Consideration was given to the report of the Audit Manager on the Internal Audit Plan for 2022/23 (IAP).  The Standards required that the Audit Manager communicated the IAP and resource requirements, including significant interim changes, to senior management and the Audit and Standards Committee (A&SC) for review and approval.

Attached at Appendix A to the report was the assurance map which provided a visual representation of the various sources of assurance received by an organisation on its management of strategic risks.  The assurance map was last reported to the A&SC in March 2021 and updated for the current position. The assessment methodology was set out in Appendix B to the report.

Only one area (Risk Management) was identified as medium risk, which would ordinarily have led to its inclusion in the forthcoming Audit Plan.  However, in view of the improvements proposed in the Risk Management Update (featured elsewhere on the agenda), it had been deferred until 2023/24 to allow time for the changes to be implemented.  All activities assessed to be high risk were included in the new IAP.

The IAP set out the work programme to obtain assurance on the Council’s control environment.  It had been agreed by this A&SC at its December 2021 meeting that the three-year strategic audit plan would be replaced by standalone annual audit plans; the Audit Plan for 2022/23 was attached at Appendix C to the report. Other medium risk areas that were considered when compiling the new plan, but not included in the final version, were listed in Appendix D to the report for information.

The IAP had been compiled by the Audit Manager in accordance with the Internal Audit Charter 2022 and was supported by the Corporate Management Team (CMT).  The IAP allowed for 532 days of audit work on 22 separate audit reviews / consultancy activities, plus provisions for counter fraud work.  A significant portion of the Plan was devoted to Governance Audit work, owing to the importance of the assurance these audits provided.

The resources of the Strategic Audit Plan (2022/23) were shown in Appendix E to the report, which demonstrated that it would be possible to meet the total resource requirement of the plan with existing staff resources.

Progress against the IAP would be monitored by the Audit Manager and reported to the A&SC once a quarter. The content of the IAP would also be kept under review by the Audit Manager in liaison with the CMT, and adjusted if required, to ensure that it continued to reflect the Council’s needs and priorities.

The IAP needed to provide sufficient coverage to meet the Council’s statutory duty.

The existing Internal Audit Charter was last revised in May 2020 and needed to be updated in light of organisational changes and the move away from a three-year strategic audit plan. A revised Internal Audit Charter was provided in Appendix F to the report for Members’ consideration and approval. 

Members were pleased to approve the IAP and Internal Audit Charter and thanked the Audit Manager for his work.

RESOLVED:  That:

1)    the Internal Audit Plan 2022/23 be approved; and

2)    the revised Internal Audit Charter in Appendix F be approved.