Agenda item

INTERNAL AUDIT ANNUAL REPORT 2018/19 - 20:25 - 20:35

To receive a report from the Director of Law & Governance presenting the Internal Audit Annual Report 2018/19.

(Report No.28)


RECEIVED a report from the Director of Law and Governance, presenting the Internal Audit Annual Report 2018/19.




1.    The report was presented by Gemma Young (Head of Internal Audit & Risk Management).

2.    This year, the team had covered 60 subject areas and Gemma Young was satisfied that enough internal audit work had been undertaken to allow her to give an opinion of the advocacy and effectiveness of governance risk management control.

3.    The audit opinion for 2018/19 is that reasonable assurance can be placed on all these areas. Overall, a reasonable assurance is quite an achievement given the budgets and external factors.

4.    As detailed at page 74 of the report, the 2018/19 Internal Audit Assurances were 6% - substantial, 47% - Reasonable, 38% - Limited and 9% - No Assurance. This was only part of the basis for Gemma Young’s audit opinion.

5.    As detailed at page 175 of the report, issues identified from the 2018/19 audits were 0% - Critical, 14% - High, 43% medium and 43% Low.

6.    As detailed at the table on page 175, progress with management actions were 73% of high-risk actions and 72% of medium risk actions had been implemented. A slight deterioration from last year. The actions that were not implemented were all in progress and none were marked as ‘not implemented’.

7.    There was a reduction of 11 audit reviews from the agreed audit plan but 19 new assignments were added. On the subject of training and members referring matters to Gemma Young, members were encouraged to let Gemma Young know if they had any areas of concern, whether that be their own observations or through their constituents.

8.    As at the end of March 2019, the team had delivered 100% of the internal audit plan against the target of 95%.

9.    Through the year, Gemma Young had attended the Assurance Board, EMT meetings and many departmental meetings.

10. Internal Audit activity had conformed to the Public Sector Internal Audit Standards (PSIAS). There would be another independent review this year and would be reported back to the committee once it has been carried out by CIPFA.

11. The following questions and queries raised in response to the report:

a.    Councillor Barry was surprised with some of the audit findings and asked how normal that was or whether financial constraints were pushing some of these findings up. Gemma Young clarified that this was in line with other Local Authorities in London. The team try and work with officers to make reasonable recommendations that contain the main areas of risk. However, when key officers leave the Council, some areas do fall down.

b.    Councillor Barry enquired what sort of tracking  system the team use to follow up on recommendations so as to ensure they are dealt with and what processes does the section have. Gemma Young clarified that in terms of following up with recommendations made, the team follow up all the medium and high-risk recommendations. Recommendations not Implemented are bought to the Assurance Board, chaired by the Chief Executive and attended by the monitoring officer, Head of Legal and Head of Internal Audit. Officers are questioned on the non-implementation of recommendations, what their action plan is to implement and what the suitable date would be for the team to re-visit to see if recommendation has been implemented or not. The team using a tracking system which produces weekly reports so the team can see immediately which recommendations are red or green. This is taken very seriously.

c.    Councillor Barry requested that risks to health and Safety i.e. residents, people in care, children coming out of care, children’s playgrounds, etc. should be brought to the Committee as well as financial risks. To see receive feedback, how they have been dealt with, what was learnt, etc. Gemma Young agreed and would include those in the report, particularly the high-risk ones.

d.    Councillor Gunawardena referred to funding cuts that have unseen consequences on resources.  How would the team have mitigated those unseen consequences due to funding cuts’? Fay Hammond clarified that the Council did not necessarily want a huge audit team, with there being so many controls in place within the organisation that it stopped you from doing your work. There is a balance here. Gemma Young would describe that as the risk appetite for the organisation. If every audit was substantial, Gemma Young would think ‘are we over controlling the organisation’. It is good to see a few areas that are outstanding. This was about how much we tolerate.

e.    Councillor Barry referred to the ethical standards audit, as detailed on page 187 of the report, and confirmed that there is a high risk finding on the code of conduct in terms of officers’ declaration of interests. Gemma Young clarified that this audit covered officers’, but they did have a Members’ ethical standards audit which would be in Audit Plan. The team would be looking at declaration of interests at meetings and ensuring these have been declared and up to date. This would also be applied to officers’ as well. These would come to the committee every quarter.


AGREED to note the work completed by the Internal Audit team during 2018/19, the key themes and outcomes arising from this work and the Head of Internal Audit and Risk Management’s annual audit opinion on the system of internal control for the Council.


Supporting documents: