Skip to content

H1 - do not remove

Agenda and minutes

Items
Note No. Item

27.

Apologies for Absence.

Minutes:

There were no apologies for absence.

 

The Chairman welcomed Matt Dean and Darren Wells from the Council’s external auditor Grant Thornton UK and noted the presence of the Strategic Director (Internal Services), the Financial Services Manager, the ICT Manager, the Counter Fraud Manager and the Principal Auditor in her role as Acting Audit Manager.

28.

Declarations of Interest.

To receive declarations of interest from Members, including the terms(s) of any Grant(s) of Dispensation.

Minutes:

There were no declarations of interest.

MD

29.

Confirmation of the Minutes of the meeting held on 6 September 2017 pdf icon PDF 108 KB

Minutes:

                        RESOLVED:

 

1.    That the Minutes of the meeting of the Board on 6 September 2017 be confirmed as accurate.

30.

References from Other Committees (IF ANY)

There are no references from other Committees at present for Audit Board Members to consider.

Minutes:

There were no references from other Committees.

31.

Cyber Security and Information Risk Guidance for Audit Committees pdf icon PDF 71 KB

This report considers the Cyber security and information risk guidance for Audit Committees published by the National Audit Office in September 2017 which identified key questions that should be asked and the answers as supplied by the ICT Manager, together with an appropriate action plan.

Additional documents:

Minutes:

The Chairman proposed that this item be taken in advance of other standard financial reports in the published agenda for the benefit of the ICT Manager.

 

The covering report from the Financial Services Manager (FSM) considered the guidance issued by the National Audit Office (NAO) in their published report of September 2017 - “Cyber Security and Information Risk Guidance for Audit Committees” (attached as Appendix A to the report). The NAO guidance identified key questions that should be asked by Audit Committees and the answers to those questions as supplied by the Authority’s Information and Communications Technology (ICT) Manager (attached as Appendix B to the covering report); the ‘10 Steps to manage Cyber Risks’ (completed and attached as Appendix C) together with the ICT Manager’s ‘Cyber Risk Action Plan’ (attached as Appendix D).

 

The FSM briefly summarised the constituent parts of his report and the appendices completed by the ICT Manager and suggested that questions of a technical nature be addressed to his colleague.

 

The Chairman proposed that given the high profile nature of the topic that the report and enclosures be distributed to all Members of the Council. He also sought confirmation from the ICT Manager that all Councillors would receive appropriate IT training and guidance to deal with the cyber issues and risks identified by the National Audit Office in their report (attached as Appendix A).

 

The ICT Manager advised the Board that the NAO guidance reflected an extension of what had been the Council’s IT policy over recent years regarding the increased cyber risks to information and data protection. He agreed that the NAO report and the Council’s responses [Appendices B-D] should be distributed to all Members of the Council for their guidance.

 

The Vice-Chairman noted that the 2013/14 audit of the Council’s IT Security remained incomplete [Item 9 Appendix A agenda p.53]. He asked how this fact corresponded to the assurances given by the ICT Manager in his responses to the NAO guidance, as contained in Appendices B, C and D to the covering report.

 

The ICT Manager acknowledged the concern and advised Members that the Council’s draft Information Security Policy was now with Senior Management and if approved, would be implemented by March 2018. His responses in Appendices B, C and D to the report reflected this expectation.

 

In response to a variety of further questions from Members the ICT Manager confirmed that:

 

  • The risk posed by cyber-attack to the delivery of Council services was acknowledged and being addressed;
  • The two most experienced and proficient members of the Council’s ICT team were primarily involved in preparatory work to avoid cyber-attacks but received support from the rest of the team. In the event of an incident in their absence, the ICT Manager would call on outside expertise [response to Q3 Appendix B agenda p.94];
  • The Council was considered a low-key target for cyber-attack [in comparison to national organisations] and the ICT team did not research or analyse who or which group might attack the Authority’s  ...  view the full minutes text for item 31.

32.

External Audit Update pdf icon PDF 47 KB

This report presents to the Board the Annual Audit Letter 2016/17, the External Auditor’s 2016/17 Certification Letter and the Audit Progress Report and Sector Update.

Additional documents:

Minutes:

The covering report from the Financial Services Manager (FSM) presented to the Board for consideration the following documents from the External Auditor Grant Thornton UK;

 

·         The Annual Audit Letter for 2016/17 (attached as Appendix A to his report);

·         The External Auditor’s 2016/17 Certification Letter (attached as Appendix B);

·         An Audit Progress Report and Sector Update (Appendix C).

 

The Annual Audit Letter (Appendix A) informed Members that following presentation of the 2016/17 Audit Findings report to the Board in September, the External Auditors had signed-off and published the Statement of Accounts on 7 September 2017 and that Grant Thornton’s work for the Council for the 2016/17 financial year was concluded. The separate and specific 2016/17 Certification Letter (Appendix B) was required to certify the Housing Benefit claims made by the Council and confirm fee scale for the claims work of £19,485 with no extra fees proposed. The Progress Report and Sector Update document (Appendix C) recorded the progress made by Grant Thornton in delivering their responsibilities for the 2017/18 financial year.

 

Matt Dean, Grant Thornton referred Members to the Certification Letter [agenda p.23] and confirmed a significant improvement in the claims work submitted by the Council over the previous year. No new errors had been found in 2016/17 and only two areas identified with issues from the previous year which did not require an increase in fees. In response to a specific question from the Chairman he confirmed, in relation to the Annual Audit Letter [agenda p.17 final column] that the discount rate used by the actuary Barnett Waddington was reasonable.

 

The Chairman thanked Mr Dean for his positive comments and all his work on behalf of the Council, prior to taking up new duties within Grant Thornton. 

 

                        RESOLVED:

 

1.    That Members note the Annual Audit Letter for 2016/17 as attached at Appendix A to the report;

 

2.    That Members note the contents of the External Auditor’s 2016/17 Certification Letter as attached at Appendix B to the report;

 

3.    That Members note the Audit Progress Report and Sector Update attached at Appendix C to the report.

 

 

33.

Counter Fraud Team Update Report pdf icon PDF 86 KB

This report provides Board Members with details of the work carried out by the Counter Fraud Team in the period 1 April to 31 December 2017.

Minutes:

The report from the Counter Fraud Manager (CFM) provided Members with details of the work carried out by the Counter Fraud Team in the period 1 April 2017 to 31 December 2017 (attached as Appendix A to the report).

 

The CFM proposed that he reprise the highlights achieved by his Team in the period under review which had completed a second year working as part of the joint Revenue and Benefits operation for Dartford and Sevenoaks Councils. Highlights had included:

 

  • Reaching the Year 2 annual savings target meant that a 3rd year of external funding would be received. Funding had been utilised to purchase the latest technology to review the 14,000 Council Tax Single Person Discount awards made by Dartford Council with an estimated annual value of £5 million;

 

  • Working relations and links to the Revenues & Benefits team based at Sevenoaks Council had been deepened and co-working improved even further with a 3 fold increase in Council Tax fraud referrals;

 

  • The system of Civil Penalty Schemes was working well with an increased emphasis on the need to report changes in circumstances by applicants to enable the Council to award/pay the  correct levels of Council Tax discounts/benefit;

 

  • New credit reference data technology was now being utilised by the Team to support both Council Tax and Benefits staff to locate debtors who have absconded and to recover outstanding monies.

 

In response to specific questions from Members the CFM advised that:

 

 

  • A ‘zero tolerance’ approach was adopted by both Councils across all sectors of potential fraud including Business Rate fraud;

 

  • The Business Rate Team already had in place systems to detect businesses which were not currently paying the tax correctly. The Counter Fraud Team had supplemented that work by running various data-match initiatives with the aim of identifying further Business Rate (BR) fraud. One such exercise included matching BR data for Dartford and Sevenoaks against data held by the Charity Commission. That exercise had revealed no monetary errors to date and a very high level of assurance in Business Rates accounts, where charity relief had been applied;

 

  • The Team was well served in terms of existing skills, but further training was always under consideration to enable the performance envelope to be pushed even further.

 

The Chairman asked the CFM to pass the Board’s thanks and congratulations to his Team for their performance in the period under review.

 

                        RESOLVED:

 

1.    That Members note the content of the report and Appendix A detailing the work of the Counter Fraud Team in the period under review.

 

34.

Progress Report on Internal Audit Annual Plan 2017/18 pdf icon PDF 49 KB

This report provides Members of the Board with information regarding the progress made by the Internal Audit Team in delivering the Annual Internal Audit Plan for 2017/18.

Additional documents:

Minutes:

The report and Appendices from the Acting Audit Manager (AAM) provided Board Members with information regarding the progress made by the Internal Audit Team in delivering the Annual Internal Audit Plan 2017/18.

 

She advised that since publication of the report [Agenda pages 45-50] the total of audit reports completed had risen to 19 the highest total achieved by the Internal Audit Team during an annual cycle. An auditor vacancy still existed and she continued to act as both Principal Auditor and Acting Audit Manager.

 

In the absence of any questions from Members, the Chairman congratulated the Acting Audit Manager and her Team on an excellent performance and asked that the Internal Audit Team as a whole be invited to a future meeting of the Board to meet Members.

 

 

                        RESOLVED:

 

1.    That Audit Board Members note the contents of the report and Appendices and the progress made by the Internal Audit Team against the delivery of the 2017/18 Internal Audit Plan;

 

2.    That Members meet the Internal Audit Team at a future meeting of the Board.

 

35.

Review of Internal Audit Recommendations - Progress Report pdf icon PDF 48 KB

This report is to update Members on progress with the implementation of recommendations agreed with Management during 2017 and to report on the outstanding recommendations that were due to be implemented by 30 November that year.

Additional documents:

Minutes:

This standard report updated the Board on the progress made in implementing recommendations agreed with Management during 2017. Appendix A reported on action taken to date and further proposed action on outstanding recommendations due to have been implemented by 30 November 2017.

 

The outstanding Audit of IT Security 2013/14 [Appendix A agenda p.53] was discussed by Members together with Item 12 - Cyber Security and Information Risk Guidance for Audit Committees [Min. No. 31 refers].

 

There were no other comments from the Board on the remainder of the contents of Appendix A.

 

                        RESOLVED:

 

1.    That Board Members note the reasons for delayed implementation of the audit recommendations as set out in Appendix A to the report;

 

2.    That Members endorse the revised dates for implementation of outstanding audit recommendations provided by Management as noted in Appendix A.

 

36.

Audit Reports Issued Since Last Meeting of the Board pdf icon PDF 56 KB

This report is to inform Members of the outcomes of audits completed since the previous report to the Board on 6 September 2017 and to provide the Committee with the opportunity to request clarification or further information, if considered necessary.

Additional documents:

Minutes:

This report and Appendices informed Members of the outcomes of the audits completed since the previous report to the Board on 6 September 2017 and provided Members with the opportunity to request clarification or further information, as necessary.

 

The Acting Audit Manager (AAM) highlighted the fact for Members that all 11 (eleven) Audits listed for review had been completed and given either Full or Substantial Assurance Opinions.

 

The Shadow Board Chairman acknowledged these re-assuring outcomes for the audit reviews undertaken which, for the majority of topics, were self-explanatory. However, the Substantial Assurances awarded to the reviews for Audit 3 - Homelessness Prevention Grants 2017/18, Audit 8 – Strategic Transport Infrastructure Programme 2017/18 and Audit 10 – CCTV 2017/18 was not so apparent to him.

 

The AAM advised Members that in the case of Audit 3 – Homelessness Grants Scheme the Substantial Assurance Opinion related to satisfaction over the Council’s processes for awarding grants under the Scheme. In the case of Audit 8 – Strategic Transport Infrastructure Programme, the size and many facets of the topic dictated that the audit review focused on the Dartford Town Centre Transport Scheme as an identified risk to the Council. With regard to Audit 10 – CCTV 2017/18 the focus of the review had been on whether the existing CCTV arrangements in place were ‘fit for purpose’ to meet the ‘outcomes’ identified by the Council.

 

Following further general discussion of the format of Appendix A with Officers, Members concluded that an additional ‘Summary’ column for each audit undertaken regardless of the ‘Opinion’ awarded would be useful.

 

The Strategic Director undertook to consider this request with the Acting Audit Manager.

 

                        RESOLVED:

 

1.    That Members note the contents of the report and Appendix A as submitted and the definitions for Audit Opinions as set out in Appendix B to the report. 

 

37.

Selective Invoice Checks pdf icon PDF 60 KB

During the September 2017 meeting of the Board Members selected five (5) creditor payments for checking. This report summarises the findings of that exercise and provides the opportunity for Members to select [5] further payments for audit checking.

Minutes:

At the last meeting of the Board on 6 September 2017 Board Members selected 5 (five) creditor payments for checking. This report advised Members of the outcome of that exercise.

 

The results of the review by the Internal Audit confirmed that all the spend decisions taken in respect of the creditor payments selected by Members for checking were appropriate and in compliance with Council procedures, as detailed in the report.

 

Members selected a further 5 (five) creditor payments for Internal Audit examination and subsequent reporting to the Board in April.

 

 

                        RESOLVED:

 

1.    That Members note the contents of the report;

 

2.    That a further 5 (five) creditor payments be selected by Members for checking by Internal Audit and that the outcome of that exercise be reported to the Board at its next meeting in April.

 

38.

Future Appointment of External Auditors: Update pdf icon PDF 58 KB

This report provides an update on the appointment of the External Auditor from 2018/19 onwards.

Minutes:

The report from the Strategic Director (Internal Services) updated Board Members on the appointment of external auditors for the 2018/19 financial year.

 

The Strategic Director confirmed the appointment of Grant Thornton as the Council’s External Auditor’s for a period of five years from 2018/19. She reminded Members of the process undertaken to make the appointment, as previously agreed by the Board, and detailed in paragraphs 3.1 to 3.7 of her report [agenda pages 99/100].

 

She advised that the appointment of Grant Thornton from 2018/19 onwards had been supported by the Council and would provide good continuity with the existing arrangements. The company’s appointment in a similar capacity across all Kent authorities would also benefit Dartford in the assessment of its shared services with other Councils.

 

The proposed reduction in the scale of fees proposed for 2018/19 due to be published in March 2018 [report para 3.8 agenda p. 100] was welcomed. It was also proposed that Grant Thornton be appointed to undertake the audit of the Council’s Housing Benefit Subsidy claim work for 2018/19 [report para 3.9 agenda p. 100] and a separate fee for that work would be advised to the Board in due course.

 

 

                        RESOLVED:

 

1.    That Members note the formal appointment of Grant Thornton as the Council’s external auditor from 2018/19 for a period of 5 (five) years;

 

2.    That Members note the proposal to appoint Grant Thornton to undertake the Council’s Housing Benefit Subsidy claim work for 2018/19 at a fee to be agreed separately and notified to the Board in due course.

 

39.

PricewaterhouseCoopers Follow Up Review of the Internal Audit Service pdf icon PDF 59 KB

This report provides Members with an update on the findings of the PricewaterhouseCoopers follow - up review.

Minutes:

This report from the Strategic Director (Internal Services) provided the Audit Board with an update on the draft findings of PricewaterhouseCoopers (PWC) follow-up review of the Council’s Internal Audit Service.

 

The Strategic Director reminded Members that the original review by PWC in 2015 had assessed the Council’s Internal Audit service as ‘Good’ but in need of a number of improvements to processes and procedures. In particular a need to:

 

·         Strengthen the Internal Audit relationship with management to ensure their needs were understood and to provide assurance over the Council’s key issues and risks;

 

·         Modernise the IA service in response to changings in local government and to find innovative ways of working, to add real value to the Council as an organisation.

 

An action plan had been developed to address the issues identified in the PWC Review, but following the departure of the Audit, Risk and Anti-Fraud Manager, Senior Management had decided to commission PWC to undertake a follow-up review to ascertain what progress had been made against that action plan and what further improvements were required.

 

The follow-up review by PWC had not yet issued in final form, but the draft findings had been discussed by Management. Highlights included:

 

·         Good progress had been made to implement recommendations raised in respect of quality assurance and performance management;

 

·         A new software system ‘Teammate’ had been implemented by IA and the team needed to ensure they fully utilised the functionality of the new system going forward;

 

·         Improvements had been made by the Acting Audit Manager in the communication and reporting of audit findings to management, but key stakeholders remained unclear on the ‘value added’ element of the IA service. A vision needed to be developed to ensure a clear understanding of what IA could deliver and what the Council wanted from the Service going forward: at present there was still too much emphasis on ‘compliance testing’. Instead, IA needed to be at the beginning of projects, helping to contribute to their success rather than coming in at the end;

 

·         Overall, perception of the IA service had improved with positive feedback on the management of the Audit Plan and the timeliness and delivery of audit reports. But stakeholders retained concerns over the ability of the IA team to provide real insight into complex areas of the Council’s operations. A skills assessment of the current IA team would be undertaken and a schedule of training implemented to help meet the value-added aspirations desired from the IA team;

 

·         An Audit Needs Assessment was now undertaken annually to ensure current and emerging risks were identified and reflected in the annual audit plan. The Acting Audit Manager was liaising with wider management to ensure that there was a clear understanding of the Council’s key risks and to ensure IA provided assurance where needed;

 

·         Management would now give careful consideration to all the findings in the PWC follow-up review and develop an action plan to address the gaps identified, for presentation to the Audit Board for  ...  view the full minutes text for item 39.