Agenda item

Report of Internal Audit Manager.

The Committee considered the report of the Internal Audit Manager regarding a summary of the activities of Internal Audit for the third quarter of the financial year 2015/16.

A list of all final audit reports issued from 1 April to 31 December 2015 and the level of assurance attained were detailed in the report.  The Committee was advised that during this quarter, one report on procurement had been issued with an assurance level of inadequate and this was detailed in appendix B.

Audit work carried out to date against the audit plan was set out in appendix A.  Main points from the appendix were summarised in the report.

Further information on reports issued in final during the year with an assurance level below excellent was set out in Appendix B, with any issues highlighted in the reviews which informed the assurance level given.  The Committee was reassured that this status was the assurance level given at the time the final report was issued and did not reflect recommendations that had been addressed.

A brief explanation for a number of outstanding high and medium priority recommendations from audits, reasons why they had not been implemented along with the month when the next follow up date was due was set out in appendix C.  The Internal Audit Manager advised that at this stage follow up reviews had been paused so that annual audits could be undertaken.  Since the report had been published, follow ups had been completed for Conferences and Group Travel (1 high and 1 medium recommendation outstanding), Licences (Entertainment and Taxi), (4 high and 2 medium recommendations outstanding) and Leasing and Licensing (1 high and 1 medium recommendation outstanding).

The Committee discussed IT inadequacies, detailed in appendix B, that was raised at the last meeting.  The Internal Audit Manager reiterated that work was ongoing on creating a joint Disaster Recovery Plan and Business Continuity Plan with Lewes District Council, where each authority would host each other’s IT system.  

The Committee remained concerned about the IT inadequacies.  It was proposed by Councillor Swansborough and seconded by Councillor Holt that the Council’s Head of IT (Eastbourne and Lewes) be invited to the next meeting of the Committee to talk through the work ongoing with the joint Disaster Recovery Plan and Business Continuity Plan with Lewes District Council. This was unanimously supported by the Committee.

Events remained the only audit detailed in appendix D as an outstanding high risk.  The Senior Head of Tourism and Enterprise had provided comments at the bottom of the appendix.  Appendix D was designated as confidential to reduce the risk of opportunities to commit fraud. The Internal Audit Manager had proposed not to continue following up the recommendations, made when the report was issued in April 2014, considering the robustness of the approach to address the issues and that a full audit of the area would be conducted at a later date. The Committee requested that Events remain as an outstanding audit.

Work undertaken by the Corporate Fraud team was detailed in the report. Appendix E outlined the work and savings acquired by the team.

Work undertaken by the East Sussex Counter Fraud Hub and its performance figures was detailed in the report.  The projected savings for the Hub in 2015/16 was detailed in Appendix F and also included the actual savings for the first three quarters of the year.

An update on the Single Fraud Investigation Service was outlined in the report.

RESOLVED: (Unanimous) (1) That the Council’s Head of IT (Eastbourne and Lewes) be invited to attend the next meeting of the Audit and Governance Committee, regarding the Council’s joint Disaster Recovery Plan and Business Continuity Plan.

(2) That the report be noted.