To consider the report of the Director of Resources (copy enclosed)
The Committee considered the report of the Director of Resources and associated appendices that covered six reports from the Internal Auditors BDO LLP, the Internal Audit Progress Report; Sector Update; Follow-up of Recommendations Report; Workforce Management and Information Management Audits.
The Chairman introduced the report and deferred to the Internal Auditors to present the detail. The Internal Audit Partner then presented the Progress, Sector Update and Follow-up of Recommendations reports.
With reference to the Progress report he said that, in addition to the two audits on today’s agenda, work was finalised supporting Officers on the new leases accounting standard. Overall progress was good despite delays as a result of Covid, five out of eleven pieces of work completed, two other audits underway and on track to provide the internal audit opinion within the normal timescales. The Sector Update report was self-explanatory, and the Follow-up of Recommendations report had one outstanding recommendation. This related to climate change and waste strategy which had been delayed due to operational pressures.
In response to a question on the moderate assessment of the Safeguarding Audit at the last committee he said that the auditors were content that this was an appropriate assessment level. They identified overall reasonable processes in place and a number of mitigating controls to ensure no abuses take place. It was noted that following this meeting an update would be circulated to Members on the detailed timetable for delivery of the Safeguarding recommendations.
The Audit Manager then presented the two audits. The Workforce Management audit level of assurance was substantial on both design and effectiveness. The auditors had looked at the Workforce Management Audit strategy and plan which aligned with both the Medium-Term Financial Plan and IT Strategy and was on track to achieve the objectives outlined in the Council’s Corporate Plan. The People Workforce Development Plan was supported by action plans covering recruitment/resourcing, retention, learning and development and employee engagement, all monitored by the Human Resources Service Plan. The auditors found that there was an action plan in place to address issues raised in response to the staff survey and an updated plan will be produced in February 2021, monitored by the Corporate Leadership Team (CLT). Overall there was clear direction and appropriate oversight of the workforce strategy and appropriate response to COVID issues, hence the substantial assurance level.
The Information Management audit level of assurance was moderate on both design and effectiveness. The purpose of the audit was to assess the design and effectiveness of the Council’s information management controls and processes for the storage, retention and destruction of paper documents to support compliance with the Council’s document retention schedule and current legislation.
The auditors noted that the Council had identified, and recorded assets and a detailed information Asset Register was in place. There were appropriate controls to ensure information was only accessed where there was a valid business need and a Document Retention Schedule was in place in line with current legislation and statutory requirements, together with defined procedures for the destruction of documents.
The auditors identified two medium level findings 1) that document retention and data protection policies were out of date at the time of the audit but have now been updated and approved by the Strategy and Resources Committee in November 2020, which included a refresh of digital records, and 2) that responsibility of information asset owners had not been defined but will be covered through the annual review of the Asset Register this year.
There being no further comment the Chairman moved the recommendations in the report and they were seconded by Councillor Nunn. She then put the recommendations to the Committee and they were agreed by assent.
RESOLVED that the Committee considered, commented and approved the:
(i) Internal Audit Progress Report - December 2020 at APPENDIX 1;
(ii) Internal Audit Sector Update – January 2021 at APPENDIX 2;
(iii) Follow-up of Recommendation Report – December 2020 at APPENDIX 3;
(iv) Workforce Management Audit – November 2020 at APPENDIX 4;
(v) Information Management – December 2020 at APPENDIX 5.