The report of the Head of Audit and Risk Management is enclosed.

The Committee considered the report of the Head of Audit and Risk Management which set out areas of potential risk and focus for 2020/21 and future years’ internal audit planning. The Committee also received a presentation that set out the context of the plan and identified potential areas of future risk within each area of council service.

The chair invited questions from the Committee.

In noting the areas of risk across the Council’s directorates, members referred to the resources available to undertake audit work and underlined the importance of focusing on areas that have most impact on the public in particular prioritising the welfare of people before other areas of services that are not frontline. Officers were referred to the issue of risk management and were requested to define what internal audit perceive as being a key risk. The point was also made that the lists shown in the report could be considered as being prioritised.

The Committee was informed that frontline services to residents is at the forefront of the audit plan, although it is necessary to balance this across areas such as the needs of residents, welfare and statutory requirements. Therefore, the audit of key systems of control, are in place to oversee these to ensure their governance is robust and working effectively. Members were informed that the lists in the report were not prioritised or in any order. The Corporate Risk Register will be refreshed and will be submitted to Audit Committee on 11 February 2020. The Annual Audit Plan will be submitted the following month and will include topics from the Risk Register as well as other issues.

A member referred to future changes in areas such as IT and new technology and officers were asked what preparations are in place to ensure there are resources with the right knowledge skills mix to meet new challenges.

The Committee was informed that investment is being made into increasing skills capacity in areas including data information systems, ICT and data analytics to identify patterns and improve efficiency. Staff training is in place to increase in-house skills and knowledge to meet new challenges. IT and new technology is recognised as a key growth area for audit and in some cases it may be necessary to procure external expertise when a particular skill mix is not available internally.

Members referred to the non-completion of the previous audit plans due to a lack of resources and asked officers how many staff vacancies are in Internal Audit and what preparations were in place to fill them. Also officers were asked if there are any areas that have not been identified as a priority that should be.

It was reported that there are currently three vacancies and interest is being sought to fill the vacancies, however the staffing arrangements may change and temporary resources may be brought in to ensure the audit work plan is achieved. A service review is ongoing and this will provide an assurance that resources will be available over the year to fulfil work demands.

In response to the issue of audit planning for the unknown, it was reported that essential areas such as statutory roles are monitored through key processes and systems to identify changes or the emergence of patterns. Changes in systems could include overspends or a rise in the number of complaints received in an area of service as well as intelligence gathered from internal and external sources. 

A member referred to the role of audit teams from other GM Authorities and asked if consideration had been given to individual authorities leading or specialising in a particular area or skill set.

It was reported that discussion has taken place with the other GM Authorities to co-ordinate working in collaboration and the sharing of resources for pieces of work. This collaborative approach is already taking place with audit work and audit colleagues in the health service.

Decision

To note the report and the comments received.