Agenda and minutes

Councillors Wall and Colin Hay had given their apologies.  Councillor Chard attended as a substitute for Councillor Wall.

No interests were declared.

09 January 2013

The minutes of the last meeting had been circulated with the agenda.

Upon a vote it was unanimously

RESOLVED that the minutes of the meeting held on the 9 January 2013 be agreed and signed as an accurate record.

These must be received no later than 12 noon on the fourth working day before the date of the meeting

No public questions had been received.

Head of Audit Cotswolds

The Head of Audit Cotswolds introduced the report which he explained was presented slightly differently to how it had in the past in order to meet the new Internal Audit Standards and therefore contained more detail.  He reiterated the need for Internal Audit to follow a more flexible and risk based plan given the environment in which the council now operated.  The Audit Universe 2013-14 (Appendix 2 of the report) set out a complete list of potential work for the service, in order of priority.  This detailed the minimum skill rank of the auditor to undertake the work and the days required, which he highlighted were beyond the days available.  Appendix 1, the Audit Assurance Plan 2013-14 listed the risk based assurance work, from the Audit Universe.  He noted that this did not include consultative work and quarters 2 and 3 would be continually reviewed to ensure that the work identified was still relevant.  

The Head of Audit Cotswolds gave the following responses to member questions;

• Admittedly there was a lot for Internal Audit to look at, but the Audit Assurance Plan 2013-14 had been compiled using a risk based approach and where work took less days than those identified within the Audit Universe, these days would be used towards lower risk issues.  
• ICT issues had always featured in the plan for 2013-14 in addition to which there were cyclical items which whilst not on the list, may feed in to work on other issues.  This was not say that the plan was infallible, hence the regular engagement with Exec Board, the Senior Leadership Team, etc.
• Given the governance framework it was considered appropriate for GO Shared Services to have a risk plan of its own.  However, a review was scheduled for June 2013 and this would be reported via the Client Monitoring Group and areas of limited assurance which affected Cheltenham could be reported back to this committee. 

Upon a vote it was unanimously

RESOLVED that the Internal Audit Plan for 2013/14 be approved.

Head of Audit Cotswolds

The Head of Audit Cotswolds introduced the Internal Audit Monitoring report which was a standing item on the agenda and provided an update on the work undertaken by Internal Audit since the last meeting.  He highlighted the Performance Management and Strategic Commissioning review which had identified a series of issues.  In response an audit facilitated meeting with the relevant Officers had been held and an action plan developed, a copy of which would be considered by this committee in June.  Due diligence work in preparation for the ICT shared service with Forest of Dean had entered its second phase and was almost complete, with work ongoing with colleagues in FOD to provide assurances.  The GO report was currently with the Client Officer Group for consideration and once a formal response had been received, this would be fed back to the committee.  In addition to this, consultancy work had been undertaken in relation to Counter Fraud.

The Head of Audit Cotswolds gave the following responses to member questions;

• An assurance opinion for GO could only be provided once the report had been validated by the Client Officer Group, however, the health check and due diligence reviews had been satisfactory. 
• Internal Audit were not included in the sign-off of draft O&S reports but were made aware of publication and were then reviewed.  O&S reports would be considered as part of relevant reviews. 

Councillor Chard was concerned that audit related issues were being identified as part of scrutiny reviews and as such internal audit should be involved in the process at a much earlier stage than simply reading the report once it has been published.  He suggested that they should certainly consider the recent Ubico task group report. 

Upon a vote it was unanimously

RESOLVED that having considered the report, the Head of Audit Cotswolds note the comments of the committee.

Corporate governance, risk and compliance officer

The Corporate governance, risk and compliance officer introduced the report.  The committee had approved the current policy in March 2012 and had requested an annual update report going forward, of which this was the first.  The council’s new on-line risk management module had been in operation since June 2012 and to date all 22 corporate and a large number of divisional risks had been recorded on the module, with the remaining divisional risks to be completed by the end of April.  It was the responsibility of the relevant risk manager to update the information on a monthly basis, even to comment that there was no update if necessary.  There had been little change to the policy, namely paragraph 2.5 in relation to risks that are identified by commissioned or shared service providers.  These were separate entities but it was accepted that from time to time some risks could impact the council.  It was the responsibility of those organisations to highlight such risks to the relevant Client Officer and then decide the best way of managing the risk in discussion with SLT.

The Corporate governance, risk and compliance officer gave the following responses to member questions;

• Some risks relating to commissioned or shared services would be very public and therefore quickly identifiable and some might come to light through management meetings between Officers and Members.  There was a process in place by which issues could be referred to SLT for consideration for addition to the corporate risk register. 
• Generally once a risk was added to the corporate risk register, SLT would see it through until it was closed rather than managing the risk down to divisional level.  Some risks were transferred to the commissioned or shared service risk registers and the majority of project risks were not included but would be added at stages when corporate involvement was required. 
• Risks with a score lower than 16 would be added to the risk register if SLT felt it was significant enough. 
• The dashboard was being developed and could include historical information for risks. 

Upon a vote it was unanimously

RESOLVED that;

1.            The risk management work undertaken during 2012/13 and for the 2013/14 planned developments be endorsed.

2.            The amendment to the Risk Management Policy be approved xxx and to consider if there is a need for any further improvements from April 2013.

Corporate governance, risk and compliance officer

The Corporate governance, risk and compliance officer introduced the report.  He explained that the Annual Governance Statement 2011-12 (AGS) had been approved by the committee in June 2012, who had recommended to Council that it be adopted as part of the statement of accounts.  The AGS contained a significant issues action plan and this report detailed progress on these issues.  At the time of writing the report, all but two of the issues identified on the action plan had been addressed, one of which had since been dealt with by Cabinet.  The only outstanding issue was ICT business continuity testing and there were a number of reasons as to why this issue remained under review and these were set out in full at item 2.3 of the report. 

The following responses were given to member questions;

• The action plan was a living document and as such some of the commentary was now out of date (e.g. action 4 of the Refuse & Recycling Stock stated that the Managing Director of Ubico had delayed the check but this had since been completed). 
• The actions identified for the Business Continuity Testing had been identified some 12 months ago at a time when the risk of power outage was high level likelihood and impact.  At the time, the likelihood of a virus attack was very low given that there had not been a successful attack for some ten years.  Clearly, there had been a subsequent successful attack but the plan had been prepared 12 months ago and needed to be read with hindsight.  From a process point of view the action plan from 12 months ago was correct, even if subsequent events demonstrated that more could have been done. 
• An update Annual Governance Statement would be produced in June, which would include actions which officers would work on over the course of a year and another update report would be considered by this committee in March 2014.  Regular Internal Audit updates would be provided by the Head of Audit Cotswolds. 
• In relation to the Payroll issue, at the time of the restructure of GO Shared Services, the issue of payroll resilience was acknowledged and an additional half post was created.  Though it was still early days this service was running fairly smoothly and had added resilience. 

Upon a vote it was (unanimously)

RESOLVED that the progress that has been made against the actions and deadlines set, the issues that remain outstanding and the mitigating action being taken be noted. 

Corporate governance, risk and compliance officer

The Corporate governance, risk and compliance officer explained that the policy requires an update to be provided in the course of a year, though as shown in the report, these powers had not been enforced for some four years, having used other means by which to deal with issues.  In light of legislative changes to the RIPA process, the policy had been amended to summarise the new, more stringent, duties and responsibilities the legislation placed on local authorities.  The changes included the need to for a Magistrate to approve an application before any action is taken.  Members were alerted to an error at 1.9 of the report whereby the Borough Solicitor and Monitoring Officer had been named as the designated Senior Responsible Officer when it should in fact have stated the nominated Executive Director.  If approved by Cabinet on the 16 April, the policy would be highlighted to all staff via the intranet and the Corporate governance, risk and compliance officer, acting as RIPA Co-ordinator would offer an initial challenge to any officer wanting to use these powers as they should only ever be viewed as a last resort. 

The Corporate governance, risk and compliance officer gave the following responses to member questions;

• Relevant staff would require adequate training.  A session had been held some six weeks ago and the invitation had been extended to GO Partners and staff who could be involved in surveillance as it was important that people understood their roles and responsibilities.  Judge Jones had looked at the councils processes two years ago and could well return to assess whether he considered the processes to be adequate.  If the powers were ever used a report would be bought before this committee.
• Most magistrates would follow a set of guidelines in determining what length of sentence to administer and therefore key wording within the policy was ‘maximum expected sentence’.  Legal would contact the Magistrates Court for advice on current sentencing. 
• It was not possible to provide a figure for the number of cases of suspected fraud in a year but there were high risk areas (i.e. Benefits) where RIPA had been used in the past.  The council had however, developed alternative ways of dealing with such cases and large scale fraud of this kind was often led by the Department for Work and Pensions.
• Clerks at Parish Councils did not receive training on RIPA as surveillance was not a power open to Parish Councils.  The Corporate governance, risk and compliance officer could provide a short overview to Parish Councils on this matter.
• Police would be involved at an early stage and the Police were also required to comply with RIPA in order to undertake surveillance.  Many of the alternative routes used by the council would involve the Police at an early stage.
• A large amount of the content of the policy was drawn from the Home Office but the Corporate governance, risk and compliance officer could look at how the policy could include more reference to the  ...  view the full minutes text for item 9.

KPMG (Grant Thornton will answer any questions on this item)

The Corporate governance, risk and compliance officer introduced the certification of grants and returns 2011-12 which had been produced by KPMG.  KPMG had been invited to attend if they wished and in their absence Grant Thornton were happy to answer any questions. 

The Chairman noted the one qualified certificate but given the explanatory text he had no further comment.    

KPMG (Mark Sheldon will answer any questions on this item)

The Director of Resources introduced the annual audit fee letter 2011-12 on behalf of KPMG.  He felt this was a positive report with KPMG having issued an unqualified VFM conclusion in September 2012.  In addition to their reference to the savings from the GO Project he was pleased to report that the new structure was now in place and it had been possible to include the forecast savings in the 2013-14 budget, which he saw as an indication that further savings could be secured long term.  He felt that the comments regarding a decline in quality of financial statements was inevitable given the scale of changes that had taken place with the transition to the GO Project and he had every confidence that quality would improve in the coming year given the positive direction of travel thus far.  

The Chairman suggested that Grant Thornton, as new auditors, would be unable to provide an opinion on whether the quality had been restored to that of previous years.  In response to this Paul Benfield of Grant Thornton referred members to the £8500 additional fees from KPMG and suggested that were Grant Thornton able to provide an unqualified conclusion without additional fees having been incurred, that this could be an indication of the quality of the financial statements.  

The Director of Resources noted that a number of key personnel were still in place, in addition to which there were personnel at other authorities and this gave him every confidence going forward. 

Grant Thornton

Peter Barber of Grant Thornton introduced the audit plan which set out the need for Grant Thornton to fully understand the business (the council) and any key challenges and the approach that would be adopted, which was summarised in the form of a diagram.  The plan also included specific detail of significant risks that has been identified and summarised the results of the interim audit work undertaken. 

Peter Barber and Peter Smith gave the following responses to member questions;

• Journals were inherently risky by their very nature.  There would be a focus on any high level journals and those that posed a greater risk given the day, time or by whom the journal was created. 
• Given the new system (Agresso) and the changes to cost codes there was a greater risk for mis-categorisation so Grant Thornton would undertake an analytical review by comparing this year against last year and seeking explanation for any variations. 

Grant Thornton

Peter Smith of Grant Thornton introduced the audit update report which reported on progress, highlighted emerging national issues and developments and suggested documents which may be of interest to members. 

Peter Barber explained that this copy of the update report contained more information than it ordinarily would as one had not been produced for the previous meeting.  He was happy to include as little or as much information as members would find helpful and noted that the reference to ‘challenging questions’ had been included in error as issues would be discussed with the Director of Resources and Chief Executive as part of ongoing dialogue. 

The work programme had been circulated with the agenda.

Councillor Rowena Hay suggested that the Leisure & Culture trust governance item scheduled on the work plan for June would need to be deferred as it had been for Cabinet. 

There were no urgent items for discussion.

19 June 2013

The next meeting was scheduled for 19 June 2013.

The Council is recommended to approve the following resolution:-

“That in accordance with Section 100A(4) Local Government Act 1972 the public be excluded from the meeting for the remaining agenda items as it is likely that, in view of the nature of the business to be transacted or the nature of the proceedings, if members of the public are present there will be disclosed to them exempt information as defined in paragraph ?, Part (1) Schedule (12A) Local Government Act 1972, namely:

Paragraph 3; Information relating to the financial or business affairs of any particular

person (including the authority holding that information)

Upon a vote it was unanimously

RESOLVED that in accordance with Section 100A(4) Local Government Act 1972 the public be excluded from the meeting for the remaining agenda items as it is likely that, in view of the nature of the business to be transacted or the nature of the proceedings, if members of the public are present there will be disclosed to them exempt information as defined in paragraph 3, Part (1) Schedule (12A) Local Government Act 1972, namely:

Paragraph 3; Information relating to the financial or business affairs of any particular person (including the authority holding that information)

Audit Cotswolds

Members considered the exempt report.