41 Internal Audit Progress Report - Quarter 3 2018/19 (01/10/18 - 31/12/18) PDF 220 KB
Report by the Chief Internal Auditor.
Additional documents:
Minutes:
41.1 The Audit Manager introduced the report, which summarises the audit opinions for the audits carried out during the reporting period. There were two audits which received an audit opinion of partial assurance, the audit of Surveillance Cameras (on page 48 of the agenda pack) and Cultural Compliance - Business Operations (page 51). The progress report also includes details of the counter fraud and investigations work; changes to the audit plan and; the performance indicators for the Internal Audit Service which are all on target. The Chief Internal Auditor continues to be able to provide reasonable assurance that the Council has in place an effective framework of governance, risk management and internal control.
41.2 The Committee commented that the partial assurance opinion for the Cultural Compliance - Business Operations audit appears to include non-compliance with Council policies and sought reassurance that these issues had been tackled. The Chief Operating Officer gave an assurance that these issues have been dealt with and progress reported through the Statutory Officers Group on 4 March 2019. There will also be a follow up to the audit.
41.3 The Chief Finance Officer outlined that he meets with business service heads on a monthly basis and this issue has been raised with them. The Chief Internal Auditor commented that Internal Audit will be undertaking an audit of the Declarations of Interest system this year. The Audit Manager added that although corporate policies had not been followed, there was no evidence that any payments made were not legitimate.
41.4 The Committee RESOLVED to note the Internal Audit progress report for quarter 3, 2018/19.
24 Internal Audit Progress Report - Quarter 2, 2018/19 (01/07/18 - 30/09/18) PDF 289 KB
Additional documents:
Minutes:
24.1 The Audit Manager introduced the report. He explained that the number of completed audits for quarter is slightly lower than previous quarters. This is due to a number of reasons including the investigation activity the Internal Audit Team have carried out during the quarter and that a number of audits are at the draft report stage and are awaiting finalisation.
24.2 The Audit Manager summarised the completed audit outcomes of which three audits received an opinion of reasonable assurance, and one had an opinion of partial assurance. The partial assurance opinion was for the audit of Orbis Budget Management. The findings of this audit reflect the differences in financial management processes, and a follow up audit will be undertaken next year. The Audit Manager outlined the investigation work carried out during the quarter and confirmed that 100% of high priority actions from previous audits have been implemented. The Internal Audit Team has achieved all performance targets for the quarter. The Chief Internal Auditor continues to be able to provide reasonable assurance that the Council has in place an effective framework of governance, risk management and internal control.
Orbis Budget Management audit
24.3 The Committee asked for further information on why the Orbis Budget Management audit received a partial assurance opinion. The Committee also asked if this was linked to the Chartered Institute of Public Finance and Accounting (CIPFA) report on Surrey County Council’s (SCC) finance function.
24.4 The Chief Operating Officer responded that the audit looked at the budget management systems across the three organisations. Work is in progress to develop additional budget monitoring applications across Orbis to assist budget managers to get greater clarity in the financial information they receive. The work includes looking at the efficiency of the systems in use and whether further investment is needed. It is not a reflection of the mature financial management systems that already exist in each of the organisations. The audit was undertaken in the early stages of this work, and it is acknowledged that further progress is needed.
24.5 The Chief Internal Auditor added that Orbis managers are managing budgets and getting information across three different financial systems, which has to be integrated together. The opinion reflects the view that the financial information is not as clear as it should be for budget managers. The Finance Team are working to provide more clarity and to consolidate budget information. They also provide support to managers to help them understand the information they receive.
24.6 The Committee asked if further investment in systems would be needed. The Chief Operating Officer responded that the resources for financial monitoring are included within existing budgets. However, if further investment is required it will be subject to a business case being established. The Chief Finance Officer outlined that current work includes the creation of a centre of expertise for accounting and systems. The centre of excellence is looking at the different accounting practices that exist within each of the partners to establish best practice. The ... view the full minutes text for item 24
15 Internal Audit Progress Report - Quarter 1, 2018/19 PDF 211 KB
Report by the Chief Operating Officer
Additional documents:
Minutes:
15.1 The Audit Manager introduced the report. The outcomes of the audits for the first quarter of 2018/19 are shown in the graph on page 11 of the report. The majority of opinions were reasonable assurance, and no audits had a minimum assurance opinion. There were two audits that had a partial assurance opinion, both of which related to school audits. The Chief Internal Auditor continues to be able to provide reasonable assurance that the Council has in place an effective framework of governance, risk management and internal control. A summary of investigations carried out during the quarter is given on page 22 of the report. The Key Performance Indicators for the Internal Audit Service are shown on page 23 onwards, all of which are being met.
Preparedness for the General Data Protection Regulation (GDPR) Audit
15.2 The Committee asked how significant the outstanding issues from the Audit are. The Audit Manager responded that he understood work on these issues was underway and that the Information Commissioner’s Office (ICO) acknowledged that many organisations would still have work to do in this area after the 25 May 2018. The Chief Operating Officer outlined that regular update reports are produced by Heidi Judd, Data Protection Officer on the implementation of GDPR and no areas of significant concern have been highlighted when monitoring the implementation of GDPR. The Chief Internal Auditor outlined that there will be a follow up audit later in the year, which will look at GDPR compliance as well as implementation of the audit recommendations.
15.3 The Chief Operating Officer added that a County Council Information Strategy Board has been established to overview information governance and GDPR matters, to ensure personal data is held securely and to minimise the risk of data breaches. For example, the access controls for Council mobile phones are robust in terms of what applications can be accessed and used by staff.
School Audits
15.4 The Chair noted that the School audits (on page 21 of the report) received a partial assurance opinion and asked what the issues were. The Audit Manager agreed to provide the Chair with details of the main issues from the full audit report.
Contract Management Audits
15.5 The Committee asked for clarification on whether the audit of contracts, such as the Management of Mobile Phone Contract audit (page 14 of the report), consider conformance with local government transparency code. The Chief Internal Auditor confirmed that audits do look at this issue, but it was not in the scope of this specific piece of work.
15.6 The Committee RESOLVED to note the outcomes of the audits carried out during the reporting period and did not identify any issues that require further action, or any risks for inclusion in the Internal Audit Plan.