Joint Audit and Governance Committee |
|
|
|
|
|
Report of Internal Audit Manager Author: Victoria Dorman-Smith E-mail: victoria.dorman-smith@southandvale.gov.uk South cabinet member responsible: Councillor Pieter-Paul Barker Tel: 01844 212438 E-mail: pieter-paul.barker@southoxon.gov.uk Vale cabinet member responsible: Councillor Andy Crawford Telephone: 01235 772134 E-mail: andy.crawford@whitehorsedc.gov.uk
To: Joint Audit and Governance Committee DATE: 31 January 2023 |
AGENDA ITEM |
|
|
Internal audit activity report quarter three 2022/23
|
(a) That members note the content of the report
|
Purpose of report
1. The purpose of this report is to summarise the outcomes of recent internal audit activity at both councils for the committee to consider. The committee is asked to review the report and the main issues arising and seek assurance that action will be/has been taken where necessary.
2. The contact officer for this report is Victoria Dorman-Smith, Internal Audit Manager for South Oxfordshire District Council (South) and Vale of White Horse District Council (Vale), email victoria.dorman-smith@southandvale.gov.uk.
Strategic objectives
3. Delivery of an effective internal audit function will support the councils in meeting their strategic objectives.
Background
4. Internal audit is an independent assurance function that primarily provides an objective opinion on the degree to which the internal control environment supports and promotes the achievements of the council’s objectives. It assists the councils by evaluating the adequacy of governance, risk management, controls and use of resources through its planned audit work and recommending improvements where necessary. After each audit assignment, internal audit has a duty to report to management its findings on the control environment and risk exposure and recommend changes for improvements where applicable. Managers are responsible for considering audit reports and taking the appropriate action to address control weaknesses.
5. Assurance ratings given by internal audit indicate the following:
Full assurance: There is a good system of internal control designed to meet the system objectives and the controls are being consistently applied.
Substantial assurance: There is a sound system of internal control designed to meet the system objectives and the controls are being applied.
Satisfactory assurance: There is basically a sound system of internal control although there are some minor weaknesses and/or there is evidence that the level of non-compliance may put some minor system objectives at risk.
Limited assurance: There are some weaknesses in the adequacy of the internal control system which put the system objectives at risk and/or the level of non-compliance puts some of the system objectives at risk.
Nil assurance: Control is weak leaving the system open to significant error or abuse and/or there is significant non-compliance with basic controls.
6. Each recommendation is given one of the following risk ratings:
High Risk: Fundamental control weakness for senior management action
Medium Risk: Other control weakness for local management action
Low Risk: Recommended best practice to improve overall control
Completed audit reports
7. As of 19 January 2023, since the last joint audit and governance committee meeting the following audits and follow up reviews have been completed:
|
Audit Area |
Assurance Rating |
Total Recs |
High Risk |
No. Agreed |
Medium Risk |
No. Agreed |
Low Risk |
No. Agreed |
|
1. Joint Information Security 22/23 (appendix 1) |
Limited |
11 |
6 |
6 |
3 |
3 |
2 |
2 |
|
2. Joint Housing Allocations 22/23 |
Satisfactory |
9 |
0 |
0 |
2 |
2 |
7 |
7 |
|
3. Joint Corporate Consultations 22/23 |
Satisfactory |
10 |
0 |
0 |
2 |
2 |
8 |
8 |
|
4. Joint Payroll 22/23 |
Substantial |
8 |
0 |
0 |
1 |
1 |
7 |
7 |
|
5. Joint Energy Rebate 22/23 |
Full |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
Follow Up Reviews
|
Audit Area |
Initial Assurance Given |
No. of Recs |
Implemented |
Partly Implemented |
Not Implemented |
No longer applicable |
|
6. Joint Contract Management 21/22 |
Satisfactory |
8 |
3 |
0 |
5 |
0 |
|
7. Joint S106 / CIL 21/22 |
Substantial |
3 |
3 |
0 |
0 |
0 |
8. Members of the committee are asked to seek assurance from the internal audit reports and/or respective managers that the agreed actions have been or will be undertaken where necessary.
9. A copy of each report has been sent to the appropriate service manager, the section 151 officer, and the relevant member portfolio holder. In addition, reports are now published on the councils’ intranet and limited assurance reports are reviewed by the strategic management team.
10. Internal audit carries out quarterly follow ups of key financial and operational audits to establish the implementation status of recommended actions.
Climate and ecological impact implications
11. There are no direct climate or ecological implications arising from this report.
Financial implications
12. There are no financial implications attached to this report.
Legal implications
13. None.
Risks
14. Identification of risk is an integral part of all audits.
VICTORIA DORMAN-SMITH
INTERNAL AUDIT MANAGER