Agenda and minutes

Venue: Brigade Headquarters, Stocklake, Aylesbury HP20 1BD. View directions

Contact: Katie Nellist 

Items
No. Item

2.

Minutes pdf icon PDF 259 KB

To approve, and sign as a correct record, the Minutes of the meeting of the Committee held on 11 November 2020 (Item 2)

Minutes:

RESOLVED –

 

That the Minutes of the meeting of the Overview and Audit Committee held on Wednesday 11 November 2020, be approved and signed by the Chairman as a correct record.

5.

RIPA Policy (Minute OA39 - 090316)

To note that there has been no covert surveillance conducted by officers since the last meeting of the Committee.

Minutes:

The Director of Legal and Governance advised Members that the Authority was the enforcing authority under the Regulatory Reform (Fire Safety) Order 2005 and as an enforcing authority, it had powers to undertake covert surveillance on individuals if necessary. It therefore had to comply with RIPA – the Regulation of Investigatory Powers Act 2000. The RIPA statutory guidance recommends that elected members be regularly appraised of any instances of covert surveillance.

 

RESOLVED –

 

To note that there had been no covert surveillance conducted by officers since the last meeting of the Committee.

6.

External Audit Plan

To receive a verbal update from Ernst & Young

Minutes:

The Associate Partner, Ernst & Young advised that the purpose of this verbal update was to bring Members up to date with the external audit timetable for the audit of the Authority’s financial statements for the 2020/21 Audit. Usually, Ernst & Young would have presented an Audit Plan that set out the audit strategy, but Members may be aware that nationally there were a number of outstanding 2019/20 external audits which were impacting on all audit suppliers taking account of the impact of Covid-19 and changes in the reporting timetables that took place last year. For that reason, Ernst & Young were only just commencing planning work this month. Once that was done, they would confirm their proposed assessment of audit risks and response ahead of receiving the draft accounts for audit.

 

The Associate Partner advised Members that the Ministry of Housing, Communities and Local Government (MHCLG) had been responding to the Sir Tony Redmond Review into the sustainability of financial reporting and external audit in England and following that, were proposing a timetable for the production of draft accounts and external audit for the 2020/21 financial year. The Authority had until the 1 August 2021 to produce draft accounts for publication and the targeted date for the audited financial statements was the end of September 2021. Based on the conclusion of the 2019/20 audit, the Associate Partner did not anticipate any significant changes in the audit approach this year.

 

A Member asked if the proposal to hold a referendum would be audited and was advised that the amount that would be set aside to hold a possible future referendum, as agreed at the Fire Authority meeting on 17 February 2021, would appear as a separate reserve account and would be picked up as part of the audit.

7.

Internal Audit Reports

7a

Final Audit Reports pdf icon PDF 124 KB

To consider Item 7a

Additional documents:

Minutes:

The Audit Manager advised that the purpose of this report was to update Members on the progress on the findings of the finalised internal audit reports issued since the last meeting. The following 2020/21 audits had been finalised; Core Financial Controls (Substantial Opinion), GDPR (Partial Opinion), Asset Management System (Partial Opinion) and Resources Management Application Audit (Partial Opinion).

           

The Core Financial Controls audit considered ten key risk areas and only two medium and one low priority findings were raised in the report. This resulted in a substantial opinion as no material weaknesses were found.

           

The GDPR Audit reviewed the Authority’s arrangements for data protection. Five key risk areas were considered, and five findings raised, one high, three medium and one low priority. The overall opinion for this audit was partial as it was found that some control areas were not being operated effectively. Actions had been agreed to address those weaknesses.

           

The Asset Management System audit reviewed the Authority’s arrangements for the purchase, custody and issue of assets, covering operational equipment and property assets. This audit concluded a partial assurance opinion as there were six high and four medium priority findings. The audit reviewed eight key risk areas and the conclusion found there were inadequate levels of internal control in place. Actions to address these had been agreed. However, due to the high-risk findings, further work would be undertaken in 2021/22.

           

The Resources Management Application (FSR) Audit was an IT audit undertaken by IT specialist auditors. The audit focused on three risk areas; logical access controls, change controls and IT operations and raised eight audit findings which resulted in a partial audit opinion. The actions had been agreed with officers and implementation would be monitored against agreed timescales.

           

A Member asked for a brief explanation of Finding 6 ‘Recording of Assets – Inaccurate records of stock’ and was advised that it followed on from a previous audit of Stores which identified a similar issue. Unfortunately, due Covid-19, Stores were impacted most in terms of working arrangements, and in the initial stages trying to secure enough PPE and hand sanitizer etc. A project would be put in place over the coming financial year and hopefully this would rectify a lot of the issues.

           

A Member asked a question regarding the Service Reviews on the Resource Management Application audit review and was advised that this related to ‘Fire Service Rota’ which was the system used to record who’s on duty, what skills they have, availability etc. This was a new system recently introduced and the issues highlighted in the report were consistent with what was expected from a new system, it was not saying there was no cyber security or backup, but that the Authority needed to get assurance from the vendor that this was in place.

 

RESOLVED -

 

That the recommendations raised in the finalised Internal Audit Reports be noted.

7b

Update on Progress of Audit Recommendations pdf icon PDF 126 KB

To consider Item 7b

Additional documents:

Minutes:

The Audit Manager advised that the purpose of this report was to update Members on the progress of the implementation of audit recommendations as of 5 February 2021. In total there were 37 recommendations to report on, the status of which were classified as follows; implemented 32/37 (86%), past due date (in progress) 5/37 (14%). Internal Audit continued to work with officers and to actively monitor implementation of all outstanding recommendations throughout the year.

           

RESOLVED –

 

That the progress on implementation of recommendations be noted.

7c

Internal Audit Strategy and Annual Internal Audit Plan 2021/22 pdf icon PDF 125 KB

To consider Item 7c

Additional documents:

Minutes:

The Audit Manager advised Members that this report sets out the Internal Audit Strategy and the proposed Internal Audit Plan for 2021/22. There were no material changes from the strategy of previous years, however, there remained some flexibility through a small provision of contingency days to enable the Director of Finance and Assets to work with Internal Audit to direct the work to the most appropriate areas. Regarding the Audit Universe (previous audit activity and assurance levels) Internal Audit had identified seven auditable areas for the year 2021/22 and these were set out at Appendix A, the proposed audit plan. Internal Audit had also listed three contingency audits that could also be considered for next year.

 

A Member asked about the Blue Light Hub Post Project Evaluation and was advised that this was primarily a financial audit, and the objectives were set out when the Authority undertook the project. The information would be used to inform a wider piece of work of lessons learned, and other benefits gained that perhaps weren’t anticipated, i.e., closer working with other blue light colleagues.

           

RESOLVED –

 

That Members approve the Internal Audit Strategy and Annual Internal Audit Plan

7d

Adopting CIPFA Recommended Assurance Opinions and Definitions pdf icon PDF 124 KB

To consider Item 7d

Additional documents:

Minutes:

The Audit Manager advised Members that the Chartered Institute of Public Finance and Accountancy (CIPFA) had recently released a paper which examined the case for standardising the terminology and definitions used in internal audit engagements across the whole of the public sector and had subsequently recommended a standard set of opinions and supporting definitions for internal audit service providers to use. To ensure that the Authority continued to conform to the best practice principles, Internal Audit recommended that the Authority adopt the standard definitions for its 2021/22 work and moving forward. The main changes to the assurance opinions, would be ‘partial assurance’ would change to ‘limited assurance’. ‘Limited assurance’ would change to ‘no assurance’.

           

RESOLVED –

 

That Members approve the adoption of the CIPFA standardised assurance opinions and definitions.

8.

Corporate Risk Management Policy pdf icon PDF 162 KB

To consider Item 8

Additional documents:

Minutes:

The Corporate Planning Manager advised that the purpose of this paper was to present Members with an updated policy and guidance note for Corporate Risk Management. The policy and guidance had been reviewed and updated to reflect the latest (2018) ISO 31000 Risk Management Guidelines to ensure that the Authority’s approach was aligned with international good practice; changes to Service internal governance structures (revisions to Management Boards’ terms of reference and the introduction of the Portfolio Management Office); and current Service Document publication protocols. No changes to the existing Corporate Risk Management reporting arrangements to the Overview and Audit Committee were proposed at this time. Members were advised that, if approved by the Executive Committee, some typographical adjustments would be made to the documents before publication.

 

A Member asked if the Corporate Risk Management Policy could be explained to new Members joining the Authority and was advised that it could be included as part of the induction training for new Members.

 

RESOLVED –

 

That the Committee recommend the Corporate Risk Management Policy set out at Annex A and Guidance at Annex B, to the Executive Committee for approval.

9.

Corporate Risk Management pdf icon PDF 145 KB

To consider Item 9

Additional documents:

Minutes:

The Corporate Planning Manager took Members through the six risks being monitored on the Corporate Risk Map. There were three risks being monitored at red rag status. The funding/savings risk; the staff availability risk due to the retirement profile and impact of Covid-19; and due to the impact of the recent court and tribunal decisions, the Firefighter Pension Schemes was being monitored as a separate risk due to the financial and resourcing implications, as well as potential implications for staff availability. There were two risks being monitored at amber rag status, the Pandemic Resurgence risk, everything possible was being done to control and reduce the risk to the workforce and also the public they interact with and the Information Security Risk.

 

The Director of Legal and Governance updated Members on the Information Security Risk. Microsoft had released security patches to resolve vulnerabilities in operating systems from Windows 7 onwards, this vulnerability would allow the virus/ransomware WannaCry to run. The ICT team had distributed the patches to all devices within 48 hours. Microsoft had also released urgent security patches to resolve vulnerabilities in the Microsoft Exchange Server. These patches were added in a pre-booked server maintenance window the following day and the Authority was now protected from this vulnerability. There had been a notification from the National Cyber Security Centre (NCSC) that a work email address of one of the Authority’s employees had been identified as being in the possession of Qakbot hackers. The ICT team took this notification seriously not least because it was first such notification it had received from the NCSC, and the ramifications of a ransomware infection were very serious. The ICT team spoke to the identified user and checked with the Authority’s security providers to ensure they offer protection to Qakbot, which they did.  After further advice from NCSC it was decided that the email address of the user would be deleted and replaced with a new address to ensure the threat has been removed.

 

A Member asked if Council email addresses could in anyway cause problems to the Authority’s email system and was advised that the Head of ICT would be asked to liaise with his counterparts at Buckinghamshire Council and Milton Keynes Council to see what was in place regarding security and firewalls.

 

The Corporate Planning Manager advised Members that the last risk was the risk associated with the move out of the transitional arrangements with the EU. With the UK’s departure, the risk had now been reduced to a green rag status. The Authority had not and did not expect to experience any material disruption to its operations as a result of this.

 

A Member asked for an update on where the Authority was regarding correspondence with Government over the level of financial support available and was advised by the Chief Fire Officer that the Chairman had written to all local MP’s, and meetings were being arranged to talk about the Authority’s financial position. Once those meetings had taken place, the outcome  ...  view the full minutes text for item 9.

10.

2019/20 Statement of Assurance pdf icon PDF 173 KB

To consider Item 10

Additional documents:

Minutes:

The Corporate Planning Manager advised Members that the purpose of this document was to provide the public and Government with assurance that the Authority met the requirements set out in the National Framework and accompanying Government guidance during the 2019/2020 financial year. The document closely followed the Government guidance and consolidated and summarised the findings of existing assurance processes relating to financial, governance and operational matters that were set up to meet other statutory and regulatory requirements of fire and rescue authorities. There was a new section included this year, which summarised the outcome of the HMICFRS inspection.

             

RESOLVED –

 

That the 2019/20 Statement of Assurance be approved for signature by the Chairman of the Overview and Audit Committee and the Chief Fire Officer

11.

Treasury Management Performance 2020/21 - Quarter 3 pdf icon PDF 359 KB

To consider Item 11

Minutes:

The Principal Accountant advised Members that for the financial year 2020/21 April to December, the accrued interest earned was £94k, which was £18.5k lower than the budget set for the same period. This was a direct impact of the low interest rates due to the Covid-19 pandemic and the low interest rates would certainly continue for the remainder of the financial year. The current forecast for the financial year 2020/21 was in the region of £100k. Officers continued to monitor the cashflow position daily to ensure the Authority can meet its short-term expenditure requirements and to maintain adequate liquidity. To support this, investments currently in place with a number of counterparties had frequent maturity dates. Looking ahead, it was anticipated that low interest rates would certainly continue into the next financial year. Therefore, the budget set for 2021/22 at the Authority meeting in February had been reduced from £150k to £30k.

           

RESOLVED –

           

That the Treasury Management Performance 2020/21 report be noted.

12.

2019-20 Annual Performance Monitoring Report pdf icon PDF 138 KB

To consider Item 12

Additional documents:

Minutes:

The Deputy Chief Fire Officer introduced the report and advised Members that this was a timely reminder to give assurance that despite the significant challenges faced by Covid-19 and the Services response to the pandemic, business as usual critical activities continued to be a priority and remained the primary focus.

 

The Data Intelligence Team Manager advised Members that this report provided a review of annual performance in relation to the Authority’s 2015-20 Corporate Plan objectives focusing, in particular on incidents in homes, workplaces, whilst travelling and in wider community settings. It covered the period 1 April 2019 to 31 March 2020. A summary of performance against key indicators indicated continued significant improvement against fie-year averages across most key indicators. In particular, accidental dwelling fires (down 15%), chimney fires (down 48%), non domestic property fires (down 19%) and deliberate primary fires (down 9%).

A Member asked for clarification on deliberate primary fires and deliberate secondary fires and was advised that the difference between primary and secondary was a fire term. Primary was something that was insurable, a home, a car, anything with some value. Secondary tended to be something that was derelict, or waste or rubbish, not something insurable.

 

RESOLVED –

 

That the outturn performance against the outcome measures specified in the Corporate Plan 2015-20 be noted

13.

Her Majesty's Inspectorate of Constabulary and Fire and Rescue Services (HMICFRS) - Buckinghamshire Fire and Rescue Service (BFRS) Round 2 Inspections, and Covid-19 report pdf icon PDF 193 KB

To consider Item 13

Additional documents:

Minutes:

The Head of Prevention, Response and Resilience advised Members that HMICFRS published Covid-19 inspection reports into all fire and rescue services on 22 January 2021. HMICFRS judged that this Service ‘responded well during the pandemic and provided additional support to its communities’. The Service had continued its prevention and protection activity, in a slightly modified form, but continued to support those at highest risk from fire and other emergencies. The Service had supported a range of partners, including the local resilience forum, local authorities, and at community level. Availability of resources had remained strong, and also central to the report a very positive commentary on how well the Authority had looked after its staff in terms of welfare arrangements, broader support and ensuring their safety and welfare was paramount.

 

The Head of Prevention, Response and Resilience advised Members that HMICFRS had configured the round 2 inspections of all 45 fire and rescue services, into three tranches. This service was in tranche 1. In preparation for round 2 inspections, a document request was received on 18 January 2021, along with a refreshed self-assessment template. HMICFRS would shortly open an independent reports line and conduct a staff survey, as with the round 1 inspections. The Service had now been informed that its inspection would take place around 24 May 2021. The inspection methodology had been reviewed within the Covid-19 restrictions, and will rely less on face-to-face interviews, and more on virtual engagement.

 

The Head of Prevention, Response and Resilience advised Members that the improvement plan had been developed addressing specifically the report recommendations and identified areas for improvement. Progress against the improvement plan continued to be strong and that learnings were being incorporated in preparation for the next inspection.

 

A Member asked about resilience following Covid-19 moving forward and was advised by the Chief Fire Officer that officers attend the Strategic Coordinating Group of the Local Resilience Forum weekly meetings and were part of the Tactical Coordination Group of the Local Resilience Forum. Officers attended meetings with both Buckinghamshire Council and Milton Keynes council in relation to Covid and the Covid response. The Service was engaged and involved at a strategic level in all areas and would be playing a part in the next steps moving forward.

                  

RESOLVED –

 

That the current position regarding the HMICFRS inspection programme, and preparations for BFRS’s round 2 inspection be noted.

14.

Operational Assurance Improvement Plan pdf icon PDF 157 KB

To consider Item 14

Additional documents:

Minutes:

The Head of Operational Training and Assurance advised that the purpose of this report was to provide Members with an update on the progress that continued to be made regarding the delivery of the Operational Assurance Improvement Plan. In 2016 the Service invited Operational Assurance Limited (OAL) to carry out an audit of its operational activities, a further three audits were carried out with the last one being in 2019. The contract had now concluded; however, good progress had continued to be made against the identified recommendations.  Furthermore, internal operational functions were more robustly monitored with recommendations and actions captured on the Operational Assurance Improvement Plan.

 

The OAIP was a dynamic document, used to enhance the ability to capture, scrutinise and respond to operational learning originating from events such as operational debriefs and Learning Review of Command (LRC) which were now customary for all notable incidents, assurance visits and external reviews, such as the Grenfell enquiry. The OAIP was reviewed quarterly by the Operational Assurance Group and updates to this Committee would continue to be given on the progress against the plan.

                          

RESOLVED –

 

That the progress made against each improvement recommendation detailed within the updated OAIP be noted.

15.

Grenfell Tower Inquiry Phase 1 Report Update pdf icon PDF 132 KB

To consider Item 15

Additional documents:

Minutes:

The Group Commander Technical advised that this report was to update Members on the progress to date in response to the Grenfell Tower tragedy on 14 June 2017, and in response to the recommendations made in the Grenfell Tower Inquiry Phase 1 Report, published on 30 October 2019. The report described how the initial improvement activities commenced immediately after the tragedy and did not wait for the recommendations to be published. Significant progress had been made in implementing National Operational Guidance across the Service, and within the Thames Valley, and the Service had been proactive in its approach to collecting, assessing and sharing site-specific risk information. The Service’s fleet was well-equipped, and there was continued investment in equipment to assist in dealing with these risks.

 

The Group Commander Technical advised Members that the report also described the prevention challenges, where it was often the case that people who were vulnerable to the risk of fire also resided in many of the high rise buildings. The report also summarised the engagement initiatives and interventions undertaken to make these residents safer. The report highlighted how the protection teams were well-aware of the challenges and risks associated with methods of modern building construction, and how they had taken a targeted approach to ensuring the highest risk premises remained safe. The Protection teams had also been proactive in liaising with other local authority departments responsible for enforcing areas of the building where the Authority was not the enforcing agency.

 

In terms of the recommendations from the Phase 1 report, 15 were complete, 18 were in progress and the Service was prepared for the impacts of the remaining 13. Looking forward, the Authority had received some central support grant funding, which was being used to bolster Protection capacity and capability. Specific funding had also been allocated to support investment in technology to assist in implementing the Inquiry recommendations.

 

A Member asked if there was anything further the Service could do in relation to the poor response to consultations with hard-to-reach communities who often lived in these buildings and was advised that this was being managed by the Prevention Team who had been particularly proactive in ensuring that the stations and community safety teams were engaging with those at-risk people. The Prevention Team worked very closely with local authorities, landlords and resident groups, and with a range of partners to try to understand the risk and vulnerability impacts on residents and how this can be addressed as closely as possible through the Service’s prevention work.

 

A Member asked about plans for a building in central Milton Keynes that would be around 23 floors high, and had the Authority been involved in the fire safety aspects of the planning application and also with taller buildings coming to Milton Keynes, was the Authority anticipating increasing its capacity to deal with any incidents that may occur and was advised that the Authority was a statutory consultee under building control matters and in relation to the impact any new building  ...  view the full minutes text for item 15.

16.

Forward Plan pdf icon PDF 49 KB

To note Item 16

Minutes:

The Chairman brought the Forward Plan for future Overview and Audit Committee meetings to the attention of Members.

 

RESOLVED –

 

That the Forward Plan be noted.

 

Before he closed the meeting, the Chairman thanked all Members and officers for their hard work over the year and also thanked Councillor Mallen, Vice Chairman of the Overview and Audit Committee, who would not be standing for re-election in May this year.

 

 

 

                           THE CHAIRMAN CLOSED THE MEETING AT 12.05 PM