Agenda and minutes

Audit Committee
Wednesday, 27th November 2019 6.10 p.m.

Venue: Lancaster Town Hall

Contact: Eric Marsden, Democratic Services - telephone 01524 582135, or email:  emarsden@lancaster.gov.uk 

Items
No. Item

20.

Minutes

Minutes of meeting held on 30th October 2019 (previously circulated). 

Minutes:

The minutes of the meeting held on the 30th October 2019 were signed by the Chair as a correct record.

21.

Items of Urgent Business authorised by the Chair

Minutes:

There were no items of urgent business.

22.

Declarations of Interest

To receive declarations by Councillors of interests in respect of items on this Agenda. 

Councillors are reminded that, in accordance with the Localism Act 2011, they are required to declare any disclosable pecuniary interests which have not already been declared in the Council’s Register of Interests. (It is a criminal offence not to declare a disclosable pecuniary interest either in the Register or at the meeting.) 

Whilst not a legal requirement, in accordance with Council Procedure Rule 9 and in the interests of clarity and transparency, Councillors should declare any disclosable pecuniary interests which they have already declared in the Register, at this point in the meeting. 

In accordance with Part B Section 2 of the Code of Conduct, Councillors are required to declare the existence and nature of any other interests as defined in paragraphs 8(1) or 9(2) of the Code of Conduct. 

Minutes:

There were no declarations of interest.

23.

Update of the Regulation of Investigatory Powers Act 2000 (RIPA) Policy pdf icon PDF 240 KB

Report of the Information Governance Manager

Additional documents:

Minutes:

The Information Governance Manager submitted a report proposing changes to the authority’s Regulation of Investigatory Powers Act 2000 (RIPA) policy, specifically in relation to the use of Social Media and the implications that this may have, reflecting the guidance contained in the revised Code of Practice for Covert Surveillance and Property Interference (August 2018). Carrying out a regular review and update of the RIPA policy was necessary to ensure it supported the council’s officers and protected the rights of the public when surveillance was carried out.

 

The RIPA policy was last reviewed and approved by the Audit Committee on 28 November 2018. The policy had now been amended to include:

1.    Social Media surveillance information.

2.    The process to be followed for access to Social Media for investigation.

3.    Officer training.

 

It was proposed by Councillor Jason Firth and seconded by Councillor Malcolm Thomas:

 

“That the recommendations, as set out in the report, be approved”.

 

Upon being put to the vote, Members voted unanimously in favour of the proposition, whereupon the Chair declared the proposal to be carried.

 

Resolved:

 

That the update to the Regulation of Investigatory Powers Act 2000 (RIPA) policy as set out in the report be approved.

 

24.

Internal Audit Monitoring pdf icon PDF 505 KB

Report of the Internal Audit and Assurance Manager

Minutes:

The Internal Audit and Assurance Manager (IAAM) presented a report which advised the Committee on the latest monitoring position regarding the 2019/20 Internal Audit Plan, and the latest monitoring position regarding the implementation of the Annual Governance Statement (AGS) action plan for 2018/19.

 

The 2019/20 Internal Audit plan had been approved by the Audit Committee at its meeting on 20 February 2019 and the report provided a summary of the monitoring position up to 1st November 2019.

 

In response to questions about the report, the IAAM confirmed that the results of the National Fraud Initiative (NFI) in respect of the Single Person Discount is to be released in February 2020 (not 2019). Work on embedding risk management was ongoing, with progress on improving and rolling out both the strategic and operational risk registers to be reported on at the next meeting.

 

The IAAM presented an update on the Annual Governance Statement (AGS) 2018/19 Action Plan. In response to questions, the IAAM noted that discussions had taken place between the Democratic Services Manager and the Chair of the Overview and Scrutiny committee with regard to expectations and resources available (A18); work was ongoing to identify a risk management training provider and the IAAM was also looking into the possibility of procuring software for the management of both strategic and operational risk registers (F2); considerable work had already been achieved by the HR Manager in embedding Our Values into the induction process (A2); and both a Money Laundering Officer and Deputy Money Laundering Officer had now been appointed (F17).

 

Resolved:

 

That the reports be noted.   

 

 

25.

Review of the Council's Risk Management Policy pdf icon PDF 389 KB

Report of the Internal Audit and Assurance Manager

Minutes:

The Internal Audit and Assurance Manager (IAAM) presented a report on the council’s refreshed Risk Management Policy. Work on embedding risk management was continuing, however it was advised that progress is slow due to the limited resources of the IAAM. A risk management monitoring and reporting tool (Grace), used by other local authorities, was to be evaluated to assist the Internal Audit Team with the management of both strategic and operational risk registers and an external trainer was in the process of being sourced to assist in the training of staff and Elected Members. In response to a question about the potential cost of Grace, it was noted that if each risk owner required a licence, then the cost could be considerable. The evaluation should ascertain whether it was each risk owner or rather the Council as a whole that required a licence.

 

Councillor Stubbins tabled amendments to the report as follows (additions in italics):

 

Section 7.2:

 

At end of Step 1 – Identifying risk:

 

Add: “Risks recorded in the Risk Register will be given a unique identifier

 

Step 3 – Treatment and Action Planning:

 

Last sentence of paragraph 1 to read “A second risk score should then be given to the net (residual) risk that still remains, or would still remain, after taking into account the mitigating actions / controls”

 

Additional para to follow directly: “The authorisation status of any included mitigation action should be maintained such that it is not wrongly considered that the severity of a risk is reduced without the mitigation action forming a part of the implementation of the activity concerned.”

 

Section 8.3:

 

Additional sentence at end of paragraph to read: “Proposals for amendments to risk scores or descriptions are positively encouraged, from Managers of risks throughout the service, with the intention of maintaining a culture of openness, escalation of risk, and currency of the risk registers.”

 

The Committee discussed the report and amendments, noting that this ought not to be a centralised box-ticking exercise, but rather transparent and devolved. An invitation was made to any member of the Committee who had an interest in a specific risk area, or the overall risk management process itself, to contact either the IAAM or the Chair of the Audit Committee.

 

It was proposed by Councillor Oliver Robinson and seconded by Councillor Paul Stubbins that the recommendations as set out in the report, subject to the tabled amendments, be approved.

 

Upon being put to the vote, Members voted unanimously in favour of the proposition, whereupon the Chair declared the proposal to be carried.

 

Resolved:

 

That the recommendations as set out in the report, subject to the tabled amendments, be approved.

 

26.

Approval of the Council's Statement of Accounts 2018/19

Verbal update from the Council’s Section 151 Officer

Minutes:

The Section 151 Officer reported to the Audit Committee that the Council’s Statement of Accounts 2018/19 had not yet been signed. Additional work regarding the valuation of car parks and other assets had now been completed, with minor changes to prior period adjustments and the accounting policy still outstanding. It was estimated this would be completed and the Statement of Accounts signed off within the next two weeks.  

 

Resolved:

 

That the report be noted.

27.

Role of the External Auditor

Presentation to be provided

Minutes:

Paul Hewitson (Deloitte) made a presentation to the Audit Committee on the role of the External Auditor.

 

The Committee thanked him for an interesting presentation. In response to questions, the External Auditor explained the role of the Financial Reporting Council (FRC) in regulating auditors and monitoring the quality of audits. He also outlined that Deloittes had their own ethics team and internal reviews of work, as well as controls, in particular a conflict of interest check if any advisory or other services were provided to an audit client.

 

The Officers present left the room at this point.

28.

Periodic Private Discussion with External Auditor

Discussion with the External Auditor

Minutes:

The Audit Committee were provided with an opportunity to speak to the External Auditor in confidence.