Contact your Parish Council

Internal Audit Annual Report 2011/12

MAIDSTONE BOROUGH COUNCIL

AUDIT COMMITTEE

11 JUNE 2012

REPORT OF HEAD OF AUDIT PARTNERSHIP

Report prepared by Brian Parsons�

1. INTERNAL AUDIT ANNUAL REPORT 2011/12

1.1 Issue for Consideration/Decision

1.1.1 The report provides details of the work of the Internal Audit Team over the financial year 2011/12 and the opinion of the Head of Internal Audit in relation to the Council�s control environment, in the context of the Annual Governance Statement.

1.1.2 The report provides an opportunity for the Committee to consider the work of Internal Audit and whether the outcomes provide evidence of :

a) A substantial level of internal control within the organisation, and;

b) That an adequate and effective internal audit of the Council�s accounting records and its system of internal control has been carried out in accordance with the proper practices.

1.2 Recommendation of the Head of Audit Partnership

1.2.1 That the Committee note the Head of Audit Partnership�s opinion that substantial reliance can be placed on the Council�s control environment in terms of the overall adequacy and effectiveness of the controls and processes which are in place to achieve the objectives of the Council.

1.2.2 That the Committee notes that there is no qualification to the opinion.

1.2.3 That the Committee note the work of the Internal Audit Team over the period April 2011 to March 2012 as shown in Appendix A and that this is the prime evidence source for �the opinion�.

1.2.4 That the Committee agree that the outcomes of the work and the other matters referred to in this report provide evidence of a substantial level of internal control within the Council, which supports the findings and conclusions shown in the Annual Governance Statement for 2011/12.

1.2.5 That the Committee notes the improvements in control that occur as a result of the audit process.

1.2.6 That, as part of its consideration of this report, the Committee considers the effectiveness of the Council�s internal audit and expresses an opinion accordingly.

1.3 Reasons for Recommendation

1.3.1 The statutory Code of Practice for Internal Audit in Local Government in the United Kingdom requires that the Head of Internal Audit must provide a written report to those charged with governance, timed to support the Annual Governance Statement.

1.3.2 A report relating to the Annual Governance Statement 2011/12 appears elsewhere on the agenda for this meeting.

1.3.3 The Head of Internal Audit�s annual report to the organisation must:

� Include an opinion on the overall adequacy and effectiveness of the organisation�s control environment

� Disclose any qualifications to that opinion, together with the reasons for the qualification

� Present a summary of the audit work from which the opinion is derived, including reliance placed on work by other assurance bodies

� Draw attention to any issues the Head of Internal Audit judges particularly relevant to the preparation of the Annual Governance Statement

� Compare the work actually undertaken with the work that was planned and summarise the performance of the internal audit function against its performance measures and targets

� Comment on compliance with the standards (the Code of Practice) and communicate the results of the internal audit quality assurance programme.

1.3.4 The Accounts and Audit Regulations 2011 also require that the Council �must, at least once a year, conduct a review of the effectiveness of its internal audit�. It is considered that this report provides evidence of the effectiveness of internal audit and the Committee is therefore asked to treat consideration of this report as �the review�.

The opinion on the overall adequacy and effectiveness of the Council�s control environment

1.3.5 It is the opinion of the Head of Internal Audit that substantial reliance can be placed on the Council�s control environment in terms of the overall adequacy and effectiveness of the controls and processes that are in place to achieve the objectives of the Council. The evidence to support the opinion is contained within this report.

Any qualifications to that opinion, together with the reasons for the qualification

1.3.6 There is no qualification to the audit opinion.

A summary of the audit work from which the opinion is derived

1.3.7 The opinion on the control environment is principally formed through the results of Internal Audit work during the financial year. However, the following factors have also been considered:

� The results of external audit work during the year and any concerns expressed by the External Auditor

� The effectiveness of the Council�s risk management arrangements

� Significant control breakdowns during the financial year, whether they were found by Internal Audit or not

� The results of any form of external inspection or assessment, and:

� The effectiveness of senior management in resolving control weaknesses.

Internal Audit work

1.3.8 Thirty-five audit projects were completed between April 2011 and March 2012 and are listed at Appendix A. This is 97% of the original audit plan. The list shows the control assurance for each audit. The projects completed during the first six months of the year were reported to the Committee in an Interim Report on 28 November 2011.

1.3.9 �Six of the projects completed during the year did not include a control assurance assessment as it was not appropriate to the projects. This included work on the Audit Commission�s National Fraud Initiative and the work that is carried out to validate the accuracy of the Interreg claim.

1.3.10 �The work of the Internal Audit Team has established that for the majority (76%) of the areas examined, satisfactory controls were in place at the time of the original audit. These are summarised at Appendix B. Where weaknesses have been identified the appropriate Head of Service has agreed the action to be taken to rectify those weaknesses.

1.3.11 �As a result of the follow-up process, 97% of the areas reviewed were assessed to have a satisfactory level of controls assurance, with just one audit awaiting a follow-up assessment at the end of the financial year.

1.3.12 �The external auditors have been able to place reliance on the work of Internal Audit.

The results of external audit work during 2011/12

1.3.13 �The main part of the external auditor�s work relates to the Council�s financial accounts. The auditors will shortly be considering the accounts for 2011/12. Internal Audit has had meetings with the Commission�s Audit Manager and Principal Auditor during 2011/12 and no issues have been raised which would give concern in relation to the Council�s internal controls.

1.3.14 �The external auditor�s Annual Audit and Inspection Letter for 2010/11 was reported to the meeting of the Audit Committee on 28 November 2011.

1.3.15 �The Auditor opinion was that, overall the Council is performing well. The key points made were:

� An unqualified opinion on the financial statements has been issued;

� An unqualified value for money conclusion has also been issued;

� The Council has a history of strong financial management, and the

underlying financial position is sound;

� There is a strong record of achieving efficiency savings and a clear

focus on prioritising resources within a sustainable medium term

planning framework

1.3.16 �There were, however, two issues that the Commission asked the

Council to consider:

� The introduction of a specialist asset register system to deal with

the more complex capital accounting requirements of International

Financial Reporting Standards;

� The introduction of additional checks within the final accounts

closedown process to ensure that the capital accounting entries are

correct.

1.3.17 �These issues are being addressed by the Head of Finance & Customer Services as follows:

� The Property Services section is looking at a new property management system which includes a fixed asset register module. Finance will assess that module to establish whether it is suitable for the requirements of International Financial Reporting Standards;

� A capital accounting checklist has been devised and is being used to ensure that all the required capital accounting entries are done.

1.3.18 �The Auditor did not identify any significant weaknesses in the Council�s internal control arrangements.

The effectiveness of the Council�s risk management arrangements

1.3.19 �The Council has had good risk management arrangements in place for many years. A fresh Strategic Risk Register was agreed by Cabinet in June 2011and is closely aligned to the delivery of the Council�s priorities.

1.3.20 �Work was carried out during 2011/12 to develop operational risk registers and to incorporate them within service plans.

1.3.21 �Internal Audit has responsibility for facilitating the risk management process. Unfortunately the available resources for this are quite limited, which impacts on the ability to maintain momentum. Further work will be carried out during 2012/13 to improve the strategic and operational risk arrangements.

1.3.22 �It is considered that, in general, reliance can be placed on the effectiveness of the Council�s risk management arrangements.

Significant control breakdowns during the financial year, whether they were found by Internal Audit or not

1.3.23 �There were no significant control breakdowns during 2011/12.

The results of any other form of external inspection or assessment

1.3.24 �There have been no governance or control based external inspections or assessments during 2011/12, other than the normal external audit work.

The effectiveness of senior management in resolving control weaknesses

1.3.25 �Seven reports were issued during 2011/12 relating to areas where a limited control assurance was assessed as being in place at the time of the original audit. These are summarized at Appendix C. In all cases the responsible Head of Service completed an action plan setting out comprehensive and timely actions to address the audit recommendations.

1.3.26 �Heads of Service are required to respond to every audit report where recommendations are made, by completing an action plan which sets out the action that will be taken to address the audit recommendations. The response is assessed for adequacy; to ensure that the proposed actions are sufficient and that any weakness will be addressed within a reasonable period.

1.3.27 �Internal Audit carries out a follow-up to each audit to ensure that the actions have been taken in practice.

1.3.28 �Twenty-eight audit follow-ups took place during 2011/12. These are shown at Appendix D. At the end of the year there was just one audited subject with a �limited assurance� outstanding.

1.3.29 �Based on the very positive responses received from senior management and the results of follow-up work, it is considered that senior management is effective in resolving control weaknesses.

Issues that the Head of Internal Audit judges particularly relevant to the preparation of the Annual Governance Statement

1.3.30 �The opinion of the Head of Internal Audit on the internal control environment is particularly relevant to the preparation of the Annual Governance Statement. In that context the Governance Statement will need to note there is only one audit report where only limited controls assurance was found to be in place, which had not been the subject of a follow-up audit by the end of the financial year.

o Emergency Plan � Follow up scheduled for July 2012

��

This has been added to the Annual Governance Statement as an �outstanding control weaknesses� at 31 March 2012.

Performance of the internal audit function against its performance measures and targets

1.3.31 �The internal audit function has three performance targets which are measured and reported. The targets are:

� Completion of the annual internal audit plan (90% target)

� Percentage of chargeable time (i.e. time spent on planned audit work - the target for the operational auditors is 85%)

� Achievement of customer care targets (85% target)

1.3.32 �The target for completion of audit projects within the internal audit plan is thirty-six projects per annum. This has to be achieved through the completion of twelve projects by each of the three operational auditors.

1.3.33 �In practice the number of projects completed during 2011/12 was thirty-five, which is 97% of the target. It should be noted that this does not include some small projects, which are listed as �other audit work� at the end of Appendix A.

1.3.34 �Customer surveys are issued to clients following each internal audit to assess satisfaction with the audit process. In addition, an annual survey of Heads of Service is carried out in order to obtain responses on the quality of internal audit, perceptions of auditor skills and the value of audit reports. The responses to the annual survey for 2011/12 show that Heads of Service and the Directors are �satisfied� or �very satisfied� with the internal audit service.

Compliance with the CIPFA Code of Practice and the internal audit quality assurance programme.

1.3.35 �The Code sets out the standards that the Internal Audit team has to comply with in order to meet the statutory requirement. A copy of the code has been provided to each auditor. The Code contains a checklist which allows a self assessment of compliance with the code to be carried out.

�

1.3.36 �On the basis of a self assessment of compliance and on comments made by the external auditor, it is considered that the work of Internal Audit at Maidstone is in accordance with the Code of Practice.

1.3.37 �A comprehensive internal audit quality assurance programme is in place to:

� Ensure that work is allocated to auditors who have the appropriate skills, experience and competence

� Ensure that all staff are supervised appropriately throughout all audits

The supervisory process covers:

� Monitoring progress

� Assessing quality of audit work

� Coaching staff

1.3.38 �The quality assurance programme is maintained though the ongoing review of reports and working papers by the Audit Manager and the Head of Internal Audit and through adherence by all members of the audit team to the Code of Practice.

Assurance levels

1.3.39 �Internal Audit use �assurance levels� or assurance statements to provide the overall audit opinion for the service or area that has been reviewed. The use of an assurance level is consistent with the requirement for managers (and Members) to consider the degree to which controls and processes can be relied upon to achieve the objectives of the reviewed activity. There are four assurance levels, as set out at Appendix E. The consistent use of assurance levels allows a balanced view to be taken of the overall adequacy of control within the Council.

1.3.40 �In the financial year 2011/12, a total of twenty-nine audit reports included an assurance assessment for the area that had been audited (six did not). The initial assurance assessments were categorised as follows:

Control Assurance	2011/12	Previous year
High	1	4
Substantial	21	24
Limited	7	1
Minimal	0	0
Not given	6	6
Total	35	35

1.3.41 �The collective assurance level, which can be extracted from the audit work performed during 2011/12, provides considerable evidence to support the statutory Annual Governance Statement, with 76% of the reports having a positive assurance assessment of �substantial� or �high� at the time of the initial audit.

Reporting of Internal Audit work to the Audit Committee

1.3.42 �Internal Audit work is reported at six-monthly intervals to the Audit Committee. An interim report, showing the first six months work of the financial year, was provided to the Audit Committee meeting in November 2011.

Mid Kent Internal Audit Partnership

1.3.43 �The four-way Internal Audit Partnership between Maidstone, Swale, Ashford and Tunbridge Wells came into being on 1 April 2010. Since that time a considerable amount of work has been carried out in order to embed the arrangements.

1.3.44 �The financial year 2011/12 was a period of consolidation for the partnership, with audit systems and processes being made consistent across the four partner sites.

1.3.45 ��Maidstone has benefited from a reduction in the annual cost of Internal Audit by �52,000 compared with the pre-partnership costs, and by the creation of a more resilient and more professional service. The quality of the audit work has continued to improve year-on-year since 2010. �

1.3.46 ��Feedback on the second year of the Partnership has been positive at all four Councils.

1.4 Alternative Action and why not Recommended

1.4.1 A total of thirty-five Internal Audit projects were completed during the financial year 2011/12. The work has led to improvements in control in the areas that were reviewed.

1.4.2 Although the audit work identified some areas where controls were in need of improvement, it has been established through the follow-up process, that the responsible Head of Service has since taken the necessary action to address the weaknesses.

1.4.3 The matters referred to in this report and in the appendices provide evidence to support the view of the Head of Internal Audit.

1.4.4 The alternative action would be to not agree the recommendations shown at the beginning of the report. However, this would not align with the factual position set out in the report.

1.5 Impact on Corporate Objectives

1.5.1 The work of Internal Audit helps to ensure the delivery of the Council�s objectives.

1.6 Risk Management

1.6.1 Internal Audit seeks to test the adequacy of the controls which management has put in place to manage risk.

1.7 Other Implications

1.7.1

a)�� Financial

c) Staffing

b) Legal

c) Equality Impact Needs Assessment

d) Environmental/Sustainable Development

e) Community Safety

f) Human Rights Act

g) Procurement

h) Asset Management

1.7.2 The work of Internal Audit includes reviews of the main financial systems. ��

1.7.3 The work of Internal Audit impacts on staffing issues and leads to changes in working practices.

1.7.4 There is a statutory requirement for the Council to undertake an adequate and effective internal audit of its accounting records and of its system of internal control in accordance with the proper practices in relation to internal control (Accounts and Audit Regulations 2011).

1.8 Relevant Documents

1.8.1 Appendices

Appendix A � Audit projects completed between April 2011 and March 2012

Appendix B � Audit projects completed between April 2011 and March 2012 where controls were satisfactory

Appendix C � Audit projects completed between April 2011 and March 2012 where controls were unsatisfactory

Appendix D � Audit follow-ups during 2011/12

Appendix E � Assurance levels definition

1.8.2 Background Documents

1.8.3 The Code of Practice for Internal Audit in Local Government in the United Kingdom 2006.

IS THIS A KEY DECISION REPORT?

Yes�� No

If yes, when did it first appear in the Forward Plan?

��..

This is a Key Decision because: ��..

��.

Wards/Parishes affected: ��..

��..