INTERNAL AUDIT PROGRESS REPORT

Transcription

1 APPENDIX 1 INTERNAL AUDIT PROGRESS REPORT SEPTEMBER NOVEMBER 2014 Angela Struthers Audit Manager November 2014

2 TABLE OF CONTENTS TABLE OF CONTENTS... 1 REPORT ON AUDIT WORK CARRIED OUT DURING... 2 SEPTEMBER TO NOVEMBER Introduction... 2 Performance of Internal Audit... 2 Number of Recommendations Made/Accepted... 2 Number of Recommendations Implemented... 2 Customer Satisfaction on Post Audit Questionnaires... 4 Progress made against Audit Plan... 4 Audit Work Carried Out... 4 Planned Work (68%)... 5 Training (2%)... 7 Planning/Reporting/Management (8%)... 7 Corporate Work (3%)... 7 Support Work (4%)... 8 Absences (15%)... 8 Conclusion... 8 (September to November 2014) Page 1

3 Introduction Internal Audit Progress Report September to November 2014 REPORT ON AUDIT WORK CARRIED OUT DURING SEPTEMBER TO NOVEMBER 2014 This report briefly summarises the audit work carried out during September to November 2014 for which detailed reports have been submitted and replies have been received unless otherwise indicated. Discussions have been held with the relevant staff during the preparation and completion of audit reports submitted. Performance of Internal Audit The following table details the performance of the Internal Audit Section against the performance targets set for 2014/15. Performance Indicator Number of Recommendations Made/Accepted Number of Recommendations Implemented at time of follow up review. Average Scores achieved on Customer Satisfaction Questionnaires Percentage of Annual Plan Completed (profiled target) Target for 2014/15 Performance Achieved (April to November 2014) Target Achieved 90% 100% Yes 76% 75.7% Yes Yes 54% 55.44% Yes Number of Recommendations Made/Accepted At the conclusion of every audit, an audit report is issued to management detailing the findings of the audit review, together with any recommendations, required to be implemented, to address any weaknesses identified. During the period September to November 2014, 15 recommendations were made, of which 14 (93%) have been agreed by management for implementation. The level of acceptance of audit recommendations has exceeded the performance indicator included in the Corporate Performance Management System (90%). Number of Recommendations Implemented Follow up reviews are undertaken to ensure that appropriate action, has been taken by management in response to the recommendations made. Internal Audit has undertaken 7 follow up reviews during the period September to November A total of 37 recommendations should have been implemented at the time of the follow up review. It was identified that 28 of these recommendations (75.7%) had been satisfactorily implemented. Revised timescales for the outstanding recommendations have been agreed with management and further follow up reviews will be undertaken to ensure that appropriate action has been taken. (September to November 2014) Page 2

4 The target set for 2014/15 for the percentage of audit recommendations that should have been implemented at the time of the follow up review is 76%. The level of audit recommendations implemented (75.7%) has achieved the performance indicator included in the Corporate Performance Management System. All recommendations included in audit reports are prioritised as high, medium or low risk. This enables managers to prioritise their resources to address those recommendations, which have been identified as high risk first. This also enables more meaningful information to be produced regarding the implementation of recommendations. The recommendations implemented during the period September - November 2014 (75.7%), can be categorised as follows: - HIGH MEDIUM LOW TOTAL NUMBER PERCENTAGE The recommendations not implemented by management at the time of the follow up review during the period September to November 2014, 9 (24.3%), can be categorised as follows: - HIGH MEDIUM LOW TOTAL NUMBER PERCENTAGE The Internal Audit Protocol only requires two follow up reviews to be undertaken. Should any recommendations be outstanding at the time of the second follow up review, then no further action will be undertaken by internal audit, but instead management accept the risk for non-implementation of any outstanding recommendations. During the period September to November 2014 we have written off 1 recommendation, which had not been implemented at the second follow up review. This relates to the following area: REVIEW HIGH MEDIUM LOW TOTAL Shared Services TOTAL There were no high priority recommendations written off during this period. The medium recommendation not implemented at the second follow up of the shared service review related to there not being a formal agreement in place for the print service provided by Walsall Council. This can be explained due to the uncertainty of the future of the provision. A review of the print service has been commissioned for the Spring (September to November 2014) Page 3

5 Customer Satisfaction on Post Audit Questionnaires Management s views are sought at the conclusion of each audit by the issue of a Customer Satisfaction Questionnaire. This requires management to give a satisfaction rating of between 0 and 5. Our target satisfaction score is 4. No Customer Satisfaction Questionnaires were returned during the period. Progress made against Audit Plan At the end of November 2014, 55.44% of the plan had been completed against a profiled target of 54%. Attached, as Appendix A, is a schedule which shows how we have arrived at the percentage of the audit plan completed, together with the current situation for each item on the audit plan. During the period, we have issued 1 final reports relating to 2014/15. There are a further 5 reports which are at draft report stage and 9 reviews in progress. Audit Work Carried Out The pie chart below details the actual time spent on each type of activity during this quarter. This is based on the actual number of days available (i.e. excludes holidays). (September to November 2014) Page 4

6 Progress Report - Sept 2014 to Nov 2014 Training 2% Plan/re/Mgt 8% Contingency 0% Absences 15% Support 4% Special Investigations 0% Corporate 3% Planned 68% As can be seen, 68% of available audit time has been spent on planned work (includes follow up reviews and project working groups). Planned Work (68%) For each audit carried out, Internal Audit arrives at a conclusion that assesses the level of assurance that can be placed on the system of internal control being reviewed in one of five categories. The category reflects the assessment of the robustness of the internal control environment with an opinion on whether the actual controls in place are being consistently applied. The categories of assurance are detailed in the table below: Category Excellent Assurance Substantial Assurance Category Description Key controls exist and are applied consistently and effectively. Considerable assurance can be given that the system will achieve its objectives safely whilst achieving value for money (VFM). There is a very slight risk of loss (all asset types), fraud, impropriety, or damage to reputation. Key controls exist but there may be some inconsistency in application. Compensatory controls are operating effectively. Assurance can be given that the system, process or activity should achieve its objectives safely whilst achieving value for money (VFM). There is some risk of loss (all asset types), fraud, (September to November 2014) Page 5

7 Category Adequate Assurance Limited Assurance Poor Assurance Category Description impropriety, or damage to reputation. There are some control weaknesses but most key controls are in place and operating effectively. Some assurance can be given that the system, process or activity should achieve its objectives safely whilst achieving value for money. There is an average probability of loss (all asset types), fraud, impropriety, or damage to reputation. Controls are in place but operating poorly or controls are inadequate. Only limited assurance can be given that the system, process or activity should achieve its objectives safely. There is an above average probability of loss (all asset types), fraud, impropriety, or damage to reputation Controls are failing or not present. No assurance can be given that the system, process or activity should achieve its objectives safely. There is a very high probability of loss (all asset types), fraud, impropriety, or damage to reputation) In addition, the recommendations made in internal audit reports (action plans) have been placed into one of three categories, namely: High - there is a serious control weakness that includes material noncompliance to standing orders, financial regulations or that could lead to material loss, or failure to meet legal/statutory requirements/departmental policies. Medium - there is a significant control weakness that could lead to nonmaterial loss, or non-compliance to departmental operational/financial procedures. This would also include minor non-compliance to financial regulations. Low - to implement this would be good practice. In this context risk may be viewed as the chance, or probability, of one or more of the Council s objectives not being met. It refers both to unwanted outcomes that might arise, and to the potential failure to realise desired outcomes. Reviews Completed and Final Report Issued There has been 1 review relating to 2014/15 that was completed and the final report issued during this period. In addition, there were 5 reviews at draft report stage and a further 9 reviews in progress. These are as follows: Audit Review Audit opinion Recommendations Made H M L Total Parks Management Substantial Assurance (September to November 2014) Page 6

8 Audit Committee Members have requested more details regarding audit reviews, which have been given Limited or Poor Assurance. During the period September to November 2014, no reviews had been completed within these categories. Reviews Completed to Draft Report Stage Five reviews relating to 2014/15 had been completed to draft report stage at the end of November, as follows: - Debtors Licensing Safeguarding Children and Vulnerable Adults Environmental Health Income Grounds Maintenance Draft reports have been produced and responses are awaited. Reviews in Progress Fraud Awareness/Proactive Fraud Work National Fraud Initiative 2014 Pensions Assurance Work 2014 NNDR Housing Benefit Computer Audit Lichfield Garrick recharges and payments Friary Grange Leisure Centre Cheque Security The Internal Audit Section is frequently asked to give advice and assistance to Management. However, none of the areas have had more than 2 days spent on them during the quarter and as such no details are provided in this report. Training (2%) Various training courses were attended by members of the internal audit team this period. Planning/Reporting/Management (8%) Time was spent preparing the quarterly update report and Audit Committee. In addition, time was spent attending Managers Forum, various corporate meetings and Audit Team Meetings. Included in the time above is also the normal supervision of the Audit Section and the Internal Audit Contractor. Corporate Work (3%) Time has also been spent on the following Corporate issues: Review of Internal Audit and the Risk Management process; (September to November 2014) Page 7

9 Performance Indicators for Internal Audit; SCAG and SCAG IT meetings; and External Audit Liaison Support Work (4%) Time was spent undertaking Office Duties, Budget Monitoring, APACE system/maintenance, Compliance with the Public Sector Internal Audit Standards and the Review of Effectiveness of Internal Audit. Absences (15%) The number of days of sickness for the period was above the number of days allowed in the audit plan (4%). Conclusion This report summarises the areas covered by Internal Audit during September to November Internal Audit staff have worked with staff of the Council to ensure internal control is properly maintained and that systems are appraised, and, where appropriate, improved. It is pleasing to report that we have achieved 3 of our 4 performance targets this period. Finally, the outcome of the Internal Audit Service Review has seen the joint working arrangement with South Staffordshire District Council come to an end on 30 th September 2014 and a new arrangement with Tamworth Borough Council providing Lichfield District Council with audit management support commenced on the 1st October Angela Struthers Audit Manager 17 th December 2014 (September to November 2014) Page 8