To receive any apologies for absence.

Apologies were received from Councillors Carroll, Targowska and Smith.  Councillor Kellaway attended as a substitute.

To receive any declarations of interest.

There were no declarations of interest received.

To approve the Part I minutes of the meeting held on 16^th February 2016

The Part I minutes of the meeting held on 16 February 2016 were approved as a true and correct record subject to the following amendments:

·         Page 7 change ‘processes’ to processed with regards to benefit claims.

·         Page 8 ‘fresh hold’ be replaced with threshold.

·         Page 10 – Internal Audit Plan, there were 726 days in the plan, 3.8 FTE and  202 days work each which was 1360 capacity days for the year to cover both authorities plans.

The Chairman raised concern that senior managers in the authority are being asked to sign quality assurance statements and he did not agree with this as it was a duplication of effort as this should be picked up via their job descriptions. The Chairman felt that we should not be doing more then was statutory required as there was no need in putting in too much governance arrangements then required.  Quality assurance was important but he did not wish to see duplication when a light touch approach would work. A better system should be introduced that added value.

To receive a presentation on the audit process.

The Panel received a presentation on the Internal Audit Planning Process from Catherine Hickman, Service Manager and Paul Ohsan Ellis, Team Leader Internal Audit,  Shared Audit and Investigation Service.

The Panel were informed that the audit planning process currently in operation had evolved as a result of the following:

·         2011 - review of the Audit and Investigation Service

·         Challenges of the current financial climate

·         To deliver a function that is aligned to a LEAN environment

·         Statutory requirements

The Audit Plan had been produced  in consultation with CMT, the S151 Officer, External Audit and this Panel.   The Internal Audit Plan was a formal mechanism to allow the S151 Officer to discharge their legal responsibilities and also aid the Chief Audit Executive to report to the Audit and Performance Review Panel thier audit opinion on the council’s internal control, risk management and governance environment and this also feeds in to the Annual Governance Statement process which was a statutory document that sits alongside the published set of financial accounts.

The Panel were informed that the audit plan was split into distinct sections:

·         Key Financial Systems these were the audits of functions that underpin the council achieving its objectives. 

·         The Governance Building Blocks that are important key cornerstones of good governance. 

·         The key risks are those that if unmanaged could have a major impact on the council achieving its objectives and as such are reviewed to ensure that the appropriate treatment measures put in place by management are effective and efficient. 

·         Auditor Judgements are those that have been identified by management that are not a key risk but management are requesting that internal audit look at these areas.

·         Servicing the Business holds areas where audit aid management in achieving their objectives through reviews, advice and consultancy services including key areas such as governance.

The plan was aligned to the Corporate Risk Register (CRR) and the Key Risks shown in the audit plan have been identified using set criteria which included; when they were last reviewed, whether follow up action was required, whether it was a new key risk on the CRR.  Key risks to the Council can be fluid and so there was a mechanism in place whereby the Insurance and Risk Manager informed of any changes to the key risks on a monthly basis and where required the audit plan would be amended.

With regards to audit reporting and management responses the Panel were informed how Audit reported their findings and how it assesses the category of risk for the concerns identified.  The auditor used the risk criteria for impact as shown in the Council’s Risk Management Strategy.  It was at this point that management could challenge the cause and category of risk reported.  Once agreed management then responded to the audit management action plan detailing whether they would treat, transfer, tolerate or terminate the risk.

The Panel were shown the audit opinion categories which were:

·         Complete and effective

·         Substantially complete and generally effective

·         Range of Risk Mitigation Controls was incomplete and  ...  view the full minutes text for item 33.

To approve the internal audit plan.

The Chairman informed that they would be using the minutes of the last meeting and the presentation received to aid discussion on the Internal Audit Plan. 

On page 10 of the agenda in the minutes it was reported that ‘The Chairman questioned the status of appendix A, if it changed year on year and what the percentage of stable items verses dynamic items were The Panel were informed that the key financial systems were audited each year whilst the remainder were chosen from strategic and management risks; it was the audits chosen from risks that had the fluidity.’  The Chairman mentioned that this had been addressed in the presentation.

Catherine Hickman informed the Panel that the report re-submitted the 2016/17 Internal Audit Plan to the Audit and Performance Review Panel to address the points raised at the previous meeting on 16 February 2016.

The Chairman asked if we knew the total population of functions that could be audited and was informed that table 1on page 16 showed the 127 risks audited.

Cllr E Wilson mentioned that the question was about functions and not just risks and was informed that they only audited the risks and tested the effectiveness of controls. 

The Chairman reported that if we were only looking at risks you have to be confident that your first assumption is correct, if not you would be looking at the wrong area.  The Panel were informed that as long as you have a robust risk assessment process then this approach worked well.  The other option would be to audit everything we do and this would be expensive.  The Chairman said there was the option to incorporate random checks and asked CMT to consider this to help keep the organisation honest.

Cllr E Wilson also questioned who was putting items on the risk register as if they wanted to be scrupulous they could keep item of and thus they would not be audited.  The Panel were informed that there were also financial systems in place to prevent fraud and that senior manager had a robust system in place checking returns.

The Chairman said that the Panel would recommend that CMT consider how items not on the Risk Register were monitored and that CMT are assured that robust controls were in place.  They were also asked to consider the introduction of spot checks and if undertaken by other managers that these were signed off  so everything was verifiable.

Resolved unanimously that the Audit and Performance Review Panel approved the 2016/17 Internal Audit Plan.

To consider the report.

Steve Mappley, Insurance and Risk Manager, introduced the report that dealt with risk management as part of the Council’s governance arrangements. The report informed the Panel of developments over the past 12 months and included what the authority’s strategic risks were as well as  an overview of the risk management work.

With regards to the Annual Risk Management Strategy it had been slightly revised to make it more user friendly with the addition of the responsible officers roles.  As the risk assessment process could be viewed as crude CMT would be asked to consider a different approach to how we used probability.  

The Chairman reported that it was a good approach and introducing a hierarchy of objectives introduced a level of granularity that could show how a low level risk could have a domino effect.  The Chairman also recommended that proximity be also examined to see if this could be added to the equation when assessing risk.  It was reported that officers had looked at proximity but the science behind this was limited.

Cllr E Wilson also mentioned that you could introduce diminishing return to make sure we provide good value for money for our residents.

Cllr Jones asked if there was an incident that was not on the risk register how would it be reported back to the Panel and how would we get lessons learnt.  The Panel were informed that audit would be instructed to look at such incidents and there had been an incident that was reported to the Panel.

The Chairman mentioned that the Panel would be interested that if there was a transgression what lessons had been learnt, was it on the Risk Register, the risk analysis and where processes changed as a result.  Would like CMT to adopt and own this.

Cllr E Wilson asked if lead Members were aware of the tolerance levels regarding risk and was informed that this should be incorporated in lead Member briefings.  It was recommended that CMT investigate that this was so.  The Chairman mentioned that if on a fail fast learn fast policy then we could take more risks, this was important for the Transformation Programme.

Cllr Kellaway questioned why important issues such as the Borough Local Plan, flood prevention or recruitment and retention were not in the register and was informed that they would be listed as operational risks.

Resolved Unanimously that members endorse the council’s policy and strategy to identify, monitor and manage its risks.

To consider passing the following resolution:-

“That under Section 100(A)(4) of the Local Government Act 1972,

the public be excluded from the remainder of the meeting whilst

discussion takes place on item 9 on the grounds that it involves the

likely disclosure of exempt information as defined in Paragraphs 1-

7 of part I of Schedule 12A of the Act"

RESOLVED UNANIMOUSLY: That under Section 100(A)(4) of the Local Government Act 1972, the public be excluded from the remainder of the meeting whilst discussion takes place on following items on the grounds that they involve the likely disclosure of exempt information as defined in Paragraphs 1-7 of part I of Schedule 12A of the Act.

To consider the Part II minutes of the meeting held on 16^th February 2016.