Agenda and minutes

Apologies were received from Councillors D Anthony, A Christensen, T Dixon, M Dormer, C Etholen and M Hussain.

Councillor L Clarke OBE declared a personal interest in agenda item 6, Business Assurance Update as she was the Chairman of the Buckinghamshire and Milton Keynes Fire Authority Executive Committee for which an audit was referred to within the accompanying Internal Audit Plan.

To approve as a correct record the minutes of the meeting held on 22 March 2022.

The Chairman advised of a correction to minute item 7, Risk Management Group update. The minute noted that the Risk Management Group would review the Secondary School Transfer Results System Failure action plan at its meeting of 25 April, however it was agreed by the Risk Management Group that the action plan would be presented to a future meeting rather than the meeting held on 25 April.

The Vice-Chairman reported that at the previous meeting Mr Glenn Watson was introduced and welcomed by the Committee, Mr Watson would attend and support the Committee in the role of Principal Governance Officer.

RESOLVED –

That the Minutes of the meeting held on 22 March 2022, be approved as a correct record subject to the above amendments.

The Committee received an update report on the Buckinghamshire Council Statement of Accounts 2020/2021 which provided Members with information on the work the external auditors were undertaking to progress delivering their responsibilities.

Mr Richard Ambrose, Service Director for Corporate Finance and Section 151 Officer and Mr Iain Murray, Grant Thornton attended to present the update. The report noted that upon receiving the latest version of the financial statements, there were a number of issues identified, including:

• Missing primary statements such as group cash flows and comparative figures for the group’s balance sheet,
• Inconsistencies between the word formatted statements and the notes forming part thereof,
• A lack of schedule which reconciles the movements from the first version of draft financial statements and the latest version.

A number of queries had been raised in respect of group accounts and the external auditors were waiting for management’s assessment of the components for potential consolidation. The external auditors had also encountered significant difficulties with the bank reconciliation process and there were a number of areas which were now with the Council for ratification. It was understood that the impact of the actions management had proposed would result in changes to loans, debtors and creditors disclosed in the financial statements and may result in the need for additional audit testing in those areas.

There were 90 sample items for which the external auditors were awaiting evidence, these related to a number of areas of the financial statements. There were also general queries raised in the areas of Grant income; Housing Benefits Expenditure; Capital commitments; Leases; Financial Instruments; Derecognition of Schools; and Expenditure and Funding Analysis (EFA) and pooled budget notes.

Further to the above, which were specific to the Council’s audit, there was a sector wide matter causing further delay to Local Authority audits. The CIPFA Code of Practice on Local Authority Accounting prescribed the accounting treatment and disclosure requirements for infrastructure assets. The Code required infrastructure to be reported in the Balance Sheet of depreciated historical cost, that was historic cost less accumulated depreciation and impairment. The Code also required a reconciliation of gross carrying amounts and accumulated depreciation and impairment from the beginning to the end of the reporting period. These requirements of the Code derived from IAS 16 Property, Plant and Equipment. There was a concern that audited bodies were not able to apply the full requirements of the Code, in particular derecognition of parts of assets where the subsequent expenditure on them was capitalised. This issue was currently being considered by CIPFA via an Urgent Task and Finish Group with an outcome anticipated in June 2022.

During the discussion, issues raised included:

• The significant reason for the issues noted above related to the challenges of amalgamating the five separate legacy councils accounts. This large task had been made further difficult by staffing vacancies and ongoing staffing changes. Many of the staff from legacy authorities had since left the employment of the Council which resulted in reduced corporate memory and affected the  ...  view the full minutes text for item 4.

The Committee considered a report which contained the draft Annual Governance Statement (AGS) for 2020/21. This was the first AGS for Buckinghamshire Council and related to the first year of operation as a unitary authority, with a focus on the Council’s response to the Covid-19 pandemic. The AGS was usually presented with the Statement of Accounts, however due to the delay in presenting these it had been decided to bring the draft AGS to this meeting with the final version to be presented in July.

The AGS had been drafted by giving consideration to the Council’s sources of assurance on internal control and is structured in accordance with CIPFA guidance. The role of the Audit and Governance Committee was to review the AGS to provide assurance that it reflected the evidence considered by the Committee over the year (2020/21), and that the actions identified were appropriate. The draft AGS could be updated in the period up until the Statement of Accounts were recommended for approval at the Audit and Governance Committee in July. Once the Committee had approved the statement it would be presented to the Chief Executive and Leader of the Council for signing and be published on the Buckinghamshire County Council website with the Statement of Accounts once approved.

The full Draft AGS was appended to the report.

During discussion, key points highlighted included:

• The report on the whole, identified good governance frameworks leading to relatively few recommendations.
• The Committee thanked officers for a clear and comprehensive report which produced a very positive statement.
• Areas recommended to be considered for inclusion in to the action plan and general recommended changes, these included:
  • The resourcing difficulties which the Committee and Risk Management Group had frequently heard of over the past twelve months.
  • Strengthening the risk management activity and risk registers, although it was noted that the CIPFA review recognised that the Council’s Risk Management process was embedded and robust.
  • Noting the roles of Service Directors and Heads of Service where key roles were referred to on page 24 of the reports pack.
  • Third bullet point, at ‘E. Developing the entity’s capacity, including the capability of its leadership and the individuals within it’, on page 29 of the reports pack, to include reference to members, along with officers who were expected to complete mandatory training.
  • Within the same section, reference should be made to roles of officers and members having been strengthened through recent changes made to the Constitution.
  • Page 24, noted that there were four Select Committees, the Committee this be updated to reflect that there were more (6).
  • Re-wording the reference made to the webcasting of meetings, Members noted that it was not all Committee meetings that were webcast.

• The Principal Governance Officer advised of changes to the future presentation of the AGS. These included having a local code, which described the Council’s governance processes and supplemented the AGS which could then assess against the local code how effective the governance processes were working. This  ...  view the full minutes text for item 5.

The Committee considered a report which presented the 2021/22 Business Assurance Strategy update, which included progress against the Internal Audit Plan. The 2021/22 Internal Audit Plan had been reviewed to identify the key audit activities to be delivered considering the priorities within the Directorates and working around the service reviews that were underway.

The Business Assurance Strategy; including the Internal Audit Plan was agreed by the Audit Board and by the Audit and Governance Committee in June 2021. The Internal Audit Plan was produced with reference to the Strategic and Directorate Risk Registers; and informed through discussion with the Senor Leadership Teams for each Directorate, Heads of Finance, Section 151 Officer and the Deputy Chief Executive. The Internal Audit Plan continued to be dynamic in nature with activity reviewed and realigned on a regular basis to take account of new, emerging and changing risks and priorities. Progress was regularly reviewed by the Audit Board.

Quarterly Business Assurance updates were presented to each Directorate Leadership Team providing updates on the planned audit and assurance activity, which were reviewed for appropriateness each time. Views of the directorates were also sought on the work of the Business Assurance Team to enable continuous improvement and ensure that the needs and expectations of the organisation were met.

The detailed Business Assurance update was appended to the report.

During discussion, points raised included:

• Members recognised the high volume of work undertaken by the Business Assurance team.
• The team was currently going through its service review which reviewed the staffing structure. It was hoped that this would be agreed circa August 2022 and recruitment activity could then be planned as required. There had been changes within the team since the time of the last meeting with three leavers, backfilling options were being explored, although as noted in earlier items there was a wider shortage of qualified staff. The team was exploring how to make best use of frameworks such as the London APEX audit framework.
• The team remained busy reviewing grant certification work, this work looked to check that expenditure was in line with the relevant conditions of the respective grant. A number of these required returns to be sent to Central Government. A Grant Assurance Framework was currently being produced.
• Assurance work around the Council’s Ukraine response was underway. The team was reviewing payment processes, ensuring controls were in place and regular catch ups with key groups were being held. The team was supporting the risk management aspect of this work and ensuring risk registers were in place.
• Work had been undertaken on the South East Aylesbury Link Road (SEALR) project, findings raised had identified further areas to review within the appropriate service area to ensure adequate frameworks were in place to give assurances around other major projects underway. 
• Work also continued on the review of key financial systems, with outcomes of the audit work then being fed in to the enterprise resource planning (ERP) system specification work.
• In relation to the national Council Tax rebate  ...  view the full minutes text for item 6.

The Committee received a report providing an update on the 2022/23 Internal Audit Plan.

The 2021/22 Internal Audit Plan continued to be affected by the impact of the Covid-19 pandemic, as well as the capacity constraints across the organisation, which may also be attributed to the Service Reviews that were in-progress. The Internal Audit plan had to remain dynamic in nature and be realigned on a regular basis to take account of new, emerging and changing risks and priorities. The plans had been very fluid during 2020/21 and this continued into 2021/22 due to ongoing Covid-19 related assurance requirements such as grant income verification work and post payment assurance for business grant payments.

The 2022/23 Internal Audit planning process was in progress and would be discussed with Corporate and Service Directors before being presented to the Corporate Management Team and Audit Board for agreement. The Audit Manager had attended a leadership team meeting within all services to discuss audit requirements for 2022/23. The planning process would involve a review of key priorities and risk registers for each of the Directorates.

The 2022/23 Internal Audit Plan would be presented to the Audit and Governance Committee for approval at the July meeting. During Q1, the deferred and carried forward 2021/22 Internal Audit activity would continue, in agreement with the relevant Service Director. The priority of each of the deferred audits would be assessed in consultation with the service. The Covid-19 related assurance activity would continue during Q1 as the final reconciliations and returns were collated. Members were requested to propose any audit areas to be considered for inclusion in the plan.

The deferred/carried forward audits were appended to the report, broken down by Directorate.

During discussion, key points highlighted and recommended areas for auditing included:

·   Childrens Services audits that had been cancelled/deferred due to the recent OFSTED inspection, particularly in light of the further OFSTED review on SEND.

·   Fix my Street which was recognised as the main tool to report highways issues for residents

·   Abandoned vehicles, on which Members received complaints from residents

·   The impact of the Queens speech on areas such as GDPR and the Mental Health Act. The Committee heard that the Business Assurance team would liaise closely with information and governance colleagues and decide on an appropriate date for the GDPR audit. At the point that Deprivation of Liberty Standards would be looked at, the team would ensure that it was compliant with all legislation in place at that time.

RESOLVED –

That the report be approved.

The Committee received a report which provided an update on the Risk Management Group (RMG) meeting held on 25 April 2022. The RMG considered the Planning, Growth and Sustainability (PGS) at this meeting. Risks were discussed in detail, as were the mitigating actions which were challenged by the Group. Members noted the key risk themes that came out of each of the meetings as detailed in the report.

The Group also considered a ‘horizon scanning’ paper which included new and emerging risks for discussion, including displaced persons, inflation and the introduction of care costs cap.

Members were advised that the dates for the coming year’s meetings of the RMG were currently being finalised and would be available at the next meeting.

RESOLVED –

That the report be noted.

The Committee received a report which detailed that a review of the effectiveness of the Audit and Governance Committee was scheduled to take place in June 2022. The review would be based on the CIPFA publication “Audit Committees: Practical Guidance for Local Authorities (2018)”. The review would be carried out through consultation with members of the committee and officers who had attended meetings on a regular basis. The report would be presented to the Audit and Governance Committee meeting on 28 July 2022.

RESOLVED –

That the report be noted

The Committee considered the latest action log as attached to the agenda pack.

The Committee heard that there had been a number of minor rounding updates to be made to the Farnham Park Sports Fields Charity Annual Report and Financial Statements 2020/21 which ensured notes reconciled with statements and this had been completed. Members were updated that the Section 151 Officer was the signatory for signing the accounts off for 2020/21 although this would change for subsequent years. The same applied for the Higginson Park Trust.

RESOLVED –

That the action log be noted.  

The Committee was advised that the Chief Auditor was in the process of putting the 2022/23 Audit and Governance Committee work programme together, in liaison with the Principal Governance Officer and this would be attached to the agenda of the next meeting of this Committee.

RESOLVED –

That the work programme be noted.  

Resolved:

that under Section 100(A)(4) of the Local Government Act 1972, the public be excluded from the meeting on the grounds that it involves the likely disclosure of exempt information as defined in the paragraph indicated in Part 1 of Schedule 12A of the Act.

RESOLVED –

That pursuant to Section 100(A)(4) of the Local Government Act 1972 the public be excluded from the meeting during consideration of Minutes No 13, 14 and 15, on the grounds that they involve the likely disclosure of exempt information as defined in Part I of Schedule 12A of the Act as defined as follows:

Minute 13 – Confidential Minutes of the Audit and Governance Committee held on 22 March 2022.

Minute 14 – IT Audit Report – Cyber Security

Minute 15 – Summary of Completed Audits and Audit Actions

Minute 16 – Action Log (confidential)

The items include Information relating to the financial or business affairs of any particular person (including the authority holding that information) (Paragraph 3, Part 1 of Schedule 12A, Local Government Act 1972) (The need to maintain the exemptions outweighs the public interest in disclosure, because disclosure could prejudice the Council’s position in any future process or negotiations).

That the confidential Minutes of the meeting held on 22 March 2022 be approved as a correct record.

RESOLVED –

That the confidential Minutes of the meeting held on 22 March 2022, be approved as a correct record.

The Committee considered a confidential report which detailed the internal audit on cyber security and received an update from Mr Martin Baird, Internal Auditor, Mazars. The audit provided an evaluation of, and an opinion on the adequacy and effectiveness of the system of internal controls that were in place to manage and mitigate the cyber security risks.  The Committee held a detailed discussion on the contents of the report receiving reassurances on various aspects of the audit work and noting actions to be taken to ensure risks were appropriately mitigated.

RESOLVED –

That the report be noted.

The Committee considered a confidential report which provided an overview of the internal audits that had been completed and detailed the progress against the audit management actions by each directorate.

RESOLVED –

That the report be noted.

To note the current Action log (confidential).

The Committee considered the confidential action log and

RESOLVED –

That the current Action Log (confidential) be noted.