Agenda item

It is the opinion of the Chief Internal Auditor that during the 2020/21 financial year:

·       arrangements were in place to ensure an adequate and effective framework of governance, risk management and control (internal control environment) and that where weaknesses were identified there was an appropriate action plan in place to address them;

·       the systems and internal control arrangements were effective and that agreed policies and regulations were complied with;

·       adequate arrangements were in place to deter and detect fraud;

·       there was an appropriate and effective risk management framework;

·       managers were aware of the importance of maintaining internal controls and accepted recommendations made by Internal Audit to improve controls;

·       the Council’s Internal Audit service was effective and compliant with all regulations and standards as required of a professional internal audit service; and that

·       the arrangements, in respect of the Chief Internal Auditor, were consistent with all of the five principles set out in the CIPFA publication “The Role of the Head of Internal Audit in Public Sector Organisations”.

·       Whilst the COVID19 pandemic had a significant impact on the work of Internal Audit a revised Audit Plan was approved by the Audit & Governance Committee in July 2020 which has been delivered and no ‘limitation of scope’ opinion needs to be issued.

The Head of Audit and Management Assurance presented a report, a copy of which had been circulated to each Member and a copy of which appears as Appendix 'F' to these Minutes in the Minute Book.

The Committee was advised that it was the opinion of the Chief Internal Auditor that during the 2020/21 financial year:

·       arrangements were in place to ensure an adequate and effective framework of governance, risk management and control (internal control environment) and that where weaknesses were identified there was an appropriate action plan in place to address them;

·       the systems and internal control arrangements were effective and that agreed policies and regulations were complied with;

·       adequate arrangements were in place to deter and detect fraud;

·       there was an appropriate and effective risk management framework;

·       managers were aware of the importance of maintaining internal controls and accepted recommendations made by Internal Audit to improve controls;

·       the Council’s Internal Audit service was effective and compliant with all regulations and standards as required of a professional internal audit service; and that

·       the arrangements, in respect of the Chief Internal Auditor, were consistent with all of the five principles set out in the CIPFA publication “The Role of the Head of Internal Audit in Public Sector Organisations”.

The Head of Audit and Management Assurance reported on the work that had been undertaken by the Internal Audit Team.  He reported that in the early stages of the pandemic the team was repurposed to deal with covid19 grants to local businesses which broadly took 6-8 weeks out of the Audit Plan.  The Plan was revised on 30 July 2020 and delivered so no ‘limitation of scope’ opinion needed to be issued.

The Head of Audit and Management Assurance took the opportunity to thank his internal audit team for their flexibility and pragmatic approach which had included working additional hours and further reported that only 7 working days were lost for the whole of 2020/21 financial year.  The Chairman, on behalf of the Committee, endorsed the above gratitude to the team for their focus during this period and more importantly for prioritising work.  He highlighted that it was a fine example of Local Government working at its best.

Members raised a number of questions including the reference to the ‘reasonable assurance’ and the associated definition.  The Head of Audit and Management Assurance explained that definitions can subtly change between Council internal Audit teams but in general terms the criteria was fairly standard, and the team was resourced to provide ‘reasonable assurance’. He explained that to provide ‘substantial assurance’ would require more time and additional resources.  Councillor Phipps felt that the above did not come across in the report.  The Chairman asked for further explanation on ‘reasonable assurance’ from the Head of Audit and Management Assurance in terms of his professional opinion.  The Head of Audit and Management Assurance reported from a professional perspective he had responsibilities to ensure that the audit opinion was based on risk based prioritised work designed to obtain evidence, from both a volume and qualitative perspective, to base the opinion on and ‘reasonable assurance’ in that context is appropriate and sufficient. He further explained that in the context of a ‘reasonable’ audit opinion there are generally some weaknesses in the control framework to point out, or improvements to suggest, as most audits undertaken result in recommendations being made.  The Chairman asked if the Head of Audit and Management Assurance had any concerns about resources that he would come to the Committee to make that case.  The Head of Audit and Management Assurance reported that it was a requirement of his profession that he must flag issues if he was of the opinion that there were not adequate resources in the team to produce an overall annual audit opinion and he was supported by the Chief Executive and Chief Financial Officer. He highlighted that he was confident that if he approached either of these officers in Statutory Officers meetings with such a comment he would be supported. 

Councillor Brooke asked for confirmation that where there was ‘reasonable’ assurance and there were some weaknesses within a service unit that recommendations were made and followed up.  The Head of Audit and Management Assurance reported that the audit charter agreed annually by the Committee included the follow up procedure.  He explained that high, importance and impact, recommendations were followed up when they were due, medium recommendations were followed up within 12 months or at the next audit whichever was sooner and low recommendations were  management advice and were followed up at the next audit.

Councillor Brown asked if there were adequate arrangements to deter and detect fraud.  He indicated that in his view there were some weaknesses about awareness of fraud highlighted by low take up of mandatory training via e-learning which should be undertaken by all employees.  He further stated it was uncertain how many employees had taken up that training to improve their awareness and knowledge of frauds that they could come across in their work.  The Head of Audit and Management Assurance explained that Corporate Management Board had agreed a comprehensive timetable for staff to undertake mandatory training during 2021.  He explained that fraud awareness had been flagged to be undertaken in May and the Head of HR would be reporting to Corporate Management Board on the actual take up of mandatory training in due course.  The Head of Audit and Management Assurance reported that he could provide the statistics for the Fraud Awareness training when available and circulate to the Committee.  The Committee was informed that the Council does have a specialist fraud investigator and training plan to provide resilience within the internal audit team. 

RESOLVED that:-

(a)           the Audit & Governance Committee note the Chief Internal Auditor’s Annual Report and Opinion on the overall adequacy of the internal control environment for BCP Council.

(b)           the Committee place on record its thanks and gratitude to the Internal Audit Team for their flexibility and pragmatic approach and focus in 2020/21 in prioritising work which was a fine example of Local Government working at its best.

(c)           the issues raised by the Committee relating to ‘reasonable assurance’ as set out above, the associated resource implications and the opportunity to highlight issues with the Committee as appropriate be noted.

Voting: Unanimous