Agenda item

Report of the Director of Finance

The Committee considered a report of the Director of Finance and Corporate Services, which summarised the Council’s Internal Audit activity for the period April 2019 to March 2020 against the agreed Audit Plan for 2019/20 and the Public Sector Internal Audit Standards.  The report also provided the Committee with the Chief Internal Auditor’s opinion on the overall adequacy and effectiveness of the Council’s internal control environment for the 2019/20 financial year.

The key target for the Internal Audit and Risk Service was to complete 90% of its agreed work plan by the 31^st March 2020.  During 2019-20, the audit plan was subject to revision due to unplanned absence in the Team / implementation of the restructure, which the Audit and Procurement Committee were previously advised of.  As a result, the performance of the Service has been assessed against the revised audit plan of 440 days.  As illustrated by the chart overleaf, the service delivered 89% of this plan. 

Whilst it was recognised that the performance was slightly below target, this was solely due to the impact of Covid-19 in March 2020 which led to delays in finalising two draft audit reports by the 31^st March 2020 (both reports had since been agreed.)  In respect of the other remaining four audits which formed part of the 2019-20 audit plan and which were not completed by the end of March 2020, two had now been finalised and two have been postponed due the pandemic (and would be rescheduled as appropriate.) 

In addition to the delivery of the Plan, the Service had a number of other key performance indicators (KPIs) which underpinned its delivery. These KPIs were aimed at ensuring that the audit process was completed on a timely basis.

.

In the Chief Internal Auditor’s view, sufficient assurance work had been carried out to allow her to form a reasonable conclusion on the adequacy and effectiveness of Coventry City Council’s internal control environment. Whilst there had been some impact on the total number of individual audits carried out in 2019-20 as a result of the revised audit plan of 440 days (in comparison to 480 days in 2018-19), sufficient assurance work across the areas which are key to forming the annual audit opinion (i.e. audits of key financial systems, reviews linked to the management of corporate risks and follow up reviews) had been carried out.

It is the Chief Internal Auditor’s opinion that moderate assurance can be provided that there is generally a sound system of internal control in place designed to meet the Council's objectives. This means that there is generally an appropriate level of control for managing the majority of the significant inherent risks to the Council’s objectives to a reasonable level. Through Internal Audit work, actions are agreed to improve the control environment and assist the Council in achieving its objectives.  A defined process exists within the Service to gain assurance that all actions agreed had been implemented on a timely basis.

In giving this opinion, assurance can never be absolute as the system of internal control is designed to manage risk to a reasonable level.  It cannot eliminate all risk and can therefore only provide reasonable and not absolute assurance of effectiveness.

In undertaking the assessment of the Council's internal control environment, the Chief Internal Auditor has identified a number of areas that, in her opinion, needed to be considered when the Council produces its Annual Governance Statement for 2019-20.

From a general point of view, whilst any audit where ‘limited’ or ‘no’ assurance was provided required attention, an assessment is also made as to whether the review has a significant corporate impact and consequently needs to be considered in the producing the Annual Governance Statement, or whether the review was limited to specific working practices in service areas which did not have a wider bearing on the Council’s control environment.  The following key issues were highlighted: Health and Safety Audit Programme and IT disaster recovery.

Arising from discussion at the meeting, the Committee asked for further information on the progress of recommendations made in respect of the audit of IT Disaster Recovery.  It was confirmed that when the formal follow-up review of this audit was undertaken, the findings would be reported back to the Committee.

RESOLVED that the Committee note:

1.  The performance of Internal Audit against the Audit Plan for 2019-20.

2.  The results of the Quality Assurance and Improvement Programme and the Chief Internal Auditor’s statement on conformance with the Public Sector Internal Audit Standards.

3.  The summary findings of key audit reviews (attached at appendix two) that have not already been reported to Audit and Procurement Committee during municipal year 2019-20 and which are relevant to the opinion on the overall adequacy and effectiveness of Coventry City Council's internal control environment.

4.  The opinion of the Chief Internal Auditor on the overall adequacy and effectiveness of Coventry City Council's internal control environment.