Agenda item

Mid-Kent Audit Interim Internal Audit Report 2015/16

Minutes:

The Committee considered the report of the Head of Audit Partnership providing a mid-year update on work conducted by Mid-Kent Audit in pursuance of the audit plan agreed by the Audit Committee in March 2015 and a commentary on the broader objectives of the Internal Audit service in helping to ensure good governance at the Council.  In introducing the report, the Head of Audit Partnership highlighted the following issues:

 

Safeguarding Arrangements

 

The Head of Audit Partnership explained that this audit review covered the specific statutory obligations the Council had under the Children Act 2004 for ensuring the safeguarding of children and vulnerable adults in its areas of responsibility.  Whilst the Council did not have the same level of responsibility as an authority providing education and social services, it did have a responsibility to remain vigilant and make referrals.

 

It had been concluded from the audit work that there were weak controls over the Council’s safeguarding arrangements.  Although the Council was satisfying its statutory obligations for safeguarding, and there were no immediate concerns to report, areas had been identified where improvements were needed to provide greater resilience and to ensure safeguarding risks were being adequately managed.  These included introducing a Deputy Local Authority Designated Officer to provide resilience and introducing a central database of all safeguarding referrals submitted to ensure that when issues did come to light, the Council was recording and passing on the information consistently and accurately.

 

The actions arising from the audit work would provide the Head of Service and the Safeguarding Working Group with the necessary support to ensure that in time the Council would be able to restore its safeguarding arrangements to the level of effectiveness that Members would wish to see.

 

In terms of timeframes, the majority of the recommendations were due for implementation by not later than 31 March 2016.  Some of the recommendations were quite substantial, and included the development of policies and processes.  An update on implementation of the recommendations would be included in the Internal Audit Annual Report to the Committee in July 2016.

 

Risk Management

 

The Head of Audit Partnership advised the Committee that work was underway towards establishing a comprehensive risk register covering service, project and corporate risks.  To help identify the risks that could impede the Council’s ability to achieve its corporate objectives, the Council had commissioned Grant Thornton to lead the risk workshop scheduled to be held on 14 December 2015.

 

Mid-Kent Audit Service Update

 

The Head of Audit Partnership drew the Committee’s attention to changes which had been made to the structure of Mid-Kent Audit to provide greater capacity at all levels of the service, but particularly at management level to increase the ability to respond rapidly to changing risks and priorities and to deliver focused strategic reviews.  The revised team structure included the appointment of Russell Heppleston as Deputy Head of Audit Partnership.

 

In response to questions by Members, the Head of Audit Partnership explained that:

 

·  The National Fraud Initiative (NFI) was an exercise that matched electronic data within and between public and private sector bodies to prevent and detect fraud.  Matches were anomalous items in the data which potentially on investigation could identify cases of fraud or error.  All matches were investigated as each match could be a potential fraud.  Mid-Kent Audit would be taking on direct examination of non-benefits matches rather than just co-ordination from January 2016.

 

·  In addition to the NFI, the Kent Intelligence Network, a local data matching service, was coming on-line now.  Historically, the Council operated a Fraud team that focused on revenues and benefits and there had not been a corporate Counter Fraud team dedicated to looking at fraud in its broadest sense.  He was optimistic that in the New Year, the Council could establish a corporate Counter Fraud team possibly using the skills available within Mid-Kent Audit.

 

·  In terms of performance across the Partnership, the % of projects completed within the budgeted number of days was currently 57% against a year-end target of 60%.  This was an improvement on the outturn for 2014/15 (47%), and could be attributed to the team’s ability to more accurately scope the budget for the work undertaken and to more closely scope the work to a specific number of days.  There was also a tendency for the team to help Officers with Internal Audit recommendations, and this needed to be recognised in drawing up the audit plan.  The team would be looking to achieve further improvements in this measure of performance and hoped to achieve nearer 100% in a few years’ time.

 

·  With regard to an attempted fraud at the Council involving the use of a “spoof” email account, spoof emails were a risk, but the Council had in place a range of additional controls to frustrate these attempts, and on this occasion these controls had worked effectively.  The matter had been reported to the Police, but the amount involved and the methodology did not meet the threshold to prompt the Police to be involved.

 

·  In terms of the Council’s resilience to cyber-attack, a report had been prepared by the ICT team considering the risks.  The report had concluded that the Council was adequately and proportionately protected.  The Head of ICT would be asked to circulate the report to Members in order to provide a fuller explanation. These risks were also considered when the Audit Plan was being drawn up.

 

·  The change from a Cabinet to a Committee system of governance had not made any particular difference to the way in which the Internal Audit team carried out its work.  The team’s primary relationship with Members was through its work with the Audit, Governance and Standards Committee.

 

RESOLVED:

 

1.  That progress against the Internal Audit Plan 2015/16 be noted.

 

2.  That Russell Heppleston be congratulated on his appointment as Deputy Head of Audit Partnership.

 

3.  That the Internal Audit team be congratulated on its achievements.

 

Supporting documents: