Agenda and draft minutes

To receive any apologies for absence and notification of substitutions.

Apologies were received by Councillors Boughtflower, Williams and Woodward.

To confirm the minutes of the meeting held on 9 July 2024

The minutes of the meeting held on 9 July 2024 were approved as a correct record.

To receive any disclosures of interest from Councillors in accordance with the Council’s Code of Conduct for members.

There were none.

To note the Internal Audit Progress Report (August 2024).

The Committee received a report on the Internal Audit Progress Report from Natalie Jerams, Deputy Head of Southern Internal Audit Partnership. This was the first internal audit progress report since the Internal Audit Plan was approved in July 2024. The report provided a mechanism through which internal audit performance, issues impacting the Chief Internal Auditors annual opinion, and progress against the audit plan can be monitored. It was highlighted that due to the Best Value Inspection, the internal audit plan was more heavily weighted to Q3 and Q4 in acknowledgement of officer capacity and the avoidance of potential areas of duplication during this period. However the plan would continue to be monitored to make relevant additions. The report featured an analysis of live audit review and a detailed rolling work programme.

The Committee noted that the report was dated August 2024 and queried whether any further progress had been made to the report. The Deputy Head, SIAP responded that the only updates included the introduction of fieldwork on the CIPFA Financial Management Code audit review. Scoping meetings for Q3 audit reviews were also underway which will be reflected within the next progress report.

The Committee asked whether the outstanding overdue actions had been reviewed and whether they were confirmed as appropriate and necessary. Natalie Jerams clarified that no further work or assessments were being undertaken to progress overdue recommendations relating to the period before SIAP were appointed; However, as and when these audit areas were rereviewed, there would be referral to previous audit findings and recommendations and evidence to see this has been implemented to close the action. The Committee requested that in connection with overdue audits, it would be useful to add an additional column or Asterix to highlight any changes to the revised due date. Natalie Jerams confirmed should would add the newest date in bold under the original revised dates if there were any further changes.

The Committee observed that it was useful to present a table of past and present audit reviews but questioned whether it was possible to link this to our Corporate Risk Register to aid understanding of operational and delivery related actions. Natalie confirmed that there were links to the Corporate Risk Register within the Internal Audit plan and confirmed she would make any adjustments to reflect links within ongoing progress reports. 

The Committee resolved to note the Internal Audit Progress Report. 

To receive a verbal update on the work of the External Auditors.

Keith Mungadzi, Senior Audit Manager at Grant Thornton provided a verbal update on the status of Grant Thornton’s Auditor's Annual Report 23-24 and Audit Finding's Report 23-24 which were due to be considered at Audit Committee on 30 January 2025 to achieve national deadline timescales (28^th February 2025). The current audit work was in the fieldwork stage as all evidence had been received which was in the process of being evaluated and concluded. If there were any issues highlighted in the meantime, these would be addressed with the relevant management team contact at Spelthorne.

The Deputy Chief Executive reiterated that Grant Thornton were responsible for assessing the 2023-24 Audit opinions. In regards to addressing the audit backlog period relating to years 2018-19 up to and including financial year 2022-23, the Statutory Instrument laid on 9 September 2024 introduced a new backstop date of 13 December 2024. Consequently, an Extraordinary Audit Committee has been scheduled on 4^th December 2024 where we will receive a reports from BDO on Audit opinions/disclaimers on the audits for accounts for the backlog period.

The Committee raised concerns that they were required to approve five sets of external audited accounts at the upcoming Extraordinary Audit Committee without having sight of an audit plan from BDO which defined key areas of focus. The Committee formally requested that they are sent the recommendations they are due to endorse in advance of 4^th December 2024 in order to digest this information fully. The Deputy Chief Executive would confirm a date with BDO where committee members could see an early first draft of the reports on the external audited accounts and Value For Money Work.

The Committee resolved to note the External Audit Update.

To consider the audit risk assessment for Spelthorne Borough Council 2023/24.

The Committee received a report from Keith Mungadzi, Senior Audit Manager at Grant Thornton to present the Audit Risk Assessment for Spelthorne Borough Council 2023/24. The report outlined a series of questions on six risk areas and the response received by Spelthorne’s management. The Audit Committee were asked to consider whether these responses were consistent with their understanding and whether there were any further comments it wished to make.

The Committee initially highlighted that question 11 and the enclosed response relating to the section on Accounting Estimates, General Enquiries of Management did not correspond with each other. The Deputy Chief Executive confirmed he will follow up on this with Grant Thornton and provide a substantial response to the question and forward to Committee members. 

The Committee inquired whether an incident relating to a Council owned housing property referenced within page 2 of General Enquiries of Management had been highlighted to the Community Wellbeing and Housing Committee as the relevant forum. The Deputy Chief Executive responded that he would follow up on this, however it had been highlighted to Knowle Green Estates as the responsible body.

The Committee further identified that in question one of Accounting Estimates, General Enquiries of Management, there should be reference to tenant failures, bankruptcy and any impact to the accruals accounting method as material events which give rise to the need for, or changes in, accounting estimate and related disclosures. The Deputy Chief Executive agreed it would be useful to expand on this in the management response and would liaise with Grant Thornton to illustrate this point.

The Committee highlighted that the risk assessment made no reference to how the Council adhered to laws and training on cyber security and data protection regulations which should be areas of focus for internal and external auditing. The representative from Grant Thornton explained that cyber security and IT control were key areas of focus and outcomes of fieldwork related to this area will be featured in Grant Thornton’s Audit Finding's Report 23-24. The Deputy Chief Executive also provided additional reassurance that appropriate controls to mitigate cyber security and data protection breaches were in place including monthly training refreshers for staff to complete. This was also the case for risks connected to artificial intelligence as a robust policy had recently been implemented to monitor artificial intelligence usage within the organisation.

The Committee resolved to note Grant Thornton’s Audit Risk Assessment for Spelthorne Borough 2023/24 with the addition of further comments made by this Committee.

To note the progress in relation to the Procurement Internal Audit Progress Review Update and the Implementation of the Procurement Act 2023.

The Committee considered a report from Terry Collier, Deputy Chief Executive on the Procurement Internal Audit Recommendations Progress Update. A point of clarification was initially provided in relation to section 2.2 of the report in that The new Procurement Act 2023, originally planned to commence on 28 October 2024 had been delayed to 24 February 2025. This was to allow time for the National Procurement Policy Statement to be adapted in line with the new Government’s priorities. As a result of this delay, the Council had additional time to prepare for changes including the facilitation of further training sessions for relevant staff and all Councillors. The permanent Procurement Manager was also joining on 1^st October 2024 who would support the consolidation of the new act within the Council. The report highlighted the most significant areas of change due to be imposed by the new act such as revised processes and new vocabulary. In the Internal Audit there were a number of recommendations that were partially implemented but will soon be subsumed into the requirements of the Procurement Act. There will also be new contract Standing Orders to be approved by full Council and disseminated to all staff.

The Independent Member noted that the outstanding Internal Audit procurement actions should be coordinated with SIAP to address as part of their internal audit plan. It was also considered beneficial to see a fuller and detailed internal audit report from SIAP on procurement as this was an important area. The Deputy Chief Executive confirmed that an audit of procurement will be undertaken by SIAP in Q3 of this year.

The Committee raised concerns regarding the progression of contract standing orders and that the Contract Register available on the public website was not being maintained. The Committee requested that the register be updated sufficiently in the interim period until the new Procurement Act was implemented in February 2025. The Deputy Chief Executive would ensure the register was updated and clarified that once the new act was in place, a central portal will replace the contracts register.

The Committee resolved to note the progress in relation to the Procurement Internal Audit Progress Review Update and the Implementation of the Procurement Act 2023.

To note the review of the Confidential Reporting Code by the Monitoring Officer has taken place and agree to retain the current policy.

The Committee considered a report from Linda Heron, Deputy Monitoring Officer which advised and updated members on the outcome of the annual review of the Confidential Reporting Code which was still fit for purpose and covered all matters. The report also provided an update on the number of whistleblowing cases raised under the Code in the past year. Since the Code was last reviewed, three matters have been raised. One did not amount to whistleblowing and the other two had been duly investigated.

The Committee queried whether the code was robust enough in light of significant whistleblowing complaints materialising on a national context. The Deputy Monitoring Officer confirmed that the code continued to be effective and the Council was committed to the highest possible standards of openness, probity and accountability.

The Committee raised concern regarding the wording within the confidentiality section of the code and identified there should be more reassurance for matters to be treated in confidence. The Deputy Monitoring Officer confirmed she will report this back to the Monitoring Officer to review. In the circumstance that confidentiality cannot be maintained, this will be justified and consent for any disclose will be sought.

The Committee resolved to note that the review of the Confidential Reporting Code by the Monitoring Officer had taken place and agreed to retain the current policy.

To Consider the significant strategic risks and issues highlighted in

this report and present these to the Corporate Policy and

Resources Committee, ensuring continued wider reporting of the

Corporate Risk Register and actions across other Committees.

The Committee received a report from Terry Collier, Deputy Chief Executive on the Corporate Risk Register (Corporate Risk Management) which set out the significant strategic risks to the Council in delivering its priorities. Further refinements continued to be made to the refreshed format of the Corporate Risk Register and some of the technical issues had been resolved since the last Committee. The key headlines and updates to the broad risk categories since the last Audit Committee were highlighted which incorporated feedback from members.

The Committee raised that they had experienced difficulty in understanding the Risk Scoring Matrix in Appendix B and what the numbers represented. The Deputy Chief Executive confirmed he will relay this feedback to Lee O’Neil to consider making this section more clear in the next update to the register.

The Independent Member asked whether when drafting the Corporate Risk Register in future we could also attach the latest version of the Investment Assets Register which was produced in response to the Public Interest Report as part of the action plan, for transparency purposes. More broadly the Independent member also identified it would be beneficial for this committee to have a running record of actions discussed by this Committee to be informed of their status in an action tracker format. The Deputy Chief Executive responded that he would liaise with the Group Head Assets who was responsible for maintaining the Investment Assets Register on the feasibility of the initial request. The Deputy Chief Executive would also explore the second suggestion.

The Committee observed that a number of risk categories were still rated red and queried whether officers were clear on the criteria and actions in place to improve this scoring. The Deputy Chief Executive confirmed that relevant officers were aware of the criteria to improve risk rating scores for their categories and that this was detailed in the register within the control actions, mitigating actions and future actions sections for each category.

The Committee resolved to consider the significant strategic risks and issues highlighted in this report and present these to the Corporate Policy and Resources Committee, ensuring continued wider reporting of the Corporate Risk Register and actions across other Committees.

To consider and approve the work programme for the municipal year

The Committee considered its Work Programme for the remainder of the 2024-2025 Municipal year.

The Chair advised that the Audit Committee scheduled 30^th January 2025 had been moved to 28^th January 2025 to accommodate an external attendee.

The Chair confirmed that an Extraordinary Audit Committee had been scheduled on 4^th December 2024. Reports on the External Audited Accounts and Value for Money Statement would be presented by BDO at this Committee.

Resolved that the Committee Work Programme for the remainder of the 2024-2025 Municipal year, be approved.

Meeting ended at 21:03pm.

- Natalie Jerams confirmed should would make necessary refinements to future Internal Audit Progress reports including making clear revised due dates for overdue audits and making links to the Corporate Risk Register 

-Terry Collier to confirm a date with BDO where committee members could see an early first draft of the reports on the external audited accounts and Value For Money Work (ahead of Extraordinary Audit Committee 4^th December 2024)

-Terry Collier to liaise with Grant Thornton and expand on sections in the Audit Risk Assessment and forward responses to Committee members

- SIAP to provide a fuller and detailed internal audit report on procurement when this is next presented at Committee

-Terry Collier to convey to relevant staff and ensure the Contracts Register on the public website is maintained until implementation of the Procurement Act in February 2025

-Lee O’Neil to make figures more clear in the next update to the Risk Scoring Matrix within the Corporate Risk Register

-Coralie Holman to consider attaching the latest version of the Investment Assets Register to the Corporate Risk Register

- Terry Collier to consider creating a running record of actions discussed by this Committee to be informed of their status in an action tracker format.