Agenda and minutes

Audit and Governance Committee
Friday 7 April 2017 10.00 am

Venue: Cabinet Suite - Shire Hall, Gloucester. View directions

Contact: Andrea Griffiths 01452 324206 

Items
No. Item

15.

Declarations of Interest

Members of the Committee are invited to declare any pecuniary or personal interests relating to specific matters on the agenda.

 

 

 

Please see note (b) at the end of the agenda

Minutes:

No additional declarations were made to those already recorded.

16.

Minutes of the previous meeting pdf icon PDF 117 KB

To approve as a correct record the Minutes of the Meeting held on 20th January 2017.

Additional documents:

Minutes:

The Director of Finance informed the Committee that the Highways Network Asset accounting instruction had now been withdrawn.  It was explained that the materiality of Highways was unrealistic and would dwarf Local Authority accounts.  The Committee appreciated and supported Officers frustration in relation to the wasted cost, time and effort of performing such a task at the interim stage.   Members felt that the Committee view should be made patently clear to CIPFA, Ministers, the LGA and its peers. 

 

Members’ questioned the actual costs involved in this piece of work and who decided to withdraw this request.  The Director of Finance explained that it was CIPFA’s decision to withdraw the scheme.  Some members felt that a national response should be submitted highlighting the costs involved and the disappointment caused by the timeframe.  The Director of Finance agreed to discuss the issues raised with the County Treasurers Group and submit a letter on behalf of the Committee. 

 

It was agreed that on Page 3 of the minutes, 1st paragraph the word ‘September’ be amended to ‘July’.  

 

All matters arising had been dealt with and communicated to members of the Committee.

 

Resolved

 

That the minutes of the meeting held on 20th January 2017 be approved as a correct record and signed by the Chairman, subject to the amendment. 

17.

Grant Thornton Audit Plan for GCC and Pension Fund pdf icon PDF 701 KB

The Committee is asked to note the report.

Additional documents:

Minutes:

Elizabeth Cave presented the report which informed the Committee of the audit work to be undertaken for the 2016/17 financial year for Gloucestershire County Council, Gloucestershire Pension Fund and the fee involved.

 

It was explained that the plan clearly set out the process and had a greater emphasis on the elements of risk.  Members were informed that audits were based on materiality, therefore the audit was designed to consider material error.  The Committee were informed that Internal Audit and Grant Thornton had regular meetings and dialogue throughout the financial year to discuss key issues on a regular basis. 

 

In response to a member query about debt the Director of Finance referred members to the Corporate Debt Policy.  It was noted that the Chief Internal Auditor (CIA) included the compliance with Corporate Debt Policy in the Internal Audit Plan.  The Head of Financial Management explained workshops were being held for budget holder managers, which highlighted their roles and responsibilities.  Because of the change in process, every month a debtors list was generated for each budget holder.  Also, regular reminders were sent to the debtor requesting prompt payment as part of the debt controlled process.   Members requested that the Corporate Debt Policy and its findings be presented to the October Committee. 

 

The external auditor explained that it was essential to be clear on service delivery and the required outcomes.  They recognised the technical risk and the need for good governance. 

 

Members were informed that there were changes to the CIPFA Code of Practice 2016/17.  After some discussion, the Committee agreed that the change to the code should be addressed at the new Audit and Governance Committee training session.

 

In response to a question, members were advised that the new accounting narrative in the annual accounts, provided subjectivity, flexibility and was reviewed annually.  Grant Thornton reiterated that GCC’s narrative was a good practice example and they had used it as an example for other authorities. 

 

Members’ attention was drawn to the key dates for the closure of accounts within the report.  It was noted that this was an important step in closing the  accounts for the County Council and the Pension Fund faster.  The Committee noted that this would now not be hampered by the Highways Network Asset change. 

 

Members debated the report content and questioned Grant Thornton.  The Committee was informed that it was role of the external auditor to review the arrangements and advise the Authority to achieve the objectives.

During the discussion, members referred to revenue recognition and sought assurance from Grant Thornton that the issues were duly considered.  Members were informed that the report highlighted the most important aspects of risks, of which there were varying levels of risks.

 

In response to a question, it was noted that the outcome of the Ofsted in Children’s social care would feed into the value for money conclusion.  Grant Thornton informed the Committee that they had a national panel to consider any qualifications for value for money.   

 

The committee proceeded to discuss  ...  view the full minutes text for item 17.

18.

Grant Thornton Annual Progress Report pdf icon PDF 10 MB

The Committee is asked to note the report.

Minutes:

David Bray presented the report.  The report detailed the progress Grant Thornton had made in delivering their responsibilities as the external auditors. 

 

It was noted that Grant Thornton had devised the plan in association with the Authority.  Accounting, audit issues and emerging issues would be flagged up as part of the regular report.  It was noted that Grant Thornton had regular discussions with officers. 

 

Grant Thornton anticipated that the accounts would be presented to them in June for Audit and they would report their findings to the July Committee meeting.  It was confirmed that the Authority was in a good position with the early closure of the accounts and once again had risen to the challenge. 

 

In response to a question, relating to the local government settlement, it was noted that only two County Councils had not accepted the settlement. Some members questioned the offer and the timeframe given.   

 

Resolved

That the report be noted.

19.

Grant Thornton Audit Standards Communication and IA Fraud Law & Regulations pdf icon PDF 211 KB

The Committee is asked to note the report. 

Additional documents:

Minutes:

David Bray presented the report, which summarised the International Auditing Standards in relation to the Audit and Governance Committee and management responses, as stated within the report.  The Committee considered the robust responses, which were circulated prior to the meeting and confirmed that it was satisfied with the arrangements in place. 

 

It was requested that the reference to GCC be included as a footnote throughout the report and that greater emphasis should be expressed in relation to the Pension Board and Committee.  Grant Thornton agreed to take these points on board. 

 

The Committee congratulated officers on their efforts and welcomed the report which provided detailed responses. 

 

Resolved

That the report be noted.

20.

Internal Audit Plan 2017/18 pdf icon PDF 53 KB

That the Committee notes that the Internal Audit Plan for 2017/18 makes adequate provision for the risks arising from organisational change and

Is asked to approve the 2017/2018 Internal Audit Plan.

Additional documents:

Minutes:

Theresa Mortimer, Chief Internal Auditor (CIA) presented the Internal Audit Plan for 2017/2018 for the Committee’s consideration and approval.  It was noted that the principles of Risk Based Internal Auditing, were encompassed within the plan, which meant that officers could focus resources on providing assurance on the Council’s key risks and priorities.  

 

It was noted that to enable the plan’s development, a wide-ranging consultation process had taken place which included meetings with Senior Management across the Council and parallel meetings with the Chairman of the Audit and Governance Committee, External Audit and Finance Managers, which helped Internal Audit to establish their audit assurance activity priorities.

 

The CIA explained that Internal Audit had ongoing liaisons with key stakeholders throughout the year to ensure Internal Audit was kept informed of key changes to enable them to adapt their work priorities accordingly. 

 

The proposed activity from all sources, which included Internal Audit’s own risk assessments, were collated and prioritised based on risk between 1 and 4.  It was noted that 1 was the highest priority based on previous fraud/irregularity within the service area, change of management, policy, new contractual arrangements, financial value/overspends, etc.  These activities were then matched against internal audit’s capacity and staff resource plan, with priority 1 activities being allocated in the first instance and subsequently priority 2 activities.

 

The plan was stated in terms of estimated days input to the Council of 1625 which was comparable with last year.  This level of input was considered acceptable to provide the assurance needs of the Council.  Members were informed that the CIA had the ability to commission internal audit resources from current audit framework agreements as required. 

 

 

In response to a question, it was explained that the ICT technical audits were undertaken by The Internal Audit Association (TIAA) the Council’s appointed external ICT auditors. This plan is developed by Internal Audit and TIAA in conjunction with the Director responsible for ICT and Head of ICT Service.  Once these audits had been agreed they would be detailed within future monitoring reports. 

 

The proposed plan had been presented to the Chair of the Audit and Governance Committee, Director of Finance and CoMT and following robust challenge, had been endorsed.

 

Members’ attention was drawn to the summary overview of the plan, which highlighted the allocation of audit resource per category of review and functional service areas. It was noted that this year’s plan had been based on the Council’s current risk profile and change agendas.

 

The Committee was advised that there was a proportional split based on risk, between each of the service areas to enable the provision of an annual audit opinion, after taking into consideration other assurance providers to avoid duplication. However, continued focus had been directed to ICT audit (SAP access controls and cyber risk) Adult and Children services, accountable body status, contracts and fraud and irregularity work, due to an increase in the number of referrals.

 

Members felt that it was a very ambitious plan, the CIA explained that due to  ...  view the full minutes text for item 20.

21.

Internal Audit Activity Progress Report 2016/17 pdf icon PDF 47 KB

Additional documents:

Minutes:

 Theresa Mortimer, Chief Internal Auditor presented the report which informed members on the progress of the internal audit activity in relation to the 2016/2017 Internal Audit Plan and provided a progress report on those audits undertaken during the period January to March 2017, including the opinions provided on risk and control.

 

The Committee welcomed the report which provided the relevant risk and control assurance opinions in relation to the audit activity during the above period.  The report included a graphical summary that highlighted the opinions provided during this period, which showed an overall satisfactory and above rating of 82% on control and 85% on risk. Members’ attention was drawn to the fact that 18% of the opinions on control were limited. Officers explained that this may be due to transformational change, whilst focusing audit activity on the key risks of the Council and as a result of specific requests from Directors, who requested areas to be reviewed where issues had arisen or where independent assurance was required.

 

The CIA informed the Committee that all 22 recommendations made by Internal Audit to improve the control environment during this period, had been accepted by management. 

 

The CIA highlighted there was one key area with limited assurance, which related to the recruitment starting salary arrangements.  There were two key improvement areas relating to the need for a policy covering the starting salary points when recruiting external applicants (there was a policy for existing internal recruitment starting salaries although this was not always complied with) and non-compliance with the Council’s scanning of personal documents policy and handling of such data in accordance with the Data Protection (DP) requirements. The CIA was pleased to report that the starting salary policy had now been developed and staff had also been made aware of its contents via a manager’s brief. 

 

The CIA recommended that management were invited to the next Committee to provide an update as to the progress made in relation to the recommendations made.  The Committee welcomed this approach. 

 

The Committee discussed the progress report in detail, and were informed that Internal Audit also carries out consultancy work as well as assurance activity. Whilst consultancy work provides a conclusion on the control environment, a formal assurance opinion would not be provided.

 

The CIA explained that the partnership arrangements with Gloucestershire Fraud Hub were working well as the hub encompassed a range of technical skills and behaviours and as such contributed towards the resilience of responding to fraud and irregularity referrals. 

 

In response to a question concerning Regulation of Investigatory Powers Act (RIPA) investigatory procedures, the CIA agreed to establish the councils current policy to ensure it enabled collaborate working. 

 

A lengthy discussion occurred relating to the storage of personal data records and the methods involved.  The CIA agreed to discuss the issues raised with the Information Management Service. 

 

Resolved

That the report be noted. 

22.

Freedom of Information Annual Report pdf icon PDF 117 KB

The Committee is asked to note the report.

Minutes:

Jenny Grodzicka, Information Management Service Manager presented the report, drawing attention to the significant increase in requests.  It was explained the statutory timescale response rate had dropped to 78%, this was below the Information Commissioner’s Office (ICO)’s target of 85% of the statutory timescales. However, additional investment and improvements continued to be implemented, which had brought the response rate back up to 85%.  The service had actively addressed the issues and commissioned a piece of challenge work, which was now completed. 

 

As such this was followed by a reallocation of management priorities and time for an interim period and additional temporary resources were procured. The Committee were reassured that the service had now secured permanent funding for the centralised team and was continuing to implement improvements, including training for key contacts.

 

Members were informed that there had been a 4% increase in the volume and complexity of requests the Council received, with 2276 requests received in 2016 compared with 2195 in 2015.  The Freedom of Information (FOI) service worked directly with all service areas and complicated requests could also be referred to legal for support, to enable the FOI team to respond. The Committee discussed the report in detail and it was noted that the graphs asked for at the previous Committee had been included in the report.   

 

It was noted that impacts on the rates were as a result of the number FOI requests received, complexity, and volume of information.  Members were informed that the Information Management Service worked directly with all service areas and complicated requests could also be referred to legal for support, to provide the appropriate response.

 

It was explained that requests under the Data Protection Act remained steady, with only two additional requests received compared with 2015. These dealt with co-ordinating large volumes of both paper and electronic files; many of which required the full content to be assessed prior to release, and were very time consuming.  In response to a question, it was noted that these were often ex-service users accessing their files to help them understand their past, but also included requests from solicitors acting on the individual’s behalf and the police undertaking investigations into historical abuse.

 

Members noted there had been a significant rise in the number of Data Protection complaints received from 8 to 24 (including those from the ICO).  These usually related to complex service user cases that required considerable investigation to understand the issues in question and may not be linked to a request for information.

 

The FOI team continued to proactively publish information so that requestors could be directed to where the information was readily available, to help the Council manage demand, for example the Find It mapping tool showing street and road works. 

 

Officers explained that there were five top exemptions, one of which included where the information was already accessible.  It was explained that the FOI team were working on the management information system so they could better identify if the proactive publication was having  ...  view the full minutes text for item 22.

23.

Exclusion of the Press and Public

THAT in accordance with Section 100 A (4) of the Local Government Act 1972 the public be excluded from the meeting for the business specified in agenda item 14because it is likely that if members of the public were present there would be disclosure to them of exempt information as defined in paragraph 3 and 7 of Part 1 of Schedule 12 A to the Act and the public interest in withholding the information outweighs the public interest in disclosing the information to the public    

 

Minutes:

THAT in accordance with Section 100 A (4) of the Local Government Act 1972 the public be excluded from the meeting for the business specified in minute 12 because it is likely that if members of the public were present there would be disclosure to them of exempt information as defined in paragraph 3 of Part 1 of Schedule 12 A to the Act and the public interest in withholding the information outweighs the public interest in disclosing the information to the public.

24.

Exempt Limited Assurance Report

The Committee is asked to note the report. 

Minutes:

The Committee received and discussed the report in detail.  Members were informed that a follow up review would be completed in 2017/18. 

 

Resolved

That the report be noted. 

 

25.

Any Other Business

Minutes:

The Chairman extended his thanks to Cllr Hicks for his contribution to the Audit and Governance Committee.

 

Cllr Hicks thanked The Director of Finance, the CIA and their teams for all their skill, support and ability to promote understanding and expressed his gratitude to all staff involved with the Audit and Governance Committee.