The report of the Head of Policy and Governance is attached.

Contact: Barry Hanson 07990 086409

The Committee received the report of the Head of Policy and Governance – copy attached to the signed Minutes – which provided Members with a summary of work undertaken by Internal Audit for 2023/24, it reported on the delivery against the approved internal audit plan and included the Chief Audit Executive’s opinion on the Council’s internal controls as required by the Public Sector Internal Audit Standards (PSIAS).

The Head of Policy and Governance explained that the plan had provided for a total of 1799 days, any revisions throughout the year were reported to the Committee, with the plan being revised to 1239 days.  He explained the matters that he had taken into account when arriving at his opinion, as set out in paragraphs 8.17 and 8.18 and also Appendix A, tables 2 and 3.

The Head of Policy and Governance informed the meeting that there had been 41 good and reasonable assurances made in the year, accounting for 60% of the overall opinions delivered which was a 1% increase on the previous year which was offset by a 1% decrease in limited and unsatisfactory opinions.  There had been 12 unsatisfactory and 15 limited assurance opinions issued with a concerning upward trend in the number of unsatisfactory assurance opinions, increasing from 11% in 2022/23 to 18% in 2023/24.  There was a total of 525 recommendations contained within 68 final reports, 45 of which were significant and fundamental compared to 38% last year.  There had been a corresponding decrease in the number of requires attention and best practice recommendations whilst the number of fundamental recommendations had remained at 2%. 

On this basis, and based on the management responses received, the Head of Policy and Governance was only able to offer limited assurance on the 2023/24 financial year on the Council’s framework of governance, risk management and internal control.

Concern was raised that 40% of assurance opinions issued were limited or unsatisfactory and that for the last five years the Chief Audit Executive had only been able to issue limited assurance, the direction of travel was therefore not improving, and the Chairman felt this should be drawn to the attention of the Chief Executive and the senior management team.

In response to a query, the Internal Audit Manager drew attention to the chart at paragraph 8.6 which set out the trend in internal audit recommendations broken down by percentage into the categories.  She explained that the Internal Audit Performance report that had been considered earlier in the meeting, contained a table setting out the performance for the quarter and for the year to date and which showed the individual audits with the categories of recommendations against them.  Table 2, Appendix A of this report listed the reports broken down by assurance rating.  The Committee could seek extra assurance on any particular areas of concern.

In response to a query around benchmarking with other similar authorities, the Section 151 Officer explained that it was difficult to compare as every authority was different and they all had different Audit Plans focussed on their particular organisation etc.   He drew attention to the table at paragraph 8.5 which demonstrate the concerns of the Committee ie the number of good assurances (green) had deteriorated whilst the number of unsatisfactory (red) had grown.  As the audit team had less resources they tended to focus on the higher risk areas so looking at the table at 8.6, the difference was less stark and although there was a trend that the requires attention recommendations had reduced and the fundamental recommendations had increased, it was only by a very small percentage.  This reflected those areas being reviewed and the types of recommendations being made.  Therefore, when working with a smaller plan, if that control environment started to improve, it would not necessarily be seen very clearly in the recommendations, but you would hope to see it in terms of the overall audit opinions.

The work being done around reorganisation very much focused on how to tackle the reducing control environment with a smaller organisation and less staff, they were looking at far more automated approaches, more digitalisation, more use of artificial intelligence etc in order to reduce human error and the impact of discretion within decision making, so potentially even with less staff you could significantly improve the internal control environment leading to greater coverage across the organisation.

The Head of Policy and Governance informed the meeting that the audit process they followed was prescribed by PSIAS and he explained the way in which internal audit work was undertaken which gave him assurance that what was being seen was representative of the deteriorating control environment.  The Section 151 Officer confirmed that the senior officers were actively looking to improve the internal control environment however he could not guarantee that things would improve in the space of the next few months however they would be looking to ensure it did not deteriorate further before starting to see an improvement.

In response to a query, the Head of Policy and Governance explained the potential role of artificial intelligence within internal audit.  The Head of Internal Audit assured the Committee that they would not compromise the quality of the audits as they had to comply with PSIAS.

RESOLVED:

a)   to note the performance of Internal Audit against the 2023/24 Audit Plan.

b)   to note that Internal Audit have evaluated the effectiveness of the Council’s risk management, control and governance processes, considering public sector internal auditing standards or guidance, the results of which can be used when considering the internal control environment and the Annual Governance Statement for 2023/24.

c)    to endorse the Chief Audit Executive’s Limited assurance, year-end opinion, that the Council’s framework for governance, risk management and internal control is sound and working effectively for 2023/24 based on the work undertaken and management responses received.