APPENDIX A
Internal Audit Progress Report 2024-25
July 2024
New Forest District Council
Contents:
|
1. |
Role of Internal Audit |
3 |
|
2. |
Purpose of report |
4 |
|
3. |
Performance dashboard |
5 |
|
4. |
Analysis of ‘Live’ audit reviews |
6-7 |
|
5. |
Executive summaries ‘Limited’ and ‘No’ assurance opinions |
8 |
|
6. |
Planning and resourcing |
8 |
|
7. |
Rolling work programme |
8-10 |
|
Annex 1 |
Adjustments to the plan |
11 |
|
|
|
|
1. Role of Internal Audit
The requirement for an internal audit function in local government is detailed within the Accounts and Audit (England) Regulations 2015, which states that a relevant body must:
‘Undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes, taking into account public sector internal auditing standards or guidance.’
The standards for ‘proper practices’ are laid down in the Public Sector Internal Audit Standards [the Standards – updated 2017].
The role of internal audit is best summarised through its definition within the Standards, as an:
‘Independent, objective assurance and consulting activity designed to add value and improve an organisations’ operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes’.
New Forest District Council is responsible for establishing and maintaining appropriate risk management processes, control systems, accounting records and governance arrangements. Internal audit plays a vital role in advising the Council that these arrangements are in place and operating effectively.
The Council’s response to internal audit activity should lead to the strengthening of the control environment and, therefore, contribute to the achievement of the organisations’ objectives.
2. Purpose of report
In accordance with proper internal audit practices (Public Sector Internal Audit Standards), and the Internal Audit Charter the Chief Internal Auditor is required to provide a written status report to ‘Senior Management’ and ‘the Board’, summarising:
· The status of ‘live’ internal audit reports;
· an update on progress against the annual audit plan;
· a summary of internal audit performance, planning and resourcing issues; and
· a summary of significant issues that impact on the Chief Internal Auditor’s annual opinion.
Internal audit reviews culminate in an opinion on the assurance that can be placed on the effectiveness of the framework of risk management, control and governance designed to support the achievement of management objectives of the service area under review. The assurance opinions are categorised as follows:
|
Substantial |
A sound system of governance, risk management and control exists, with internal controls operating effectively and being consistently applied to support the achievement of objectives in the area audited. |
|
Reasonable |
There is a generally sound system of governance, risk management and control in place. Some issues, non-compliance or scope for improvement were identified which may put at risk the achievement of objectives in the area audited. |
|
Limited |
Significant gaps, weaknesses or non-compliance were identified. Improvement is required to the system of governance, risk management and control to effectively manage risks to the achievement of objectives in the area audited. |
|
No |
Immediate action is required to address fundamental gaps, weaknesses or non-compliance identified. The system of governance, risk management and control is inadequate to effectively manage risks to the achievement of objectives in the area audited. |
3. Performance dashboard
|
Compliance with Public Sector Internal Audit Standards An External Quality Assessment of the Southern Internal Audit Partnership was undertaken by the Institute of Internal Auditors (IIA) in September 2020. The report concluded: ‘The mandatory elements of the International Professional Practices Framework (IPPF) include the Definition of Internal Auditing, Code of Ethics, Core Principles and International Standards. There are 64 fundamental principles to achieve with 118 points of recommended practice. We assess against the principles. It is our view that the Southern Internal Audit Partnership conforms to all 64 of these principles. We have also reviewed SIAP conformance with the Public Sector Internal Audit Standards (PSIAS) and Local Government Application Note (LGAN). We are pleased to report that SIAP conform with all relevant, associated elements.’
|
4. Analysis of ‘Live’ audit reviews
|
Audit Review |
Report Date |
Audit Sponsor |
Assurance Opinion |
Total Management Action(s) |
Not Yet Due |
Complete |
Overdue |
||||||
|
|
|
|
|
|
|
L |
M |
H |
|||||
|
Income Collection and Banking * |
Jun 21 |
SM (CSR&B) |
Reasonable |
4 |
0 |
4 |
|
|
|
||||
|
Cyber Security * |
Jul 21 |
ICTOM |
Reasonable |
8 |
0 |
8 |
|
|
|
||||
|
Lease Income and Charges * |
Aug 22 |
SM (E&V) |
Reasonable |
2 |
0 |
2 |
|
|
|
||||
|
Homelessness – Triage * |
Apr 23 |
SM (HO) |
Reasonable |
6 |
0 |
6 |
|
|
|
||||
|
Fleet Management (follow-up phase 2) |
May 23 |
SM (W&T) |
Reasonable |
9 |
0 |
7 |
|
2 |
|
||||
|
Identity Management (ICT) * |
May 23 |
ICTOM |
Reasonable |
6 |
0 |
6 |
|
|
|
||||
|
Engineering Works |
Aug 23 |
SM (C) |
Limited |
10 |
0 |
4 |
1 |
4 |
1 |
||||
|
Commercial Activities – Appletree Holdings |
Oct 23 |
SM (E&V) |
Substantial |
1 |
1 |
0 |
|
|
|
||||
|
NNDR |
Nov 23 |
SM (CSR&B) |
Reasonable |
4 |
2 |
2 |
|
|
|
||||
|
Open Spaces and Playground Safety Checks |
Dec 23 |
G&SM |
Limited |
12 |
0 |
5 |
|
5 |
2 |
||||
|
Housing Asset Management – Electrical Safety Checks |
Feb 24 |
SM (HM) |
Reasonable |
8 |
0 |
6 |
2 |
|
|
||||
|
Business Continuity |
Mar 24 |
SM (E&R) |
Reasonable |
2 |
2 |
0 |
|
|
|
||||
|
Transformation Programme – Governance Arrangements |
May 24 |
ADT |
Reasonable |
3 |
3 |
0 |
|
|
|
||||
|
Homelessness – Prevention and Relief |
May 24 |
SM (HO) |
Reasonable |
6 |
3 |
3 |
|
|
|
||||
|
Corporate Governance Framework – Fraud Framework |
May 24 |
SM (CSR&B) |
Reasonable |
5 |
5 |
0 |
|
|
|
||||
|
Accounts Payable |
Jun 24 |
FIN |
Reasonable |
5 |
5 |
0 |
|
|
|
||||
|
Animal Welfare Licencing |
Jun 24 |
SM (E&R) |
Reasonable |
6 |
6 |
0 |
|
|
|
||||
|
Procurement |
Jun 24 |
SPM |
Reasonable |
4 |
4 |
0 |
|
|
|
||||
|
Community Infrastructure Levy- Expenditure Framework |
Jun 24 |
SM (DM) |
Substantial |
1 |
1 |
0 |
|
|
|
||||
|
Housing Rent Reconciliations |
Jul 24 |
SM (HO) |
Reasonable |
5 |
5 |
0 |
|
|
|
||||
|
Housing Allocations |
Jul 24 |
SM (HO) |
Reasonable |
1 |
1 |
0 |
|
|
|
||||
|
IT – Contract Management * |
Jul 24 |
ICTOM |
Substantial |
2 |
0 |
2 |
|
|
|
||||
|
Total |
3 |
11 |
3 |
||||||||||
* Denotes audits where all actions have been completed since the last progress report
|
Audit Sponsor |
|
Audit Sponsor |
|
|
Chief Executive |
CX |
Assistant Director Place Development |
ADPD |
|
Communications Manager |
CM |
Service Manager (Development Management) |
SM (DM) |
|
Strategic Director Housing & Communities |
SDH&C |
Service Manager (Policy & Strategy) |
SM (P&S) |
|
Assistant Director Housing |
ADH |
Building Control Manager |
BCM |
|
Service Manager (Housing Maintenance) |
SM (HM) |
Climate Change Manager |
CCM |
|
Service Manager (Housing Options, Rents Support and Private Sector Housing) |
SM (HO) |
Strategic Director Corporate Resources & Transformation |
SDCR&T |
|
Service Manager (Strategy & Development) |
SM (S&D) |
Service Manager (Estates & Valuation) |
SM (E&V) |
|
Greener Housing Development Manager |
GHDM |
Service Manager (Customer Services, Revenues & Benefits) |
SM (CSR&B) |
|
Anti-Social Behaviour Manager |
ASBM |
Finance Manager |
FIN |
|
Tenant Engagement Manager |
TEM |
Strategic Procurement Manager |
SPM |
|
Rent, Accounting & Home Ownership Manager |
RA&HOM |
Assistant Director Transformation |
ADT |
|
Service Manager (Estate Management & Support) |
SM (EM&S) |
Service Manager (Human Resources) |
SM (HR) |
|
Service Manager (Environmental & Regulation) |
SM (E&R) |
ICT Operations Manager |
ICTOM |
|
Strategic Director Place, Operations & Sustainability |
SDPOS |
Data Development & Delivery Manager |
DDDM |
|
Assistant Director Place Operations |
ADPO |
Transformation & Improvement Manager |
T&IM |
|
Service Manager (Waste & Transport) |
SM (W&T) |
Assistant Director Governance & Monitoring Officer |
ADG&MO |
|
Service Manager (Coastal) |
SM (C) |
Service Manager (Democratic & Support Services) |
SM (D&SS) |
|
Environment Enforcement & Amenities Manager |
EE&AM |
Information Governance & Complaints Manager |
IG&CM |
|
Grounds & Streetscene Manager |
G&SM |
|
|
5. Executive Summaries of reports published concluding a ‘Limited’ or ‘No’ assurance opinion
No audits have concluded with a ‘Limited’ or ‘No’ Assurance Opinion.
6. Planning & Resourcing
The Internal Audit Plan for 2024-25 was agreed by EMT and approved by the Audit Committee in March 2024. The audit plan remains fluid to provide a responsive service that reacts to the changing needs of the Council. Progress against the plan is detailed within section 7.
7. Rolling Work Programme
|
Audit Review |
Sponsor |
Scoping |
Terms of reference |
Fieldwork |
Draft Report |
Final Report |
Assurance Opinion |
Comment |
|
2023-24 Audits (included within the annual report and opinion) |
||||||||
|
Procurement |
SPM |
ü |
ü |
ü |
May 24 |
Jun 24 |
Reasonable |
|
|
Accounts Payable |
FIN |
ü |
ü |
ü |
May 24 |
Jun 24 |
Reasonable |
|
|
Homelessness – Prevention and Relief |
SM (HO) |
ü |
ü |
ü |
Mar 24 |
May 24 |
Reasonable |
|
|
Animal Welfare Licencing |
SM (E&R) |
ü |
ü |
ü |
May 24 |
Jun 24 |
Reasonable |
|
|
2024-25 Audits |
|
|
|
|
|
|
|
|
|
Corporate / Governance Framework |
|
|
|
|
|
|
|
|
|
Corporate Plan / Performance Management |
ADT |
|
|
|
|
|
|
Q3 |
|
Transformation Programme |
ADT |
|
|
|
|
|
|
Q2-4 |
|
Corporate Governance Framework – Fraud Framework |
SM (CSR&B) |
ü |
ü |
ü |
May 24 |
May 24 |
Reasonable |
|
|
Corporate Governance Framework |
ADG&MO |
|
|
|
|
|
|
Q2 |
|
Programme & Project Management |
SDCR&T |
|
|
|
|
|
|
Q3 |
|
Budget Planning/Setting |
FIN |
ü |
ü |
ü |
|
|
|
|
|
Partnership Working – Town and Parish Councils |
ADPO |
|
|
|
|
|
|
Q2 |
|
Asset Management (Corporate Estate) |
SM (E&V) |
|
|
|
|
|
|
Q3 |
|
Information Governance – Data Retention/Records Management |
IG&CM |
ü |
ü |
ü |
|
|
|
|
|
Information Governance |
IG&CM |
|
|
|
|
|
|
Q4 |
|
Emergency Planning |
SM (E&R) |
|
|
|
|
|
|
Q4 |
|
Contract Management – Leisure Contract |
SDCR&T |
ü |
ü |
ü |
|
|
|
|
|
Health and Safety |
SM (HR) |
ü |
ü |
ü |
|
|
|
|
|
Risk Management |
FIN |
ü |
ü |
ü |
Jun 24 |
|
|
|
|
Human Resources |
|
|
|
|
|
|
|
|
|
HR – Statutory Responsibilities |
SM (HR) |
|
|
|
|
|
|
Q2-3 |
|
Core Financial Systems |
|
|
|
|
|
|
|
|
|
Housing Benefits |
SM (CSR&B) |
|
|
|
|
|
|
Q2 |
|
Payroll and Expenses |
SM (HR) |
|
|
|
|
|
|
Q3 |
|
Treasury Management |
FIN |
|
|
|
|
|
|
Q3 |
|
Information Technology |
|
|
|
|
|
|
|
|
|
IT – Contract Management |
ICTOM |
ü |
ü |
ü |
Jul 24 |
Jul 24 |
Substantial |
|
|
IT – Application Lifecycle Management |
ICTOM |
|
|
|
|
|
|
Q2-3 |
|
IT – Project Delivery |
ICTOM |
|
|
|
|
|
|
Q3-4 |
|
IT – Firewall Management and Monitoring |
ICTOM |
|
|
|
|
|
|
Q4 |
|
Portfolio Themes |
|
|
|
|
|
|
|
|
|
Housing Management – Right to Buy |
SM (HO) |
|
|
|
|
|
|
Q2 |
|
Housing Allocations |
SM (HO) |
ü |
ü |
ü |
Jun 24 |
Jul 24 |
Reasonable |
|
|
Housing Rent Reconciliations |
SM (HO) |
ü |
ü |
ü |
Jun 24 |
Jul 24 |
Reasonable |
|
|
Housing Asset Management – Voids |
SM (HM) |
|
|
|
|
|
|
Q3 |
|
Housing Asset Management – Lift Inspections |
SM (HM) |
ü |
|
|
|
|
|
Q2 |
|
Housing Asset Management – Gas Safety |
SM (HM) |
|
|
|
|
|
|
Q4 |
|
Housing Asset Management – Asbestos |
SM (HM) |
|
|
|
|
|
|
Q4 |
|
Housing Enforcement |
SM (HO) |
|
|
|
|
|
|
Q2 |
|
Community Infrastructure Levy Expenditure Framework |
SM (DM) |
ü |
ü |
ü |
May 24 |
Jun 24 |
Substantial |
|
|
Planning/Development Management |
SM (DM) |
|
|
|
|
|
|
Q4 |
|
Building Control |
BCM |
|
|
|
|
|
|
Q3 |
|
Environmental Services – New Waste Strategy |
ADPO |
|
|
|
|
|
|
Q2 |
|
Environmental Health |
SM (E&R) |
|
|
|
|
|
|
Q2 |
|
Licencing |
SM (E&R) |
|
|
|
|
|
|
Q4 |
|
Parking and Enforcement |
EE&AM |
ü |
ü |
ü |
|
|
|
|
|
Clean Streets – Enforcement |
EE&AM |
ü |
ü |
ü |
|
|
|
|
|
Cemeteries |
G&SM |
|
|
|
|
|
|
Q3 |
Annex 1 - Adjustments to the plan
|
Audit reviews added to the plan (included in rolling work programme above) |
Comment |
|
Corporate Governance Framework – Fraud Framework * |
Brought forward from 2023/24 as work in progress |
|
Information Governance – Data Retention/Records Management * |
Brought forward from 2023/24 as work in progress |
|
Contract Management – Leisure Contract * |
Brought forward from 2023/24 as work in progress |
|
Health and Safety * |
Brought forward from 2023/24 as work in progress |
|
Risk Management * |
Brought forward from 2023/24 as work in progress |
|
IT – Contract Management * |
Brought forward from 2023/24 as work in progress |
|
Housing Allocations * |
Brought forward from 2023/24 as work in progress |
|
Housing Rent Reconciliations * |
Brought forward from 2023/24 as work in progress |
|
Community Infrastructure Levy Expenditure Framework * |
Brought forward from 2023/24 as work in progress |
|
Parking and Enforcement * |
Brought forward from 2023/24 as work in progress |
|
Clean Streets – Enforcement * |
Brought forward from 2023/24 as work in progress |
|
Audit reviews removed from the plan (excluded from rolling work programme) |
Comment |
|
N/A |
|
|
|
|
|
|
|
|
|
|
* Proposed July 2024