Agenda and minutes

In accordance with the Council’s Constitution, Members are asked to declare any interest that they may have in any matter which is to be considered at the meeting.

There were no declarations of interest.

The minutes of the meeting held on 26 September 2018 were confirmed as correct.

The report summarised the key findings from the 2017/18 External Audit, which covered the 2017/18 Financial Statements and Value for Money conclusion. An unqualified opinion was issued in respect of the accounts and KPMG were satisfied that the Council had satisfactory arrangements in place to secure value for money. All the issues in the letter have been previously reported. The key recommendations were listed in appendix 1 of the report.

The Committee noted the report.

The Incoming Independent External Auditors (BDO) audit plan 2018/19 set out for the Committee an overview of the planned scope and timing of the audit, as required by International Standard on Auditing (UK & Ireland) 260.The plan was to enable the Committee to understand the consequences of BDO’s work, discuss issues or risk and the concept of materiality with the Independent Auditors. The contents of the Audit Plan had been discussed with management.

Liana Nicholson, BDO, outlined that the plan contained the audit scope, objectives and the key audit risks which included valuation of the council assets and pension liabilities. In addition, the timetable of the External Audit 2018/19 was included in the report.

The Audit Plan referred to the componentisation of Council dwellings which was identifying values to different parts of a dwelling (e.g a roof) and attributing different estimated useful economic life to each of them. For dwelling properties, BDO considered the split between land and buildings used in the External Audit 2017/18 to be unusual and that the dwelling properties were not componentised. Members asked why this had not been adopted for dwellings. The Chief Accountant stated that this was mitigated in the majority of dwellings as each of the assets were valued annually and if not they were not revalued, could be split in this way.

David Eagles referred to the Audit Plan for the Pension Fund, also contained in the report to Committee. This again summarised the planned audit strategy for the year ended 31 March 2019 in respect of the audit of financial statements, comprising materiality, key audit risks and the planned approach to these. He referred to significant risks and the timetable for the external audit, which included infrastructure and private equity.

Members referred to a risk management controls and the reliance on performance related business i.e the outturn.

Members asked about the risk of related party transactions, which had been for the pension fund accounts. David Eagles responded that there was the potential for risk as some Councillors were members of the Local Government Pension Fund.

The Committee noted the report and contents of the Audit Plan.

The Council was required by the Accounts and Audit Regulations 2015 to publish its audited Annual Accounts by the 31 July each year. 2017/18 was the first year in which the Council had to meet a tighter deadline, which was two months less than in previous years. The Council met this new deadline and published its accounts by the 31 July 2018. However, meeting this deadline remained a significant challenge for Councils and Auditors going forward.

The report outlined the process, plan and timetable for preparing the Statement of Accounts for 2018/19 to enable the Council to discharge its statutory responsibilities and publish the audited accounts by the 31^st July 2019.

The report also considered the lessons that were learned from the 2017/18 audit process in order to ensure continuing improvements in the closing processes for the future. In addition, the report included recommendations from the outgoing External Auditors for action in 2018/19. It was considered that there were several activities, procedures and processes that could be improved in future external audits, including balance sheet reconciliation and over/under receipting.

As stated in their report to the Committee, the outgoing External Auditors (KPMG) had issued an unqualified opinion on the Authority’s financial statements on 31 July 2018, which meant that they believed the financial statements gave a true and fair view of the financial position of the Authority and of its expenditure and income for 2017/18. The financial statements included those of the pension fund.

Members enquired as to what steps the Council were taking to reduce the risk of error in its accounting in relation to the significant and other risks identified by the incoming External Auditors, BDO. The Chief Accountant advised that he will be reviewing the audit process and would implement any new actions, in discussions with BDO. He was seeking to improve the structure of the accounts, which would assist members in their understanding and improve the narrative report. In answer to further questions, he stated that narrative changes would be reflected in the future statements of accounts and External Audit Plan.

The Committee noted:

The preparatory work which has been undertaken by officers to plan and prepare for the closure of the 2018/19 Statement of Accounts to enable the audited accounts to be published by the 31 July 2019 and the key deadlines and process.

This report brought together all aspects of internal audit work undertaken to date during 2018/19.  The report detailed audit progress and results from 1 July-30 September 2018 (Quarter 2) and included details of the overdue high-risk recommendations outstanding and actions being taken by management to address these.

The Interim Head of Internal Audit highlighted the progress in implementing the audit recommendations. She advised Members on specific risk and compliance audits that had been removed from the 2018/19 including Adoptions (follow-up): This had been added to Quarter 3’s internal audit plan (October-December 2018). A full review had been added following the “no assurance” report issued in Quarter 2 and management had reacted positively to the proposed recommendations from Internal Audit and they would action these changes.

The Interim Head of Audit referred to the outcomes from finalised 2018/19 internal audit work and this included the audit on Cyber Security, which had been at limited assurance level, management had taken responsibility for the issues of risk identified and were progressing actions to reduce that risk.

Members referred to the risk and compliance audit on Special Guardianship Orders (SGO’s) that had been removed from the 2018/19 internal audit plan.

They requested whether this could be considered in the 2019/20 internal audit plan, which would be submitted to the Committee for approval in due course. (A special guardianship order is an order appointing one or more individuals to be a child's 'special guardian'. It is a private law order made under the Children Act 1989 and is intended for those children who cannot live with their birth parents and who would benefit from a legally secure placement.)  

The Committee noted the report.

The report brought together all aspects of counter fraud work undertaken to date during 2018/19.  The report detailed progress from 1 July to 30 September 2018 (Quarter 2).

The Committee noted the report.

In the year that saw the biggest changes in data protection law in 20 years coming into effect, the report provided an update on information governance issues within the Council. This report also set out the work that has been competed in the past year. Information Governance primarily focussed on the Council’s obligations under the Freedom of Information Act, Local Authority Transparency Code and the new General Data Protection Act and the Data Protection Act 2018 (GDPR).

Members asked about the way in which officers may have learnt from adverse events in the year and the actions taken to deal with data breaches. The Head of Client Unit stated that every organisation had a responsibility to deal with trying to reduce and mitigate data breaches and in this respect, training was provided annually for staff on a mandatory basis, which was in line with the requirements of the Information Commissioner. He added that the Council conducted spot checks to check if staff were complying with data protection in terms of its clear desk policy and not discussing confidential matters in open plan offices. Whilst it was not possible to stop data breaches occurring, the Council addressed such matters swiftly.

Members enquired about the depth staff training on data protection and the GDPR. The Head of Client Unit advised that the majority of Council staff were required to complete the I-Learn course annually, in line with the Information Commissioner’s guidelines. Staff then receive a certificate as evidence that they had completed the course, however a number of specialist staff were given additional detailed training specific to their roles, such as child protection.

In answer to a question about the security of the Council’s website access, the Head of Client Unit confirmed that members of the public used “My Account” for access to services which related to their own data and was highly secure. In terms of staff access to ICT systems, in line with the principles of GDPR, Council staff only had access on a “need to know” basis, which was was fully audited and monitored to ensure confidentiality was maintained, with actions taken if any breach occurred by staff.

The Committee noted:

(i)  The work that has been on-going to improve Information Governance within the Council; and

(ii)  The planned actions for 2019/20.

This report provided the Audit and Standards Committee with an update of complaints against Members of the Council, their current status, outcome and actions taken.

In accordance with the Code of Conduct and Complaints Procedure, the Monitoring Officer conducts an initial assessment of complaints about Members of the Council against approved criteria and may consult with the Independent Person and try to resolve matters informally if possible or appropriate.  If the complaint requires further investigation or referral to the Audit and Standards Committee there may still be a hearing of a complaint before its Sub-Committee.

Since reporting to the Committee on 25 July 2018, there had been two complaints received by the Monitoring Officer. Both were dismissed at the first stage by the Monitoring Officer by reason of no evidence of a breach.

The Committee noted the report.

This report provided the information on registrations of gifts and hospitality received by Councillors and Officers, to enable a periodic review of the same and to consider any comments or observations considered appropriate in this regard.

The report also provided a periodic review of the Gifts and Hospitality Registers, and highlighted that systems are in place to ensure Members and officers are aware of the need to inform the Monitoring Officer and complete the forms to register any gifts and hospitality or other benefits received where the value of the item or benefit exceeds an amount of £50. Appendices to the report highlighted declarations of gifts and hospitality by Councillors and officers.

The Committee noted the report.

Members noted the workplan and referred to the Committee’s terms of reference that they discussed at the last meeting. They noted that the current version had been sent to them prior to the meeting showing in detail the areas that are currently covered in the Constitution and the areas that could be considered to be amended in future.  They requested that this would be an agenda item at the next meeting pending any subsequent review of the terms of reference, which would need to be agreed by Assembly.

Members noted the workplan.