Venue: Mandela
Contact: Chris Lunn
No. | Item | ||||||
---|---|---|---|---|---|---|---|
Welcome and Fire Evacuation Procedure Minutes: The
Chair welcomed all present to the meeting and read out the Building Evacuation
procedure. |
|||||||
Declarations of Interest To receive
any declarations of interest. Minutes:
A Member referred to the Chief Officers Appointments
Committee. It was queried whether a
declaration of interest was required at this meeting if Members sitting on both
the Audit Committee and Chief Officers Appointments Committee had supported the
appointment of a Chief Officer, who could be associated with the business of
the Audit Committee. It was confirmed
that this was not a requirement. |
|||||||
Minutes - Audit Committee - 14 March 2024 PDF 179 KB Minutes: The
minutes of the Audit Committee meeting held on 14 March 2024 were submitted and
approved as a correct record, subject to the following amendment:
The
Chair requested updates in relation to two previously agreed actions; these
would be considered under Any Other Urgent Items. |
|||||||
Health and Safety Annual Assurance Report 2023 PDF 357 KB Minutes: A report of the Director of Legal and Governance Services
(Monitoring Officer) was presented to outline the
Council’s approach to health and safety management and summarise
activity in the past year and planned activity for 2024, in
order to provide the Committee with assurance that the Council has
robust arrangements in place, as required by the Health and Safety Act 1974. The Council had a governance framework structure in
place to oversee health and safety, ensure compliance with legal requirements
and deliver ambitions in relation to Health and Safety. The digitised health and safety management
application (My Compliance) continued to be developed and its processes
embedded within day-to-day risk management.
Data built up in the system had been used to improve understanding of
the impact of violent incidents, unblock systematic issues to improve
compliance and increase Officer and Member visibility and oversight. Regular reviews of underpinning documentation
with the governance framework were undertaken.
During 2023, the following procedures were implemented and/ or reviewed:
Reporting content for oversight of health and safety had also been
refreshed, utilising the new capabilities of My Compliance and Power BI to
enable reports to focus on the lessons to be learned, trends and areas of
concern, while providing assurance as to the robust datasets in place to track
health and safety compliance. A key focus for the team during 2023 had been the implementation of the
health and safety management system, which had ensured that there was a robust
system in place to support staff and Members. The Council continued to deliver training and support to staff to ensure
compliance with health and safety obligations and understanding of roles and
responsibilities. In addition to the suite of eLearning materials that were already
available to all staff, during 2023:
A restructure of the Health and Safety Unit occurred in May 2023, which
resulted in the Health and Safety Unit combining with risk management to create
the Risk and Health and Safety Team.
Current financial restraints within the Local Authority meant one post
within the Risk and Health and Safety Team had not been filled. This resulted in ownership for delivery of
fire risk assessments from January 2024 moving back to Asset Management to
manage until the post could be filled.
This had now been achieved. During 2024, further work would be undertaken to implement the new strategic plan for health and safety. This ... view the full minutes text for item 24/4 |
|||||||
Annual Report of the Senior Information Risk Owner (SIRO) PDF 431 KB Minutes: A report of the Head of Governance
Policy and Information was presented to advise the Audit Committee of
arrangements in place to ensure the proper governance of information within the
Council, progress made within the 2023 calendar year, risks and issues arising,
and priorities for 2024/25. The Council created, protected,
managed, shared and disclosed information in line with a complex legal
framework. The report dealt principally
with information governance arrangements relating to the following, and the
risks arising from:
·
UK General Data Protection Regulation 2016 (UK
GDPR). ·
Privacy and Electronic Communications
Regulations 2003 (as amended). ·
Environmental Information Regulations 2004
(EIR). ·
Freedom of Information Act 2000 (FOI). ·
Regulation of Investigatory Powers Act 2000
(RIPA). ·
Protection of Freedoms Act 2012 (PoFA). The Council’s activity in this
area was largely regulated by the Information Commissioner’s Office (ICO), with
the Investigatory Powers Commissioner’s Office (IPCO) acting as the regulatory
body for RIPA, and compliance with the Surveillance Camera Code of Practice and
the relevant provisions of PoFA encouraged by the
Biometrics and Surveillance Camera Commissioner. The Head of Governance Policy
and Information acted as the Council’s SIRO/ Senior Responsible Officer (SRO)
for Biometrics and Surveillance and RIPA, and was the owner of the Council’s
Information Strategy. The SIRO advised
the Chief Executive and the Council’s management team on information risk,
reporting quarterly to the internal risk management group and annually to the
Leadership Management Team (LMT) and Audit Committee. The report provided an overview
of compliance, issues and risks in 2023 in the following areas:
During 2024, a refresh of the
Information Strategy would be undertaken to:
The Council’s data protection
activity over 2023 had continued to focus on
incidents and rights requests. Other data protection activity over 2023 had
involved cyclical reviews and updates to information sharing agreements and
privacy notices. Mandatory training compliance had declined to 91% with areas for
improvement identified in Children’s Services, partly due to staff turn-over,
and Regeneration Services, where plans for alternative training approaches for
large groups of casual staff in cultural and creative services were being
developed. The final two recommendations from the 2020 ICO consensual audit of the Council were implemented. Analysis of ICO published statistics for receipt of any complaints and concerns, up to June 2023, showed Middlesbrough Council ranked 115th equal out of 118. Within 2023, there were no complaints or breaches referred to the Council by the ICO and of the four reports made to the ICO about the Council, all were closed ... view the full minutes text for item 24/5 |
|||||||
Risk Management: Annual Assurance Report 2023/24 PDF 788 KB Minutes: A report of the Director of
Legal and Governance Services (Monitoring Officer) was presented which outlined
the Council’s approach to risk management, and summarised activity in
the past year and planned activity for 2024 to provide the Committee with
assurance that the Council had robust risk management arrangements in place. Risk management was a critical element of corporate governance and was a
statutory requirement for public sector organisations. Risks were to be reduced to an acceptable
level, or if possible, eliminated.
Robust risk management enabled the Council to effectively discharge its
responsibilities and deliver its various functions. Risk
management was the collective responsibility of all Elected Members and
officers of the Council. The Council’s
approach to risk management was articulated by the Risk Management Framework,
which was reviewed by Executive in July 2023.
The Council
used risk registers to manage the various risks it identified. The overarching risk register was called the
Strategic Risk Register, which captured the most significant risks the
organisation was exposed to that could impact on its ability to deliver its
strategic priorities, which were outlined in the Council Plan. A summary of the current Strategic Risk
Register was shown at Appendix 1. In addition
to annually reporting the Council’s overall approach on risk management to
Audit Committee, a summary of the Strategic Risk Register was monitored monthly
in performance deck and reviewed every three months by LMT. Details
regarding the Risk Management Framework were provided to the Committee. It was explained that the Council’s Risk and
Opportunity Management Policy set out how risks were captured, scored and
managed using a likelihood and impact scale. A Risk
Improvement Plan was developed in March 2023 for the Council to ensure that it
was committed to ensuring its risk management practice continued to be
effective. Actions were split into the
following areas:
§
Strategic risk identification and monitoring - LMT three-monthly
reviews. §
Risk management processes - DMT monthly reviews. An internal
audit of the Council’s risk management arrangements was programmed to be
completed in 2024; resulting recommendations would be highlighted to relevant
Members and officers when completed. In terms of
risk management activities for 2024/2025, further work would be undertaken to
build on progress made in 2023/2024 as part of the Council’s commitment to
continually improve risk management planning.
Planned activity included:
A Member commented on the unexpected nature of risk and queried the procedures in place for preparing for all eventualities. In response, the Committee heard that an array of work was being undertaken to assist with this, which included: discussion at LMT and Departmental Management Team (DMT) meetings; identification of formal review points; ... view the full minutes text for item 24/6 |
|||||||
Middlesbrough Council - Value for Money Report 2021/22 and 2022/23 PDF 324 KB Additional documents: Minutes: A report of the Director of Finance
(S151 Officer) was submitted, the purpose of which was for Ernst & Young
(EY), the Council’s External Auditor, to present their Value for Money interim
report for the 2021/22 and 2022/23 financial years. The report set out EY’s findings
and commentary on the Council’s systems and arrangements over this period and
highlighted any deficiencies that required improvement for the future. It also covered other findings that EY wished
to raise with the Audit Committee following this work. These matters related to either
governance-related issues or to the accounts for the relevant two-year period,
which currently remained open and not yet signed off by EY. The Interim Report was attached
at Appendix 1. For background context, the
Committee heard that the previous Value for Money commentary had been provided
for the period up to March 2021. A
governance update was provided in December 2022 which highlighted ongoing
risks, and a further update was issued in August 2023. This Interim Report covered the period
four-months prior to the statutory notice being issued. Guidance was currently awaited from the
government in relation to the conclusion of financial statements. Once received, the report would be finalised. The External Auditor referred
Members to the statutory recommendations and six areas of significant risk that
had been identified. The following
points were made:
|
|||||||
Middlesbrough Council - Audit Strategy Memorandum 2023/24 PDF 311 KB Additional documents: Minutes: A report of the Director of
Finance (S151) was presented, the purpose of which was
for Mazars, the Council’s External Auditor, to present their Audit Strategy
Memorandum for the 2023/24 financial year.
This set out their plans for the audit of the financial statements and Value
for Money arrangements for the Council. This was the first year of the new external audit contract with Mazars,
covering the period 2023/24 to 2027/28.
The audit of the two previous years accounts for the Council with Ernst
& Young were still open; it was expected that these would be modified
and/or disclaimed opinions, depending on government legislation that was still
to be confirmed. Mazars Audit Strategy Memorandum for 2023/24
was attached at Appendix 1 and included the following sections: ·
Engagement and responsibilities summary. ·
The audit engagement team. ·
Audit scope, approach, and timeline. ·
Significant risks and other key judgement areas. ·
Value for Money arrangements. ·
Fee for the audit and other services. ·
Commitment to independence. ·
Materiality and other misstatements. It was
indicated that, as the incoming auditor, work had started and followed up on
the outgoing auditor’s work. The
intention was to move to an annual report, as opposed to reports being linked
to a specified period. In terms of
financial recompense for work undertaken, the Council had decided on 23 February 2022 to
‘opt in’ to the national audit appointment scheme undertaken by Public Sector
Audit Appointments (PSAA), a government agency for contracting external audit
services. The base audit fee for any
Local Authority who opted into the national scheme was set by PSAA, based on
size and on previous audit experience and fees paid. The audit fee for the Council for the 2023/24
audit was outlined in section six of the Audit Strategy Memorandum at
£321,074. It was possible that this fee
could increase, based on any additional work required by the auditor as part of
their statutory role. The fee for 2023/24
was a significant increase over the base audit fee for 2022/23 of £111,857, but
represented the additional external audit work undertaken in relation to the
Council over the last couple of completed audits. The 2023/24 fee was fully budgeted for within
the corporate part of the Council’s accounts. A Member referred to the backlog of work and two years currently
outstanding. In response, it was
explained that information would be updated and presented to Audit Committee,
as required. A Member referred to the concept of value, the subjective nature of this
and queried how this could be considered.
In response, the Committee was advised that the remit was to look at the
arrangements in place and to raise any issues in this forum for discussion/
consideration. It was noted that the
auditor’s comments concerned the Council’s arrangements that were in place and
not on individual contracts. NOTED |
|||||||
Teesside Pension Fund - Audit Strategy Memorandum 2023/24 PDF 310 KB Additional documents: Minutes: A
report of the Director of Finance (S151) was presented, the
purpose of which was for Mazars, the Council’s External Auditor, to present
their Audit Strategy Memorandum for the 2023/24 financial year. This set out their plans for the audit of the
financial statements for the Teesside Pension Fund. This was the first year of the new external
audit contract with Mazars, covering the period 2023/24 to 2027/28. The audit of the two previous years accounts
for the Council and Pension Fund with Ernst & Young were still open; it was
expected that these would be modified and/or disclaimed opinions, depending on
government legislation that was still to be confirmed. Mazars Audit Strategy Memorandum for 2023/24 was attached at Appendix 1
and included the following sections: ·
Engagement and responsibilities summary. ·
The audit engagement team. ·
Audit scope, approach, and timeline. ·
Significant
risks and other key judgement areas. ·
Value
for Money arrangements. ·
Fee for
the audit and other services. ·
Commitment
to independence. ·
Materiality
and other misstatements. The
External Auditor presented the report and overall approach to the
Committee. The Teesside Pension Fund was
accounted for separately from the Council’s financial statements, albeit both
were incorporated in the overall Council’s Statement of Accounts. NOTED |
|||||||
Corporate Governance Improvement Plan and Section 24 Action Plan Progress Report PDF 684 KB Minutes: A joint report of
the Chief Executive, Director of Finance (S151 Officer) and Director of Legal
and Governance Services (Monitoring Officer) was presented, which set out the key activities and progress since an
update was last provided. The report
also provided an update on activity in response to the Section 24
recommendations made by the Council’s External Auditors and the Council’s
Corporate Governance Improvement Plan. For the current reporting period, as at 18 June
2024, 96% of planned activity had either been delivered or was on-track for
delivery in relation to the Corporate Governance Improvement Plan, with three
planned activities across the 10 workstreams measuring as off-track. 96% of activity in relation to the Section 24
delivery plan was on-track or had been delivered, with one activity showing as
off-track. The report set out the detail
of the delivery plan activity, alongside supporting measures of success that
were in place to assess the impact of activity. Since its work was last reported in March 2024, the Independent
Improvement Advisory Board had held meetings in April, May
and July 2024. Details regarding the
reports, presentations and representatives involved were outlined at paragraphs
7.2 and 7.3 of the report. Action points
arising from formal meetings, together with a summary of information requested
by the Board, were set out at Appendix 3. It was anticipated that in mid-July, the Board would issue its third
progress report for the Council’s consideration. In line with agreed reporting for this, the
report would be considered by Executive on 24 July 2024. An update on the key activities
related to delivery of the Section 24 Action Plan since last presented to
Council was provided, along with some changes to delivery dates. Appendices 1 and 2 provided
details of measures of success against the Corporate Governance Improvement
Plan and Section 24 Report. AGREED that: 1.
Progress against the Corporate Improvement Plan and Section 24 Action
Plan was received and noted. 2.
The proposed
changes to milestones and activity in relation to the Section 24 Action Plan,
as outlined at paragraphs 6.7 to 6.10, was agreed. |
|||||||
Veritau Internal Audit and Counter Fraud Work Programme 2024/25 PDF 296 KB Additional documents:
Minutes: A
report of the Head of Internal Audit, Veritau was
presented to seek Members’ approval for the 2024/25 planned programme of internal audit,
and for Members to note the Counter Fraud Work Programme 2024/25. Appendix
1 set out the proposed internal audit work for 2024/25, which was based on an
initial assessment of risk undertaken.
The identification of risks included in the assessment had been informed
in several ways, which included review of the organisational risk management
processes; understanding the Council’s strategies and objectives; and the
results of recent audit work. It
was explained that to meet professional aims and objectives, a flexible
approach was taken towards audit planning.
This allowed for any changing and emerging risks within the Council to
be identified and appropriately managed.
The aim was to cover sufficient areas of the Council, with all work
matched against an assurance framework.
Consultation work in respect of the proposed areas of coverage had been
undertaken with the Audit Committee and senior management teams. Regular
discussions/ meetings regarding the scope and timings of audit work would be
carried out with officers and management teams throughout the year; updates on
coverage, scope and findings of work would be presented to the Audit Committee. Regarding
the Counter Fraud Work Programme, the proposed areas of counter fraud work in
2024/25 were set out in Appendix 2.
There was no time estimation allocated for each area as this was
dependent on the levels of suspected fraud reported to the team. The
priorities for the work programme were set annually in the Council’s Counter
Fraud Strategy Action Plan and annual Fraud Risk Assessment, which were
presented to the Audit Committee in October 2023. The
total number of days allocated to counter fraud work in 2024/25 was 150. A
Member referred to the recent changes made to the Council’s scrutiny structure
and commented upon its robustness. It
was queried whether the audit team could investigate this. In response, the Auditor indicated that this
suggestion would be taken away and reviewed. AGREED
that:
|
|||||||
Audit Committee Forward Work Programme PDF 418 KB Minutes: The
Committee was advised that the Forward Work Programme was a working document
used to track the business of the Committee. In
terms of planning for November 2024 and the suggestion of an additional meeting
to manage the workload of the Committee, Members agreed with this. Members also agreed that an additional
meeting in April 2025 would be beneficial.
The Democratic Services Officer would follow this up. It
was anticipated that a mid-year update in respect of Risk Management would be
provided at the 6 February 2025 meeting. Regarding
the 13 March 2025 meeting and the proposed Performance Management and PPMF
Assurance report, it was explained that these matters would be reported on
separately. A
brief discussion ensued with regards to the scheduling of meetings and the need
to hold a meeting in August. Although
acknowledged that this was holiday season, owing to both diary management and
the workload of the Committee, unfortunately this could not be avoided. AGREED
that: 1. Arrangements
would be made for two additional Audit Committee meetings to take place: one in
November 2024 and one in April 2025.
|
|||||||
Any other urgent items which in the opinion of the Chair, may be considered. Minutes: Future Meeting Arrangements - Change to Start Time The Chair requested that the start time for all future Audit Committee
meetings, currently 2.00 p.m., be changed to 1.30 p.m.
Members agreed; Democratic Services Officer to action. AGREED that future Audit Committee meetings would commence at 1.30 p.m.;
Democratic Services Officer to action. Minutes - Audit Committee - 14 March 2024 The Chair referred to the minutes of the previous Audit Committee meeting
and requested updates regarding two agreed actions, as follows:
Members were advised that the Chief Executive had written to the
Directors to request the release of the minutes; no definitive response had
been received as of yet. Reference was
made to company law and the duty of Directors to comply with this. Directors were responsible for ensuring that
the release of any documentation into the public domain was appropriate and in
the best interest of all parties.
Members were advised that this had been raised with the Head of HR and
statistics would be provided as soon as possible. NOTED Auditor Attendance – EY A Member wished to record a note of thanks to the External Auditor from
EY for the support provided to the Committee.
The External Auditor thanked the Member for the comments made and
advised that attendance at meetings would continue until the EY work had been
closed off. NOTED |