Agenda item

Natalie Jerams presented a report which provided an overview of

·         the current status of live internal audit reports;

·         an update on progress against the annual audit plan;

·         a summary of  internal audit performance, planning and resourcing issues; and

·         a summary of significant issues that impact on the Chief Internal Auditor’s annual opinion.

It was noted that there had been a slight adjustment to the report since publication; there were now 32 management actions overdue (15 medium and 17 high). A summary was provided on six new reports that had been finalised since the last report.  The subsequent discussion on these reports included reference to the following issues:

·         On the issue of cyber security, it was agreed not to discuss the actions in an open forum.  Melanie Thompson agreed to provide a written update to the Committee in response to questions raised in respect phishing and cyber security awareness training;

·         In respect of Building Control, it was noted that the new Temporary Chief Planning Officer had only been in position a few weeks and was unable to provide an update but would do so at the next meeting of the Committee;

·         On the issue of Treasury Management, the Chief Finance Officer stated that some of the report recommendations had been completed and others in progress.  A new treasury management provider (Orbis) had been taken on and were working towards updating all relevant documentation in order to comply with internal audit recommendations;

·         In respect of Information Governance, it was noted by the Head of Legal that a new Data Protection Officer was now in post who would primarily be dealing with the report recommendations and would be supported by a new Deputy DPO.  FOI reports were now taken to the ELT and Information Governance Management Team.  The Record Retention and Disposal Schedule was being reviewed and would be circulated to Senior Managers, SLT and ELT to update.  Work had commenced on the Information Asset Register and it was planned for this work to be completed by November;

·         It was agreed that a copy of the current document deletion policy would be circulated to the Committee.  It was noted that the document required updating and it was agreed that a final copy of the updated policy would also be circulated to the Committee.

·         It was noted in the audit report that the Council did not maintain a grant register, which had resulted in a ‘No’ assurance position. The Finance Department would create a template for the rest of the organisation to complete to allow review on a regular basis along with associated policies and procedures;

·         On the issue of Health and Safety, it was noted that a further ‘No’ assurance opinion had been given due to policies and procedures not being updated following internal reorganisation. A project team had been set up to address the issues raised by the report and to make sure all updated information is properly presented to staff.  It was confirmed that HSE have carried out inspections where required.

·         It was noted that the number of outstanding issues was worrying and performance needed to improve which would be reflected in the proposed recommendations under the next agenda item.

R E S O L V E D – that the report be noted.