Your Councillors


LB Merton CMT Cover sheet

Audit, Governance & Standards Committee

21 March 2016

Is the final decision on the recommendations in this report to be made at this meeting?

Yes

 

Internal Audit Plan 2016/17

 

Final Decision-Maker

Audit, Governance & Standards Committee

Lead Head of Service

Rich Clarke, Head of Audit Partnership

Lead Officer and Report Author

Russell Heppleston, Deputy Head of Audit Partnership

Classification

Public

Wards affected

N/A

 

 

This report makes the following recommendations to this Committee:

1.   The Committee endorses the Internal Audit Operational plan for 2016/17.

2.   The Committee note the longer term plan up to 2018/19 which will be subject to annual review and refresh.

3.   The Committee notes the view of the Audit Partnership that the service is sufficiently resourced to deliver the Head of Audit Opinion for 2016/17.

 

 

This report relates to the following corporate priorities:

·         Keeping Maidstone Borough an attractive place for all -

·         Securing a successful economy for Maidstone Borough –

 

The report supports the good governance of Maidstone Borough Council and so contributes broadly to achievement of its corporate priorities.

 

 

Timetable

Meeting

Date

Committee (Audit, Governance & Standards)

21 March 2016



Internal Audit Plan 2016-17

 

1.       PURPOSE OF REPORT AND EXECUTIVE SUMMARY

 

1.1    This report is provided to enable the Committee to consider and endorse the Internal Audit Plan 2016-17.

 

1.2    Public Sector Internal Audit Standards requires the Internal Audit Service to establish risk-based plans to determine the priorities of the internal audit activity, consistent with the organisation’s goals.

 

1.3    As the Committee charged with governance, the Audit, Governance & Standards Committee it is required to consider and endorse the audit plan, and maintain oversight of the internal audit service and its activities.

 

2.       INTRODUCTION AND BACKGROUND

 

2.1    The Audit, Governance and Standards Committee must obtain assurance on the control environment of the Council. Consequently, the Committee needs to have an awareness of the work conducted by Internal Audit, in order to adequately fulfil its duties.

 

2.2    The internal control environment comprises the whole network of systems and controls established to manage the Council, to ensure that its objectives are met. It includes financial and other controls, and arrangements for ensuring the Council is achieving value for money from its activities

 

2.3    The report sets out the one-year operational plan for 2016/17 together with an update to the longer-term plan up to 2018/19 originally presented to the Audit Committee in March 2015.  We ask the Committee to review and endorse the 2016/17 operational plan and note the longer-term plan.

 

2.4    We also ask Members to note the Audit Partnership’s view that the Partnership has sufficient resources to deliver the plan.  This final request arises from developments to Public Sector Internal Audit Standards during 2015/16 that requires the Head of Audit to explicitly draw attention of Members to his assessment of the resources as his disposal.

 

 

3.       AVAILABLE OPTIONS

 

3.1    The plan proposed aims to complete internal audit’s responsibilities in an efficient and effective manner, in accordance with our professional standards. We recommend no alternative course of action.

 

4.       PREFERRED OPTION AND REASONS FOR RECOMMENDATIONS

 

4.1    The Audit, Governance & Standards Committee it is required to consider and endorse the audit plan, and maintain oversight of the internal audit service and its activities.

 

4.2    The risk of not endorsing the plan is that the Council will be at greater risk of incurring or failing to detect fraud, error or service failure or weakness.

 

 

5.       CONSULTATION RESULTS AND PREVIOUS COMMITTEE FEEDBACK

 

5.1    The audit plan is developed through consultation with senior officers and Heads of Service across the Council. Previously this committee has endorsed the audit plan, and commented positively on its formation.

 

5.2    The plan has also been shared in full with officers at the Council’s Wider Leadership Team and at the Audit Partnership’s Shared Service Board. This report reflects comments made during consultation.

 

6.       NEXT STEPS: COMMUNICATION AND IMPLEMENTATION OF THE DECISION

 

6.1    If the plan is endorsed as outlined, then the next step will be for us to write to each Head of Service to communicate the audit projects in their service areas for the year.

 

 

7.       CROSS-CUTTING ISSUES AND IMPLICATIONS

 

 

Issue

Implications

Sign-off

Impact on Corporate Priorities

The report supports the good governance, internal control and risk management of Maidstone Borough Council and so contributes broadly to achievement of its corporate priorities.

 

 

 

 

 

 

 

 

 

 

 

 

 

Rich Clarke

Head of Audit Partnership

10 March 2016

Risk Management

The audit plan is produced as a result of risk assessment examining where audit activity is best focussed.  The risk of not approving the plan is that the Council will be at greater risk of incurring or failing to detect fraud, error or service failure or weakness.

Financial

There are no additional costs or savings associated with this proposal.

Staffing

There are no staffing implications associated with this proposal.

Legal

Internal Audit is a required function in accordance with the Accounts & Audit Regulations 2015.

Equality Impact Needs Assessment

This report does not describe circumstances which require an Equality Impact Needs Assessment.

Environmental/ Sustainable Development

There are no environmental or sustainable development implications for this report.

Community Safety

There are no community safety implications for this report.

Human Rights Act

There are no implications for the Council’s responsibilities under the Human Rights Act in this report.

Procurement

There are no procurement implications for this report.

Asset Management

There are no asset management implications for this report.

 

8.       REPORT APPENDICES

 

The following documents are to be published with this report and form part of the report:

·         Appendix I: Internal Audit Plan 2016-17

 

 

9.       BACKGROUND PAPERS

 

There are no background papers to further support this report.

 

 


 

Mid Kent Audit

 

 

 

Internal Audit Plan 2016/17 Operational Plan and Strategic Plan Update

 

 

Maidstone Borough Council

 

 

 

 


Introduction

1.             Internal audit is an independent and objective assurance and consulting activity designed to add value and improve the Council’s operations. It helps the Council accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes[1].

2.             Statutory authority for Internal Audit is within the Accounts and Audit Regulations 2015, specifically Regulation 5:

A relevant authority must undertake an effective internal audit to evaluate effectiveness of its risk management, control and governance processes, taking into account Public Sector Internal Audit Standards (PSIAS).

3.             The Head of Audit Partnership is required by PSIAS standard 2450 to provide an annual opinion on the overall adequacy and effectiveness of the Council’s framework of governance, risk management and control. The opinion takes into consideration:

a)             Internal Controls: Including financial and non-financial controls.

b)             Corporate governance:  Including effectiveness of measures to counter fraud and corruption, and

c)             Risk Management: Principally, the effectiveness of the Council’s risk management framework.

 

4.             The opinion draws significantly on the work conducted by the audit team during the year which is principally set out in the internal audit plan. The Standards, specifically standard

·         The Head of Audit Partnership must establish risk-based plans to determine the priorities of the internal audit activity, consistent with the organisation’s goals 

5.             This document builds on our 4 year strategic plan presented to this Committee in March 2015, outlining the updates and adaptations we propose to ensure that the 2016/17 operational plan will support an accurate and reliable Head of Audit opinion and help the Council achieve its objectives.  While the focus is on 2016/17, we have also made some consequential adaptations to the final two years of the plan which we will revisit in full and extend into 2020/21 as part of next year’s planning.

 


Basis of our plan: available resources

6.             Last year we adapted the basis of our plan to move from seeking to deliver a set number of projects to a number of audit days.  This move has enabled a much greater responsiveness and flexibility in how we deliver the audit resource.  At Maidstone in 2015/16 this helped enable us to support the Council in developing its risk management approach.

7.             As noted in our interim update in December 2015, during 2015/16 the Audit Partnership was restructured following the departure of a long-standing Audit Manager.  The restructure has meant the team for 2016/17 can deliver more productive days. We achieve this through the addition of an audit team administrator role to free-up time for completing the plan, revision to the audit manager job description to enable more direct project and consulting work and continued development of the two trainee posts we created in 2015.

8.             These changes have meant an increase across the Partnership in available productive days from 1,600 to 1,710, an increase of just under 7%.  Given that the restructure occurred within the existing audit budget, this increase in productive days is at no additional cost.

9.             In accordance with the principles of the Collaboration Agreement which governs the operation of the service, we divide these days between the authorities in line with their contribution to the service’s budget, as per the table below:

Authority

Contribution to overall partnership budget

Audit Days Allocated 2016/17

Increase from days allocated 2015/16

Ashford BC

23%

395

+25

Maidstone BC

29%

500

+30

Swale BC

26%

440

+30

Tunbridge Wells BC

22%

375

+25

Total

100%

1,710

+110

 

10.         Therefore the total audit allocation for Maidstone BC in 2016/17 is 500 days, an increase of 30 days from the 2015/16 level. We are satisfied that the Audit Partnership has sufficient resources in both quantity and capability to fulfil responsibilities. We present a full analysis of resources on the following page to support this conclusion.

11.         However, we must clarify that our audit plan cannot address all risks across the Council and represents our best deployment of what are inevitably limited audit resources.  In approving the plan, the Audit Committee recognises this limitation.  We will keep the Committee abreast of any changes in our assessment of resource requirement as we monitor the risks posed to the Council.  In particular, we will revise this resource assessment afresh each year.

 


12.         Operational guidance on PSIAS 2030 (Resource Management) sets out a range of factors Heads of Audit must consider when evaluating whether the level of resource available is sufficient to fulfil responsibilities.  Our analysis of the audit partnership against this guidance is outlined below:

 

Audit Resource Evaluation 2016/17

Step

Question to consider

Response

Resource Indication

1

Did you have sufficient resource to complete your prior year plan?

Marginal under-delivery of the plan anticipated (97% completion forecast) due principally to in-year maternity vacancies and lost time from inducting new staff.  Similar issues not anticipated for 2016/17 and so no immediate barrier known to completing the plan.

No change in audit resource for this year

Changes To The Organisation

2

How has the size of the organisation changed?

No significant change.

No change in audit resource for this year

3

How has the complexity of the organisation changed?

No significant change of structure at Head of Service level but the Council is currently recruiting into two Director positions as part of a revised overall structure. The Council continues to consider new commercial opportunities.

No change in audit resource for this year

4

How has the risk appetite of the organisation changed?

While not formally documented, our risk workshops over the course of the year and the formation of the comprehensive risk register indicates the authority is increasingly willing to take on (or support) more ambitious projects to support delivery of its priorities.

More audit resource needed this year

5

How has the risk profile of the organisation changed?

This greater ambition, coupled with the greater risks inherent in a challenging public sector environment with limited resources and expanding and diversifying responsibilities, suggests a greater risk profile.

More audit resource needed this year

6

How has the organisation's control environment changed?

Consistently, audit reports on key controls record sound/strong assurance results.

Less audit resource needed this year

Changes To The Audit Service

7

What was the outcome of the QAIP/EQA?

Full conformance.

No change in audit resource for this year

8

What changes have there been to audit professional standards & guidance?

Changes to standards on 2nd line of defence capabilities in particular point to a broader audit role if useful to authorities.  This is notable as Internal Audit takes on more responsibilities around risk management.

More audit resource needed this year

9

What efficiencies have there been within the audit service?

Continued bedding in of new audit approach and templates. Largely clearing backlog of 2013/14 and earlier recommendations for follow up.

Less audit resource needed this year

10

How have Board expectations of the audit service and its role changed?

There are a range of projects/innovative areas where audit assurance input is valuable, especially in early stages of developing projects.

More audit resource needed this year

Overall Summary

 

What level of audit resource is needed compared to last year?

There is a marginally greater need for audit resource in 2016/17 than 2015/16.  Principally this is due to increase in the general risk environment the Council continues to operate in, the Council's commercial ambitions, and the introduction of a new Corporate Leadership Team in the form of two new Director appointments.   Weighing against are continued efficiencies within the audit service and a consistently reliable control environment.

More audit resource needed this year

 

Do you have sufficient resource to complete your audit plan?

I am confident that this plan delivers sufficient resources to support a reliable and comprehensive Head of Audit opinion at year end.

Yes

Resource evaluation in accordance with Standard 2030 on Resource Management

 


Basis of our plan: risk assessment

13.         In compiling the four year strategic plan in 2015 we undertook a comprehensive evaluation of all areas of potential assurance need (the ‘audit universe’) and the risks and priorities of the Council.  It is not efficient to run that evaluation in full every year and so the 2016/17 planning has concentrated on adapting and evolving our understanding of the internal control, governance and risk framework.  We will undertake a more comprehensive review ahead of the 2017/18 audit plan, including a new four-year plan which will extend out to 2020/21.

14.         What we have done for 2016/17 is an analysis of the projects and other audit work originally scheduled in the four-year plan we presented in March 2015 and considered their continuing relevance and utility to the Council based on our understanding of how its risks and priorities have developed.  To form this analysis we have:

·         Considered the results of audit work conducted in 2015/16 (including non-project work ,follow-up of recommendations and work completed at other authorities),

·         Consulted widely with officers, including meeting individually with each Head of Service and presenting an earlier draft of this plan to the Shared Service Board which includes the Council’s s.151 Officer.

·         Reviewed the Council’s strategic plan and risk documentation, including direct participation across the year at officer led risk workshops.

15.         These steps stand in addition to our day-to-day work across the year in keeping plans flexible and responsive to new information and feedback from officers, Members and the broader environment the Council operates in.

16.         The work identified for 2016/17 is set out on the following page, along with further notes of the ground we expect the review to cover (although specific audit scopes with be agreed with audit sponsors during engagement planning) and comments on any changes from the 2016/17 plan outlined in our 4 year strategic plan of Mach 2015.


 

2016/17 Operational Audit Plan

Project titles and descriptions

Plan Days

2016/17 Updates

Core Finance Reviews

 

 

Payroll

-          Substantive testing on high risk areas, including procedures for starters and leavers

52

Retained per original plan

Housing Benefits

-          To review any changes to process and test key controls, considering particularly online services.

122

Retained per original plan but shift focus slightly to include self and online services

Accounts Payable

-          To verify any changes to the system since 2015/16 and substantive testing of invoice payment

10

Retained per original plan

General Ledger: Journals & Feeder Systems

-          Document system and test key controls

15

Retained per original plan

Treasury Management

-          To review compliance with treasury management strategy, in particular capital borrowing.

15

Retained per original plan

Corporate Governance Reviews

 

 

Freedom of Information

-          To review processes and controls for ensuring compliance with statutory obligations.

15

Retained per original plan

ICT Controls and Access

-          To review ICT access controls on key systems, including remote access.  Also considering action in response to external ICT reviews.

82

Retained per original plan

Corporate Governance

-          To build on initial review in 2015/16 and consider the Council’s arrangements for meeting the revised Corporate Governance Code applicable from 1 April 2016.

10

Retained per original plan

Corporate Projects Review

-          To consider management of corporate projects

10

Moved to 16/17 plan following deferral from 15/16.

Performance Management

-          To review implementation of refreshed service planning and performance management processes.

10

Retained per original plan

Operational Reviews

 

 

Park & Ride

-          To review contract management, including data validation of information provided by contractor.

15

Moved to 16/17 following deferral from 15/16 to assess impact of P&R site closure on scope.

Public Conveniences

-          To review basis of charging for maintenance and continuing service provision.

15

Addition to 16/17 plan following discussion with officers.

ICT Procurement

-          To review effectiveness of ICT procurement both centrally through the Project Framework and within services.

 

7 2

Retained from original plan

Crematorium

-          To assess regulatory compliance and development plan

15

Retained from original plan

Facilities Management

-          To review facilities service against its service plan.

15

Retained from original plan

HR Policy Compliance

-          To review effectiveness of measures to monitor and enforce compliance with HR policies.

102

Retained from original plan

Discretionary Housing Payments

-          To review compliance with policy on awarding discretionary housing payments, including exercise of judgement and payment controls.

15

Addition to 16/17 plan following deferral from 15/16 to align with work elsewhere in the Partnership

Tourism

-          To review progress on achieving aims set out in the Destination Management Plan

15

Re-scoped from original plan to narrow focus (was ‘museum & tourism).

Parks & Open Spaces

-          To review parking strategy plus controls on Mote Park car park ticketing and season ticket controls.

15

Retained from original plan but scope broadened to include Mote Park parking charges

Community Safety Unit

-          To consider CSU workload management and response times

15

Addition to 16/17 plan following discussion with officers.

Residents’ Parking

-          To review administration of permits and controls for handling income, including new online facility

82

Retained from original plan but scope broadened to include online applications

Public Health

-          To review progress again range of delivery plans plus use and accounting of grant funding

15

Addition to 16/17 plan following discussion with officers.

Building Control Operations

-          To review service delivery of fee earning and non-fee earning services and controls on income handling.  Also consider complaints management and KPIs.

15

Retained from original plan

Elections

-          To focus on IER and project management of elections process

15

Retained from original plan

Land Charges

-          To review service performance and income handling controls.

 

6 2

Retained from original plan

Non-Project Work

 

 

Audit Committee Support

-          Attendance at, preparation and advice to Audit Committee and Members, including training and briefings

 

13

Retained from original plan, increase from 10 days to include briefings programme.

Recommendation Follow-Up

-          Consider implementation of audit recommendations as part of quarterly exercise.

 

40

Reduced from 60 days originally, following working through of backlog

Counter Fraud Support

-          To monitor and refresh corporate policies and administer and investigate matches identified by National Fraud Initiative (NFI) and Kent Intelligence Network (KIN)

 

 

40

Increased from 20 days to reflect need for policy refresh and creation of KIN

Risk Management Support

-          To assist the Council in identifying and managing strategic and operational risks.

40

Increased from 20 days to reflect anticipated expansion of audit role

Project Board Support

-          To contribute directly to project boards.

3

Reduced from 8 days following reduction in number of projects.

Contingency

-          To provide space for responses to risks arising in year, including requests for ad hoc advice or support

50

Retained from original plan, aimed at 10% contingency

Projects removed from 2016/17 Plans

 

 

Online Management

0

Objectives included in scope of 15/16 Customer Services review.

ICT Networks

0

Brought forward to 2015/16 following discussion with officers

CCTV

0

Deferred to 17/18 pending review of contract.

Building Control Fees

0

Swapped with operational review following discussion with officers, so deferred until 2017/18.

Total Audit Days

500

 

 

2 Shared service review jointly funded from audit plans of participating authorities.

 

17.         At Appendix II, we show this plan in place against the remainder of our strategic plan up to 2018/19.  This includes a small number of consequential amendments to 2017/18 and 2018/19, particularly when work has been re-scheduled.  We will re-consider those changes and set out further detail as part of our planning for 2017/18 and subsequent years.

 

 

 

Delivering audit work

18.         The risk-based approach taken to forming the plan is integrated within our approach to individual projects.  In addition to any specific objectives agreed with the audit sponsor at the time of drawing up the audit scope each project considers the strategies, risks and objectives relevant to the service area under review.

19.         We will conduct each review in line with our standard audit methodology which is aligned to the Public Sector Internal Audit Standards.   The roles and responsibilities for successful delivery of audit projects are set out also in our Audit Charter.  An updated Charter for 2016/17 is also included on today’s agenda and will be provided to every audit sponsor.

20.         Each of these audit reviews will culminate in an assurance rated report, giving our view on whether the particular area is operating effectively.  We will keep these rating levels consistent with our revised approach adopted first in 2014/15, with details of the assurance levels included as a reminder to Members in this report at appendix IIII.

21.         We will also, where appropriate, make recommendations for improvement.  These recommendations are graded as set out in appendix IIII and followed up by our audit team when due for implementation.  Recommendations that we find have not been implemented where there is ongoing risk to the Council are reported in the first instance to the Council’s Leadership Team.  Also, Senior Managers responsible for services that consistently fail to address audit recommendations may be invited to provide further explanation to Members at the Audit, Governance & Standards Committee.

22.         The plan also recognises the non-project work we deliver, using our experience and expertise to assist the Council in pursuit of its priorities.  We undertake this work in line with the arrangements set out in the Charter, in particular with those safeguards aimed at preserving our independence and objectivity.

23.         Typically the non-project work will not result in an assurance graded output, but rather an alternative format relevant to the engagement and agreed with the work’s sponsor.  In any event, we will inform the Audit Committee of the outcomes of non-audit work through our interim and year end reports.

Monitoring delivery

24.         We undertake our audit work against our standard audit approach, which has been assessed in our EQA as conforming with the PSIAS.  In addition we adhere to the professional standards, roles and responsibilities as set out in the Charter.

25.         As part of this approach we are careful to ensure the quality and consistency of our work.  With respect to individual audit projects, each undergoes internal review focussing on each stage from compilation of the original brief, through completion of fieldwork and ultimately our reporting.

26.         We undertake broader quality assurance of our work as detailed in our annual reports which include a full self-assessment against the PSIAS.

27.         Our service is also monitored each quarter by an Audit Shared Service Board; Paul Riley is Maidstone’s representative.  The Board receives performance and financial monitoring reports on the progress of the service.  The set of performance indicators against which we report are included at appendix V, and we also report outturn on these indicators to the Audit Committee twice a year, as part of our interim report in September, and the annual report in June.

28.         We are also dedicated to continuing to develop and enhance the professional expertise and experience of our audit team.  In 2016/17 we have three of the team studying for professional qualifications in addition to the five who gained qualifications in 2015/16.  We include more details about the audit team and the work we will be undertaking in 2016/17 to support and enhance their development within appendix III.


Appendix II: Maidstone Borough Council: Updated Strategic Plan

Core Finance & Corporate Governance Reviews

Service

Audit Project

2016/17

2017/18

2018/19

Core Financial Systems

67 days

6 reviews

74 days

6 reviews

56 days

6 reviews

Finance & Resources

Bank/Treasury

15

 

10

Finance & Resources

Budget Management

 

15

 

Finance & Resources

General Ledger

15

 

10

Finance & Resources

Payments & Receipts

10

10

10

Finance & Resources

Procurement

 

15

 

HR Shared Service

Payroll

5

10

8

Revenues & Benefits

Business Rates

 

12

6

Revenues & Benefits

Council Tax

 

12

12

Revenues & Benefits

Discretionary Payments (MKIP)

10

 

 

Revenues & Benefits

Housing Benefits

12

 

 

Corporate Governance

53 days

5 reviews

65 days

6 reviews

58 days

6 reviews

Chief Executive

Business Continuity

 

 

10

Housing & Community

Safeguarding

 

10

 

ICT Shared Service

ICT Controls/Access

8

 

8

Legal Partnership

Members' Allowances

 

15

 

Legal Partnership

Register of Interests

 

10

10

Policy & Communications

Corporate Governance

10

5

5

Policy & Communications

Corporate Projects Review

10

 

15

Policy & Communications

Data Protection

 

15

 

Policy & Communications

Freedom of Information

15

 

 

Policy & Communications

Performance Management

10

 

10

Policy & Communications

Risk Management

 

10

 

 

Operational Reviews

Service

Audit Project

2016/17

2017/18

2018/19

Operational Reviews

194 days

15 reviews

237 days

20 reviews

184 days

15 reviews

Commercial & Economic Development

Cobtree Manor

 

 

15

Commercial & Economic Development

Cultural Development

 

 

15

Commercial & Economic Development

Hazlitt Centre

15

 

 

Commercial & Economic Development

Leisure Centre

 

 

15

Commercial & Economic Development

Market

 

15

 

Commercial & Economic Development

Marketing & Sales

 

15

 

Commercial & Economic Development

Museum

 

 

15

Commercial & Economic Development

Parks & Open Spaces

15

 

 

Commercial & Economic Development

Tourism

15

 

 

Environment & Street Scene

Animal Welfare

 

15

 

Environment & Street Scene

Building Control Operations

15

 

0

Environment & Street Scene

Cemetery

 

 

15

Environment & Street Scene

Commercial Waste

 

 

15

Environment & Street Scene

Crematorium

15

 

 

Environment & Street Scene

Public Conveniences

15

 

 

Environment & Street Scene

Street Cleaning

 

15

 

Environment & Street Scene

Waste Collection Contract (ABC/SBC)

 

10

 

Finance & Resources

Corporate Support: Property

 

15

 

Finance & Resources

Elections & Registration

15

 

 

Finance & Resources

Facilities Management

15

 

 

Finance & Resources

Insurance

 

15

 

Finance & Resources

VAT Management

 

 

15

Housing & Community

Air Quality/Pollution (MKIP)

 

6

 

Housing & Community

Community Halls

 

15

 

Housing & Community

Community Safety Unit

15

 

 

Housing & Community

Food Safety (MKIP)

 

 

6

Housing & Community

Homelessness

 

15

 

Housing & Community

Housing Allocations

 

 

15

Housing & Community

Housing Grants

 

15

 

Housing & Community

Licensing

 

15

 

Housing & Community

Public Health

15

 

 

HR Shared Service

Health & Safety

 

15

 

HR Shared Service

HR Policy Compliance (MKIP)

8

 

 

HR Shared Service

Recruitment (MKIP)

 

8

 

ICT Shared Service

ICT Procurement (MKIP)

7

 

 

ICT Shared Service

Information Security (MKIP)

 

 

6

ICT Shared Service

Technical Support (MKIP)

 

6

 

Legal Partnership

Legal Services (MKIP)

 

6

 

Parking

Park & Ride

15

 

15

Parking

Parking Enforcement

 

8

7

Parking

Parking Income

 

7

 

Parking

Residents Parking

8

 

 

Planning & Development

Building Control Fees

 

 

15

Planning & Development

Planning Enforcement

 

 

15

Planning Support

Land Charges (MKIP)

6

 

 

Planning Support

Planning Income (MKIP)

 

6

 

Policy & Communications

Complaints

 

15

 

 

29.              Audit projects noting more than one client (e.g. ABC/SBC) are reviews of services delivered in partnership.  In such instances our work is co-funded between the partners’ audit plans and the audit output will be made available to all on the same basis.  Precise timings of work within a given year will be subject to negotiation with individual audit sponsors.

Other Work

Service

Audit Project

Partnership

2016/17

2017/18

2018/19

Risk Management

40 days

40 days

40 days

Policy & Communications

Risk Management Support

 

40

40

40

Counter Fraud

40 days

40 days

40 days

Finance & Resources

NFI Co-ordination and investigation

 

5

5

5

Finance & Resources

Proactive work and policy administration

 

30

30

30

Finance & Resources

KIN Co-ordination and investigation

 

5

5

5

Audit Follow Ups

40 days

40 days

40 days

Various

Quarterly follow up exercise

 

40

40

40

Consultancy and other work

66 days

16 days

82 days

Various

Supporting / attending project boards

 

3

3

3

Policy & Communications

Supporting & attending Audit Committee

 

13

13

13

TBC

Unalloc contingency/consultancy time

 

50

0

66

 

Overall Summary

Work Type

2016/17

2017/18

2018/19

Project Work (leading to assurance rating)

 314 days

26 reviews

376 days

32 reviews

298 days

27 reviews

Core Financial Systems

67

74

56

Corporate Governance

53

65

58

Operational Reviews

194

237

184

Other Work (unrated reporting)

186 days

136 days

202 days

Risk Management

40

40

40

Counter Fraud

40

40

40

Audit Follow Up

40

40

40

Consultancy/Contingency

66

26

82

Total Audit Resources Available

500 days

512 days*

500 days

 

 

*In 2017/18 we will be undergoing a full risk assessment exercise for the audit plan, and so anticipate the total allocated days to be re-allocated accordingly to the assessment outcomes.


Appendix III: Mid Kent Audit Team

Management

Management

Rich Clarke CPFA ACFS (Head of Audit Partnership): Rich became head of the audit partnership on 1 April 2014 joining the partnership from KPMG, where he had a range of internal and external audit clients across the public sector including LB Islington, Woking BC, East Kent Hospitals University NHS Trust, the Foreign and Commonwealth Office and the Civil Aviation Authority.  Rich is a Chartered Accountant (CPFA) and during 2015 undertook and passed further study to become an Accredited Counter Fraud Specialist (ACFS).

Russell Heppleston CMIIA (Deputy Head of Audit Partnership): Russell started working for the Maidstone / Ashford partnership in November 2005, and continued his role as Auditor for the Mid Kent Audit Service when it was established in 2010.  He progressed through professional qualifications with the Institute of Internal Auditors (IIA) to achieve both Practitioner and Chartered member status. Having been appointed as Audit Manager for Swale and Maidstone in 2013, Russell was subsequently appointed as Deputy Head of Audit Partnership in the 2015 restructure.  During 2016/17 Russell will be studying to achieve accreditation with the Institute of Risk Management.

Frankie Smith CMIIA (Audit Manager – Swale & Tunbridge Wells): Frankie Smith started her career in Internal Audit at Kent County Council in 2001 as a Trainee Auditor.  In December 2001 she was appointed to the role of Auditor at Maidstone Borough Council.  Over the last 15 years she has completed audits at Ashford, Maidstone, Swale and Tunbridge Wells and became fully CMIIA qualified in August 2015.  Frankie was appointed to the role of Audit Manager for Swale and Tunbridge Wells in August 2015.

Alison Blake ACCA, CIRM (Audit Manager – Ashford & Maidstone): Alison joined the internal audit partnership in 2012.  Prior to this Alison worked for South Coast Audit for 7 years where she undertook internal audit work across a range of NHS clients in East Kent. During Alison’s career she has completed a wide range of audit work including finance, information governance and risk management, system reviews and reviews of compliance with legislation with the aim of working with the client to help them achieve their objectives and the objectives of the organisation as a whole.   Following Alison’s recent return from maternity leave she takes on the role of Audit Manager for Ashford and Maidstone.


 

Auditors & Senior Auditors

Mark Goodwin (Senior Auditor): Mark joined Ashford Borough Council in January 1999 having previously worked at Maidstone Borough Council in an audit role.  He was a founder member of the Ashford and Maidstone Internal Audit Partnership before this developed into the four-way Mid Kent Audit Partnership in April 2010.  He is an experienced auditor who has audited extensively the full spectrum of Council services and activities across a number of local authorities. During 2015 Mark also completed a qualification as a CIPFA Accredited Counter Fraud Technician.

Claire Walker (Senior Auditor): Claire joined the audit partnership in September 2010, and has wide experience in a variety of sectors and bodies; Local and Central Government, Arts, Broadcasting, Financial Services, NGOs & Not For Profit Sector (domestic & foreign), also Lottery Fund distribution QUANGOS (New Opportunities Fund, Big Lottery Fund, Millennium, Commission, Olympic Delivery Agency, Heritage Lottery Fund, and Sport England) and the associated grant making programmes (in house and outsourced grant administered programmes).  Claire delivered some training & mentoring projects for the FCO, DFID and the World Bank in addition to work on European Social Fund projects.  Within Local Government Claire has undertaken a wide range of audits with a focus on legal compliance, contracts and governance arrangements.  Other audit experience covers outsourcing functions, due diligence, and fraud investigations. 

Jo Herrington PIIA (Auditor): Jo joined the audit partnership on 30 September 2013. She joined the partnership from Gravesham BC, where she worked for nearly nine years. She gained experience of working in the Finance department and the Revenues department before settling in the Internal Audit team in September 2009, who operated a shared management arrangement with Tonbridge & Malling BC. As part of the Internal Audit team she gained broad experience conducting financial and operational audit reviews, as well as being involved in working groups across the authority. Jo was promoted to the position of Senior Auditor during the 2015 restructure.

Jen Warrillow PIIA (Auditor): Jen joined Mid Kent Audit in September 2013 from Kent County Council where she trained as an Internal Auditor. She recently completed study for Practitioner of the Institute of Internal Auditors status and during 2015 studied to become a Chartered Member of the Institute.  At KCC Jen undertook a wide range of audits including financial, governance and grant funding internally for the Council and externally for Parish Councils.  Previous to joining KCC, Jen worked as an investigator for Swale BC and then Tonbridge & Malling BC.  Jen was promoted to the position of Senior Auditor during the 2015 restructure.  Jen is currently on maternity leave, scheduled to return to the team in July 2016.

Paul Goodwin AAT (Auditor): Paul has been employed by Tunbridge Wells Borough Council for over 26 years of which nearly all has been in Internal Audit. Paul is a qualified Accounting Technician.

Andy Billingham (Auditor): Andy joined the Partnership on 7 December 2015. He had previously worked for Swale Borough Council for 10 years within the Revenues and Benefits department gaining extensive knowledge of local government processes and procedures whilst dealing with complex disputes and representing the authority at Tribunals. Andy holds a degree in History as well as an Institute of Revenue Rating and Valuation qualification

Trainee Auditors & Others

Ben Davis (Trainee Auditor): Ben joined the team in March 2015 as a trainee auditor.  He holds a degree in Modern History from UEA and has previous experience in finance teams in the private and voluntary sectors.  Ben began training towards achieving a professional qualification through the Chartered Institute of Public Finance and Accountancy (CIPFA) and was successful in passing the first stage of the qualification in December 2015.

Helen Pike (Trainee Auditor): Helen joined the audit team in July 2015 as a trainee auditor.  Her previous work experience is extensive and incorporates spells in occupations as diverse as TV programme scheduling and emergency ambulance despatch but joined us most recently from the finance and administration team of the Kent Institute for the Blind.  Helen has recently embarked on studying for the Institute of Internal Audit Professional Certificate as the first step towards becoming a Chartered Internal Auditor (CIA). 

Louise Taylor (Audit Team Administrator): The Audit Partnership restructure in 2015 created the role of audit team administrator to assist the team in various tasks including monitoring performance management, archiving our reports and manging our audit software.  Following a trial period, this post was taken by Louise who had previously worked in the Planning department of Maidstone Borough Council and has extensive experience working with local authorities.

We also have facility within the audit service to seek and deploy additional specialist resource depending on the needs of the service and of our local authority partners. 

 

 


 

Appendix IIII: Assurance & Recommendation Ratings

Assurance Ratings 2016/17 (unchanged from 2014/15 and 2015/16)

Full Definition

Short Description

Strong – Controls within the service are well designed and operating as intended, exposing the service to no uncontrolled risk.  There will also often be elements of good practice or value for money efficiencies which may be instructive to other authorities.  Reports with this rating will have few, if any, recommendations and those will generally be priority 4.

Service/system is performing well

Sound – Controls within the service are generally well designed and operated but there are some opportunities for improvement, particularly with regard to efficiency or to address less significant uncontrolled operational risks.  Reports with this rating will have some priority 3 and 4 recommendations, and occasionally priority 2 recommendations where they do not speak to core elements of the service.

Service/system is operating effectively

WeakControls within the service have deficiencies in their design and/or operation that leave it exposed to uncontrolled operational risk and/or failure to achieve key service aims.  Reports with this rating will have mainly priority 2 and 3 recommendations which will often describe weaknesses with core elements of the service.

Service/system requires support to consistently operate effectively

Poor – Controls within the service are deficient to the extent that the service is exposed to actual failure or significant risk and these failures and risks are likely to affect the Council as a whole. Reports with this rating will have priority 1 and/or a range of priority 2 recommendations which, taken together, will or are preventing from achieving its core objectives.

Service/system is not operating effectively

 


Recommendation Ratings 2016/17 (unchanged from 2014/15 and 2016/17)

Priority 1 (Critical) To address a finding which affects (negatively) the risk rating assigned to a Council strategic risk or seriously impairs its ability to achieve a key priority.  Priority 1 recommendations are likely to require immediate remedial action.  Priority 1 recommendations also describe actions the authority must take without delay.

Priority 2 (High) – To address a finding which impacts a strategic risk or key priority, which makes achievement of the Council’s aims more challenging but not necessarily cause severe impediment.  This would also normally be the priority assigned to recommendations that address a finding that the Council is in (actual or potential) breach of a legal responsibility, unless the consequences of non-compliance are severe. Priority 2 recommendations are likely to require remedial action at the next available opportunity, or as soon as is practical.  Priority 2 recommendations also describe actions the authority must take.

Priority 3 (Medium) – To address a finding where the Council is in (actual or potential) breach of its own policy or a less prominent legal responsibility but does not impact directly on a strategic risk or key priority.  There will often be mitigating controls that, at least to some extent, limit impact.  Priority 3 recommendations are likely to require remedial action within six months to a year.  Priority 3 recommendations describe actions the authority should take.

Priority 4 (Low) – To address a finding where the Council is in (actual or potential) breach of its own policy but no legal responsibility and where there is trivial, if any, impact on strategic risks or key priorities.  There will usually be mitigating controls to limit impact.  Priority 4 recommendations are likely to require remedial action within the year.  Priority 4 recommendations generally describe actions the authority could take.

Advisory – We will include in the report notes drawn from our experience across the partner authorities where the service has opportunities to improve.  These will be included for the service to consider and not be subject to formal follow up process.


 

Appendix V: Performance Indicators

Area

Ref

Indicator

Finance

F1

Cost per audit day

 

F2

Audits completed on budget

 

F3

Chargeable days

 

Internal Process

I1

Full PSIAS conformance

 

I2

Audits completed on time

 

I3

Draft reports on time

 

Customer

C1

Satisfaction with assurance

 

C2

Final reports on time

 

C3

Satisfaction with conduct

 

Learning & Developing

L1

Implemented recommendations

 

L2

Training plan achieved

 

L3

Satisfaction with skills

 

 

 



[1] This is the definition of internal audit included within the Public Sector Internal Audit Standards

Our A-Z

If you cannot find what you are looking for in our search facility, you can use our A-Z index to find the service you require.

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z