Agenda and minutes

Audit Committee
Friday, 30th November, 2018 10.45 am

Venue: LB 31 - Loxley House, Station Street, Nottingham, NG2 3NG. View directions

Contact: Catherine Ziane-Pryor  Email:

No. Item




Councillor Cheryl Barnard – other Council business.






MINUTES pdf icon PDF 229 KB

Of the meeting held on 28 September 2018 (for confirmation)


The minutes of the meeting held on 28 September 2018 were confirmed as a true record and signed by the Chair.



Report of the Director of Strategy and Policy and the Head of Analysis and Insight

Additional documents:


Elaine Fox, Corporate Policy and Performance Officer, presented the detailed report which informs the committee the outcome of the annual health check undertaken on the City Council’s significant partnerships.


Appendix 1 to the report identifies organisations considered as significant partnerships, appendix 2 provides the risk scoring for each organisation within different areas, appendix 3 provides the guidance and the health check question form, appendix 4 detailed recommendations for improvement for the Crime and Drugs Partnership and Midlands Engine, whilst appendix 5 provides verification schedule up to 2024.


The following points were highlighted and responses provided to committee members’ questions:


(a)  Every year organisations which are considered significant partners are requested to complete a governance survey which enables the City Council to identify the risk in being connected with each partnership. Partners are requested to rate their compliance has excellent (rating 1), good (rating 2), some key areas for improvement (rating 3), or many key weaknesses (rating 4), on a range of areas including finance, accountability and performance;


(b)  Last year there were 11 organisations considered as significant partners, but since the N2 Skills and Employment Board has ceased to operate, there are now only 10. This year’s survey includes an additional section with regard to GDPR at the request of the former Audit Committee Chair;


(c)  Where organisations rate themselves as 3 or 4, or are unable to assess the area requested, further information and/or a change in procedures may be requested. To ensure that rating interpretation is consistent, each organisation will undergo a full verification every 2 to 4 years;


(d)  The Green Nottingham Partnership is still developing some documents to which the ratings apply and was not able to wholly complete the survey but is due to be verified during 2019;


(e)  Nottingham City Safeguarding Children Board (NCSCB) had recognised concerns around future funding but is due to be replaced by a Strategic Management Board as of 1 April 2019;


(f)  Concerns have been raised with regard to the Crime and Drugs Partnership in that the decision-making structure of the organisation is not clear, particularly the role of the executive, and there is no formal recognition that the CDP does not meet the GDPR threshold for holding personal data and therefore does not have a specific GDPR policy. Whilst a risk log was maintained it had not been presented to the Board for formal recognition and there wasn’t a schedule for regular revision. However, all requests for supporting documents were thoroughly fulfilled and the response to the questionnaire was very thorough;


(g)  With regard to Midlands Engine, some documents were not provided despite repeated requests, a clear record of Board decision making and performance reporting could not be provided, the website did not provide access to basic governance documents and information, and whilst a risk register was discussed and monitored at Board meetings, when requested it was not provided. Recommendations were issued in response to all identified concerns;


(h)  In response to a member’s concerns that year after  ...  view the full minutes text for item 33.



Report of the Director of Legal and Governance


Paul Millward, Head of Resilience, presented the Annual Report of Health and Safety within the Council, and was accompanied by Vicky Cook, Corporate Safety Adviser.


It is the Resilience Team’s responsibility to write the corporate procedures and policies for departmental managers to follow to ensure a safe environment for citizens and colleagues. Following a review by Internal Audit, it was noted that there was no mechanism to inform councillors of health and safety within the council, so this report will be submitted annually to the Audit Committee.


The following points were highlighted and members’ questions responded to:


(a)  The internal audit found that there were several areas in which improvements were required, including:

o  demonstrating that managers are trained in health and safety within their service;

o  asbestos management by managers;

o  completion of corporate safety advice issued within the audit recommendations;

o  formal completion of investigations into accidents/ near misses/ violence;

The report provides an update on progress to address these points with the support of SLMG ensuring that non-compliance is highlighted;


(b)  299 service level audits have taken place and when non-compliance is found it is challenged at every relevant level and reported to the responsible Corporate Director. It is expected that once the corporate safety audit recommendations are met, managers will update the register. However, it is understood that whilst some service areas are compliant, the register has not been updated,  and therefore, that presents a risk to the Council;


(c)  In the past three years there have been two interventions by the Health and Safety Executive, as outlined in the report along with the cost implications. Previously the Health and Safety Executive (HSE) could investigate an incident without charging but  there is now a fee if it is required to ‘intervene’ and investigate an incident;


(d)  Asbestos is carefully monitored and mandatory training in place for any member of staff and managers who may come into contact with it;


(e)  Where an incident or near miss occurs it is investigated with a view to ensuring that such instances can be prevented in future. The investigation needs to be proportionate to the incident;


(f)  The Corporate Health Social and Welfare Panel is a consultation meeting with the joint trade unions where information around health and safety policies and procedures is shared with the joint objective of preventing or mitigating health and safety incidents;


(g)  With regard to stress and well-being, there are packages to help managers manage stress both personally and within the team and HR policies and procedures are in place for stress management. In addition the Occupational Health and Well-being Team are able to offer advice. Reported incidents of stress are closely monitored by Human Resources with regard to corporate health. It is recognised that where staff are absence from work due to stress, in addition to the human cost, there is a cost to the Council and, therefore, prevention will provide savings and benefit the wellbeing of staff;


(h)  It is understood that in  ...  view the full minutes text for item 34.



Report of Grant Thornton, to be presented by John Gregory, Director


John Gregory, Engagement Lead for the external auditors Grant Thornton, was welcomed to the meeting by the Chair and invited to present the ‘Audit Progress Report and Sector Update’.


The following points were highlighted and responses given to member’s questions:


(a)  Grant Thornton (GT)  currently audits 40% of all Local Authorities and associated bodies across the country;


(b)  John Gregory was previously involved in external audits by the Audit Commission of the City Council between 1997 and 2001, and will be assisted by Helen Lillington, both have gained a range of experience in working with Local Authorities and it is unlikely that there will be any significant changes to the collaborative working methods seen with the former External Auditors KPMG. The handover from KPMG is on track and John and Helen have already met the Chief Executive, Corporate Directors and the Chief Finance Officer and Head of Audit & Risk;


(c)  The format of the Grant Thornton report can be altered if the Committee prefer. A key area of focus will be on Private Finance Initiatives and the overall financial position of the City Council;


(d)  GT aims to provide collaborative support to help the City Council ensure that no undue risks are undertaken, whilst ensuring that citizens can be confident that all funds held by the Council can be demonstrated to be used and managed appropriately and recorded as such whilst demonstrating value for money;


(e)  Further to the comments raised during the Annual Health Check of Partnerships item, it is unusual for partnerships not to respond and it will be worth investigating if there is any CIPFA guidance on such issues;


(f)  Although councillors can raise any concerns with and ask questions of the Committee Chair, they are also welcome to approach John independently, however, any additional work would be subject to a further Grant Thornton fee. Previously citizens have approached the External Auditor to raise concerns as they have been unsure of who else to talk to;


RESOLVED to welcome John Gregory and note the report, and that as part of the external audit, Grant Thornton will review a series of potential indicators which may denote financial difficulties.




Report of the Strategic Director of Finance

Additional documents:


Shail Shah, Head of Audit and Risk, introduced the Half Yearly Report which provides assurance to the committee and citizens of the Council’s probity within a framework which gauges and responds to risk.


The following points were highlighted:


(a)  The Internal Audit Annual Plan is on track and an executive summary is provided as Appendix 1 to the report. Internal Audit has adequate resources to carry out the plan;


(b)  Councillor’s queries regarding their own experience of IT updates and whether this should be automated by IT will be raised with IT and a response provided to committee members;


(c)  There are cyber security risks linked to the launch of the new Oracle system and this has been discussed at the Information Compliance Board, where the majority of business relates to IT security. Simon Salmon, Head of IT, is also a cyber security specialist and trainer so the City Council is well served in this respect;


(d)  Council Tax systems are reviewed every year by Internal Audit, including the controls in place to prevent fraud. The Counter Fraud Team are involved in specific pro-active campaigns to identify fraud and error and enable rectification by the Revenues Service;


(e)  EMSS has processes in place to identify duplicate invoices so that they are not paid. Compliance with the corporate process will support this objective;


(f)  Capital accounting, although given limited assurance, continues to improve. Some recommendations from previous audits are still outstanding. One such recommendation relates to Capital Strategy, which could not be implemented because of the funding settlement provided by DCLG was on a year to year basis due to austerity measures;


The Chair requested that for future reports all outstanding high priority recommendations are reviewed and a detailed explanation provided by the client service.


With regard to the lack of a capital strategy with medium and long term views, a risk register must be created as a fundamental element of the City Council’s culture, reviewed and reported to managers on a regular basis. It is vital that managers and decision makers are fully aware of all responsibilities and so are able to plan ahead. Gateway reviews do not work to the extent necessary and further clarity is required.




(1)  to note the report;


(2)  that managers of areas which have outstanding recommendations following  internal audits are asked to provide an update in future reports on the implementation of those recommendations;


(3)  for the Head of Audit and Risk, to request the Head of IT contact Councillor Young with reference to IT security and updates;


(4)  at the request of the Chair, for a meeting between members of the committee and Capital Accountants be set up to discuss capital accounting and strategy.



Report of the Strategic Director of Finance


Additional documents:


Glyn Daykin, Senior Accountant in Treasury Management, presented the report which updates the Committee on the on the treasury management actions taken by the Chief Finance Officer in the first half of the financial year 2018/19 up to 30 September 2018.


A short presentation was delivered on the Treasury Risk Management Plan, a copy of which is circulated with the initial publication of the minutes.


The following points were highlighted and responses provided to members’ questions:


(a)  With regard to the debt portfolio, the balance of external debt has increased by £46.9m to £912.5m (excluding PFI), the long-term debt that was taken in the first 6 months was at an average rate of 2.31%;


(b)  The investment portfolio provided a yield of 0.59% which is broadly in line with market rates;


(c)  None of the Performance Indicator figures have been breached;


(d)  New CIPFA guidance has been issued which and the City Council will be able to meet as required during 2019/20;


(e)  There are 8 headline risks in the Risk Management Plan, with an overall rating of unlikely /minor, but with 3 rated as intermediate risks;


(f)  There is uncertainty around Brexit but this is closely monitored and controls and risk mitigations are in place and so is planned for as best it can be;


(g)  In February Audit Committee and the Executive Board will receive a report and be required to consider Treasury Management Strategy for the next financial year which will then need to be approved at the March 2019 Full Council meeting.




(1)  to note the report;


(2)  for the Treasury Management Risk Register to be linked to the fuller Risk Register which will be presented to the 22 February 2019 meeting of the Committee.



Report of Director of Strategic Finance

Additional documents:


RESOLVED to endorse the outline work programme and committee terms of reference.





Following the resolution of full Council on 12 November 2018, to note that an additional meeting of the Audit Committee will be held on 18 January 2019, at 1.30pm in LB31 to consider the review of service and project plans with regard to Brexit, and the status of Emergency Planning with regard to Brexit.



RESOLVED for an additional meeting of the Audit Committee to be held on 18 January at 1.30pm in Loxley House to consider the review of service and project plans with regard to Brexit, and the status of Emergency Planning with regard to Brexit.