Agenda and minutes

Corporate Affairs and Audit Committee - Wednesday 6th April, 2022 3.30 pm

Venue: Council Chamber

Contact: Susan Lightwing 

No. Item


Welcome and Evacuation Procedure


The Chair welcomed all present and read out the Evacuation Procedure.


Declarations of Interest

To receive any declarations of interest.


There were no declarations of interest received at this point in the meeting.


Boho X - draft findings and proposed management response pdf icon PDF 225 KB


A report of the Director of Legal and Governance Services (Monitoring Officer) was presented to set out the draft findings from the internal audit on the project management of Boho X and the proposed management response.    The report set out proposed actions to improve programme and project governance across the Council in the light of the findings of the audit, subject to further comment from the Committee.


The Chair reminded Committee Members that the aim of presenting the report to Committee was for Members to recommend ways to strengthen policy and procedures.  Any questions that strayed into areas that were more appropriate for Standards Committee would not be permitted.  The Monitoring Officer added that this was an opportunity for the Committee to consider the findings of internal audit review and investigation, monitor the implementation of recommendations and ensure that effective systems were in place that would underpin and ensure high standards.  The Committee was requested to note the findings of the draft internal audit report on the project management of Boho X and the proposed management responses and consider whether it wished to make further comment on the issues raised by the audit and the proposed actions.


Following discussions with the Chair and Vice Chair of Corporate Affairs and Audit Committee, and direction from the Committee at its meeting on 15 October 2020, the Director of Finance and Director of Legal and Governance Services commissioned an internal audit review of project management of the Boho X project.  Group Leaders were also consulted on the scope of the audit.


The plan for the Boho X building had seen one significant change since the start of the project.  It was agreed by the Executive in March 2020 that Boho X would be a 20 storey office development with 100,000 square feet of floor space (plan A).  In August 2020 the design of Boho X was reviewed and the downsizing of the building to six storey, 60,000 square feet development was subsequently initiated (plan B).  The project was the responsibility of the Regeneration and Culture Directorate.  The original sponsor was the then Executive Director of Growth and Place, moving to the Head of Economic Growth on the former’s compulsory redundancy.  The Council expected to let Boho X in its entirety for ten years in the near future.


The purpose of the audit was to provide assurance to management that procedures and controls within the system ensured that:


·         The project had used and met the requirements of the established Project Management Framework in operation at the Council.

·         Meetings and communications directing the design and development of the project were carried out in line with proper procedures and fully recorded.

·         Decisions relating to the project had been taken, recorded, published and communicated in line with the Council’s Constitution (including the Scheme of Delegation).

·         Key information relating to the project was available and had been retained to support decisions.

·         There were appropriate project governance arrangements in place including processes for managing project risk.


The auditor’s key  ...  view the full minutes text for item 21/54


Performance and Risk Annual Assurance report pdf icon PDF 1 MB


A report of the Director of Legal and Governance Services (Monitoring Officer) was presented to outline the Council’s approach to performance and risk management, to summarise activity in the past year and planned activity for 2022, and to provide the Committee with assurance that the Council had robust arrangements in place for these disciplines.


The Council’s approach to these disciplines was articulated within the following policies:


               Performance Management Policy.

               Programme and Project Management Policy.

               Risk and Opportunity Management Policy.


In February 2020, revised versions of these policies were approved by the Executive to maximise their impact on the Council’s strategic aims and priorities, as set out within the Strategic Plan.  It was noted at the meeting that the date of approval of the Strategic Plan by Executive was 27 May 2021 and not 11 May 2021 as stated in the submitted report.  The revisions better aligned and integrated the process underpinning these policies and improved their relationship with financial management procedures, and aimed to better exploit the solutions provided by the Council’s digital and information strategies to promote real-time and more effective management. These policies were further embedded during 2021.


Details of the arrangements in place to manage performance and risk management within the Council, progress in the past year, and plans to further strengthen arrangements were provided in paragraphs 5 to 38 of the submitted report.


The following areas were highlighted at the meeting:


  • Significant work was undertaken in the year to improve Directorate and strategic performance management, with the implementation of a monthly performance review cycle using an integrated performance dashboard drawn from a range of feeder systems which recorded different aspects of corporate performance. Screenshots from this dashboard were included at Appendix 1 to the submitted report for reference.


  • A performance cycle had been put in place and embedded in a dynamic way to present information to senior managers throughout the organisation on the state of Executive actions, Directorate priorities, the Council’s portfolio of programmes and projects, compliance indicators eg completion of audit actions Directorate and strategic risk registers.


  • While COVID-19 had continued to be disruptive in terms of planned performance, a number of significant achievements have been made in line with the Council’s Strategic Plan Workplan, and these had been reported to the Executive and Overview and Scrutiny Board on a quarterly basis.


  • Over the past year there had again been a strong focus on improving the use of performance data within Children’s Services and embedding a strong performance management culture within the service, which have been recognised and commended by the Government-appointed Commissioner and the Department for Education.


  • The PPMF had been strengthened and updated in response to the audit of the Boho X Project.  The current portfolio around wider compliance had been reviewed.


  • During 2020 the Council’s risk appetite was refreshed reviewed and revised to bring it in line with the Council’s current financial standing so that risks are being captured and scored in line with this. All risk  ...  view the full minutes text for item 21/55


Business Continuity Annual Assurance report pdf icon PDF 430 KB


A report of the Director of Legal and Governance Services (Monitoring Officer) was presented to outline the Council’s approach to business continuity management, including testing and summarise activity in the past year and planned activity for 2022, in order to provide the Committee with assurance that the Council had robust arrangements in place, as required by the Civil Contingencies Act 2004.


The Council did not publish its business continuity plans as they outlined sensitive information around its critical functions and their recovery that could be misused.  They also contained personal information relating to employees who had agreed to share personal contact details to enable the Council to get in touch with them quickly in the event of an incident. 


The Council had the following plans in place to respond to the variety of events that could occur:


·         Corporate Business Continuity Plan.

·         supporting Departmental Business Continuity plans.

·         Relocation Plan.

·         ICT Disaster Recovery Plan.

·         Fuel Plan.

·         Coronavirus Pandemic Plan.

·         Flu Pandemic Plan.


The Council tested its plans at least once every twelve months, or produced a lessons learned report if a live incident had occurred during the past year.  As such, due to COVID-19 a test was not undertaken in 2021.  The opportunity had also been taken to identify lessons learned from the recent lockdown of several council buildings in response to a reported threat.


In a normal planning cycle, business continuity plans were updated every six months, and reviewed on an annual basis (May and November) with the scale of the review, dependent on the level of organisational change that had occurred in the intervening period.  In some years this meant that only minor updates were required, in others fundamental reviews would be required to reflect changes to the Council’s structure or other significant developments, for example, where services had been outsourced, or brought back in house. 


A Business Continuity Improvement Plan was developed in 2021/22, covering training, documentation, communication, equipment and location arrangements.  Progress on this plan was reported to Risk Management Group on a quarterly basis.


During 2022/23, further work would be undertaken to build on progress made within the previous improvement plan as part of the Council’s commitment to continual improvement in business continuity planning.


AGREED that the information provided was received and noted.



Any other urgent items which in the opinion of the Chair, may be considered


The Chair reminded Committee Members to forward any further suggestions for Annual Internal Audit Work Programme 2022/2023 to the Monitoring Officer or Democratic Services Officer by Friday 8 April 2022.