50% of the risks in the corporate risk register with a red or amber residual risk rating (83% over a 17 month rolling period) (Appendix A refers) and was able to provide Reasonable assurance that the Council was effectively managing all but one of the risks reviewed. The review of IT Resilience finalised towards the end of 2019/20 concluded in a Limited assurance rating and has received attention from the Senior Leadership Team.

•           Of the total 21 audits finalised during 2019/20, six were awarded Substantial assurance for the arrangements for governance, risk management and internal control with no significant or material risks/issues identified compared to three in 2018/19. Thirteen reviews resulted in a reasonable assurance rating (14 in 2018/19). As in the previous year, two audits received a Limited assurance rating; two reports remain with Limited assurance after follow-up and will continue to be reviewed to monitor the implementation of the risks raised.

•           No audits received “No” assurance and no Critical (red) issues/risk were raised during the year. There are no red issues/risks currently outstanding.

•           Where Internal Audit has identified issues/risks, Management has accepted them all

•           During 2019/20 Internal Audit found senior management at the Council to be supportive and responsive to the issues raised.

•           There were no issues deemed to be of a significantly high risk or impact to warrant inclusion in the Annual Governance Statement

With regard to performance, the Internal Audit Service has in place a quality assurance, and improvement programme to ensure continuous improvement. The Service has performed well during the year against the targets agreed with the Audit and Governance Committee as part of the Strategy for 2019/20 (Appendix D) with 3 out of 5 indicators meeting or surpassing their targets. The  ...  view the full minutes text for item 5