|
|
|
|
|
|
Report of Internal Audit
Manager
Author: Victoria
Dorman-Smith
E-mail: victoria.dorman-smith@southandvale.gov.uk
SODC cabinet member
responsible: Councillor Leigh Rawlins
Tel: 01189
722565
E-mail: leigh.rawlins@southoxon.gov.uk
VWHDC cabinet member
responsible: Councillor Andy Crawford
Telephone: 01235
772134
E-mail: andy.crawford@whitehorsedc.gov.uk
To: Joint Audit and
Governance Committee
DATE: 15 November
2022
|
AGENDA
ITEM
|
|
|
Mid-Year
Review of Internal Audit Plan 2022/23
|
Recommendations
(a) That members approve the updated
internal audit plan 2022/23
|
Purpose of
report
1.
The purpose of this report is to:
·
summarise the outcomes of the mid-year review of the annual
internal audit plan for 2022/23: and
·
present the updated internal audit plan 2022/23.
2.
The contact officer for this report is Victoria Dorman-Smith,
Internal Audit Manager for South Oxfordshire District Council
(SODC) and Vale of White Horse District Council (VWHDC), email
victoria.dorman-smith@southandvale.gov.uk.
Strategic Objectives
3.
Delivery of an effective internal audit function will support the
councils in meeting their strategic objectives.
Background
4.
The Public Sector Internal Audit Standards (PSIAS) states that the
head of internal audit should prepare a
risk-based internal audit plan, and for plans to receive input from
management. The PSIAS also states that the audit committee should
approve the internal audit plan and monitor progress against the
plan.
5.
It is best practice to continually monitor and assess the internal
audit plan throughout the year, to ensure it remains flexible and
reactive to changing risks and events. As such, a mid-year
review of the internal audit plan was undertaken by the internal
audit manager to ensure that it remains relevant and aligns to
corporate objectives.
Internal Audit Plan 2022/23: Mid-Year Updates
6.
In September 2022,
meetings were held between the internal audit manager and the
senior management team (SMT) to understand if there have been any
changes to the level of risk exposure within each service area
across both councils, since the initial discussions in February
2022. Based on the outcome of these meetings, the internal
audit manager updated the internal audit plan 2022/23 (appendix
1), which has been agreed with the head of finance (S151
officer) and considered by SMT. A summary of updates is
outlined as follows:
|
Service
Area
|
Audit
Topic
|
Comments
|
|
Planning
|
Building
Control
|
Audit
deferred, pending requirements of new legislation (Building Safety
Act 2022).
|
|
Housing &
Environment
|
Mobile Home
Parks
|
New
audit added to Q4 to undertake a high-level review of MHP
operations.
|
|
Finance
|
Cash
Office
|
New
audit added to Q3 to review cash office arrangements, following the
move to Abbey House.
|
|
Policy &
Programmes
|
Garden
Communities
|
Audit
changed from consultancy to assurance review. Revised scope to
provide assurance on the compliance of processes to policies and
procedures.
|
|
Active
Communities
|
New
audit added to Q4 to review management of programme/schedule of
work, including allocation of funds.
|
Climate and ecological impact
implications
7.
There are no direct
climate or ecological implications arising from this report.
However, per the climate action plan, for each individual audit in
the 2022/23 internal audit plan, we will include risk
considerations for the climate emergency in our audit
work.
Financial
implications
8.
The internal audit
plan can be delivered from within the approved 2022/23 budget,
therefore there are no financial implications attached to this
report.
Legal implications
9.
None.
Risks
10.
Identification of risk
is an integral part of all audits.
Mid-Year Updates to the Internal Audit Plan 2022/2023
Planned Audits
(Assurance and Consultancy)
|
No.
|
Service Area
|
Audit Topic
|
Risk Score
(min. 7, max 21)
|
April to September (1st
Half)
|
October to March (2nd
Half)
|
|
Q1
|
Q2
|
Audit Status
|
Q3
|
Q4
|
Audit Status
|
|
1
|
Development & Corporate Landlord
|
Grounds &
Parks Maintenance (incl. ROSPA, Tree Management &
Inspections)
|
17
|
|
|
|
X
|
|
In Progress
|
|
2
|
Planning
|
Ocella System
Functionality (Consultancy)
|
14
|
|
X
|
Completed
|
|
|
|
|
3
|
Housing & Environment
|
Housing
Allocations
|
12
|
|
X
|
Completed
|
|
|
|
|
4
|
Temporary
Accommodation
|
10
|
|
|
|
|
X
|
Not Started
|
|
5
|
Food Safety
|
11
|
|
|
|
|
X
|
Not Started
|
|
6
|
Mobile Home
Parks (NEW)
|
12
|
|
|
|
|
X
|
Not Started
|
|
7
|
Finance
|
Financial
Accounting
|
19
|
|
X
|
Completed
|
|
|
|
|
8
|
Energy
Rebate
|
17
|
|
X
|
Completed
|
|
|
|
|
9
|
Leases
|
13
|
|
|
|
X
|
|
In Progress
|
|
10
|
Discretionary
Fund
|
17
|
|
|
|
X
|
|
Not Started
|
|
11
|
Cash Office
(NEW)
|
17
|
|
|
|
X
|
|
Not Started
|
|
12
|
Legal & Democratic
|
Gifts &
Hospitality (Officers & Councillors)
|
11
|
X
|
|
Completed
|
|
|
|
|
13
|
Community
Safety
|
9
|
X
|
|
Completed
|
|
|
|
|
14
|
Corporate Services
|
Grievance
Policy
|
12
|
X
|
|
Completed
|
|
|
|
|
15
|
Information
Security
|
21
|
X
|
|
Completed
|
|
|
|
|
16
|
ITGC (Council
Managed Systems)
|
20
|
X
|
|
In Progress
|
|
|
|
|
17
|
Health &
Safety (incl. Lone Working)
|
16
|
|
X
|
Completed
|
|
|
|
|
18
|
Corporate
Consultations
|
10
|
|
|
|
X
|
|
In Progress
|
|
19
|
Policy & Programmes
|
Corporate
Delivery Framework
|
14
|
|
|
|
|
X
|
Not Started
|
|
20
|
Business
Continuity
|
17
|
|
|
|
|
X
|
Not Started
|
|
21
|
Risk
Management
|
17
|
|
|
|
|
X
|
Not Started
|
|
22
|
Garden
Communities
|
16
|
|
|
|
|
X
|
Not Started
|
|
23
|
Active
Communities (NEW)
|
8
|
|
|
|
|
X
|
Not Started
|
Mid-Year Updates to the Internal Audit Plan 2022/2023
Annual Key Financial Audits
|
No.
|
Service Area
|
Audit Topic
|
Risk Score
(min. 7, max 21)
|
April to September (1st
Half)
|
October to March (2nd
Half)
|
|
Q1
|
Q2
|
Audit Status
|
Q3
|
Q4
|
Audit Status
|
|
24
|
Corporate Services & Finance
|
Payroll
|
21
|
X
|
|
Completed
|
|
|
|
|
25
|
Finance
|
Council
Tax
|
19
|
|
X
|
In Progress
|
|
|
|
|
26
|
Finance
|
Accounts
Receivable
|
18
|
|
|
|
X
|
|
In Progress
|
|
27
|
Finance
|
Housing
Benefits & Council Tax Reduction Scheme
(HB&CTRS)
|
19
|
|
|
|
X
|
|
In Progress
|
|
28
|
Finance
|
National
Non-Domestic Rates (NNDR)
|
19
|
|
|
|
X
|
|
In Progress
|
|
29
|
Finance
|
Accounts
Payable
|
19
|
|
|
|
|
X
|
Not Started
|
|
30
|
Finance
|
Capital
Management & Accounting
|
15
|
|
|
|
|
X
|
Not Started
|
|
31
|
Finance
|
General
Ledger
|
18
|
|
|
|
|
X
|
Not Started
|
|
32
|
Finance
|
Treasury
Management
|
18
|
|
|
|
|
X
|
Not Started
|
High Level Audit Scope
|
No.
|
Service Area
|
Audit Area
|
Audit Scope
|
|
Planned Audits (Assurance &
Consultancy)
|
|
1
|
Development
& Corp. Landlord
|
Grounds &
Parks Maintenance (incl. ROSPA, Trees)
|
ROSPA inspections and reporting. Tree management
and inspections. Grounds and parks maintenance processes, including
stock management and procurement.
|
|
2
|
Planning
|
Ocella System
Functionality
|
Utilisation of Ocella system functionality by
planning teams and identification of process
efficiencies.
|
|
3
|
Housing &
Environment
|
Housing
Allocations
|
Allocations are performed consistently and
fairly, in line with formal procedures.
|
|
4
|
Temporary
Accommodation
|
Accommodation is provided consistently and
fairly, in line with formal procedures.
|
|
5
|
Food
Safety
|
Food safety inspections process. Management of
individual contractors. Response to Covid-19
regulations.
|
|
6
|
Mobile Home
Parks (NEW)
|
High level review of MHP operations.
|
|
7
|
Finance
|
Financial
Accounting
|
Accounts preparation process, including
adherence to the latest guidance and standards.
|
|
8
|
Leases
|
Operating and finance leases are accounted for
correctly under IFRS16. Readiness for updated IFRS16.
|
|
9
|
Energy
Rebate
|
Energy rebates issued in line with government
guidance.
|
|
10
|
Discretionary
Fund
|
Discretionary funds issued in line with
government guidance.
|
|
11
|
Cash Office
(NEW)
|
Cash office policy, procedures, and controls at
Abbey House.
|
|
12
|
Legal &
Democratic
|
Gifts &
Hospitality
|
Reporting and monitoring of officer and
councillor gifts and hospitality.
|
|
13
|
Community
Safety
|
Contents and application of the Community Safety
Partnership annual plan.
|
|
14
|
Corporate
Services
|
Corporate
Consultations
|
Consultations are transparent, fair, and
documented. Actions are implemented timely.
|
|
15
|
Grievance
Policy
|
Established processes to respond to officer
grievances in a consistent and fair manner.
|
|
16
|
Health &
Safety
|
Incident management, risk assessments, lone
working procedures, hybrid working, performance
reporting.
|
|
17
|
Information
Security
|
IT and data security management in hybrid
working arrangement. Preparation and response to cybersecurity
incidents. Cybersecurity awareness of officers and
councillors.
|
|
18
|
ITGC (Council
Managed Systems)
|
Logical access, change management, IT operations
and physical security controls over council managed IT
systems.
|
High Level Scope
(Continued)
|
No.
|
Service Area
|
Audit Topic
|
Audit Scope
|
|
Planned Audits (Assurance &
Consultancy)
|
|
19
|
Policy & Programmes
|
Corporate Delivery Framework
|
Contents and application of the corporate
delivery framework.
|
|
20
|
Business Continuity
|
Contents and application of the councils’
business continuity plan.
|
|
21
|
Risk Management
|
Risk management methodologies follow best
practice whilst meeting the needs of the councils.
|
|
22
|
Garden Communities
|
Compliance of processes to policies and
procedures, including non-financial management processes retention
of documentation.
|
|
23
|
Active Communities (NEW)
|
Management of programme/schedule of work,
including allocation of funds.
|
|
Annual Key Financial
Audits
|
|
24
|
Finance
|
Accounts
Payable
|
Invoice and refunds processing. Duplicate
suppliers and payments. Manual, direct debit and BACS payment
transactions.
|
|
25
|
Finance
|
Accounts
Receivable
|
Invoice processing, including periodic invoices.
Recovery, aged debts, cancellations and write offs. Invoice
suppressions. Raising invoices by service teams performed in
accordance with financial procedures.
|
|
26
|
Finance
|
Capital
Management & Accounting
|
Capital financial strategy and asset management
plan. Capital contracts and budget monitoring. Completeness and
accuracy of asset register, including reconciliations.
|
|
27
|
Finance
|
Council
Tax
|
Liabilities, including discounts and exemptions.
Payments, credits, refunds, and suspense transactions. Recovery,
enforcement, and write-offs.
|
|
28
|
Finance
|
General Ledger
|
Bank reconciliations. Suspense account balances
and transactions. Journal transfers, including authorisation and
documentation.
|
|
29
|
Finance
|
Housing
Benefits & Council Tax Reduction Scheme
|
Housing benefits and CTRS payments. Benefits
assessments and subsidy claims. Benefit overpayments.
|
|
30
|
Finance
|
National
Non-Domestic Rates (NNDR)
|
Valuation records for new and amended
properties. NNDR billing, payment, and refund transactions. Debt
recovery and write offs.
|
|
31
|
Corporate
Services & Finance
|
Payroll
|
Amendments to standing data (starters, leavers,
overtime, variations). Monthly payroll processing. Payroll records,
including reconciliations between systems.
|
|
32
|
Finance
|
Treasury
Management
|
Investments and borrowings (including
authorisation, counterparty limits, coding). Treasury management
performance. Access level controls within treasury management and
banking systems.
|