Agenda and minutes

The Committee is asked to confirm as a correct record the minutes of the meeting of the Committee held on 11th July 2023.

The minutes of the meeting of the Committee held on 11th July 2023 were confirmed as a correct record and signed.

The Chair acknowledged that this was the Head of Governance and Human Resources last Audit Committee meeting and thanked him, since he would be leaving his role at the Council in November 2023.

Councillor Jane Lennie was welcomed to her first Audit Committee meeting and it was noted that the Constitution had recently been amended to allow for a seventh Councillor on the Committee. 

No disclosures were made.

No questions were submitted.

No questions had been submitted.

A report of the External Auditors.

A report of the external auditor was submitted providing an Audit Strategy Memorandum to the Committee summarising their audit approach and highlighting significant audit risks for the year ended 31st March 2023 (item 5 on the agenda filed with these minutes).

Leah Parsons representing the external auditors (Mazars) attended the meeting virtually to assist with the consideration of this item.  She drew attention to pages 19, 22 and 27 of the report pack, the timeline in which work had been completed, overviews of significant risks and their approach to Value for Money work, confirming that all were in line with expectations and on-track to bring a final review back to the Audit Committee Accounts meeting in November 2023.

The Chair observed that it was positive news that reports would be ready for November.

RESOLVED that the report be noted.

Reason

The Committee were satisfied with the contents of the report.

A verbal update from the Audit Manager and Director of Customer Experience.

At the previous meeting held on 11th July 2023, it had been the Audit Manager’s view that requirements had not been met in relation to a recommendation regarding the IT Health-check audit and identifying target timescales to undertake operational testing (item 6 on the agenda for that meeting, page 22 of the report pack, recommendation 8).

The Director of Customer Experience attended virtually along with the Audit Manager to provide the Committee with a verbal update on the matter.

She confirmed that she had met with the Audit Manager and the Information Technology Delivery Manager and that an agreement had been reached in terms of taking the recommendation forward. 

Identifying the target timescales and reviewing of the relevant documentation would be taking place by October 2023, with operational testing to be planned into 2024 which was in line with the original implementation date of June 2024. 

The item would be followed up in October 2023 and if not satisfactory would be brought back to the Committee.

RESOLVED that the Committee noted the update.

Reason

To ensure that the Committee was kept informed of the progress against the Internal Audit Plan and work of Internal Audit.

A report of the Audit Manager.

A report of the Head of Governance and Human Resources was submitted providing the Committee with a summary of progress against the 2023/24 Audit Plan, outlining key findings from final reports and any outstanding recommendations (item 7 on the agenda filed with these minutes).

The Audit Manager attended the meeting to assist the Committee with its consideration of the report. 

Concerns were raised by the Committee about a number of overdue recommendations ranging from six months to over two years with no evidence of progress and included recommendations for asset management, commercial lettings and housing repairs/maintenance with particular concern relating to asbestos management  (detailed on page 59 of the agenda report pack) which had health implications and an original due date of August 2021.  It was agreed that concerns about these items would be raised with Cabinet Lead Members and relevant Service Heads/Officers would be informed that if no progress was made by the Audit report for January 2024, that those Service Heads/Officers would be required to attend the meeting of Audit Committee on 30th January 2024.  The Audit Manager agreed to circulate a brief update to the Committee.

A number of reasons were given for the overdue items, which varied from staffing pressures to contractor issues.  The Committee was assured that overdue items were reported monthly to the Senior Leadership Team and that Service Heads were aware and supported the escalations.  It was confirmed that with regard to high-level risks, each service area had its own operational risk registers which were managed at service-based level.

RESOLVED

1.     That overdue recommendations for asset management, commercial lettings and asbestos management be referred to Cabinet Lead Members after the meeting and if no progress made by January 2024, relevant Service Heads required to attend the meeting of Audit Committee on 30th January 2024.

2.     That the Committee notes the progress report as set out in Appendix 1.

Reasons

1.     To ensure the completion of overdue recommendations and reduce the risk of further extensions to implementation dates.

2.     To ensure that the Committee is kept informed of the progress against the Internal Audit plan and work of Internal Audit. 

A report of the Audit Manager.

A report of the Head of Governance and Human Resources was submitted providing the Committee with an update on the ongoing work to ensure that the Council complies with CIPFA’s Position Statement: Audit Committees in Local Authorities (item 8 on the agenda filed with these minutes).

The Audit Manager attended the meeting to assist the Committee with its consideration of the report.  In response to questions it was confirmed that CIPFA considered it best practice to have a second independent member to support other members of the Committee with an objective view and varying skills and knowledge base.  Members were reminded that independent members would not be able to vote at Committee and would give opinions only.

A training plan would be collated to ensure any gap in skills could be bridged and the Working Group would be discussing this going forward.

There would be no remuneration for the additional independent member, only reasonable travel expenses and it was considered value for money, with the possibility of the independent member stepping into the role of Chair in the future if needed.

RESOLVED that:

1.              The Committee recommends to Council a change to the Constitution from one independent member to two independent members of the Audit Committee;

2.              The Committee agrees the process for the recruitment of the independent member to the Committee following the change to the Constitution.

Reasons

1&2.   To ensure that the Committee meets its statutory responsibilities for governance and internal control arrangements, financial management, financial reporting and internal audit.

A report of the Head of Governance and Human Resources.

A report of the Head of Governance and Human Resources was submitted providing the Committee with a summary of the Council’s use of RIPA powers (item 9 on the agenda filed with these minutes).

The Head of Governance and Human Resources attended the meeting to assist the Committee with its consideration of the report.  He informed the Committee that surveillance cameras had been installed in the Warwick Way area of Loughborough as a deterrent for litter dropping from cars and confirmed that as signs were displayed in the area this was overt surveillance and did not apply to RIPA.

A question was raised about drug dealing and anti-social behaviour issues and it was confirmed that these would be dealt with by the Police who had RIPA powers and in the case of social housing, the Council’s Housing Team would liaise with the Police.

RESOLVED that the Committee noted that there had been no use of RIPA powers by the Council for the period from 1st June 2023 to 31st August 2023.

Reason

To enable the Committee to comply with the request from Cabinet that the Audit Committee assumes responsibility for receiving a quarterly report on the use of RIPA and to report to Cabinet any concerns arising from those reports that may indicate that the use of RIPA is not consistent with the Policy or that the Policy may not be fit for purpose.

A report of the Head of Transformation, Strategy and Performance.

A report of the Head of Transformation, Strategy and Performance was submitted providing the Committee with details of the Strategic Risk Register produced for the period to 2023/24 (item 10 on the agenda filed with these minutes).

The Head of Transformation, Strategy and Performance attended the meeting to assist the Committee with its consideration of the report.  She brought to the Committee’s attention that staff recruitment and retention was still an issue and that a range of Officers from across services were looking at ways to address the situation.  The target date for the internal review of recruitment had been moved from September 2023 to December 2023 and this was due to ongoing work on I-Trent for the HR service.

In response to questions it was noted that:

·       the major risks for the Council included finance, in terms of budgets and staff retention, with the risk of professional officers moving to the private sector;

·       the Head of Transformation, Strategy and Performance could provide an update to the Committee regarding the Falcon Centre consultation and joint working officer – SR11 Housing Demand.  Noted that recruitment to the Head of Landlord Services would be by the end of 2023;

·       residual risk levels largely remained unchanged after completion of ‘actions’ and this was explained.

At a recent meeting of the Finance and Performance Scrutiny Committee on 12th September 2023, the Committee had considered that annual cyber insurance costs seemed high at £107,000.  It was unclear how this compared to other local authorities, but costs were increasing due to risks of cyber-attacks.  Information regarding insurance coverage would be provided but the Committee considered further scrutiny was required regarding whether it was fit for purpose and training for employees on cyber disaster recovery mitigation strategies and as it was under the remit of the Audit Committee as part of its consideration of the Council’s Risk Register on a quarterly basis, asked the Audit Committee to review the Council’s preparedness for cyber-attacks.

The Finance and Performance Scrutiny Committee had resolved that the Audit Committee be asked to review the Council’s preparedness for cyber-attacks. 

Summary of the Audit Committee’s discussion:

·       Data security was included in Strategic Risk 7 and contained extensive information on the current treatments and controls which included data protection training for councillors and officers;

·       Business continuity was covered within Strategic Risk 1 and dealt with what would happen if there was a cyber-attack;

·       Strategic Risks 1 and 7 covered risk mitigation and recovery measures;

·       IT/Cyber Security was covered by Internal Audit in 2022/23;

·       Mandatory data breach training was in place for Councillors and Officers and regular phishing testing was carried out and follow-up training offered to those who failed.  In addition, mandatory training would be reviewed by internal Audit during the current financial year;

·       The Council’s IT systems had been moved to a cloud system in a secure network and the firewall protected the Council from the majority of cyber-attacks;

·       Serious security breaches had been highlighted in the media and by the Local Government  ...  view the full minutes text for item 27.

A report of the Head of Finance.

A report of the Head of Finance was submitted providing the Committee with the Council’s Treasury Management Report for Quarter 1 (item 11 on the agenda filed with these minutes).

The Head of Finance attended the meeting virtually to assist the Committee with its consideration of the report and highlighted the key areas.  She explained that this item was a new addition to the agenda which was required quarterly by the CIPFA code of practice for Treasury Management 2021.  Treasury Management Training would be delivered to members of the Committee in January 2024 prior to its meeting.

In response to questions it was confirmed that the medium-term financial strategy would be reported in February 2024, there would be a budget exercise taking place within the next few months to identify potential savings and that  budget reserves would be kept within £2.5 million.   It was also noted that the Council did not have any equal pay claims.

RESOLVED that the Committee noted the report.

Reason

To ensure that the Council’s governance and management procedures for Treasury Management reflect best practice and comply with the CIPFA code of practice for Treasury Management 2021. 

A report of the Director of Finance, Governance and Contracts.

A report of the Director of Finance, Governance and Contracts was submitted to enable the Committee to consider its Work Programme (item 12 on the agenda filed with these minutes).

The Head of Governance and Human Resources attended the meeting to assist the Committee with its consideration of the report.

It was confirmed that the Audit Accounts meeting would be taking place on 21st November 2023 and agreed that:

·       Financial Statements Training would be delivered to members of the Audit Committee before the Audit Accounts meeting in November 2023.  The training session would be recorded to ensure access to the training regardless of availability to attend the session;

·       Any overdue actions in relation to the Internal Audit Plan to be circulated to Cabinet Lead Members.

RESOLVED that the Committee proceeds on the basis of the Work Programme attached to the agenda, with any amendments and inclusions agreed at this meeting.

Reason

To enable the Committee to identify future items of business and enable planning for future meetings to be undertaken, for example preparing reports and arranging for the attendance of officers and/or others at meetings.