Agenda and minutes

Minute of Meeting of the Audit and Scrutiny Committee held on 15 February 2017  to be approved and signed by the Chairman. (Copy attached.)

There had been circulated copies of the Minute of 15 February 2018.    

DECISION

APPROVED for signature by the Chairman. 

With reference to paragraph 3 of the Minute of 15 February 2018, Ms Stacey advised that prior to this meeting during the Informal Session, as agreed at the Audit and Scrutiny Committee meeting of 15 January 2018, Members had carried out a Self-Assessment using the Local Government Finance Overview Scrutiny Tool for Councillors.  The Informal Session had highlighted areas where further information was required, which would be addressed through future development sessions and briefings.  A note of the Self-Assessment was attached as Appendix A to this minute.

DECISION

NOTED

(a)        Completion of the Local Government Finance Overview Scrutiny Toolkit      Self-Assessment; and

(b)       A note of the Scrutiny Toolkit Local Government Finance Overview Self-      Assessment is attached as Appendix A to the minute.

Presentation by Chief Social Work Officer on the Strategic risk facing the Council and social care services and the internal controls and governance in place to manage/mitigate those risks to demonstrate how risk management is embedded within services. (Verbal presentation)

The Chairman welcomed Mr Murray Leys, Chief Social Work Officer, to the meeting.  Mr Leys was in attendance to give a presentation on the strategic risks affecting the social care service and the internal controls and governance in place to manage and mitigate those risks.  Mr Leys began by advising that the Social Work service cared for the most vulnerable people in the community.  His role as Chief Social Work Officer was to own strategic risks and ensure that there was an understanding of what the risks were and how these could be alleviated to achieve outcomes.  He highlighted the Corporate Risk Register which detailed that failure to protect adults and young people at risk might result in harm to them, and reputational damage to the Council and Integration Joint Board.    He explained that there were also Risk Registers in place for: Adult Protection Unit, Emergency Duty Team, Criminal Justice/Community Justice, Safer Communities, Mental Health, and Learning Disability Service.   Mr Leys referred to the social care landscape, the demographics of which had seen a significant increase in the number of people requiring care, with a reduction in the number of people delivering care.   He discussed the risks associated with funding pressures, difficulty recruiting and retaining experienced social workers, General Data Protection Regulations (GDPR), challenges of providing care in a rural area, and the integration of health and social care.  Mr Leys then referred to the risk associated with Strategic Commissioning and explained that as well as SB Cares, who provided 74% of care provision in the Scottish Borders, there were other external homecare providers, all of which had to be contract managed by the Council.

3.2       In terms of ongoing improvements and transformation of the service, Mr Leys was investigating new ways of working, for example, mobile working whereby services could be accessed through the Council’s website, self-assessment, telehealth, telecare and medication carousels.   Future strategies would include Personal Care for Under 65s, Dementia, and Physical Disabilities.

3.3       In response to questions, Mr Leys advised that he could apply to the Court for guardianship powers to support adults and young people at risk.   With regard to the amalgamation of Bordercare and East Lothian’s Emergency Duty Teams, Mr Leys explained that the existing Bordercare IT system was out of date and replacement would have had a significant cost implication, the new contract had mitigated this risk.  Mr Leys added that scripts had been put in place for staff to ensure they asked appropriate questions and he was confident that the new level of service would have an acceptable risk.  With regard to the risk associated with recruitment and retention of staff, Mr Leys acknowledged that there was a need for more carers and that vacancies often had to be filled by agency workers.    The Council worked closely with schools and Queen Margaret University to encourage young people to join the profession.  There was also ongoing dialogue with care providers regarding the increased funding they received being utilised for staffing and not organisational  ...  view the full minutes text for item 3.

Consider a report by Chief Officer Audit & Risk on findings from recent work carried out by Internal Audit, including the recommended audit actions agreed by management to improve internal controls and governance arrangements,  and internal audit work currently in progress. (Copy attached).

With reference to paragraph 7 of the Minute of 15 January 2018, there had been circulated copies of a report by the Chief Officer Audit and Risk providing details of the recent work carried out by Internal Audit and the recommended audit actions agreed by Management to improve internal controls and governance arrangements.   The work Internal Audit had carried out during the period 23 December 2017 to 23 February 2018 was detailed in the report attached to the Agenda.  During this period a total of five Final Internal Audit reports were issued. There were four recommendations made relating to two of the reports which had been accepted by Management for implementation. An Executive Summary of the final Internal Audit reports issued, including audit objective, findings, good practice, recommendations (where appropriate) and the Chief Officer Audit and Risk’s independent and objective opinion on the adequacy of the control environment and governance arrangements within each audit area, was included in Appendix 1 to the report.  The SBC Internal Audit function conformed to the professional standards as set out in Public Sector Internal Audit Standards (PSIAS) effective 1 April 2013 including the production of the report to communicate the results of the reviews.

4.2       Ms Stacey highlighted the Internal Audit Assurance Reports detailed in the Appendix to the report.  She advised that the recommendations in respect of Petty Cash and Emergency Funding improvement actions were progressing.   The recommendations regarding governance arrangements for CGI were noted and agreed by the Committee.     In response to questions, Mr Robertson clarified the arrangements in place for emergency financial support and confirmed that the Finance Business Continuity Plan would be updated.  With regard to ICT’s business continuity, corporate and operational vulnerability, he advised that CGI had carried out a review following the recent difficulties experienced with ICT’s remote working functionality.  CGI had advised that they were confident that there would be no further remote accessibility issues.  He further advised that the Head of ICT was an interim post and recruitment to the permanent, internal post was ongoing.   He went on to explain that CGI was the fifth largest ICT provider in the world; they had recently signed contracts with both Glasgow City Council and City of Edinburgh Council and were therefore fully committed to the public sector. 

            4.3       The Chairman, referring to the paragraph 7.3(b) of the minute of the meeting of 15           January 2018, requested an update on the possible amendment to the Scheme of   Administration to include Live Borders within the monitoring role of the Major Contracts       Governance Group.  He suggested that an action tracker be circulated for future meetings             and this was agreed.   

DECISION:

(a)        NOTED:

            (i)         the final assurance reports issued in the period from 23                                                December 2017 to 23 February 2018 associated with delivery of the                                   approved Internal Audit Annual Plan 2017/18;

            (ii)        the Internal Audit consultancy and other work undertaken in this                                period; and

            (iii)       the assurance provided on internal controls and governance                                       arrangements in place for the areas covered by  ...  view the full minutes text for item 4.

Consider overview report and plan by Audit Scotland on how they will deliver their external audit for Scottish Borders Council for the year ended 31 March 2018 (Copy attached).

There had been circulated copies of a report by Audit Scotland providing an overview of the planned scope and timing of the external audit of Scottish Borders Council which was carried out in accordance with the International Standards on Auditing Code of Audit Practice and other relevant guidance.  The Plan identified Audit Scotland’s work to provide an opinion on the financial statements and related matters and met the wider scope requirements of public sector audit, including the new approach to Best Value.    The wider scope of public audit contributed to conclusions on the appropriateness, effectiveness and impact of corporate governance, performance management arrangements and financial sustainability.  Ms Woolman, Audit Scotland, explained that a number of risks to the Council had been identified and that these had been categorised into either financial or wider dimension risks along with the planned audit work for each and were detailed in the report.  Ms Woolman went on to summarise the 2017/18 audit outputs, materiality values and referred to the financial statements timetable which took account of submission requirements and planned Audit and Scrutiny Committee dates.  Ms Woolman advised that the review of Internal Audit had concluded that the Internal Audit function operated in accordance with the Public Sector Internal Audit Standards and had sound documentation standards and reporting procedures in place.  Ms Woolman highlighted that their planned work for Scottish Borders Council this year would focus on the Council’s arrangements for demonstrating Best Value in Performance, Outcomes and Improvement. The results of this would be reported in the Annual Audit Report.   Mr Haseeb answered a question regarding Audit Scotland’s fee of £270,170, explaining that this equated to 350 to 400 working days per annum. The Chairman thanked Ms Woolman for the input from and advice given on behalf of Audit Scotland

DECISION

NOTED the report. 

Consider overview report and plan by Audit Scotland on how they will deliver their audit for Scottish Borders Pension Fund for the year ended 31 March 2018 including the options on the financial statements. (Copy attached).

There had been circulated copies of a report by Audit Scotland providing an overview of the planned scope and timing of the external audit of Scottish Borders Pension Fund which was carried out in accordance with the International Standards on Auditing Code of Audit Practice and other relevant guidance.  The Plan identified Audit Scotland’s work to provide an opinion on the financial statements and related matters and met the wider scope requirements of public sector audit.  The wider scope of public audit contributed to conclusions on the appropriateness, effectiveness and impact of corporate governance, performance management arrangements and financial sustainability.   Ms Woolman explained that a number of risks to the Scottish Borders Pension Fund had been identified and that these had been categorised into either financial or wider dimension risks along with the planned audit work for each and were detailed in the report.  Ms Woolman went on to summarise the 2017/18 audit outputs and advised that the Audit Scotland fee for 2017/18 in relation to the Scottish Borders Pension Fund was £19,990 whilst noting that a supplementary fee could be added as detailed in paragraph 8 of the report.  Materiality values and a financial statements timetable were detailed in the report, which took account of Audit and Scrutiny Committee dates.  Mr Robertson answered questions relating to the Pension Fund and advised that the final triannual actuarial valuation was awaited; however, the draft valuation was favourable reporting that the Scottish Borders Pension Fund was 114% funded and that contribution rates should remain at 18%.   The Chairman thanked Ms Woolman for the input from and advice given on behalf of Audit Scotland.

DECISION

NOTED the report.

Consider a report by Chief Officer Audit & Risk on the updated internal Audit Charter for approval that defines the terms of reference for the Internal Audit function to carry out its role and to enable the Chief Officer Audit & Risk to prepare an annual internal audit opinion on the adequacy of the Council’s overall control environment. (Copy attached)

There had been circulated copies of a report by the Chief Officer Audit and Risk providing the Committee with the updated Internal Audit Charter for approval.  The Charter defined the terms of reference for the Internal Audit function to carry out its role to enable the Chief Officer Audit and Risk to prepare an annual internal audit opinion on the adequacy of the Council’s overall control environment.   The definition of Internal Auditing within the Public Sector Internal Audit Standards (PSIAS) was “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”  In accordance with the PSIAS, the purpose, authority and responsibility of the Internal Audit activity must be formally defined in an Internal Audit Charter, consistent with the Definition of Internal Auditing, the Code of Ethics and the Standards. The Chief Officer Audit and Risk, as the Chief Audit Executive at Scottish Borders Council, must periodically review the Internal Audit Charter and present it to senior management (Corporate Management Team) and the board (Audit and Scrutiny Committee) for approval. The Internal Audit Charter was shown in Appendix 1 to the report and had been updated by the Chief Officer Audit and Risk in conformance with the PSIAS for approval by the Audit and Scrutiny Committee to ensure that Internal Audit was tasked to carry out its role in accordance with best Corporate Governance practice. In response to questions, Ms Stacey advised that Internal Audit had access to all records of the Council, Pension Fund, SB Cares and Integration Joint Board (IJB) as well as access to all financial information systems.  Internal Audit had recently carried out a review of Business World ERP system, developing process notes which had assisted with documenting system functionality.  Monthly meetings were also held with the Chief Financial Officer to discuss any potential financial risks. 

DECISION

AGREED the updated Internal Audit Charter as shown in Appendix 1 to the report attached to the agenda.

Consider a report by Chief Officer Audit & Risk on proposed strategic direction to deliver Internal Audit assurance and support services to the Council, the Pension Fund, SB Cares, and the Health and Social Care Integration Joint Board, and on proposed Internal Audit programme of work 2018/19 to enable preparation of the annual options on the adequacy of each organisation’s overall control environment.  (Copes attached).

There had been circulated a report by the Chief Officer Audit and Risk seeking approval to the proposed Internal Audit Strategy and Internal Audit Plan 2018/19 to enable the preparation of the annual opinions on the adequacy of the overall control environment for Scottish Borders Council, SB Cares, Scottish Borders Pension Fund, and Scottish Borders Health and Social Care Integration Joint Board.  Ms Stacey explained that the Internal Audit function followed the professional standards as set out in Public Sector Internal Audit Standards (PSIAS) effective 1 April 2013 (updated 2017) which required the establishment of risk based plans to determine the priorities of the Internal Audit activity and that these plans were sufficiently flexible to reflect the changing risks and priorities pertaining to each organisation.    The Internal Audit function also included the requirement to provide senior management and members with independent and objective assurance which was designed to add value and improve the organisation’s operation. In addition, the Chief Officer Audit and Risk was also required to prepare an Internal Audit annual opinion on the adequacy of the organisation’s overall control environment. The background to the Internal Audit Strategy was set out in Appendix 1 to the report.   Ms Stacey explained that the  Internal Audit Plan 2018/19, detailed in Appendix 2,  set out the range and breadth of audit areas and sufficient work within the audit programme of work to enable the Chief Officer Audit and Risk to prepare an Internal Audit annual opinion. Key components of the audit planning process included a clear understanding of the organisation’s functions, associated risks, and assurance framework. There were staff and other resources currently in place to achieve the Internal Audit Annual Plan 2018/19 and to meet its objectives. The Committee discussed the report and Ms Stacey clarified that the Council had agreed to pilot the shared service of the Chief Officer Audit and Risk post with Midlothian Council for one year.  Following which the pilot would be evaluated and a report presented to Council to determine whether to continue with the shared service.  In terms of resource, she advised that there had been a restructuring of the Council’s Internal Audit team and the appointment of a Principal Internal Auditor.  

DECISION     

AGREED

(a)        the Internal Audit Strategy as detailed in Appendix 1 to the report; and

(b)       the Internal Audit Annual Plan 2018/19 detailed in Appendix 2 to the report.