Apologies were received from Councillors Bartrum and Hamblin.

To receive details of any councillor nominated to attend the meeting in place of a member of the committee.

Councillor Polly Andrews attended the meeting as a substitute member for Councillor Bartrum.

To receive declarations of interest in respect of items on the agenda.

No declarations of interest were made.

To approve and sign the minutes of the meeting held on 30 January 2024.

RESOLVED:

That the minutes of the meeting held on 30 January 2024 were confirmed as a correct record and signed by the chairman.

To receive any questions from members of the public.

No questions had been received from members of the public.

To receive any questions from councillors.

No questions had been received from councillors.

To review and agree the external auditor’s plan for 2023/24.

The Key Audit Partner, Grant Thornton (KAPGT) introduced the report of which the following principal points were noted:

1.     The report outlines the significant risk areas and audit approach for both the financial statements and the value for money audit.

2.     Significant risks for the audit approach were outlined on page 9 of the report and are consistent with what the committee would have seen in prior years.

3.     A key risk has been identified for the value for money work and is within Children's Services. This is due to the findings that were found in a prior years report from GT and the key recommendations would be followed up.

4.     Attention was drawn to the audit logistics and team on page 23 of the report.

5.     It was hoped that the audit work would commence in late June with the aim of issuing their opinion by the end of September (the statutory deadline).

6.     It was highlighted that the current Audit Manager would be taking a leave of absence and that could cause potential challenges for GT. Assurances were given to the committee that GT were doing everything they could to resource the position to keep them on track to deliver their opinion by the end of September.

In response to committee questions, it was noted

      I.         The Audit Manager is a fundamental role and an audit cannot be completed without one. All of GT’s other Audit Managers currently have full portfolios, so in order to find a replacement GT are looking to other regions within the GT network and within the public sector to see if there is any capacity for support.

     II.         Internally GT are working to the end of March as a hard deadline for past audits to close down and any that are not completed will be backstopped in September which means that they will not have an impact on the 23/24 financial year audits.

   III.         Fees are driven from the psaa and as part of the new contract year 23/24 fees had increased.

   IV.         The audit manager, key audit partner and two other associates are tasked with completion of the audit. The number of contracted hours could be provided to the committee.

    V.         It was explained when an audit has not been completed by the statutory deadline, there is no financial penalty but a notice is required to be published online to state the reason(s) why it has failed to meet the deadline. 

   VI.         It was highlighted that for there had been no changes to the standards or the code of practice for 23/24 and GT were still required to include investment properties as part of their work.

 VII.         There is currently a consultation in place that is looking at the code and looking in general at the areas of focus and what is of value to public sector organisations.

VIII.         The valuation of council operational land and buildings is done on a rolling program and the valuation of investment properties is  ...  view the full minutes text for item 86.

To consider the report outlining how the council currently manages risk and note any opportunities for improvement.

The Director of Public Health (DPH) introduced the report, the principal points were highlighted:

1.     The councils risk management policy was last adopted in 2020.

2.     The policy would be reviewed and streamlined to provide more clarity and consensus.

3.     A draft risk management policy would be brought before the committee in six months’ time.

4.     Recognition was given that there had been some short falls in the councils approach to risk management against actions previously identified and that progress had not been as quick as was hoped.

5.     Attention was drawn to Appendix 2, Corporate Risk Register as at the end of quarter 3.

In response to committee questions, it was noted:

      I.         The Head of Corporate Performance (HCP) provided the committee with an overview of the process for managing and rating risks.

     II.         The DPH recognised the committee’s comments around the complex process and confirms he intends to streamline the process and provide more clarity to ensure the council is managing risk more effectively. 

   III.         The HCP explained new risks are normally notifed by the Director and that as soon as they are made aware of a risk, it is added on to the register with the actions that are needed to mitigate that risk.

   IV.         A gap was identified in terms of the councils risk register and whether it aligned with the national risk register.

    V.         The Director of Continuous Improvement (SWAP) offered their assistance in helping to fill that gap as they regularly reviewed other local authority risk registers as part of their audit work and could help to identify areas not included on our register.

Resolved:

That the committee notes the report and recommends the process for managing risk is streamlined and provides better consensus to ensure effective risk management.

To provide an update on progress made against the 2023/24 statutory accounts workplan and present the accounting policies and estimates which inform the financial statements.

The Head of Strategic Finance (HSF) introduced the report, the principal points were highlighted:

1.     The council is on target to produce the draft statement of accounts by the statutory deadline of 31 May and to be brought before the committee on 11 June for approval.

2.     Following a review, there are no changes proposed to the accounting policies to be applied in 2023/24.

3.     Attention was drawn to “appendix 2 Accounting Estimates” which includes areas where accounting estimates and judgments are applied. It was noted that these are closely aligned to the significant audit risks that were included in the external auditor's draft audit plan and identifies the source data that is used to make those estimates and judgments.

In response to committee questions, it was noted;

I.         The HSF explained the different classifications of land and building assets and confirmed the Shire Hall would be classified as “assets under construction” which are those assets where work is being carried out. Each year the council provides detailed information to the valuers and they use that data to inform their valuation carrying out impairment reviews as part of their work which takes place annually.

II.         Revaluation of assets is always undertaken on 31 March each year. It would then be considered which category of land and building assets that a particular item would fall into. Transferring between categories would depend on completion certificates etc. that will be reviewed to determine whether it can legitimately move between one category to another. External audits review any reclassifications as part of their audit testing.

III.         Public sector authorities are not taxpaying bodies, they have a statutory deadline to publish the draft accounts by the 31st of May following each financial year end. In order to produce those draft statements and to finalise and agree the outturn position it is reported to Cabinet as a quarter 4 report. The other statutory requirement is for an external audit which has a statutory deadline of 30th of September to receive an audit opinion and supporting working papers to enable the audit testing process to take place.

Resolved

That the committee has reviewed and confirmed that;

a) the arrangements for the preparation of the 2023/24 statutory accounts, including management arrangements to identify and evaluate accounting estimates, are satisfactory; and

b) the accounting policies which inform the preparation of the 2023/24 statutory accounts are approved.

To introduce the concept of a rolling audit plan for 2024/25 to the Audit and Governance Committee for discussion and approval.

The Director of Continuous Improvement (DCI), South West Audit Partnership (SWAP) introduced the report, the following principals point were noted;

1.     The traditional annual audit plan is subject to a high degree of uncertainty and change, and quickly becomes out of date and of less value as the year progresses.

2.     The rolling plan will be a live, and continuously rolling, audit plan accessible to all relevant officers and members, through SWAP’s audit management system AuditBoard.

3.     Quarterly update reports will continue to be presented to the committee.

4.     The Internal Audit Charter paper which would normally come to committee in March has been delayed, due to the rolling plan and the introduction of new Global Internal Audit Standards. This will follow to a later Committee meeting. In the meantime, SWAP will continue to operate in accordance with our existing charter.

In response to committee questions, it was noted

      I.         The DCI confirmed that the audit plan is aligned to the Council’s corporate risks.

     II.         The DCI thought that the rolling plan would be key in identifying and dealing with problems sooner and that there would be a lot more regular communications with officers and members.

   III.         SWAP are reliant on their software system “AuditBoard” for the use of their rolling plan. The programme has been in place for two years with good security assurances in place along with very little downtime and are still able to access records when offline.

   IV.         The DCI would look to provide training to the committee on “AuditBoard” along with a session on “Internal Audit” when diaries permit.

Resolved:

That a) The committee approved the rolling audit plan approach.

To update members on the progress of internal audit work and to bring to their attention any key internal control issues arising from work recently completed.

To assure the committee that action is being taken on risk related issues identified by internal audit. This is monitored through acceptance of agreed management actions and progress updates in implementing the action plans. In addition, occasions where audit actions not accepted by management are documented if it is considered that the course of action proposed by management presents a risk in terms of the effectiveness of or compliance with the council’s control environment.

The Director of Continuous Improvement (DCI), South West Audit Partnership (SWAP) introduced the report, the following principals point were noted;

1.     No high organisational risks have been identified.

2.     One Limited assurance audit which related to carrying out a supporting families grant certification.

3.     Since the last update, good progress has continued to be made with the audit plan. Four audits have been completed and a further four have progressed to draft report stage.

4.     90% of opinion related work found the control environment to be either Substantial or Reasonable assurance.

5.     Internal audit coverage has been assessed to show coverage against the corporate priorities taken from Herefordshire Council’s County Plan 2020-24.

6.     There is generally a sound system of governance, risk management and control in place.

In response to committee questions, it was noted:

      I.         It was clarified that page 3 of “Appendix 1 Internal Audit Update Report” indicates the Internal audit coverage that has been assessed to show coverage against the council’s corporate risks as of July 2023. It was highlighted that there are some areas listed that are very specific to the council that had no coverage and although in an ideal world he would like a broader spread of coverage he was not concerned with those not being covered. It was noted that with a refresh of the corporate risk register, it was a good opportunity for further discussions to have on the genuine top corporate risks of the council.

Resolved

That the committee

(a) Reviewed the areas of activity and concern and were satisfied that necessary improvements are outlined and delivered;

(b) Noted the report and considered the assurances provided and the recommendations which the report made, commenting on its content as necessary.

To consider the work programme for the committee.

The committee’s updated work programme was presented.

It was noted that the future dates of meetings and the draft work programme for 2024/25 would be agreed at the 11 June meeting.

The chair informed the committee that the Governance Statement Progress Report on Actions would be added to the work programme along with a Constitution Review which should take place between September and November 2025.  

RESOLVED

That the updated work programme was agreed.

Tuesday 11 June 2024, 2pm.

Tuesday 11 June 2024, 2pm.

In the opinion of the Proper Officer, the next item will not be, or is likely not to be, open to the public and press at the time it is considered

RECOMMENDATION:

That under Section 100(A)(4) of the Local Government Act 1972, the public be excluded from the meeting for the following item of business on the grounds that it involves the likely disclosure of exempt information as defined in Schedule 12(A) of the Act as indicated below;

Paragraph 3 - Information relating to the financial or business affairs of any particular person (including the authority holding that information)

Resolved:

That under Section 100(A)(4) of the Local Government Act 1972, the public was excluded from the meeting for the following item of business on the grounds that it involved the disclosure of exempt information as defined in Schedule 12(A) of the Act as indicated below;

Paragraph 3 - Information relating to the financial or business affairs of any particular person (including the authority holding that information).

To consider the Limited Assurance Audit (Exempt Appendix B) from the Internal Auditors Quarter 4 report 2023/24.

The Principal ICT Auditor provided the committee with details of the Limited Assurance in the Councils ICT back-ups.

The Head of Information Technology (Hoople Ltd) provided assurance to the committee that the actions highlighted in the Internal Audit report had been actioned / would be actioned by 31 May 2024.

Resolved:

That

a)    The areas of activity and concerns were reviewed, and the committee was satisfied that the necessary improvements outlined were on track to be delivered by 31 May 2024.

Action(s)

2023/24-026 The Head of ICT and Digital would provide a report assuring the committee of the Councils security measures in place for dealing with external threats in light of the cyber-attacks currently headlining the national news.