Agenda item

Members considered the Internal Audit Quarter 4 Report 2022/23 by Lincolnshire Audit against the 2022/23 annual programme agreed by the Governance and Audit Committee in March 2022. During the period, six assurance audits had been completed.

The completed audits being:-

Levelling Up Fund (Phase 1) - High Assurance

Staff Resilience - High Assurance

ICT Patch Management - High Assurance

ICT Asset Management - Substantial Assurance

Key Control Testing - Substantial Assurance

Risk Management - Substantial Assurance

Customer Relationships Management (CRM) Project - Consultancy

In the presenting report, the Head of Internal Audit and Risk Management highlighted to the Committee the information available within the body of the report. Members were made aware that the CRM project had no recommendations arising, with controls in place. Finally, Members were made aware of of local authorities who had issued Section 114 notices, in aid of informing about the risks of poor decision-making processes.

Debate ensued on the report's contents, with Members questioning multiple aspects and providing statements on the report's contents. In reply to a question on removing the well-being Audit from the Plan , the Head of Internal Audit and Risk Management explained that though the audit had been planned for 2022/23, given this was a work area which crossed other with other Lincolnshire local authorities, given the shared Strategy, the planned date did not align with those other  local authorities and more  joined-up thinking around the timing of this was required. The review had been delayed for these reasons, but its risk profile would continue to be monitored. Concerning the slippages in the NNDR debtor accounts sample, within the key controls audit, it was confirmed these were small and immaterial to the overall outcome, no system failures were identified. Members also learned that the CRM system's audit gave assurance that the information brought into the system, and the processes used at the time had satisfied the auditors for the purpose and scope of the audit commissioned.

In response to a query on the Section 114 notices, Members were politely reminded that the information in the linked report was from external accountants of the organisation concerned, rather than this Council’s auditors. However, the Head of Internal Audit and Risk Management explained that part of the failures was a lack of risk consideration at the outset a failure of good governance procedures resulting in a financial failing. Members also commented that the Councillors would have likely made the decisions in good faith, but that members had to be alert to potential issues, in that any local authority could faulter.

In response to a query on the staff resilience risks, specifically working from home, the Head of Internal Audit and Risk Management explained that the actions in the Audit were all agreed and accepted by Management Team, had been given an implementation owner, and had appropriate timescales.

Having been moved and, seconded, on being put to the vote it was unanimously

RESOLVED that having considered the content of the report, no further actions be identified.