Agenda item

To provide the Audit Committee with a summary of the work completed by Risk Services in quarter one of the 2016/2017 financial year.

Mr Smith, Audit Manager, presented the Committee with the Risk Services Quarter One Report 2016/2017.

Mr Smith reported on the key internal audits that had been scoped in the first quarter and for which preparatory work had commenced. Members were advised that the Internal Audit Team had been externally assessed against the Public Sector Internal Audit Standards. The verbal feedback received was positive with some recommendations to be considered. Mr Smith noted that once the final report had been received it would be presented to the Committee.

Members were also provided with details of service developments with regards to Corporate Fraud, notably that proactive counter fraud work was underway in a number of areas with the focus for quarter one being on purchase cards, insurance fraud and blue badges.

Mr Smith reported on the Key Performance Indicators for the service.  He advised that there was a degree of volatility to the indicators due to only being at Quarter One, however the figures were approximately what would be expected. Responding to Members’ questions, Mr Smith advised how the indicator of ‘Percentage compliance with quality standards for audit reviews’ was calculated and noted that achieving over the target was good.

Members questioned the reasons for only 78% of the Resource directorate business continuity plans being completed. Mr Smith advised that the reason had been due to business continuity plans for accountancy not being in place by the time of the report publication. However, Members were advised that the business continuity plans had since been submitted.

Members raised further questions with regards to the low percentage of employees completing the i-pool fraud awareness course. Mr Smith advised that it was not currently a mandatory course and Mr Jack explained that there was a requirement to push the course to all appropriate employees. However, he considered that it would not be appropriate to be mandatory as it would not be relevant for some employees. It was also noted that there were already a significant number of mandatory i-pool modules which staff had to complete. Upon challenge from Members regarding the target figure, Mr Jack provided assurances that in twelve months the 50% target would be met.

The Committee noted the information relating to Whistleblowing and considered that it would be useful for Members to have access to training on the Whistlebowing policy. It was agreed that the Committee should make a recommendation to the Member Training Panel to consider offering a training course on the Whistleblowing policy.

Members noted the positive Corporate Fraud statistics and questioned officers on whether they considered the figures to be a true reflection. Mr Smith advised Members that Risk Services was building up capacity to undertake proactive work to find incidents of corporate fraud, following the transfer of some responsibilities to the Department of Work and Pensions.

The Committee considered the Internal Audit reports that had been issued during the quarter. Members discussed the internal audit review of Selective Licensing, which focused on the expenditure attributed to the scheme to ensure each transaction was appropriate and the apportionment of time spent on the scheme by staff had been properly accounted for. Mr Smith reported that the review identified that the expenditure incurred by the scheme was reasonable and in line with the delivery of the scheme. However, it was noted that there should have been more robust budget management by the service to ensure that budgets for schemes reflected actual expenditure and that the focus of the service had been on outcomes rather than monitoring resources. The Committee considered that the Director of Community and Environmental Services should be invited to discuss the internal audit report in more detail, the lessons learned and the action plan following the audit recommendations, at the next meeting of the Committee.

Members raised questions with regards to the internal audit entitled ‘Financial Control Assurance Testing’, specifically with regards to duplicate accounts being created. Mr Smith noted that it had been an issue for a significant length of time and Mr Thompson advised that the reason for the errors was due to small derivatives of the same client being entered onto the system due to oversights from individual employees.

The Committee considered the internal audit on ‘catalogue prices’ and Mr Smith reported that the current controls had been found to be inadequate with a number of risks identified and changes necessary. Upon questioning from Members, Mr Thompson considered that the findings of the review had been disappointing, but that action was now being taken to ensure internal controls were appropriate. Mr Smith advised that an action plan had been devised making recommendations for how to resolve the issues and internal audit would be undertaking follow up work to ensure there were improvements.

Members noted that some priority one recommendations had not been implemented by the agreed target date. Mr Smith reported that often the recommendations were not able to be implemented immediately and in such cases steps had been taken with the services to agree revised target dates. He assured Members that internal audit did follow up on their recommendations and the Committee noted that it could invite officers to the Committee to provide an explanation for recommendations not being implemented.

The Committee agreed:

1) To note the report.

2) To recommend that the Members Training Panel consider offering a training course for Members on the Whistleblowing policy.

3) To request that the Director of Community and Environmental Services be invited to attend the next meeting of the Committee in order to discuss the Selective Licensing internal audit report in more detail, the lessons learned and the action plan following the audit recommendations.

Background papers: None.