Contact your Parish Council

(final) MBC Internal Audit Annual Report 2013-14 (03-07-14)

MAIDSTONE BOROUGH COUNCIL

Audit Committee

Monday 14 july 2014

REPORT OF Head of Audit Partnership

Report prepared by Russell Heppleston�

��

1. internal Audit annual report 2013/14

1.1 Issue for Decision

The purpose of the report is to meet the Head of Internal Audit annual reporting requirements set out in the Public Sector Internal Audit Standards (the �Standards�). The report also informs Audit Committee members of the Head of Audit Partnership�s annual internal audit opinion on the overall adequacy and effectiveness of the organisation�s framework of governance, risk management and control, which will be used to inform the Annual Governance Statement 2013/14.

�� The Standards, in particular Standard 2450: Overall Opinions, direct that the annual report must incorporate:

� The annual internal audit opinion on the overall adequacy and effectiveness of the organisation�s framework of governance, risk management and control;

� A summary of the work completed that supports the opinion; and

� A statement on conformance with the Public Sector Internal Audit Standards and the results of the quality assurance and improvement programme.

�

1.2 Recommendation of the Head of Audit Partnership

1.2.1 That the Audit Committee notes the annual opinion of the Head of Audit Partnership that substantial reliance can be placed on the overall adequacy and effectiveness of the organisation�s framework of governance, risk management and control, and that the opinion will be used to inform the Annual Governance Statement 2013/14.

1.2.2 That the Audit Committee notes the results of the work of the Internal Audit Team over the period April 2013 to March 2014, as shown in the report as the evidence supporting for the Head of Audit Partnership�s opinion.

1.2.3 That the Audit Committee agrees that an effective internal audit service has operated during 2013/14 and notes its conformance to the Public Sector Internal Audit Standards.

1.3 Reasons for Recommendation

1.3.1 The Council�s internal audit service is provided by Mid Kent Audit as a partnership between Maidstone, Ashford, Swale and Tunbridge Wells Borough Councils. The four way partnership has been in operation since 2010, with Maidstone also participating in the preceding two way partnership with Ashford which began in 2005.

�

1.3.2 The overall scope of the Council�s audit service is set out in advance within the annual internal audit plan. The Council�s Audit Committee agreed the 2013/14 audit plan at its meeting on 24 March 2013 and received a progress update on 25 November 2013.

1.3.3 We have completed the audit work set out in that plan, subject to minor modifications in year in response to prevailing risks and needs of the Council, in accordance with mandatory standards and good practice contained within the Standards.

1.3.4 We are therefore satisfied the Council can place substantial assurance on the system of control in operation during 2013/14. Furthermore we are satisfied that the corporate governance framework complies in all significant respects with the best practice guidance issued by CIPFA/SOLACE. Finally, we are satisfied that the Council�s risk management processes are effective. We ask the Audit Committee to note these opinions and that they will inform the Council�s Annual Governance Statement.

1.3.5 Please see Appendix A and B for the Annual Internal Audit Report 2013/14 and summaries of work completed from 1 April 2013 to 31 March 2014 that support the overall opinions summarised above.

��

1.4 Alternative Action and why not Recommended

1.4.1 We are satisfied that the opinions expressed are a fair reflection of the work completed by Mid Kent Audit for Maidstone Borough Council during 2013/14. Therefore we recommend no alternative course of action.

1.5 Impact on Corporate Objectives

1.5.1 The role of the Audit Committee includes the consideration of risk, controls and governance across the whole Council. The effectiveness of the Audit Committee therefore has an impact across all of the Council�s Corporate Objectives.

1.6 Risk Management

1.6.1 Internal Audit seeks to establish and evaluate the controls that Management have put in place to manage risks.

1.7 Other Implications

1.7.1 None directly

1.�� Financial

2. Staffing

3. Legal

4. Equality Impact Needs Assessment

5. Environmental/Sustainable Development

6. Community Safety

7. Human Rights Act

8. Procurement

9. Asset Management

1.8 Relevant Documents

1.8.1 Appendices

1.8.1.1 Appendix A: Internal Audit Annual Report 2013/14

1.8.1.2 Appendix B: Summaries of Internal Audit Output 2013/14

1.8.2 Background Documents

1.8.2.1�� None

IS THIS A KEY DECISION REPORT?�� THIS BOX MUST BE COMPLETED

Yes�� No

If yes, this is a Key Decision because: ��..

��.

��

Wards/Parishes affected: ��..

��..

Mid Kent Audit

Internal Audit

Annual Report

2013/14

Maidstone

Introduction

Internal auditing is an independent and objective assurance and consulting activity designed to add value and improve the Council�s operations. It helps the Council accomplish its objectives by bringing a systematic and disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. (Definition of Internal Audit � PSIAS 2013)

Authority for Internal Audit is provided by the Accounts and Audit Regulations 2011, which requires the Council to undertake an adequate and effective internal audit of its accounting records and its systems of internal control in accordance with the �proper practices�. From 1 April 2013 the �proper practices� are the Public Sector Internal Audit Standards (PSIAS) which replaced the Code of Practice for Internal Audit in Local Government in the UK.

From 2013/14 onwards, the Head of Audit Partnership must provide an annual internal audit opinion and report timed to support the annual governance statement. In accordance with the PISAS the annual report must incorporate:

a) An annual internal audit opinion on the overall adequacy and effectiveness of the organisation�s framework of governance, risk management and control;

b) A summary of the audit work from which the opinion is derived (including reliance placed on work by other assurance bodies); and

c) A statement on conformance with the UK Public Sector Internal Audit Standards and the results of the Quality Assurance and Improvement Programme.

In addition, the Head of Audit Partnership must confirm to the Audit Committee at least annually, the organisational independence of internal audit activity.

Independence:

Mid Kent Audit is provided through a shared service partnership together with Ashford, Maidstone, Swale and Tunbridge Wells.

At Maidstone Borough Council, the Head of Audit Partnership has direct and unrestricted access to the Chief Executive, senior management and the Chair of the Audit Committee.

For 2013/14, the Head of Audit Partnership reported organisationally to the Director Environment and Shared Services, who is a member of the Senior Leadership Team (SLT). On no occasion has the Director or SLT sought to restrict the scope of audit work or to change any report prepared by the Head of Audit Partnership. From May 2014 the Head of Audit Partnership now reports to the Mid-Kent Services Director.

It is considered that Internal Audit is organisationally independent and fully meets the necessary standard for independence and objectivity.

a) Head of Audit Partnership Annual Opinion

This opinion statement is provided for Maidstone Borough Council (the Council) in support of its Annual Governance Statement 2014, which is published alongside the statement of accounts for the year ended 31 March 2014.

Scope of responsibility

The Council is responsible for ensuring its business is conducted in accordance with the law and proper practices and that public money is safeguarded and properly accounted for, and used economically, efficiently and effectively.� The Council also has a duty under the Local Government Act 1999 to make arrangements to secure continuous improvement in the way in which its functions are exercised, having regard to a combination of economy, efficiency and effectiveness.

In discharging this responsibility the Council is also responsible for ensuring that there exists a sound system of internal control with allows for effective exercise of the Council�s functions and arrangements for the management of risk.

The purpose of the system of internal control

The system of internal control is designed to manage risk to a reasonable level rather than eliminate risk of failure to achieve policies, aims and objectives.� It can therefore only provide reasonable and not absolute assurance of effectiveness.� The system of internal control is based on an on-going process designed to identify and prioritise the risks to the achievement of the Council�s policies, aims and objectives, to evaluate the likelihood of those risks being realised and the impact should they be realised and to manage them efficiently, effectively and economically.

The control environment

The Public Sector Internal Audit Standards (the �Standards�) states that the control environment includes the following elements:

�� Integrity and ethical values.

�� Management�s philosophy and operating style.

�� Organisational structure.

�� Assignment of authority and responsibility.

�� Human resource policies and practices.

�� Competence of personnel.

In examining the control environment, I have had regard to these elements and how they support the Council�s framework of governance, risk management and control.

Basis of assurance

Mid Kent Audit has conducted audits both in accordance with the mandatory standards and good practice contained within the Standards and additionally from our own internal quality assurance systems, which include operating to an agreed audit manual with adequate supervision and review.

My opinion is limited to the work carried out by Internal Audit during the year on the effectiveness of the management of those principal risks, identified within the Council�s assurance framework, that are covered by Internal Audit�s programme.� Where principal risks are identified within the Council�s framework that do not fall under Internal Audit�s coverage or that are not included in Internal Audit�s coverage, I am satisfied that an assurance framework is in place that provides reasonable assurance that these risks are being managed effectively.

Our work relating to the year to 31 March 2014 was completed in line with the operational plan approved by the Audit Committee on 24 March 2013 and updated on 25 November 2013.

Internal control

From the Internal Audit work undertaken in 2013/14 it is my opinion that I can provide substantial assurance that the system of internal control that has been in place at Maidstone Borough Council (the Council) for the year ended 31 March 2014 accords with proper practice.� This assurance extends to both the financial and non-financial systems of the Council insofar as they have been subject to audit review.

Corporate governance

In my opinion the corporate governance framework complies in all significant respects with the best practice guidance on corporate governance issued by CIPFA/SOLACE.

Risk management

I am satisfied that the risk management processes are effective and provide regular information on key risks and issues to the Council�s management team and through to Members.

I have based these opinions on the work outlined in the detail of this report.

b) Summary of Audit Work � Maidstone 2013/14

The following audit projects related to the financial year 2013/14 have been delivered from the Maidstone operational audit plan, as agreed by the Audit Committee on 24 March 2013, and endorsed on 25 November 2013 as part of the 6 month internal audit interim report:

No	Title	Head of Service	Month Issued	Assurance
1	Procurement: E-Tendering	Head of Finance & Resources	May 2013	High
2	Benefits: Application & Assessment	Head of Revenues & Benefits Shared Service	June 2013	High
3	Income, Banking & Cash Collection	Head of Finance & Resources	June 2013	High
4	Corporate Project Management Framework	Head of Finance & Resources	June 2013	Substantial
5	CCTV	Head of Housing & Community Services	September 2013	Substantial
6	Parking Services Partnership: Car Park Income	Head of Environment & Public Realm	September 2013	Substantial
7	Maidstone Market	Head of Environment & Public Realm	September 2013	Substantial
8	Food Safety	Head of Housing & Community Services	October 2013	Substantial
9	Community Safety Grants	Head of Housing & Community Services	October 2013	Substantial
10	Public Sector Equalities Duty	Head of Policy & Communication	October 2013	Substantial
11	Accounts Receivable (Debtors)	Head of Finance & Resources	November 2013	Substantial
12	General Ledger: Feeder Systems	Head of Finance & Resources	December 2013	Substantial
13	Property Income	Head of Finance & Resources	December 2013	Substantial
14	Housing Grants	Head of Housing & Community Services	January 2014	Substantial
15	Commercial Waste Service	Head of Environment & Public Realm	February 2014	Substantial
16	Business Rates: Valuation, Liability & Billing	Head of Revenues & Benefits Shared Service	February 2014	Substantial
17	Treasury Management	Head of Finance & Resources	March 2014	Substantial
18	Accounts Payable (Creditors)	Head of Finance & Resources	March 2014	Substantial
19	Council Health & Safety	Head of HR Shared Service	April 2014	Substantial
20	Refuse Collection: Contract Payments	Head of Environment & Public Realm	May 2014	Substantial
21	Recruitment Shared Service	Head of HR Shared Service	May 2014	Substantial
22	Council Tax: Recovery & Enforcement	Head of Revenues & Benefits Shared Service	May 2014	Substantial
23	Museum: Collections & Artifacts	Head of Commercial & Economic Dev.	September 2013	Limited
24	Freedom of Information	Head of Policy & Communication	November 2013	Limited
25	Housing Options (Housing Allocations)	Head of Housing & Community Services	May 2014	Limited
26	NFI 2013-14: Progress Report	Dir. of Regeneration & Communities	September 2013	N/A
27	Teammate Hosting Project	Head of Audit Partnership	September 2013	N/A
28	Fraud Protocol	Head of Audit Partnership	March 2014	N/A
29	Benefit Fraud Complaint	Head of Revenues & Benefits Shared Service	April 2013	Investigation

�(See APPENDIX B for further details on each audit project)

Level of Assurance	2013/14
High	3
Substantial	19
Limited	3
Minimal	0
Not Applicable	4
TOTAL	29

Definitions of Assurance Levels 2013/14:

�Assurance Level

Summary description

Detailed definition

Minimal

Urgent improvements in controls or in the application of controls are required.

The authority or service is exposed to a significant risk that could lead to failure to achieve key authority/service objectives, major loss/error, fraud/impropriety or damage to reputation. This is because key controls do not exist with the absence of at least one critical control or there is evidence that there is significant non-compliance with key controls.

The control arrangements are of a poor standard.

Limited

Improvements in controls or in the application of controls are required

The area/system is exposed to risks that could lead to failure to achieve the objectives of the area/system under review. This is because, key controls exist but they are not applied, or there is significant evidence that they are not applied consistently and effectively.

The control arrangements are below an acceptable standard.

Substantial

Controls are in place but improvements would be beneficial

There is some limited exposure to risk which can be mitigated by achievable measures. Key or compensating controls exist but there may be some inconsistency in application.

The control arrangements are of an acceptable standard.

High

Strong controls are in place and are complied with

The systems/area under review is not exposed to foreseeable risk, as key controls exist and are applied consistently and effectively.

�The control arrangements are of a high standard.

Performance:

Mid Kent Audit delivered 29 projects (out of 32 agreed projects) of the Maidstone operational audit plan for 2012/13 which is an achievement of 90%.

For 2013/14 a quarterly output target was set as a means to measure and monitor performance against delivery of the audit plan. This forms part of the Maidstone Reach the Summit performance management framework.

	Original Target	Adjusted Target (September 2013)	Output	%
Q1	5		5	100%
Q2	9		6	66%
Q3	10	7*	7	100%
Q4	11	11	11	100%
TOTAL	35	32	29	90%

*Changes to the Operational Plan 2013/14:

It is a requirement for the audit plan to be flexible, this is to ensure that it remains relevant and accurately reflects the risks and needs of the Council. There were six changes to the plan in 2013/14. The majority of these changes were as a result of projects being deferred due to audit resources being better utilised on other higher level risk projects. �

No.	Title	Head of Service	Reason	Comments
1	Declarations of Interest (Members)	Head of Policy & Communication	DEFERRED	Project deferred � Agreed in 2014/15 Plan.
2	Strategic Asset Management	Head of Finance & Resources	DEFERRED	Project deferred � Agreed in 2014/15 Plan (Investment Property).
3	Street Cleansing	Head of Environment & Public Realm	DEFERRED	Project deferred � Agreed in 2014/15 Plan.
4	Trusts & Partnerships	Head of Commercial & Economic Dev.	DEFERRED	To be included the MKIP Governance project in 2014/15.
5	Corporate Governance	Head of Policy & Communication	DEFERRED	Project deferred � Agreed in 2014/15 Plan.
6	Hazlitt Theatre & Arts Centre	Head of Commercial & Economic Dev.	CANCELLED	Project was cancelled due to recent contract � to be included in 15/16.

Anti-Fraud & Corruption:

Internal Audit has not had to undertake any investigations of fraud in 2013/14 for Maidstone Borough Council.

There have been no investigations resulting from the Council�s whistleblowing protocols.

In 2013/14 we undertook an exercise to draft a fraud investigation protocol. The purpose of the protocol is to ensure that in the event of an investigation, that Internal Audit and HR can work seamlessly to ensure that the right outcomes are achieved for the Council. The protocol has been circulated to the Heads of HR at each of the Mid Kent Audit partnership sites. The results of the consultation will be incorporated into the protocol, with an aim to implement in 2014/15.

Benefit Fraud Complaint:

Internal Audit was asked to conduct an independent review into an allegation of misconduct received against a Benefit Fraud Officer from a Benefit Claimant being investigated for fraud.

The work involved an assessment of the case file, and interviews with the Officer and Managers.

The complaint was concluded to be unsubstantiated, and the work conducted by the Officer was confirmed as being in line with the agreed procedures of the Council. Therefore, no further action was taken.�

National Fraud Initiative:

Mid Kent Audit has continued to support the National Fraud Initiative (NFI) for the purposes of detecting and preventing fraud nationally. In 2013/14 Council Tax Single Persons Discount (SPD) data was matched against electoral role data to identify any potential fraudulent claims for SPD.

The data matches for the Council Tax (SPD) data were released for investigation on 19 March 2014.� The table below provides a summary of the data matches to be investigated:

Report ID	Report title	Number of matches reported
801	Council Tax to Electoral Register	897
Total		897

The Shared Benefit Fraud Service will be investigating the matches with the intention to release the outcomes by September 2014.

The previous NFI exercise (2012/13) matching Housing Benefit, Payroll, Insurance, License and Creditors data is 99% complete. The total value of outcomes reported on the 2012/13 exercise is �61,898.79.

Audit Commission Fraud Survey 2013:

The Audit Commission requires that the Council undertakes an annual internal fraud survey submitted. Mid Kent Audit coordinates the survey and provides the information to the Audit Commission in May each year. There were no issues arising from the survey for 2013. The results of the survey form part of the annual publication � Protecting the Public Purse 2013.

Follow-up & Implementation of Recommendations 2013/14:

In 2013/14 we began to track the implementation of audit recommendations to better demonstrate the action being taken by management to address the issues identified during audit work. This data will be used in 2014/15 to inform a review of the follow-up process (the 2014/15 audit process will be presented to Audit Committee as part of the meeting on 14 July 2014).

We conducted 12 follow-up reviews in 2013/14 and notably, the limited level project has been re-assessed as providing improved substantial assurance. �

We reviewed progress against 96 recommendations within those 12 audit projects, all of which were accepted. Of these 96 recommendations 62 have been fully implemented representing 65% completion. This is a satisfactory result, when taking into consideration that this is the first time that audit recommendations have been tracked in this way, and demonstrates that Managers and Officers of the Council take on board and action audit recommendations.

This does however, leave 34 recommendations either outstanding or not yet due. Under the current process, these are not subject to further follow-up. This is a key driver for us to review the process in 2014/15 to ensure that future audit recommendations are followed up when due, throughout the year.

No	Title of Audit	Month Issued	Level of Assurance	No. Recs	Follow-up	Recs Implemented	%	Re-assessment
1	Compliance with Officer code of conduct	June 2012	Substantial	8	April 2013	6	75%	Substantial
2	Complaints	October 2012	Substantial	8	May 2013	5	63%	Substantial
3	Visitor Economy Business Unit	January 2013	Limited	17	May 2013	15	88%	Substantial
4	Compliance with Planning Code of Conduct	October 2012	Substantial	5	July 2013	3	60%	Substantial
5	Performance Management Framework	October 2012	Substantial	6	July 2013	3	50%	Substantial
6	Homelessness	December 2012	Substantial	8	July 2013	4	50%	Substantial
7	Litter Enforcement	February 2013	Substantial	10	October 2013	7	70%	Substantial
8	Development Control Enforcement	February 2013	Substantial	8	September 2013	4	50%	Substantial
9	IT Network Controls	April 2013	Substantial	4	February 2014	0	0%	Substantial
10	GL: Budgetary Control	April 2013	Substantial	6	February 2014	4	67%	Substantial
11	Maidstone Market	September 2013	Substantial	2	March 2014	2	100%	High
12	Car Park Income	September 2013	Substantial	14	March 2014	9	64%	Substantial
	TOTAL			96		62	65%

c) Quality Assurance & Improvement Programme:

The Public Sector Internal Audit Standards (PSIAS) were introduced on 1 April 2013 and set the professional standards for Internal Audit in Local Government. The introduction of the standards brought with them new challenges for Mid Kent Audit, and work was conducted throughout the year to ensure that we could comply with the new standards and to use them as a platform to enhance how we deliver the service.

In January 2014 we commissioned a �validated self-assessment� against the new standards through the Chartered Institute of Internal Auditors (IIA). The assessment itself was intensive, and the IIA conducted thorough reviews of all aspects of the audit service, including conducting interviews across each of the Mid Kent Audit sites with key senior stakeholders.

The assessment was the first of any Local Authority in the Country, the results of which have since been featured in the Municipal Journal as a demonstration of the successes of partnership working and benefits of having an effective Internal Audit service.

The results of the assessment were overwhelmingly positive, with the service receiving no fails:

Total Number of Standards	Fully Compliant	Partial Compliance	Failure to Comply
56	50	6	0

This is a considerable achievement and provides a high level of independent assurance that Mid Kent Audit is providing a professional and high quality service and is setting the standards in Kent.

Having an independent, objective and professional Internal Audit service is one of the key elements of strong and effective governance. Conformance with the professional standards is evidence to demonstrate that Mid Kent Audit is meeting this criterion, and that Members, Officers and External Auditors can place reliance on the work of Internal Audit.

The IIA will be invited back in 2014/15 to assess progress against the six areas of �partial compliance� with the expectation to have achieved full compliance of the standards.

Satisfaction with Internal Audit Service � Maidstone 2013/14

At the close of each audit project the Auditors issue a satisfaction survey to the key client (being the Manager they had most interaction within during the audit).

Four questions are asked, designed to measure the overall audit experience:

1. Sufficient notice was given to enable me to prepare for the audit.

2. Interviews were conducted in a competent and professional manner.

3. The auditor had sufficient skill and knowledge to conduct this audit.

4. There was adequate opportunity to discuss audit findings and recommendations.

Responses are measured against Strongly Agree (4), Agree (3), Disagree (2) and Strongly Disagree (1).

Number of Projects Completed	Number of Surveys Issued	Survey Responses Received	% Return Rate
29	24	18	75%

The level of satisfaction has been calculated by using the total responses received to give an overall level of satisfaction:

It is clear to see that the level of satisfaction with the audit service is high, and has been sustained throughout the year. This is particularly rewarding considering the challenges that Mid Kent Audit faced with changes to staff, process and the external assessment. The feedback received through the customer surveys is a further indication as to the high level of professionalism applied by the auditors when conducting audit work, and demonstrates that even amidst all of the challenges faced in 2013/14, the level of service did not diminish and was not compromised. �

Acknowledgements:

We would like to use this opportunity to acknowledge and thank Managers, Officers and Members for their continued support, assistance and co-operation as we completed audit work during the year.

APPENDX B:�� Summary of Internal Audit Output: Limited��

Title & Audit Objectives	Summary of Key Findings	Level of Assurance	Summary of Management Response	Follow-up Assurance
Museum: Collections & Artefacts � To assess how the museums� store and catalogue the collections, and confirm current progress against plans to account for and catalogue existing collections � To consider the adequacy of arrangements to protect and secure the collections � To consider the adequacy of the Museum Acquisitions & Disposals Policy � To establish how additions or disposals are agreed and managed, and review the appropriateness of any additions or disposals made in the past year, and consider the arrangements for any future disposals. � To establish the appropriateness of the controls for loaning out and borrowing collections or items and any associated income/charges.	The key recommendations identified during the audit were that: � A more detailed programme for undertaking cataloguing should be defined and followed. � The Council should give consideration to the provision of additional resources to facilitate the completion of the cataloguing programme to help to achieve the objectives of the museum. � The treatment of VAT on the proceeds from the disposal of items should be reviewed to ensure that VAT is being treated correctly. � Processes should be put in place to ensure that documented procedures are followed for items loaned out by the museum and the use of the loan out agreements should be reviewed and consistently applied. � The database used to record artefacts loaned out or disposed of needs to be kept up to date and controls put in place to ensure exit forms are only used as appropriate. � Records of the work done prior to disposing of an item need to be maintained to demonstrate compliance with the museums policies and the Museum Associations guidelines, and to ensure that this supports the treatment of VAT. � The Council should give consideration to funding a valuation of, as a minimum, key artifacts or collections. This should include those which are most valuable materially and those which are integral to the collections.	Limited	All of the recommendations have been agreed. The main actions to be taken are as follows: � A schedule will be developed to identify the research and development needs of each collection and a programme will be put together which identifies what order cataloguing will be undertaken in.� � A review will be undertaken to establish what additional resource is needed and how this will be funded. � All sales made to date will be reviewed with the Finance Team to ensure that the required VAT declarations have been made. � A simplified collections management procedural manual will be produced which will cover the procedures for: items loaned out and borrowed; dealing with exit forms and databases; dealing with disposals. � Quotations for undertaking valuations have been requested and a priority list of collections for review will be identified.	All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.
Freedom of Information � To establish compliance with the Council's approved Publication Scheme. � To verify the accuracy, completeness and integrity of information being provided - to be achieved through data testing of a sample of completed information requests. � To determine and document the current process for handling information requests, to highlight any areas of weakness prior to the implementation of the FOI system.	� The interim FOI system was put in place as a temporary measure after the 2008 Freedom of Information Audit to provide controls over the process for handling requests for information.� This system is still in use and lacks certain key controls and functionality.� � The previous audit recommended that responsibility for Freedom of Information be transferred from the Head of Legal to another, appropriately senior officer.� At the time of the audit, responsibility was not clear, which has led to a lack of ownership over the process resulting in relevant documents not being reviewed and updated and a failure to develop a disclosure log to reflect changes in legislation.	Limited	All of the recommendations have been agreed and some action was taken immediately towards implementation. The main actions to be taken are as follows: � A review of the current guidance and the development of a Freedom of Information Policy which will highlight the main roles and responsibilities. � The correspondence system will be adapted to allow the inclusion of Freedom of Information requests and will include the highlighted control improvements. � A disclosure log will be developed and the publication scheme will be reviewed. � A performance indicator will be developed as part of service planning in the Policy & Performance team.	All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.
Housing Options (Housing Allocations Policy) � To establish compliance with the Housing Allocations policy (April 2013) and agreed procedures. � To review the adequacy and efficiency of the application process and the administration and management of the housing register. � To review controls in place to manage the Choice Based Letting bid process via Homechoice. � To verify the eligibility of applicants housed through the housing allocations process. � To establish and evaluate the controls over the monitoring and reporting of the related service performance measures.	We raised two high priority recommendations relating to concerns over the management and administration of the housing register. These include: � Incomplete or missing evidence. � Applicants being assigned to the wrong housing need band. � Inconsistent enforcement of sanctions for inactive bidders. � Annual renewal requirements not operating. � No written procedure notes to guide those operating the system, leading to inconsistent processes.� This is of particular concern as the system is in large part operated by short term volunteers who do not have the opportunity to build up experience of its operation. As a result of these concerns, we cannot conclude that the service is consistently meeting its main aim of allocating housing to the individuals most in need.	Limited	All of the recommendations have been agreed. The main actions to be taken are as follows: � All applicants short-listed for a tenancy will be checked for compliance with the Allocation Scheme at the time of nomination.� � An annual review of applications will be undertaken based on the anniversary of their application date to ensure that each applicant�s circumstances are checked once a year in addition to the requirement on applicants to inform the council of any change in their circumstances. � The revised draft Allocation Scheme is awaiting comment (to conclude 6 June) and then approval by the Director under delegated powers. � The procedure notes currently provided by the Kent Homechoice partnership will be reviewed to identify and cover any gaps between the partnership notes and MBC�s Allocation Scheme. � A comprehensive performance report is being developed with support from the Performance Team to ensure that all measures are recorded and monitored. The reports will be provided to the Team, the Head of Service and Director.	All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.

Title & Audit Objectives

Summary of Key Findings

Level of Assurance

Summary of Management Response

Follow-up Assurance

Museum: Collections & Artefacts

� To assess how the museums� store and catalogue the collections, and confirm current progress against plans to account for and catalogue existing collections

� To consider the adequacy of arrangements to protect and secure the collections

� To consider the adequacy of the Museum Acquisitions & Disposals Policy

� To establish how additions or disposals are agreed and managed, and review the appropriateness of any additions or disposals made in the past year, and consider the arrangements for any future disposals.

� To establish the appropriateness of the controls for loaning out and borrowing collections or items and any associated income/charges.

The key recommendations identified during the audit were that:

� A more detailed programme for undertaking cataloguing should be defined and followed.

� The Council should give consideration to the provision of additional resources to facilitate the completion of the cataloguing programme to help to achieve the objectives of the museum.

� The treatment of VAT on the proceeds from the disposal of items should be reviewed to ensure that VAT is being treated correctly.

� Processes should be put in place to ensure that documented procedures are followed for items loaned out by the museum and the use of the loan out agreements should be reviewed and consistently applied.

� The database used to record artefacts loaned out or disposed of needs to be kept up to date and controls put in place to ensure exit forms are only used as appropriate.

� Records of the work done prior to disposing of an item need to be maintained to demonstrate compliance with the museums policies and the Museum Associations guidelines, and to ensure that this supports the treatment of VAT.

� The Council should give consideration to funding a valuation of, as a minimum, key artifacts or collections. This should include those which are most valuable materially and those which are integral to the collections.

Limited

All of the recommendations have been agreed. The main actions to be taken are as follows:

� A schedule will be developed to identify the research and development needs of each collection and a programme will be put together which identifies what order cataloguing will be undertaken in.�

� A review will be undertaken to establish what additional resource is needed and how this will be funded.

� All sales made to date will be reviewed with the Finance Team to ensure that the required VAT declarations have been made.

� A simplified collections management procedural manual will be produced which will cover the procedures for: items loaned out and borrowed; dealing with exit forms and databases; dealing with disposals.

� Quotations for undertaking valuations have been requested and a priority list of collections for review will be identified.

All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.

Freedom of Information

� To establish compliance with the Council's approved Publication Scheme.

� To verify the accuracy, completeness and integrity of information being provided - to be achieved through data testing of a sample of completed information requests.

� To determine and document the current process for handling information requests, to highlight any areas of weakness prior to the implementation of the FOI system.

� The interim FOI system was put in place as a temporary measure after the 2008 Freedom of Information Audit to provide controls over the process for handling requests for information.� This system is still in use and lacks certain key controls and functionality.�

� The previous audit recommended that responsibility for Freedom of Information be transferred from the Head of Legal to another, appropriately senior officer.� At the time of the audit, responsibility was not clear, which has led to a lack of ownership over the process resulting in relevant documents not being reviewed and updated and a failure to develop a disclosure log to reflect changes in legislation.

Limited

All of the recommendations have been agreed and some action was taken immediately towards implementation. The main actions to be taken are as follows:

� A review of the current guidance and the development of a Freedom of Information Policy which will highlight the main roles and responsibilities.

� The correspondence system will be adapted to allow the inclusion of Freedom of Information requests and will include the highlighted control improvements.

� A disclosure log will be developed and the publication scheme will be reviewed.

� A performance indicator will be developed as part of service planning in the Policy & Performance team.

All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.

Housing Options (Housing Allocations Policy)

� To establish compliance with the Housing Allocations policy (April 2013) and agreed procedures.

� To review the adequacy and efficiency of the application process and the administration and management of the housing register.

� To review controls in place to manage the Choice Based Letting bid process via Homechoice.

� To verify the eligibility of applicants housed through the housing allocations process.

� To establish and evaluate the controls over the monitoring and reporting of the related service performance measures.

We raised two high priority recommendations relating to concerns over the management and administration of the housing register. These include:

� Incomplete or missing evidence.

� Applicants being assigned to the wrong housing need band.

� Inconsistent enforcement of sanctions for inactive bidders.

� Annual renewal requirements not operating.

� No written procedure notes to guide those operating the system, leading to inconsistent processes.� This is of particular concern as the system is in large part operated by short term volunteers who do not have the opportunity to build up experience of its operation.

As a result of these concerns, we cannot conclude that the service is consistently meeting its main aim of allocating housing to the individuals most in need.

Limited

All of the recommendations have been agreed. The main actions to be taken are as follows:

� All applicants short-listed for a tenancy will be checked for compliance with the Allocation Scheme at the time of nomination.�

� An annual review of applications will be undertaken based on the anniversary of their application date to ensure that each applicant�s circumstances are checked once a year in addition to the requirement on applicants to inform the council of any change in their circumstances.

� The revised draft Allocation Scheme is awaiting comment (to conclude 6 June) and then approval by the Director under delegated powers.

� The procedure notes currently provided by the Kent Homechoice partnership will be reviewed to identify and cover any gaps between the partnership notes and MBC�s Allocation Scheme.

� A comprehensive performance report is being developed with support from the Performance Team to ensure that all measures are recorded and monitored. The reports will be provided to the Team, the Head of Service and Director.

All of the audit recommendations will be followed up in 2014/15 � in line with the individual management response times and target dates.

Summary of Internal Audit Output: Substantial & High

Title & Audit Objectives	Summary of Key Findings	Level of Assurance	Response	Follow-up Assurance
E-procurement � Establish the processes in place for undertaking tenders, including: inviting expressions of interest; distributing relevant tender documentation; accepting and opening bids; and the evaluation of the bids received. � Evaluate the adequacy of the controls in place to ensure compliance with the Contract Procedure Rules and, where applicable, the OJEU rules. In particular review the controls provided by the BIPS Delta system. � Undertake walk-through testing for a sample of tenders to establish whether the controls are working effectively.	� From the walk-through testing and evaluation of the process carried out during the audit, it is concluded that there are strong controls in place over the tendering process and that the process complies with the Contract Procedure Rules. � No recommendations for service of control improvements have been made in this report.	High	No recommendations were made in the review.	N/A
Benefits: Application & Assessment � To establish whether adequate resources and procedures are in place to ensure compliance with the legislative and performance frameworks. � To establish whether evidential documentation is correctly retained to support the application and assessment process. � To verify that adequate controls and procedures are in place to ensure that benefit assessments are correctly calculated prior to payment. � To establish whether adequate procedures are in place to ensure that benefit claims, amendments and cancellations are processed promptly.	� The audit established that sound procedures are in place to ensure that the administration of benefits is in line with statutory guidance and procedures. � No recommendations for service of control improvements have been made in this report.	High	No recommendations were made in the review.	N/A
Income, Cash Collection & Banking � To establish and evaluate the arrangements in place for the collection and banking of income received by the Council. � To review arrangements in place to ensure income is held securely and can be accounted for.	� The audit findings confirmed that the procedures surrounding the receipt of income, cash collections and banking provide strong controls.� � No recommendations for service of control improvements have been made in this report.	High	No recommendations were made in the review.	N/A
Corporate Project Management Framework � To establish the scope and adequacy of the Council�s corporate project management framework. � To test compliance with, and effectiveness of, the framework through the review of a sample of corporate projects.	� To agree a reporting process to better capture projects across the Council that are of a �medium� level � and to consider the appropriateness of the current project �type� classification parameters within the toolkit; � To provide guidance to define the key responsibilities of project team roles assurance officers, and project structure; � To progress and implement an agreed procedure for providing independent project / quality assurance; � To review and refresh the project management toolkit � in particular to incorporate any changes arising from findings from the audit; � To consider the findings resulting from an officer survey relating to project management training, skills and competencies.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
CCTV � To consider the adequacy of the contract monitoring arrangements over the CCTV contract and whether the service is being delivered in line with the contract terms. � To assess whether the CCTV service is operating in compliance with the CCTV Code of Practice guidelines and statutory requirements. � To consider how mobile CCTV cameras are managed and operated and whether this complies with the CCTV Code of Practice. � To review the adequacy of controls over income and expenditure.	� The location of cameras within the Borough has not been reviewed to ensure that coverage is appropriate and there is a supporting rationale for the positioning of the cameras in line with the CCTV Code of Practice. Privacy impact assessments have not been undertaken by Medway for the Maidstone Borough. In addition, not all CCTV signage is up to date, and not all monitored areas are adequately signed. � The Council receives income from 3 third parties for the provision of a CCTV service however this service has not been reviewed and there is no SLA in place with the parties concerned. � The Council has not undertaken a formal risk assessment of the risks arising from the provision of its CCTV service by Medway.� In addition, although provisions are in place to provide CCTV services from the Town Hall in the event of an emergency, there is no Business Continuity Plan in place.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
Car Parking Income (MBC & SBC) � To establish and evaluate the financial controls over the secure collection and reconciliation of cark parking pay and display income. � To determine the adequacy of controls over the administration and payments for season tickets. � To establish and evaluate the arrangements in place to monitor and report the performance of car parking operations, including income.	� The physical controls over cash and banking arrangements are satisfactory. � Car park revenue is appropriately secured and banked in a timely manner at both Maidstone & Swale. � Procedures exist over the reconciliation of income but are not consistently applied. There is a need to implement standardised financial reconciliation procedures across the partnership, and to ensure that income is appropriately allocated and reported. � Additional findings in the audit relate to contract monitoring, maintenance and inspections (of pay and display machines), and the administration of parking permits (Officers and Members).	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: January 2014	Action has been taken in implement some of the recommendations. Substantial Outstanding actions will be followed up in 2014/15.
Maidstone Market � To establish whether all income received is properly charged, collected, receipted, accounted for and banked. � To identify and evaluate the controls over the main sources of expenditure, including value for money controls. � To review the registration process of market traders and consider whether adequate records are held on the traders� identity and their entitlement to trade. � To establish the arrangements for customer and stallholder health, safety and security. � To consider Trading Standards compliance and customer complaints/satisfaction during the past year.	� Controls over income and expenditure are strong, and income is being correctly collected, receipted and reconciled for banking on a daily basis and there are no long standing debts awaiting collection.� � Budget indications show that 2013/14 income would have a shortfall which will need to be addressed. � All expenditure is approved by an authorised officer and is within budget. � The registration and documentation of market traders is good and records management procedures are secure. The day to day operation of the market runs smoothly in line with Trading Standards requirements and Health and Safety legislation.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: March 2014	Action has been taken to implement all of the recommendations. High
Community Safety Grants � To confirm the scope of the grant scheme. � To consider the accuracy of allocation of funding to local community groups. � To review the monitoring and reporting arrangements. � To establish whether awarded grants have been correctly utilised and whether proposed outcomes have been delivered.	Audit review of accounts to confirm the correct use of grants and to establish any resultant outcomes found that grants were being utilised to support the community�s safety and that, in some of the cases reviewed, there were measurable positive outcomes. Two recommendations were raised: � That clear financial records should be kept by the grant funded organisations. � That a clear monitoring and reporting process should be adopted.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
Public Sector Equalities Duty � To consider whether the Council satisfies its statutory and regulatory obligations in relation to the Equalities Act 2010 and �equality duty�. � To verify that roles, responsibilities and accountabilities for the management, monitoring and reporting of Equalities are clearly defined. � To establish whether the Council has fully incorporated the Public Sector Equality Duty into all relevant business activities e.g. decision making, policy setting, service planning, contract formulation, service delivery and recruitment. � To consider whether there is adequate monitoring and reporting of equalities at the Council to ensure on-going compliance with the Duty.	The Council is satisfying its statutory obligations in respect of the Public Sector Equality Duty.� � The Council should complete a self-assessment against the Local Government Equalities Framework to establish the current level of compliance and to agree an aspiration level of compliance to aim for and achieve. � Managers need to be reminded that all equality impact assessments should be published on the Council�s website. � A review is necessary for all recently awarded contract documents to ensure all contracts include an equalities clause as standard. � All published marketing material produced by the Council needs to include a standard statement to inform customers that the information is available in alternative formats.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
Accounts Receivable� (Debtors) � To ensure that accounts receivable are administered in compliance with the Council�s agreed policies and procedures. � To determine the accuracy and timeliness over the raising of debtor accounts. � To determine the accuracy and completeness of payments and reconciliation of the system. � To establish whether the recovery process is followed, and recovery action is taken in accordance with agreed procedures. � To establish whether write-offs are processed and authorised in compliance with the agreed write-off procedures.	Key recommendations were: � To update the �Agresso � User Request Form� to include a section for the user to state the reason for requesting access to ensure access is appropriate. � To update and circulate department procedures and guidance. � To introduce reporting mechanisms that enable the level of write-offs against the debts to be monitored and reported.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
General Ledger: Feeder Systems � To establish and evaluate the controls over the input of feeder systems into the general ledger. � To verify that there is adequate segregation of duties between the payment processing, upload and reconciliation of the feeder systems. � To determine if the suspense account is appropriately managed, monitored and balanced. � To review the upload process between the feeder systems and Agresso to confirm the adequacy of security and access controls. � To evaluate whether journal transfers between financial codes and the general ledger are accurate, fully documented and appropriately authorised.	� The report highlights a risk within the Finance team in relation to resilience. The team continues to face substantial changes to staff, and although procedure notes are in place and are up to date, the report highlights the need to address processes that are currently only able to be conducted by one or two officers, specifically the reconciliation of the Payroll.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: September 2014	All of the audit recommendations will be followed up in 2014/15
Property Income � To verify that the Councils properties that generate income are fully and accurately accounted for on the Council�s asset management system. � To validate the accuracy and completeness of the Council�s investment property records. � To establish the accuracy of the lease, license and rental charges for the Parkwood Estate, small business units, and the sundry corporate properties (including lease and rent reviews). � To review the controls in place for the collection and recovery of property income.	Key recommendations were: � To implement procedure notes to support the property management process, including defining the roles and responsibilities of the various Council departments involved in the process. � To carry out a data cleansing exercise prior to the leaseholder information being uploaded to the new system, and to ensure a consistent approach is applied to how the information is structured within the system. � To consider the possibility of creating rent accounts for the Council�s general fund properties in order to provide more effective management and monitoring. � A formal agreement/lease should be drafted for 1 Keepers Cottage as currently no agreement is held on file.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: September 2014	All of the audit recommendations will be followed up in 2014/15
Housing Grants � To establish the process for the handling claims from application to completion of the works and payment and confirm that this process is as efficient as possible while ensuring the validity of the claim. � To verify the level of award is correctly and accurately calculated in line with defined procedures through a sample of assessed applications. � To verify the validity of grant claims and compliance with the conditions of the grant awarded through a sample of awarded grants.	� There are controls in place to ensure that grant awards are accurate, properly approved, and correctly processed and paid. The controls also safeguard the Council against fraud and error. � However, there is little in the way of detailed and prescriptive written procedures in place. Given the small size of the team and the potential for change, it is important that procedures are in place to provide greater resilience.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: November 2014	All of the audit recommendations will be followed up in 2014/15
Commercial Waste Services � To establish and evaluate the effectiveness and efficiency of the procedures in place to deliver Commercial Waste Services. � To establish the accuracy of fees and charges for the Commercial Waste Service. � To establish the financial controls in place for the collection and recovery of income. � To determine the controls over the operating costs and expenditure for providing service. � To establish the arrangements in place to monitor and report the performance of the commercial waste service.	Key recommendations were: � To ensure that a consistent approach is applied to all aspects of the commercial waste service, including the application process, recording of customer information, completion of waste transfer agreements, and completion of the driver collection sheets. � To ensure invoices are raised for all customers receiving the commercial waste service and that appropriate recovery action is being taken where required. � To implement a mechanism to monitor the individual transactions coded to the commercial waste service to support and strengthen the budget control and monitoring records. � To consider the possibility of creating a database to record and hold customer information for the commercial waste service.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q1 2014/15	All of the audit recommendations will be followed up in 2014/15
Business Rates: Valuation, Liability & Billing (MBC & TWBC) � To confirm whether valuation, liability and billing procedures are in accordance with statutory requirements, and agreed procedures. � To establish whether liability is correctly calculated after the application of reliefs and exemptions. � To assess whether suitable reconciliations are undertaken after changes are made to the valuation list. � To confirm the adequacy and effectiveness of the billing procedures.	Audit testing confirmed that the liability is being correctly calculated and reliefs and exemptions correctly applied. � Both sites use different methods to notify the Valuation Office of changes which need to be made to the valuation list.� � Instances were identified where insufficient documentary evidence or other records were maintained in support of the relief granted.� There is also no regular process at either Council to review the accounts awarded mandatory or discretionary reliefs to assess whether the rate payer still meets the relevant criteria.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: September 2014	All of the audit recommendations will be followed up in 2014/15
Treasury Management � To establish the arrangements with the Council�s treasury management advisors, including roles, responsibilities and charges. � To ensure that the Council�s treasury management activities are managed in compliance with agreed policies and procedures. � To establish and evaluate the controls over the administration and management of treasury management transactions. � To establish the arrangements in place to monitor and report the performance of the Council�s treasury management activities � in line with the Prudential Indicators.	Key recommendations were: � To revise the controls in place to prevent the investment limit being exceeded. � To review the Financial Procedures to ensure the timely reporting of treasury management activities. � To review and update the Council�s Money Laundering Policy. � To deliver treasury management training to Members. � To ensure the availability of the Council�s treasury management strategy and related appendices on the website. � To review and update the procedure notes in place to support the treasury management process.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: October 2014	All of the audit recommendations will be followed up in 2014/15
Accounts Payable � To establish and document the Accounts Payable process to identify any changes to key controls since the previous audit. � To test and verify the accuracy of the Accounts Payable master file using IDEA to analyse the data held on Agresso. � To test and verify the accuracy of the Accounts Payable payments files using IDEA to analyse the data held on Agresso, ensuring payments to suppliers are in line with financial regulations and are supported by a matching invoice.	� We raised one medium priority recommendation as part of the audit regarding the substitution of authorising officers for those with a lower approval level. We identified one instance during the audit where a substituting officer authorised orders greater than their authorisation limit, therefore, being able to bypass the systems controls. � We have also raised a low priority recommendation to ensure that the extract report provided during the audit, identifying possible duplicate supplier information, is reviewed and where necessary appropriate action taken to correct any errors.	Substantial	The Management response to the audit recommendations due: July 2014	All of the audit recommendations will be followed up in 2014/15
Council Health & Safety � To establish and evaluate the procedures in place that enable compliance with legislation and the Council�s agreed Health and Safety policy. � To establish the arrangements in place to promote and raise awareness of health and safety across the Council; � To review the adequacy of the systems and processes in place to provide health and safety training to Managers and Officers. � To establish the arrangements in place to monitor and report the performance of health and safety across the Council.	� Effective procedures exist to ensure the Council complies with health and safety legislation; and performance in regards to health and safety is monitored and reported on a regular basis. � An updated programme of health and safety risk assessments was introduced in 2013, in line with the revised policy and guidance. At the time of the audit it was possible to test the assessment process, however, the inspection programme is yet to be implemented, and therefore could not be tested. � We identified one area for improvement during the audit, to consider reinforcing procedures for accident and incident reporting.	Substantial	All of the recommendations were accepted and appropriate target implementation dates agreed. Agreed follow-up: Q2 2014/15	All of the audit recommendations will be followed up in 2014/15
Waste Collection Payments � To establish the roles and responsibilities for the administration of contract payments. � To establish and review the processes in place within the Council for the processing, authorisation and payment of the monthly contract invoices, and any additional invoices for works outside of the standard contract fee. � To review the adequacy of reconciliations of the holding account. � To confirm that administration costs (applied by Maidstone) are being appropriately managed by the Council.	� The audit confirms that adequate processes are in place for the processing, authorisation and payment of the monthly contract invoices and non-core contract invoices to Biffa. All of the payments made against the invoices tested were correct, and had been processed in line with the agreed procedures.�� � We raised one medium priority recommendation in the report.� This relates to the time taken to pay invoices received from Biffa, as the audit identified six (out of 12) instances where core invoices were paid outside of the agreed terms, which could result in additional costs being incurred.�	Substantial	The Management response to the audit recommendations due: July 2014	All of the audit recommendations will be followed up in 2014/15
HR Shared Service: Recruitment (MBC & SBC) � To establish compliance with the agreed Recruitment and Selection Policies and procedures. � To review the controls in place to manage recruitment related expenditure. � To review the support, guidance and training provided to recruiting officers. � To establish compliance with the induction programme for newly recruited officers.	� We have raised two high priority recommendations, relating to the document management and retention arrangements for recruitment records which are currently in breach of the retention policy and the Data Protection guidelines. � Control improvements are required to ensure that approval to recruit is sought prior to starting the recruitment campaign. � At present the authorities have not been exposed to significant risk as a result of these breaches, principally because we are satisfied that knowledge of proper procedures and compliance within the service is good.�	Substantial	All but 1 of the recommendations was accepted. Discussions are ongoing with the Manager with regards to the unaccepted recommendation. Proposed follow-up: Q2 2014/15	All of the audit recommendations will be followed up in 2014/15
Council Tax: Recovery & Enforcement To establish and evaluate whether: � All recovery action taken follows agreed procedures and is supported by documentary evidence. � Appropriate arrangements are in place with bailiffs for the recovery of council tax and referred cases are adequately monitored. � Debt recovery targets are set and monitored and debts are only written off once agreed procedures have been followed. � The recovery and enforcement procedures are in accordance with statutory requirements.	� We conclude that, for the sample testing undertaken as part of the audit that recovery action taken is appropriate and supported by adequate documentary evidence.� Appropriate arrangements are in place with the bailiff, although at the time of the audit the service was procuring new suppliers and revising processes accordingly.� � We have raised 6 medium priority recommendations in the report.� These relate to the development of a debt recovery strategy, and the enhancement of monitoring arrangements and the team structure to ensure that debt recovery action is undertaken as effectively as possible.�	Substantial	The Management response to the audit recommendations due: July 2014	All of the audit recommendations will be followed up in 2014/15

Title & Audit Objectives

Summary of Key Findings

Level of Assurance

Response

Follow-up Assurance

E-procurement

� Establish the processes in place for undertaking tenders, including: inviting expressions of interest; distributing relevant tender documentation; accepting and opening bids; and the evaluation of the bids received.

� Evaluate the adequacy of the controls in place to ensure compliance with the Contract Procedure Rules and, where applicable, the OJEU rules. In particular review the controls provided by the BIPS Delta system.

� Undertake walk-through testing for a sample of tenders to establish whether the controls are working effectively.

� From the walk-through testing and evaluation of the process carried out during the audit, it is concluded that there are strong controls in place over the tendering process and that the process complies with the Contract Procedure Rules.

� No recommendations for service of control improvements have been made in this report.

High

No recommendations were made in the review.

N/A

Benefits: Application & Assessment

� To establish whether adequate resources and procedures are in place to ensure compliance with the legislative and performance frameworks.

� To establish whether evidential documentation is correctly retained to support the application and assessment process.

� To verify that adequate controls and procedures are in place to ensure that benefit assessments are correctly calculated prior to payment.

� To establish whether adequate procedures are in place to ensure that benefit claims, amendments and cancellations are processed promptly.

� The audit established that sound procedures are in place to ensure that the administration of benefits is in line with statutory guidance and procedures.

� No recommendations for service of control improvements have been made in this report.

High

No recommendations were made in the review.

N/A

Income, Cash Collection & Banking

� To establish and evaluate the arrangements in place for the collection and banking of income received by the Council.

� To review arrangements in place to ensure income is held securely and can be accounted for.

� The audit findings confirmed that the procedures surrounding the receipt of income, cash collections and banking provide strong controls.�

� No recommendations for service of control improvements have been made in this report.

High

No recommendations were made in the review.

N/A

Corporate Project Management Framework

� To establish the scope and adequacy of the Council�s corporate project management framework.

� To test compliance with, and effectiveness of, the framework through the review of a sample of corporate projects.

� To agree a reporting process to better capture projects across the Council that are of a �medium� level � and to consider the appropriateness of the current project �type� classification parameters within the toolkit;

� To provide guidance to define the key responsibilities of project team roles assurance officers, and project structure;

� To progress and implement an agreed procedure for providing independent project / quality assurance;

� To review and refresh the project management toolkit � in particular to incorporate any changes arising from findings from the audit;

� To consider the findings resulting from an officer survey relating to project management training, skills and competencies.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

CCTV

� To consider the adequacy of the contract monitoring arrangements over the CCTV contract and whether the service is being delivered in line with the contract terms.

� To assess whether the CCTV service is operating in compliance with the CCTV Code of Practice guidelines and statutory requirements.

� To consider how mobile CCTV cameras are managed and operated and whether this complies with the CCTV Code of Practice.

� To review the adequacy of controls over income and expenditure.

� The location of cameras within the Borough has not been reviewed to ensure that coverage is appropriate and there is a supporting rationale for the positioning of the cameras in line with the CCTV Code of Practice. Privacy impact assessments have not been undertaken by Medway for the Maidstone Borough. In addition, not all CCTV signage is up to date, and not all monitored areas are adequately signed.

� The Council receives income from 3 third parties for the provision of a CCTV service however this service has not been reviewed and there is no SLA in place with the parties concerned.

� The Council has not undertaken a formal risk assessment of the risks arising from the provision of its CCTV service by Medway.� In addition, although provisions are in place to provide CCTV services from the Town Hall in the event of an emergency, there is no Business Continuity Plan in place.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

Car Parking Income (MBC & SBC)

� To establish and evaluate the financial controls over the secure collection and reconciliation of cark parking pay and display income.

� To determine the adequacy of controls over the administration and payments for season tickets.

� To establish and evaluate the arrangements in place to monitor and report the performance of car parking operations, including income.

� The physical controls over cash and banking arrangements are satisfactory.

� Car park revenue is appropriately secured and banked in a timely manner at both Maidstone & Swale.

� Procedures exist over the reconciliation of income but are not consistently applied. There is a need to implement standardised financial reconciliation procedures across the partnership, and to ensure that income is appropriately allocated and reported.

� Additional findings in the audit relate to contract monitoring, maintenance and inspections (of pay and display machines), and the administration of parking permits (Officers and Members).

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: January 2014

Action has been taken in implement some of the recommendations.

Substantial

Outstanding actions will be followed up in 2014/15.

Maidstone Market

� To establish whether all income received is properly charged, collected, receipted, accounted for and banked.

� To identify and evaluate the controls over the main sources of expenditure, including value for money controls.

� To review the registration process of market traders and consider whether adequate records are held on the traders� identity and their entitlement to trade.

� To establish the arrangements for customer and stallholder health, safety and security.

� To consider Trading Standards compliance and customer complaints/satisfaction during the past year.

� Controls over income and expenditure are strong, and income is being correctly collected, receipted and reconciled for banking on a daily basis and there are no long standing debts awaiting collection.�

� Budget indications show that 2013/14 income would have a shortfall which will need to be addressed.

� All expenditure is approved by an authorised officer and is within budget.

� The registration and documentation of market traders is good and records management procedures are secure. The day to day operation of the market runs smoothly in line with Trading Standards requirements and Health and Safety legislation.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: March 2014

Action has been taken to implement all of the recommendations.

High

Community Safety Grants

� To confirm the scope of the grant scheme.

� To consider the accuracy of allocation of funding to local community groups.

� To review the monitoring and reporting arrangements.

� To establish whether awarded grants have been correctly utilised and whether proposed outcomes have been delivered.

Audit review of accounts to confirm the correct use of grants and to establish any resultant outcomes found that grants were being utilised to support the community�s safety and that, in some of the cases reviewed, there were measurable positive outcomes.

Two recommendations were raised:

� That clear financial records should be kept by the grant funded organisations.

� That a clear monitoring and reporting process should be adopted.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

Public Sector Equalities Duty

� To consider whether the Council satisfies its statutory and regulatory obligations in relation to the Equalities Act 2010 and �equality duty�.

� To verify that roles, responsibilities and accountabilities for the management, monitoring and reporting of Equalities are clearly defined.

� To establish whether the Council has fully incorporated the Public Sector Equality Duty into all relevant business activities e.g. decision making, policy setting, service planning, contract formulation, service delivery and recruitment.

� To consider whether there is adequate monitoring and reporting of equalities at the Council to ensure on-going compliance with the Duty.

The Council is satisfying its statutory obligations in respect of the Public Sector Equality Duty.�

� The Council should complete a self-assessment against the Local Government Equalities Framework to establish the current level of compliance and to agree an aspiration level of compliance to aim for and achieve.

� Managers need to be reminded that all equality impact assessments should be published on the Council�s website.

� A review is necessary for all recently awarded contract documents to ensure all contracts include an equalities clause as standard.

� All published marketing material produced by the Council needs to include a standard statement to inform customers that the information is available in alternative formats.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

Accounts Receivable� (Debtors)

� To ensure that accounts receivable are administered in compliance with the Council�s agreed policies and procedures.

� To determine the accuracy and timeliness over the raising of debtor accounts.

� To determine the accuracy and completeness of payments and reconciliation of the system.

� To establish whether the recovery process is followed, and recovery action is taken in accordance with agreed procedures.

� To establish whether write-offs are processed and authorised in compliance with the agreed write-off procedures.

Key recommendations were:

� To update the �Agresso � User Request Form� to include a section for the user to state the reason for requesting access to ensure access is appropriate.

� To update and circulate department procedures and guidance.

� To introduce reporting mechanisms that enable the level of write-offs against the debts to be monitored and reported.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

General Ledger: Feeder Systems

� To establish and evaluate the controls over the input of feeder systems into the general ledger.

� To verify that there is adequate segregation of duties between the payment processing, upload and reconciliation of the feeder systems.

� To determine if the suspense account is appropriately managed, monitored and balanced.

� To review the upload process between the feeder systems and Agresso to confirm the adequacy of security and access controls.

� To evaluate whether journal transfers between financial codes and the general ledger are accurate, fully documented and appropriately authorised.

� The report highlights a risk within the Finance team in relation to resilience. The team continues to face substantial changes to staff, and although procedure notes are in place and are up to date, the report highlights the need to address processes that are currently only able to be conducted by one or two officers, specifically the reconciliation of the Payroll.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: September 2014

All of the audit recommendations will be followed up in 2014/15

Property Income

� To verify that the Councils properties that generate income are fully and accurately accounted for on the Council�s asset management system.

� To validate the accuracy and completeness of the Council�s investment property records.

� To establish the accuracy of the lease, license and rental charges for the Parkwood Estate, small business units, and the sundry corporate properties (including lease and rent reviews).

� To review the controls in place for the collection and recovery of property income.

Key recommendations were:

� To implement procedure notes to support the property management process, including defining the roles and responsibilities of the various Council departments involved in the process.

� To carry out a data cleansing exercise prior to the leaseholder information being uploaded to the new system, and to ensure a consistent approach is applied to how the information is structured within the system.

� To consider the possibility of creating rent accounts for the Council�s general fund properties in order to provide more effective management and monitoring.

� A formal agreement/lease should be drafted for 1 Keepers Cottage as currently no agreement is held on file.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: September 2014

All of the audit recommendations will be followed up in 2014/15

Housing Grants

� To establish the process for the handling claims from application to completion of the works and payment and confirm that this process is as efficient as possible while ensuring the validity of the claim.

� To verify the level of award is correctly and accurately calculated in line with defined procedures through a sample of assessed applications.

� To verify the validity of grant claims and compliance with the conditions of the grant awarded through a sample of awarded grants.

� There are controls in place to ensure that grant awards are accurate, properly approved, and correctly processed and paid. The controls also safeguard the Council against fraud and error.

� However, there is little in the way of detailed and prescriptive written procedures in place. Given the small size of the team and the potential for change, it is important that procedures are in place to provide greater resilience.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: November 2014

All of the audit recommendations will be followed up in 2014/15

Commercial Waste Services

� To establish and evaluate the effectiveness and efficiency of the procedures in place to deliver Commercial Waste Services.

� To establish the accuracy of fees and charges for the Commercial Waste Service.

� To establish the financial controls in place for the collection and recovery of income.

� To determine the controls over the operating costs and expenditure for providing service.

� To establish the arrangements in place to monitor and report the performance of the commercial waste service.

Key recommendations were:

� To ensure that a consistent approach is applied to all aspects of the commercial waste service, including the application process, recording of customer information, completion of waste transfer agreements, and completion of the driver collection sheets.

� To ensure invoices are raised for all customers receiving the commercial waste service and that appropriate recovery action is being taken where required.

� To implement a mechanism to monitor the individual transactions coded to the commercial waste service to support and strengthen the budget control and monitoring records.

� To consider the possibility of creating a database to record and hold customer information for the commercial waste service.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q1 2014/15

All of the audit recommendations will be followed up in 2014/15

Business Rates: Valuation, Liability & Billing (MBC & TWBC)

� To confirm whether valuation, liability and billing procedures are in accordance with statutory requirements, and agreed procedures.

� To establish whether liability is correctly calculated after the application of reliefs and exemptions.

� To assess whether suitable reconciliations are undertaken after changes are made to the valuation list.

� To confirm the adequacy and effectiveness of the billing procedures.

Audit testing confirmed that the liability is being correctly calculated and reliefs and exemptions correctly applied.

� Both sites use different methods to notify the Valuation Office of changes which need to be made to the valuation list.�

� Instances were identified where insufficient documentary evidence or other records were maintained in support of the relief granted.� There is also no regular process at either Council to review the accounts awarded mandatory or discretionary reliefs to assess whether the rate payer still meets the relevant criteria.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: September 2014

All of the audit recommendations will be followed up in 2014/15

Treasury Management

� To establish the arrangements with the Council�s treasury management advisors, including roles, responsibilities and charges.

� To ensure that the Council�s treasury management activities are managed in compliance with agreed policies and procedures.

� To establish and evaluate the controls over the administration and management of treasury management transactions.

� To establish the arrangements in place to monitor and report the performance of the Council�s treasury management activities � in line with the Prudential Indicators.

Key recommendations were:

� To revise the controls in place to prevent the investment limit being exceeded.

� To review the Financial Procedures to ensure the timely reporting of treasury management activities.

� To review and update the Council�s Money Laundering Policy.

� To deliver treasury management training to Members.

� To ensure the availability of the Council�s treasury management strategy and related appendices on the website.

� To review and update the procedure notes in place to support the treasury management process.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: October 2014

All of the audit recommendations will be followed up in 2014/15

Accounts Payable

� To establish and document the Accounts Payable process to identify any changes to key controls since the previous audit.

� To test and verify the accuracy of the Accounts Payable master file using IDEA to analyse the data held on Agresso.

� To test and verify the accuracy of the Accounts Payable payments files using IDEA to analyse the data held on Agresso, ensuring payments to suppliers are in line with financial regulations and are supported by a matching invoice.

� We raised one medium priority recommendation as part of the audit regarding the substitution of authorising officers for those with a lower approval level. We identified one instance during the audit where a substituting officer authorised orders greater than their authorisation limit, therefore, being able to bypass the systems controls.

� We have also raised a low priority recommendation to ensure that the extract report provided during the audit, identifying possible duplicate supplier information, is reviewed and where necessary appropriate action taken to correct any errors.

Substantial

The Management response to the audit recommendations due: July 2014

All of the audit recommendations will be followed up in 2014/15

Council Health & Safety

� To establish and evaluate the procedures in place that enable compliance with legislation and the Council�s agreed Health and Safety policy.

� To establish the arrangements in place to promote and raise awareness of health and safety across the Council;

� To review the adequacy of the systems and processes in place to provide health and safety training to Managers and Officers.

� To establish the arrangements in place to monitor and report the performance of health and safety across the Council.

� Effective procedures exist to ensure the Council complies with health and safety legislation; and performance in regards to health and safety is monitored and reported on a regular basis.

� An updated programme of health and safety risk assessments was introduced in 2013, in line with the revised policy and guidance. At the time of the audit it was possible to test the assessment process, however, the inspection programme is yet to be implemented, and therefore could not be tested.

� We identified one area for improvement during the audit, to consider reinforcing procedures for accident and incident reporting.

Substantial

All of the recommendations were accepted and appropriate target implementation dates agreed.

Agreed follow-up: Q2 2014/15

All of the audit recommendations will be followed up in 2014/15

Waste Collection Payments

� To establish the roles and responsibilities for the administration of contract payments.

� To establish and review the processes in place within the Council for the processing, authorisation and payment of the monthly contract invoices, and any additional invoices for works outside of the standard contract fee.

� To review the adequacy of reconciliations of the holding account.

� To confirm that administration costs (applied by Maidstone) are being appropriately managed by the Council.

� The audit confirms that adequate processes are in place for the processing, authorisation and payment of the monthly contract invoices and non-core contract invoices to Biffa. All of the payments made against the invoices tested were correct, and had been processed in line with the agreed procedures.��

� We raised one medium priority recommendation in the report.� This relates to the time taken to pay invoices received from Biffa, as the audit identified six (out of 12) instances where core invoices were paid outside of the agreed terms, which could result in additional costs being incurred.�

Substantial

The Management response to the audit recommendations due: July 2014

All of the audit recommendations will be followed up in 2014/15

HR Shared Service: Recruitment (MBC & SBC)

� To establish compliance with the agreed Recruitment and Selection Policies and procedures.

� To review the controls in place to manage recruitment related expenditure.

� To review the support, guidance and training provided to recruiting officers.

� To establish compliance with the induction programme for newly recruited officers.

� We have raised two high priority recommendations, relating to the document management and retention arrangements for recruitment records which are currently in breach of the retention policy and the Data Protection guidelines.

� Control improvements are required to ensure that approval to recruit is sought prior to starting the recruitment campaign.

� At present the authorities have not been exposed to significant risk as a result of these breaches, principally because we are satisfied that knowledge of proper procedures and compliance within the service is good.�

Substantial

All but 1 of the recommendations was accepted.

Discussions are ongoing with the Manager with regards to the unaccepted recommendation.

Proposed follow-up: Q2 2014/15

All of the audit recommendations will be followed up in 2014/15

Council Tax: Recovery & Enforcement

To establish and evaluate whether:

� All recovery action taken follows agreed procedures and is supported by documentary evidence.

� Appropriate arrangements are in place with bailiffs for the recovery of council tax and referred cases are adequately monitored.

� Debt recovery targets are set and monitored and debts are only written off once agreed procedures have been followed.

� The recovery and enforcement procedures are in accordance with statutory requirements.

� We conclude that, for the sample testing undertaken as part of the audit that recovery action taken is appropriate and supported by adequate documentary evidence.� Appropriate arrangements are in place with the bailiff, although at the time of the audit the service was procuring new suppliers and revising processes accordingly.�

� We have raised 6 medium priority recommendations in the report.� These relate to the development of a debt recovery strategy, and the enhancement of monitoring arrangements and the team structure to ensure that debt recovery action is undertaken as effectively as possible.�

Substantial

The Management response to the audit recommendations due: July 2014

All of the audit recommendations will be followed up in 2014/15

Resident survey

Contact your Parish Council

We raised two high priority recommendations relating to concerns over the management and administration of the housing register. These include:

� Incomplete or missing evidence.

� To establish and document the Accounts Payable process to identify any changes to key controls since the previous audit.

� To test and verify the accuracy of the Accounts Payable master file using IDEA to analyse the data held on Agresso.

� To test and verify the accuracy of the Accounts Payable payments files using IDEA to analyse the data held on Agresso, ensuring payments to suppliers are in line with financial regulations and are supported by a matching invoice.

� To establish compliance with the agreed Recruitment and Selection Policies and procedures.

� To review the controls in place to manage recruitment related expenditure.

� To review the support, guidance and training provided to recruiting officers.

� To establish compliance with the induction programme for newly recruited officers.

� We have raised two high priority recommendations, relating to the document management and retention arrangements for recruitment records which are currently in breach of the retention policy and the Data Protection guidelines.

� Control improvements are required to ensure that approval to recruit is sought prior to starting the recruitment campaign.

� At present the authorities have not been exposed to significant risk as a result of these breaches, principally because we are satisfied that knowledge of proper procedures and compliance within the service is good.�

� All recovery action taken follows agreed procedures and is supported by documentary evidence.

� Appropriate arrangements are in place with bailiffs for the recovery of council tax and referred cases are adequately monitored.

� Debt recovery targets are set and monitored and debts are only written off once agreed procedures have been followed.

� The recovery and enforcement procedures are in accordance with statutory requirements.

� We have raised 6 medium priority recommendations in the report.� These relate to the development of a debt recovery strategy, and the enhancement of monitoring arrangements and the team structure to ensure that debt recovery action is undertaken as effectively as possible.�