Venue: Mandela Room
Contact: Susan Lightwing
Welcome and Evacuation Procedure
The Chair welcomed all present to the meeting and read out the Building Evacuation Procedure.
Declarations of Interest
any declarations of interest.
no declarations of interest received at this point in the meeting.
A report of the Interim Head of
Strategy, Governance and Information was presented to outline the Council’s
approach to performance and risk management, to summarise activity in the past
year and planned activity for 2023 to provide the Committee with assurance that
the Council had robust arrangements in place for these disciplines.
The Council’s approach to these
disciplines was articulated within the following policies:
Performance Management Policy.
Programme and Project Management Policy.
Risk and Opportunity Management Policy.
The policies were scheduled to be
reviewed during 2023 to ensure they continued to meet the organisation’s needs
in relation to these disciplines.
At a meeting of the Executive on
5 April 2022, a refreshed Strategic Plan workplan for the 2022-24 period and
Directorate Priorities for 2022/23 was approved, which combined provide a
cohesive approach to the delivery of key priority activities across Council
Significant work was also
undertaken in the year to improve Directorate and strategic performance
management, with the implementation of a monthly performance review cycle using
an integrated performance dashboard drawn from a range of feeder systems which recorded
different aspects of corporate performance.
The monthly Directorate and LMT
performance reviews held throughout 2022/23 considered the following items on a
‘by exception’ basis, with only matters considered to require discussion or
The Strategic Plan workplan (both in terms of
activity and outcomes).
Output from the
monthly performance reviews was reflected in a quarterly update on wider
corporate performance, to the Executive and Overview and Scrutiny Board; an
approach which had served to significantly improve focus upon and strengthen
delivery of corporate performance disciplines.
A refresh of the
Strategic Plan was deferred in 2022/23 due to the need to consider the
implications of several key White Papers over the past year, therefore the
issue of articulating outcomes and measures, would be addressed in a full
refresh of the Strategic Plan in 202/23.
The Programme and
Project Management (PPM) policy and its underpinning framework provided a
standardised approach to the governance of programmes and projects, including
within the Council’s portfolio continued
to be connected to overarching programmes and portfolios wherever possible to
clearly articulate their contribution.
were projects in the portfolio that were being managed under the PPM
framework. These projects were supported
and monitored by the Portfolio Management Office (PMO) and were reported by
exception to the monthly Directorate and Leadership Team performance review
meetings and in the quarterly reports to the Executive and Overview and
The Council’s approach to PPM was also the base methodology for delivery of Strategic Plan workplan activities and all change and savings programme initiatives, requiring robust milestone delivery plans which were subject to the monthly performance management and governance regime for project delivery, as set out in detail in ... view the full minutes text for item 22/65
A report of the
Director of Legal and Governance Services (Monitoring Officer) was presented to
the Council’s approach to
business continuity management, summarise activity in the past year and planned
activity for 2023, to provide the Committee with assurance that the Council had
robust arrangements in place, as required by the Civil Contingencies Act 2004.
The Council’s Corporate Business Continuity Plan defined
critical functions as those which, if interrupted could result in:
The Council would consider activating its
business continuity plans if there was a business interruption event that:
The Council had the following plans in place
to respond to the variety of events that could occur:
The Council did
not publish its business continuity plans as they outlined sensitive information
around its critical functions and their recovery that could be misused and
contained personal information relating to employees that had agreed to share
personal contact details to enable the Council to get in touch with them
quickly in the event of an incident. Paragraphs 8 to 14 of
the submitted report outlined the content of the Council’s plans in broad terms.
The Council aimed
to test its plans at least once every 12 months, or produce a lessons learned report if a live incident had occurred during
the past year. Due to the ongoing nature
of the pandemic, no test was undertaken in 2022, however during 2023 a live
test of business continuity was planned to ensure that senior managers
understood their roles and responsibilities during an incident and to test the
robustness of plans.
During the 2022 annual review of plans,
there was an increased focus on the impact loss of power could have on critical
activities to ensure services planned effectively for this event.
Details of the actions delivered in 2022 to
ensure good governance in relation to business continuity were detailed in
paragraphs 20 to 23 of the submitted report.
During 2023/2024 further work would be undertaken to build on progress
made as part of the Council’s commitment to continual improvement in business
continuity planning as follows:
A report of the Interim Head of Governance Policy and Information was presented to advise the Corporate Affairs and Audit Committee of arrangements in place to ensure the proper governance of information within the Council, progress made within the 2022 calendar year, risks and issues arising, and priorities for 2023.
The Council must create, protect, manage, share and disclose information in line with a complex legal framework. The report dealt principally with information governance arrangements relating to the following, and the risks arising from:
• Data Protection Act 2018 (DPA);
• UK General Data Protection Regulation 2016 (UK GDPR);
• Privacy and Electronic Communications Regulations 2003 (as amended);
• Environmental Information Regulations 2004 (EIR);
• Freedom of Information Act 2000 (FOI);
• Regulation of Investigatory Powers Act 2000 (RIPA); and
• Protection of Freedoms Act 2012 (PoFA).
The Council’s activity in this area was largely regulated by the Information Commissioner’s Office (ICO), with the Investigatory Powers Commissioner’s Office (IPCO) acting as the regulatory body for RIPA and compliance with the Surveillance Camera Code of Practice and the relevant provisions of PoFA encouraged by the Biometrics and Surveillance Camera Commissioner.
The Interim Head of Governance Policy and Information acted as the Council’s Senior Information Risk Owner (SIRO)/Senior Responsible Officer (SRO) for Biometrics and Surveillance and RIPA, and was the owner of the Council’s Information Strategy. The SIRO advised the Chief Executive and the Council’s management team on information risk, reporting quarterly to the internal risk management group and annually to Leadership Team and to the Corporate Affairs and Audit Committee.
The submitted report provided an overview of compliance, issues and risks in 2022 in the following areas:
• ICO Consensual Audit 2019 and 2020 recommendations.
• Information Governance Framework.
• Statutory Information Requests.
• Physical Access.
• Surveillance Policy.
Performance reporting showed an increase in
FOI/EIR compliance and Members noted this positive improvement.
During 2023 a refreshed approach to Information Strategy would be developed alongside the refresh of the Strategic Plan to ensure the operational aims of the Council aligned with the Strategic vision set by Members.
The Council’s information asset registers were significantly developed in previous years and reviewed/consolidated with UK GDPR ‘Records of Processing Activity’ in 2019/20. Various in-year updates by individual Information Asset Owners would need to be merged with changes as a result of the Council’s accommodation strategy, bulk transfer of records to digital formats, procurement of electronic systems – including the SharePoint Online migration and decommissioning of others.
In relation to Information Security, details of the numbers of personal data breaches and ICT/other security incidents were provided at paragraph 17 of the submitted report. Only two personal data breaches were reported to the ICO in 2022. Reported personal data breaches had decreased by 20% on the previously year, whilst ICT/other security incidents had increased, largely owing to more reports or lost or stolen ICT hardware devices. An update of actions taken in relation to Cyber Security and Records Management ... view the full minutes text for item 22/67
SUSPENSION OF COUNCIL PROCEDURE RULE NO 5
In accordance with Council
Procedure Rule No 5, the Committee agreed to vary the order of business to deal
with the items in the following order: Agenda Item 11, Agenda Items 7 to 12.
Update on Section 151 Officer Arrangements
The Director of Legal and
Governance Services (Monitoring Officer) provided an update on the Section 151
Officer arrangements for Middlesbrough Council.
The current Section 151 Officer’s
employment would cease on 31 March 2023, and it was proposed that the Section
151 Officer function was temporarily re-designated to the Head of Financial
Planning, who was one of the current Deputy Section 151 officers, for a period
of up to three months. Approval would be
sought from full Council at an Extraordinary Meeting to be held on 22 March
2023 for the proposed re-designation of the function.
The Chief Officer Appointments
Committee had delegated authority to the Chief Executive, in consultation with
a representative group of Members from the Committee, to secure the appointment
of an interim Section 151 Officer. The
Extraordinary Council meeting on 22 March 2023 would also consider the
appointment of an interim Chief Executive.
In recognition that a new interim Chief Executive would be appointed it
was appropriate that they should make the interim Section 151 Officer
appointment as one of the first tasks of their new role.
AGREED that the proposed Section 151 Officer arrangements for Middlesbrough Council were noted.
A report of the Director
of Legal and Governance Services (Monitoring Officer) was presented to outline the Council’s
approach to health and safety
management and summarise activity in the past year and planned activity for
2023, in order to provide the Committee with assurance
that the Council has robust arrangements in place, as required by the Health
and Safety Act 1974.
The Council had a
governance framework structure in place to oversee health and safety, ensure
compliance with legal requirements and deliver ambitions in relation to Health
The digitised health and safety management
application (My Compliance)
continued to be developed and its processes
embedded within day-today
risk management. As a significant level of data had built up
in the system it had enabled the Council to improve the intelligence it could
This had been
used to improve understanding of the impact of violent incidents, unblock
systematic issues to improve compliance and increase
Member visibility and oversight. Regular
reviews of underpinning documentation with the governance framework were
During 2022 the
Control of Substances Hazardous to Health (COSHH) procedures were
refreshed. Reporting content for
oversight of health and safety had also been refreshed, utilizing the new
capabilities of My Compliance and Power BI to enable reports to focus on the
lessons to be learned, trends and areas of concern, while providing assurance
as to the robust datasets in place to track health and safety compliance.
A key focus of
the team during 2022 had been the ongoing transition from Covid-19 to the new
way of working and ensuring appropriate health and safety measures were
embedded within that, as well as supporting the move of a significant number of
staff and Members to Fountain Court.
continued to deliver training and support to staff to ensure compliance with
health and safety obligations and understanding of roles and responsibilities.
In addition to the suite of e-learning materials that were already available to
all staff, during 2022:
further work would be undertaken to build on progress made within the previous action
plan as part of the Council’s commitment to continual improvement in health and safety management.
The health and
safety unit would continue to monitor and assist in developing the digital
solution linking Power BI and My Compliance, to further develop business
policies and procedures will be produced, reviewed and
uploaded onto the intranet:
In order to be compliant with legal duties, the Council must have a Legal register in place which provided details of legislation applicable to the Council. A gap analysis was currently underway to map leads for pieces ... view the full minutes text for item 22/70
The Head of Internal Audit, Veritau,
provided Members with an update on progress with the delivery of internal audit
and counter fraud work and on reports issued and other work completed since the
last update report to the Corporate Affairs and Audit Committee.
A copy of the internal audit progress report was attached at
Annex 1 to the submitted report. It
reported on progress against the internal audit work programme. This included a
summary of current work in progress, internal audit priorities for the year, completed
work, and follow-up of previously agreed audit actions.
The counter fraud progress report was contained in annex 2. It reported on progress against the counter fraud work programme. A range of work was detailed including activity to promote awareness of fraud, work with external agencies, and information on the level of fraud reported to date.
Members of the Committee raised several queries and some concerns in relation to recently circulated Audit Reports on Burials and Creditors.
The Chair requested that Final Audit Reports on the
Middlesbrough Development Company and Senior Management Review should be
finalised and brought to the Committee at the earliest opportunity, and preferably
prior to the forthcoming elections in May 2023.
AGREED as follows that the:
1. report was
received and noted.
2. progress of internal audit and counter fraud work in 2022/2023 was noted.
Update on 2020-2021 and 2021-2022 Audits
A verbal update on the 2020-2021 and 2021-2022 Audits was
With regard to
the 2020-2021 audit the main outstanding issue was around Going Concern. In terms of the accounting standards, when
the accounts were signed, the public and regulators had to be assured that the
organisation was a going concern at that time and for the next twelve months. The Budget approved
by Council on 27 February 2023 was currently being reviewed
by the External Auditor and the aim was to have the audit signed off prior to
the local elections in May 2023.
The External Auditor confirmed
that EY was working through the disclosures in the financial statements. Whilst the Accounts
would be published two years after the end of that financial year, Going
Concern had to be assessed for the twelve month period
from date of publishing. The narrative
needed tweaking to capture the right period of the assessment. There had also been a disclosure issue
in 2021-2022 that reached back to the previous set of accounts. Whilst quite minor
it was a reasonably sized number.
The 2021-2022 audit was ongoing
and the accounts would not be signed off before the May elections. Other local
authorities were in a similar position. The Finance team would complete as much
work as possible before 31 March 2023 and then move onto closing the 2022-2023
accounts before moving back to the audit work. It was anticipated that the 2021-2022 audit
would be finished from July onwards. There was no capacity in the finance
team to continue with an audit whilst trying to close a set of accounts.
AGREED that the information provided was received and noted.
A report of the Chief Executive was presented to seek approval for the appointment of
Charlotte Benjamin, Director of Legal and Governance Services as the Returning
Officer and the Electoral Registration Officer in accordance with the
Representation of the People Act 1983.
council in England was required by Section 35(1) of the Representation of the
People Act 1983 Act to appoint an officer of the council to be the Returning
Officer for elections of councillors of the county and every district council
should appoint an officer of the council to be the returning officer for the
elections of councillors of the district and an officer of the council to be
the returning officer for elections of councillors of parishes or communities within
of the Act also required the Council to appoint an officer to be the Electoral
Registration Officer. The Electoral
Registration Officer was responsible for the preparation and maintenance of the
electoral register for any parliamentary constituency or part of a constituency
within its area.
Section 24(1) (b) the returning Officer for Parliamentary Elections was the
Chair of the Council, who delegated authority for the management of the
election to the Acting Returning Officer who was the Electoral Registration
Section 28(1) of the Act, only the Electoral Registration Officer may act as
the (Acting) Returning Officer at Parliamentary elections, therefore it made
sense to ensure that one officer was appointed to both the roles and therefore
responsible for all local and national elections and referenda.
highlighted that the duties of the Returning Officer were separate from the officer’s duties as a local government officer. The Returning Officer was personally liable
for the conduct of the election, and only Council could designate an
alternative Returning Officer to discharge these functions. The Corporate Affairs and Audit Committee had
delegated authority to consider and approve the appointment on behalf of the
ORDERED as follows that:
was appointed as the Returning Officer
and Electoral Registration
Officer for Middlesbrough Council.
Any other urgent items which in the opinion of the Chair, may be considered