Agenda item

To receive the report from the Internal Audit and Risk Manager.

The committee received the internal audit update report for quarter two 2023/24, presented by the internal audit and risk manager. The report summarised the outcome of the work done in quarter two, and the progress made against the 2022/23 and current year internal audit plans.

The internal audit and risk manager noted that she had received a 100 per cent response rate from action owners, an improvement on previous quarters. In addition, 40 actions had been completed in the quarter and 161 were open. She confirmed to members that progress on last year’s audit plan was good with only one more audit to finalise, which was about to be issued in final. In addition, she noted that there was also good progress being made on the current year’s audit plan, but that staff sickness had put some audits on hold. The internal audit and risk manager then informed members that the committee had been presented with the two limited assurance reports: the first on health and safety 2022/23 and the second on the report lifecycle process 2023/24.

On the health and safety report, the auditor informed the committee that a number of staff changes in the service required a revised report and that progress had been made on some of the recommendations but that some of the actions were overdue. The head of corporate services also noted the staffing issues in the health and safety team had caused delays in progressing the audit actions but that they now had a full-time interim officer in place for the remainder of the calendar year who put out reminders to all teams to review their risk assessments and to ensure they were fit for purpose. He also highlighted to members that a recruitment exercise was ongoing for full-time senior officer and adviser positions.

Members of the committee asked the officers about some of the public liability insurance for contractors being not found or below the normal level of insurance. In response, the council auditor confirmed that he could go back to the audits to check for the reason but assured members that they would need the review and approval of the relevant head of service before being signed off. 

The committee also discussed the due dates displayed on the internal audit plan and requested that the original due dates for actions be kept in the plan as well as the revised dates in order to help better track the actions.

The committee inquired into homeworking and the head of corporate services clarified that officers of the councils were employed on hybrid contracts, not homeworkers, which would be a different contract and the people and culture manager added that all hybrid staff were responsible for completing a Display Screen Equipment assessment and that the councils had a comprehensive homeworking policy.

The second limited assurance report brought to the committee was on the report lifecycle process. Members noted that it was one of the first to use a new layout, something they greatly appreciated as they commended the new style’s clarity. The internal audit and risk manager welcomed the members comments on the new style and was open to sending the cover pages of all reports to members in the new style, not just the limited assurance reports, and this was an approach the committee welcomed.

Members inquired into point 6 in the report, ‘consultation with experts’, and asked for assurance that the reports were being signed off appropriately. In response, the head of legal and democratic said that the audit highlighted ways the report signoff process could improve and that the existing template did not detail which officer was the one to sign off the report. The democratic team accepted the actions from the audit and would ensure there was appropriate clearance shown in the checklist of all reports. The head of legal and democratic also confirmed that all reports going to cabinet were going through the appropriate processes but that consultees would be more involved in reports at an earlier stage in order to provide more time for them to be appropriately reviewed before publication.

Some members asked about the management actions not detailing that officers’ names would need to be on report checklists, but the committee was satisfied with the clarification from the head of legal and democratic that this would be included and that the democratic department had been made aware of this requirement. He also confirmed that more education to officers about the report lifecycle process could be provided to help all officers understand the requirements and timescales.

Overall, the committee thanked the internal audit and risk manager for her report and were satisfied with the actions outlined in the limited assurance reports and that their questions to the action owners were appropriately answered.