Hertfordshire County Council

Internal Audit Annual Report 2010/11

INTRODUCTION

This is the annual report of the ‘Head of Audit’ required by the 2006 Chartered Institute of Public Finance and Accountancy (CIPFA) Code of Practice for Internal Audit in Local Government. The reportsummarises the performance of the function and, based on the work undertaken in-year gives the Head of Audit’s opinion on the overall adequacy and effectiveness of the organisation’s risk management systems and internal control environment, as a key source of supporting evidence for the Annual Governance Statement.

This Annual Report brings together, corporately and service by service, the main issues we have raised in the course of our 2010/11 audit work. Our programme of work was set out in the Internal Audit Plan 2010/11, approved by the Audit Committeeon 25 March 2010. However this has been a year of significant transition for the team with the retirement of the Chief Internal Auditor, a number of early retirements arising from Transformation Efficiency initiative and the introduction of a web-based Audit Planning and Monitoring system.

In addition a significant amount of preparation work required for the introduction of the Shared Internal Audit Service with 5 of the Hertfordshire District Councils was necessary. This is a major initiative for the service which will continue to impact on the service during 2011/12 but which is key to the improvement effort for internal audit in HCC, building on the new audit strategy agreed by the Audit Committee in December 2010.

All our audit work, whether planned or not, is subject to a risk assessment process, through which we try to ensure that we prioritise our workload appropriately. As a result of the above factors, and a critical review of the work programme there have been a number of deferred or cancelled audits whichwe agreed with the managers concerned and reported to Audit Committee in March 2011.

All of the audits summarised here have been formally reported to the relevant managers, and I would like to thank all of them for being receptive to our comments and recommendations. Where relevant, this report outlines their responses and agreed actions. We follow up all high priority recommendations to check on the implementation of these.

We are very grateful for the assistance that has been provided to us by management teams and staff throughout the Council and our Shared Managed Services partner during the year.

Helen Maneuf

Head of Assurance

June 2011

Tel.(01992) 555320

email

KEY GOVERNANCE MESSAGES

CORPORATE GOVERNANCE

The Accounts and Audit Regulations 2011 require an annual review of the system of internal control, the outcomes of which are integrated within the Council’s Annual Governance Statement. The Council is addressing the significant issues reported in the Statement.

We led on the review of governance and control which underpins the Statement, conducted in accordance with CIPFA guidance. Assurances were obtained in respect of the role of the following in maintaining and reviewing the effectiveness of the governance framework:

  • Monitoring Officer
  • Service Directors (including Service Assurance Statements)
  • External reviews
  • External Audit.

The review and the Council’s updated Statement of Corporate Governance, were scrutinised and approved by the Performance & Resources Officer Group (of Assistant Directors, chaired by the Director of Resources and Performance). The resulting Annual Governance Statement is being reported to the June 2011 Audit Committee, and will accompany the Council’s Statement of Accounts 2010/11.

INTERNAL AUDIT ASSURANCE STATEMENT

This Internal Audit Annual Report provides an independent opinion on the adequacy and effectiveness of the Council’s system of control, including in particular:

  • the key controls operating within and around the core financial systems
  • financial management in each Department and corporately
  • arrangements for the letting and monitoring of contracts
  • controls over information management and security.

In the opinion of the Head of Assurance, the above arrangements were adequate and effective in 2010/11, with sound controls in all key areas, including strengthened financial reporting, budget management and asset accounting.

This opinion is based on a programme of audit work which was delivered:

  • in accordance with the approved Internal Audit Plan, which in turn resulted from the systematic risk assessment of all auditable areas
  • by suitably experienced and qualified auditors
  • in accordance with the CIPFA Code of Practice for Internal Audit in Local Government.

INTERNAL AUDIT QUALITY ASSURANCE

A review of the system of internal auditin Hertfordshire County Council was completed by Deloittes. The review incorporatedthe statutory requirement for such an annual review, in compliance with guidance from CIPFA.

The components of thereview by Deloittes included:

  • assessment of compliance with CIPFA’s Code of Practice for Internal Audit in Local Government in the United Kingdom 2006 (“the CIPFA Code”)
  • feedback from auditees, Chief Officers and other key stakeholders.

Compliance with the CIPFA Code

The Deloittes review confirmed that Internal Audit is “largely compliant” with the CIPFA Code and identified areas where improvements could be made. The observations and resultant action plan in turn led to the Internal Audit Strategy which was reviewed and approved by the Audit Committee in December.

Feedback from auditees

Following every audit, the manager receiving the audit report was also sent a feedback survey form. The survey asked managers to rate the overall usefulness of their contact with Internal Audit, followed by a series of further questions covering the:

  • audit approach and understanding
  • audit communication
  • audit report
  • timing of the audit.

59surveys werecompleted during 2010/11. Rating of the overall usefulness of the audit contact was:

Score / Number of surveys / %
Excellent / 28 / 47
Good / 26 / 44
Just adequate / 5 / 8
Poor / 0 / 0
Totals / 59 / 100

WORK IN DEPARTMENTS

CHILDREN, SCHOOLS and FAMILIES (CSF)

OVERALL AUDIT STRATEGY FOR SCHOOLS

During the year we reviewed our strategy for audit in schools and gained the agreement of the Schools’ Forum to a fundamental change of approach to the audit of schools. The new approach will be risk based and be carried out on a sample basis, with learning shared across the school community. We will retain a focus on schools whose financial management is identified as causing concern.

The Department for Education has announced that the Schools’ Financial Value Standard will replace the Financial Management Standard in Schools from September 2011. The department has consulted schools and local authorities about the new Standard and their operation of it. We are therefore considering the implications for our revised approach to school audit, but our initial assessment is that this need not change.

SCHOOL RELATED AUDIT WORK

Re-assessment of schools against the DCSF Financial Management Standard in Schools (FMSiS) was the main focus of our work until well into the Autumn term, when the DCSF announced that the FMSiS was to be withdrawn. We then immediately modified our audit programme for schools to focus on the principles of sound financial management and continued this programme of work until the latter half of the spring term.

We also visited a small number of schools where the Schools Funding Unit had significant concerns about the completeness and accuracy of those schools’ year-end financial returns, including cases where certain schools have a history of poor returns. All were resolved satisfactorily.

We visited several secondary schools which converted to Academy status, to verify key assets and liabilities declared in their final accounts and thereby to provide assurance as to the accuracy of their final accounts at the point of conversion. We anticipate further visits of this nature in 2011/12.

We also input to a CSF working group looking at the issue of pre-schools receiving funding intended for providers in the voluntary, independent or private sectors which appeared to operate as an extension of the maintained school on whose site they occupied. The working group obtained the approval of the CSF Board to a change in policy to regularise some of these operations or to bring about the clear separation of the maintained school and pre-school where appropriate.

We collected (and reviewed for correctness) a year-end financial return from every school regarding its private or ‘fund’ account(s). With the need to focus future available resources on areas of greatest risk, we have decided to discontinue this practice from 2011/12 onward. We have advised schools of future requirements in this area.

IRREGULARITY INVESTIGATIONS IN SCHOOLS

During the year we undertook (preliminary) investigations of a handful of allegations received from, or concerns raised by, ‘whistleblowers’, or formal complainants, about issues of potential corruption, profligacy, conflicts of interest, personal gain, failure to follow ‘due procedure’, etc in certain schools. All such reports were treated seriously and investigated as appropriate.

OTHER CHILDREN, SCHOOLS AND FAMILIES DEPARTMENT AUDITS

CHILD LITIGATION UNIT

We were asked to comment on the arrangement between the ChildrenSchools and Families Department and the Child Litigation Unit (CLU) for the provision of legal services in applicable ‘Looked After Children’ cases, given the significant upward pressure on expenditure. We noted the helpful findings of a ‘Performance Clinic’ set up by the Director of CSF to examine the underlying factors and inter-dependencies between these, so as to identify strategies to improve the management of cases and their associated costs. A service level agreement is being introduced and we have agreed with CSF senior management that we will carry out a follow-up in the coming year to confirm that expected improvements have been achieved.

INTEGRATED CHILDREN’S SYSTEM

We provided moderate assurance around the continually developing Integrated Children’s System with suggested improvements in the areas of change control and business continuity.

COMMUNITY SAFETY

FIRE and RESCUE SERVICE PAYROLL

Our audit of the processing of payroll input for whole-time employees found that expected controls were in place and operating effectively.

SHARED OCCUPANCY OF PREMISES

We also examined the arrangements governing the shared occupancy of certain fire stations by the Ambulance Service and rental arrangements and have made recommendations relating to the formalisation of arrangements in this area.

EXTERNAL FUNDING

During the year we undertook (at the request of the Chief Fire and Rescue Officer) the audit of the expenditure of a major European Union (EU) funded civil emergency exercise lead by the Service: Exercise Orion. This required us to verify the expenditure incurred by the Hertfordshire Fire and Rescue Service and by the other bodies engaged in the exercise that made up the claim to the EU. Early in the year we were also asked to audit the expenditure on two capital expenditure grants made to the Service by central government.

FIRE SERVICE PENSIONS

The corporate audit of pension administration incorporated checks on some service employees within the sample testing undertaken. No problems were found in these cases. 25 Injury pensions will be reviewed as part of the National Fraud Initiative data matches testing.

Environment & Commercial Services

HERTFORDSHIRE HIGHWAYS

Our work around the implementation of revised procedures for Emergency and Planned Highways Maintenance Work found robust processes involving all stakeholders in place. We also provided moderate assurance with regard to use of the Highways Asset Management System where we suggested improvements as to how system issues are dealt with.

We reviewed banking and receipting practices for the area offices and recommended refresher training to reinforce controls around ensuring funds are correctly allocated.

In a piece of consultancy work requested by Hertfordshire Highways we reviewed the controls around awarding contracts for areas not covered by the core maintenance contracts. We were able to provide substantial assurance around the procedures in place but recommended that they be formally documented.

HERTFORDSHIRE ADVANCED PASSENGER SYSTEM

We were able to provide moderate assurance for the overall effectiveness of the management of risks in the Hertfordshire Advance Passenger System highlighting system access controls and business continuity management as areas that could be strengthened. All recommendations were accepted by management.

TAXI CONTRACTS

Our audit of the management of Taxi Contracts suggested that centralisation of the Council’s transport processes would help deliver best value and this was accepted by management.

RESIDUAL WASTE PROCUREMENT PROGRAMME

Following our work involving the Hertfordshire Residual Waste programme we provided substantial assurance on the effectiveness of the management of risks but recommended close liaison with the eventual preferred bidder to mitigate issues relating to the expected high profile planning matters.

HERTFORDSHRE BUSINESS SERVICES (HBS)

The COMPASS System used by HBS for its operational tasks, and the SCAM System used for the administration of schools meals were subject to IT related reviews and in both cases we provided full assurance on the controls in operation.

STRATEGIC PROCUREMENT

Our review looking at the work of the Strategic Procurement Group and their implementation of the new procurement strategy allowed us to provide substantial assurance on the implementation of this new approach.

Management have commenced areview of the monthly and single transaction limits for purchasing cards and will take action to enforce the policy.

ECONOMIC PARTICIPATION

We were able to give substantial assurance over control of the projects within the Economic Participation (EP) Programme which aims to improve employability and increase opportunities for individuals to participate fully in the economy.

HEALTH and COMMUNITY SERVICES

LEGAL CHARGES (ADULT CARE SERVICES)

Our review found that a project officer is in the process of dealing with cases relating to old legal charges in pursuit of the council's financial interests.

ADULT CARE SERVICES INFORMATION SYSTEM

We provided moderate assurance on the controls operating around the Adult Care Services Information Systemresilience testing;we acknowledge that the areas we highlighted as requiring attention are being addressed within the ongoing development of the system.

We were able to provide substantial assurance on processes relating to agreement of care packages by clients and Care Managers, on individual financial assessments and on the accuracy of resulting payments to providers.

RESOURCE ALLOCATION SYSTEM

We reviewed the new resource allocation system in Adult Care Services which uses a point scoring matrix to assess the level of financial support for both older people and people with physical disabilities. We were able to confirm the validity and integrity of the testing carried out to develop the matrix and we are satisfied that it is being correctly applied to both new and re-assessed clients.

LIBRARIES MANAGEMENT SYSTEM

We contributed consultancy and advisory services to the project to implement the new Libraries Management System

INVESTIGATIONS

We assisted in an investigation into allegations of fraudulent practice in respect ofpayments relating to the transportation of service users. The investigation has been referred to the police.

During the year we also investigated 4 cases of employee working practice irregularities which resulted in 2 dismissals, 1 disciplinary and 1 referral to the UK Border Agency.

The results from the National Fraud Initiative indicate that further work is necessary to improve control in respect of Blue Badges.

RESOURCES AND PERFORMANCE

Finance

BALANCE SHEET MONITORING

Monitoring arrangements now comply with Financial Regulations and include the production of quarterly trial balances and balance sheet reconciliations. Our review recommended that balance sheet codes be assigned to named officers and this information circulated to Finance Managers; we are please to report that this has been actioned. We also highlighted the need for a reconciliation of balance sheet accounts which have postings originating from revenue and cost accounts.

GENERAL LEDGER

Finance has agreed to implement our previously recommended enhancements to controls surrounding the posting of material journals to the General Ledger. Journaling protocols are being formalised and we will follow up the requirements of the clarified International Auditing Standards in respect of material journals and the required exception reports, particularly in respect of cash receipting journals in SAP where there is no functionality to ‘park and post’.

BUDGETARY CONTROL

We commend the work around strengthening controls in this area and we will continue to monitor efforts to ensure that all budgets have a responsible officer allocated on SAP and that profit centres that are no longer in use are locked within the system.

TREASURY MANAGEMENT

The main control within the Treasury Management procedures that requires attention, as highlighted in the last audit report, is the complete segregation of duties between dealing practices and accounting. This will be assessed as part of phase 2 Finance Transformation and the changes from the Shared Managed Service moves.We acknowledge that management were developing proposals around money market funds at the time of audit.

BANK RECONCILIATIONS

Previously reported matters around bank reconciliations have now been addressed as part of the shared managed services transition plan.

We recommended enforcement of the requirements that limit the number of cheque payments and not progress in this area.

WORK IN SUPPORT OF EXTERNAL AUDIT

Following the agreement of a working protocol with the External Auditors, we have undertaken systems documentation and walkthrough testing of identified controls within the significant financial systems.The key issues requiring attention arising from our compliance testing continue to be clearing of old suspense accounts and separation of duties for journals.

VALUATION OF ASSETS ACCOUNTING PROJECT

We carried out extensive data validation and substantive testing as part of the Audit Commission’s examination and evaluation of the Authority’s asset register and capital accounting procedures. This work revealed a number of minor discrepancies that necessitated amendments to the asset register.