Joint Audit and Governance Committee


HELD on Tuesday 28 March 2023 at 6.30 pm

Northbourne room, didcot civic hall, Britwell road, didcot, ox11 7hn



Present in the meeting room


South Oxfordshire District Councillors: Peter Dragonetti and, Celia Wilson (in place of Mocky Khan)

Vale of White Horse District Councillors: Andy Foulsham (Co-Chair – in the chair) and, Mike Pighills

Officers: Steve Culliford (Democratic Services Officer), Emily Barry (Democratic Services Officer), Simon Hewings (Head of Finance), Victoria Dorman-Smith (Internal Audit and Risk Manager) and, Yvonne Cutler-Greaves (Risk and Insurance Team Leader)

Guests: Councillor Andrew Crawford (Vale of White Horse District Council Cabinet Member for Finance and Corporate Assets)




60         Apologies for absence


Apologies for absence were received from Councillor Mocky Khan, who was substituted for Councillor Celia Wilson, Councillor Jane Murphy, Councillor George Levy and Councillor Simon Howell. Maria Grindley and Richard Tebbs, both from external auditor EY, had also sent their apologies for absence.




61         Minutes


RESOLVED: to approve the minutes of the meeting held on 31 January 2023 as a correct record and agree that the chair sign these as such.




62         Declarations of interest


There were no declarations of interest.




63         Urgent business and chair's announcements


The chair welcomed everyone to the meeting, outlined the procedure to be followed and advised on emergency evacuation arrangements. The chair highlighted that risk and assurance now falls under the remit of the Internal Audit.


The chair noted that Bishops Fleming have been appointed as the councils’ external auditors and have been in contact with regards to meeting with the co-chairs.


Apologies were received from EY, the external auditor. They had been unable to submit the audit planning paper as they were running behind with this but this would be sent to the committee for information as soon as it was received.


The external audit of the councils’ Statement of Accounts was currently in progress with an expected completion date of 30 April 2023. The Government was consulting on changing the deadline for councils’ approval of Statements of Accounts to 31 May. It was felt by officers and the committee that this was inconvenient timing.


The chair made a request that the committee members advise of anything they considered would be helpful to committee members appointed under the new administration. It was requested feedback was sent directly to the Head of Finance.




64         Public participation


There was no public participation.




65         Internal audit management report - fourth quarter 2022/23


The committee received and noted the internal audit management report for the fourth quarter 2022/23 presented by the internal audit and risk manager. In summary a further two audits had been completed this quarter, seven were in progress and 14 were due to start in the fourth quarter. The internal audit manager reflected good progress was being made against the audit plan and that Internal Audit hoped to have completed the plan by 31 March 2023. The Afghan/Ukraine assistance audit had been deferred slightly due to a change in direction and ongoing work.


The committee asked what had been done with regards to businesses not paying their Non-Domestic Rates and enquired as to whether this was a weakness. The internal audit and risk manager noted that no issues had been found in the sample set internal audit had audited but she would check with the Revenues and Benefits Manager. She advised the committee that it would stay on Internal Audit’s radar but it was a challenge to prove properties were being missed. The internal audit and risk manager did note that there had been an improvement year on year in this area and Capita had allocated additional resource to the inspection area.


The committee thanked the internal audit and risk manager and the internal audit team for getting the high number of reports through.


As members were satisfied with the report, and the actions contained within it, they agreed to note the report.


RESOLVED: to note the internal audit activity report for quarter four 2022/23.




66         Internal audit activity report - fourth quarter 2022/23


The committee received and noted the internal audit activity report for the fourth quarter 2022/23 presented by the internal audit and risk manager. The internal audit and risk manager informed the committee that there were zero limited assurance reports. She informed the committee two audits had been completed this quarter and both received an assurance rating of satisfactory.


As members were satisfied with the report they agreed to note the report.


RESOLVED: to note the internal audit activity report quarter four 2022/23




67         Quarterly update on internal audit recommendations


The committee received and noted the quarterly update on internal audit recommendations presented by the internal audit manager and risk manager.


The internal audit and risk manager confirmed this was only the second time the report has been brought to committee. She confirmed from the two audits which had been carried out there were 19 new actions. Despite this the overall position had improved with 35 actions that had been closed. There were now 129 open actions compared to the previous report which had detailed 151 open actions.


The internal audit and risk manager highlighted to the committee that there were three high risk actions which related to the information security and property compliance audits but that the action owners were on target to deliver these actions by the end of June.


There was an ongoing need for the internal audit team to validate actions taken but there had been good engagement from teams and there was an improving general trend.


The chair reflected that the report had been a helpful addition to the committee and thanked the internal audit team for their work on it.


RESOLVED: to note the quarterly update on internal audit recommendations.




68         Internal audit plan 2023/24


The committee considered the internal audit and risk manager’s report, which proposed the internal audit plan for 2023/24. The chair confirmed that a formal decision was required for this item in order to approve the plan.


The internal audit and risk manager introduced the report and summarised how the report was put together. She noted there were a number of factors to consider including corporate risk, priorities for service teams, external factors and areas which had not been audited for some time. The internal audit and risk manager reflected that whilst the plan was for 12 months there was a scheduled review at six months but also a need to remain flexible. Therefore it could be reviewed or changed before this.


The committee highlighted that this was a lot of work for a small team. The internal audit and risk manager identified that the plan is based on budgeted time and that not all audits would take the same amount of time due to their differing risk and complexity. She was confident that the plan could be delivered but did note that there is a growing trend towards having plans based on a much shorter timeframe (three months) and agreed to keep the plan under review.


The committee reflected that quarterly reviews of the plan would be helpful.


The committee enquired as to whether there would be an audit of Climate and Biodiversity as they currently had no risk rating. The internal audit and risk manager identified this was a record of audits which had been carried out and as this was a relatively new team/function no audit had been completed. The list was all areas that they could look at and this would be kept under review.


The chair noted that page 33, section 14 of the report provided a very good summary of what internal audit does.


RESOLVED: to approve the internal audit plan 2023/24.




69         Corporate risk review


The committee considered the head of finance’s report on the quarterly corporate risk review. The risk and insurance team leader introduced the item. The committee was informed that the number of risks had increased from 16 to 24. Seven of these risks were new risks. Some the risks which had been added to the register were refugees risk of homelessness, the waste contract ending in June 2024, that the Environment Act had still not had the details published and there could be a resulting failure to respond, understanding the effects on local residents of housing refugees in their community, failure of the transformation programme to deliver on the set targets, the cost of running leisure centres in light of rising fuel costs and the failure to plan for long term impact of increased inflation on our finances.


Two cyber security risks had been mitigated as a result of the segregated nature of cloud hosting. However the offline back ups remained a risk area. It was hoped this would be mitigated by July 2023 when Havant Council was desegregated from the Five Councils Partnership.


The risk and insurance team leader also highlighted that council owned assets were a risk but that detailed risk assessment plans had been carried out across all council owned premises.


The committee enquired as to whether the requirement for photo ID in order to vote would be a risk. The risk and insurance team leader informed the committee that a great deal of work had been done to mitigate this risk through communications, training on managing the requirement and publicity of the requirement but that a reputational risk remained.


The committee were relieved to see a reduction in the IT risk. Members extended thanks to the risk and assurance team as well as colleagues in IT who had achieved this.


The committee did not feel that the number of risks on the risk register going up was something to be concerned about. Instead it demonstrated an awareness of the environment in which the council operated.


RESOLVED: to note the corporate risk review report.






70         Work Programme


The committee noted the committee’s work programme and the democratic services officer informed the committee of the items that were scheduled to come to the next committee meeting on the 4 July 2023.


The head of finance pointed out the requirement to sign off the Statement of Accounts within a set timeframe and that this might therefore require a separate committee meeting to those currently scheduled. It was likely that the sign off could the first meeting of the committee following the elections and there would therefore need to be training for new members of the committee.


The committee suggested that a training session immediately before the meeting would be beneficial even if this required a change to the start time of the meeting to allow attendance. They requested that they were kept informed of arrangements and that as much notice is given as possible of meetings.


The committee enquired as to the progress on the appointment of an independent person to the Joint Audit and Governance Committee. The democratic services officer confirmed that appointment would be made after Council approves the renumeration and there would be more information on this post elections.


The chair thanked both committee members for their work over the past four years and officers for their support with this.


RESOLVED: to note the work programme.







The meeting closed at 7.18 pm




Chair                                                                           Date