Agenda item

Members received the report of the Executive Director which set out the Internal Audit work originally planned for the 2020/21 financial year, based on the risks known at that time.  However, the situation had changed significantly since the plan was first drawn up and the Internal Audit team had been operating with reduced staff resources since the outset of the crisis.  It had become increasingly difficult for any routine audit work to be carried out, as resources across the Council had been focussed on other areas.

As a result, the 2020/21 Audit Plan was unable to go ahead in its current format, as the risks to be focussed on for the rest of the year (and beyond) would be very different from the ones previously predicted.  Members were advised that the report would be withdrawn as the existing plan was no longer deliverable and a new set of proposals were outlined:

1.         Replace the 2020/21 Audit Plan with a quarterly plan – covering both existing high-risk priorities and those that emerged as a result of the current crisis. A rolling six-month indicative plan would also accompany this, detailing other work which could be undertaken.

It was noted that all plans for the immediate future would mainly be comprised of short audits and consultancy work.  New risks could include:

•     Information security risk as a result of working remotely.

•     Health and Safety risks when employees were working in the front line or social distancing in the office.

•     Financial risks as the result of additional obligations or where revenue streams had dried up.

•     Sustainability risks where concerns were raised around the future provision of services.

•     Crisis management risks relating to concerns around operational resilience.

•     Regulatory risks/challenges around meeting regulatory obligations and future impact.

•     Exit strategy.

2.         Devise a faster mechanism for reporting audit findings – e.g. reduce the scope of Internal Audit’s work to focus only on the business-critical issues and report findings via less formal routes such as Microsoft Teams, which would result in fewer conventional audit reports issued during the year.

3.         Remind management that Internal Audit were there to help – Internal Audit needed to re-engage with management by emphasising that traditional audits would not be resumed in the short term and that Internal Audit would not hinder the Council’s response to the Covid-19 pandemic.

4.         Temporarily halt follow-up action -  a three-month stop on all audit recommendation follow-ups was to be put in place, except where they were business-critical, or this action could impact on the Council’s response to the Covid-19 pandemic.

5.         Make allowances for potential redeployment – during the Covid-19 pandemic, Internal Audit had offered their services to be redeployed into other areas of Council work for short periods of time. If this resulted in stepping into roles and tasks that took away audit independence, this would be reported to the Audit and Standards Committee and taken into consideration when providing the Audit Manager’s annual audit opinion. One such area was to be with the approval and processing of Business Grants.

The proposals outlined to Members had been discussed previously with the Chairman of the Audit and Standards Committee and senior management, whom had broadly approved the new approach. Discussions were taking place with Heads of Service to put together a new plan, which would provide for a more flexible approach to audit work and better reflect the current needs of the Council.  Further details would be provided, together with the first quarterly plan at the next meeting of the Audit and Standards Committee on 22 June 2020.