(A) an Overall Summary of the Control Environment Operating Within the Authority. This

/

REPORT OF:

/ head of finance & procurement
AUTHOR: /

GRAHAM FRIDAY

TELEPHONE: /

01737 276556

E-MAIL: / TO: /

Overview & Scrunity committee

DATE: /

25th January 2005

AGENDA ITEM NO: / 6 / WARD(S) AFFECTED: / ALL
SUBJECT: / progress on the completion of the 2004/2005 audit programme
PURPOSE OF THE REPORT: / To provide Members with a progress report on the work undertaken by Deloitte & Touche Public Sector Internal Audit Ltd. under the Internal Audit contract during the current financial year.
RECOMMENDATIONS:
1.  That Members note the contents of this report.
2.  That the Committee make any observations and/or recommendations to the Executive.

Background

1. It has been agreed within the contract that to promote internal control within the Authority, D&T PSIA Ltd. would report to Committee on the following:

(a) An overall summary of the control environment operating within the Authority. This will look at the wider picture of all reviews to date, and provide either assurance to Committee that the control systems are working effectively and the interests of the Authority are protected; or act as an early warning on any sectors of the Authority where the control system is failing.

(b) Report back on specific areas, which were given a limited, (or lower), audit opinion at the time of the audit. Audit opinions are either full, satisfactory, limited or none. This will allow Members to focus attention on areas where Officer action is required.

(c) Update Members on the current situation regarding limited areas previously reported to Committee. This will inform Members of the action taken by Officers to resolve internal audit issues.

2. To date two audits have been completed with final reports being issued in November and December. The table below summaries the assurance level given at the time of the audit and the priority and number of recommendations made. Details are set out on Annex 1

Area Reviewed – 2004/05 / Date Report Issued / Assurance Level / Recommendations implemented /Management Response / No. of Recommendations Made
Priority 1 / Priority 2 / Priority 3
Maximising External Income / 06/12/04 / Satisfactory / Agreed / 0 / 3 / 0
FPMS Data Conversion & System Testing / 16/11/04 / Satisfactory / Agreed / 0 / 2 / 1

Key for recommendations:

Priority 1 – Major issues for the attention of Senior Management.

Priority 2 – Other recommendations for local management action.

Priority 3 – Minor issues that local management should consider, as points of Best Practice.

3.  It should be noted that the assurance level is an illustration of the level of control operational at the time of the audit. The Auditor will agree with Management a number of recommendations, which when implemented will result in a more secure system. Each recommendation is given an implementation date, and these will be monitored on a regular basis by the Internal Audit Team.

4.  The number of audits reported is lower than in previous years due to the nature of the programme for this year, whereby the majority of the audits are programmed for quarter four. At the time of this report, a further three audits were in progress, which will be reported to Members in the next quarter’s report. A full schedule of the 2004/05 audit programme showing in which quarter of the financial year the audit will be undertaken is attached as Annex 2.

Factors for considerations

5.  With the exception of the items identified above there are no significant issues that need to be drawn to Members attention at this time.

Corporate Plan Implications

6.  The Resources Sub- committee approved the five-year Internal Audit Strategic Plan on the 29th November 2000. It was discussed with Officers and linked in, where appropriate, to Council corporate initiatives such as Best Value Service Reviews.

Conclusion

8. From the work undertaken to date, no major issues or concerns were identified and there was a positive response to recommendations from Management. The level of probity in the authority’s financial and operational systems audited was considered overall to be satisfactory.

Background Papers: / Planning Documents, Audit Files

ANNEX 1

AUDIT RECOMMENDATIONS FROM REPORTS ISSUED SINCE LAST AUDIT PROGRESS REPORT

Audit / Recommendation / Management Comment / Implementation
Date / Accountable Officer / Responsible Officer
Maximising External Income / Management should prepare a formal policy for maximising external income, which should be incorporated into the current Medium Term Financial Strategy. The policy should be linked to the Council’s objectives and priorities / Agreed. / August 2005 / Head of Finance & Procurement / Accountancy Manager
We recognise that the Council has been pro-active in generating income from Section 106 Agreements. Management need to ensure that procedures allow the council to react in a timely manner when potential match funding opportunities arise. / Agreed. The management of Section 106 agreement is under the remit of the Corporate Asset Working Group, and is a standard item on their agenda. / N/a / Head of Finance & Procurement
Management should monitor and look to influence the County Council in submitting its current bids. They should also closely monitor any future potential opportunities for bids for Local Public Sector Agreements (LPSAs). / Noted. / N/a / Head of Finance & Procurement
Audit / Recommendation / Management Comment / Implementation
Date / Accountable Officer / Responsible Officer
Finance & Performance Management System – System Testing and Data Conversion / The Council should consider defining the key requirements that will qualify the Agresso system as fit for purpose on the go no/go criteria. / There is a detailed methodology of acceptance criteria, which the FPMS Board has approved. The Acceptance Criteria and the Test plans cover all the Agresso functionality required for Go Live. / November 2004 / Director of Services to the Community / FPMS Project Manager
The go-live acceptance criteria for contingency planning should require that the FPMS Board approve both the fall-back and workaround arrangements designed to mitigate system and interface problems or failure. / Fall back and workaround arrangements will be covered in the go live risk analysis to be reviewed as part of the Go-No/go decision on the 19th November. / November 2004 / Director of Services to the Community / FPMS Project Manager
The Council should add a requirement to the go live acceptance criteria to obtain FPMS Board approval of post implementation monitoring processes. / The existing PIs will continue to be maintained (see Finance & procurement monthly Performance Management report. In addition the project team will maintain a log of all issues raised during go live. Issues will be prioritised and escalated using the existing project methodology. The FPMS Board will continue to meet and monitor the project after go live. / November 2004 / Director of Services to the Community / FPMS Project Manager

ANNEX 2

INTERNAL AUDIT PLAN 2004/05

AUDIT / QUARTER
Managed Audits
Cash & Banking / 4
Council Tax / 4
Creditors / 4
Debtors / 4
Benefits / 4
Main Accounting System / 4
NNDR / 4
Payroll / 4
Treasury Management / 4
Follow up review / 4
Service Based Audits
Service audit 03/04 follow ups / 4
Business & Financial Planning & Monitoring / 3
Corporate compliance Framework / 4
Maximising External Finance / 2
Corporate Governance / 4
Risk Management / 4
Fraud and Corruption / 4
Trial - Compliance basis
Computer Audits
FPMS Project Management / 1
FPMS Data Conversion / 3
FPMS Pre-Application Review & Testing Methodology / 2
FPMS System testing / 3
FPMS Application Review / 4
Network Security (DMZ & VPN) / 3
Parking Application Review / 3