DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA

Transcription

1 Appendix 1c DIRECTORATE OF AUDIT, RISK AND ASSURANCE Internal Audit Service to the GLA REVIEW OF CORPORATE GOVERNANCE, STRATEGIC PLANNING AND PERFORMANCE FRAMEWORKS INTEGRATING NEW AREAS OF GLA BUSINESS

2 DISTRIBUTION LIST Audit Team Head of GLA Audit: Steve Hutton Audit Manager: Mark Woodley Report Distribution List Tom Middleton, Head of Performance & Governance Mark Roberts, Executive Director of Secretariat Ed Williams, Head of Committee & Member Services/Monitoring Officer David Gallie, Assistant Director of Finance

3 CONTENTS EXECUTIVE SUMMARY Page Background 1 Audit Assurance 1 Areas of Effective Control 1 Key Risk Issues for Management Action 2 FINDINGS AND RECOMMENDATIONS Review Objectives 3 Scope 3 Adherence with best practice and statutory requirements 3 Roles and Responsibilities 4 Monitoring Arrangements 6 Management Information and Reporting Arrangements 7 ACTION PLAN Risk and Assurance Definitions 11 Risks and Recommendations 12

4 EXECUTIVE SUMMARY 1. Background 1.1 The audit was carried out as part of the 2011/12 audit plan. 1.2 The objectives of the Greater London Authority (GLA) Corporate Governance, Strategic Planning and Performance Frameworks are to ensure that the GLA is able to achieve its overall purpose and outcomes in an ethical, effective and efficient way. 1.3 At the outset of the review the potential key risks to the achievement of service objectives were identified as: Ill-defined GLA corporate governance, strategic planning and performance monitoring frameworks Non-compliance with legislation and recognised best practice Ill defined objectives and outcomes Lack of understanding/definition of new areas of business Lack of clarity on roles, responsibilities and accountabilities Lack of transparency with inaccurate information available to members / staff Insufficient arrangements to manage, plan and deliver change Inadequate performance criteria and measurement Ineffective integration of new areas of business and ineffective management of interdependencies Inconsistency in application of standards Ineffective reporting and communication arrangements 2. Audit Assurance Full Assurance There is particularly effective management of key risks and business objectives are being achieved. 3. Areas of Effective Control 3.1 Clearly defined corporate governance, strategic planning and performance frameworks are in place which are regularly reviewed in order to ensure they are in line with best practice and meet statutory requirements. 3.2 Processes have been established to ensure that the objectives and outcomes of the new areas of GLA business resulting from the devolution programme are clearly defined, properly approved and effectively communicated. Adequate controls have been implemented to ensure that the devolution programme is effectively managed. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 1

5 EXECUTIVE SUMMARY 3.3 The roles and responsibilities of London Assembly members, committees and GLA staff are clearly stated and properly approved. Clear objectives and outcomes are in place. All GLA staff have received corporate governance training. 3.4 Comprehensive monitoring arrangements are in place for new and existing areas of GLA business. Transparency of the GLA decision making process is maintained through the London Assembly s scrutiny function. 3.5 Adequate management information is produced regularly and is properly scrutinised. 4. Key Risk Issues for Management Action 4.1 The planned revision of the member s induction scheme needs to reflect changes in the corporate governance framework resulting from the Localism Act 2011 and the change of administration. Members may not be aware of key corporate governance issues. 4.2 The quarterly GLA Group monitoring report is not being discussed on a timely basis by the Budget Monitoring Sub-committee. The Budget Monitoring Sub-committee may be asked to comment upon out of date information. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 2

6 5. Review Objectives 5.1 Our overall objective was to review the effectiveness of the control frameworks for corporate governance, strategic planning and performance. In particular: 6. Scope The GLA corporate governance, strategic planning and performance frameworks are clearly defined, based on recognised best practice, meet statutory requirements and are reviewed regularly. In this instance, we will take into account the work already conducted in the GLA led review of corporate governance; The objectives and outcomes for the new areas of business and related interdependencies are clearly defined, properly approved and effectively communicated. Adequate controls are in place to ensure that deliverables are managed, monitored effectively and on a timely basis; Lines of accountability and roles and responsibilities are properly identified, clearly documented, properly approved and effectively integrated, with appropriate training, into the GLA corporate governance, strategic planning and performance management frameworks; The governance, strategic planning and performance monitoring arrangements will be reviewed for completeness and consistency and reported on post implementation; Accurate management information is produced on a regular basis, reviewed and reported accordingly. 6.1 Our review assessed the effectiveness of the control framework supporting the Mayoral strategies and initiatives. We examined the processes in place for corporate governance, strategic planning and performance management operated by the London Assembly and the GLA. 6.2 This review originally comprised of two separate audits, one looking at Corporate Governance and the other Strategic Planning and Performance. Following discussions with the GLA it was decided to combine the two reviews due to the links between the two subjects. 7. Adherence with best practice and statutory requirements 7.1 The GLA has a three year Strategic Plan for 2010/12 in place. The plan is reviewed annually and the plan was updated for 2011/12 in June The plan is approved by the Major and also contains the authority budget which is approved by the London Assembly. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 3

7 7.2 The Strategic Plan is comprised of two parts, the first part sets out the Mayor s vision for London and outlines the key deliverables for the GLA and the key milestones for the achievement of these deliverables, the quarter they are planned to be completed and the responsible the Mayoral Adviser and GLA officer. The updated Strategic Plan for 2011/12 contains 57 deliverables. The second part of the plan is the Budget Book which details the budget for each GLA unit, the responsible officer, the unit s purpose and key objectives. 7.3 Due to the GLA election in May 2012 it is planned to issue a projects and budgets book for 2012/13. This will cover the main areas of the strategic plan and include the new parts of GLA business resulting from the devolution programme but will take into account the limitations caused by the elections. 7.4 In line with best practice the GLA has a GLA Group Corporate Governance Framework Agreement which was last published in May The framework agreement aims to demonstrate the commitment of the GLA s elected members, Mayoral appointees, members of the boards of the functional bodies, and officers within the Group to behave in an open and transparent way and to be properly accountable for their actions and behaviours. The agreement sets the terms on which interaction between the various functional bodies, the mayor s office and the assembly should take place. Although the document is not legally binding it represents a commitment by the signatories to work together to improve the clarity and cohesion of activity across the group and to deliver more effective governance. A review of the Framework Agreement by the GLA Monitoring Officer is about to commence and it is planned that the revised Framework Agreement will be proposed to the Assembly after the GLA elections in May The revised framework will also incorporate the new areas of GLA business resulting from the devolution programme. 7.5 A GLA decision making process is in place which highlights the principle decision making processes which are carried out by the Major, the London Assembly and GLA staff. 7.6 All policies and procedures regarding corporate governance, strategic planning and performance monitoring are held in the relevant sections of the GLA intranet and internet sites. 8. Roles and Responsibilities 8.1 The GLA maintains a comprehensive set of procedures which outline how it will carry out its roles and responsibilities. Up to date schemes of delegation are in place for the Mayoral Functions, Functions of the London Assembly and the Head of Paid Service with the most recent updates taking place in October 2011, July 2011 and November 2009 respectively. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 4

8 8.2 Roles and responsibilities of London Assembly members and committees are clearly stated. The structure, membership and terms of reference for each London Assembly Committee are agreed each year at the Assembly s annual meeting. 8.3 Up to date GLA Standing Orders are in place with the latest version issued in January 2012 following approval by the London Assembly on the 18 th January The GLA does not at present have a member/officer protocol setting out how Assembly members and the GLA will communicate and work together. A draft protocol has been reviewed informally and approved in principle by the Major and has also been presented to the Standards Committee and Business Management and Administration Committee. It is planned for the protocol to be put to the Assembly at its meeting on the 7 th March, in addition the Mayor will be asked to approve the protocol. 8.5 A mandatory Corporate Governance e-learning module for all GLA staff was launched in August The module resulted from a request by the Corporate Governance Steering Group and provides an introduction to corporate governance and covers key issues such as the code of conduct, decision making and financial regulations and contains a series of questions aimed at testing understanding. In addition the module provides links to key corporate governance documentation. Completion of the e-learning module is included as part of the induction programme for all new staff. Corporate governance is also included in the GLA Induction Seminar. A corporate health indicator is in place for the provision of corporate governance training with a target of 100% for new starters and 100% for refresher training at each change in administration. All current GLA staff have received the training and a monitoring system is in place to ensure all new members of staff including those who have joined as part of the devolution programme complete the training. It is planned to provide refresher training for all GLA staff following the GLA election in May The refresher training will consider any changes to the corporate governance framework resulting from the change in administration. 8.6 There is no corporate governance training scheme in place for members. A member s handbook is available on the GLA intranet site but is does not provide an introduction to the corporate governance framework. It is planned to refresh the member s induction scheme which was last used in 2008 after the GLA election in May 2012 and that it will include corporate governance training. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 5

9 Risk and Recommendation There is a risk that members are unaware of key corporate governance issues leading to non-compliance with policies and procedures we therefore recommend that the revised member s induction scheme includes any changes to the corporate governance framework arising from the Localism Act 2001 and the change in administration. 8.7 An up to date code of conduct for members and code of ethics and standards for GLA staff are in place. Both codes are available on the GLA intranet and internet sites and define the standards of personal behaviour which members and employees are required to follow. The codes were last reviewed and revised in 2010/11. The code of conduct for members is currently being reviewed in order to ensure that it covers the requirements of the Localism Act A draft copy of the revised code of conduct for members was presented to the Business Management and Administration Committee for comment on the 15 th December 2011 and the Standards Committee on the 18 th January It is planned that the revised code conduct for members will be in place when the new administration comes into being following the GLA Election on the 3 rd May Monitoring Arrangements 9.1 A monthly report of all GLA expenditure over 500 is published on the GLA internet site. The report is also presented to the Budget Monitoring Subcommittee. 9.2 A formal complaints procedure is in place for both members and staff. The complaints procedure is currently being revised by the GLA Monitoring Officer in order to meet the requirements set by the Localism Act Adequate processes are in place for recording outstanding actions resulting from monitoring performance. The review of lists of actions completed and outstanding is a standing item on all committee agendas. Minutes and transcripts are produced of all committee meetings and published on the GLA internet site. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 6

10 9.4 As a result of the Localism Act 2011 from the 1 st July 2012 it will no longer be a statutory requirement to maintain a Standards Committee. The Committee is responsible for promoting and maintaining high standards of conduct by the Mayor, Assembly Members, and co-opted members of the Assembly s committees and sub-committees. At the Standards Committee meeting on the 18 th January 2012 it was decided that the Committee would only meet to deal with its statutory responsibilities regarding complaints made against GLA members. The Assembly s Business Management and Administration Committee on the 29 th February 2012 will be asked to approve proposals under which the other Standards Committee responsibilities such as the monitoring of expenses will be transferred to the London Assembly Audit Panel. 9.5 Assurances are provided by Internal and External Audit on the control environment in place in the GLA. The Audit Panel meets on a quarterly basis to discuss internal control matters and both the Internal and External Auditors produce an annual report which gives an opinion on the control environment in place in the GLA. 9.6 A formal process for integrating the new areas of business resulting from the devolution programme is in place. A Devolution Programme Board and working party were established to plan and monitor the integration process. In addition regular updates on the devolution programme are provided to the Business Management and Administration Committee. A lessons learnt review was carried out for the integration of the London Development Agency which highlighted issues such as the need for a standardisation of documentation and data and its distribution in the GLA. An action plan was established in order to ensure that the lessons learnt were integrated into the devolution programme. As part of the 2012/13 Internal Audit plan it is proposed that a review of the devolution programme is carried out as part of an audit of External Funding and Project Management. 10. Management Information and Reporting Arrangements 10.1 As part of the London Assembly s scrutiny function it is required to hold ten Mayor s Question Times during which the Mayor presents a report to the London Assembly. The report also includes details of all Mayoral and Director Decisions which have taken place since the previous Mayor s Question Time. In addition the Mayor may be given the opportunity by the Chair of Mayor s Question Time to provide an oral update on any matters which have taken place since the date that the Mayor s Question Time report was published. The Mayor and relevant members of GLA staff are questioned on issues covering the GLA s duties. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 7

11 10.2 Comprehensive procedures are in place to ensure the transparency of decisions made within the GLA. Mayoral decisions which cover the approval of new or significant initiatives and cover all proposals where the expenditure is over 50,000 are listed publicly on the GLA internet site. Director decisions and delegated decisions made regarding the 2012 Olympic and Paralympic games are also listed publicly on the GLA internet site. Templates are used to record both Mayoral and Directors decisions and signed copies are published on the GLA internet site. In addition both sets of decisions are reported to the Budget Monitoring Sub-committee and included as part of the Mayor s report to the Assembly Transparency is further enhanced by the London Datastore which is held on the GLA internet website. The Datastore provides datasets for the GLA and GLA Group, London Boroughs and other organisations such as the London Ambulance Service and NHS London. The site offers the opportunity for members of the public to suggest datasets which can be included in the Datastore The Mayor of London s annual report outlines the achievements of the GLA for the preceding year. The report is in two parts, the first part highlights key achievements for the year whilst the second provides a detailed breakdown of the performance of the GLA and the wider GLA group. Part two also provides an update on the progress made against each of the Mayoral Strategies and provides details of GLA performance against a series of corporate health indicators An annual governance statement is produced by the Mayor and the Head of Paid Service and is included as part of the annual statement of accounts. The statement outlines the corporate governance framework in place, the results of an annual review of governance and the response to any significant governance issues raised during the year In 2011 the Authority reviewed its corporate governance framework in order to ensure that it is consistent with the principles of the 2007 CIPFA/SOLACE Framework Delivering Good Governance in Local Government A process is in place for the regular monitoring and review of corporate governance issues within the GLA. The Corporate Governance Steering Group meets on a monthly basis and is chaired by the Director of Resources. The Steering Group s key roles are to ensure that the GLA s corporate governance procedures are up to date and to promote staff awareness and adherence to corporate governance procedures. Current issues the Steering Group is dealing with include the approach to strategic planning for 2012/13 and the implementation of the new standards regime resulting from the Localism Act February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 8

12 10.8 The GLA Finance Team produces monthly budget monitoring reports for Directors and Cost Centre Managers The reports are discussed by the Head of each unit with their link accountant and results of these discussions and any actions required are recorded The GLA Performance Team is responsible for the monitoring and reporting on GLA performance. A quarterly GLA Group monitoring report covering financial performance, progress of GLA projects, progress against Strategic Plan deliverables and performance against eighteen corporate health indicators is presented to the Budget Monitoring Sub-committee. Each deliverable is rated to indicate the level to which the projects are progressing according to plan. Key milestones are recorded and comments on progress are provided by the responsible Directorate. The 2011/12 Strategic Plan contains 57 deliverables and the most recent monitoring report for quarter /12 showed that 40 were marked as green and 17 as amber with no marked as red. The monitoring report provides a comprehensive review of financial performance with analysis of over and under-spends The timeliness of information provided in the quarterly GLA monitoring report to the Budget Monitoring sub-committee could be improved. The sub-committee considered the quarter 1 information at its meeting on 18 th October. The final agenda deadline for the reports to be printed on the agenda was the 7 th October and the Assembly received the last quarterly report (GLA) on 4 October. Similarly, for the December meeting, the LDA and LFEPA reports were provided on 2 nd December, the final date for inclusion on the agenda for the meeting on 11 th December. The Budget Monitoring sub-committee therefore held its meeting within 2 weeks of receiving the relevant quarterly reports on each occasion and within 3 days of the final deadline for inclusion on the agenda. Although it is appreciated that the timing of meetings is decided by the Assembly and need to be timed to accommodate the meetings of the functional bodies' boards which must first consider the information being presented there is a need to where possible provide more up to date information as the review of the quarterly report is a key part of the sub-committee s terms of reference. Risk and Recommendation There is a risk that members are asked to comment on out of date information we therefore recommend that the quarterly GLA monitoring report is updated to reflect any changes which have taken place between the end of the quarter and the sub-committee meeting An annual report is produced by the London Assembly outlining the work carried out by London Assembly members in scrutinising the work of the Major and the performance of the GLA. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 9

13 10.12 GLA Projects are approved and monitored by the Investment and Performance Board which meets monthly. A monitoring report is provided to the Board which outlines progress in the implementation of GLA projects. Projects for the new areas of GLA business resulting from the devolution programme have been included in this process Since 2000 the Annual London Survey has taken place in order to identify the views of Londoners on a number of issues such as transport and policing. The results of the survey are published on the GLA internet site. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 10

14 RISK CATEGORISATION RISK AND AUDIT ASSURANCE STATEMENT - DEFINITIONS Assurance Level Assurance Criteria 1 Full There is particularly effective management of key risks and business objectives are being achieved. 2 Substantial Key risks are being managed effectively, however some controls need to be improved to ensure business objectives are met. 3 Limited Some improvement is required to address key risks before business objectives can be met. 4 No Significant improvement is required to address key risks before business objectives can be met. There is a sound framework of control operating effectively to achieve business objectives. The framework of control is adequate and controls to mitigate key risks are generally operating effectively. A number of controls to mitigate key risks are not operating effectively. The control framework is inadequate and controls in place are not operating effectively to mitigate key risks. The business area is open to abuse, significant error or loss and/or misappropriation. Definitions of Risk Ratings Priority Categories recommendations according to their level of priority. 1 Critical risk issues for the attention of senior management to address control weakness that could have significant impact upon not only the system, function or process objectives, but also the achievement of the organisation s objectives in relation to: The efficient and effective use of resources The safeguarding of assets The preparation of reliable financial and operational information Compliance with laws and regulations. 2 Major risk issues for the attention of senior management to address control weaknesses that has or is likely to have a significant impact upon the achievement of key system, function or process objectives. This weakness, whilst high impact for the system, function or process does not have a significant impact on the achievement of the overall organisational objectives. 3 Other recommendations for local management action to address risk and control weakness that has a low impact on the achievement of the key system, function or process objectives ; or this weakness has exposed the system, function or process to a key risk, however the likelihood is this risk occurring is low. 4 Minor matters need to address risk and control weakness that does not impact upon the achievement of key system, function or process or process objectives; however implementation of the recommendation would improve overall control. February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 11

15 ACTION PLAN Ref. Findings and Risk Priority Recommendations Accepted Responsibility Target Date 8.6 The planned revision of the member s 2 The revised member s induction scheme Yes Head of Committee & Member In the induction scheme needs to reflect includes any changes to the corporate Services aftermath changes in the corporate governance governance framework arising from the of the framework resulting from the Localism Localism Act 2001 and the change in 2012 GLA Act 2011 and the change of administration. elections administration. Members may be unaware of key corporate governance issues leading to non-compliance with policies and procedures The quarterly GLA monitoring report is not discussed on a timely basis by the provided to the Budget Monitoring subcommittee. Members may be asked to comment on out of date information. 3 The quarterly GLA monitoring report is updated to reflect any changes which have taken place between the end of the quarter and the Budget Monitoring sub-committee meeting. Yes Assistant Director of Finance and Head of Performance & Governance On-going on a quarterly basis February 2012 Corporate Governance, Strategic Planning and Performance Frameworks 12