The Annual Audit Letter for West Mercia Police and Crime Commissioner and Chief Constable

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "The Annual Audit Letter for West Mercia Police and Crime Commissioner and Chief Constable"

Transcription

1 The Annual Audit Letter for West Mercia Police and Crime Commissioner and Chief Constable Year ended 31 March 2015 October 2015 John Gregory Director and Engagement Lead T +44 (0) E Sarah Good T E Laurelin Griffiths In charge auditor T E 2015 Grant Thornton UK LLP Annual Audit Letter 2014/15

2 Contents Section Page 1. Key messages 3 Appendices A How we have worked with you during the year. 6 B Key issues and recommendations 7 C Summary of reports and audit fees Grant Thornton UK LLP Annual Audit Letter 2014/15 2

3 Key messages Our Annual Audit Letter summarises the key findings arising from the work that we have carried out at Police and Crime Commissioner ("PCC") for the West Mercia and the Chief Constable for West Mercia ("Chief Constable") for the year ended 31 March 2015 The Letter is intended to communicate key messages to the PCC, Chief Constable and external stakeholders, including members of the public. Our annual work programme, which includes nationally prescribed and locally determined work, has been undertaken in accordance with the Audit Plan that we issued on the 1 st July 2015 and was conducted in accordance with the Audit Commission's Code of Audit Practice, International Standards on Auditing (UK and Ireland) and other guidance issued by the Audit Commission and Public Sector Audit Appointments Limited. Financial statements audit (including audit opinion) We reported our findings arising from the audit of the financial statements to the PCC and Chief Constable in our Audit Findings Report, which was also considered by the Joint Audit Committee on 21 September The key messages reported were: We received draft financial statements and accompanying working papers in accordance with the timetable set by the PCC and Chief Constable and ahead of the statutury deadline of 30 June The financial statements submitted for audit were of good quality, delivered by an effective closedown process and supported by excellent working papers. Of particular note was the speed and efficiency queries were responded to by staff across all departments. We did identify a relatively small number of disclosure errors, and requested some adjustments to improve the presentation of the financial statements. The presentation of intra-group funding from the PCC to the Chief Constable was updated in the Comprehensive Income and Expenditure Statements (CIES) for both organisations. The funding cost previously shown within 'other comprehensive income and expenditure' is now included within the net cost of services. This amendment is as a result of clarified national guidance to promote consistency of presentation across police bodies. We issued an unqualified opinion on the PCC's and Chief Constable's 2014/15 financial statements on 21 st September 2015, meeting the deadline set by the Department for Communities and Local Government. Our opinion confirms that the financial statements give a true and fair view of the PCC's and Chief Constable's financial position and of the income and expenditure recorded by the PCC and Chief Constable Grant Thornton UK LLP Annual Audit Letter 2014/15 3

4 Key messages Value for Money (VfM) conclusion We issued an unqualified VfM conclusion for 2014/15 on 21 st September On the basis of our work, and having regard to the guidance on the specified criteria published by the Audit Commission, we are satisfied that in all significant respects both organisations put in place proper arrangements to secure economy, efficiency and effectiveness in their use of resources for the year ending 31 March The PCC and CC has demonstrated a drive and commitment to making changes in response to the recent reductions in Government funding. There is an understanding of the current financial position and finance is a continuing thread evidenced through all elements of the corporate planning processes. Within the 2014/15 budget the Chief Constable and PCC identified savings of 6.3m which enabled a balanced budget to be achieved in 2014/15. These substantial savings have again been achieved and the budget was underspent by 10.8m. The additional savings have mainly arisin from staff vacancies in year. The updated MTFS highlights the on-going significant financial challenges faced. The MTFP shows that the budget deficit for 2015/16 of 4m has been balanced by a contribution from reserves, with an additional planned spend of a further 2m for in year developments funded from reserves. The PCC has significant useable reserves ( 71.7m) and a track record of delivering financial performance in line with budgets. The level of reserves and planned use of reserves allows the PCC to invest in changes to improve productivity going forward. One of the most significant challenges going forwards is the uncertainty over the impact of changes being made nationally to the funding formula for PCCs. The findings from HMIC's PEEL assessment (Police Effectiveness Efficiency Legitimacy) highlighted that the West Mercia Police force provided 'value for money' and was rated as good over its efficiency and its ability to prevent offending and deal with anti-social behaviour.. Our work found that both bodies have good arrangements in place to secure financial resilience. In particular: a robust corporate strategy, medium term financial strategy and savings plan are in place the PCC delivered its overall savings target arrangements for governance processes including risk management and the production of the Annual Governance Statement are satisfactory financial management is sound with effective reporting of variances from plans 2015 Grant Thornton UK LLP Annual Audit Letter 2014/15 4

5 Key messages continued Audit fee Our fee for 2014/15 was 70,680 excluding VAT which was in line with our planned fee for the year and is unchanged from the previous year. Further detail is included within appendix B Grant Thornton UK LLP Annual Audit Letter 2014/15 5

6 Appendix A: How we have worked with you during the year Audit Committee Members PCC, CC and Senior Management Teams We: We: Provided assurance on financial reporting and financial resilience by giving a timely audit opinion and value for money conclusion Shared our thinking on key issues, including offering members copies of our first national report, which evaluated how the sector is responding to the Police Reform and Social Responsibility Act 2011 (PRSRA), 'The future of policing accountability: Learning the lessons' Met regularly with the Audit Committee to ensure you were kept up to date with the audit progress, as well as emerging issues affecting the wider Police Sector Provided independent external audit commentary and insight in your key issues trough senior attendance at every audit committee. 1 2 Ensured a smooth external audit process through regular dialogue and meetings to promptly discuss financial accounts opinion audit Met with the Senior Officers, including periodic meetings with the PCC and the Chief Constable, to discuss your major challenges, share our insight into national sector issues and provide support where possible. We provided assurance around the data transfer to the new ledger. Liaised with Internal Audit to minimise duplication We hosted the Third National Conference for Police and Crime Panels which members of the PCP came to. The focus of the conference was on the future of policing accountability ahead of the general election in May We worked with the finance department to further improve the accounts production process and to strengthen controls and systems Provided regular, timely and transparent reports from our work and briefing notes on key sector developments Invited you to attend our seminars for police audit committee members Provided you with copies of our national report on audit committee effectiveness in the police sector 2015 Grant Thornton UK LLP Annual Audit Letter 2014/15 6

7 Appendix B: Key issues and recommendations This appendix summarises the recommendations made during the 2014/15 audit. No. Issue and recommendation Priority Management response/ responsible office/ due date 1. Lack of movers' access administration for Active Directory There is no formal process to ensure that access rights and folder permissions are removed and not accumulated by staff as they move roles internally. During a period of change it is likely that users will move departments, shifts and functions and if there isn't a process to manage user amendments there is a risk that users will accumulate inappropriate or unsegregated duties Recommendation Management should introduce a formal user change management process which should be used consistently to manage user access rights and folder permissions. This should include consideration of segregation of duties and role based access control across the organisation. 2. Weak logical access controls There is no limit to the number of failed access attempts permitted on the systems under review in the Forces' shared services. We acknowledge the Forces' reluctance to impose restrictions on serving officers when they may require access urgently and the limitations of the ICT service desk coverage to support them 24/7. However, we consider that this is a control weakness that should be addressed urgently due to a combination of deficiencies identified in this report that undermine the controls in place:. There is a risk that systems can be accessed by those without authorisation or authority internally by having easy to guess and unlimited attempts. This may lead to the loss of critical and sensitive data. Recommendation Management should consider enabling account lockout controls within Active Directory to address the risk of password cracking. The best practice recommended number of attempts permitted is between Grant Thornton UK LLP Annual Audit Letter 2014/15 7 Medium High Management response: The appointment of business Information Asset Owners has been identified as part of the Network Accreditation Remediation Action Plan, responsibilities will include the management of access rights to folders. Responsible office: Head of Financial Management and Business Change. Due date: 2015/16 Management response: We have previously accepted the risk relating to Active Directory lock out settings. This is will be discussed further with the Head of ICT with potentially adding the risk to the ICT risk register. Specifically in relation to the finance systems - Since the upgrade in April 2014, all efinancials applications lock users out after 3 attempts and require unlocking on the server before access can be granted again. Passwords are a minimum of 8 characters long, including a number, and have to be changed every 30 days. There is a log of the previous 13 passwords for each user and passwords cannot be re-used until they are no longer in the log. Responsible office: : Head of Financial Management and Business Change Due date:.2015/16

8 Appendix B: Key issues and recommendations (Continued) This appendix summarised the significant recommendations identified during the 2014/15 audit. No. Issue and recommendation Priority Management response/ responsible office/ due date 3. Absence of logical access review for Active Directory and EFinancials Our review of user accounts and associated permissions for Active Directory and ABS EFinancials identified that they are not being formally and proactively reviewed for appropriateness. If periodic reviews of user accounts are not conducted on a regular basis, there is an increased risk that segregation of duties may be circumvented resulting from individuals changing roles without their access rights being reviewed and amended accordingly, affecting the integrity of financial data. This control weakness was also raised in 2013/14. Medium Management response: Information Asset Owners will have responsibility for reviewing of access rights relevant to their area of business. Specifically in relation to the finance systems - The system has only been operational since April Procedures are being implemented to send user access lists out to managers quarterly to check for leavers and internal moves. Responsible office: Head of Financial Management and Business Change. Due date: 2015/16. Recommendation Regular reviews of ABS EFinancials user accounts should take place at least annually with sufficient evidence to enable a third-party to confirm when the reviews were performed, who was involved, and what access changed as a result Grant Thornton UK LLP Annual Audit Letter 2014/15 8

9 Appendix B: Key issues and recommendations (Continued) This appendix summarised the significant recommendations identified during the 2014/15 audit. No. Issue and recommendation Priority Management response/ responsible office/ due date 4. Lack of security log reviews There is no documented process to review audit logs from the network or efinancials systems on a periodic basis. While this is mitigated to some extent by monitoring inactive accounts and disabling them, this does not provide data relating to access attempts to inactive accounts or activities of accounts with elevated permissions. However, there is no lockout policy and therefore abuse of system privileges or persistent attempt to access an unused account would not be identified. There is a risk that unusual activity or security events taking place within the network or efinancials systems might not be detected in a timely manner in the absence of such a control. Given the criticality of the data in these systems, it is advisable that there are processes to identify any unauthorised access, thereby reducing the risk of fraud, manipulation or error. Recommendation Management should identify the more critical audit logs and review them on a periodic basis for any anomalies. Medium Management response:. The development of audit provision for IT Security has been identified as part of the Network Accreditation Remediation Action Plan. Specifically in relation to the finance systems - As mention in point 2, users are locked out of efin applications after 3 failed log in attempts. Intervention is required by the Systems team at this point to re-enable the account. A user log exists, but can only be run for individual users. A security log covering all users would require a bespoke piece of work from ABS and is not being considered at this time. Responsible office: : Head of Financial Management and Business Change. Due date:. During 2015/ Grant Thornton UK LLP Annual Audit Letter 2014/15 9

10 Appendix B: Key issues and recommendations (Continued) This appendix summarised the significant recommendations identified during the 2014/15 audit. No. Issue and recommendation Priority Management response/ responsible office/ due date 5. Assets not valued To undertake a review of the assets not valued by the valuer to ensure that there valuation is not materially incorrect. Recommendation In 2016/17 to undertake a review of the assets not valued by the external valuer to demonstrate that they are not materially misstated. 6. Split of land and buildings Our review of valuations performed by Lambert Smith Hampton it was identified that they do not provide a valuation split between land and buildings where the value is below 2m. There is a risk that the value of buildings may be materially misstated going forward as incorrect depreciation rates may be applied. Recommendation In 2015/16 obtain valuation splits for land and building from the valuer 7. Recommendation The PCC and Chief Constable request Internal Audit to undertake an external review of their self assessment to demonstrate compliance with the Public Sector Internal Audit Standards. High High Medium Management response:. A documented management review will take place in consultation with the valuers during the closedown process for the 2015/16 Accounts Responsible office: Head of Accountancy and Financial Services Due date: April/May 2016 Management response:. The valuer will be instructed to split the valuations for the 2015/16 Accounts between land and buildings. Responsible office: Head of Accountancy and Financial Services Due date: April/May 2016 Management response:. An external review needs to be undertaken within 5 years of the implementation of the standards and the 5 years have not yet elapsed. As the Internal Audit service was restructured during 2015, Warwickshire County Council will be carrying out an external assessment during 2016/17 when the service has settled into its new combined service structure. Responsible office: Head of Internal Audit Due date: 2016/ Grant Thornton UK LLP Annual Audit Letter 2014/15 10

11 Appendix C: Reports issued and fees We confirm below the fees charged for the audit and non-audit services. Fees for audit services Police and Crime Commissioner audit Per Audit plan Actual fees 45,680 45,680 Chief Constable audit 25,000 25,000 Total audit fees 70,680 70,680 Fees for other services Service Fees Audit related services Nil Non-audit related services Nil Reports issued Report Date issued Audit Plan 1 st July 2015 Audit Findings Report 21 st September 2015 Annual Audit Letter October Grant Thornton UK LLP Annual Audit Letter 2014/15 11

12 2015 Grant Thornton UK LLP. All rights reserved. 'Grant Thornton' means Grant Thornton UK LLP, a limited liability partnership. Grant Thornton is a member firm of Grant Thornton International Ltd (Grant Thornton International). References to 'Grant Thornton' are to the brand under which the Grant Thornton member firms operate and refer to one or more member firms, as the context requires. Grant Thornton International and the member firms are not a worldwide partnership. Services are delivered independently by member firms, which are not responsible for the services or activities of one another. Grant Thornton International does not provide services to clients. grant-thornton.co.uk 2015 Grant Thornton UK LLP Annual Audit Letter 2014/15

The Annual Audit Letter for West Midlands Fire & Rescue Authority

The Annual Audit Letter for West Midlands Fire & Rescue Authority The Annual Audit Letter for West Midlands Fire & Rescue Authority Year ended 31 March 2014 October 2014 James Cook Engagement Lead T: 0121 232 5343 E: james.a.cook@uk.gt.com Emily Mayne Manager T: 07880

More information

The Annual Audit Letter for Torbay Council

The Annual Audit Letter for Torbay Council The Annual Audit Letter for Torbay Council Year ended 31 March 2014 October 2014 Alex Walling Engagement Lead T 0117 305 7804 E alex.j.walling@uk.gt.com Mark Bartlett Manager T 0117 305 7896 E mark.bartlett@uk.gt.com

More information

The Annual Audit Letter for North Middlesex University Hospital NHS Trust

The Annual Audit Letter for North Middlesex University Hospital NHS Trust The Annual Audit Letter for North Middlesex University Hospital NHS Trust Year ended 31 March 2015 17 July 2015 Phil Westerman Engagement Lead T+44 (0)207 728 2548 philip.r.westerman@uk.gt.com Geoffrey

More information

Solihull Metropolitan Borough Council. IT Audit Findings Report September 2015

Solihull Metropolitan Borough Council. IT Audit Findings Report September 2015 Solihull Metropolitan Borough Council IT Audit Findings Report September 2015 Version: Responses v6.0 SMBC Management Response July 2015 Financial Year: 2014/2015 Key to assessment of internal control

More information

The Audit Findings for London Borough of Richmond upon Thames

The Audit Findings for London Borough of Richmond upon Thames The Audit Findings for London Borough of Richmond upon Thames. Year ended 31 March 2013 September 2013 Page 13 Paul Grady Director T 020 7728 2681 E paul.d.grady@uk.gt.com Sarah Ironmonger Manager T 07880

More information

Appendix C Accountant in Bankruptcy. Annual report on the 2013/14 audit

Appendix C Accountant in Bankruptcy. Annual report on the 2013/14 audit Appendix C Accountant in Bankruptcy Annual report on the 2013/14 audit Prepared for Accountant in Bankruptcy and the Auditor General for Scotland 6 August 2014 Audit Scotland is a statutory body set up

More information

Scottish Sports Council Group and Lottery Fund

Scottish Sports Council Group and Lottery Fund Scottish Sports Council Group and Lottery Fund Annual Audit Report 2012-13 September 2013 2 2013 Grant Thornton UK LLP. All rights reserved Scottish Sports Council Group and Lottery Fund 2012-13 Annual

More information

The Audit Findings for NHS Dorset Clinical Commissioning Group

The Audit Findings for NHS Dorset Clinical Commissioning Group The Audit Findings for NHS Dorset Clinical Commissioning Group Year ended 31 March 2015 27 th May 2015 Barrie Morris Director T 0117 305 7708 E barrie.morris@uk.gt.com Hannah Morris Manager T 0117 305

More information

The Audit Findings for NHS Bristol Clinical Commissioning Group

The Audit Findings for NHS Bristol Clinical Commissioning Group The Audit Findings for NHS Bristol Clinical Commissioning Group Year ended 31 March 2015 21 May 2015 Barrie Morris Engagement Lead T 0117 305 7708 E Barrie.Morris@uk.gt.com Hannah Jones Audit Manager T

More information

Ref: Issue Raised Recommendation Priority Management Response Implementation Network and ABS E-Financials 1. Account security settings

Ref: Issue Raised Recommendation Priority Management Response Implementation Network and ABS E-Financials 1. Account security settings Appendix A Hertsmere Borough Council - Review of information technology controls 2011-12 Ref: Issue Raised Recommendation Priority Management Response Implementation Network and ABS E-Financials 1. Account

More information

The Audit Plan for West Mercia Energy Joint Committee

The Audit Plan for West Mercia Energy Joint Committee The Audit Plan for West Mercia Energy Joint Committee Year ended 31 March 2015 16th February 2015 Jon Roberts Partner T 0121 232 5410 E jon.roberts@uk.gt.com Andrew Davies Manager T 0121 232 5417 E andrew.davies@uk.gt.com

More information

The Audit Plan for the Lake District National Park Authority

The Audit Plan for the Lake District National Park Authority The Audit Plan for the Lake District National Park Authority. Year ended 31 March 2013 8 April 2013 Jackie Bellard Engagement Leader T 0161 234 6394 E Jackie.Bellard@uk.gt.com Ian Boit Audit Manager T

More information

Argyll and Bute Council

Argyll and Bute Council Argyll and Bute Council 3 June 2009 Contents Page 1 Executive Summary 1 Appendices A B Action plan Progress in implementation of prior year recommendations 1 1 Executive Summary 1.1 Introduction The Council's

More information

Aberdeen City Council IT Security (Network and perimeter)

Aberdeen City Council IT Security (Network and perimeter) Aberdeen City Council IT Security (Network and perimeter) Internal Audit Report 2014/2015 for Aberdeen City Council August 2014 Internal Audit KPIs Target Dates Actual Dates Red/Amber/Green Commentary

More information

Police and Crime Commissioner for Staffordshire and Chief Constable of Staffordshire

Police and Crime Commissioner for Staffordshire and Chief Constable of Staffordshire www.pwc.co.uk Government and Public Sector 04/03/2015 Police and Crime Commissioner for Staffordshire and Chief Constable of Staffordshire External Audit Plan 2014/15 Contents Code of Audit Practice and

More information

Informing the audit risk assessment Enquiries to those charged with governance Calderdale Council. Year ended 31 March 2013

Informing the audit risk assessment Enquiries to those charged with governance Calderdale Council. Year ended 31 March 2013 Informing the audit risk assessment Enquiries to those charged with governance Calderdale Council This version of the report is a draft. Its contents and subject matter remain under review and its contents

More information

At its meeting in March 2012, the Committee approved the Internal Audit Plan for 2012-13.

At its meeting in March 2012, the Committee approved the Internal Audit Plan for 2012-13. Audit Committee 28 Internal audit report ICT Security Executive summary and recommendations Introduction Mazars has undertaken a review of ICT Security controls, in accordance with the internal audit plan

More information

Informing the audit risk assessment for West Midlands Integrated Transport Authority Pension Fund

Informing the audit risk assessment for West Midlands Integrated Transport Authority Pension Fund Informing the audit risk assessment for West Midlands Integrated Transport Authority Pension Fund Year ended 31 March 2015 February 2015 John Gregory Engagements Lead T 07880 456 107 E john.gregory@uk.gt.com

More information

Manchester City Council

Manchester City Council Manchester City Council Accounts Audit Plan 2009/10 18 December 2009 Contents Page 1 Introduction 2 2 Approach and audit risks 3 3 Administration 13 4 Planned outputs 16 Appendices A B IFRS Action Plan

More information

Appendix 1c. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF INTERNET- BASED NETWORK SECURITY

Appendix 1c. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF INTERNET- BASED NETWORK SECURITY Appendix 1c DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF INTERNET- BASED NETWORK SECURITY DISTRIBUTION LIST Audit Team David Esling, Head of Audit Assurance, Risk

More information

Internal Audit Progress Report Performance and Overview Committee (19 th August 2015) Cheshire Fire Authority

Internal Audit Progress Report Performance and Overview Committee (19 th August 2015) Cheshire Fire Authority Internal Audit Progress Report (19 th August 2015) Contents 1. Introduction 2. Key Messages for Committee Attention 3. Work in progress Appendix A: Risk Classification and Assurance Levels Appendix B:

More information

Annual Governance Statement 2013/14

Annual Governance Statement 2013/14 31 Annual Governance Statement 2013/14 1. SCOPE OF RESPONSIBILITY ESPO is responsible for ensuring that its business is conducted in accordance with the law and proper standards, and that public money

More information

Informing the audit risk assessment for Cannock Chase District Council

Informing the audit risk assessment for Cannock Chase District Council ITEM NO. 9.1 Informing the audit risk assessment for Cannock Chase District Council Year ended 31 March 2016 March 2016 James Cook Engagement Lead T 0121 232 5343 E james.c.cook@uk.gt.com Laura Hinsley

More information

REVIEW OF THE FIREWALL ARRANGEMENTS

REVIEW OF THE FIREWALL ARRANGEMENTS WEST DORSET DISTRICT COUNCIL REVIEW OF THE FIREWALL ARRANGEMENTS Report issued: December 2007 The matters raised in this report are only those, which came to the attention of the auditor during the course

More information

Opinion on the robustness of the budget and the adequacy of the reserves. Helen Martin Ext. 7483

Opinion on the robustness of the budget and the adequacy of the reserves. Helen Martin Ext. 7483 BUDGET AND COUNCIL TAX SETTING 2015/16 Council 17 February 2015 Report of Status: Key Decision: Chief Finance Officer For Decision No Executive Summary: This report sets out the factors that need to be

More information

Interim Audit Report. Borough of Broxbourne Audit 2010/11

Interim Audit Report. Borough of Broxbourne Audit 2010/11 Interim Audit Report Borough of Broxbourne Audit 2010/11 The Audit Commission is an independent watchdog, driving economy, efficiency and effectiveness in local public services to deliver better outcomes

More information

Annual Audit Letter. Kettering General Hospital NHS Foundation Trust Audit 2010/11

Annual Audit Letter. Kettering General Hospital NHS Foundation Trust Audit 2010/11 Annual Audit Letter Kettering General Hospital NHS Foundation Trust Audit 2010/11 Contents Key messages 2 Audit opinion and financial statements 2 Value for money 2 Limited assurance opinion on the Quality

More information

Note the Chief Internal Auditor s findings to date and gain assurance from Officers that key issues raised are being addressed.

Note the Chief Internal Auditor s findings to date and gain assurance from Officers that key issues raised are being addressed. Agenda Item No: 9 To: Joint Audit Committee Date: 24 September 2014 By: Chief Internal Auditor Title: Internal Audit Update Report 2014-15 Purpose of Report: The purpose of this report is to give an opinion

More information

Information Commissioner's Office

Information Commissioner's Office Information Commissioner's Office Internal Audit 2013-14: Follow up Last updated 4 July 2014 Distribution For action Senior Corporate Governance Manager Timetable Fieldwork completed 21 May 2014 Draft

More information

August 2012 Report No. 12-048

August 2012 Report No. 12-048 John Keel, CPA State Auditor An Audit Report on The Texas Windstorm Insurance Association Report No. 12-048 An Audit Report on The Texas Windstorm Insurance Association Overall Conclusion The Texas Windstorm

More information

WEST LOTHIAN COLLEGE

WEST LOTHIAN COLLEGE WEST LOTHIAN COLLEGE ANNUAL REPORT TO THE BOARD OF GOVERNORS AND THE AUDITOR GENERAL FOR SCOTLAND ON THE EXTERNAL AUDIT FOR THE YEAR ENDED 31 JULY 2006 DECEMBER 2006 Wylie & Bisset Date of commencement

More information

DRAFT. Informing the audit risk assessment for Cheshire Fire Authority. Year ending 31 March 2013 xx April 2013

DRAFT. Informing the audit risk assessment for Cheshire Fire Authority. Year ending 31 March 2013 xx April 2013 Informing the audit risk assessment for Cheshire Fire Authority This version of the report is a draft. Its contents and subject matter remain under review and its contents may change and be expanded as

More information

Aberdeen City Council

Aberdeen City Council Aberdeen City Council Internal Audit Report Final Contract management arrangements within Social Care & Wellbeing 2013/2014 for Aberdeen City Council January 2014 Internal Audit KPI Targets Target Dates

More information

High level review of the general IT control environment

High level review of the general IT control environment High level review of the general IT control environment South Lakeland District Council 2012/13 Last updated 9 April 2013 Summary In January 2013 our information systems specialist performed a high level

More information

Information Commissioner's Office

Information Commissioner's Office Information Commissioner's Office IT Procurement Review Ian Falconer Partner T: 0161 953 6480 E: ian.falconer@uk.gt.com Last updated 18 June 2012 Will Simpson Senior Manager T: 0161 953 6486 E: will.g.simpson@uk.gt.com

More information

South Northamptonshire Council

South Northamptonshire Council South Northamptonshire Council Windows Active Directory Final Internal Audit Report - September Distribution list: Mike Shaw IT & Customer Services Manager David Price Director of Community Engagement

More information

Northumberland National Park Authority Report on the audit for the year ended 31 March 2012

Northumberland National Park Authority Report on the audit for the year ended 31 March 2012 Northumberland National Park Authority Report on the audit for the year ended 31 March 2012 September 2012 Dear Sirs We have pleasure in setting out in this document our report to the Northumberland National

More information

Accelerating your financial close arrangements

Accelerating your financial close arrangements Accelerating your financial close arrangements EY Think Piece Contents at a glance Local government accounting, auditing and governance preserving quality financial reporting in light of the new reporting

More information

DRAFT. Report to Governors on the Quality Report 2015/16. Royal United Hospitals Bath NHS Foundation Trust] Year ended 31 March 2016 16 May 2016

DRAFT. Report to Governors on the Quality Report 2015/16. Royal United Hospitals Bath NHS Foundation Trust] Year ended 31 March 2016 16 May 2016 Report to Governors on the Quality Report 2015/16 This version of the report is a draft. Its contents and subject matter remain under review and its contents may change and be expanded as part of the finalisation

More information

Informatics Policy. Information Governance. Network Account and Password Management Policy

Informatics Policy. Information Governance. Network Account and Password Management Policy Informatics Policy Information Governance Policy Ref: 3589 Document Title Author/Contact Document Reference 3589 Document Control Network Account Management and Password Policy Pauline Nordoff-Tate, Information

More information

Financial Planning Assessment Vale of Glamorgan County Borough Council. Audit year: 2013-14 Issued: January 2015 Document reference: 620A2014

Financial Planning Assessment Vale of Glamorgan County Borough Council. Audit year: 2013-14 Issued: January 2015 Document reference: 620A2014 Financial Planning Assessment Vale of Glamorgan County Borough Council Audit year: 2013-14 Issued: January 2015 Document reference: 620A2014 Status of report This document has been prepared for the internal

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Dacorum Borough Council Final Internal Audit Report

Dacorum Borough Council Final Internal Audit Report Dacorum Borough Council Final Internal Audit Report ICT Change Management Distribution list: Chris Gordon Group Manager Neil Telkman - Information, Security and Standards Officer Gary Osler ICT Service

More information

West Middlesex University Hospital NHS Trust

West Middlesex University Hospital NHS Trust www.pwc.co.uk July 2014 Government and Public Sector West Middlesex University Hospital NHS Trust Annual Audit Letter 2013/14 Audit PricewaterhouseCoopers LLP 7 More London Riverside London SE1 2RT The

More information

Internal Audit - progress report 2015-16 and 2016-17 plan

Internal Audit - progress report 2015-16 and 2016-17 plan Audit Committee, 16 March 2016 Internal Audit - progress report 2015-16 and 2016-17 plan Executive summary and recommendations Introduction Grant Thornton have prepared the attached report which sets out

More information

Report to Governors on the Quality Report 2013/14

Report to Governors on the Quality Report 2013/14 Report to Governors on the Quality Report 2013/14 Gloucestershire Hospitals NHS Foundation Trust Year ended 31 March 2014 21 May 2014 John Golding Partner T 0117 305 7802 E john.golding@uk.gt.com Kevin

More information

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Module Db Technical Solution Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Cost is reduced through greater economies of scale, removal of duplication

More information

F I N A N C I A L R E G U L A T I O N S

F I N A N C I A L R E G U L A T I O N S F I N A N C I A L R E G U L A T I O N S South Downs National Park Authority March 2014 Page 0 of 17 F I N A N C I A L R E G U L A T I O N S Contents Page 1 INTRODUCTION Purpose of Financial Regulations

More information

London Borough of Newham Updated 25 October 2013

London Borough of Newham Updated 25 October 2013 www.pwc.co.uk London Borough of Newham Updated 25 October 2013 Report to those charged with governance Report to those charged with governance of the authority on the audit for the year ended 31 March

More information

POLICY REFERENCE NUMBER Version 1.1. NEXT REVIEW DATE: June 2017 RISK RATING EQUALITY ANALYSIS

POLICY REFERENCE NUMBER Version 1.1. NEXT REVIEW DATE: June 2017 RISK RATING EQUALITY ANALYSIS POLICY Security Classification Disclosable under Freedom of Information Act 2000 Yes POLICY TITLE Information Assurance POLICY REFERENCE NUMBER A022 Version 1.1 POLICY OWNERSHIP DIRECTORATE BUSINESS AREA

More information

Sickness Reporting Audit Final Report

Sickness Reporting Audit Final Report ITEM 7 APPENDIX B(2) Sickness Reporting Audit Report Michael George Auditor Contact Details 07768 635682 Date of Review November 2013 Draft Report Issued 19 December 2013 Report Issued 14 January 2014

More information

Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013

Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013 1 Business Plan for Financial Management and Business Effectiveness Unit - May 2011 to 30 September 2013 1. Introduction 1.1 The Service s key responsibilities are: o The achievement of proper and effective

More information

Audit of Business Continuity Planning

Audit of Business Continuity Planning Cumbria Office of the Police & Crime Commissioner Audit of Business Continuity Planning 0 Cumbria Shared Internal Audit Service Images courtesy of Carlisle City Council except: Parks (Chinese Gardens),

More information

Income, innovation and investment Contents

Income, innovation and investment Contents Income, innovation and investment Contents Part one Policy... 2 Chapter 1 Definitions... 3 Income... 4 Innovation and ideas... 6 Investment... 6 Chapter 2 Principles... 7 VAT... 9 Part two Policy procedure...

More information

Implementation of Internal Audit Recommendations: Summary of Progress Report by Head of Finance

Implementation of Internal Audit Recommendations: Summary of Progress Report by Head of Finance Financial Scrutiny and Audit Committee 11 February 2014 Agenda Item No 13 Implementation of Internal Audit : Summary of Progress Report by Finance Summary: This report updates members on progress in implementing

More information

Internal Audit Strategic and Annual Plans 2015/16

Internal Audit Strategic and Annual Plans 2015/16 Internal Audit Strategic and Annual Plans 2015/16 Financial Scrutiny and Audit Committee 10 February 2015 Agenda Item No 8 Summary: This report provides an overview of the stages followed prior to the

More information

Information Commissioner's Office

Information Commissioner's Office Phil Keown Engagement Lead T: 020 7728 2394 E: philip.r.keown@uk.gt.com Will Simpson Associate Director T: 0161 953 6486 E: will.g.simpson@uk.gt.com Information Commissioner's Office Internal Audit 2015-16:

More information

Appendix 1C. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA PAYROLL CONTROL FRAMEWORK

Appendix 1C. DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA PAYROLL CONTROL FRAMEWORK Appendix 1C DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA PAYROLL CONTROL FRAMEWORK DISTRIBUTION LIST Audit Team Prakash Gohil, Audit Manager Karen Walker, Risk and Assurance

More information

Chief Constable. of Durham Constabulary

Chief Constable. of Durham Constabulary Chief Constable of Durham Constabulary Statement of Accounts for the year ended 31st March 2015 Chief Constable of Durham Constabulary Statement of Accounts 31 March 2015 Contents Page Explanatory Foreword

More information

States of Jersey Comptroller & Auditor General

States of Jersey Comptroller & Auditor General States of Jersey Comptroller & Auditor General Code of Audit Practice (Prepared under Article 18 of the Comptroller and Auditor General (Jersey) Law 2014) 28 November 2014 Foreword Independent external

More information

Derbyshire County Council Performance and Improvement Framework. January 2012

Derbyshire County Council Performance and Improvement Framework. January 2012 Derbyshire County Council Performance and Improvement Framework January 2012 Contents 1. Introduction 3 2. About the framework 4 3. Planning 7 5. Monitoring Performance 8 6. Challenge and Review 11 7.

More information

Section 7 Internal Control Framework

Section 7 Internal Control Framework Section 7 Internal Control Framework Contents Page 7.1 Internal Control and Risk Management... 3 7.1.1 Legislative Framework... 4 7.1.2 Accountability and Transparency... 13 7.2 Risk Management... 15 7.2.1

More information

Brighton and Sussex University Hospital NHS Trust

Brighton and Sussex University Hospital NHS Trust Brighton and Sussex University Hospital NHS Trust Year Ending 31 March 2013 Annual Audit Letter July 2013 Ernst & Young LLP Executive summary Ernst & Young LLP 1 More London Place London SE1 2AF Tel: +44

More information

Aberdeen City Council IT Asset Management

Aberdeen City Council IT Asset Management Aberdeen City Council IT Asset Management Internal Audit Report 2014/2015 for Aberdeen City Council January 2015 Terms or reference agreed 4 weeks prior to fieldwork Target Dates per agreed Actual Dates

More information

Internal Control Systems

Internal Control Systems D. INTERNAL CONTROL 1. Internal Control Systems 2. The Use of Internal Control Systems by Auditors 3. Transaction Cycles 4. Tests of Control 5. The Evaluation of Internal Control Component 6. Communication

More information

Certification of 2014/15 approved local authority grant claims and returns. Technical guidance note GN/GEN/15

Certification of 2014/15 approved local authority grant claims and returns. Technical guidance note GN/GEN/15 Certification of 2014/15 approved local authority grant claims and returns Technical guidance note GN/GEN/15 Prepared by the Technical Services Unit 1 April 2015 Audit Scotland is a statutory body set

More information

AUDIT COMMITTEE TERMS OF REFERENCE

AUDIT COMMITTEE TERMS OF REFERENCE AUDIT COMMITTEE TERMS OF REFERENCE 1. Purpose The Audit Committee will assist the Board of Directors (the "Board") in fulfilling its oversight responsibilities. The Audit Committee will review the financial

More information

WEST MERCIA BUDGET 2013/14 MEDIUM TERM FINANCIAL PLAN 2013/14 TO 2017/18. Report of the Treasurer, Director of Finance, Chief Executive and

WEST MERCIA BUDGET 2013/14 MEDIUM TERM FINANCIAL PLAN 2013/14 TO 2017/18. Report of the Treasurer, Director of Finance, Chief Executive and WEST MERCIA BUDGET 2013/14 MEDIUM TERM FINANCIAL PLAN 2013/14 TO 2017/18 Report of the Treasurer, Director of Finance, Chief Executive and Chief Constable 1. Recommendation The Commissioner is recommended

More information

The NHS Foundation Trust Code of Governance

The NHS Foundation Trust Code of Governance The NHS Foundation Trust Code of Governance www.monitor-nhsft.gov.uk The NHS Foundation Trust Code of Governance 1 Contents 1 Introduction 4 1.1 Why is there a code of governance for NHS foundation trusts?

More information

Annual Audit Letter. Basildon and Thurrock University Hospitals NHS Foundation Trust Audit 2009/10 August 2010

Annual Audit Letter. Basildon and Thurrock University Hospitals NHS Foundation Trust Audit 2009/10 August 2010 Annual Audit Letter Basildon and Thurrock University Hospitals NHS Foundation Trust Audit 2009/10 August 2010 Contents Key messages 3 Financial statements and statement on internal control 5 Securing economy,

More information

2 Matters to report from internal audit work completed during the period

2 Matters to report from internal audit work completed during the period 1 Introduction Appendix A 1.1 This report summarises the work undertaken during the nine months of the year to 31 December 2011 by the council's Internal Audit Service under the internal audit plan for

More information

External Audit Reviews. Report by Director of Finance

External Audit Reviews. Report by Director of Finance THE HIGHLAND COUNCIL AUDIT AND STANDARDS COMMITTEE 4 DECEMBER 2003 Agenda Item Report No External Audit Reviews Report by Director of Finance SUMMARY The pages that follow contain a report from the Council's

More information

POLICE AND CRIME PLANS

POLICE AND CRIME PLANS POLICE AND CRIME PLANS GUIDANCE AND PRACTICE ADVICE Version 2.0 Contents 1. Introduction 1 1.1 Police and Crime Plan Guidance 1 1.2 Statutory Framework 2 2. Strategic Planning 4 2.1 The Planning and Commissioning

More information

Report on the 2009/10 Audit to Accountant in Bankruptcy and the Auditor General for Scotland October 2010

Report on the 2009/10 Audit to Accountant in Bankruptcy and the Auditor General for Scotland October 2010 Accountant in Bankruptcy Report on the 2009/10 Audit to Accountant in Bankruptcy and the Auditor General for Scotland October 2010 Accountant in Bankruptcy Report on the 2009/10 Audit to Accountant in

More information

Registers of Scotland. Annual report on the 2012/13 audit

Registers of Scotland. Annual report on the 2012/13 audit Registers of Scotland Annual report on the 2012/13 audit Prepared for Registers of Scotland and The Auditor General for Scotland October 2013 Audit Scotland is a statutory body set up in April 2000 under

More information

Please note this policy is mandatory and staff are required to adhere to the content

Please note this policy is mandatory and staff are required to adhere to the content Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the

More information

Annual Report of Internal Audit 2012/13

Annual Report of Internal Audit 2012/13 Open Decision Item 4 Audit & Governance Committee 19 th June 2013 Annual Report of Internal Audit 2012/13 SYNOPSIS To report on Internal Audit s opinion of the overall adequacy and effectiveness of the

More information

IT REVIEW OF THE DISASTER RECOVERY ARRANGEMENTS

IT REVIEW OF THE DISASTER RECOVERY ARRANGEMENTS NOTTINGHAM CITY HOMES IT REVIEW OF THE DISASTER RECOVERY ARRANGEMENTS Report issued: February 2011 Audit Plan: The matters raised in this report are only those that came to the attention of the auditor

More information

Performance Management and Service Improvement Framework

Performance Management and Service Improvement Framework Performance Management and Service Improvement Framework Author Marcus Evans, Operational Director - Performance and Customer Insight Date: September 2014 Contents Page 1. Introduction 3 2. Strategic ning

More information

Report 6c. Final Internal Audit Report Network and Communications. April 2008

Report 6c. Final Internal Audit Report Network and Communications. April 2008 Report 6c Final Internal Audit Report Network and Communications April 2008 Contents Page Executive Summary 3 Observations and Recommendations 4 Appendix 2 - Staff Interviewed 14 Appendix 3 Benchmark Results

More information

Asset Register. 1.2 Definitions

Asset Register. 1.2 Definitions Asset Register 1.2 Definitions Asset is something that is owned by the business that can be converted to cash. Asset management is the system that monitors and maintains the assets of the business. 1 A4

More information

MANAGEMENT LETTER. Nassau Health Care Corporation and Subsidiaries Year Ended December 31, 2013. Ernst & Young LLP

MANAGEMENT LETTER. Nassau Health Care Corporation and Subsidiaries Year Ended December 31, 2013. Ernst & Young LLP MANAGEMENT LETTER Nassau Health Care Corporation and Subsidiaries Year Ended December 31, 2013 Ernst & Young LLP Ernst & Young LLP 5 Times Square New York, NY 10036-6530 Tel: +1 212 773 3000 Fax: +1 212

More information

Outcome performance measures Quarterly report

Outcome performance measures Quarterly report Item 10 GCP(14)72 Outcome performance measures Quarterly report For Board approval For Board briefing For Board steer For Board information Prepared by: Date: 16 October 2014 Page 1 of 7 Executive summary

More information

HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK

HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK HARLOW COUNCIL PERFORMANCE MANAGEMENT FRAMEWORK July 2013 1 P age Contents Page 1.0 Definition 3 2.0 Context 3 3.0 Purpose and aim of the policy 4 4.0 Policy Statement 4 5.0 Framework for Performance Management

More information

Audit Committee, 20 March 2014. Internal Audit Report Partners Expenses. Executive summary and recommendations. Introduction

Audit Committee, 20 March 2014. Internal Audit Report Partners Expenses. Executive summary and recommendations. Introduction Audit Committee, 20 Internal Audit Report Partners Expenses Executive summary and recommendations Introduction Mazars have undertaken a review of the HCPC s controls and processes for ensuring partners

More information

BERMUDA MONETARY AUTHORITY

BERMUDA MONETARY AUTHORITY BERMUDA MONETARY AUTHORITY BANKS AND DEPOSIT COMPANIES ACT 1999 THE BERMUDA MONETARY AUTHORITY S RELATIONSHIP WITH AUDITORS AND REPORTING ACCOUNTANTS OF BANKS AND DEPOSIT COMPANIES DECEMBER 2012 Table

More information

Colchester Borough Council. Year ending 31 Month Audit Plan

Colchester Borough Council. Year ending 31 Month Audit Plan Colchester Borough Council Year ending 31 Month 2013 Audit Plan February 2013 Finance and Audit Scrutiny Panel Colchester Borough Council Rowan House 33 Sheepen Road Colchester Essex CO3 3WG 11 February

More information

Recommendations which have been implemented have been removed from this report. The original numbering of recommendations has been retained.

Recommendations which have been implemented have been removed from this report. The original numbering of recommendations has been retained. Audit Committee, 25 June 2013 Internal audit Review of recommendations Executive summary and recommendations At its meeting on 29 September 2011, the Committee agreed that it should receive a paper at

More information

Housing Related Support Contract Management Framework 2009/10

Housing Related Support Contract Management Framework 2009/10 Housing Related Support Contract Management Framework 2009/10 0 If you would like this information in large print, audio tape or in any other format or language please contact the public information officer

More information

Audit and Governance Committee Report. 4 July 2011. quarter. Internal audit activity report. one 2011/2012 1/2012. Purpose of Report. Report No.

Audit and Governance Committee Report. 4 July 2011. quarter. Internal audit activity report. one 2011/2012 1/2012. Purpose of Report. Report No. Audit and Governance Committee Report 4 July 2011 Report of Audit Manager Author: Adrianna Partridge Telephone: 01235 547615 Telephone: 01491 823544 E-mail: adrianna.partridge@southandvale.gov.uk Cabinet

More information

The University s responsibilities and its arrangements for internal audit Internal audit protocol 2014/15 to 2016/17

The University s responsibilities and its arrangements for internal audit Internal audit protocol 2014/15 to 2016/17 The University s responsibilities and its arrangements for internal audit Internal audit protocol 2014/15 to 2016/17 Summary This paper sets out the University s current obligations and arrangements for

More information

Information Security Incident Management Policy September 2013

Information Security Incident Management Policy September 2013 Information Security Incident Management Policy September 2013 Approving authority: University Executive Consultation via: Secretary's Board REALISM Project Board Approval date: September 2013 Effective

More information

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite. www.lepide.com/2020-suite/

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite. www.lepide.com/2020-suite/ Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite 7. Restrict access to cardholder data by business need to know PCI Article (PCI DSS 3) Report Mapping How we help 7.1 Limit access to system

More information

FLORIDA DEPARTMENT OF ENVIRONMENTAL PROTECTION LOAN NO. WW67006P

FLORIDA DEPARTMENT OF ENVIRONMENTAL PROTECTION LOAN NO. WW67006P FLORIDA DEPARTMENT OF ENVIRONMENTAL PROTECTION LOAN NO. WW67006P SPECIAL PURPOSE FINANCIAL STATEMENT AND INDEPENDENT AUDITORS REPORTS AUGUST 2007 (DATE OF LOAN INCEPTION) THROUGH SEPTEMBER 2011 CITY OF

More information

Data Quality Policy. Appendix A. 1. Why do we need a Data Quality Policy?... 2. 2 Scope of this Policy... 2. 3 Principles of data quality...

Data Quality Policy. Appendix A. 1. Why do we need a Data Quality Policy?... 2. 2 Scope of this Policy... 2. 3 Principles of data quality... Data Quality Policy Appendix A Updated August 2011 Contents 1. Why do we need a Data Quality Policy?... 2 2 Scope of this Policy... 2 3 Principles of data quality... 3 4 Applying the policy... 4 5. Roles

More information

LEICESTERSHIRE COUNTY COUNCIL RISK MANAGEMENT POLICY STATEMENT 2011-2012

LEICESTERSHIRE COUNTY COUNCIL RISK MANAGEMENT POLICY STATEMENT 2011-2012 106 LEICESTERSHIRE COUNTY COUNCIL RISK MANAGEMENT POLICY STATEMENT 2011-2012 Leicestershire County Council believes that managing current and future risk, both opportunity and threat, is increasingly vital

More information

CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT

CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT Public Sector Auditing.. Private Sector Thinking CENTRAL LINCOLNSHIRE LOCAL PLAN HIGHLIGHT REPORT Date: 7 th November 2014 Author: Rachel Abbott Principal Auditor Introduction & Scope The National Planning

More information

House of Commons Corporate Governance Framework

House of Commons Corporate Governance Framework House of Commons Corporate Governance Framework What is Corporate Governance? 1. Good corporate governance is fundamental to any effective organisation and is the hallmark of any well-managed corporate

More information

Financial Resilience Assessment Bridgend County Borough Council. Audit year: 2015-16 Issued: March 2016 Document reference: 210A2016

Financial Resilience Assessment Bridgend County Borough Council. Audit year: 2015-16 Issued: March 2016 Document reference: 210A2016 Financial Resilience Assessment Bridgend County Borough Council Audit year: 2015-16 Issued: March 2016 Document reference: 210A2016 Status of report This document has been prepared as part of work performed

More information

Dacorum Borough Council Final Internal Audit Report. IT Business Continuity and Disaster Recovery

Dacorum Borough Council Final Internal Audit Report. IT Business Continuity and Disaster Recovery Dacorum Borough Council Final Internal Audit Report IT Business Continuity and Disaster Recovery Distribution list: Chris Gordon Group Manager Performance, Policy and Projects John Worts ICT Team Leader

More information