City of York Council (Logo)

Meeting:

Audit and Governance Committee

Meeting date:

31/07/2024

Report of:

Head of Internal Audit (Veritau)

Portfolio of:

Cllr Lomas

Executive Member for Finance, Performance, Major Projects, Human Rights, Equality and Inclusion


Audit and Governance Committee Report: Annual Report of the Head of Internal Audit and Counter Fraud Annual Report


Subject of Report

 

1.           This report includes the Annual Report of the Head of Internal Audit, which summarises internal audit work undertaken in 2023/24 and provides an opinion on the overall adequacy and effectiveness of the council’s framework of governance, risk management and control. An annual report summarising counter fraud activity and performance is also included.

 

Policy Basis

 

2.           The work of internal audit is governed by the Public Sector Internal Audit Standards (PSIAS) and the council’s audit charter. These require the Head of Internal Audit to bring an annual report to the Audit and Governance Committee. The report must include an opinion on the adequacy and effectiveness of the council’s framework of governance, risk management, and control.

3.           The Committee is also responsible for the overview and effectiveness of Counter Fraud arrangements.

 

 

 

Recommendation and Reasons

 

4.           The Audit and Governance Committee is asked to:

 

-      Note the results of internal audit and counter fraud work undertaken. 

 

Reason

 

To enable members to consider the implications of internal audit findings, and inform their assessment of the effectiveness of counter fraud arrangements.

 

-      Note the opinion of the Head of Internal Audit on the adequacy and effectiveness of the council’s framework of governance, risk management and internal control.

 

Reason

 

To enable members to consider the implications of internal audit findings.

 

-      Note the outcome of the Quality Assurance and Improvement Programme and the confirmation that the internal audit service conforms with Public Sector Internal Audit Standards.

 

Reason

 

To enable members to consider the implications of internal audit findings.

 

-      Note that no significant control weaknesses have been identified by internal audit during the year which are relevant to the preparation of the Annual Governance Statement.

 

Reason

 

To enable the Annual Governance Statement to be prepared.

 

 

Background

 

5.           To conform with professional standards and the council’s audit charter, the Head of Internal Audit must provide an opinion on the strength of the council’s framework of governance, risk management, and control. The annual opinion is a key source of independent assurance for the preparation of the council’s annual governance statement.

 

6.           The basis for the annual opinion is the body of internal audit work performed during 2023/24. A summary of internal audit work undertaken during the year, and relevant to the opinion, is contained in the Head of Internal Audit Annual Report 2023/24 (annex 1).

 

7.           In addition to providing an opinion, the Head of Internal Audit is also required to report on the outcomes of the internal audit service’s quality assurance and improvement programme (QAIP). This is to provide the committee with reassurance that work continues to be conform with the requirements of the PSIAS. Annex 1 provides details on Veritau’s QAIP and confirms its continued conformance to the PSIAS.

 

8.           Veritau provides a counter fraud service to the council. An annual report setting out counter fraud activity and performance is also included as part of this report and is included in annex 2.

 

 

Consultation Analysis

 

9.           Internal audit has provided input to the council’s annual governance statement based on internal audit and counter fraud work completed during 2023/24. However, no consultation was required in the preparation of this report. Annexes 1 and 2 detail the outcomes of work delivered independently by Veritau during 2023/24 in support of the council’s framework of governance, risk management, and control.

 

 

 

Risks and Mitigations

 

10.        The council will not comply with proper practice for internal audit if the results of internal audit work are not reported to senior management and the Audit and Governance Committee. This could result in external scrutiny and challenge.  

 

Contact details

 

For further information please contact the authors of this Report.

 

Author

 

Name:

Max Thomas

Job Title:

Head of Internal Audit

Service Area:

Veritau Limited

Telephone:

01904 552940

Report approved:

Yes

Date:

19/07/2024


Background papers

 

None.


Annexes

 

·        Annex 1: Head of Internal Audit Annual Report 2023/24

·        Annex 2: Counter Fraud Annual Report 2023/24

·        Exempt annex 3: Payroll control internal audit report

·        Exempt annex 4: Business continuity internal audit report

·        Exempt annex 5: Foster carer payments internal audit report

·        Exempt annex 6: Adult Education (York Learning) internal audit report

·        Exempt annex 7: NHS Data Security and Protection Toolkit internal audit report

·        Exempt annex 8: Agency staff internal audit report

·        Exempt annex 9: Project management internal audit report

·        Exempt annex 10: Absence management internal audit report

·        Exempt annex 11: Physical information security compliance internal audit report

·        Exempt annex 12: Physical information security compliance detailed findings