Audit Committee – 31 October 2025
Internal Audit Progress Report 2025-26 (September 25)
|
Purpose |
For information |
|
Classification |
Public |
|
Executive Summary |
In accordance with the Global Internal Audit Standards in UK Public Sector this report presents the Internal Audit Progress Report to 30th September 2025.
The Internal Audit Progress Report, attached as Appendix 1, provides the Audit Committee with an overview and key updates of internal audit activity and assurance work completed in accordance with the approved audit plan. |
|
Recommendation(s) |
The Audit Committee are requested to note the Internal Audit Progress Report 2025-26 (September 2025). |
|
Reasons for recommendation(s) |
To keep the Audit Committee appraised of internal audit activity and key updates relevant to the discharge of the Committee’s role in relation to internal audit. |
|
Ward(s) |
All Wards |
|
Portfolio Holder(s) |
Councillor Jeremy Heron – Finance and Corporate |
|
Strategic Director(s) |
Alan Bethune, Strategic Director of Corporate Resources and Transformation. S151 Officer |
|
Officer Contact |
Antony Harvey Deputy Head of Southern Internal Audit Partnership 07784 265289 |
1. The mandate for internal audit in local government is specified within the Accounts and Audit [England] Regulations 2015, which states:
‘A relevant authority must undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes, taking into account public sector internal auditing standards or guidance.’
2. From 1 April 2025, the ‘standards or guidance’ in relation to internal audit are those laid down in the Global Internal Audit Standards (GIAS), Application Note: Global Internal Audit Standards in the UK Public Sector (Application Note) and the Code of Practice for the Governance of Internal Audit in UK Local Government. The collective requirements shall be referred to as the Global Internal Audit Standards in the UK Public Sector (the Standards).
3. The Southern Internal Audit Partnership have made all necessary adaptions to its processes, procedures and practices to ensure it is best placed to conform with these requirements with effect from 1 April 2025.
4. In accordance with proper internal audit practices (Global Internal Audit Standards in the UK Public Sector), the Chief Internal Auditor is required to provide a written status report to the Audit Committee, summarising:
o ongoing confirmation or otherwise regarding independence, and impairments [Standard 7.1]
o a summary of significant issues and escalation of matters of importance [Standard 8.1]
o overview and sufficiency of resourcing [Standards 8.2, 10.1, 10.2, and 10.3]
o communication of unresolved issues that fall outside of the Council’s risk tolerance [Standard 11.5]
o update on progress and any changes to the annual audit plan [Standard 9.4]
o internal audit performance measures [Standard 12.2]
o status of ‘live’ internal audit reports and status on the implementation of management actions [Standard 15.2].
5. Appendix 1 summarises the activities of internal audit for the period to 30th September 2025 and includes new performance measures for 2025-26 onwards. The progress report outlines the Southern Internal Audit Partnership are currently experiencing a higher than average level of vacancies. Whilst there may be some minor slippage in delivery whilst contingency arrangements are put in place, I remain confident that the internal audit plan will be sufficiently delivered enabling me to provide a timely annual conclusion report.
6. The report also provides an update on the Council’s progress with implementing actions that have been agreed following audits, including confirmation that all actions have been completed in respect of seven previous audit review areas.
7. The Council is responsible for establishing and maintaining appropriate risk management processes, control systems, accounting records and governance arrangements. Internal audit plays a vital role in advising the Council that these arrangements are in place and operating effectively. The Council’s response to internal audit activity should lead to the strengthening of the control environment and, therefore, contribute to the achievement of the organisation’s objectives.
Options appraisal
8. No alternative options have been considered as this report is a requirement under relevant legislation and standards.
Consultation undertaken
9. This report has been discussed with the Executive Management Team.
Financial and resource implications
10. The audit plan consists of 400 audit days including 18 audit days provided to the New Forest National Park Authority under the current Service Level Agreement. The Council’s budget for 2025-26 reflects these arrangements.
Legal implications
11. The statutory requirement for internal audit in local government is specified within the Accounts and Audit [England] Regulations 2015. Internal audit functions within the UK Public Sector must conform with The Global Internal Audit Standards in the UK Public Sector (the Standards). The Standards require the Chief Internal Auditor to provide a written status report to the Audit Committee providing an overview and key updates of internal audit activity and assurance work completed in accordance with the approved audit plan. This report provides the Audit Committee with the progress report to 30th September 2025.
Risk assessment
12. The audit needs assessment follows a risk-based audit approach taking cognisance of the Council’s risk register.
13. Failure to deliver an appropriate audit plan would increase the risk of failing within the Council’s service delivery.
14. Failure to complete management actions or to act on the initial findings during the audit process will likely increase the chances of a negative outcome and/or delay required improvements to the Council’s services.
Environmental / Climate and nature implications
15. There are no additional implications arising from this report.
Equalities implications
16. There are no additional implications arising from this report.
Crime and disorder implications
17. There are no additional implications arising from this report.
Data protection / Information governance / ICT implications
18. There are no additional implications arising from this report.
|
Appendices: |
Background Papers: |
|
Appendix 1 – Internal Audit Progress Report 2025-26 (September 25)
|
Internal Audit Plan 2025-26 Internal Audit Charter 2025-26 |