INTERNAL AUDIT DIVISIONeservices.solihull.gov.uk/mginternet/documents/s34584/Annual Repo… ·...

Head of Audit Services – Annual Report 2015/16

Audit Services Date: April 2016

AUDIT SERVICES

ANNUAL REPORT ON INTERNAL AUDIT

2015/16

Head of Audit Services’ Opinion on Internal Control within Solihull MBC

Internal Audit Performance

Audit Charter



Introduction

1. This Annual Report gives my opinion as Head of Audit Services (HoAS) for Solihull Metropolitan Borough Council (SMBC) on the adequacy and effectiveness of internal control within SMBC. It also summarises the work Internal Audit has performed for the period April 2015 to March 2016.

2. It is the duty of the HoAS to give an opinion, at least annually, on the adequacy and effectiveness of internal control. This is based on the adequacy of control observed from completing a selection of audit reviews as documented in the annual Audit Plan and other advice work completed on control systems. The results of investigation work and the work of other internal reviews within SMBC also inform the opinion.

3. The opinion on the adequacy and effectiveness of internal control is used to inform and should be read alongside the wider Annual Governance Statement incorporated into SMBC’s Statement of Accounts for 2015/16.

Background

4. Internal Audit has a legal standing in terms of the Accounts and Audit Regulations 2015 and its role is to provide an independent appraisal of SMBC’s internal control systems. This requirement is embodied in SMBC’s Financial Regulations.

5. Internal Audit is an assurance function within the Audit Services Division that provides an independent and objective opinion to the organisation on the control environment, by evaluating its effectiveness in achieving the organisation’s objectives. It objectively examines, evaluates and reports on the adequacy of the control environment as a contribution to the proper, economic, efficient and effective use of resources.

6. In line with the Public Sector Internal Audit Standards (PSIAS), the strategy adopted provides for an unrestricted range of coverage of SMBC’s operations. The current Strategy/Terms of Reference (Audit Charter) is detailed at Appendix A.



Assurance on Internal Control – Executive Summary

7. To inform the opinion on the adequacy of internal control a score is allocated to the outcome of each significant review undertaken in the financial year 2015/16. This score is based on a scale of 1 to 5, where a score of 1 suggests the system is performing well to achieve control objectives and 5 suggests unacceptable levels of control exist. Table 1 below details the level of assurance available.

Levels of Audit Assurance

Score Assurance

Level Assurance

Criteria

1 Full There is a sound framework of control operating effectively to achieve control objectives.

2 Substantial The framework of control is adequate and controls are generally operating.

3 Moderate The control framework is adequate but a number of controls are not operating effectively.

4 Limited Adequate controls are not in place to meet all the system objectives and controls are not being consistently applied.

5 None The control framework is inadequate and controls in place are not operating effectively. The system is open to abuse, significant error or loss and/or misappropriation.

Table 1

Opinion

8. In conclusion, taking into account all available evidence, the adequacy and effectiveness of internal control is ‘substantial’. The scores given in Table 2 reflect the internal control environment identified at the time of review. The average score including all reviews is 2.2 (2 in 2014/15) and (2.3 in 2013/14). The purpose of this score is simply to provide an overall indication that summarises the results, in control terms, of our findings. In addition to these findings we have also considered the strong financial governance operating within areas such as schools and Solihull Community Housing (SCH) and the low level of fraud identified. This indicates in general terms, from our independent perspective, that the control framework is adequate and that controls, with some specific exceptions, are operating effectively.



9. It continues to be important that management address control weaknesses identified in respect of individual systems where limited or no assurance (Level 4/5) was identified or where high priority recommendations have been made. During 2015/16, management have addressed, or are currently addressing, most of the significant control deficiencies identified.

10. As part of each review, Internal Audit works closely with management to assess what actions can be put in place to address any weaknesses identified. In some cases it is management who have contacted Internal Audit with specific concerns. The overall opinion, as detailed above, is based on audit findings, action plans from management and other sources of assurance, including External Audit and risk management.

11. The volume of audit recommendations accepted by management is 98% overall, compared to (97% in 2014/15) and (98% in 2013/14) in addition to the detailed action plans received to rectify control deficiencies, support the level of assurance given on the overall internal control environment.

Audit Reviews

12. Table 2 details areas reviewed in 2015/16.

Review Area Assurance Rating Key 1 = Full Assurance 2 = Substantial Assurance 3 = Moderate Assurance 4 = Limited Assurance 5 = No Assurance

Follow Up Reviews Use of Consultants

4

Unity 3

Strategic Highways 2

Schools Burman Infant

1

Coppice 1

Hazel Oak 1

Castle Bromwich Infants 3

Castle Bromwich Junior 2

Reynalds Cross 2

Our Lady of the Wayside 1

Chapelfields 3

Streetsbrook Infant and Nursery

3



Widney Junior 2

Blossomfield Infant 1

Daylesford 2

Langley Primary 1

St Anne's 3

Monkspath Primary 3

Ulverley 3

St Augustine Primary 1

Core Financial Systems

Accounts Payable Provisional 4

Income Collection (Income & Awards) 1

Adult Social Care Finance – Billing 5

Payroll Provisional 2

Bank & Systems Reconciliations 1

Housing Benefits Provisional 3

Accounts Receivable Draft 3

Housing Rents 2

Other Reviews Car Parking

1

Catering 5

Abandoned Vehicles 4

Solihull Community Housing Reviews Accounts Receivable

4

Bank Reconciliation 1

Accounts Payable 2

Housing Rents (See Core Financial Reviews) -

Capital Expenditure 1 Table 2

School Related Reviews

13. In addition to the formal school related audit reviews detailed in Table 2, Internal Audit acted as the main contact for the collection, review and support for the mandatory standard for Local Authority maintained schools introduced by the Department for Education (DfE). This included providing briefing notes and guidance to Chairs of Governors, Head Teachers and Bursars about the requirements of the School’s Financial Value Standard and the support available.



14. Internal Audit also provides support to the following Academies within the Borough:

Heart of England School

Light Hall School

Alderbrook School

Balsall Common Primary School

Langley School Counter Fraud Work

15. Internal Audit leads SMBC’s counter-fraud and corruption work and continues to

take a proactive approach to counter fraud.

16. Table 3 details Internal Audit’s proactive counter fraud work in 2015/16:

Initiative Progress / Outcome

Single Persons Discount (SPD)

Additional income gained from this project is projected to be circa £154,000.

Periodic Exception Reports

Payroll exception reports have identified circa £6,000 in payment errors. We continue to monitor phone and internet usage and a report has also been developed for iexpenses (expense claim system).

Social Housing Fraud Eleven council homes have been recovered since April 2015 saving the Council £198,000. In addition, one case of Social Housing Fraud has been successfully prosecuted through the courts.

Fraud Awareness Property Services Team and their key business partners and Adult Social Care finance teams received personalised fraud awareness training. Further sessions throughout the organisation and Solihull Community Housing are planned.

Data Hub Discussions underway to extend the data sharing protocol with Birmingham City Council. The aim is to prevent & detect fraud by sharing data with other West Midlands Councils.

Business Rates Joint work with Income & Awards is underway with a view to using outside agencies to assist with the identification of businesses not paying appropriate business rates.



Conflicts of Interest/Ethics/Staff and Supplier Relationships

Employee records checked against Companies House records for evidence of non-disclosure of interests. National Fraud Initiative records also reviewed which revealed some employees were also acting as suppliers to the Council and schools. Further work to be undertaken in 2016/17.

Audit Investigations 22 fraud investigations have been undertaken during 2015/16. Of these, there are 2 current live cases. Whilst no significant losses have been identified, 7 employees have been referred for disciplinary action, one of whom was dismissed. Areas investigated include misuse of time, misappropriation of monies and theft of assets.

Table 3

Whistleblowing

17. Internal Audit has responsibility for maintaining the Council’s whistleblowing infrastructure and ensuring that issues raised through the Council’s Whistleblowing Policy are effectively dealt with. Table 4 outlines details of issues considered in 2015/16.

No. Issue Action Outcome

1 Concerns regarding disciplinary and Employment Tribunal procedures.

Referred to Internal Audit for investigation.

Case closed – Improvements made including requirement that Audit Services undertakes all investigations.

2

Employee raised concerns around the capability and dignity at work processes.

Audit review. Case closed - Improvements made including requirement that Audit Services undertakes all investigations.

3

Concerns regarding tenancy fraud.


Case closed – no further action taken.

4

Concerns regarding misuse of Council property.


Case closed – referral for disciplinary action.

5

Allegations regarding bullying and inappropriate relationships with suppliers.

Referred to Internal Audit for investigation and audit review.

Case closed – employee resigned. In addition, management accepted Audit recommendations.



6

Concerns re possible fraudulent mileage claims.



7

Concerns regarding grievance investigation and appeal processes.

Referred to Internal Audit for investigation and HR for assessment.


8

Concerns regarding inappropriate behaviour of a manager towards staff.

Referred to HR for decision on whether disciplinary action is required.

Case closed – issues dealt with by HR and line management.

9

Concerns regarding maladministration and Health and Safety issues.

Referred to Childrens Services and Skills for investigation.

Case closed – action taken by Children’s Services.

10 Concern regarding an employee off sick but working elsewhere.

Audit investigation completed.

Case closed as insufficient evidence to progress. Employee returned to work.

11 Employee raised concerns about being bullied by other staff.

Referred to HR to consider whether any disciplinary action is taken.

Case closed – issues dealt with by HR and line management.

12 Concerns raised by anonymous source that service users could be affected as a result of a staff member leaving the Authority.

Audit review being undertaken.

Ongoing

13 Concerns raised by an employee regarding the conduct of an individual in respect of their behaviour towards staff.

Audit investigation undertaken to assess the potential issues identified.


14 Concerns raised by an anonymous source regarding a potential breach of the EU working time directive.

Discussions with HR and management ongoing

Ongoing

Table 4

Solihull Community Housing (SCH)

18. During 2015/16 Internal Audit continued to provide the audit function to SMBC’s Arms Length Management Organisation – SCH. This relationship ensures appropriate audit coverage is in place for SCH and that SMBC can be independently assured that appropriate governance arrangements are in place with this key partnership.



19. Work undertaken in respect of SCH is included in Table 2. The overall opinion in

respect of SCH is that high levels of controls continue to operate, prompting a conclusion that substantial assurance can be placed upon the system of internal control.

Other Work

20. Table 5 details other work undertaken or contributions made by Internal Audit during 2015/16 that contribute to the overall level of independent assessment given on the system of internal control.

Review Area Narrative/Outcome

Home Care Contract -Project Board

Attendance at project board to offer control advice to management with the re-tendering of the home care services contract.

Outcome Ongoing control advice to the service area.

Highways Major Projects Board

Attendance at project board to offer control advice to management for major highways projects (including the Gateway project and A45 bridge replacement).

Outcome Ongoing control advice to the service area.

Adult Social Care - Finance Meetings

Attendance at meetings to offer advice to management and keep up to date with current issues/ concerns.

Outcome Ongoing control advice and update of the Internal Audit plan.

Grant work

Audit of the external grants.

Outcome Control advice and sign-off of the grants.

Open Data Group

Attendance at meetings to offer advice to management regarding externally published data.

Outcome Ongoing advice on this area.



SMBC Scrutiny A review of the Council’s scrutiny arrangements at the request of the Head of Legal & Democratic Services and Monitoring Officer.

Outcome Work complete and report issued with some suggested improvements.

IT Controls (External Audit)

Ensuring recommendations identified by External Audit are independently verified as being implemented.

Outcome Work in progress.

Petty Cash A review of the system in operation identified several areas for improvement to be reflected in the Council’s Financial Regulations and associated systems.

Outcome System improvements made.

Table 5

Non Audit Investigations

21. Internal Audit provides the resources to undertake SMBC’s investigations of HR related issues, most of which are disciplinary investigations. 61 investigations were undertaken during 2015/16. Table 6 summarises the independent investigations Internal Audit has undertaken.

Directorate / Area

Disciplinary

Dignity at Work

Grievance

Directorate / Area Total

Communities and Adult Social Care

11 2 7 20

Children’s Services and Skills (non-schools)

1 0 2 3

SMBC Schools 9 2 1 12

Resources 8 2 3 13

Managed Growth 7 0 0 7

Public Health and Commissioning

1 0 0 1

Solihull Community Housing 3 0 1 4

Member Complaint - - - 1

Investigation Totals 40 6 14 61 Table 6



Audit Resources

22. Internal Audit requires appropriate resource in terms of quantity and quality to undertake sufficient work to offer an independent opinion on SMBC’s internal control environment. This is a fundamental part of SMBC’s governance arrangements.

23. Currently there are six professionally qualified Auditors/Accountants within the

team, backed up by several very experienced members of staff. The team also has a range of suitably qualified investigators from various backgrounds, including Police, Human Resources and Benefit Fraud Investigation.

24. During 2015-16 Audit Services appointed two undergraduates who were

recruited from local universities for one-year placements within Internal Audit. This arrangement continues to be successful.

Internal Audit Performance (Outcomes) Internal Audit Recommendations

25. In 2015/16, a total of 357 recommendations were made, of which management

gave written assurance that 99% of these would be implemented. Where recommendations have not been accepted, management have offered alternative solutions to improve control weaknesses. All high priority recommendations, regardless of assurance level given are followed up to ensure they are actually implemented. Table 7 summarises the results. Please note for comparison 2014/15 information is included in brackets.

Recommendation Priority

No. Made

No. Implemented

% Implemented

High 80 (45) 79 (45) 99 (100)

Medium 215 (231) 213 (226) 99 (98)

Low 62 (105) 56 (98) 90 (92)

Total 357 (381) 348 (369) 98 (97) Table 7

Audit Budget

26. The Audit Services budget was delivered under budget in 2015/16. Chartered Institute of Internal Auditor Awards 2015

27. Audit Services was highly commended in the ‘Public Sector Team’ category for its innovative approach to incorporating services such as non-audit investigations into the services it provides.



Counter-Fraud Savings Return

28. Having previously received a grant (£124k), from the Department of Communities and Local Government (DCLG), the level of return in respect of counter-fraud work (£358k) was reported to the DCLG with a favourable response from the Minister for Local Government, for our efficient use of the grant monies. Social Housing Fraud

29. As a result of a successful prosecution in respect of a resident illegally obtaining a council property, the BBC documentary programme, ‘Council House Crackdown’ followed Audit Services and Solihull Community Housing Officers highlighting the case.

Other Forms of Assurance

30. The assessment of the internal control framework also includes: External Audit

31. A close working relationship is maintained with SMBC’s External Auditors, Grant Thornton. The Director of Resources and HoAS attend quarterly meetings to promote the sharing of issues, work plans and completed work. In addition, Grant Thornton representatives, the Director of Resources and HoAS regularly attend Audit Committee meetings. Risk Management

32. As a member of the Corporate Risk Management Group, Internal Audit continues to contribute to ensuring SMBC complies with its requirements. Risk Management is tested in the course of most audits. Robust arrangements continue to be in place that can be relied upon.

33. A specific project looking to promote risk management in schools commenced and is due to be completed in 2016/17.

Key Themes for 2016/17

34. Internal Audit will continue to source opportunities to trade audit and investigation related services where appropriate, particularly in the Solihull Borough. Several local Academies, Schools, Parish Councils, Colleges and a University have procured our services during 2015/16.



35. A key work theme will be to implement the new Counter-Fraud Strategy and other related policies, ensuring the public purse is adequately protected.

2016/17 Internal Audit Plan

36. The 2016/17 Internal Audit Plan has been compiled in line with best practice. This plan is subject to adjustment as SMBC’s risks continually change. The 2015/16 Internal Audit Plan was endorsed by the Corporate Leadership Team and Audit Committee in March 2016.

Internal Audit Charter


Appendix A:

Solihull MBC - Audit Services


April 2016



Introduction

1. Good governance is crucial to successful organisations delivering their outcomes. The Authority is responsible for establishing and maintaining appropriate risk management processes, control systems and operational procedures. A professional, independent and objective internal audit (IA) service is one of the key elements of good governance, as recognised throughout the UK public sector.

2. Audit Services is located within Solihull Metropolitan Borough Council (SMBC)’s Resources Directorate.

3. Audit Services provides a range of services to SMBC in respect of risk management, health and safety, wider governance, internal audit work, investigations and other ad-hoc management requests. It also undertakes work for other organisations including Solihull Community Housing, Colleges, Parish Councils and Academies, sometimes on a trading basis.

4. The purpose of this Charter is to provide the terms of reference for the operation of the IA function at SMBC. Statutory Implications

5. The requirement for an IA function is either explicit or implied in the relevant local government legislation (Local Government Act 1972) which requires those Authorities to “make arrangements for the proper administration of their financial affairs”. In England, more specific requirements are detailed in the Accounts and Audit (England) Regulations 2015, in that ‘a relevant body must undertake an adequate and effective internal audit of its accounting records and of its system of internal control in accordance with the proper practices in relation to internal control’. Internal Audit Standards

6. There is a statutory requirement for IA to work in accordance with “proper audit practices”. At SMBC the mandatory standards that apply are the Public Sector Internal Audit Standards (PSIAS). These standards apply the Institute of Internal Audit International Standards to the United Kingdom Public Sector and have been issued, amongst others, by the Chartered Institute of Public Finance and Accountancy (CIPFA) in collaboration with the Chartered Institute of Internal Auditors (CIIA).

7. The purpose of the PSIAS which came into operation on 1st April 2013 is to:

Define the nature of internal auditing within the UK public sector.

Set basic principles for carrying out internal audit in the UK public sector.

Establish a framework for providing internal audit services, which add value to the organisation, leading to improved organisational processes and operations.

Establish the basis for the evaluation of internal audit performance and to drive improvement planning.



8. Within these standards, and for the purposes of reporting Internal Audit activity, there is a need to clearly define the ‘board’ and ‘senior management’. For this purpose:

‘Senior Management’ is defined as the Corporate Leadership Team (CLT);

‘Board’ is defined as the Audit Committee. Responsibilities and Objectives

9. International Standards for the Professional Practice of Internal Audit define Internal Audit as: ‘An independent, objective assurance and consulting activity deigned to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.’

10. To comply with statute, codes of practice and to achieve the role of IA prescribed by these professional bodies, IA will:

Review, appraise and report on the adequacy and application of internal controls, the suitability and reliability of financial and other management data, including performance measurement, and the extent to which the Authority’s assets and interests are accounted for and safeguarded from loss.

Support and encourage value for money, including lean initiatives, through improvements in the efficiency, economy and effectiveness of services.

Investigate fraud, corruption and other irregularities, where appropriate.

Lead on counter fraud measures through promotion of fraud awareness, undertaking proactive fraud reviews and ultimately assisting management to reduce fraud risks.

Advise on internal control and risk implications to new and existing systems and projects.

11. As agreed by senior management and the Audit Committee, IA also

undertakes, on behalf of SMBC, a range of independent consultancy and investigation work, including conduct, complaint and fraud investigations. This work is performed by IA staff at the discretion and appointment of the Head of Audit Services (HoAS) but in a ‘non-audit’ capacity, so as not to compromise the independence of the IA function.



Authority, Reporting Lines and Relationships

12. The HoAS has a senior management role with direct reporting lines to the Director of Resources and Deputy Chief Executive (Section 151 Officer) and Chief Executive as appropriate at Corporate Leadership Team (CLT) level. In addition, the HoAS has direct access to the Leader of the Council and Chair of the Audit Committee/Members. The HoAS reports periodically to CLT members and the Audit Committee as appropriate.

13. Internal Auditors have rights of access to all SMBC records, assets, personnel

and premises. SMBC’s Financial Regulations authorise IA to obtain such information and explanations as considered necessary to discharge its responsibilities. These rights extend to key systems being operated by, or key services provided by or on behalf of organisations undertaking services commissioned by SMBC, for example, Solihull Community Housing and other major contracts/partnerships. Organisational Independence

14. With the exception of responsibilities clearly defined in respect of consultancy

and investigations (refer to paragraph 11), IA is independent of all other functions, enabling an objective review of all areas of SMBC’s business.

15. The HoAS has direct access, and freedom to report without fear or favour, to all officers, Members, commissioned organisations and those charged with governance.

16. SMBC will make available suitable budgetary resources to maintain organisational independence and not compromise compliance with the PSIAS or the ability of IA to provide assurance for the Annual Governance Statement. Scope of Review

17. IA reviews SMBC’s control environment, covering risk management, control

and governance. This means that the scope of IA includes all of SMBC’s operations, resources, services and responsibilities in relation to other bodies. Internal Audit Resources

18. IA must be appropriately staffed in terms of numbers, grades, qualification levels and experience, to achieve its objectives and comply with statutory standards. Internal Auditors need to be adequately trained to fulfil their responsibilities and should maintain their professional competence through an ongoing development programme. This includes specialist skills, e.g. investigative and IT auditing skills.

19. The HoAS is responsible for ensuring that the IA resource is sufficient to meet

its responsibilities. If the HoAS felt those resources were insufficient, this would be formally reported to the Director of Resources and Deputy Chief



Executive (Section 151 Officer). If this was not satisfactorily resolved, further representation would be made to the Chief Executive and/or Audit Committee.

20. The HoAS will periodically assess resource requirements by undertaking an

‘audit needs assessment’. This will ensure that appropriate resources are available to achieve the IA plan and to offer a valid opinion on SMBC’s system of internal control. Audit Planning

21. The modern approach for the effective delivery of IA, as recommended by CIPFA and the CIIA, is based upon the principle of “risk-based auditing”. The objective of risk-based auditing is to provide independent assurance to SMBC that:

risk management processes are operating as intended at corporate, directorate, divisional and team level;

risk management processes are robust and appropriate; and

where management has chosen to mitigate/treat risks, their actions are adequate and effective.

22. IA uses a risk-based scoring model to record areas for possible review. This is

used to create an annual IA work plan. The HoAS reviews SMBC’s risk registers and considers other intelligence, for example, management concerns, on a regular basis and the IA plan is modified where necessary to ensure the most relevant value adding work is carried out. Fraud and Corruption

23. It is management’s responsibility to manage the risk of fraud and corruption within their areas of service delivery. IA does have a lead role to support management to counter fraud and corruption. The work performed by IA builds anti-fraud measures into systems to prevent fraud and corruption. IA is alert to risks and exposures that could allow fraud or corruption to occur.

24. SMBC’s Financial Regulations require that all suspected or detected fraud, corruption or other improprieties are reported to the HoAS. IA will consider whether each case merits investigation, the adequacy of relevant controls and the implication of fraud and corruption for the audit opinion on the internal control environment.

Audit Process & Reporting Accountabilities

25. Routine (normal audit) reviews will be detailed in an Audit Brief/Terms of Reference document and agreed with the responsible Head of Service (HOS)/ Director.

26. A draft report will be issued to the responsible HOS at the conclusion of the

review and a period (normally 2 weeks) will be allocated for the HOS to respond to the report and any recommendations made to improve the control



environment. A final report including the HOS’ response (where received) will be issued to the respective Director and Chief Executive where appropriate.

27. Each review will be given an assurance rating by IA based on the materiality, volume and impact the audit findings in respect of the internal control environment. These are as follows:

Score Assurance

Level Assurance

Criteria

1 Full There is a sound framework of control operating effectively to achieve control objectives.

2 Substantial The framework of control is adequate and controls are generally operating.

3 Moderate The control framework is adequate but a number of controls are not operating effectively.

4 Limited Adequate controls are not in place to meet all the system objectives and controls are not being consistently applied.

5 None The control framework is inadequate and controls in place are not operating effectively. The system is open to abuse, significant error or loss and/or misappropriation.

28. Recommendations made by IA are ranked in order of priority linked to risk and

respective key control objective using the following ranking method:

Importance Description

High Priority

These are fundamental recommendations, which Internal Audit will be looking for management to accept and implement. Non-implementation of these recommendations may impact on the Annual Governance Statement. These will be followed up within 3 months of the final report date.

Medium Priority

These are recommendations, which will improve the overall control environment. These will be followed up at the discretion of Internal Audit Management.

Low Priority

These are advisory or best practice issues for management, which management are encouraged to implement.

29. If a HOS does not accept or cannot implement a recommendation, this must

be stated in the response given. The HoAS is responsible for assessing whether the HOS’ response is adequate. Where a response is deemed inadequate, the HoAS will initially raise the issue with the respective Director. If the HoAS feels the issue is still not resolved and is of significant importance, this will be raised with the Chief Executive and, ultimately, the Audit Committee.

30. Where a HOS does not respond to an audit report within an acceptable timescale, this will be initially be reported to the respective Director and, if a



response is still not received, this will be raised with the Chief Executive and, ultimately, the Audit Committee.

31. Each high priority recommendation will be subject to a follow-up review, to determine whether recommendations have been implemented as agreed.

32. Periodic meetings to discuss audit issues will take place with each Director as

and when appropriate. The HoAS will provide each Director with details of IA work completed in their area of responsibility to inform their assurance statement submitted to contribute to SMBC’s Annual Governance Statement.

33. The HoAS will also periodically meet with the Chief Executive to consider

significant audit findings and discuss future areas of audit coverage. As a matter of routine, the final report of all reviews given an assurance rating of 4 or 5 will be issued to the Chief Executive and Audit Committee.

Risk Management

34. It is management’s responsibility to ensure that all risks identified by IA are considered for inclusion in SMBC’s risk management system. The HoAS will refer all identified risks, with recommendations made to mitigate those risks, to the respective manager for their information and possible inclusion on the GRACE system. Audit Committee (Board)

35. SMBC has an Audit Committee which meets at least four times a year. The HoAS, Section 151 Officer, and SMBC’s External Auditor routinely attend to support the work of the Committee.

36. In addition to these meetings, the HoAS has direct contact with members of the Audit Committee should an issue be raised that requires referral. Regular private meetings also take place between the Chair of the Audit Committee and the HoAS.

37. The HoAS will submit an annual report detailing IA coverage for the year. This report also provides an opinion on the internal control system and contributes to SMBC’s Annual Governance Statement.

38. The Audit Committee also approves IA future work plans, reviews anti-fraud arrangements and monitors the effectiveness and performance of the IA function.

39. Where IA is requested to undertake ‘non-audit’ related work, this will be agreed with the Audit Committee prior to undertaking the assignment.



Steve Sparkes Head of Audit Services Paul Johnson Director of Resources and Deputy Chief Executive (Section 151 Officer)

Nick Page Chief Executive

Charter Endorsed by Audit Committee (the Board) – April 2016 Charter Endorsed by Corporate Leadership Team (Senior Management) – April 2016

INTERNAL AUDIT DIVISIONeservices.solihull.gov.uk/mginternet/documents/s34584/Annual Repo… ·...

Documents

Transcript of INTERNAL AUDIT DIVISIONeservices.solihull.gov.uk/mginternet/documents/s34584/Annual Repo… ·...