Agenda item

To consider the updated Internal Audit Charter and the Internal Audit Strategy and Plan for the 2024/25 financial year.

The Internal Audit Manager presented the proposed Internal Audit Charter and the Internal Audit Strategy and Plan for the 2024/25 financial year. Within his introduction, he outlined each section of the report.

The Risk Register was available to view here Corporate Risk Register-GAP Update March 23.pdf (moderngov.co.uk) .

In response to questions raised by members on the report, the following was clarified:

·         The Internal Audit Plan for 2024/25 had been mapped against the existing resources. The Internal Audit Manager felt that the plan was achievable, subject to staff being available throughout the year and the scope of each audit being controlled.

·         The Internal Audit staff consisted of 1.5 members of staff, along with a manager.

·         All previously deferred audit had been considered within the risk assessment. As a result, some had been merged into other audits, such as Air Quality Grants into Grant Funding, and some deprioritised where other areas scored more highly in the risk assessment.

·         An audit on the financial risk and contracts management of Leisure PFIs was in the reserve plan. If it is undertaken in 2024/24, it will ensure that preparation is in place to ensure the Council was in the best position for the for the end of the agreement.

·         There was a planned audit into the wider contract management arrangements to protect the Council’s data stored on the Idox system. This included a light touch review of the carbon usage on the hosted servers to consider the climate risk also.

·         The Monitoring Officer confirmed that work was being undertaken by CMT around single points of service failure and building further operational resilience, and a report was expected to be brought to Council.

·         The Internal Audit team were part of Blueprint Uttlesford, and the service was expected to be reviewed in the final year. They had been key within the process; for example, by conducting an audit on the programme management.

·         The audit plan deprioritised areas where assurance had already been provided (e.g. previous years’ audits, external reviews / audits).

·         There were some areas, such as allotments, that are likely to always be assessed as low risk and are unlikely to justify audit resource.

Councillor Fiddy raised concerns regarding the omission of an audit into Planning Conditions, given the financial and reputational risks. She highlighted two recent Ombudsman decisions where the Council was found to be at fault in matters concerning Planning Conditions. In response, officers confirmed that the matter had been risk assessed, however everything may have not been fully taken into account. They were conscious of adding the audit to the plan, given that something would have to come off.

Members requested that regular updates be brought to the Committee, as well as any key risks that have been identified.

Councillor Barker highlighted that at Essex Country Council, the relevant Cabinet Member would see the completed audit reports for their portfolio, and any audits with limited or no assurance would also be brought to the attention of the Audit Committee. The Service Manager would also be summoned to the meeting to be questioned on how the issues would be addressed. Members requested that officers look into taking a similar approach at the Council.

The report was noted.