CANTERBURY CHRIST CHURCH UNIVERSITY

MINUTES OF THE MEETING OF THE AUDIT COMMITTEE HELD AT 4.00PM ON THURSDAY 17 SEPTEMBER 2015 IN THE FREDERIC MASON ROOM

AT THE PRIORY

Present:Mrs Janice Shiner (Chair), Mr Julian Hills, Mr Quentin Roper,

Mr Steve Sutton

In attendance:Mr Paul Bogle (Clerk to the Governing Body)

Mr Mike Cheetham, Baker Tilly

Mr Andrew Ironside (Pro Vice-Chancellor [Resources])

Ms Anna Lancefield, Grant Thornton

Mr David Leah (Director of Finance)

Mrs Heather McCulloch (Committee Officer)

Mrs Karen Pilgrim (Assistant Director of Finance [Accounting and Regulatory Systems])

Mr Omer Tauqir, Grant Thornton

Professor Rama Thirunamachandran (Vice-Chancellor)

1.Apologies

An apology was received from Ms Ruth Martin.

2.Declarations of Interest

  • Mr Julian Hills noted that he is Mr Quentin Roper’s line manager.
  • Mr Quentin Roper declared an interest as a recently enrolled student of the University undertaking a Doctorate of Education. The Clerk noted that Mr Roper served as a Church-nominated member of the Governing Body in his capacity as Director of Education for the Canterbury Diocese.

3.Minutes of the Meeting held on 14 May 2015

The minutes of the meeting held on 14 May 2015 were agreed and signed as a true record.

4.Matters arising not appearing elsewhere on the Agenda

4.1Annual Follow Up Report and Annual Internal Audit Report

[Minute 204 refers]

The Director of Finance reported that Grant Thornton had been unable to complete the Annual Follow Up Report; the Report will now be completed by Baker Tilly and submitted to the November meeting of the Audit Committee, thus completing the schedule of audits for 2014/15.

The Annual Internal Audit Report 2014/15 had been completed by Grant Thornton and will be submitted as usual to the November meeting of the Audit Committee. As the outgoing Internal Auditor it was agreed by members of the Committee that Grant Thornton need not attend the November meeting.

NOTED

4.2Internal Audit Recommendations – Management Control Report [Minute 212 refers]

It was confirmed that a scheduled departmental review of the IT Department had been completed.

NOTED

4.3Minutes of the Meeting of the Data Integrity Group held on 24 February 2015 [Minute 220 refers]

There will be a presentation around the Canterbury Christ Church Process Improvement Programme prior to the November meeting of the Audit Committee; the meeting will now commence at 3pm.

NOTED

5.Audit Committee Terms of Reference [Paper H1]

Members of the Committee received Paper H1, the Audit Committee terms of reference. This was a standing item at the first meeting of the Committee in the new academic year to ensure that the terms of reference remained fit for purpose. The Clerk reminded membersthat last year’s terms of reference had been amended to increase the membershipto three independent Governors, in addition to the two co-opted members, to ensure compliance with mandatory CUC requirements. Independent Governors could not be staff or student Governors and could not sit on any other University committees.

There were no changes to this year’s terms of reference other than to the membership whereby Mrs Janice Shiner had been appointed as Chair, and Mr Quentin Roper had transferred from the HR Committee to the Audit Committee.

The Chair advised of her intention to continue with the practice of Committee members meeting with the Auditors during meetings without the presence of University officers.

NOTED

6.Draft Audit Committee Work Plan 2015/16 [Paper H2]

Members of the Committee received Paper H2, Draft Audit Committee Work Plan 2015/16, which was a new addition to the standing items at the first Committee meeting of the academic year and was welcomed by members as a useful planning document. As mentioned in an earlier item the Process Improvement Programme presentation will be added to the items of business for November. The Director of Finance advised that a briefing paper on TRAC will also be added to business for November.

NOTED

7.Risk Management Policy and Procedures [Paper H3]

Members of the Committee received Paper H3, the Risk Management Policy and Procedures. This was a standing item presented to the Committee at the start of the new academic year to ensure that the University’s risk management policy and procedures remained fit for purpose and by way of context for the work on risk management being undertaken by the University during the academic year ahead. A copy of the Statement of Risk Appetite which sat alongside the University’s Strategic Plan was attached for information.

The Committee discussed the Statement, in particular the appetite around financial risk. The outgoing Internal Auditor suggested that a future report reviewing changes in risk appetite, as a result of lessons learned from experience, would be helpful. The Pro Vice-Chancellor (Resources) added that a review of the financial KPIs would offer an opportunity to consider the University’s risk appetite.

NOTED

8.Annual VfM Report 2014/15 [Paper H4]

Members of the Committee received Paper H4, Annual VfM Report 2014/15. The Director of Finance acknowledged the contributions from a range of staff across the University and from the Process Improvement Programme team. The range of activities detailed represented a significant ‘snapshot’ of the full range of VfM activities. The Improvements and Efficiencies Steering Group had made a significant contribution to improvements in VfM but there was further work to be undertaken.

The Committee considered a Procurement Maturity Assessment table benchmarking the University’s performance against that of the sector across nine indicators; in 2015 the University had achieved parity or superiority over the sector in five out of the nine measures, a significant improvement on 2013 scores.

The Chair commented that it will be important to monitor progress closely on VfM activities; whilst it was clear that the University was making progress in this area, a more proactive approach may be required in the future as the sector was required to become more efficient with less public funding being available.

RESOLVED:

that Paper H4 be approved.

9.University Estate Master Plan High Level Risks [Paper H5]

Members of the Committee received Paper H5, University Estate Master Plan High Level Risks. Following approval of the University’s Estate Master Plan by the Governing Body in June, it had been agreed that asingle high level Master Planning risk, and the more detailed Project Risk Register including mitigating actions, would be presented to the September meeting of the Audit Committee.

An overarching risk relating to the Master Plan had now been produced and inserted into the University’s High Level Risk Register; within the Project Risk Register there were twelve high level ‘red’ risks and a number of amber and green risks. Mr Rob Thrower had been appointed Project Director and, together with the Director of Estates and Facilities, will own the majority of actions associated with delivery of the Master Plan. The Pro Vice-Chancellor (Resources) was the overall owner of the Master Plan risk. The role of the Audit Committee, as agreed as part of the future governance arrangements at the Governing Body meeting in June, was to review the risks associated with the Project. Moving forward updates would be provided to the Committee in the Vice- Chancellor’s termly report on risk management.

The Committee discussed the risks and one member asked about the return on the investment in the prison site. The Pro Vice-Chancellor (Resources) acknowledged the planning challenges associated with the historic prison site buildings, which had originally been earmarked for student accommodation. It had been decided that a better use for the historic prison quarter would be as a hub for student-facing activities, and the University was in the process of appointing architects to oversee the design. In parallel a development brief for the North Holmes Road campus was due to be submitted to the City Council in March 2016. The PVC (Resources) indicated that a return on the prison site investment was unlikely before 2018 at the earliest.

The Committee queried whether more could be done to speed up the process of risk mitigation. The outgoing Internal Auditor offered a helpful view with regard to how other universities presented their project risk registers. At the beginning of a project it was normal to carry a large number of red risks, but it was important to build in milestones at which to review progress; decisions could then be made at those points if the expected downgrading of risk had not materialised. The outgoing Internal Auditor will send an example to the University illustrating this approach.

The Chair welcomed this approach and requested that consideration be given to how the Master Plan Risks will be reported in the future.

NOTED

10.Draft Internal Audit Plan and Progress Report 2015/16 [Paper H6]

Members of the Committee received Paper H6, Draft Internal Audit Plan and Progress Report 2015/16. The Director of Finance informed the Committee that the incoming Internal Auditor had attended a meeting of the SMT this week and had agreed an approach to the Plan, and relevant timings, with individual members of the team. The Internal Auditor added that it had been a useful exercise in seeking to engage with members of SMT regarding both the scope and timings of the proposed audits.

The Internal Auditor confirmed that he will be overseeing the audit process, and that a newly appointed audit manager will be undertaking the detailed work. The Committee confirmed that it would like to receive the full audit report, and an executive summary provided with each report would be appreciated.

The Chair endorsed the importance of SMT engagement, particularly new members to SMT who may be unfamiliar with the process. Internal Audit worked in the interests of the University and was best viewed in this light.

NOTED

11.Internal Audit Progress Report 2014/15 [Paper H7]

Members of the Committee received Paper H7, Internal Audit Progress Report 2014/15, which completed the programme of audits as agreed at the previous meeting in May. The outgoing Internal Auditor detailed the summary findings as follows.

IT Information Governance

The Internal Auditor noted that responsibility for information governance was held across the University and not solely by the IT department. For the purposes of securing that level of engagement, the University had decided to set up an Information Governance Group in November 2014.

The report highlighted five key findings around the location and nature of the data held; assigning responsibility for the oversight of data to one group; assigning responsibility for information security to a specific member of staff; defining the University’s risk appetite around cyber security; and reviewing the implementation of the cyber security framework. Management had accepted the recommendations and had suggested that two members of staff be responsible for information security, one strategic and one operational.

The Clerk noted that he had not been consulted during this audit notwithstanding his SMT role as Chair of the Information Governance Group. Some of the findings recommended in the audit were already actioned or in progress and the ongoing management responses would need to reflect this.

Effective Assessment and Learning Resources

The audit received an amber rating with three ‘medium’ rated findings around the lack of set criteria for exceptions to the timely assessment policy; the lack of a mechanism for monitoring the timeliness and quality of feedback to students; and the lack of planning around an assessment schedule for combined honours students. Management had accepted, and was implementing, the recommendations.

Student Retention

The audit received an amber rating with one ‘high’ rated finding around a lack of adequate management information on retention and a lack of mechanisms in place to collate data that is timely, accurate and relevant for shaping strategies around student retention.

The Internal Auditor emphasised the importance of not only collecting the information on students at risk but on putting in place mechanisms that will prompt actions from the information collected.

The Vice-Chancellor noted that the drop-out rate at the end of the first year for students was of particular concern, and that management information should be used more efficiently to target such ‘pinch points’.

The Chair remarked that benchmark figures on student retention would be helpful.

Corporate Governance

The audit received a green rating with one ‘medium’ level finding around the quality of papers provided to Governors, though the audit recognised that much had already been achieved in this regard as part of the revised governance arrangements that had been introduced in 2013.

Effectiveness of Administering Access Agreements

The audit received an amber rating with five ‘medium’ level findings around the lack of a documented rationale for selecting activities set out in the Access Agreement and a lack of effective evaluation of those activities; limited engagement of the wider University community in the process; lack of management information on the success of the arrangements; limited analysis of the costs of administering the process; and a lack of awareness among staff regarding the University’s particular offer under the Agreement. Management had accepted the recommendations and work was ongoing to address the concerns.

Business Engagement and Management of Placements

The audit received an amber rating with one ‘high’ and two ‘medium’ rated findings around the lack of a coordinated approach or strategy for engaging with business; the lack of placements for students on courses outside of Education and Health and Wellbeing; and the lack of arrangements for managing placements where they did exist in the other faculties.

The Vice-Chancellornoted the importance of managing placements as part of the University’s core business.

Data Integrity – Student Revenue

The audit received a green rating with no recommendations.

NOTED

12.Internal Audit Recommendations – CCCU Management Control Report
[Paper H8]

Members of the Committee received Paper H8, Internal Audit Recommendations – CCCU Management Control Report. The Assistant Director of Finance (Accounting and Regulatory Systems) advised that this report enabled a regular review by management of progress towards implementing agreed audit recommendations, and provided the Audit Committee with assurances that agreed recommendations were being actioned in a timely and appropriate manner.

The report covered 19 recommendations across 10 audits; of these recommendations 9 had been fully completed and 10 partially completed with revised completion dates. The Assistant Director of Finance (Accounting and Regulatory Systems) acknowledged the unusually high number of recommendations that had not been fully completed, partly due to a number of changes in staff, and remained confident that she would be able to report further progress at the next Committee meeting in November.

NOTED

13.Minutes of the Data Integrity Group meeting held on 10 June 2015

[Paper H9]

Members of the Committee received Paper H9, the Minutes of the Data Integrity Group meeting held on 10 June 2015, for information.

NOTED

14.Extraordinary Meeting of the Data Integrity Group held on 10 September 2015 – HEFCE Data Audit [Oral Update]

The Pro Vice-Chancellor (Resources) updated Committee members with regard to a recent HEFCE Student Data Audit. The Audit had highlighted a number of significant issues in relation to the quality of student data. The main areas that had been identified related to the coding of student data and associated process issues. The Vice-Chancellor noted that the HEFCE Data Audit findings were not a surprise and many of the concerns had been identified in early 2014 leading to the appointment of a new Assistant Director (Planning and Student Numbers) who was making significant progress in addressing these issues. HEFCE had acknowledged the work which was already in hand. A remedial action plan had been developed which, it was acknowledged, will take some time to fully implement.

The Chair commented that the Process Improvement Programme presentation at the start of the next meeting will aid members’ understandingand view of the efficacy of the planned remedial action. It was also suggested that the proposed approach to the presentation of the Master Planning project risk could be used in this instance.

NOTED

15.Any Other Business

  • Information regarding upcoming audit seminars will be circulated to members of the Committee.
  • The Chair thanked Grant Thornton for its work during tenure as the University’s Internal Auditor.

NOTED

The meeting closed at 5.15pm.