Agenda and minutes

To consider any appeals in accordance with Procedure Rule 15.2 of the Access to Information Procedure Rules (in the event of an Appeal the press and public will be excluded).

(*In accordance with Procedure Rule 15.2, written notice of an appeal must be received by the Head of Governance Services at least 24 hours before the meeting)

There were no appeals against refusal of inspection of documents.

The was no exempt information.

There were no formal late items. However, there was supplementary information circulated in relation to Agenda Item 12 - Update report on Government Proposals to address the national audit backlog, and Grant Thornton’s Response and update on the Audit 2021/22.

To disclose or draw attention to any interests in accordance with Leeds City Council’s ‘Councillor Code of Conduct’.

Under Agenda Item 8 – Annual Assurance Report of Information Digital Services (IDS) Governance the following declarations were made:

·  Cllr Bithell – 100% Digital have supported ‘Out Together’ for which she is a trustee.

·  Cllr Robinson works for Tech UK

Apologies for absence were received on behalf of Councillors Firth and Heselwood.

To receive the minutes of the meeting held on 27^th November 2023, for approval as a correct record.

RESOLVED – That the minutes of the meeting held on 16^th November be approved as a correct record.

It was noted that information requested in relation to:

·  Minute 48 – Procurement Assurance Report 2022-23 Information had been supplied to Members via email on 8^th February.

·  Minute 49 – Annual Assurance Report on Corporate Performance Management Arrangements would be provided in the 2023-24 update report at a later committee.

This annual report of the Director of Strategy and Resources and Director of Adults and Health presents assurances to the Corporate Governance & Audit Committee on the effectiveness of the council’s information management and governance arrangements through a statement of internal control.

In addition, the report this year presents the Information Commissioner's Office (ICO) Audit Report of Leeds City Council’s compliance with the UK General Data Protection Regulation (GDPR).

At the Chairs discretion this item was moved up the agenda.

This annual report of the Director of Strategy and Resources and the Director of Adults and Health presented assurances to the Corporate Governance and Audit Committee on the effectiveness of the council’s information management and governance arrangements through a statement of internal control. In addition, the report this year presented the Information Commissioner's Office (ICO) Audit Report of Leeds City Council’s compliance with the UK General Data Protection Regulation (GDPR), for which Members are to be assured that an action plan is in place to address the recommendations.

The Caldicott Guardian gave assurance to Members of the arrangements in place with regards to the confidentiality of patient and service-user data.

The Head of Information Management and Governance presented the report and highlighted the following points:

·  In relation to information requests the service is now consistently hitting the current key performance indicator and has been for the last seven to eight months. It was acknowledged that further work was still required to improve performance. It was noted that this was due to changes made in the team and to process changes and how the team engage with other services.

·  Internal Audit had provided a recommendation to improve oversight, recording and completion of data impact assessments. It was noted that this piece of work had proved challenging to address the issues raised but the Service had also wanted to ensure that it was embedded for the future. After a number of delays the Microsoft Power App will be introduced. Staff were now undergoing training and a communication and implementation plan had been developed. Its first use will be at the end of 2023-24 financial year.

·  The Service is in the process of developing a Formal Information Assurance Framework and this should be ready for use in 2025. This followed a recommendation by the ICO.

·  The report of the ICO and Caldicott Guardian was in full for Members information with no redactions. The Service welcomed the views of the ICO and the support that they had given. It was accepted that there was a need for improvement and the team were already on with the Information and Governance Programme. To keep Members updated the Service requested reports be presented at mid-year and end of year.

In response to questions from Members the Committee were provided with the following information:

·  It was noted that Internal Audit were going to work alongside the Service for the implantation of the recommendations.

·  Mandatory training is undertaken every two years with all Council staff and the last training was in 2022 when there was a 100% completion rate. The next training will take place in September 2024.

RESOLVED – To:

a)  Consider the contents of the report and assurances provided within the Council’s Corporate Information Management and Governance Statement of Internal Control.

b)  Note the outcome of the ICO Data Protection Audit, acknowledging the areas for improvement, and agree to receive mid-year and end of year action  ...  view the full minutes text for item 64.

The annual report of the Chief Digital and Information Officer to the Committee concerning the decision-making arrangements within the Integrated Digital Service (IDS) and provides assurances that these arrangements are up to date, fit for purpose, effectively communicated and routinely complied with.

The Annual report of the Chief Digital and Information Officer set out the decision-making arrangements within Integrated Digital Service (IDS). The arrangements set out provided a framework for transport and accountable decision-making in IDS in accordance with the Council’s Corporate Governance Code and Framework.

The Deputy Chief Digital and Information Officer presented the report providing the following points:

·  The report looks at the process in places in IDS such as digital strategies, digital priorities and the various boards and the roles and responsibilities within the team. 

·  In terms of governance there are a number of boards, including the Digital Board, meetings with the Design Authority where there are a set of principles for how to deliver I.T. such a Cloud First to ensure that security in place in all pieces of work. There is also the Change Advisory Board, Information Management and Governance and Change Delivery Group.

·  In relation to digital inclusion, it was highlighted to Members that the 100% digital program reports every year to Scrutiny, and the next time will be 3^rd April 2024. The report will focus on what has happened this year and will look at plans and priorities for next year. It was noted that the first draft of the report would be available to Members from 15^th March. Priorities for both inclusion and learning is the adoption of technology. The role of 100% Digital is to work with colleagues not just in IDS, but across the organisation and the city to ensure that people have all they need to adopt the technologies to improve their lives, talking about citizens and communities or improve their experience at work.

·  The service is starting to establish directorate digital road maps with a product road map for each product to plan effectively how that product will be used across the Council. A repository is being set up to store this information so that the service can plan the use of products. There is also a product portfolio in the Digital Change Team, which has 101 products at various stages of introduction, growth, maturity and decline to allow effective planning on their use.

·  IDS have three big schemes which are the Essential Services Programme, Digital Efficiencies Programme and the Cloud Application and Compliance programme.

·  The Service Centre are working to create a Dashboard that will be used to report on the performance of the Service Centre against Key Performance Indicators.

·  Cyber assurance and security is crucial for the Council. Therefore, each year IDS must align to the PSN certification. This involves some testing where hackers come into the Council to try and break into systems, this is a major piece of work for IDS. The Committee was informed that the Council had just been awarded the PSN certification for 2024/25. It was noted that access databases need to be removed from the estate before going for accreditation next year. A report is due to go to CLT in relation to this.

·  Feedback from the election process using  ...  view the full minutes text for item 65.

The report of the Chief Officer Financial Services provides a source of assurance that the internal control environment is operating as intended through a summary of the Internal Audit activity for the period from September to December 2022. The report highlights the incidence of any significant control failings or weaknesses.

The report of the Chief Officer Financial Services provided assurance that the internal control environment is operating as intended through a summary of the Internal Audit activity for the period from September to December 2023.

The presenting officer provided the Committee with the following points:

·  It was noted that there have been some changes to the plan to provide support to Information Management considering the ICO review.

·  Recommendation Tracking currently has 16 open, however, 15 of these were not due yet. It was noted that the Service is due to have conversations with the services and set dates for completion. Some of the recommendations were more than three months but assurance was given that the services were still working on them.

·  The Adults and Health review was just starting. Any reviews not started in this year would roll over to 2024/25.

In response to questions the following information was provided:

·  The suggestion from the Committee to see details of how many recommendations had not been completed and where certain directorates were not responding would be included in future reports. It was noted that the only changes to date were with processes and systems hindering the recommendation tracking.

·  A typo was noted on page 147 of the agenda pack and should have said ‘A ‘Dashboard’ had been developed to strengthen performance management and presentation outcomes’.

·  It was recognised that the Committee had concerns about the way the school’s assessments were undertaken. The Service would look at how they worked with the school’s team on assessments and there was a need to get assurances from schools. This detail would be provided in the planning process to the March meeting.

·  The Service were trying to monitor more robustly what influence they are providing through advisory work, to see that the check and challenge is influencing their direction of activities. Therefore, the team would be looking at the outcomes of this work and it was the view that this is key to achieving the right balance of what assurance work the team do and what advisory work they do.

·  Regular meetings take place with other core cities, partners and regional groups and it was noted that they are facing the same issues so provided the opportunity to benchmark.

RESOLVED – To:

a)  Receive the Internal Update Report covering the period from September to December 2023 and note the work undertaken by Internal Audit during the period covered by the report.

b)  Note that there have been no limitations in scope, and nothing has arisen to compromise the independence of the Internal Audit during the reporting period.

c)  Receive the report providing information relating to the Monitoring of Urgent Decisions covering the period from September to December 2023.

Cllr Robinson briefly left the room at 11.30, returning at 11:45 during this item.

The report of the Senior Head of Audit, Corporate Governance and Insurance provides a source of assurance that the internal control environment is operating as intended through a summary of the counter fraud activity for the period from April to December 2023.

The report of the Senior Head of Audit, Corporate Governance and Insurance provided assurance that the internal control environment is operating as intended through a summary of the counter fraud activity for the period April to December 2023.

The Senior Head of Audit, Corporate Governance and Insurance presented the report and provided the following key points:

·  The work is split into different parts the work of the dedicated counter fraud team in Internal Audit and then oversight of what happens across the Council.

·  First part of the report provides information on the referrals received, and the outcomes, these were summarised as contain some confidentiality.

·  The updated Anti-Bribery Policy was attached at Appendix B for the Committee’s endorsement. It was noted there were no major updates, but it had been refreshed. Members were advised that the ‘Policy on Page’ was key to simplifying policy and make it more accessible to people. There was also a push for more engagement from the service with directorates. The use of a Dashboard is something that the team are keen to develop as well as the engagement with directorate leadership teams to help with the oversight position around how fraud risks are being managed across the Council.

·  The service is looking at where they need to focus attention and are talking to other authorities on their approach to some of the risks.

·  The report also updated the Committee on the Council’s use of the Regulation of Investigatory Powers Act 2000.

RESOLVED – To:

a)  Receive the Counter Fraud Update Report covering the period from April to December 2023 (Appendix A) and note the work undertaken by Internal Audit and other service areas during the period covered by the report.

b)  Endorse the Anti-Bribery Policy (Appendix B) and Policy on a Page (Appendix C).

The report of the Chief Finance Officer informs Members of the Government’s most recent proposals to address the backlog of incomplete audits across local government in England. Grant Thornton’s accompanying report sets out their intended approach in response to the Government’s proposals, should these go ahead. The report also provides a summary update on the progress towards completing the audit of the 2021/22 statement of accounts.

The report of the Chief Finance Officer informed the Committee of the Government’s most recent proposals to address the backlog on incomplete audits across local government in England.

The Head of Finance provided the following information to the Committee as there had been developments to the item since the circulation of the papers to Committee:

On Friday 9^th February, the Government had issued a joint statement in conjunction with the National Audit Office, the Financial Reporting Council and various other interested bodies. It set out the proposal to bring the timescales for local authority audits back in line gradually over a 5-year period. Accompanying that statement there are to be two consultations, one on the Accounts Audit Regulations for Councils and one on the Code of Audit Practice which applies to auditors. There is due to be a third consultation from CIPFA which will make changes to the 2023/24 and 2024/25 accounts requirements for property valuations and pensions disclosures. The aim of which is to reduce the amount of time that is needed to be spent by both accountants and auditors on those areas over the next two years.

The draft Accounts and Audit Regulations introduce the expected backstop of 30^th September for councils to publish audited accounts for 2022/23 and any earlier years that are outstanding. They will also introduce over the following five years a series of backstops, starting with 31^st May 2025 backstop for the 2023/24 final audited accounts, and then gradually reducing those timescales over the following five years. The Government as part of that consultation are proposing to extend the deadline for local authority draft accounts for 2024/25 beyond the 31^st May, due to the coincidence of that backstop. There are no current proposals to extend the draft accounts for this year. However, they may not have appreciated that this year’s backstop is likely to have caused auditors to want to carry on audits during April and May this year. It was noted the Council will be addressing this in its response to the consultation. 

In terms of requirements for auditors there is a change in the Code of Audit Practice and auditors will be required to produce audit reports and audit opinion in sufficient time for councils to meet those backstops dates. Where the audit opinion has been modified or disclaimed as a result of the backstop there is guidance that auditors need to be clear in their audit opinion that, that is the case. The guidance also says if auditors are issuing a modified or qualified opinion for reasons other than the backstop, they are required to consider whether a Statutory Recommendation or Public Interest Report would be appropriate.

Grant Thornton presented their report providing the following information:

·  The report was a summary of where they are with the respective audit years that are still open.

·  The 2021/22 accounts audit was still ongoing. Two versions of the draft ISA 260 report had been presented to the Committee in the  ...  view the full minutes text for item 68.

This report presents the work programme for the Corporate Governance and Audit Committee, setting out future business for the Committee’s agenda, together with details of when items will be presented.

The report of the Chief Officer Financial Services presented the work programme for the Committee, setting out future business for the Committee’s agenda and when items would be presented.

Members were advised that the work programme for next year was currently being developed and if they had any suggestions for future items, these could be emailed to the Chair.

RESOLVED – To approve the work programme and the meeting dates at Appendix A.

To note the next meeting will be on Monday 18^th March 2024, at 10.30am.

RESOLVED – To note the next meeting was scheduled on Monday 18^th March 2024, at 10.30am.