Agenda and minutes

To confirm the minutes of the last meeting of the Committee.

The Minutes of the meeting held on 29^th September 2022 were confirmed as an accurate record.

Apologies were received from Councillors Miah and Diplock and from Chief Finance Officer, Homira Javadi.

There were none.

On matters not already included on the agenda and for which prior written notice has been given (total time allowed 15 minutes).

No questions from the public had been received.

The Chairman to notify the Committee of any items of urgent business to be added to the agenda.

The Chair confirmed there were no urgent items.

The Chairman to report any requests received to address the Committee from a member of the public or from a Councillor in respect of an item listed below and to invite the Committee to consider taking such items at the commencement of the meeting.

The Chair confirmed there had been no requests to address the meeting.

Update from external auditors, Deloitte.

Ola Owolabi, Deputy Chief Finance Officer (DCFO) introduced the report and invited comment from Deloitte’s representative, Ben Sherriff. Mr. Sherriff provided a brief summary of the draft ISA160 report, which had been submitted as a late supplement to the agenda and circulated via email to Committee Members ahead of the meeting.

The DCFO noted that, as the audit opinion was now 90% complete, the recommendation was to delegate final approval to the Chair in consultation with the Section 151 Officer the Chief Finance Officer, to help ensure the rapid conclusion of the audit.

The Committee considered the report. Key points and comments that arose from the discussion included:

·       That due to the late submission of Deloitte’s report, there had not been adequate time to consider a document of its size and complexity.

·       Deloitte representatives confirmed that they did not expect any issues to emerge from the testing still in progress, (detailed in Appendix A, page 9), and that Deloitte’s own specialists were progressing the outstanding work on the ICE transaction.

·       Regarding clarification of the role of the Committee to satisfy the conclusion of the specific risk areas, as mentioned in Appendix A, page 5 of the report, Deloitte representatives apologised for an error in the report and confirmed there was no action outstanding for the Committee on this matter.

·       Regarding possible concerns around the valuation process noted on page 7, Deloitte representatives confirmed that this was not an uncommon finding or cause for concern and clarified that the expectations were partly due to the auditing professions own regulations.

·       Deloitte representatives and Officers clarified the difference between infrastructure assets and housing, and also provided a detailed explanation of the term ‘componentised approach to infrastructure assets’.

The DCFO provided further explanation for the recommendations in the report, noting that it was not unusual, when an audit neared completion as was currently the case, to delegate power to sign off the audit to the Chair in consultation with the Section 151 Officer and would avoid delays to final completion the External Audit for 2019/20.

The Committee considered and voted on the recommendations in the report:

·       To accept the Independent Auditor’s (Deloitte) report to those charged with governance on EBC Accounts, and the Value for Money conclusion report

·       To delegate authority to the Chair in consultation with the Chief Finance Officer to sign-off the audited EBC 2019/20 Statement of Accounts.

·       To authorise the Chief Finance Officer to sign the formal Letter of Representation to Deloitte.

The Committee voted against these recommendations by 0 votes to 4 with 2 abstentions.

A proposal was put forward instead for the Deputy Chief Finance Officer to liaise weekly with Deloitte advise the Chair when the accounts had been completed and could be brought back to the Committee. This was put to a vote and agreed.

RESOLVED (unanimously)

That the Deputy Chief Finance Officer liaise weekly with Deloitte and advise the Chair when the Statement of Accounts had been completed and was ready to be considered by the Committee  ...  view the full minutes text for item 31.

Report of the RIPA (Regulation of Investigatory Powers Act) Monitoring Officer.

Lee Ewan, Counter Fraud Investigations Manager and RIPA Monitoring Officer (RMO), presented the report to the Committee, which providedthe annual overview of the Council’s use of covert surveillance powers in 21/22 and reported on the recent external inspection from the IPCO (Investigatory Powers Commissioner’s Office).

Points highlighted during the presentation included:

·       That the external report had found no issues of non-compliance and that the two minor matters of non-compliance identified by the previous inspection of 2019 had been resolved.

·       Covert Human Intelligence Source (CHIS) training and other associated courses had ensured continuing capability and had merited praise from the inspection.

·       Following IPCO recommendations, minor amendments had been made to the existing policies - the Covert Surveillance and CHIS Policy and Acquisition of Communications Data Policy – and were presented as part of the report, for Audit and Governance Committee approval.

The Chair thanked the RMO for the presentation and members considered the report.

The RMO confirmed difficulties of dealing with the court system due to four years of backlog compounded by poor communication of changes in Sussex and Surrey courts. However, the situation was improving, and more timely Court responses were expected to follow.

Members congratulated the RMO on a successful IPCO inspection and thanked the Team for all its hard work.

RESOLVED (unanimously)

(1) To note the covert surveillance summary for September 2021 to September 2022;

(2) To note the findings of the Investigatory Powers Commissioner’s Office Inspection conducted in June 2022;

(3) To approve the updated Covert Surveillance and CHIS Policy; and

(4) To approve the updated Policy on Acquisition of Communications Data.

Report of the Chief Finance Officer.

Ola Owolabi, Deputy Chief Finance Officer (DCFO) presented the report, which outlined the activities and performance of the Treasury Management service during the period July to September 2022.

During the presentation, the DCFO highlighted key statistics and the changing nature of the economic environment and, further to completion of the annual Treasury Management Training for Councillors, invited members to approach Officers for any additional training needs.

The Committee considered the report.  During the following discussions, Officers confirmed that additional information and explanations regarding capital programme monitoring were reported to Council via quarterly performance reporting /monitoring papers to Cabinet and Scrutiny committees. The DCFO agreed to consider including more explanation information in the reports to the Audit and Governance Committee as appropriate.

RESOLVED (unanimous)

To note the report of the Chief Finance Officer and the assurances contained within and agreed that the Treasury Management Activities for the period had been in accordance with the approved Treasury Strategies.

Report of the Chief Internal Auditor.

Jackie Humphrey, Chief Internal Auditor (CIA), presented the report, which provided a summary of the activities of Internal Audit and Counter Fraud for the first half of the financial year, from April to September 2022.

During the presentation, the CIA noted that the Audit Team was required to produce a number of Annual reports at this time of year, and referred the Committee to Appendix A, which illustrated the work actioned during the period up to September 2022. 

The CIA gave a verbal update of more recent activity across key topic areas, including business continuity, arrears collection, member allowances, and officer expenses and drew the Members’ attention to Section 3 of the report and a specific sub-headed update on the Stage Door, which had been included in direct response to the Committee’s request for further information on this topic.

The Chair thanked the CIA and invited comments and questions from Members.

In response to a request for an update on items listed as ‘partial’ in Appendix B, the CIA confirmed that that information would form part of the next quarterly Internal Audit Activity report. The CIA explained the relationship between information contained in Appendices B and C and noted that Appendix C contained monitoring information regarding any recommendations still outstanding after the first follow up.

Regarding the long-term listing of outstanding recommendations under Procurement, the CIA gave a brief update on Procurement’s progress to address the recommendations, noting that none were of major concern, and confirmed that the Internal Audit Team had scheduled its next formal follow up for January 2023. 

The CIA reported that the Committee’s request that cases where recommendations were not addressed in the long-term should be recognised in some way had been taken to CMT. CMT had agreed that, while the risk level of something not being done could not change, long-term non-compliance could now result in a reduction of the overall assurance level of the review. This change to risk evaluation was being communicated to departments before being implemented. 

RESOLVED (unanimous)

To note the update on the work of Internal Audit and Counter-Fraud.

Report of the Chief Internal Auditor.

The Chair introduced the next report, which had been compiled by Chief Internal Auditor, Jackie Humphrey, and welcomed and thanked those Officers who had contributed to the report and were attending to support the Committee’s considerations: Tim Whelan, Director of Service Delivery, in attendance at the Town Hall, and Tony Baden, Head of IT and Lee Banner, Transformation Manager, who joined the meeting remotely via Teams.

The meeting paused for a comfort break (approximately 3 minutes) and to allow those Officers connecting remotely to join the meeting.

On recommencement of the meeting, the Chair reminded the Committee that the report included an exempt appendix which could not be discussed in public session. 

The Committee resolved (unanimously)

To move into private session so that it could consider the report in its entirety as the appendix to the report contained exempt information as set out on the agenda item 12.

The Chief Executive considers that discussion of the following items is likely to disclose exempt information as defined in Schedule 12A of the Local Government Act 1972 and may therefore need to take place in private session.  The exempt information reasons are shown beneath the items listed below.  Furthermore, in relation to paragraph 10 of Schedule 12A, it is considered that the public interest in maintaining the exemption outweighs the public interest in disclosing the information. (The requisite notices having been given under regulation 5 of the Local Authorities (Executive Arrangements) (Meetings and Access to Information) (England) Regulations 2012.)

The Committee resolved to enter into a private session for items 11 and 12, IT and Communications Risk Report and Appendix A, as discussion was likely to disclose exempt information as defined in Schedule 12A of the Local Government Act 1972 Exempt. Information reason 7 - Information relating to any action taken or to be taken in connection with the prevention, investigation or prosecution of crime.

The IT and Communications Risk Report and Exempt Appendix A were dealt with together under an exempt session.

Jackie Humphrey, Chief Internal Auditor, presented the report, which detailed Officer responses to a number of questions raised by the Committee around certain risks within the Strategic Risk Register, specifically around:

·       SR_007 – Impact of an event under the Civil Contingencies Act

·       SR_010 – Data Protection

·       SR_006 – Impact of a cyber attack on the ability to deliver services and the risk to personal data

The Committee thanked Officers and considered the report and asked questions to the Officers present.

RESOLVED (unanimously)

1. To note the report.
2. To request a follow up report from the Head of IT with the results of a test exercise using an online toolkit from the National Cyber Security Centre, once completed.

To request that Officers seek assurance that relevant sections of the Council are considering and applying the information and general guidance available on the National Cyber Security Centre, as appropriate

To note that the next meeting of the Audit and Governance Committee is scheduled to be held on 18 January 2023 in the Court Room, Town Hall, Eastbourne commencing at 6:00pm.

The next meeting was confirmed for Wednesday 18^th January at 6pm in the Town Hall, Eastbourne.