Agenda item

The Committee received the 2021/22 Business Assurance Strategy update, including progress against the Internal Audit Plan. The 2021/22 Internal Audit Plan had been reviewed to identify the key audit activities to be delivered having taken consideration of the priorities within the Directorates and working around the service reviews that were currently in progress.

The Business Assurance Strategy; including the Internal Audit Plan was agreed by the Audit Board and by the Audit and Governance Committee in June 2021. The Internal Audit Plan was produced with reference to the Strategic and Directorate Risk Registers; and informed through discussion with the Senior Leadership Teams for each Directorate, Heads of Finance, Section 151 Officer and the Deputy Chief Executive.

The Internal Audit Plan had been dynamic with activity reviewed on a regular basis taking account of new, emerging and changing risks and priorities. Quality Business Assurance updates were reviewed for appropriateness by each Directorate Leadership team and their views sought on the work of the Business Assurance Team. Progress against the strategy had been presented to, and agreed by, the Audit Board.

From the review of the plan with directorates, 31 out of 94 audits had been deferred or cancelled, reasons for those changes were provided within appendix 1 of the report. The Business Assurance Team had also undertaken Covid-19 grant certification work, to ensure grants were used in accordance with the relevant terms and conditions and that reconciliations for monies spent on the Covid response were up to date.

There were 4 overdue management actions out of 253 which was a positive position and the CIPFA external assessment of the Council’s conformance with the Public Sector Internal Audit Standards had been completed and reported very positively on the Council’s internal audit team and processes (discussed under agenda item 8). Business Assurance Activity for the year was listed within the report, as was the internal audit plan with those audits marked as ‘final draft’ in the process of being agreed by the relevant Head of Service/Service Director and would be presented at the next meeting.

The Business Assurance Team had also been working closely with the Revenues and Benefits Teams to investigate any potentially fraudulent Covid-19 Business Rate Grant Claims. Members noted that the initial Covid related grants were assurance checked post-payment whereas the later grants received pre-payment checks. Other cases under investigation were also noted within the update. Work continued on progression the review of key financial systems that interface with the SAP finance system.

In addition, Members also sought information on the following:

-          The process for recollection of fraudulent Covid grants was explained. The debt collection team were following up issues which had been a mixture of payments made in error and fraudulent cases. Once cases were identified, businesses were approached to discuss recovery of funds and where there was no resolution reached the prosecution process was commenced. 

-          The IT Audit Needs Assessment was noted as ‘final report’ and this would be amended to show as ‘complete’ on page 49 of the agenda pack. This work had been undertaken by Mazars.

-          The new transport system ONE was in the process of being implemented by the Client Transport Service and mapping had been undertaken to establish what was needed ahead of it going live. Business Assurance were working closely with the service on the oversight of suppliers and this was also regularly reviewed by the improvement board. Close relationships amongst some of the suppliers were being monitored.

-          Prior to any deferrals on the Internal Audit Plan as noted on Appendix 1, discussions would be held with the particular directorate to understand the risks and the Committee would be kept updated of progress and work undertaken to address these risks.

-          The three audits within Children’s Services had been deferred to allow time to reflect on the Ofsted inspection. Business Assurance was working closely with the directorate and these areas would be updated in time for the next meeting of the Committee.

-          The Property and Assets, Wycombe Old Library audit had been cancelled as the project had been completed and the service was acting on lessons learnt. The Health and Safety audit within Property and Assets had been cancelled as a mechanism had been implemented whereby each directorate appointed a health and safety champion and time would be given to see how this worked in practice.

-          The Resources, General Ledger audit had been cancelled as an assurance pack within corporate finance had been developed and progress was being reviewed to assess the completeness and adequacy of the controls.

RESOLVED –

That the report be noted.