An apology for absence was received from Councillor Simon Harris (Vice Chairman).

Councillor Claire Wild substituted for Councillor Harris.

Members are reminded that they must declare their disclosable pecuniary interests and other registrable or non-registrable interests in any matter being considered at the meeting as set out in Appendix B of the Members’ Code of Conduct and consider if they should leave the room prior to the item being considered. Further advice can be sought from the Monitoring Officer in advance of the meeting.

Members were reminded that they must not participate in the discussion or voting on any matter in which they have a Disclosable Pecuniary Interest and should leave the room prior to the commencement of the debate.

The Minutes of the meeting held on the 27 June 2024 are attached for confirmation. 

Contact Michelle Dulson (01743) 257719

It was agreed to include in the Minutes the question raised by Councillor Halliday about whether the critical skills shortage in Social Workers had been included in the current risk assessment.

RESOLVED:

That the Minutes of the meeting of the Audit Committee held on the 27 June 2024 be approved as a true record and signed by the Chairman, subject to the above.

To receive any questions from the public, notice of which has been given in accordance with Procedure Rule 14.  The deadline for this meeting is 5pm on Thursday 11 July 2024.

There were no questions from members of the public.

To receive any questions from the public, notice of which has been given in accordance with Procedure Rule 14.  The deadline for this meeting is 5pm on Thursday 11 July 2024.

There were no questions from members.

The report of the Transactional Management and Licensing – Team Manager is attached.

Contact: Mandy Beever (01743) 251702

The Committee received the report of the Transactional Management and Licensing Team Leader – copy attached to the signed Minutes – which provided an update on the April 2024 follow up review of the 2022/23 Blue Badge Audit and monitoring details of the volume of applications received.

A comment was made that the average per week figures set out in the table at paragraph 8.1 of the report did not equate to the monthly total number of applications received and it was queried whether the average per week referred to the number of applications that had been processed out of those that had been received.  The Transactional Management and Licensing Team Leader confirmed that this was the case and she confirmed that they were now recording the average time taken to process applications, as requested by the Committee at its November meeting. 

She reminded Members that the Department for Transport (DfT) recommend that all applications were processed within 12 weeks, and they were making sure that they maintained that on a regular basis to ensure they remained within the guidelines of the DfT.

In response to a query about how far in advance someone could apply to renew their Blue Badge, the Transactional Management and Licensing Team Leader explained that reminders were sent out 12 weeks before.  She drew attention to paragraph 12.3 of the report which demonstrated the increase year on year of Blue Badge applications.

The Transactional Management and Licensing Team Leader explained that all applications, including new applications, were dealt with in strict date order (with the exception of those dealt with under special rules eg, for someone who was terminally ill, for example).

In response to a query about a long-term plan, the Transactional Management and Licensing Team Leader explained that unfortunately, due to the current financial situation of the Council, they could only use the resources that they currently had which was why they were monitoring the situation very closely to ensure applications were processed within the 12 weeks set out by the DfT.  Concern was raised as to whether the level of resources available was sufficient to meet the increasing demand.  In response the Transactional Management and Licensing Team Leader informed the meeting that the vacant post within the team had been reduced as part of the savings proposals.

RESOLVED: 

To note the position as set out in the report.

The report of the Risk and Business Continuity Manager is attached.

Contact: Jane Cooper (01743) 252851

The Committee received the report of the Risk and Continuity Manager – copy attached to the signed Minutes – which provided an overview of the activity of the Risk and Business Continuity Team during 2023/24 and a synopsis of the current risk exposure of the authority in relation to Strategic, Operational and Project risks.

The Risk and Continuity Manager reported that a Risk Management audit for 2023-2024 had been undertaken by the Internal Audit team who had issued a Reasonable assurance level as there was generally a sound system of control in place but there was evidence of non-compliance with some of the controls predominantly around how project teams were managing project related risks. The recommendations made within the report had all now been actioned by the team.

The Risk and Continuity Manager went on to state that the strategic risk reviews continued to take place on a bi-annual basis, a month after the bi-annual operational risk reviews to ensure that any emerging issues were considered strategically.  This escalation also related to project risks and as project risks were reviewed any emerging risks were also considered for inclusion as a strategic risk.  Reports following risk reviews were provided to Assistant Directors for operational risks, project board leads for project risks and EMT, Cabinet and Audit Committee from a strategic risk perspective. 

As detailed in the report all current and additional controls were subject to review, with new controls being added as necessary.  The risk score was reviewed and altered if necessary to reflect current risk exposure and assurance levels were also updated with narrative using the three lines model of assurance as set out in Appendix A.  

The Risk and Continuity Manager informed the Committee that the strategic, operational and project risks were held digitally within the SharePoint system which enabled access at all times by all risk owners and enabled PowerBI reporting to provide real time information on the risk exposure.  Automatic email reminders to project risk owners had also been implemented along with an escalation process should they still remain unreviewed.  She went on to report that the Opportunity Risk Management strategy had recently been subject to its annual review.

She drew attention to the teams’ continued involvement in ALARM, the national public sector risk management organisation, of which she was currently President Elect and she informed the meeting that the Council’s Risk & Business Continuity Officer had been awarded the Rising Star Award for 2024/2025. 

The Risk and Continuity Manager further reported that the team continued to manage the Business Continuity Management Programme and worked collaboratively with the Audit team to follow up any unsatisfactory audit reports. They also engaged with the Office of the Chief Executive and the new Assistant Director to support the transformation work being undertaken across the Council and they had completed the development of LEAP training modules for Risk management and business continuity.

A query was raised around the risk of ‘Failure to protect from and manage the impact of a targeted cyber-attack  ...  view the full minutes text for item 22.

The report of the Assistant Director of Workforce is attached.

Contact: Sam Williams (01743) 252817

The Committee received the report of the Assistant Director of Workforce – copy attached to the signed Minutes – which provided an update on the number of whistleblowing cases raised regarding Shropshire Council employees over the last financial year.

The Assistant Director of Workforce reported that there had been 23 whistleblowing reports in 2023/24 which was a decrease of six compared to the previous year.  Predominantly, the reports had been received via telephone across a number of areas including staffing, council tax, financial incident and safeguarding. Two of these cases had been referred to external agencies.

She drew attention to Paragraph 8.2.6 of the report which set out the number of cases reported over the previous five years, which ranged between 20 and 35 giving an average of 26.  Financial incident was a consistent theme each year.

In response to a query, the Assistant Director of Workforce confirmed that they would continue to offer different reporting methods including via telephone as they did not wish to deter anyone from raising any concerns they may have.

In response to concerns that the Whistleblowing Policy was not as well known amongst staff and members as it should be, it was suggested that the Chief Executive be requested to include a note in his weekly update to staff raising awareness of the policy.

RESOLVED:

to note the contents of the report and to request the Chief Executive to include a note in his weekly update to staff raising awareness of the Whistleblowing policy.

The report of the Assistant Director Finance and Technology (Deputy Section 151 Officer) is attached.

Contact:  Ben Jay (01743) 250691

The Committee received the report of the Assistant Director Finance and Technology (Deputy Section 151 Officer) – copy attached to the signed Minutes – which set out the borrowing and investment outturn for 2023/24 plus the Treasury Limits and Prudential Indicators.  The Executive Director of Finance (Section 151 Officer) reported that all the appropriate CIPFA regulations and indicators had been followed (included within the Appendices) and that the treasury team had outperformed the benchmark by 0.79% and achieved a return of 4.79%.

The Executive Director of Finance (Section 151 Officer) reminded the Committee that they were tasked with the requirement to oversee the treasury approach and to understand and ensure they were comfortable with the investments that were made. 

The Chairman congratulated the Treasury team on always exceeding the benchmark and felt that they operated at a higher level than in some other authorities.

In response to a query, the Internal Audit Manager confirmed that the Treasury service audit was due to be finalised that day and would be reported to the September meeting of the Audit Committee. She confirmed that the service had received a ‘good’ assurance rating.

RESOLVED:

a.   To approve the actual 2023/24 prudential and treasury indicators in the report.

b.   To note the annual treasury management report for 2023/24.

The report of the Head of Policy and Governance is attached.

Contact: Barry Hanson 07990 086409

The Committee received the report of the Head of Policy and Governance – copy attached to the signed Minutes – which summarised the work of Internal Audit in the final quarter of 2023/24 to inform the year end opinion.  The report highlighted those lower-level assurances which provided Members with an opportunity to challenge.

The Head of Policy and Governance informed the Committee that 95% of the revised plan had been completed which was in line with previous delivery records (94% in 2022/23).  One good, 11 reasonable, two limited and two unsatisfactory assurance opinions had been issued (as set out in paragraph 8.5 of the report) and of the 172 recommendations made in the 16 final reports, four were fundamental (set out in paragraph 8.10).  The year end position was shown in Appendix A, Table 2, whilst the unsatisfactory and limited assurance opinions were set out in Appendix A, table 3.

He drew members attention to the heading of paragraph 8 which should read ‘Performance Against the Plan 2023/24’ (not 22/23).  Also, paragraph 8.1 should refer to 23 audits still in progress with four reports awaiting comments.

The Chairman confirmed that he had requested the Head of Automation and Technology to provide an update on the fundamental recommendation made in relation to ICT Contract Management Follow up audit later in the meeting.

Concern was raised around the fundamental recommendation made in relation to Bishops Castle Community College which had received limited and unsatisfactory audit ratings over several years, and it was therefore agreed to invite the Head teacher and Chair of Governors to a future meeting of the Committee to provide a management update.

In response to a query, the Internal Audit Manager explained that the report provided an update for the final quarter of the year and that the next report detailed the performance for the whole year.  She confirmed that a management update for the Northwest Relief Road would be going to the September Audit Committee with a further audit being undertaken in quarter 4.

Concern was raised that the annualised hours 2022/23 audit had received a reasonable assurance rating when 29 Significant and 16 Requires Attention recommendations had been made.  In response, it was confirmed that the approach for this audit was slightly different as the policy was owned by HR but they also audited six different teams and looked in detail at how they recorded their time.  So even though there were issues within some teams, overall, how the policy was implemented and communicated was reasonable.

RESOLVED:

1.       To note the performance of Internal Audit against the 2022/23 Plan.

2.       To request that the Headteacher and Chair of Governors of Bishops Castle Community College attend the next meeting to provide an update.

The report of the Head of Policy and Governance is attached.

Contact: Barry Hanson 07990 086409

The Committee received the report of the Head of Policy and Governance – copy attached to the signed Minutes – which provided Members with a summary of work undertaken by Internal Audit for 2023/24, it reported on the delivery against the approved internal audit plan and included the Chief Audit Executive’s opinion on the Council’s internal controls as required by the Public Sector Internal Audit Standards (PSIAS).

The Head of Policy and Governance explained that the plan had provided for a total of 1799 days, any revisions throughout the year were reported to the Committee, with the plan being revised to 1239 days.  He explained the matters that he had taken into account when arriving at his opinion, as set out in paragraphs 8.17 and 8.18 and also Appendix A, tables 2 and 3.

The Head of Policy and Governance informed the meeting that there had been 41 good and reasonable assurances made in the year, accounting for 60% of the overall opinions delivered which was a 1% increase on the previous year which was offset by a 1% decrease in limited and unsatisfactory opinions.  There had been 12 unsatisfactory and 15 limited assurance opinions issued with a concerning upward trend in the number of unsatisfactory assurance opinions, increasing from 11% in 2022/23 to 18% in 2023/24.  There was a total of 525 recommendations contained within 68 final reports, 45 of which were significant and fundamental compared to 38% last year.  There had been a corresponding decrease in the number of requires attention and best practice recommendations whilst the number of fundamental recommendations had remained at 2%. 

On this basis, and based on the management responses received, the Head of Policy and Governance was only able to offer limited assurance on the 2023/24 financial year on the Council’s framework of governance, risk management and internal control.

Concern was raised that 40% of assurance opinions issued were limited or unsatisfactory and that for the last five years the Chief Audit Executive had only been able to issue limited assurance, the direction of travel was therefore not improving, and the Chairman felt this should be drawn to the attention of the Chief Executive and the senior management team.

In response to a query, the Internal Audit Manager drew attention to the chart at paragraph 8.6 which set out the trend in internal audit recommendations broken down by percentage into the categories.  She explained that the Internal Audit Performance report that had been considered earlier in the meeting, contained a table setting out the performance for the quarter and for the year to date and which showed the individual audits with the categories of recommendations against them.  Table 2, Appendix A of this report listed the reports broken down by assurance rating.  The Committee could seek extra assurance on any particular areas of concern.

In response to a query around benchmarking with other similar authorities, the Section 151 Officer explained that it was difficult to compare as every authority was different and they  ...  view the full minutes text for item 26.

The report of the Section 151 Officer is attached.

Contact: James Walton (01743) 258915

The Committee received the report of the Section 151 Officer – copy attached to the signed Minutes – which confirmed that, following a self-assessment quality assurance review (QAIP) of the Internal Audit Service against the requirements of the Chartered Institute of Public Finance and Accountancy (CIPFA), Internal Audit complied with the requirements of the Public Sector Internal Audit Standards (PSIAS) or guidance.  He reported that an external assessment was required every five years and that the next assessment would be undertaken by 31 March 2027.

The Section 151 Officer confirmed that in the majority of cases Internal Audit were fully compliant apart from two areas of partial compliance, one around the objectivity of internal auditors and the other around the objectivity of the Chief Audit Executive (set out in paragraphs 7.9 and 7.10 of the report).  These areas of non-compliance were not considered significant and did not compromise compliance with the code.

RESOLVED:

To endorse the conclusion that the Council employs an effective internal audit service to evaluate its risk management, control and governance processes that complies with the principles of the Public Sector Internal Audit Standards and has planned improvement activities to work towards continuing and full compliance where appropriate.

The report of the Section 151 Officer is attached.

Contact: James Walton (01743) 258915

The Committee received the report of the Section 151 Officer - copy attached to the signed Minutes – which set out the Audit Committee’s Annual Assurance Report to Council for 2023/24 and although the Committee had some concerns (as detailed in the report) it could, on balance, provide reasonable assurance.

RESOLVED:

That Council consider and comment on the contents of the Annual Assurance report for 2023/24 before recommending accepting it.

Councillor Evans voted against this item as he had concerns about certain aspects of it which he would raise when it was discussed at Full Council the following day.

The report of the Head of Policy and Governance is attached.

Contact: Barry Hanson 07990 086409

The Committee received the report of the Head of Policy and Governance – copy attached to the signed Minutes – which provided Members with the proposed risk based Internal Audit Plan for 2024/25.  He explained that due to the ongoing recruitment process the Internal Audit Plan had not been presented to the February meeting however, since then four new appointments had been made to the team (a principal auditor and an auditor who had commenced in role, whilst two further auditors had been appointed and were working through their notice period but would be starting within the 2024/25 financial year).

The Head of Policy and Governance explained that the Internal Audit Plan provided coverage across high-risk areas within the Council and also provided internal audit services to a range of external organisations.  The proposed Internal Audit Plan also considered the requirement to produce an annual audit opinion on the assurance framework.  He discussed the ongoing challenges and pressure on services and the need for the plan to be agile to respond to the changing risk environment throughout the year.

The Chairman drew attention to paragraph 7.9 which stated that based on a risk analysis approximately 3,527 days would be required to review all high-risk areas.  It was therefore of grave concern that the plan only allowed for 796 days which was approximately 35% less than what had been delivered in previous years.  However, the Head of Policy and Governance had reassured him that following the recruitment of four new members of staff the service would achieve many more than 796 days.  The issue of recruitment was not specific to Shropshire but was an issue across the industry as there was a desperate shortage of auditors.

RESOLVED: 

to approve the approach taken to create the proposed Internal Audit Plan for 2024/25 and to approve its adoption.

The report of the Engagement Lead is attached.

Contact: Grant Patterson (0121) 232 5296

The Committee received the report of the Engagement Lead – copy attached to the signed Minutes – which provided members with an overview of the scope and timing of the statutory audit of Shropshire Council for those charged with governance.

The Senior Audit Manager confirmed that the audit for 2023/24 was due to start in the next few weeks and would look at the financial statements for the year to 31 March 2024.  She provided a high-level overview and drew attention to the key areas of the report, including the significant risks which took up a significant amount of auditor time to work through.  She then highlighted their approach to materiality and their work around the Council’s Value for money arrangements, planning work for which was in progress and would be reported to the next meeting of the Audit Committee.

RESOLVED:

To note the contents of the report.

The report of the Engagement Lead is attached.

Contact: Grant Patterson (0121) 232 5296

The Committee received the report of the Engagement Lead – copy attached to the signed Minutes – which contributed to the two-way communication between Shropshire Council’s External Auditors and Shropshire Council’s Audit Committee, as those charged with governance.

RESOLVED:

To note the contents of the report.

The report of the Engagement Lead is attached.

Contact: Grant Patterson (0121) 232 5296

The Committee received the report of the Engagement Lead – copy attached to the signed Minutes – which provided an overview of the planned scope and timing of the statutory audit of Shropshire County Pension Fund.  It was explained that the Pension Fund Audit Plan had been through the Pensions Committee but came to the Audit Committee as those charged with governance.

RESOLVED:

To note the contents of the report.

It was agreed to take Agenda Items 18 (External Audit, Auditors Annual Report 2021/22) and 19 (External Audit, Auditors Annual Report 2021/22 and 2022/23) together.

The report of the Engagement Lead is attached.

Contact: Grant Patterson (0121) 232 5296

The report of the Engagement Lead is attached.

Contact: Grant Patterson (0121) 232 5296

The Committee received the reports of the Engagement Lead – copies attached to the signed Minutes – which set out External Audits’ commentary on whether the Council has put in place proper arrangements to secure economy, efficiency and effectiveness in its use of resources.

The Engagement Lead explained that the reports covered the value for money over 2020/21, 2021/22 and 2022/23.  This was the first time that the Council had seen the extended reporting now required by the Code of Audit Practice which looked at the three areas of sustainability, governance and improving economy, efficiency and effectiveness. 

In 2020/21, one area of weakness that had been identified was around governance and in particular a specific negotiation settlement with the senior officers where arrangements were not being followed nor done in a clear and transparent manner (details of which were set out in the report).   This led to a number of recommendations being raised and on 29 February 2024 the full Council approved a senior officer employment procedure which addressed those recommendations.

Turning to 2021/22 and 2022/23 the Engagement Lead informed the meeting that a significant weakness had been raised around finances, medium-term financial planning and the low levels of reserves.  Although they did appreciate the financial challenges being faced by the Council and that they had partnered with PriceWaterhouseCooper to undertake a large and complex transformation programme to identify savings etc to ensure that operations were sustained and could deliver a balanced budget each year.

In response to a query, the Engagement Lead confirmed that there was one outstanding objection on the accounts from 2020/21 and they were awaiting confirmation that the objector was satisfied with the response.  Some matters of concern had been brought to their attention for 2023/24 however one of these was still being investigated as to whether it was a valid objection, the other was not really an objection but had led to them doing some focused work around which would be covered in the 2023/24 annual report.

A brief discussion ensued around the arrangements for the dismissal of senior officers and whether the Council exceeded its authority in agreeing the termination of the former Chief Executive Officer. A query was raised as to whether External Audit would have taken this matter further had the senior officer employment procedure not been taken to Full Council.  In response, the Engagement Lead explained that they would have looked into it further if it was felt that this weakness had not been addressed and more statutory reporting might have been undertaken which could lead to a statutory recommendation or a public interest report.  However, they were content at this point in time that it had been adequately addressed.  Any issues that they felt had not been adequately addressed would be reported in their 2023/24 report.

The Section 151 Officer clarified that the audit had concluded that there was a difference of opinion in terms of the following of procedures.  External Audit felt there were procedures that should have been  ...  view the full minutes text for item 34.

The next meeting of the Audit Committee will be held on the 27 September 2024 at 10.00 am.

The next meeting of the Audit Committee would be held on Friday 27 September 2024 at 10.00am.

To RESOLVE that in accordance with the provision of Schedule 12A of the Local Government Act 1972, Section 5 of the Local Authorities (Executive Arrangements)(Meetings and Access to Information)(England) Regulations and Paragraphs 2, 3 and 7 of the Council’s Access to Information Rules, the public and press be excluded during consideration of the following items.

RESOLVED:

That in accordance with the provision of Schedule 12A of the Local Government Act 1972, Section 5 of the Local Authorities (Executive Arrangements)(Meetings and Access to Information)(England) Regulations and Paragraphs 2, 3 and 7 of the Council’s Access to Information Rules, the public and press be excluded during consideration of the following items.

The report of the Head of Automation and Technology is attached.

Contact: David Baker (01743) 254118

The Committee received the exempt report of The Head of Automation and Technology – copy attached to the signed Minutes – which provided Members with an update on the Council’s current position and response to the key strategic risk of ‘Failure to protect from and manage the impact of a successful targeted cyber-attack on ICT systems used by the authority’.

RESOLVED:

To note the contents of the report.

The report of the Internal Audit Manager is attached.

Contact: Katie Williams 07584 217067

The Committee received the exempt report of the Internal Audit Manager – copy attached to the signed Minutes – which provided members with a brief update on current fraud and special investigations undertaken by Internal Audit and the impact these have on the internal control environment, together with an update on current Regulation of Investigatory Powers Act activity.

RESOLVED:

To note the contents of the report.