The Committee is asked to consider the report
Theresa Mortimer, Chief Internal Auditor (CIA) presented the Committee with an annual report on Internal Audit activity, which met the CIA annual reporting requirements as set out in Public Sector Internal Audit Standards (PSIAS) 2017.
The report provided the CIA’s annual opinion on the overall adequacy and effectiveness of the Council’s Internal Control environment comprising risk management, control and governance, this opinion supported the Council’s Annual Governance Statement. Members felt the report displayed the wide remit of activities that Internal Audit covered.
Members were referred to page 356 of the report, where, except for those matters identified in relation to Children’s Services and GFRS, Gloucestershire County Council has a satisfactory overall control environment, to enable the achievement of the Council’s
outcomes and objectives.
It was explained that the report provided information on what was taken into account to arrive at the opinion. The CIA also confirmed that there had been no limitations on internal audits scope of activity or no undue influence had been place on the CIA. The CIA provided a summary of IA activity undertaken, with the net affect being that 92% of the overall revised plan had been delivered. Members were advised that the key changes to the original audit plan were as a result of the additional 18 GFRS audits that were undertaken.
Members’ attention was drawn to page 362 of the report, which provided the Committee with a pie chart summary of the overall opinions given during 2018/2019. The CIA demonstrated that 70% of audited activity received a substantial or satisfactory opinion on control and 81% received on risk. There were 11 audits that received a limited assurance opinion on control with 8 (73%) of these relating to GFRS audits. It was explained that these audits were reported as a separate agenda item. During this period 148 recommendations were made to management to improve the control environment, all of which were accepted. The Committee noted the spreadsheet which provided a summary of the activity undertaken which supported the CIA’s opinion.
The CIA advised that IA undertakes a follow up review of every audit (where relevant) where a limited assurance opinion on the control environment has been provided. The tables shown on page 365 – 366 highlight the changes in the risk and control opinions. This provides reasonable assurance that management have taken actions to address the internal audit recommendations made, reducing the risk exposure.
The Committee were referred to the summary of counter fraud activity undertaken during the year, such as work on special investigations, participation in the National Fraud Initiative Data matching exercise, keeping under review the Council’s anti fraud polices and compliance with the Local Government Transparency Code 2015 fraud and irregularity reporting requirements.
In terms of Internal Audit Effectiveness, the CIA explained that the PSIAS requires the CIA to annually report on conformance with the PSIAS, reporting any non conformance and to summarise the performance of the Internal Audit function. The CIA reported that following an external quality assessment by the Chartered Institute of Internal Auditors (national standard setters) in May 2015, the Authority received 100% conformance. The next external quality assessment is due in May 2020.
During 2018/19 ARA has been in a position to be able to provide a “partner dividend” to the Council in the sum of £ 35,210.41. This is due to efficiencies achieved.
It was reported that at the end of each audit review Internal Audit request customer feedback. Members were referred to the overview of customer satisfaction survey results, all categories of assessment exceeded IA’s target of 80% as good or excellent. It was noted that the positive comments received could be found on pages 373 – 374 of the report.
The CIA added there were always lessons to be learned and customer feedback was used to ensure that IA fully considered where improvements could be made. As such, individual staff targets had been set to assist with achieving any improvements identified.
The Committee was provided with a progress report in relation to those audits undertaken during the period April – June 2019. Members’ attention was drawn to the limited assurance opinions provided on risk and control relating to Procurement of Short Term Transport Arrangements for Social Care Users. It was noted that whilst management had accepted and responded positively to the recommendations made, IA would continue to monitor their implementation. It was proposed that management were invited to the next committee to provide an update on actions taken to address the recommendations made. The Committee welcomed this approach.
During the discussion that the Audit and Governance Committee was a non-political function, and acknowledged that whilst members approved the annual risk based audit plan following dialogue and challenge, members were encouraged to discuss any further areas through the year where assurance was required, with the CIA. This would enable, following a risk assessment, inclusion, within the IA work programme.
That the Committee assessed, from the findings set out in the report that it could take reasonable assurance that the internal control environment, comprising of risk management, control and governance was operating effectively.
That senior management attend the next meeting of the Committee to provide an update on the actions taken in relation to the recommendations made in the Procurement of Short Term Transport Arrangements for Social Care Users audit report.
That the Committee noted that the performance of Internal Audit met the required standards.