Agenda item

Internal Audit Reports

Meeting of Audit and Governance Committee, Tuesday 25 July 2023 2.30 pm (Item 31.)

To receive the Internal Audit updates from SWAP:

Minutes:

Sally White (SWAP) presented the Internal Audit update.

The SWAP representative highlighted some key points in the report. SWAP had offered a reasonable audit opinion on work to date. One limited assurance opinion had been issued regarding Section 106 (S106) Financial Controls. An agreed action plan was in place to improve internal control around this key area of income.

Regular review was being maintained on the three previously reported significant corporate risks, which were Pension Fund Key Controls, ICT Network Boundary Defences and the Pension Payroll Reconciliation Project.

There were still some gaps in internal audit coverage, but these had reduced and SWAP were working with senior managers to close the remaining gaps.

The new ‘AuditBoard’ portal where Members could check the internal audit rolling work plan was highlighted, and it was hoped that Members would visit this regularly to keep up to date with internal audit work.

SWAP were working with relevant directorates regarding overdue priority 1 and 2 actions, to confirm that actions were being properly implemented and they hoped to demonstrate an improvement in the figures. SWAP were continuing to roll out Cifas, which had been successful at other local authorities.

In response to questions on the S106 audit, it was stated that SWAP thought the £125,000 that was not raised sat within the £3.45 million for the 7 applications which SWAP looked at. The approximately two thirds of the £3.45 million that had been collected was thought to be by value, not volume. It was thought that the elements looked at were the Wiltshire Council elements and not the total which would include contributions due to parish councils. Further details could be given when the service came to Audit and Governance Committee, it was confirmed that they would attend the September meeting.

In relation to the level of samples taken, it was explained that they had intended to look at 14 S106 agreements, however there were issues with the first 7 which were looked at and therefore they stopped at that point. This was a standard internal audit approach as control weaknesses had been identified. The service would then check all agreements.

In response to further questions, it was clarified that strategic risks were identified by management, by the strategic risk process and register. Internal audit looked at risks from that and any highlighted by directors. Some Members felt that the delays to the audits and accounts should be included as a strategic risk. Some also felt that strategic risk should be looked at in terms of value, for example to look at adult social care as that was where a lot of the council’s budget was spent.

SWAP highlighted that the training session on the ‘AuditBoard’ would help to show how the internal audit rolling plan was put together, for example by risk, the corporate plan and SWAP’s top 10 risks and recommended areas of coverage. Members would be able to access this at any time.

Members queried the risk ‘Lack of capacity in the social care market’ as the opinion given was ‘Non opinion audit’. SWAP explained that a lot of their work was assurance focused, but some work was advisory. The advisory work gave non opinion audits. However, those did feed into the annual opinion.