Minutes:
The Chief Internal Auditor introduced the
report and stated that updates had been made to internal audit
legislation in 2014 and 2015, and therefore the Chief Internal
Auditor now had to present regularly to the Standards and Audit
Committee and provide Members with his professional opinion. He
stated that although he could give reasonable assurances on the
financial state of the Council, these could never be absolute
guarantees. He added that regular progress reports on the work of
the internal audit team would also be brought back before the
Committee throughout the year. He explained that this year had been
a difficult year due to COVID and this had been taken into account
throughout the report. He added that the internal audit team had
also struggled as some team members had left. The Chief Internal
Auditor then highlighted point 3.1 on page 86 of the agenda and
explained that the team had produced 11 assurance reports
throughout the year, which had all received a green or amber-green
rating, and 4 advisory reports, as well as looking into a variety
of other complaints. He stated that the team had also been busy as
they had needed to sign off numerous government COVID grants.
The Chief Internal Auditor moved on and highlighted point 3.2 on
page 86 of the agenda which explained that specialist consultants
had also been hired in March and April to review two major projects
and improve related governance. He stated that the Committee would
receive regular updates on these projects throughout the year, and
a new project management process had now been implemented. He
summarised and stated that his overall opinion was currently amber,
which had not changed since 2019/20, but his risk management
opinion was currently green. He stated that 3.4 of the report
highlighted recommendations to managers to improve the amber
rating. He added that page 97 of the report showed there had been
good progress made in previous recommendations, and no conflicts of
interest had been found within the team.
Ms. Laybourn queried page 95 of the
agenda and asked what the difference between risk enabled and risk
managed was in terms of the risk register. She felt that there had
been some ‘red’ risks last year that had not been able
to be mitigated. The Chief Internal Auditor responded that the risk
maturity model ranged from naïve to aware to managed to enabled. He clarified risk enabled meant
that on both a strategic and operational level risk management had
been embedded in decisions. He added that risk managed meant that
on a strategic level risk management had been embedded, but not on
an operational level.
Councillor Collins thanked officers for their hard work throughout
the year, particularly when dealing with staff shortages. He
highlighted the last paragraph on page 98 of the agenda and asked
if any there had been any problems with COVID specific funding. The
Chief Internal Auditor responded that although no additional
challenges had presented themselves due to COVID, the workload had
increased dramatically due to the number of government grants being
submitted. He explained that government grants ranged from
thousands to millions of pounds, and ranged from areas such as
COVID enforcement, to education, to one-way high street signage.
The Corporate Director of Resources and Place Delivery added that
each government grant received a different risk rating, for example
some grants were directly linked to business rates and could be
paid directly to the Council, but others were grants being given to
businesses based on their type and rateable value. He stated that
Thurrock had received approximately £14.8m in general grants
from the government to support itself, plus grants to cover lost
fees and charges. He stated that government grants had also been
received to manage the test and trace system, food parcel delivery,
town centre management, and transport. He stated that these grants
would be pulled together and presented to the Committee as part of
the finance accounts.
The Chair questioned if the internal audit team had sufficient
staff and resources to carry out their role. The Chief Internal
Auditor responded that as well as himself there was currently 1
senior auditor and 2 internal auditors, with one of these set to
become a senior auditor shortly. He stated that he would be putting
together a business case for two additional auditors, as workloads
continued to increase for example the increased use of digital
signatures which needed assurances. The Chair then questioned if
the team would give recommendations on how to improve the risk
enabled and risk managed statuses. The Chief Internal Auditor
answered that work had started on this in 2018 with the risk
management officer, but this would require additional resources and
therefore increase costs. The Chair stated that two amber rating
areas were the fostering service and DBS checks, and queried if
this could potentially include risk related to vulnerable
residents. The Chief Internal Auditor responded that the team had
only audited payments of foster carers to ensure payments were
following the correct processes and foster carers were getting paid
the correct amount. He stated that the DBS audit also focussed on
processes and checks to ensure people were not starting work before
their DBS clearances or right to work in the UK documents had
arrived. He stated that this did not relate to vulnerable families
or individuals.
RESOLVED:
1. That the Standards and Audit Committee considered and commented
on the Chief Internal Auditor’s Annual Report – Year
ended 31 March 2021.
Supporting documents: