Agenda item

To consider a report of the Director of Finance.

The Director of Finance submitted a report detailing the work undertaken by the Risk Management and Internal Audit Service in-between April 2017 to 2 February 2018 in respect of the approved Plan for 2017/18.

The key priorities for the Risk Management and Insurance team during 2017/18 were detailed as follows:-

·         To review the risk management system to ensure that it complied with best practice but was still practical for use by the organisation;

·         To facilitate the delivery of risk workshops to enable both the Corporate Risk Register to be updated and Operational Risk Registers to be maintained by managers;

·         To facilitate the continued implementation of the Information Governance Framework and prepare for the introduction of the General Data Protection Regulations in May 2018;

·         To review the Business Continuity Management system in place to streamline the process to create a management tool that was workable, with the capability to provide knowledge and information should a major incident occur affecting service delivery; and

·         To continue to support managers to assess their risks as services were redesigned to ensure that changes to systems and procedures remained robust and resilient offering cost effective mitigation and that claims for compensation could be successfully repudiated and defended should litigation occur.

Panel Members were notified that progress to review the risk management process had been delayed due to capacity issues and conflicting priorities.  A review would be undertaken in the coming months in conjunction with Tameside and Glossop Clinical Commissioning Group.  Work had focused on the information governance agenda in light of the introduction of the General Data Protection Regulations, which would become effective in May 2018 together with the new Data Protection Act.

It was reported that a redesign of the team proposed the deletion of two existing posts (Risk and Insurance Manager and Risk and Insurance Officer), which would be replaced with two Risk Insurance and Information Officers.  Recruitment to the posts was currently underway.  Work was ongoing in terms of insurance renewal to meet the deadline of 31 March 2018.

With regard to Internal Audit, reference was made to the Audit Plan, which had been approved in May 2017 and covered the period April 2017 to March 2018.  An update on progress against the plan to 2 February 2018 was provided.  It was reported that 83% of the audit plan had been achieved so far, which was an increase on previous years.  It was explained that a detailed review of the audit plan had been undertaken in conjunction with senior management and the original plan of 1,666 days had been revised to 1,479 days with 185 days rescheduled for 2018/19.

During the period October 2017 to February 2018, five final reports were issued in relation to systems, risk and managed audits.  In addition, five draft reports had been issued for management review and responses and these would be reported to the Panel in due course.  Three school audits were completed during the period, the results of which were summarised.  In addition, two further audits had been completed and the draft reports had been issued to the Schools for management review and responses.  Eleven Post Audit Reviews had been completed during the period, taking the total to 23 for the year to date, and a further 19 were in progress.

It was reported that the review of Internal Audit against the Public Sector Internal Auditing Standards highlighted that the service was fully compliant with the requirements of the standard.  The Public Sector Internal Auditing Standards, introduced from April 2013, required at Standard 1312 that each organisation’s internal audit service was subject to an external assessment “once every five years by a qualified, independent assessor or assessment team from outside the organisation”.  The Peer Review for the Council would be conducted by Blackpool and Bolton and take place from 12 - 14 March 2018.

The Internal Audit Charter for 2018/19 had been refreshed and was appended to the report.  It covered definition, responsibility and objectives of internal audit, independence and scope of internal audit, opinion work, reporting internal audit access right and resources.

An update was given on the annual governance statement development areas as follows:-

·         Children’s Services

·         Risk Management and Business Continuity Planning

·         Health and Safety

·         Managing Change

·         Care Together

·         Vision Tameside

·         Pension Fund Pooling of Investments

An update was also provided on work undertaken on National Anti-Fraud Network Data and Intelligence Services.

With regard to Irregularities / Counter Fraud Work a summary of cases, which had been investigated during the period, was provided.  In total, 21 cases had been received with 14 still under investigation.  A table detailing the fraud type, number of cases, value, the amount recovered to date and potential annual savings was outlined. 

In relation to Local Audit and Accountability Act 2014, Mazars LLP had been appointed as the Council’s new external auditor from 2018/19 until 2022/23.  The Council would work with both the existing auditors, Grant Thornton, and Mazars to ensure a smooth transition took place.

RESOLVED:

That the report and performance of the Service Unit for the period April 2017 to 2 February 2018 be noted.