Agenda and draft minutes

There had been circulated copies of the Minute of the Meeting held on 13 February 2023.

DECISION

AGREED to approve the Minute for signature by the Chair.

Consider update on Audit Committee actions.  (To follow.)

2.1       There had been circulated copies of the Audit Committee Action Tracker which was presented by the Chief Officer Audit and Risk.

2.2       With reference to paragraph 7 of the Minute of the Meeting of Audit and Scrutiny Committee held on 22 November 2021, progress on Internal Audit Actions relating to the Business Continuity Framework were discussed at Audit Committee meeting on 13 February 2023. This item would remain on Audit Committee Action Tracker pending completion by Management of the two remaining Internal Audit actions.

2.3       With reference to paragraph 13 of the Minute of the Meeting of Audit and Scrutiny Committee held on 27 June 2022, two development sessions had taken place on 2 March and 6 March 2023 to carry out the annual Audit Committee self-assessment.  One of the items had been deferred until Audit Committee had the opportunity to consider the Internal Audit and External Audit Plans. This concluded the Development Sessions 2022-23. The Chair’s Report would then come to Audit Committee on 10 May 2023 along with 2 self-evaluations appended to the document.  Members’ self-evaluation would inform the next round of development sessions.

2.4       With reference to paragraph 3 of the Minute of the Meeting held on 12 September 2022, an update on progress on the Internal Audit action related to budgetary control on Learning Disability Service (LDS), an update has not been submitted to Council Management Team due to annual leave and this item had been deferred to Audit Committee on 10 May 2023.

2.5       With reference to paragraph 4.4 of the Minute of the Meeting held on 23 November 2022, an update on Best Value Action Plan formed part of the agenda for the meeting and was due to be marked as complete by the Committee.

2.6       With reference to paragraph 2 of the Minute of the Meeting held on 13 February 2023, a schedule of further Audit Committee Development Sessions for 2023-24 was in progress to be presented for approval at the 10 May 2023 meeting of Audit Committee.

2.7       In discussion of the Audit Committee Action Tracker, the Chief Officer Audit and Risk advised that action on SB Contracts was an action arising from an External Audit report and it was the responsibility of directors to follow-up on action.  The Director Infrastructure and Environment advised that work was taking place with finance officers and an update would be submitted to the Committee in due course.

DECISION

NOTED progress on the action tracker.

Consider presentation on corporate risks by Director Infrastructure and Environment.

3.1       The Chair introduced Director Infrastructure and Environment to give a presentation on corporate risks in the Infrastructure and Environment Service.  A slide pack had been circulated from the Director Infrastructure and Environment which included a breakdown of risks across the service.  The Director Infrastructure and Environment answered questions from Members based on the content of the presentation.  With regards to the risk that revenue budgets not being included in the revenue costs of projects once they had been completed, this had been identified as a key risk where there was ongoing work.  External resource was sought to establish a Programme Management Office (PMO) to focus on the way projects were established.  The PMO was due to be established by the end of March 2023.  Work was also undertaken which would focus on the development of project business cases.  With regards to revenue implications of projects, the Director Infrastructure and Environment advised the risk was in a better position where a finance working group was established to liaise with projects to review financial implications.  Dashboard reporting was due to be established to support the production of reports on projects and their financing.  Revenue implications had always been part of project initiation; however work was being undertaken to improve the position of the project finance risk.

3.2       It was explained that a Chief Officer Estates had not been advertised yet.  The position would capture work on property management, property and estates maintenance, architects and facilities management.  With regards to the progress of sales of land and property, the Director Infrastructure and Environment advised that consideration should be given to priorities with regards to the disposal of assets depending on the asset due to be sold.  Focus was given to assets that were higher risk to the organisation, particularly in consideration of the capacity of officers.  The Chief Executive advised that sales of parcels of land usually took place under delegated authority; however progress on sales normally took time where assets were of higher profile and required investment to be brought into productive use.  Place Making also formed part of considerations in the selling of assets to ensure there was a positive impact on a particular settlement.  After references to the United Kingdom’s exit of the European Union was highlighted by Members, the Director Infrastructure and Environment assured the Committee that the risk register was reviewed along with the Corporate Risk Officer and that the description of the relevant risk would be updated.  The Chief Officer Audit and Risk informed Members that second line monitoring would take place to address mitigation actions with assigned owners to assure Members that risk mitigation took place that underpinned the slide deck presented to the Committee.  Members responded that while the verbal update was welcome, written confirmation of actions having took place would assure the Committee.  The Director Infrastructure and Environment advised that he would be happy to bring back an update to the Committee on changes to the Environment and Infrastructure risks following the work  ...  view the full minutes text for item 3.

Consider update by Director People Performance and Change.  (Copy attached.)

4.1       With reference to paragraph 4.4 of the Minute of the Meeting held on 23 November 2022, the Chair invited Mr Jason McDonald, Senior Manager Business Strategy and Resources and Ms Maggie Cripps, Function Manager - Performance & Improvement to deliver a presentation on External Audit Best Value recommendations.  To address the 7 improvement recommendations made, a 40-point action plan had been made.  It was advised that the work on Best Value audit recommendations was ready to be closed off while ongoing oversight of performance could be made.  Mr McDonald gave an overview of the key audit recommendations and provided examples of work that had been undertaken for each area.  Mr McDonald explained that the Covid-19 pandemic affected how partnership working could take place; however an example was provided of the creation of a Future Strategy Group to provide direction and oversee strategic developments.  The pandemic also provided an opportunity for how staff consultation and engagement took place, and a comprehensive employee survey had been undertaken.  With regards to continual professional development of Elected Members, Mr McDonald advised that a training suite for Elected Members had been established on SBLearn.  With regards to Progress on Identified Outstanding Actions, 39 of 40 actions had now been completed and a questionnaire for Elected Members to highlight gaps in knowledge for training was deferred as it was felt that this would be more appropriate to take place after about a year for Members to understand what gaps in knowledge and training they wished to address.  It was intended for the survey to take place in June 2023.  Mr McDonald advised that with the completion of the final action that focus can shift to developing improvement in the future.  Ms Cripps summarised next steps for embedding performance management across SBC.  It was summarised that to achieve best possible outcomes for the public, Audit Scotland could expect work to assure good governance, effective resource management and a focus on improvement.

4.2       In discussion of the presentation Members enquired about the membership of the Future Strategy Group and the nature of its meetings.  The Chief Executive advised that the Corporate Policy Advisor was leading work on the development of the Future Strategy policy and that the Future Strategy Group contained a number of officers from Scottish Borders Council and NHS Borders, including the Chief Officer Scottish Borders Health and Social Care Partnership.  It was clarified the Group was an officers group which supported the strategy development work of the Integration Joint Board.  Mr McDonald advised he would circulate the membership of the Future Strategy Group for Committee Members.  The Chair thanked officers that worked on the Best Value audit recommendations work through the Covid-19 pandemic.

DECISION

(a)       NOTED the update;

(b)       AGREED:

(i)        To remove the Best Value audit actions from the Audit Committee Action Tracker; and,

(ii)       That membership of the Future Strategy Group would be circulated to Committee Members.

Consider report by Chief Officer Audit and Risk.  (Copy attached.)

With reference to paragraph 7 of the Minute of the Meeting held on 12 December 2022, there had been circulated copies of a report by Chief Officer Audit and Risk that provided an update to the Audit Committee on the results of the Follow-Up Review which included a sample check on the adequacy of new internal controls for Internal Audit Recommendations marked as completed by Management in the period January to December 2022.  Internal Audit was an independent appraisal function established for the review of the internal control system as a service to Scottish Borders Council which objectively examined, evaluated and reported on the adequacy of internal control as a contribution to the proper, economic, efficient and effective use of resources and the management of risk.  The Internal Audit activity added value to the organisation (and its stakeholders) when it considered strategies, objectives, and risks; strived to offer ways to enhance governance, risk management and control processes (by way of making audit recommendations); and objectively provided relevant assurance.  The Remit of the Audit Committee included the Audit function to consider “all matters relating to the implementation of recommendations contained within internal audit reports”, as part of its high level oversight of the framework of internal control, risk management and governance within the Council.  The Chief Officer Audit and Risk presented the report and advised that from the 7 recommendations tested, all were found to have been completed satisfactorily.  The evidence that was provided by Management indicated that the Audit recommendations had been implemented satisfactorily and the action taken had the desired outcome of improving internal control and governance, and reducing risk which provided assurance of evidence-based continuous improvement.  A further update on progress with the implementation of Internal Audit recommendations would be included within the Internal Audit Annual Assurance Report 2022-23 for Scottish Borders Council, which was scheduled for presentation to the Audit Committee in May 2023.

DECISION

NOTED:

(a)       the results of the spot check on Internal Audit recommendations that had been marked as completed by Management in the period January to December 2022 to improve internal controls and governance, and mitigate risks;

(b)       satisfaction with the outcomes; and,

(c)       that Internal Audit would continue to monitor the completion of recommendations and would provide update reports to this Committee.

Consider report by Chief Executive.  (Copy attached.)

With reference to paragraph 9 of the Minute of the Meeting of Audit and Scrutiny Committee held on 27 June 2022, there had been circulated copies of a report by Chief Executive that proposed that the Audit Committee considered the revisions to the Council’s Local Code of Corporate Governance and recommend it for approval by full Council.  The report provided the Audit Committee with the opportunity to scrutinise the updated Local Code of Corporate Governance for Scottish Borders Council and recommend it for Council approval, to assist with the 2022-23 annual assurance process.  Scottish Borders Council (SBC) was responsible for ensuring that its business was conducted in accordance with the law and proper standards, and that public money was safeguarded and properly accounted for, and used economically, efficiently and effectively.  The SBC Local Code of Corporate Governance, which was consistent with the principles and recommendations of the CIPFA/SOLACE Framework ‘Delivering Good Governance in Local Government’ and the supporting guidance notes for Scottish authorities (2016), was previously revised and approved by Council on 28 June 2018.  The SBC Local Code of Corporate Governance had been updated by the officer Governance Self-Assessment Working Group, on behalf of the Council Management Team (CMT).  The updated SBC Local Code of Corporate Governance (Appendix 1) would require approval by Council to ensure this key document continued to be relevant and complete to reflect the appropriate framework for effective governance of the Council’s affairs and facilitate the exercise of its functions to deliver best value.  The Chief Officer Audit and Risk advised that the document was underpinned by detail that supported performance management and that a balance needed to be made in including detail that didn’t make the document too large.  It was further advised that the document wouldn’t normally be used specifically as part of the induction process for new staff along with normal induction items including training materials, corporate policies and IT sign-ins, and that there would be a number of sub-elements of pertinent policies would feature as part of staff induction which included the employee code of conduct.

DECISION

(a)       NOTED

(i)        the changes outlined in the report;

(ii)       the updated Local Code will be used for the 2022/23 annual assurance process; and,

(b)       AGREED to RECOMMEND to Council for approval of the updated Local Code of Corporate Governance (Appendix 1).

Consider audit plan from Audit Scotland for Scottish Borders Council.  (To follow.)

7.1       There had been circulated copies of the Annual External Audit Plan 2022-23 prepared by Audit Scotland.  The Annual Audit Plan summarised the work plan for the 2022-23 external audit of Scottish Borders Council.  Ms Stephanie Harold, Audit Scotland summarised the report in place of Mr John Boyd who was not able to attend the meeting.  The main elements of the work included:

·                evaluation of the key controls within the main accounting systems;

·                an audit of Scottish Borders Council, and provision of an Independent Auditor’s Report covering Scottish Borders Council and its group;

·                an audit opinion on regularity and other statutory information published within the annual accounts including the Management Commentary, the Governance Statement and the Remuneration and Staff Report;

·                consideration of arrangements in relation to wider scope areas: financial management; financial sustainability; vision, leadership and governance; and use of resources to improve outcomes;

·                consideration of Best Value arrangements;

·                providing assurance on the Housing Benefit Subsidy Claim, Non-Domestic Rates Return and the Whole of Government Accounts (WGA) return; and,

·                review Scottish Borders Council’s arrangements for preparing and publishing statutory performance information.

7.2       Members discussed the report and enquired about the audit fee structure.  Ms Harold confirmed that the audit fee for 2021-22 was £293,310.  With regards to Contributions to Performance and Best Value, Ms Harold advised this covered Best Value Work, work on climate change, thematic review and also the annual review reviewed by the Accounts Commission.  The audit fee was broken down into components and in previous years there had always been contributions to Best Value Work that hadn’t previously been highlighted as part of the fee.  The Chair expressed concern that an increase of 12.5% on the audit fee was significant and enquired what had brought about the increase.  Ms Harold advised that she would send to the Chair detail on what Contributions to Audit Scotland Costs covered.  It was explained that the Sectoral Cap ensured that the percentage increases in fees that all Councils received were equitable.  Ms Harold further advised that more information on the Sectoral Cap could also be shared with the Committee.  The Chair stressed it was important for the Committee to understand what was delivered for the fee charged.  Ms Harold agreed to provide information on the fees and advised that Audit Scotland had tried to mitigate the increase of fees charged.

DECISION

(a)       NOTED the report; and,

(b)       AGREED that Audit Scotland would provide an update to the committee concerning the breakdown of the audit fee particularly in respect of;

(i)        Background to Contribution to Audit Scotland costs;

(ii)       Background to Contribution to Performance and Best Value; and,

(iii)      Background to Sectoral Cap Adjustment.

Consider audit plan by Audit Scotland for SBC Pension Fund.  (Copy attached.)

8.1       There had been circulated copies of the Scottish Borders Council Pension Fund Annual Audit Plan 2022-23 prepared by Audit Scotland.  The Annual Audit Plan for the SBC Pension Fund summarised the work plan for the external audit of Scottish Borders Council Pension Fund. Ms Stephanie Harold summarised the report and advised the Plan would be presented to the Pension Fund Committee.  The main elements of the work included:

·                evaluation of the key controls within the main accounting systems;

·                an audit of the annual accounts and the provision of an Independent Auditor's Report;

·                an opinion on statutory information published in the annual accounts, comprising the Management Commentary, the Annual Governance Statement and the Governance Compliance Statement; and,

·                consideration of arrangements in relation to wider scope areas: financial management; financial sustainability; vision, leadership and governance; and use of resources to improve outcomes.

8.2       The Chair enquired for information on the Contribution to Audit Scotland costs.  Ms Harold advised that the reduction in the Sectoral Gap Adjustment assured that the increase in the audit fee did not go above 12.5%.

DECISION

(a)       NOTED the report,

(b)       AGREED that Audit Scotland would provide an update to the committee concerning the breakdown of the audit fee particularly in respect of;

(i)        Background to Contribution to Audit Scotland costs; and,

(ii)       Background to Sectoral Cap Adjustment.

Consider report by Chief Officer Audit and Risk.  (Copy attached.)

9.1       There had been circulated copies of a report by Chief Officer Audit and Risk that provided the Audit Committee with the updated Internal Audit Charter for approval that defined the terms of reference for the Internal Audit function to carry out its role to enable the Chief Audit Executive to prepare the annual Internal Audit opinions on the adequacy of each organisation’s overall control environment.  The definition of Internal Auditing within the Public Sector Internal Audit Standards (PSIAS) was “Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.”  In accordance with the PSIAS, the purpose, authority and responsibility of the Internal Audit activity had to be formally defined in an Internal Audit Charter, consistent with the Definition of Internal Auditing, the Code of Ethics and the Standards.  The Chief Audit Executive had to periodically review the Internal Audit Charter and present it to senior management (Council Management Team) and the board (Audit Committee) for approval.  The Internal Audit Charter had been updated by the Chief Audit Executive (SBC’s Chief Officer Audit & Risk) and the Principal Internal Auditor in conformance with the PSIAS.  The Internal Audit Charter was shown in Appendix 1 of the report for approval by the Audit Committee to ensure that Internal Audit was tasked to carry out its role in accordance with best Corporate Governance practice.

9.2       The summary of the changes reflected the following:

·         Amendments to the Scheme of Administration approved by Council in August 2022 to establish a separate Audit Committee with audit and risk functions;

·         The renaming of the Council Management Team, the interim changes in Chief Officers in place of the Director Finance and Corporate Governance, and the associated change in the CAE’s line management arrangements;

·         Specific references to the provision of Internal Audit services to the Pension Fund and the Health and Social Care Integration Joint Board, in addition to Scottish Borders Council;

·         Specific details on the composition of the Internal Audit staff resources within the ‘Audit Resources and Work Prioritisation’ section to ensure clarity and transparency within the Internal Audit Charter; and,

·         Explicit reference within the ‘Non-Audit Activities’ section relating to Management’s responsibilities in systematically identifying and managing risks and in tackling fraud (supported by the Chief Officer Audit & Risk), to ensure consistency with that stated in the Council’s Risk Management Policy and Counter Fraud Policy respectively.

DECISION

(a)       NOTED:

(i)        the changes to the Internal Audit Charter outlined in section 4 of the report in conformance with PSIAS;

(ii)       that the Internal Audit Charter will be reviewed annually; and

(b)       AGREED to approve the updated Internal Audit Charter, as shown in Appendix 1 to the report.

Consider report by Chief Officer Audit and Risk.  (Copy attached.)

10.1     There had been circulated copies of a report by Chief Officer Audit and Risk that sought to gain approval to the proposed Internal Audit Strategy and Internal Audit Annual Plan 2023-24 to enable the Chief Audit Executive to prepare annual opinions on the adequacy of the overall control environment for Scottish Borders Council, Scottish Borders Pension Fund, and Scottish Borders Health and Social Care Integration Joint Board.  A fundamental role of the Council’s Internal Audit function was to provide senior management and members with independent and objective assurance which is designed to add value and improve the organisation’s operations.  In addition, the Chief Audit Executive (CAE) was also required to prepare an Internal Audit annual opinion on the adequacy of the organisation’s overall control environment.  The Internal Audit Strategy at Appendix 1 of the report outlined the strategic direction for how Internal Audit would achieve its objectives, which were set out in the Internal Audit Charter, in conformance with PSIAS.  It guided the Internal Audit function in delivering high quality Internal Audit services to Scottish Borders Council (SBC), Scottish Borders Council Pension Fund (SBCPF), and Scottish Borders Health and Social Care Integration Joint Board (SBIJB).  The Internal Audit Annual Plan 2023-24 at Appendix 2 of the report had been developed by the Chief Officer Audit & Risk (CAE) and the Principal Internal Auditor.  It set out the range and breadth of audit activity and sufficient work within the audit programme of work to enable the CAE to prepare an Internal Audit annual opinions for SBC, SBCPF, and SBIJB.  Separate Internal Audit Annual Plans 2023-24 for the SBCPF and SBIJB would be presented to their respective board/audit committee for approval.  Key components of the audit planning process included a clear understanding of each organisation’s functions, associated risks, and assurance framework.

10.2     The Chief Officer Audit and Risk summarised the report and answered Members questions.  With regards to risk appetite and tolerance, Internal Audit had an obligation to provide an opinion on how well SBC risk management arrangements were defined and operated as part of the annual assurance opinion.  The rollout of the Risk Appetite Toolkit was still being progressed.  Comment wouldn’t normally be made by Internal Audit on what the risk appetite would be; however good practice elements would be assessed.  The Chief Executive explained that risk appetite varied across 137 high-level Council services, and that the Risk Appetite Toolkit provided additional guidance to Management by defining acceptable levels of risk in relation to different risk categories of a local authority.  With regards to cyber security, the Chief Executive advised that CGI was responsible for 24/7 cyber threat monitoring and for setting in place appropriate arrangements and that SBC were accredited by the UK Government in terms of security of data transfer and retention.  Furthermore, CGI had been asked to assess further steps that could be taken in terms of IT security and internal process such as password security and staff activity.

DECISION

AGREED to:

(a)       Endorse the Internal Audit staff  ...  view the full minutes text for item 10.