Report of the Status of Audit Recommendations due for implementation by 30 September 2012 (Agenda item 11)
Report of the Head of Internal Audit.
The purpose of the report was to inform Members of the progress made in implementing audit recommendations due between 1 April and 30 September 2012. The report thus provided a commentary on management updates provided during this period and the outcomes of recent audit verification work.
In the intervening period, the process used to monitor the implementation of audit recommendations had remained broadly similar, whilst the latest verification work had been carried out by the Deloitte Auditors during w/c 22 October 2012.
The table at 3.2.1 of the report crystallised the current and previously reported position showing the improvements that had been made in the first part 2011/12 compared to the latter; whilst there had been a sudden rise in the number of recommendations where it had not been possible to confirm their status in the first half of 2012/13. Additionally, it was noted that revised deadlines had been set for the two high priority recommendations arising from the 2010/11 Asset Management audit and progress with their implementation would continue to be monitored.
The audit follow up work had also highlighted that control weaknesses concerning procurement still remained unsolved of which there were five outstanding recommendations. A further review of this area was currently underway and a fuller update on the system of internal control operating over procurement would be brought back to the Committee in due course.
Members were also made aware that where limited assurance had been given to Planning and Building Control in 2011/12, all eight recommendations had yet to be satisfactorily cleared although two had not as yet reached the deadline dates agreed for delivery.
Internal Audit had not been able to comment on the position with regard to the implementation of the 15 computer audit recommendations. Deloitte had been unable to carry out any validation work as no response had been provided by the relevant responsible Directors. No advice had been received from Deloitte on any action being taken.
Members’ attention was drawn to Appendix 1 of the report which listed the summary of agreed Internal Audit recommendations as at 30 September 2012.
Referring to the table at paragraph 3.2.1 of the report, Mr Jermy thought that it had previously been agreed that the Completed/Superceded recommendations would be shown separately. The Head of Internal Audit said that she would have to check with Deloitte if this could be done and once this information was to hand, she would update the report and provide a response for circulation to all Members of the Audit Committee.
Referring to paragraph 3.2.4, Mr Stevens was astonished about the lack of action from Management which he felt was a terrible indictment. There seemed to be a culture of non response and he felt that a strong message should be sent to the Chief Executive. In defence, the Assistant Director of Finance explained that the lack of updates was primarily due to the introduction of the new Performance Management System. Further updated reports from the Management had since been received and the next report to Committee would shed a different light on the matter. The message of concern would still be conveyed to the Managers and would also be included on the Corporate Management Team’s agenda. The Chairman endorsed the concern and requested that an update be brought to the next meeting.
In reference to the summary of agreed internal audit recommendations on page 84 of the agenda and the detail behind these recommendations on pages 85 to 96, Mr Ludlow pointed out that in the summary, on page 84 for Computer Audit BRK/11/16, it stated that there was one medium risk in the column ‘unable to confirm status’ but in the detail on page 95 for BRK/11.16.09, it stated that that this was ‘outstanding’ and ‘not able to confirm status,’ this had been identified by a cross instead of a question mark in the second to last column. Then again in the summary on page 84 for Audit BRK/12/17, it stated that there were six medium risks in the column ‘unable to confirm status’, but again in the detail on page 96 for BRK/12.17.06 it stated that one of these was ‘outstanding’ and not ‘unable to confirm status’ – this had been identified once again by a cross instead of a question mark in the second to last column. The Head of Internal Audit was asked to find out whether the summary or the detail was correct.
Referring to page 89 of the agenda, it was agreed that a report should be produced to verify whether the data collected for changes to the Land Charges Register were being met.
In response to a question in relation to CCTV, Members were informed that there were arrangements in place with Kings Lynn & West Norfolk Council to continue the service.
Subject to the aforementioned concerns, the contents of the report were noted.
- BRK Status of Audit Recommendations Report (SK 07 11 12), item 68. PDF 80 KB
- App1SummaryofAgreedIARecsat30September2012SK, item 68. PDF 15 KB
- App2OutstandingSystemsAuditsRecommendationsasat30September2012SK, item 68. PDF 57 KB
- App3OutstandingComputerAuditRecsasat30September2012SK, item 68. PDF 24 KB