Agenda item
ANNUAL INTERNAL AUDIT REPORT
- Meeting of Audit and Risk Management Committee, Thursday 24 May 2018 7.00 pm (Item 8.)
- View the background to item 8.
Minutes:
FSD 18035
The Annual Internal Audit Report was written by David Hogan, Head of Audit.
The report updated the Committee concerning the Internal Audit activity for 2017/2018.
Members were asked to note the report and the Head of Audit’s opinion on the soundness of the internal control environment within the London Borough of Bromley. The report was intended to assist the Council in meeting the requirements of the Accounts and Audit Regulations 2015. The Committee noted that fundamental aspects of the Internal Audit reviews were to assess the effectiveness of controls in place to mitigate against associated risks.
Members were informed that the 2017/2018 Internal Audit Plan had identified a total of 70 separate tasks, not including schools. Additionally, 19 audits had been carried forward from the previous year. The Head of Audit explained to Members that achievement of the 2017/2018 plan had been affected by several factors. In terms of resources for 2017/2018, the total number of days lost because of sickness and an unfilled vacancy, was 149. Resultantly, additional resources were procured from Mazars. Summaries were provided of work days allocated to Departments, and a summary of work that had been undertaken.
The Head of Audit explained the Assurance Levels used, and their definition. The Committee heard that in June 2017, 35 Priority 1 recommendations had been reported to the Audit Sub Committee, and at the time of writing the report, 31 had been implemented.
Members were provided with an interesting update concerning risk registers. It was noted that Zurich had been commissioned to undertake a check and challenge process on the risk registers for LBB’s three Directorates. The results of this process were reported back to the Directorate Management Teams, and this had resulted in updated risk registers being produced. The findings were also reported to the Corporate Leadership Team and it was agreed that the same challenge and scoring should be undertaken for corporate risks.
The Head of Audit explained that all internal audit arrangements were subject to a thorough internal review of quality; this was to ensure that the quality of the work was in line with the expectations of the Public Sector Internal Audit Standards (PSIAS).
It was noted that under the requirements of the PSIAS, there was a need for an external quality assessment of the internal audit service every five years. This had been undertaken in March 2016, and it was concluded that the section generally conformed to the required standards.
The Head of Audit briefed the Committee that the commercial software used by Internal Audit had no longer been supported from February 2017, and so an alternative had been required. A decision was made to develop new systems in house (by Internal Audit) using MS Word and Excel. The decision to develop systems in house had resulted in savings for the Council.
Members were briefed that the annual assessment was based on work reported to the Audit Committee between April 2017 and the date of the report. The assurance activity undertaken by the Council and other external assurance providers was taken into account when finalising the Annual Assessment. Reasonable assurance could be provided that there was generally speaking a sound system of internal control.
The Head of Audit advised that the Council had identified challenges with respect to making future budget savings alongside the maintenance of frontline services. A balanced budget had been set for the 2018/19 financial year, and income and savings options had been identified for 2019/20. Beyond this there was likely to be significant future challenges. It was further noted that reduced resources were being stated by some managers as having an adverse effect on the ability to implement audit recommendations.
The Head of Audit acknowledged that contract management issues had been identified across the Council over the last two years. Because of this, actions had been taken to strengthen arrangements across the Council. These arrangements included the Contracts Database with an alert system for tendering and renewal. Comprehensive training was now available for everyone involved in the commissioning of services, which consisted of four training modules—each lasting for three hours.
Finally, the Committee was informed that significant changes were required to ensure that the Council would be compliant with the General Data Protection Regulations 2016 (GDPR) when introduced on 25th May. Resultantly, a detailed and challenging independent review had been undertaken by the ‘Data Protection People’, and 51 recommendations were provided by the Review.
The Head of Audit also provided brief updates regarding Corporate Related Fraud, the National Fraud Initiative and Freedom Passes.
The big issues for LBB now were:
· The Council’s financial position going forward
· Contract Management
· GDPR
It was mentioned that the pro-active exercise which had been undertaken in 2016-2017 had resulted in 684 Freedom Passes being cancelled with savings estimated at £200k.
RESOLVED that the report be noted, and that the Head of Audit’s opinion on the soundness of the internal control environment within LBB also be noted.
Supporting documents:
-
Annual Internal Audit ReportPART 1 REPORT TEMPLATE, item 8.
PDF 113 KB -
Appendix A. Audit Progress 2017/18, item 8.
PDF 58 KB