Agenda and minutes

To confirm the minutes of the meeting held on 28 October 2022 as a correct record.

That the minutes of the meeting held on 28 October 2022 be signed by the Chairman as a correct record.

To note any declarations of interest made by members in connection with an agenda item.  The nature of the interest must also be specified.

Members are asked to discuss any possible interests with Democratic Services prior to the meeting.

No declarations of interest were made in connection with any agenda item.

To note any issues raised during the public participation period.

There was no public participation at the meeting.

To consider the Internal Audit progress report for 2022/23.

The Panel considered the Internal Audit progress report for 2022/23.

The Panel noted that the audit plan consisted of 400 audit days including, 18 audit days provided to the New Forest National Park Authority under the current Service Level Agreement. The Council’s budget for 2022-23 reflected these arrangements.

The report provided a progress update on delivery of the 2022/23 audit plan and covered the following aspects:

·       The role of Internal Audit

·       Assurance Opinion Categorisations

·       Performance Dashboard including Stakeholder Satisfaction Survey results

·       Analysis of ‘live’ audit reviews with details of each audit sponsor

·       Planning and Resourcing

·       Rolling Audit Programme

·       Audit Reviews

·       Adjustments to the Audit Plan

As at end of December 2022, 46% of the Audit Plan was at least through to draft report stage.

Details were given on progress with actions highlighted in the reviews, which had been received since the agenda was published.  The Information Security Website actions had now been completed.  The lease income and charges actions had also been completed.

It was confirmed the Building Control actions were nearing completion.

It was confirmed that the deferred audit review of Programme and Project Management would be picked up again later in the year, once the key officers were in place.  Reassurances were given that projects were still being managed at the required standard.

The score of limited assurance on the use of agency staff had been fully aired at the September meeting, and recruitment continued to pose a challenge as the same market conditions persisted nationally.

The Committee were pleased to note the ‘Substantial’ assurance opinion relating to ‘Financial Stability – Medium Term Financial Planning and Budget Monitoring’.

RESOLVED:

That the report be noted.

To consider the Treasury Management Strategy 2023/24 to 2025/26 including the Annual Treasury Management Investment Strategy for 2023/24 (and the remainder for 2022/23), together with the Treasury Indicators.

The Committee considered the Treasury Management Strategy 2023/24 to 2025/26 including the Annual Treasury Management Investment Strategy for 2023/24 (and the remainder for 2022/23.) and the Treasury Indicators.

It was reported that the overall financial environment had changed significantly since the last report, with the latest inflation and interest rate backdrop.

Reference was made to Table 1, which summarised the Council’s financial position from a cash point of view. This showed an increase in Capital Finance Requirements and an increase in Capital Expenditure, to be financed through increased internal borrowing, which reduced available funds for investment.

There were at present no plans for external borrowing in the short term, but this was being kept under review. Longer term, there would be a need for external borrowing to finance the future capital programme.

RESOLVED:

That it be a recommendation to the Council that:

(a)   That the Treasury Management Strategy 2023/24 to 2025/26 including the Annual Treasury Management Investment Strategy for 2023/24 (and the remainder for 2022/23.), and the Treasury Indicators contained within Annex A to the report, be agreed.  

(b)   That authority be delegated to the Section 151 Officer, who in turn delegates to Hampshire County Council’s Director of Corporate Operations, as agreed in the Service Level Agreement, to manage all Council investments (other than the high yield investment portfolio) and borrowing according to the Treasury Management Strategy Statement as appropriate.

To consider a proposed Investment Strategy for 2023/24, including Treasury Management Investments and Property Investments.

The Committee considered the proposed Investment Strategy for 2023/24.

The Council currently held, and intended to increase, its exposure in a variety of Investments held in part for the purpose of generating additional income to the Council.

By producing this strategy report, the Council was following statutory guidance issued by the Government in January 2018.  The Investment Strategy incorporated all of the Council’s investment activities, which consist of:

·       Treasury Management Investments

·       Property Investments

The strategy considered the contribution made by these investments, the

security, the risk assessment process and liquidity.  The strategy also set out various performance indicators, designed to assist readers understand the implications of the Council’s investing activities on the general fund, and the forecast yields expected from the differing investment categories.

RESOLVED:

That it be a recommendation to the Council :

That the Investment Strategy for 2023/24, as set out in Appendix 1 of the report, be approved.

To receive an update relating to the Strategic Risk Register.

The Committee received a six - monthly update relating to the Strategic Risk Register.  (It was clarified that contrary to the report title, the report did not contain the Risk Management Policy on this occasion)

A number of updates were highlighted under each of the cross - cutting risks to the delivery of the current corporate plan.

The Chairman referred to Strategic Risk 5 and asked about the outcome of the work to ensure robust security measures to protect the Council’s data and assets from external threats.  It was queried how the inherent risk score could still continue to be high risk / high impact, when the mitigation work was on a rolling annual basis.  It was explained that the risk remained substantial and evolved as cyber attacks became more sophisticated, and local authorities were especially liable to attacks.  However, third party penetration tests and other work was regularly undertaken to reduce the likelihood and risk of a successful attack.

It was queried whether, as well as annually, penetration testing was undertaken when new ICT system were introduced.  Officers confirmed that security of new systems was of paramount importance as part of any implementation.  Officers would report back to the Committee in more detail on this matter. 

Whilst noting the measures in place to protect the Council’s ICT systems from external threat, a member queried what arrangements were in place to counter any potential internal threats, eg, perhaps from an unscrupulous member of staff misusing credit card data. It was explained that credit card data was not stored, and any related data was very robustly stored with very limited access.  It was also iterated that a key role of internal audit was to check for opportunities for internal threats.

RESOLVED:

That the report be noted.

To receive a summary of the Council’s use of its powers under the Regulation of Investigatory Powers Act 2000 (RIPA).

The Committee received a summary of the Council’s use of its powers under the Regulation of Investigatory Powers Act 2000 (RIPA).

The Council had not authorised any surveillance activities under RIPA since the last report to the Audit Committee in January 2022.

RESOLVED:

That the use made by the Council of its powers under RIPA be noted.

To consider the Audit Committee’s Work Plan.

The Committee noted its Work Programme.

Members noted that there was a possibility that the 24 March meeting might slip into April, depending on progress with External Audit work.

To agree the following dates of meetings (all at 9.30 am):

31 May 2023

28 July 2023

27 October 2023

26 January 2024

22 March 2024

RESOLVED:

That the following dates be agreed for Committee meetings in 2023/24:

31 May 2023

28 July 2023

27 October 2023

26 January 2024

22 March 2024