There were no apologies for absence.

To receive details of any councillor nominated to attend the meeting in place of a member of the committee.

There were no named substitutes.

To receive declarations of interest in respect of items on the agenda.

There were no declarations of interest.

To approve and sign the minutes of the meeting held on 28 January 2025.  

RESOLVED:

That the minutes of the meeting held on 28 January 2025 be confirmed as a correct record and signed by the chairman.

To receive any questions from members of the public.

There were no questions received from members of the public.

To receive any questions from councillors.

There were no questions received from councillors.

To review and agree the external auditor’s draft annual plan for 2024/25.

The Senior Manager (SM), Grant Thornton (GT) introduced the report of which the following principal points were noted:

1.     The report outlined the significant risk areas and audit approach for both the financial statements and the value for money audit.

2.     Significant risks for the audit approach were outlined on pages 36-39 of the report and were consistent with what the committee had seen in prior years.

3.     GT’s approach to materiality was outlined on page 45 , It was noted that the percentage applied had increased since the prior year due to an update in their internal guidance. A maximum 2% had been applied as they did not consider there to be any specific risks in the control environment at Hereford.

4.     Risks of significant weakness in Value For Money (VFM) arrangements were outlined on pages 55 and 56. 3 risks of significant weakness had been identified within the financial sustainability and improving economy, efficiency and effectiveness criteria. These linked back to the prior year’s recommendations that were raised around the budget gap, Designated Schools Grant deficit and improvements need in the Children's Social Care Services. These would remain under review and would be followed up as part of GT’s work and report alongside the audit findings report to be delivered in September.

3.              The audit logistics and team were outlined on page 58. A consistent team is in place to deliver the audit, logistics and the time frame. It was confirmed that the audit would be going into Phase 1 audit running from mid-June until late September, hoping for a timely sign off, of the accounts towards the end of September early October.

In response to committee questions, it was noted;

       i.         The SM confirmed that the improvements noted by Ofsted and the Children's Commission's Commissioner had been taken into account.

     ii.         GT identify potential signification risks as part of their planning enquiries by communicating with the Chair of Audit and management to see if anything had happened in year that they should pay particular attention to.

    iii.         It was confirmed that Inflo is a digital audit platform that they used which integrates advanced data analytics, client collaboration, and quality management. This was not a new software programme and had been used for a number of years.

    iv.         The SM advised she was not aware of any new auditing standards coming in the next few years.

     v.         It was confirmed that Herefordshire are opted into the Public Sector Audit Appointment (PSSA) national scheme who are responsible for appointing an auditor and setting scales of fees for relevant principal authorities. It was highlighted that GT are market leaders in public sector audit.

    vi.         Audits are conducted on a sample basis and based on materiality level.

   vii.         In the SM’s opinion Herefordshire is in a very positive position being one of three that had their accounts signed off on time with no previous backlogs and compared to others in the region and nationally are considered to  ...  view the full minutes text for item 49.

To update members on the progress of internal audit work and to bring to their attention any key internal control issues arising from work recently completed.

To assure the committee that action is being taken on risk related issues identified by internal audit. This is monitored through acceptance of agreed management actions and progress updates in implementing the action plans. In addition, occasions where audit actions not accepted by management are documented if it is considered that the course of action proposed by management presents a risk in terms of the effectiveness of or compliance with the council’s control environment. 

Note: Paper to follow;

Appendix A SWAP Internal Audit Progress Report Quarter 4 2024-25

The Head of Internal Audit (HIA) introduced two members of her team, Josie Bollen - Principal Auditor and Ravi Taggar - Senior Auditor. She highlighted that there was currently a vacancy in her team but said this would not impact on the delivery of the annual opinion.

She introduced the report of which had been issued as a supplement to the agenda.

The principal points were noted:

1.     No high organisational risks, limited assurances, or priority one or two findings had been identified.

2.     Two audits had been completed since the last progress report with 15 currently in progress and 3 at draft report stage.

3.     There had been some delays in finalising some of the work this quarter but in anticipation of the annual opinion, it was hoped that at least 13 of those 15 audits would have moved through and would feed into the annual opinion.

4.     Risk coverage covered on pages 10-11 showed coverage against Swaps top 10 risks having decided to remove the coverage of the current corporate risks whilst these were being finalised. Once the corporate risk registers were finalised, she would go back to the rolling plan and map future audits to the risks, identifying any gaps in coverage and then go back out to the key officers and senior management in the Council to determine if any extra audits were needed or if there were sufficient assurance from other sources.

5.     Action tracking was still successful and a further 5 actions had been closed off since the last update. No actions had revised time scales. It was her aim that the 91 actions that still remained would be closed off by the annual opinion.

6.     At present a 100% feedback score was being achieved.

In response to committee questions, it was noted.

      I.         Audit #3772 and #3749 as recorded on page 6 were requested by the Director of Finance and currently are classed as confidential but as testing and as the journey progresses this may change. The HIA had no significant concerns but would bring that to the attention of the committee if necessary.

     II.         Determining what projects, are looked at would be done on a risk-based approach and would involve key officers, looking at reputational damage, financial damage the size of the project and where an audit can offer the most value.

The committee noted the report.

To present the approach to Internal Audit Planning and the Internal Audit Charter for 2025-26 to the Audit and Governance Committee for discussion and approval. 

The Head of Internal Audit (HIA) introduced the report the purpose of which was to present the approach to Internal Audit Planning and the Internal Audit Charter for 2025-26.The following principal points were noted.

1.     It was proposed that the rolling approach that was used last year would continue.

2.     Swap had been subject to an external quality assessment (eqa) in December 2024 which confirmed their conformance with the 2017 International Professional Practises Framework. 

3.     They are working to the new global internal audit standards. The next eqa that they will be preparing for will be to the new standards that have been introduced effective from April, and she hoped to bring some information to the committee and a training session on those new standards, what that means and the changes it will bring.

Resolved

That the Committee approved the rolling audit plan approach, and the Audit Charter.

To provide an update on progress made against the 2024/25 statutory accounts workplan and present the accounting policies and estimates which inform the financial statements.

The Director of Finance (DOF) introduced the report the purpose of which was to provide an update on progress made against the 2024/25 statutory accounts workplan and present the accounting policies and estimates which informed the financial statements. The following principal points were noted.

1.     The council is on target to produce the draft statement of accounts by the statutory deadline of 31 May and to be brought before the committee on 10 June for approval.

2.     Attention was drawn to appendix 2, the accounting estimates and judgements that are made in the preparation for those statements. They are subject to robust audit procedures and no changes had been made in making those estimates and judgements in this financial year.

3.     Attention was drawn to appendix 1, the Accounting Policies 2024/25 which are included in the statutory accounts. Improvements had been made to these in previous years to provide a narrative explanation relative against each note so that the user of the accounts can look at the referenced numbers and understand the accounting policy that had been applied within the same page to experience a more user-friendly experience.

4.     Changes to the accounting policies include the implementation of IFRS 16. This is a new accounting standard effective 1 April 2024 impacting the accounting treatment for leases/right of use assets, with an associated impact on the accounting treatment for Public Finance Initiatives (PFI).

In response to committee questions, it was noted in terms of risk of misstatement the DOF was confident the auditors would be satisfied.

Resolved

The committee deemed the arrangements for the preparation of the 2024/25 statutory accounts as satisfactory; and approved the accounting policies.

To provide an update on the council’s approach to risk management arrangements. 

The Director of Finance (DOF) introduced the report the purpose of which was to update the committee on the council’s approach to risk management arrangements. The following principal points were noted.

1.     The committee were reminded that under the constitution it was not their function to examine specific risks but was to monitor the development and operation of risk management processes and receiving assurance from internal and external sources of the effectiveness of arrangements.

2.     The revised Risk Management Strategy had been completed, incorporating a new Risk Appetite Statement which defined the level of risk the council would be willing to accept to deliver the priorities of the Herefordshire Council Plan 2024-28 and annual Delivery Plan.

3.     The Strategy set out the approach and principles of risk management, outlining the council’s risk appetite, risk management objectives and confirms the roles and responsibilities of elected Members and Officers across the council.

4.     Effective risk management is essential to the delivery of the priorities set out in the Council Plan. Specially, the Council plan commits the council to ‘develop a Corporate Risk Strategy to improve the process for managing corporate and directorate risks.

5.     A risk manager had been appointed and was responsible for co-ordinating the approach, ensuring consistency in scoring and highlighting areas of best practise. They would report the corporate risks to the corporate leadership team (CLT) and the Audit & Governance Committee and work with colleagues across the council to help identify, assess and manage strategic risks.

6.     The Draft Strategy was included at Appendix A and would be formally approved by Cabinet in June 2025. Risk management arrangements in 2025/26 would include monitoring and reporting of Corporate Risks via quarterly reports to Cabinet.

In response to committee questions it was noted.

      I.         Part of the role of the risk manager is to champion risk activity across the organisation as well as promoting and providing training and development. Their role is to ensure risks are consistently being scored using the same risk appetite set against the Council priorities.

     II.         Risk owners are responsible for ensuring arrangements are in place within their directorates and services to identify and manage risks in accordance with the council’s risk management framework.

   III.         Spreadsheets are currently in design to ensure consistency in data collection, reporting and aligns back to the risk appetite statement and the Council plan priorities. Risk owners are responsible for this action.

   IV.         The strategy is a live document that would be reviewed annually to ensure the risk appetite remains and to review the ever-evolving strategic risks. *The committee suggested that the frequency of review be recorded in the “Step 6: Monitor and update” section.

    V.         The corporate risk registers had been reviewed in collaboration with the Cabinet member, CLT and Cabinet. Historically it had been a large document which had been made leaner to include the corporate risks and strategic risks that were being managed that threatened the delivery of the Council plan objectives.

   VI.         Members were now clearly identified  ...  view the full minutes text for item 53.

To consider the work programme for the committee.

The committee’s updated work programme was presented. The following changes were to be implemented.

1.     The External Auditors Progress Report to be removed from June to July given the timeframe of the audit.

2.     The Corporate Risks Registers to be removed from June.

3.     The Internal Audit Annual Opinion to be added to June.

4.     The clerk would investigate a slightly later date in September to provide more flexibility to ensure the timely sign off, of the statutory accounts.

RESOLVED

That subject to the amendment noted, the updated work programme be agreed.

Tuesday, 10 June 2025. 2pm.

Tuesday 10 June 2025, 2pm.