Agenda and minutes

Audit, Risk and Governance Committee - Monday, 14th October, 2024 2.00 pm

Members of the public are welcome to attend our meetings to watch them in person at any of the venues across the County. Publicly accessible meetings held in County Hall will be webcast, which means they are available to be watched live or recorded on our website. Please see our webcasting notice here. The Committee may, in certain circumstances, resolve to hold part of the meeting in private. If this is the case, you will be required to leave the meeting.

Venue: Committee Room 'B' - The Diamond Jubilee Room, County Hall, Preston. View directions

Contact: Hannah Race 

Media

Items
No. Item

1.

Apologies

Minutes:

Apologies were received from County Councillor Noordad Aziz.

2.

Disclosure of Pecuniary and Non-Pecuniary Interests

Members are asked to consider any Pecuniary and Non-Pecuniary Interests they may have to disclose to the meeting in relation to matters under consideration on the Agenda.

Minutes:

None.

3.

Minutes of the Meeting held on 22 July 2024 pdf icon PDF 209 KB

To be confirmed and signed by the chair.

Minutes:

Resolved: That the minutes of the Audit, Risk and Governance Committee meeting held on 22 July 2024 be confirmed as an accurate record.

 

In relation to minute item 10, it was confirmed that a report on the LGA's improvement and assurance framework for local government would be presented at the committee's next meeting.

4.

Appointment of an Independent Co-opted Member pdf icon PDF 120 KB

Minutes:

The committee considered a report which set out the recommendation of the Audit, Risk and Governance Committee's Appointments Sub-Committee to appoint an independent co-opted member to the committee's membership, following the sub-committee's meetings held on 1 August, 17 September and 27 September 2024.

 

Resolved: That

 

i)  The outcome of the Appointments Sub-Committee's meetings held on 1 August, 17 September and 27 September 2024 be noted; and

 

ii)  The appointment of Mr Stephen Dunstan to the role of independent co-opted member on the Audit, Risk and Governance Committee be recommended to Full Council for approval.

5.

External Audit - Audit Progress Report and Sector Update pdf icon PDF 114 KB

Additional documents:

Minutes:

Stuart Basnett, Senior Audit Manager at Grant Thornton UK presented the Audit Progress Report and Sector Update as of September 2024.

 

In response to questions from members, it was clarified that:

 

·  The council's officers were in a regular conversation with the external auditors and covered Grant Thornton's five key questions relating to audit committee success as a matter of course. Nonetheless, the checklist served as a helpful reminder.

 

·  The dates introduced by government to end the local government audit backlog would not affect Grant Thornton's audit plan or reports to the committee; however, the 28 February 2025 backstop would require both the auditors and the council to stick closely to their project plans.

 

·  Following a review of governance, the council was in a good position to compare itself with the Code of Practice on Good Governance for Local Authority Statutory Officers. A report would be provided to the committee's next meeting on the current assurance level and to identify any further action.

 

Resolved: That the Audit Progress Report and Sector Update for September 2024 be noted.

6.

Internal Audit Charter pdf icon PDF 120 KB

Additional documents:

Minutes:

Andy Dalecki, Head of Internal Audit presented the Internal Audit Charter following its annual review.

 

It was noted that further updates to the Charter may be required following publication of the Chartered Institute of Public Finance and Accountancy's updated guidance for local authority auditors.

 

Resolved: That the Internal Audit Charter, as set out, be approved.

7.

Internal Audit Progress Report pdf icon PDF 117 KB

Additional documents:

Minutes:

Andy Dalecki, Head of Internal Audit presented an update on the Internal Audit Service's work and outcomes for 2024/25, for the period up to 23 September 2024.

 

It was noted that paragraph 4.2 of Appendix A should have set out that the number of incomplete management actions had reduced to 15, and there were no outstanding responses from management.

 

In relation to the audits which had received limited assurance, it was highlighted that the Internal Audit team were working with the relevant services to understand where improvements were needed.

 

In response to questions, members were informed that:

 

·  The Quality Assurance and Practice Improvement Framework was a system used within Adult Services to assess the practice of social workers and ensure continuous improvement. There was a risk that, without continuous improvement and implementing Internal Audit's recommendations, the service could fall behind best practice.

 

·  The audit of Discharge to Assess and Provider Payments was a big and complex piece of work, linked to capacity and a backlog of social care assessments. It was a priority for the council to resolve in order to limit the potential impact on care providers. Members' suggestion for improved transport capacity would be shared with the service as part of a holistic solution.

 

·  The high-risk outstanding action from 2021/22 related to the frequency of DBS checks for employees. The changes recommended by Internal Audit would require a policy change and would have an impact on employees and financially. People Services were working to resolve the outstanding matters by the end of the financial year. The committee's feedback and hope for a resolution by its next meeting, in January, would be taken into account.

 

Resolved: That

 

i)  The Internal Audit Progress Report be noted; and

 

ii)  The Internal Audit Service be thanked for their continued work and support.

8.

Local Member Grants Scheme - Update Report pdf icon PDF 140 KB

Minutes:

Josh Mynott, Head of Democratic Services presented an update on the Local Member Grants Scheme monitoring activity, following the annual report presented to the committee in April 2024.

 

Members were informed that where an organisation had not spent all or some of their grant money the council requested a refund. It was requested that information on the refund policy and process to return funds to a councillor's Local Member Grants budget be provided in the next annual report.

 

Resolved: That the Local Member Grants Scheme Update Report be noted.

9.

Corporate Risk and Opportunity Register - Quarterly Update pdf icon PDF 130 KB

Additional documents:

Minutes:

Heloise MacAndrew, Director of Law and Governance presented the updated Corporate Risk and Opportunity Register – Quarterly Update.

 

Resolved: That the updated Corporate Risk and Opportunity Register be approved.

10.

Urgent Business

An item of urgent business may only be considered under this heading where, by reason of special circumstances to be recorded in the Minutes, the Chair of the meeting is of the opinion that the item should be considered at the meeting as a matter of urgency.  Wherever possible, the Chief Executive should be given advance warning of any Member’s intention to raise a matter under this heading.

Minutes:

None.

11.

Date of Next Meeting

The next meeting of the committee will be held on Monday 27 January 2025 at 2.00 pm at County Hall, Preston.

Minutes:

It was noted that the next meeting of the Audit, Risk and Governance Committee would be held on Monday 27 January 2025 at 2.00 pm, at County Hall, Preston.

12.

Exclusion of Press and Public

The committee is asked to consider whether, under Section 100A(4) of the Local Government Act, 1972, it considers that the public should be excluded from the meeting during consideration of the following items of business on the grounds that there would be a likely disclosure of exempt information as defined in the appropriate paragraph of Part 1 of Schedule 12A to the Local Government Act, 1972, as indicated against the heading to the item.

 

Minutes:

Resolved: That the press and members of the public be excluded from the meeting during consideration of the following items of business on the grounds that there would be a likely disclosure of exempt information, as defined in the appropriate paragraph of Part I of Schedule 12A to the Local Government Act 1972.

 

It was considered that in all the circumstances, the public interest in maintaining the exemption outweighed the public interest in disclosing the information.

13.

Appendix 'C' to Item 9 - Corporate Risk and Opportunity Register - Quarterly Update

(Not for Publication – Exempt information as defined in Paragraphs 3 and 7 of Part 1 of Schedule 12A to the Local Government Act, 1972.  It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interests in disclosing the information).

Minutes:

(Not for Publication - Exempt information as defined in Paragraphs 3 and 7 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)

 

The committee considered the private and confidential Appendix C to Item 9 – Corporate Risk and Opportunity Register – Quarterly Update.

 

Resolved: That Appendix C to Item 9 – Corporate Risk and Opportunity Register – Quarterly Update, be noted.

 

14.

RIPA Policy and Annual Report

(Not for Publication – Exempt information as defined in Paragraph 7 of Part 1 of Schedule 12A to the Local Government Act, 1972.  It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interests in disclosing the information).

 

Minutes:

(Not for Publication - Exempt information as defined in Paragraph 7 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)

 

Chris Wilkinson, Trading Standards Manager presented the private and confidential RIPA Policy and Annual Report.

 

Resolved: That

 

i)  The Corporate Policy and Guidance on the Regulation of Investigatory Powers Act, the Shadow RIPA Surveillance Corporate Policy, and the Covert Social Networking Checks and Surveillance Policy, as set out, be approved; and

 

ii)  The use of the council's investigatory powers over the last year and the outcome of the review by the Investigatory Powers Commissioner's Office be noted.

15.

Data and Analytics Risks

(Not for Publication – Exempt information as defined in Paragraph 3 of Part 1 of Schedule 12A to the Local Government Act, 1972.  It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interests in disclosing the information).

Minutes:

(Not for Publication - Exempt information as defined in Paragraph 3 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)

 

Paul Sutcliffe, Head of Digital Business Engagement presented a private and confidential report on the risks associated with the council's use of data and analytics.

 

It was highlighted that future updates would be included in an annual report from the Senior Information Risk Owner (SIRO) due to be presented at the committee's meeting in March.

 

It was requested that the committee's feedback on the importance of these issues for councillors be shared with the Councillor Support Steering Group.

 

Resolved: That the report be noted.

16.

Oracle Fusion Lessons Learned

(Not for Publication – Exempt information as defined in Paragraph 3 of Part 1 of Schedule 12A to the Local Government Act, 1972.  It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interests in disclosing the information).

 

 

Minutes:

(Not for Publication - Exempt information as defined in Paragraph 3 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)

 

Peter Lloyd, Director of Digital presented a private and confidential report on the lessons learned from the council's implementation of Oracle Fusion.

 

It was requested that some additional information be provided to members after the meeting.

 

Resolved: That the report be noted.

17.

Cyber Security Incident

(Not for Publication – Exempt information as defined in Paragraphs 3 and 7 of Part 1 of Schedule 12A to the Local Government Act, 1972.  It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interests in disclosing the information).

Minutes:

(Not for Publication - Exempt information as defined in Paragraphs 3 and 7 of Part 1 of Schedule 12A to the Local Government Act, 1972. It is considered that in all the circumstances of the case the public interest in maintaining the exemption outweighs the public interest in disclosing the information.)

 

Carol Groom, Head of ICT Strategy and Assurance presented a private and confidential report on the cause, containment and remediation action relating to a cyber security incident faced by the council.

 

Resolved: That

 

i)  The report be noted; and

 

ii)  Digital Services be thanked for their commendable work and swift action to respond to the incident.