To consider the attached report.
Contact Officer: firstname.lastname@example.org
The Committee received the 2019-20 Annual Report of the Chief Internal Auditor for Buckinghamshire County Council. The report outlined the Internal Audit work undertaken by the Business Assurance Team for the year ending 31 March 2020 and sought to provide an opinion on the adequacy of the control environment detailing the incidences of any significant control failings or weaknesses. The overall report informed the Annual Governance Statement that would be published with the Statement of Accounts.
Members were informed that The Account and Audit Regulations 2015 required the Council to maintain an adequate and effective Internal Audit Service in accordance with proper internal audit practices. The Public Sector Internal Audit Standards (PSIAs) required the Chief Auditor to provide an annual opinion, based upon and limited to the work performed, and on the overall adequacy and effectiveness of the organisation’s systems of internal control which consisted of a framework of governance, risk management and control.
The annual report set out the basis for the audit opinion. With effect from 1 April 2013, the Public Sector Internal Audit Standards had been introduced as mandatory guidance that constituted the principles of the fundamental requirements for the professional practice of internal auditing within the public sector.
The Internal Audit Service had operated in accordance with these standards, however, during 2019-20 there had been the following areas of non-conformance with those standards:
· The Chief Auditor had operational management responsibility for the Risk Management and Strategic Insurance functions, so was not wholly independent. The risk of conflict of interest was managed partially through the Risk Management Group who under the direction of the Chairman of the Regulatory and Audit Committee, monitored and reviewed the adequacy and effectiveness of the risk management strategy and process; and, where audit activity was undertaken in areas where the Chief Auditor had operational responsibility, reports were sent directly to the Director of Finance and Procurement (Section 151 Officer) or Monitoring Officer. Regular reporting to the Corporate Management Team of Strategic Insurance team performance had occurred during 2019/20.
· A Quality Assurance and Improvement Programme had been drafted however remained incomplete, as the planned PSIAs compliance assessment that was to be performed by an independent assessor had been cancelled due to their capacity issues coupled with Covid-19 pressures. In the interim the Business Assurance Team had carried out a review of its processes to ensure continuous improvement within the Internal Audit function and as part of the unitary readiness, and the outcomes of these reviews would be included in the team’s business improvement plan. The Business Assurance Team performed a self-assessment of 118 standards and confirmed general compliance with 111 and partial compliance with six. The outcome of this self-assessment was being fed into a Quality Assurance and Improvement Programme, and the areas of partial compliance were not deemed significant and did not compromise the integrity of the Internal Audit function.
The Committee was informed of all the factors and information that had been considered in giving an overall opinion. Based on the work performed, on the experience and knowledge of previous years’ performance and the current climate in which the Council was operating which included the unitary readiness activity, the Chief Auditor’s opinion on the adequacy and effectiveness of the Council’s internal control framework was of reasonable assurance. The overall system of internal control facilitated the effective exercise of the Council’s functions and provided an unqualified opinion regarding the effective, efficient and economic exercise of the Council’s functions for 2019/20.
The governance framework remained stable and continued to strengthen with collaboration and accountable values demonstrated by the Business Units across the Council. Although arrangements changed during the latter part of the year as the organisation prepared for the new unitary Council, the improved governance, and the enhanced accountability culture remained and through this sustained scrutiny exposed some legacy weaknesses in key systems of control. Namely, Integrated Transport where significant weaknesses were identified in the financial management, contract management and delivery of the service. A new Corporate Director and a new Service Director had been appointed in Q3, following which significant improvements had been made.
The unqualified opinion was evidenced by the outcomes of internal audits, including investigations into financial irregularity; the implementation of audit actions and the robustness of the Risk Management Framework.
Members sought additional information and were informed:-
(i) Commissioning/Contract Management (Key Control System) – that a whole new team and Head of Service were in place, and were proactively addressing issues to improve this area, in particular the key weaknesses that had been identified in Integrated Transport.
(ii) that a report on Counter Fraud would be submitted to the Committee in January 2021.
(iii) that the strategic procurement team was working hard to ensure that data within CMA was provided in a timely manner.
Members thanked the Head of Business Assurance and her team for the robust report and the internal audit work that had been done by her team, and it was –
That the 2019-20 Annual Report of the Chief Internal Auditor for Buckinghamshire County Council be noted.