Contact your Parish Council

Issue - meetings

Internal Audit & Assurance Plan 2019/20

Meeting: 18/03/2019 - Audit, Governance and Standards Committee (Item 95)

95 Internal Audit & Assurance Plan 2019/20 pdf icon PDF 60 KB

Additional documents:


Mr Rich Clarke, Head of Audit Partnership, introduced his report setting out the proposed Plan for Mid-Kent Audit’s work at Maidstone Borough Council during 2019/20, including the proposed audit and assurance project work and assurance non-project work.  The report also set out the principles which would guide the External Quality Assessment of the Internal Audit Service, due before the end of 2019/20.


It was noted that:


·  The Public Sector Internal Audit Standards (the Standards) required an Audit Service to produce and publish a risk based Plan at least annually for approval by Members.  It was necessary to consider input from senior management and Members.


·  Although the Plan had been the subject of broad consultation with management, it had been compiled independently and without being subject to inappropriate influence.


·  The Internal Audit Team had just concluded the consultation phase of a planned restructure.  The aim was to have the new structure in place by 1 April 2019.  Currently there was a degree of doubt on the precise extent and arrangement of the Team, but it was likely that there would be 1,865 days available across the Partnership for 2019/20.  The total number of days was divided between the Partner authorities in the proportions set out in the collaboration agreement, which meant that 540 days were available for Maidstone.  The Head of Audit Partnership was of the view that the Partnership currently had sufficient resources to deliver the Plan and a robust Head of Audit Opinion.


In response to questions, Mr Clarke explained that:


·  In terms of risk and the impact of potential disruption due to Brexit and IT failure for various reasons on business continuity for the Internal Audit Team in particular, the Team was not as reliant on printed material as might be expected.  The Team’s main software was cloud based and members of the Team were used to travelling between the Partner authorities or working from home, but ultimately the Team was reliant on the information provided to it to deliver the work.  With regard to IT network security, cyber security had been a high priority risk for many years so IT Network Security was a high priority audit project in 2019/20 and would remain so. In addition, Business Continuity was a medium priority project in the Audit and Assurance Plan.


·  It was the intention to seek one External Quality Assessment across the whole Partnership rather than individual assessments for each authority.  It was considered that one assessment would provide reasonable conclusions for all four Partner authorities.


·  The results of the consultation and details of the new staff structure for Mid-Kent Audit would be reported to the Committee in July 2019 as part of the annual reporting.


During the discussion:


·  A Member drew attention to the risk that, notwithstanding the move to electronic payments, it might be necessary to continue to take cash payments due to concerns about the use of CCTV for staff safety and security reasons and the possibility of people’s personal details on payment cards being  ...  view the full minutes text for item 95