Issue - meetings
Internal Audit Plan 2015-16 (SWAP)
Meeting: 19/03/2015 - Audit and Governance Committee (Item 55)
55 Internal Audit Plan 2015-16 (SWAP) 
PDF 110 KB
To seek the Committee’s approval of the Internal Audit plan for the period 1 April 2015 to 31 March 2016.
Additional documents:
- APPENDIX A Annual Audit Plan 2015-16, item 55
PDF 426 KB
- APPENDIX B Annual Audit Plan 2015-16, item 55
PDF 382 KB
Minutes:
The Plan is guided by the Charter approved by the Committee today and contains regular areas of work and special projects as detailed in Appendix B of the report.
The Chairman asked about the rationale for apportioning time to particular activities and the implications of achieving work sooner than planned. It was clarified that the timescales are set out in order to inform resources required and are approximations. It may take longer than planned to complete work and in that case, the work would normally be absorbed unless something significant arose that required re-scoping.
A member asked what was meant in Appendix B of the report by the term “liaison”. The auditor explained that this was in relation to ad-hoc discussions about managing the plan and providing advice to the organisation.
In answer to a further question about covering digital processes, data security and robustness of outsourced systems, it was confirmed that there were plans to consider ICT and data security in future audits. The mobile strategy is covered in compliance work but could also be referenced by audit. The developments in use of ICT and changes in the council’s operating environment were noted as requiring attention from a governance perspective. The Chief Financial Officer added that it is the role of audit to provide assurance and a separate briefing on ICT would be of benefit. The auditor confirmed that there is a stringent process in place for audit and so if there were any ICT issues, these would be identified.
A member asked for assurance that data is protected as far as possible and that documentation could not be removed from systems by officers or members. The Auditor explained that this was not covered in the audit plan but is addressed in other ways by the council. Some past issues have been identified and as much assurance could be given as possible provided that individuals comply with procedures. Further, it was confirmed by the Governance Manager that information security and confidentiality agreements are signed by staff as a mandatory requirement and would form a mandatory element of member induction following the forthcoming elections.
The Chairman thanked the internal auditors for their work including the training that they had provided for the Committee over the past year.
RESOLVED:
that the report be approved.