Minutes of Meeting of the Audit and Scrutiny Committee held in the Council Chamber, Council Headquarters, Glenurquhart Road, Inverness on Thursday, 1 October 2009 at 10.30 a.m.

 

Present:

 

Mrs J Urquhart, Mr R Greene, Dr A Sinclair, Mr A Rhind, Mr A Torrance, Ms A MacLean, Mr E Hunter Mr B Clark, Mr D Kerr, Mr I Brown, Mr K MacLeod, Mr T Prag, Mr G Rimell

 

Non-Members also present:

 

Mr G Smith, Dr D Alston, Mr D Fallows

 

Officials in Attendance:


Ms M Morris, Assistant Chief Executive
Mr D Robertson, Head of Accounting
Mr N Rose, Head of Internal Audit and Risk Management
Mrs V Nairn, Head of E Government, Chief Executive’s Service
Ms L Johnstone, Head of Legal and Democratic Services
Mr J Grieve, Corporate ICT Manager
Mr J Shepherd, ICT Strategy and Projects Manager
Miss D Sutherland, Principal Auditor
Miss J MacLennan, Democratic Services Manager
Mrs R Daly, Committee Administrator


 
Also in attendance:


Ms K Jenks, Senior Auditor, Audit Scotland
Ms G Menger, Senior Auditor (ICT), Audit Scotland

 

Mrs J Urquhart in the Chair

 

Business

 

An asterisk in the margin denotes a recommendation to the Council.  All decisions with no marking in the margin are delegated to the Committee.

 

1. Apologies for Absence

 

Apologies for absence were intimated on behalf of Mr D Bremner, Mr D Mackay, Mr J Rosie, Mr P Cairns, Mr H Wood, Mr J Gray, Mr J Ford, Mrs G Sinclair, Mr A S Park, Mr L Fraser and Dr M E M Foxley.

 

2. Internal Audit Progress Report

 

There had been circulated Report No. AS-22-09 dated 22 September 2009 by the Head of Internal Audit and Risk Management which summarised the final reports issued since the date of the last meeting, together with details of work in progress and other information relevant to the operation of the Internal Audit Section.

 

During a summary of the report, it was confirmed that planned work was currently in progress and would be the subject of future reports to the Committee.  This included eleven draft reports currently in progress and one draft report which had been issued.  The Section had also been involved in a variety of other work, including: Caithness Heat and Power (CHaP), Irregularity/ Fraud Investigations, Review of Financial Regulations, Computer Audit and scoping and planning the Scrutiny review of the efficiency agenda within the Council.

 

In terms of staffing, two further appointments had been made.  Once the new members of staff took up their posts, the Section would have a full complement of 10 staff (excluding the Head of Internal Audit & Risk Management) for the first time since March 2008.

 

During discussion, Members made reference to the commencement of the next scrutiny topic, efficiency savings, and the composition of the Scrutiny Planning Working Group.  It was the general view that the Group should comprise of Members who had a particular knowledge and interest, depending on the scrutiny topic.  In this connection, if the Working Group’s membership were to be reviewed to address different scrutiny topics, it was noted that the Council’s political balance would still require to be retained. 

 

The final reports issued during the period were also detailed as follows:-

  • General Ledger – feeder systems

In terms of the objectives of the audit, it had been concluded that data from feeder systems had been correctly transferred to the general ledger and the output properly reflected the financial data within the system. Whilst improvements had occurred since the last audit report on reconciliations, further improvements regarding the accuracy of the control spreadsheet and reviewing of reconciliations had been made to provide further assurance that controls were operating satisfactorily.

 

As a result of the audit, three recommendations had been made, all at priority grade 3, and were due to be implemented by December 2009.

  • Compliance with RIPSA (Follow Up)

Overall the system was considered reliable, however, the audit had found some administrative issues with the Central Register.  While good work had been carried out in the training and awareness of RIP(S)A throughout the Council, there was a need for ongoing emphasis on improving the administration systems in place.

 

There were five recommendations in the report, one of which had already been implemented, three which were to be implemented by October 2009 and one which was an ongoing standing item on the RIP(S)A Management Group’s agenda.

 

After discussion, the Committee NOTED the terms of the final reports and the current work of the Internal Audit Section as detailed.

 


3. Internal Audit Plan Progress Report

 

There had been circulated Report No. AS-23-09  dated 22 September 2009 by the Head of Internal Audit and Risk Management which detailed progress against the Internal Audit Plan for 2009/10 and the revisions that had been made in this regard.

 

During a summary of the report, it was confirmed that staff vacancies and unplanned work had impacted on progress with the Audit Plan although measures had been taken to achieve as much of the planned audit coverage as possible.  In compiling the Audit Plan, an additional allowance had been made for unplanned work, including irregularity/fraud investigations and project work.  

 

The Chair of the Committee had requested that a review of the Council’s procedures relating to Houses in Multiple Occupation be included in the Audit Plan and it was clarified that this audit would involve both TEC Services and Housing and Property Services.  In response to comments made by Members, it was confirmed that the audit would address whether the Council had a standard specification for Houses in Multiple Occupation and, if so, whether it was applied consistently throughout the Council.  The audit would also address issues regarding consistency in contract procedures, particularly for spot purchasing and block contracts with providers. 

 

During discussion, Members commented on the proposal to postpone an audit on anti-social behaviour from the 2009/10 Audit Plan and welcomed the intention to consider this for inclusion in the Plan for the following year.

 

The Committee NOTED the progress against the Internal Audit Plan for 2009/10 and the adjustments that had been made as detailed in the report.

 

4. External Audit Reviews 

 

There had been circulated Report No. AS-24-09 dated 16 September 2009 by the Depute Chief Executive and Director of Finance which contained a report from the Council’s External Auditors (Audit Scotland) on information handling and security.

 

During a summary of the report, it was confirmed that the audit had identified three areas of risk to the Council.  It had also been recognised that some areas of good practice existed corporately and in individual Services and that there were many challenges ahead for the Council to ensure a secure information handling environment and, in particular, that it needed to:

 

  • provide corporate leadership and increase awareness of appropriate information handling procedures across all Services and at all staff levels;
  • gather information on information assets (electronic, paper, hardware, software) across the organisation so that appropriate security measures could be implemented for those assets which required additional protection; and
  • implement and monitor the agreed Information Security Framework and its associated procedures to provide guidance to all staff on appropriate information handling.

 

During discussion, Members welcomed the report and stressed the need for vigilance in relation to information handling and security.  The Head of E Government provided reassurance that the Council was taking this matter very seriously and that the comments from External Audit were particularly welcomed.  It was also confirmed that significant progress was being made at a Corporate and individual Service level to progress information handling and security.  Members had approved the Information Management Strategy and the Records Management Strategy at the Resources Committee earlier in the year and these strategies had governed the work streams underway.  Further, a process of education was being progressed through a staff newsletter – a copy of which had been tabled at the meeting.  The information management and data security function had been centralised and a new team had been created in the new centralised ICT Service which had been a significant investment for the Council.  Encryption of all laptops which held sensitive data was also being progressed and this was being led directly by the Chief Executive.

 

The Committee NOTED the terms of the report as circulated and the measures being taken by ICT Services to raise awareness of information handling and security.

 

The Committee also NOTED that Audit Scotland had issued an unqualified audit opinion on the Council’s financial statements and that a detailed report on all audit activity throughout the year would be reported to the next meeting of the Committee in December 2009.

 

5. Timetable of Committee Meetings 2010

 

The Committee NOTED that, on 3 September 2009, the Council had agreed the timetable of Committee meetings for 2010 and that there would now be 4 meetings of the Audit and Scrutiny Committee during 2010 rather than 6 as in previous years.   

 

The meeting ended at 11.30 a.m.


 

A to Z of Council Services [skip]

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z |