Corporate Affairs and Audit Committee Minutes

Corporate Affairs and Audit Committee Minutes

Thursday 8 December 2016
10:30 a.m.
Mandela Room, Town Hall, Middlesbrough

Attendance Details

D Rooney (In the Chair), Branson (As Substitute for P Purvis), C Hobson, Hubbard, Storey
Councillor Rathmell
L Henman, A Johnstone, S Lightwing, B Roberts, J Shiel
Apologies for absence:
were submitted on behalf of Councillors Blyth, P Purvis, Taylor
Declarations of interest:

There were no Declarations of Interest at this point in the meeting.

Item Number Item/Resolution

The minutes of the meeting of the Corporate Affairs and Audit Committee held on 3 November 2016 were taken as read and approved as a correct record.


A report of the Strategic Director of Finance, Governance and Support was presented. The purpose of report was to outline the Council's approach to Business Continuity Planning and to testing those plans, present a summary of the findings from this year's tests, and detail the review schedule.

The Council did not publish its Business Continuity plans as they outlined sensitive information around critical processes, as well as personal contact details, which could be misused.

The Corporate Business Continuity plan was the overarching plan for the organisation. It set out the structure used to identify and prioritise critical functions; the mechanisms for enacting the plan; how Business Continuity plans would be maintained, tested and reviewed; and policies and procedures in place to support Business Continuity planning.


The Flu Pandemic plan had been delayed this year because new guidance had been delayed in the north east. Once that guidance was published the Flu Pandemic plan would be updated. The fuel plan was held in abeyance and had not been updated recently. However, the plan would ensure key staff had access to fuelled cars.

Each department was required to test its plans at least once every twelve months, or to produce a lessons learned report if a live Business Continuity incident had occurred during the last twelve months. This year there had been a particular focus on testing the alignment of plans with the newly created Relocation Plan. The tests comprised a desk top scenario whereby responsible managers were asked to respond in line with the plans. The tests were around a fire in the Civic Centre and the implications on the IT systems, relocation of staff and long term relocation.


General feedback from the tests was that the Council's resilience had improved significantly as a result of the roll out of agile working. However, increasing reliance on ICT to deliver services in turn increased the importance of the Council's Disaster Recovering plans for ICT. The ICT service was taking steps to improve the resilience of Disaster Recovery plans.

An internal audit of the Council's Business Continuity arrangements conducted in April 2016 concluded that the Council had a good control environment for Business Continuity. Based on this and the actions that had been taken in the last twelve months, the Leadership Management Team (LMT) considered that the Council's approach to Business Continuity was fit for purpose.


In response to a query regarding flooding, it was clarified that the Emergency Incident Plan would deal with flooding that affected residents and other businesses while the Council's Business Continuity plans would deal with any impact a flood would have on delivery of Council services.


AGREED that the information provided in relation to the Business Continuity Annual Review was received and noted.


A report was presented to seek Council approval to opt into the national procurement scheme for external auditor appointments.

Following the abolition of the Audit Commission in the Local Audit and Accountability Act 2014, the administration of current audit contracts had been carried out by Public Sector Audit Appointments Ltd (PSAA). Current contracts with external auditors would come to an end following the 2017/2018 audit of accounts and external auditors for the audit of accounts for 2018/2019 had to be appointed before the end of 2017. This included the appointment of the external auditor for the Teesside Pension Fund since Middlesbrough was the administering authority for the fund.

There were two options. The Council could choose to go through its own procurement process to appoint its own external auditor or it could join a national procurement process administered by the PSAA. Any decision to opt into the national scheme would need to be approved by full Council by 9 March 2017. Councils that opted in would have their auditor appointed for a period of 5 years.

The current cost of the annual audit of the accounts was £115,000 for the Council and £29,000 for the Teesside Pension Fund plus a further charge for the mandatory audit of Government grants of £11,000.

Under the proposed new arrangements PSAA would pool scheme costs and charge fees to audited bodies in accordance with a fair scale of fees which had regard to size, complexity and audit risk, most likely as evidenced by the audit fees for 2016/2017. Pooling meant that everyone in the scheme would benefit from the most competitive prices.

AGREED as follows that:

1. the Corporate Affairs and Audit Committee recommended that Middlesbrough Council agreed to opt in to the national procurement scheme for appointment of auditors led by the Public Sector Audit Appointments (PSAA).
2. the recommendation would be presented to Council for approval at the next meeting on 11 January 2017.


The Audit and Assurance Manager presented a report to update Members on the main findings arising from internal audit work carried out since the progress report to Members on 29 September 2016. In addition, the report briefed Members on the performance of the Council's internal audit service, Tees Valley Audit and Assurance Service (TVAAS).

The total number of planned audit days for 2016/2017 was 855. At the time of this report, 34% of the Plan had been completed with a number of other audit assignments ongoing and close to the draft stage. This position was in line with that reported in December last year (31%). The level of completion of the audit plan was continuously monitored and resources re-allocated as appropriate.

The main points to note from the internal audit work during this period were as follows:

  • No internal audit reports with an overall assurance level of Cause for Concern or Significant Concern had been issued as a final during the period.
  • No new Priority 1 recommendations had been made during the period.
  • One Priority 1 action was still outstanding from previous periods and action was underway to address this recommendation via the Council's Improvement Plan.
  • During the period, two Priority 1 actions for the project management audit, that were outstanding in September 2016, had been classed as implemented.
  • Five Priority 2 and one Priority 3 actions, which should have been implemented by 31 October 2016 (or before) were currently outstanding. Progress was underway to implement the outstanding actions. This represented a considerably improved position when compared with the same time last year, when a total of 109 actions were reported as being outstanding.
  • Many of the outstanding actions were also included on the Council's Improvement Plan and the auditors acknowledged the considerable work ongoing to implement the Plan. Internal Audit considered that the main priorities for implementation related to the property disposal framework and IT governance.

In addition to the final audit reports issued, detailed in Appendix 1 to the submitted report, TVAAS staff had been involved in a number of other areas of work that did not result in the issue of a formal report. This work included detailed housing benefit count testing, co-ordinating the Council's involvement in the national fraud initiative (NFI) and following up on the implementation of previous audit recommendations.

Appendix 2 to the submitted report detailed TVAAS current performance against the service level agreement performance measures. The Service's opinion methodology was detailed in Appendix 3 to the submitted report.


A Member highlighted that the assurance opinion in relation to the Agresso system was Moderate and outlined a specific incident that had been raised with her by a resident. The Head of Financial Governance and Revenues undertook to investigate the issue raised and highlighted that the problem might not necessarily be related to Agresso. In relation to a query relating to stock controls, it was clarified that the stock system could not be compromised by Agresso. The Auditor confirmed that the audit had focussed on access controls and ownership of the system at the time, since there had been a reliance on previous project managers’ knowledge.

A Member asked for clarification as to the areas covered in the audit of Project Governance and Property Disposals (2015/2016). The Internal Auditor explained that a number of different areas were covered including several asset disposals as well as Section 106 agreements. One of the main issues was the need to have a consistent and effective project management framework to ensure that all transactions were managed effectively and there was a clear audit trail showing how decisions were reached. All of the audit recommendations had been included in the Council Improvement Plan with target dates for implementation. A new asset disposal process had been drafted and was due to be considered by the Leadership and Departmental Management Teams by the end of December 2016.


It was noted that although a recent service review of TVAAS had resulted in the deletion of three auditor posts at one level, a higher level post had been created which would be filled by an appropriately qualified and experienced auditor. The review had been undertaken due to the need for cost savings. The Audit and Assurance Manager confirmed that this would not affect the number of planned audit days.


In relation to the Project Management (2014/2015) audit, and the new governance structure a Member asked how this would be monitored. The Audit and Assurance Manager explained that controls were built into the framework. Compliance with the controls would ensure robust monitoring by the Council would take place through the Project Lead and Programme Management Office (PMO). The Internal Auditor would also provide an independent periodic check to ensure the controls and framework were being adhered to. The Audit and Assurance Manager was confident that the new framework that had been put in place was robust and the actions implemented had addressed those concerns raised by both internal and external audit.


AGREED that:

1. the information provided was received and noted.
2. the Internal Auditor would circulate a copy of the audit report in relation to the Agresso system.


The External Auditor presented the Annual Audit Letter for the year ended 31 March 2016. The report summarised the External Auditor’s work for the year.


One item that was not included was the Auditor’s work on Housing Benefits which had been completed only recently. All the claims were submitted on time to the Department for Work and Pensions (DWP) and the External Auditor would provide a report to a future meeting of the Corporate Affairs and Audit Committee.


The External Auditor had now started planning for the next year’s audit.


A Member asked whether the External Auditor was currently undertaking an investigation into the Council’s disposal of assets. The External Auditor stated that EY had been approached with some information and was considering whether or not an investigation needed to take place.


AGREED that the information provided was received and noted.

Powered by E-GENDA from Associated Knowledge Systems Ltd