Proposed Internal Audit Plan 2018/19
The Chief Auditor submitted his report to the Committee to consider the proposed internal audit plan for 2018/19.
The Chief Auditor said his report sought approval to proceed and went on to give a brief outline of the plan. He said that the plan was designed to discharge the core audits as soon as practical and that the remainder of it was taken up by topical audits with built in flexibility for emerging risks. There was an outline of each audit in the pages behind the calendarised schedule which also included the reason for each audit. He highlighted that the Section 106 audit was there because of the financial materiality and change in key personnel and that the audit of the General Data Protection Regulations (GDPR) was included because of the inherent financial risk and potential damage to reputation.
Councillor Charman said that Members were aware Section 106 monies being due to the Council but could not be sure what it was being spent on and that it would be useful if it was more transparent. The Chief Auditor said the intention of this audit had originally been to provide the committee with just an assurance of effectiveness of the controls over accuracy. He pointed out that it was a complex area but would broaden the scope to include transparency.
Councillor Chowney welcomed the audit of S106 administration. He said it was an area where the public think money disappears. He also welcomed the audit of GDPR arrangements and pointed out that there were complexities that made it difficult for Members to adhere to the regulations. He asked for the GDPR audit to cover both the Council and Members.
Mr Lloyd-Thomas asked if Councillors maintain private email accounts as well as HBC email accounts? He went on to say that there was differing legal advice within the Authorities, for example, some Members are advised to keep emails within the confines of their Authority account and others told they can use their private account.
Councillor Charman explained that anything related to your role as a Councillor should be contained within the Council’s systems. This way is easier for Members,the data is managed and it is within the Council’s policies. The main issues are that you cannot use your HBC Councillor email address on leaflets during purdah. Any emails received have to be forwarded to your Councillor email to deal with. During purdah it is confusing and clarification by an audit would be welcome.
Councillor Charman referred to the GDPR audit and explained that the only time she emails to her personal account is when it is necessary print. She recommended Audit attend the GDPR training for Members in order to observe what issues they have been having. She suggested asking Members to complete a questionnaire to see if there are more action points, might be a good way forward
The Assistant Director, Financial Services and Revenues advised that new tablets were on the way to replace the current iPad devices.
Councillor Rankin said the Council should produce a Policy document to keep Members safe. The Assistant Director, Financial Services and Revenues advised that he would check with the Head of Information Technology, if this is in the pipeline. He referred to the cost of fines up to either - 4% of turnover which would equate to around £3.6million for the Council.
Councillor Rankinasked if the new iPads will have keyboards? Councillor Chowney said having tested the device that the tablet will have a keyboard. As a window device it is easy to use and no heavier than the iPad. He said he was impressed with it and could even log into Outlook Webmail.
Councillor Sinden asked if creditors were going up or down. The Chief Auditor said the value of payments made to creditors was going down. He said that he had done some spend analysis a few years ago and the spend was reducing. He said that the Procurement Spend audit would include the up to date position on the amount of transactions and expenditure trends in the Audit Committee summary report.
Councillor Chowney queried the relevance of Petty Cash audit and asked why it was needed when many use contactless cards. He also questioned the meaning of ‘Cash and Bank’. The Chief Auditor said Petty Cash re-imbursements were limited to only £15 and is only held in a few places, for example, the general office, bike hut and Crematorium. He said, however, that it gives him a good indication of whether the £15 limit is being adhered to as well as what type of items are going through it. There have been problems before and so it needs to be done every few years. Clearly the materiality is low and so we will not be spending long on it.
The Chief Auditor said that the ‘Cash and Bank’ audit is one of the top 3 largest core audits that we do. It covers bank statements, mandates etc. but the main area is to do with the suspense account and very complex bank reconciliations.
Councillor Rankin asked ifit is the general suspense income which can’t be allocated. The Assistant Director, Financial Services and Revenues advised that money is received in a variety of forms, for example, cheque, credit card payments, direct debit, council tax, grants etc. When money comes in it needs to be given the right code. Also, there is a need to check the right VAT markers quickly or potentially lose 20%. With regard to the general suspense account, many payments for bills are received without any account reference on them or on occasions, not even what the payment is for so we have people clearing the general suspense account by investigating these payments and coding them correctly. It is necessary that income is correctly coded for external audit sign-off.
RESOLVED (unanimously) that the Audit Committee approves the Internal Audit Plan 2018/19.
The reason for the decision was: To ensure that proper financial management arrangements and controls are in place and operating effectively in the Council.
Audit Committee approval of the Internal Audit plan provides clear authority for Internal Audit to discharge the assignments listed therein and enable monitoring of the efficiency and effectiveness of Internal Audit.??