The Head of Democracy and Governance presented the training session on risk management and the role of the Audit Committee.  She explained the Council’s approach to risk management and the risk matrix, which was used when officers considered the likelihood of risk and the potential impact.  She informed the Committee that it had an important role and that Members needed to have an understanding of the strategic risks the Council faced.  An updated Risk Management Strategy was included on the agenda for the Committee’s approval.

The Head of Democracy and Governance responded to Members’ questions.

There were no apologies for absence.

There were no disclosures of interest.

The minutes of the meeting held on 25 September 2013 to be submitted and signed.

The minutes of the meeting held on 25 September 2013 were submitted and signed.

This report seeks approval for an updated Risk Management Strategy and reviews the Corporate Risk Register.

The Committee received a report of the Head of Democracy and Governance which sought approval for the updated Risk Management Strategy and provided the latest Corporate Risk Register.

Risk Management Strategy

Following a question about changes to the Strategy, the Head of Democracy and Governance explained that the document had not been updated since 2011.  The Council’s vision and its objectives had been updated.

Councillor Watkin, Portfolio Holder for Democracy and Governance, noted that under ‘Roles and Responsibilities’ in the Strategy, all Members were tasked with seeking clarification from the Portfolio Holder if risks had not been identified in reports.  He felt it could be difficult for the Portfolio Holder to provide a satisfactory response and he would probably need to refer any questions to the relevant officer.

The Head of Democracy and Governance advised that Portfolio Holders had been included as they were part of the Mayor’s Cabinet.  If a Cabinet report did not identify any risks members should be able to approach the relevant Portfolio Holder for clarification.  She added that if the Committee was minded to amend the wording they could make the changes.

The Committee considered the Portfolio Holder and Head of Democracy and Governance’s comments.  They felt that Members should be able to approach Portfolio Holders for further information as they were ultimately responsible for the service producing the Cabinet report.  It was acknowledged that they may have to refer to officers for a detailed explanation.

Councillor Watkin suggested that if that section of the Strategy remained as drafted then it was necessary for Cabinet or the Portfolio Holders to be referred to in the structure.

On being put to the Committee it was agreed that the Strategy should be amended to incorporate Cabinet within the ‘Roles and Responsibilities’ section.

Corporate Risk Register

The Committee then reviewed the Corporate Risk Register. 

Following questions from Councillor Khan, the Head of Democracy and Governance explained how the risk rating could be reduced by control measures being put in place.  She advised that the Council had to consider the risks and balance these against potential benefits for the Council and the town.  Some of the projects included on the register were not the Council’s responsibility, for example Croxley Rail Link, but had been included as they affected the borough.  There might be occasions when the Council decided that a project might not be suitable to continue further.  In responding to a question about the council’s risk appetite for investments she advised that other rules had to be taken into account.

The Shared Director of Finance added that the Treasury Management Strategy covered the Council’s investments and regular reports were presented to Budget Panel and Cabinet.

In response to a question from the Chair, the Head of Democracy and Governance advised that the role of Members and Cabinet was to consider the risks included in reports and make a judgement whether the proposals should continue.  The register showed that the Council was aware of the risks involved in schemes  ...  view the full minutes text for item 25.

This is a half year report of requests made under the Freedom of Information Act 2000.        

The Committee received a report of the Head of Democracy and Governance which provided the half year report of requests made under the Freedom of Information Act 2000.  The report covered the period from 1 April 2013 to 30 September 2013.

The Head of Democracy and Governance informed the Committee that some of the information related to requests about IT had not been logged correctly and since the publication of the report had been updated.  Revenues and Benefits had managed the backlog of requests and was responding to more recent requests on time.

The Shared Director of Finance added that Freedom of Information (FOI) requests and complaints for Revenues and Benefits were included in the weekly and monthly management updates.

It was noted that there were a number of requests for information about funerals arranged by the Council.  The Head of Democracy and Governance explained that under its Public Health duty the Council had to arrange funerals for those people who died with no next of kin and no assets.

Councillor Williams noted the number of requests for information and asked whether this was normal.  He had noted that officers were still unable to obtain benchmark information from other local authorities.  He asked if it would be possible to breakdown the information into the different Council departments and whether officers felt this would be useful.

The Head of Democracy and Governance explained that every department had an officer responsible for logging FOI requests on the Council’s software.  There were two officers within the Customer Service Centre who were responsible for the overall management of FOIs and collating multi service requests.  Heads of Service were provided with details of all FOI requests logged for their service and whether they had been responded to in time.  She advised that she monitored the responses and contacted those services who were not meeting the deadlines.  IT and Revenues and Benefits had been the only services which had caused any concern. 

Councillor Watkin asked whether the responses to the FOI requests were in the public domain.

The Head of Democracy and Governance informed the Committee that when requests were submitted through the website https://www.whatdotheyknow.com/ the Council’s response was added to the website.  The information was then publicly available.  One consideration was whether the Council wanted to publish all responses online.  There was a concern that the data might overload the Council’s website.  She was unaware of any reason why a response could not be disclosed to a third party if requested.

Councillor Brandon said that some of the requests showed a trend and if the information was provided it might cut down on some of the repeated submissions.

The Shared Director of Finance advised that the Council’s Publication Scheme set out what information was available and where to find it.  In response to an FOI request it was possible to direct people to other sources of information.

Councillor Khan commented that some of the requests appeared to be questions and not specific FOI requests.  He  ...  view the full minutes text for item 26.

This report gives details of the progress in implementing the actions required resulting from the Annual Governance Statement.

The Committee received a report of the Head of Finance Shared Services which provided details of the progress in implementing the actions required in the 2012/13 Annual Governance Statement.

Following a question from Councillor Khan, the Head of Finance Shared Services explained that the report presented the current progress in implementing the actions.  No target dates had been set in the plan.  If further work was required the action would be included in the Annual Governance Statement for 2013/14. 

RESOLVED –

that the progress made against the action plan be noted.

This report gives details of the progress made in implementing the recommendations of the internal auditor.

The Committee received reports from the Head of Finance Shared Services and the Shared Internal Audit Service.

Councillor Khan referred to the recommendations related to remote working.  He said that the deadlines appeared to have been missed.

The ICT Client Manager confirmed that all policies and procedures had been completed.  They had been approved by Three Rivers District Council’s Management Board and the IT Steering Group.  Consideration had been given to how the information would be distributed to staff.  It would be included as part of e-learning modules for staff. 

In response to a question about security settings on mobile devices, the ICT Client Manager informed the Committee that this matter was covered by the Public Service Network (PSN) Directive.  The Councils were working with Capita to develop a roadmap to deliver the PSN related work for 2014 and 2015.  The Cabinet Office had recently re-issued guidance and the timeframe for completion for specific conditions related to unmanaged end user devices for PSN accreditation in 2015.  For example, any mobile phone solutions would need to be in place by December 2015.  She explained that additional protocols were in the process of being put in place if officers wished to access their non-secure (non-GCSX) emails on mobile devices.  The protocol change would mean that information would be encrypted in transmission. 

The ICT Client Manager advised the Committee that Price Waterhouse Cooper was currently reviewing the IT vulnerabilities audit from 2012.  Any controls related to achieving the PSN standards were also included within the Price Waterhouse Cooper review. 

In response to a question about the recommendation related to a framework for the procurement of agency staff, the Head of Finance Shared Services advised that he was unaware of the present position and would need to circulate the information after the meeting.

Councillor Khan referred to the recommendations about IT back up and disaster recovery.  He asked for an explanation regarding further delays in this work being completed.  He was concerned about the security of the systems.  The date of the move to Capita’s Data Centre was constantly being changed.

The ICT Client Manager explained that the dates were originally based on information from Capita.  Further processes had needed to be implemented prior to the move to the data centre and this work needed to be tested.  The dates had also been changed due to critical deadlines at both authorities, including the closure of accounts at the end of year and elections.  The work already carried out to meet PSN requirements for 2013 mitigated the risks with the IT system.

The Shared Director of Finance confirmed that since the original date had been set, the PSN directive had required work to be completed.  This work had therefore had an impact on the date of the move to the data centre.  She assured members that the Councils’ management were aware of the issues.  It was necessary to do the work in the right order.  The matters raised through PSN were already on the list  ...  view the full minutes text for item 28.

This report gives details of the progress made in implementing the recommendations of the external auditor.

The Committee received a report of the Head of Finance Shared Services which provided details of the progress in implementing the external auditor’s recommendations.

Following a question from Councillor Brandon, the Shared Director of Finance advised that there had been improvements in processing the ATLAS files.  Before Christmas the service was more or less up to date with processing the data.  There had been a slight change due to Christmas and IT issues, but it was manageable.  She would circulate the latest information to the Committee.

RESOLVED –

that the progress in implementing the external auditor’s recommendations be noted.

This report allows the Committee to receive the external auditor’s Certification Report 2012/13 relating to housing benefit and council tax benefit claims to the Department of Works and Pensions. 

The Committee received a report from the Council’s external auditors, Grant Thornton.  Richard Lawson presented the report.  He advised that there were two ‘medium’ recommendations contained in the report. 

The Committee discussed the delay in the Council submitting the national non domestic rate return.

Richard Lawson explained that this was a new requirement for the 2012/13 returns.  The information had been requested from the Council in June but it had been received late.  The return had to be submitted in September.  Initially the request had been sent to the previous Revenues Manager, but he had already left the authority.

The Shared Director of Finance added that the service had received the request at the last minute from the external auditor.  The information was provided for one authority but not the other.  The external auditor would normally request the service’s working papers.  On this occasion there had been a communication breakdown and she assured Members that the matter had been discussed with the external auditor and there were no difficulties between them.

Following a question about the additional fees required from the auditor, Richard Lawson explained that this had been due to the late submission of data and the external auditor being required to populate the data into the analytical review module.

The Shared Director of Finance advised that she had not been aware that there had been a problem and would ensure the information was made available.  She added that accuracy was checked on a daily basis in order to ensure that the claims would be more accurate when submitted in the future.

Richard Lawson confirmed that it would be unusual if a claim was 100% accurate. 

Councillor Watkin stated that a report would be presented to Joint Shared Services Committee setting out the extensive work taking place in Revenues and Benefits.  The service was much improved. 

Following a further question about he delay and any financial implications, the Shared Director of Finance responded that she assumed the delay had been to ensure the submission was as accurate as possible.  The additional audit fees had been less than the amount which would have been deducted due to any errors.

RESOLVED –

that the contents of the Certification Report be noted.

This report allows the Committee to ask questions of the external auditor concerning his ‘Annual Audit Letter’ and also provides an update from the external auditor on delivering their responsibilities together with information on emerging issues affecting district councils.

The Committee received two reports from the Council’s external auditors, Grant Thornton.  Richard Lawson presented the reports.  He explained that the Audit Committee Update provided information that the external auditor felt would be of interest to Members.

Following a question about the certification of the Housing and Council Tax Benefits scheme, Richard Lawson explained that the deadline had been 29 November.  The process had not been completed by the time the Annual Audit Letter had had to be produced.  The Shared Director of Finance confirmed that it had since been completed.

In response to question about the financial governance review being given an amber rating, the Shared Director of Finance informed the Committee that the service was now processing the ATLAS amendments from the DWP on a daily basis.  The budgetary controls of the revenues and benefits shared service were reported in the Finance Digest which was regularly presented to Budget Panel.

RESOLVED –

that the contents of the Annual Audit Letter and the Audit Committee update be noted.