Agenda and minutes

Audit Committee - Wednesday 28th June 2023 7.30 pm

Venue: Council Chamber, Council Offices, The Campus, Welwyn Garden City, Herts, AL8 6AE

Contact: Democratic Services 

Items
No. Item

At the beginning of the meeting, the Executive Director (Finance and Transformation) gave a short presentation on the purpose of the Audit Committee, its core objectives, its Added Value and Format and Content of meetings.  It is a key component of the Council's governance framework, it is set up to provide an independent and high-level focus on the adequacy of governance risk and controls. Following the changes approved at Full Council earlier this year, an independent person has now been appointed to the committee with the appropriate skills to support the committee using their professional and technical expertise.

1.

SUBSTITUTION OF MEMBERS

To note any substitution of Committee members made in accordance with Council Procedure Rules.

Minutes:

The following substitution had been made in accordance with Council Procedure Rules:

 

Councillor S. Thusu for Councillor J. Boulton.

2.

APOLOGIES

Minutes:

Apologies for absences were received from Councillor J. Boulton.

3.

MINUTES

To confirm as a correct record the Minutes of the meeting held on 29 March 2023 (previously circulated).

Minutes:

The minutes of the meeting held on 29 March 2023 were agreed as a correct record and noted by the chair.

4.

DECLARATIONS OF INTERESTS BY MEMBERS

To note declarations of Members’ disclosable pecuniary interests, non-disclosable pecuniary interests and non-pecuniary interests in respect of items on this agenda.

Minutes:

Councillor S. Thusu declared a non-pecuniary interest in items on the agenda as appropriate by virtue of being a Member of Hertfordshire County Council.     

5.

RISK MANAGEMENT REPORT - QUARTER FOUR 2022/23 pdf icon PDF 127 KB

Report of the Executive Director (Finance and Transformation) on the current strategic risks facing the Council as determined by the Corporate Management Team.  These risks have been reviewed in place for Quarter Four.

Additional documents:

Minutes:

Report of the Executive Director (Finance and Transformation) on the current strategic risks facing the Council as determined by the Corporate Management Team. These risks have been reviewed in place for Quarter Four.

 

It was noted there was an error in the report which was that the report that was published pulled through the level of risk rather than the impact or the level of risk which is usually held in the background which determines the traffic light colour of the risk.   This stemmed from the preparatory work being done on reporting under the new risk framework which will be presented from the next meeting.

 

At the end of quarter 4, there were four strategic risks with a high score. The first of those is finance. While the Council has a balanced budget for 2023/24, there are ongoing risks within the budget and sizeable budget gaps in future years. Government funding for future years also remains uncertain. An updated Medium Term financial forecast will be presented in the coming months to Cabinet to take into account the financial outturn position from 2022/23 and any impacts of current and emerging pressures. The next high-risk is health and safety, at the end of the quarter, the Health and Safety Manager position was being covered on an interim basis while permanent recruitment took place, the position has been recruited to the manager has since started with the Council. The terms of reference and the membership of the occupational health and safety board had been refreshed and the group has regular reports to the Corporate Governance Group.

 

A review has commenced on the health and safety management system, along with a refresh of the council’s health and safety policies and any gaps identified as part of that review.  Control measures will be put in place.

 

The next high-risk is ICT failure. This score was raised during the pandemic and maintained at a high level since the start of the war in Ukraine. This was based on government guidance that there was a heightened risk of targeted attacks against public bodies. A phishing exercise was completed during quarter 4 and additional training was rolled out following that exercise. The IT control environment is also subject to third party testing and accreditation and officers are currently preparing the Council's submission to the Cabinet Office seeking ongoing accreditation for the public services network.

 

The last strategic risk was the income from recyclables. This market is a volatile one, influenced by both national and international markets. The outturn for the for the year 2022/23 has just been finalised and would be reported at the next Cabinet meeting, overall, taking the recycling credits into account from the County Council. The recycling income was higher than budgeted. So whilst the out turn was a positive outturn position, the markets do remain volatile and this will still be an ongoing risk.

 

There were two high operational risks, the first was the lack of the five-year land supply, this risk is dependent  ...  view the full minutes text for item 5.

6.

DRAFT ANNUAL GOVERNANCE STATEMENT FOR THE FINANCIAL YEAR 2022/23 pdf icon PDF 92 KB

Report of the Chief Executive on the draft Annual Governance Statement (AGS) for the financial year 2022/23.

Additional documents:

Minutes:

Report of the Chief Executive on the draft Annual Governance Statement (AGS) for the financial year 2022/23.

 

The Annual Governance Statement for the 2022/23, was previously reviewed and noted by the Standards Committee on the 14 June 2023.

 

The Annual Governance Statement is published each financial year to demonstrate the Council's commitment to achieving good governance based on the principles outlined by CIPFA and SOLACE. It also shows potential areas for improvement in governance within the Council, it is provided under a duty under the Local government Act of 1999 regarding making arrangements to continually improve the way functions are exercised regarding a combination of economy, efficiency and effectiveness. The council are therefore responsible for implementing effective arrangements for the governance of the affairs facilitating the effective exercise of its functions, which includes arrangements for the management of risk.

 

The governance framework sets out systems, processes and values by which the council is directed and controlled, it is designed to ensure the council are complying with principles which are set out in the local code of governance.

 

The following points were raised and discussed:

 

·       Members were reassured and confident with the statement.

·       Members noted that diagram 4, the management structure was the most up to date structure for the governance process.

·       Members noted that the council have had many changes over the past few years. Members noted issues in the past regarding housing stock and fire certificates and were given assurance around that governance process at the time and that process, unfortunately this did not occur. Members asked with these changes in management are the council more assured that it will not happen again through the governance process?  Officers stated that since that has happened a lot more controls have been put into place. The council have reviewed the terms of reference of the Corporate Governance Group, and The Operational Health and Safety board had a complete refresh. The council have introduced more testing through internal audit on some of the KPIs, which were some of the issues highlighted. The council took on board the comments that was provided in the independent report and have implemented all the actions.

·       Members ask what is the governance around whistleblowing and how the council looks at it among staff? Officers stated that the council has a whistleblowing policy in place and there is contact details on the website with the whistleblowing procedures. It was noted that whistleblowing would fall under the Finance and Transformation directorate.  Officers also stated that it is also part of the staff induction process and there is a induction checklist that managers go through with their staff so that they are aware of it when they join the council.

·       The Independent Person asked about section 5.19 of the report and how the council’s policies are reviewed, how does the council make sure they are all reviewed?  Officers stated the council are currently going through a process of mapping all of the policies to make sure that they have corporate  ...  view the full minutes text for item 6.

7.

WHBC SHARED INTERNAL AUDIT SERVICE (SIAS) PROGRESS REPORT pdf icon PDF 418 KB

Report of the Shared Internal Audit Service (SIAS) which provides details on the progress made by the Shared Internal Audit Service (SIAS) in delivering the Council’s Annual Internal Audit Plan for 2023/24 as at 12 June 2023.

Minutes:

Report of the Shared Internal Audit Service (SIAS) which provides details on the progress made by the Shared Internal Audit Service (SIAS) in delivering the Council’s Annual Internal Audit Plan for 2023/24 as at 12 June 2023.

 

Paragraph 2.2 point, the table details all finalised reports since the last committee in March, total of nine completed projects are reported, three with substantial unqualified opinions and six were reasonable assurance opinions.

 

The table at paragraph 2.3 detailed the status of the three remaining outstanding audits from the Council's 2022/23 Audit Plan. The draft reports have been issued and are due to be finalised.

 

In paragraph 2.4, it was noted there are no new high-priority recommendations raised as a result of the work completed and reported in the table at paragraph 2.2, and there are currently no outstanding high priority recommendations from previous reports.

 

Paragraph 2.6 highlights that there were 11 medium priority recommendations due for follow up during this cycle. 4 of which have been implemented, an update has been provided in respect of the outstanding recommendations at Appendix D.

 

Paragraph 2.9 provides an update of performance indicators as at 12 June 2023. It was noted performance is slightly behind the profiled target as the commencement of fieldwork was delayed for three audits, but these are now all in field work.

 

The following points were raised and discussed:

 

·       The independent person asked if more detail could be given as to why SIAS are running behind on a couple of audits?  SIAS stated there were a couple of unforeseen events which were out of their control.  SIAS had a slight delay in the contract signing of their external partner, which was now signed. SIAS are confident that they can catch up. The most important thing for SIAS is being in a position to be able to provide their annual assurance opinion, and they are confident they can do so.

·       The independent person stated there were quite a few in progress updates versus the findings that were made. The independent person asked if there was specific timeline, they expect the management and executives to come back by? SIAS stated they agreed a target implementation date when finalising the reports. Unfortunately, sometimes they slip slightly, SIAS review them and consider any extended timeframes, and these are also discussed at the Corporate Governance Group.

·       Members wanted clarification on paragraph 2.1 of the report which says that at 12 June 2022, 29% of our 2023/24 Audit Plan has been delivered. SIAS stated the 12 June point is based on the last performance information available at the time of writing the report, in order for it to be published for the committee. SIAS would be slightly ahead now.

·       The Chair noted that in paragraph 2.1 of the report the year was incorrect. It was meant to be 2023 and not 2022. 

·       Members noted that there is a Climate Change Officer due to start work on 10th July 2023.

 

RESOLVED:

(unanimous)

 

(1)  Members noted the Internal Audit Progress  ...  view the full minutes text for item 7.

8.

WHBC SHARED INTERNAL AUDIT SERVICE (SIAS) - ANNUAL ASSURANCE STATEMENT AND INTERNAL AUDIT ANNUAL REPORT pdf icon PDF 500 KB

Report of the Shared Internal Audit Service (SIAS) on the overall opinion on the adequacy and effectiveness of Welwyn Hatfield Borough Council’s framework of governance, risk management and control.

Minutes:

Report of the Shared Internal Audit Service (SIAS) on the overall opinion on the adequacy and effectiveness of Welwyn Hatfield Borough Council’s framework of governance, risk management and control.

 

Paragraph 2.11 outlined the overall opinion provided was reasonable assurance for financial and non-financial systems, this indicating that those are generally sound system of governance, risk management and control in place.

 

Paragraph 2.10 highlighted there have been no matters that threatened SIAS’s independence during 2022/23, or any inappropriate scope or resource limitations during the year. The Section 151 officer confirmed that they were happy that SIAS was not subject to any inappropriate scope or resource limitations.

 

Paragraph 3.2 provided a summary of the outcomes of work performed during the year, this supported in the overall opinion. No limited assurance opinions or high priority recommendations were made during 2022/23.

 

Paragraph 3.3 detailed the individual opinions for financial and non-financial systems. At the time of preparing the report, three audits were still at draft report stage, however, the outcomes from these audits have been considered within the opinion.

 

Paragraph 3.7 highlighted the recommendations follow up process. This provided the Committee with assurance over management implementing agreed audit recommendations. Updates will be provided to Committee throughout the year through SIAS progress reports.

 

Paragraph 4.1 provided a summary of the performance against performance Indicators for 2022/23. Planned days were 97% against a target of 95%, planned projects were 100% delivered against a target of 95% and customer satisfaction was 100%, from a 61% questionnaire return rate.

 

Appendix A details the outcome from individual audits. Appendix B details, definitions of assurance and priority levels. Appendix C details the PSIAS's self-assessment, SIAS note two areas of intentional non-conformance, these relating to appointments and performance appraisals of the Chief Audit Executive, noting the shared service and therefore these cannot be undertaken by the Audit Committee or the Chief Executive.

 

Appendix D provides the Audit Charter. There are no changes to the charter from that presented or improved in 2022/23, the charter sets out the authority and arrangements for internal audit as well as SIAS’s approach to delivering service.

 

The following points were highlighted and noted:

 

·       The Independent person stated in the appendix it discussed moving to Office Wednesday, for the team. What processes are in place post Covid for both SIAS in terms of connecting as an audit team with challenges in terms of risk and also how that is being reviewed as part of the audit work in terms of management being on site or executives being on site and how that is considered through the audit work.  SIAS stated it has been a difficult transition. It is key for the service and have grown in structure. SIAS are keen to make sure that all staff are present on site including management, to share ideas and networking and being able to discuss audits to support development and wellbeing.

·       The independent person asked in terms of being on site as part of their fieldwork, for example, to assess  ...  view the full minutes text for item 8.