Agenda item

This report sets out the annual opinion of the Head of Audit and provides a source of assurance that the internal control environment is operating as intended through a summary of the Internal Audit activity for the 2023/24 Internal Audit Plan.

The Senior Head of Internal Audit, Corporate Governance & Insurance presented a report setting out the annual opinion of the Chief Audit Executive and provided a source of assurance that the internal control environment is operating as intended through a summary of the Internal Audit activity for the 2023/24 Internal Audit plan. The report highlighted the incidence of any significant control failings or weaknesses.

Members were provided with the following points:

·  The Public Sector Internal Audit Standards state that ‘the Chief Audit Executive must deliver an Annual Internal Audit opinion a report that can be used by the organisation to inform its governance statement’. It must be based on an objective assessment of the framework of governance, risk management and control and include an evaluation of the adequacy and effectiveness of controls in responding to risks within the organisation’s governance, operations, and information systems.

·  It was recognised that this year had been challenging for local government, where increasing demand and shrinking resources had combined to put pressure on existing control environments across local authorities.

·  In planning and directing audit work Internal Audit had relied on other sources of assurance where appropriate, to avoid duplication of effort. Where other assurances had identified areas for improvement in control the Internal Audit Team had been invited to engage in the organisational response including the prioritisation and oversight of resulting actions.

·  It was noted there had been increased transparency in reporting.

·  Positive feedback had been received by the service on the work undertaken. The team welcomed the constructive challenge from the Committee and the Senior Head of Internal Audit, Corporate Governance and Insurance thanked the officers for all the work they had done over the 12 months. The aim was to raise the profile of the service and boost audits across the Council.

The Chair reiterated the comments about the good work that the Internal Audit Officers had undertaken over the past 12 months given the challenges and pressures.

In response to questions the Committee received the following information:

·  It was noted that the resources were not out of step with resources throughout the authority. It was the view that there was the right resources and work had been undertaken with colleagues in Risk Management to look at the effects of reduced resources. Protocols had been strengthened to reach out to directorates for engagement and were assured that Internal Audit had enough resources.

·  The Council has spent money on security to ensure against the risk of cyber-attacks. It was noted that assurances are in place and the Deputy Chief Digital and Information Officer offered Members a briefing session on these. The Chair agreed this session would be useful.

·  In relation to the Education Health and Care Plans it was noted that Internal Audit attend forums to look at improvements to processes, and assurance was given that the Council has the right skills and right people in place to address any issues. It was recognised that this is not just an issue for this Council but is a national issue.

·  The table at 4.7 of the report was highlighted by the Committee and it was acknowledged that this was good in linking the assurance themes. The Committee were of the view that they would also like to be reminded what risks had been covered as part of the plan. It was noted that the risk profile was updated regularly, and that risk information will be included in the Internal Audit update reports provided to the Committee moving forward.

·  The Committee were informed that Internal Audit do carry out reviews of activities in Traded Services. It was acknowledged that the terms and conditions of service do add an overhead onto the cost of delivering the service. Work is ongoing to look at how to achieve best value for money and to maximise performance, productivity, and quality assurance. This includes learning from the private sector to look at areas to improve.

·  The Committee were provided with an explanation as to how the judgement of the result, as ‘satisfactory’ had been justified.

·  The Committee were assured that should the audit of covid grants be re-opened the service would have enough resources to address this, as there had been a robust monitoring process undertaken at the time, so there was already evidence that could be used.

·  Where the report highlighted recommendations that had been outstanding for a long period of time, follow up audits are being undertaken to check on progress and address any blockages in implementing the recommendations.

RESOLVED - To receive the Internal Audit Annual Report and Opinion for 2023/24 and note the opinion given. In particular:

a) That, based on the audit work undertaken for the 2023/24 Internal Audit plan, the internal control environment (including the key financial systems, risk, and governance) is well established and operating effectively in practice.

b) A satisfactory overall opinion is provided for 2023/24, based on the audit work detailed within the report.

c) That the work undertaken to support the opinion has been conducted in accordance with an established methodology that promotes quality and conformance with the International Standards for the Professional Practice of Internal Auditing (IPPF).

The Committee also noted that there had been no limitations in scope, and nothing had arisen to compromise the independence of Internal Audit during the reporting period.