Issue - meetings

To present the report of the Head of Audit and Risk.

It was resolved to approve the Internal Audit Strategy for 2021/22 and to endorse the approach and priorities outlined thereon as fulfilling the Council’s assurance needs.

NO PROPOSAL FOR ADDITIONAL ACTION WAS MADE

The report of the Head of Audit and Risk incorporating the draft Internal Audit Strategy for 2021/22 was presented for the Committee’s consideration.

The Head of Audit and Risk highlighted the following key elements of the Audit Strategy –

•           The current context whereby the unprecedented circumstances of the global coronavirus pandemic has shaped the outlook for 2021/22 leading to a refocusing of priorities.

•           Adopting a risk-based and agile approach to audit delivery meaning that internal audit activity will be aligned with the corporate risk registers. In agile auditing activity is based on risks and the organisation’s needs; there is focus on collaboration  and communication between the audit team and stakeholders, the priority is on speed and efficiency leading to a more streamlined process and more rapid audit delivery.

•           Utilising the three lines model (First line – operational functions; second line – functions that support, monitor and facilitate e.g. Legal, Quality Assurance, Information Security; third line – functions that provide independent assurance e.g. internal and external regulators) as a framework to bring sources of assurance together.  Internal Audit will work with the first and second line to secure these assurances and the Council’s Corporate Business and Performance Team to support the Council’s Annual Governance Statement.

•           Concentrating on what matters most to the Council meaning that the majority of Internal Audit activity will be a review of  the red and amber residual risks on the Corporate Risk Register including the seven risk areas listed in the report where the Council has assessed both the inherent and residual risk as Red.

•           Reviewing the management of the Covid-19 risk register to ensure that the Senior Leadership Team continues to effectively manage the risks associated with the pandemic.

•           Managing the risk of fraud which has been exacerbated by the current pandemic. During 2021/22 Internal Audit will deliver training and an e-Learning package to raise awareness and proactively identify fraud in the organisation; undertake targeted counter fraud activities and continue with the review of the Council’s approach to counter-fraud, anti-bribery and corruption, anti-money laundering and terrorism financing and will update the Fraud Response Plan accordingly.

•           Conducting reviews of areas in response to Heads of Service’s assessment of current risk and control issues as outlined in the report.

•           Resuming work which was identified and planned before the pandemic took hold when internal resources were redeployed and focused on supporting the emergency response.

•           Continuing to implement the established follow-up process to ensure that management has effectively addressed the risks raised by Internal Audit.

•           Implementing a streamlined suite of performance measures to determine the effectiveness of Internal Audit’s work.

•           Committing to the ongoing training and development of the Internal Audit Service’s staff. The team continues to include a wealth of internal and external audit experience along with an excellent mix of professional qualifications. Staff turnover remains an issue despite a recent recruitment exercise. However, the experience from last year has provided valuable learning and together with a new  ...  view the full minutes text for item 5