Agenda item

Report of the Director of Finance and Resources (Section 151 Officer)

The Audit and Procurement Committee considered a report of the Director of Finance and Resources (Section 151 Officer), that summarised the Council’s Internal Audit activity for the period April 2024 to March 2025 against the agreed Audit Plan for that year and the Public Sector Internal Audit Standards. It provided the Chief Internal Auditor’s opinion on overall adequacy and effectiveness of the Council's risk management, internal control, and governance arrangements for the financial year 2024-25, as set out in section 2.4 of the report. Appendices to the report provided details of the audits completed in 2024-25 and a summary of findings from key audit reports.

The key target for the Internal Audit Service was to complete 90% of its agreed work plan by 31st March 2025. Whilst the plan was originally developed on the basis of an estimate of 650 available audit days, this was subsequently amended to 625 days as a result of the rescheduling of work in relation to Digital Services (which is delivered externally. The change was reported to the Audit and Procurement Committee in March 2025 (minute 61/24 referred) and the performance of the Service assessed against the revised audit plan of 625 days. The Service delivered 89% of the plan, which was minimally below target but not viewed that it materially impacted on the ability to provide an annual audit opinion. Of the seven audits which formed part of the 2024-25 audit plan, and which were not completed by the end of March 2025, one has now been finalised, and the remaining six are ongoing / have been rescheduled. 

In addition to the delivery of the Plan, the Service has a number of other key performance indicators (KPIs) which underpinned its delivery. These KPIs were aimed at ensuring that the audit process was completed on a timely basis. A table in the report detailed the performance of Internal Audit for 2024-25, compared with performance in 2023-24. There were three areas where performance was below expectations, although performance had improved in comparison to 2023-24. The ongoing monitoring of internal audit work and identifying opportunities for improvement remained a key focus for management, in line with the professional Internal Audit Standards.

The Public Sector Internal Audit Standards were based on the Global Internal Audit Standards. Following a review of the Global Standards by the Institute of Internal Auditors, a new set of standards had come into force from 1st April 2025 (The Global Internal Audit Standards in the UK Public Sector.) As a result, the Internal Audit Service would be reporting on a revised set of performance indicators from 2025-26 onwards which are aligned to the new standards. A further update on this would be provided to the Audit and Procurement Committee in due course.

The Public Sector Internal Audit Standards required that the Internal Audit Service developed and maintained a quality assurance and improvement programme that covered all aspects of the internal audit activity. Details of the matters included in the 2024-25 Programme were detailed in the report. Specific improvement actions which had been delivered against the improvement plan in 2024-25, and which were recommended in the External Quality Assessment of the Internal Audit Service, were also detailed in the report.

In considering the results of the quality assurance and improvement programme, it has been concluded that the Internal Audit Service conformed with the Public Sector Internal Audit Standards, with no key areas of non-compliance. Where improvements had been identified, it was not considered that this materially impacted on the overall scope or operation of the internal audit activity. A table in the report detailed the improvement plan for Internal Audit for 2025-26. This also reflected the actions required this year to deliver the Internal Audit Strategy.  Progress against these actions would be included in the next annual report to the Audit and Procurement Committee.

An Appendix to the report detailed the audit reviews that had been carried out in the financial year 2024-25 along with the level of assurance provided. A table in the report provided definitions to support the level of assurance applied to audit reviews carried out by the Service. A summary of the findings of key audits that had not already been reported to the Committee during municipal year 2024-25 were included in a further appendix to the report. In all cases, the relevant managers had agreed to address the issues raised in line with the timescales stated. These reviews would be followed up in due course and the outcome reported to the Audit and Procurement Committee.

The report provided updates on Transparency Code and Management compliance with key HR policies and procedures, following the 2023-24 Internal Audit Annual report where the Chief Internal Auditor identified had identified the two areas, she believed significant control improvements were required.

The Public Sector Internal Audit Standards (PSIAS) highlighted that a key responsibility of Internal Audit was to provide an annual internal audit opinion and report that could be used to inform the Annual Governance Statement.  The opinion must conclude on the overall adequacy and effectiveness of the organisation’s framework of governance, risk management and internal control.

In providing the opinion, the Chief Internal Auditor confirmed that the Internal Audit Service was organisationally independent. The Service reported functionally to the Audit and Procurement Committee and had an approved Internal Audit Charter which set out the purpose, authority, responsibility and position of the Internal Audit Service within the Council. 

In the Chief Internal Auditor’s view, sufficient assurance had been obtained to form a reasonable conclusion on the adequacy and effectiveness of Coventry City Council’s risk management, internal control, and governance arrangements.  This took into account the internal audit work performed during 2024-25, and other sources of assurance. It was the Chief Internal Auditor’s opinion that reasonable assurance could be provided that there was generally an effective and adequate framework of governance, risk management and internal control in place designed to meet the Council's objectives. This meant that there was generally an appropriate level of control for managing the majority of the significant inherent risks to the Council’s objectives to a reasonable level. Through Internal Audit work, actions were agreed to improve the governance, risk management and the internal control environment and assist the Council in achieving its objectives. A defined process existed within the Service to gain assurance that all actions agreed had been implemented on a timely basis. In giving this opinion, assurance could never be absolute.  It could not eliminate all risk and could not provide absolute assurance of effectiveness.

An appendix to the report detailed the audit reviews that had been carried out in the financial year 2024-25 along with the level of assurance provided. In considering the outcome of audit activity for 2024-25, an assessment was initially made of the number of ‘limited’ or ‘no’ assurance audits, as these require immediate improvements, in comparison with the results from the previous two years.

A table in the report indicated that the percentage of audits with “limited” or “no” assurance in 2024-25 was comparable to 2023-24. Other factors, detailed in the report, were also considered in the assessment of the control environment as part of forming the opinion. As such, it had been assessed that the reasonable assurance opinion remained appropriate, based on the definitions of assurance in a further table in the report.

In undertaking the assessment of the Council's arrangements, the Chief Internal Auditor had reviewed whether, in her opinion, there were any areas that needed to be considered when the Council produced its Annual Governance Statement for 2024-25. Whilst any audit where ‘limited’ or ‘no’ assurance was provided requiring attention, an assessment was also made as to whether the review had a significant corporate impact and consequently needed to be considered in the producing the Annual Governance Statement, or whether the review was limited to specific working practices in service areas which did not have a wider bearing on the Council’s control environment. For 2024-25, no issues had been identified for consideration in preparation of the Annual Governance Statement.

RESOLVED that Audit and Procurement Committee notes:

1) The performance of Internal Audit against the Audit Plan for 2024-25.

2) The results of the Quality Assurance and Improvement Programme and the Chief Internal Auditor’s statement on conformance with the Public Sector Internal Audit Standards.

3) The summary findings of key audit reviews, attached at Appendix Two to the report, that have not already been reported to Audit and Procurement Committee during municipal year 2024-25 and which are relevant to the opinion on the overall adequacy and effectiveness of Coventry City Council's internal control environment.

4) The opinion of the Chief Internal Auditor on the overall adequacy and effectiveness of Coventry City Council's risk management, internal control, and governance arrangements.