Internal Audit Work2014/15 to August 2014 · Internal Audit Work2014/15 to August 2014 Report by Chief Officer Audit & Risk Audit Committee 23 September 2014 ... workshops and user

Audit Committee 23 September 2014 1

ITEM 11

Internal Audit Work 2014/15 to August 2014

Report by Chief Officer Audit & Risk

Audit Committee

23 September 2014

1 PURPOSE AND SUMMARY

1.1 The purpose of this report is to provide the Audit Committee withdetails of:

(a) the recent work carried out by Internal Audit and therecommended audit actions agreed by Management toimprove internal controls and governance arrangements,and

(b) internal audit work currently in progress.

1.2 The Internal Audit Annual Plan 2014/15 was approved by the AuditCommittee on 10 March 2014. The work Internal Audit has carried out inthe period from 1 April to 29 August 2014 is detailed in this report. Duringthis period a total of 13 final internal audit reports have been issued. Therewere 12 recommendations made (0 Priority 1 High Risk, 7 Priority 2Medium Risk, and 5 Priority 3 Low Risk) specific to 5 of the reports.Management have agreed to implement the recommendations in all casesto improve internal controls and governance arrangements. The reportgoes on to detail current work in progress to deliver the Internal AuditAnnual Plan 2014/15 and other productive work relevant to the InternalAudit function fulfilling its remit as set out in its approved Charter.

1.3 An executive summary of the final internal audit reports issued, includingaudit objective, findings, good practice, recommendations and the ChiefOfficer Audit & Risk’s independent and objective opinion on the adequacy ofthe control environment and governance arrangements within each auditarea, is shown in Appendix 1.

2 RECOMMENDATION

2.1 I recommend that the Audit Committee:

a) notes the final reports issued in the period from 1 April to 29August 2014, and

b) acknowledges that it is satisfied with the recommendedaudit actions agreed by Management to improve internalcontrols and governance arrangements.


3 PROGRESS REPORT

3.1 The Internal Audit Annual Plan 2014/15 was approved by the AuditCommittee on 10 March 2014. Internal Audit has carried out the followingwork in the period 1 April to 29 August 2014 to deliver the plan.

3.2 Audit Reports

Internal Audit issued final internal audit reports on the following subjects:

Community Services – Sports Trusts (ALEOs)

Proposed transfer of Cultural Services to a Trust (ALEO)

Community Planning, Joint Working and Partnership

HR Shared Services

Early Years

Development Management Fees

Building Standards – Emergency Works

Proposed transfer of Adult Care Services to an LLP (ALEO)

Carbon Management Programme

Road Asset Management

Fleet Management

Waste & Recycling Services

Safer Communities Pathway Project Grant Funding Compliance

3.3 An executive summary of each final internal audit report including auditobjective, findings, good practice, recommendations and the Chief OfficerAudit & Risk’s independent and objective opinion on the adequacy of thecontrol environment and governance arrangements within each audit area,is shown in Appendix 1 to this report.

The definitions for Internal Audit assurance categories are as follows:

Level ofAssurance

Definition

Comprehensiveassurance

Sound risk, control, and governance systems are inplace. These should be effective in mitigating risks tothe achievement of objectives. Some improvements ina few, relatively minor, areas may be required.

Substantialassurance

Largely satisfactory risk, control, and governancesystems are in place. There is, however, some scopefor improvement as current arrangements couldundermine the achievement of objectives or leavethem vulnerable to error or misuse.

Limitedassurance

Risk, control, and governance systems have somesatisfactory aspects. There are, however, somesignificant weaknesses likely to undermine theachievement of objectives and leave them vulnerableto an unacceptable risk of error or misuse.

No assurance The systems for risk, control, and governance areineffectively designed and operated. Objectives are notbeing achieved and the risk of serious error or misuseis unacceptable. Significant improvements arerequired.


3.4 Current Work in Progress

Internal Audit work in progress to deliver the Internal Audit Annual Plan2014/15 consists of the following:

Audit Area Audit Stage

Overtime Draft report issued

European Fisheries Fund – Grant FundingCompliance

Draft report issued

Homecare Fieldwork nearly completedLEADER – Grant Funding Compliance Fieldwork nearly completedPerformance Management Fieldwork underwayFlood Protection Fieldwork underwayIncome Charging, Billing & Collection Fieldwork underwayProcurement to Payment - ContractMonitoring

Audit Assignment approved

Communications Audit Assignment approvedCriminal Justice Audit Assignment approved

3.5 Other Productive Work

Internal Audit have been involved in the following to meet its aims andobjectives, and its roles and responsibilities in accordance with theapproved Internal Audit Charter:

Internal Auditors are attending relevant seminars, developmentworkshops and user groups, and feedback to colleagues as relevant.Attendance at Scottish Local Authorities Chief Internal Auditors Group(SLACIAG) meetings. The Chief Officer Audit & Risk is currentlyChairman of this internal audit forum.Offering advice on internal controls and governance to managers onrequest and a number of clients are proactively engaging internal auditin consultancy work as the Council’s continues to transform its servicesReviewing outstanding and overdue audit recommendations to ensuremanagement action that has been taken has had the desired effect inimproving internal controls and governance and is reflected in thecorporate performance systems for reporting purposes. The standardfollow-up process has a particular focus on Priority 1 and 2recommendations and those audit recommendations arising fromprevious years that have not yet been implemented.Internal Audit has been leading, assisting and liaising in fraudinvestigations where appropriate and requested by management, andoffering advice on improvements to fraud prevention controls anddetection processes put in place by management.

3.6 Recommendations in reports are suggested changes to existing proceduresor processes, to improve the controls or to introduce controls where noneexist. The grading of each recommendation reflects our risk assessment ofnon-implementation, being the product of the likelihood of the riskmaterialising and its impact. The gradings are:

a) Priority 1: Significant weaknesses in existing controls, leaving theCouncil or Service open to error, fraud, financial loss or reputationaldamage, where the risk is sufficiently high to require immediate action andto be included in the relevant risk register and for the matter to bereported in the relevant Assurance Statement on Internal Control andGovernance;


b) Priority 2: Substantial weaknesses in existing controls, leaving theCouncil or Service open to high risk of error, fraud, financial loss orreputational damage requiring reasonably urgent action;

c) Priority 3: Moderate weaknesses in existing controls, leaving theCouncil or Service open to medium risk of error, fraud, financial loss orreputational damage requiring action to improve the efficiency,effectiveness and economy of operations or which otherwise require to bebrought to the attention of senior management;

d) Other: Minor administrative weaknesses posing little risk of error, fraud,financial loss or reputational damage.

The action plans in audit reports address only recommendations ratedSignificant, Substantial or Moderate. Outwith the audit report, weinform local management about Minor matters.

3.7 Recommendations2014/15 Number ofRecommendations

Reported this periodPriority 1 0Priority 2 7Priority 3 5Total reported this period 12Previously reported 0Total 0

Recommendations agreed with action plan 12Not agreed; risk accepted 0Total 12

4. SCOTTISH LOCAL AUTHORITIES’ CHIEF INTERNAL AUDITORS’GROUP (SLACIAG) ANNUAL REPORT 2013/14

4.1 Scottish Local Authorities Chief Internal Auditors Group (SLACIAG) is theprofessional networking group for Heads of Internal Audit from eachScottish Local Authority and Strathclyde Partnership for Transport. It is aSpecial Interest Group of CIPFA Scotland. The vision of the group is to bethe voice of Internal Audit across Scottish local authorities and a drivingforce for best practice in respect of Local Authority Internal Audit,governance, and operations. It achieves this by meeting to discuss issuesof common concern, commissioning work to develop ideas, sharing goodpractice, working in partnership with other professions/governing bodiesand promoting SLACIAG as the representative body for internal audit inpublic authorities.

4.2 In support of that vision SLACIAG has four key objectives, namely:

to raise its profile with key stakeholders and to be recognised as thelogical, respected, and essential source of opinion on governance, risk,and control within Scottish Local Government;

to identify areas of Internal Audit work where a pan-Scotland or inter-Authority approach will bring benefits to our people, clients, andstakeholders;

to consider the development and training needs of our people; and

to seek statutory recognition for the role of Internal Audit in Scotland.

4.3 In particular, the Audit Committee may wish to note that:


the Group considers training needs and organises training for itsmembers - economies of scale make this a cost effective way ofundertaking training;

working groups are set up to consider matters of interest such asperformance management for internal audit;

sub-groups are set up to deliver specific remits, for example, theComputer Audit Sub Group meets three times per annum and acts as aforum which has the aim of furthering the practice of technicalInformation Systems auditing across member Authorities; and

a representative of the Group is a member of the Internal AuditStandards Advisory Board (IASAB), the group set up by the CharteredInstitute of Public Finance & Accountancy (CIPFA) and the CharteredInstitute of Internal Auditors (CIIA) to develop pan public sectorinternal audit standards, including the Public Sector Internal AuditStandards (PSIAS) introduced on 1 April 2013.

4.4 Each year, SLACIAG produces an Annual Report highlighting achievementsand ongoing workstreams and a copy of the report for 2013/14 is attachedat Appendix 2 for information. As set out in the report, 2013/14 was asuccessful year for SLACIAG with the ongoing implementation of the‘Leadership, Quality, and Performance’ Action Plan, and the complementarydevelopment focus of the 2-day Conference.

4.5 During 2014 SLACIAG as part of its role to share good practice across itsmembers will continue to support all its members to meet the mandatoryrequirements of the PSIAS in particular through the development of thepeer review External Quality Assessment arrangements.

4.6 Scottish Borders Council has a significant role in the work and success ofthe Group, as the Chief Officer Audit & Risk has been a member of theGroup’s Management Committee for a number of years and since June2014 has been fulfilling the role of Chairman of SLACIAG (previously ViceChairman since July 2011 and Secretary of the Group for four years prior),the Internal Audit Manager regularly attends events, and a Senior InternalAuditor is a member of the Computer Audit Sub-Group. The whole InternalAudit team were invited to the 2-day Conference 2013 in Dundee whichprovided cost effective learning and development for the team due to thetop quality line up of presenters.

4.7 In summary, SLACIAG acts as an effective forum for the dissemination ofbest practice within internal audit in local government. It is important thatthe Audit Committee acknowledges the benefits to Scottish Borders CouncilInternal Audit function arising from its participation in this national forum.

5 IMPLICATIONS

5.1 Financial

(a) It is anticipated that cost efficiencies will arise as a direct result ofManagement implementing some of the recommendations made byInternal Audit during this period.

(b) SLACIAG will levy an annual fee of £75 for 2014/15 (same as in2013/14) to cover meeting and other expenses. This is consideredgood value given the benefits received and is accommodated withinexisting budgets.

5.2 Risk and Mitigations

(a) Internal Audit provides assurance to management and the AuditCommittee on the effectiveness of internal controls and governance


within the Council. The Internal Audit Annual Plan 2014/15 has beendeveloped using a risk-based approach which includes the use of theRisk Registers within Covalent as the basis of the audit coverage andconsultation with appropriate stakeholders on the audit coverage.This will ensure that the Internal Audit plan continues to reflect thekey risks facing the organisation.

(b) If audit recommendations are not implemented, there is a greaterrisk of financial loss and/or reduced operational efficiency andeffectiveness, and management may not be able to demonstrateimprovement in internal control and governance arrangements.

(c) No environmental risks arise as a direct result of this report.

5.3 Equalities

(a) It is anticipated there will be no adverse impact due to race,disability, gender, age, sexual orientation or religious/belief arisingfrom the work contained in this report.

5.4 Acting Sustainably

(a) There are no direct economic, social or environmental issues withthis report.

5.5 Carbon Management

(a) There are no direct carbon emissions impacts as a result of thisreport.

5.6 Rural Proofing

(a) This report does not relate to new or amended policy or strategy andas a result rural proofing is not an applicable consideration.

5.7 Changes to Scheme of Administration or Scheme of Delegation

(a) No changes to the Scheme of Administration or Scheme ofDelegation are required as a result of this report.

6 CONSULTATION

6.1 The Corporate Management Team has been consulted on this report andany comments received have been taken into account.

6.2 The Chief Financial Officer, the Monitoring Officer, the Chief Legal Officer,the Service Director Strategy and Policy, the Chief Officer HR, the ServiceDirector Capital Projects and the Clerk to the Council have been consultedand any comments received have been incorporated into the report.

Approved by

Jill Stacey, Chief Officer Audit & Risk Signature …………………………………..

Author(s)Name Designation and Contact NumberJill Stacey Chief Officer Audit & Risk Tel 01835 825036James Collin Internal Audit Manager Tel 01835 824000 Ext 5232

Background Papers: Appropriate Internal Audit files


Previous Minute Reference: Audit Committee 10 March 2014

Note – You can get this document on tape, in Braille, large print and variouscomputer formats by contacting the address below. James Collin, Chief Executive’sDepartment, can also give information on other language translations as well asproviding additional copies.

Contact us at James Collin, Chief Executive’s Department [email protected]


APPENDIX 1

Report Summary of key findings and recommendations Recommendations Status1 2 3

Subject: Sports Trusts (ALEOs)

No: 034/020

Date issued: 16 September2014

Risk category: High

Level of Assurance: SubstantialAssurance

The purpose of the review was to assess whether there areadequate controls in place over contract monitoringarrangements with the sports trusts.

Borders Sport and Leisure Trust (BSLT); Jedburgh LeisureFacilities Trust (JLFT) and Berwickshire Recreation EducationSports Trust (BREST) have been established for the purpose ofdelivery of the sports services and management of leisurefacilities in the Scottish Borders. The initial element of servicetransfer was completed a number of years ago and the secondphase was completed in 2012.

The financial commitment for 2013/14 was: BSLT £2.443M(management fee), JLFT £124k (management fee), BREST £58k(grant). Further financial contributions are made to help withfacility renewal and improvement £250k BSLT and £30k betweenJLFT and BREST per annum.

The following areas of good practice were identified: Agreementsare in place with trusts; Leases covering buildings and facilitiesare in place; regular Budget Monitoring takes place; Informationrelating to the financial standing and performance of the trusts isreceived; SBC is represented on the BSLT and JLFT boards byelected members who are fully briefed with regard to their roleson those bodies; and Admissions data is collected and recorded.

Since our previous audit April 2013: the audit recommendationon Sports Trusts KPIs monitoring and reporting has not beenfully implemented; the Strategic Group-PASPE Forum (PhysicalActivity, Sport and Physical Education Strategy) has beensuspended, previously noted as an effective forum for measuringand reporting on shared actions and strategies; and No formalperformance reporting is presented to Corporate ManagementTeam or elected members. In the absence of these it is not clearthat the Council is able to evidence that it is securing value formoney in the provision of these services.

0 3 0 Formalmanagementresponsesreceived fromCorporateTransformation &Services Directorand ChiefFinancial Officer

Management haveagreed toimplement therecommendationsand progress hasalready beenmade with this.



Subject: Sports Trusts (ALEOs)

Cont’dWhile the ALEO was responsible for services, the Councilremained responsible for the public funding it gave to the ALEOand the quality of services the ALEO provided.

Internal Audit considers that the level of assurance we are ableto give is substantial, largely satisfactory risk, control, andgovernance systems are in place in respect of clarity on reasonsfor delivering services through Sports Trusts, of the Council’sunderstanding of its financial commitment and risk exposure, andof clarity on elected member roles on boards. There are,however, some substantial weaknesses relating to thearrangements for monitoring the financial and serviceperformance of the Sports Trusts likely to undermine theachievement of objectives.

We have made the following recommendations:KPI’s should be agreed with BSLT and a process for monitoringand reporting performance measures established. (P2)Responsibility for monitoring the financial standing andperformance of all sports trusts should be assigned to asuitably qualified individual. (P2)Governance and reporting arrangements should beestablished to ensure that the ongoing achievement ofstrategic outcomes is measured and reported to demonstratethat the strategic priorities of the Council and the sports trustsare aligned through ongoing service delivery. (P2)

These recommendations are designed to enhance governancearrangements as they relate to “Q4: How effective are theCouncil’s arrangements for monitoring the financial and serviceperformance of ALEOs, maintaining accountability and forensuring audit access” in connection with External Audit’s(KPMG) targeted follow-up report on the Council’s arrangementsas they relate to the Accounts Commission report Arm’s-LengthExternal Organisations: Are you getting it right? which waspresented to Audit Committee on 24 June 2014.



Subject: Proposed transfer ofCultural Services to a Trust(ALEO)

No: 034/555/001


Consultancy

The purpose of the review was to gain an understanding ofgovernance, and project management arrangements relating tothe proposed trust, including the assessment of financialviability.

A report was presented to Council on 27 February 2014 whichoutlined the options appraisal which had been undertaken on thefuture management of some of the Council’s cultural services.The paper recommended the transfer, in principle, of theseservices to a trust. A further report was presented to Council on26 June 2014 which gave a further update including theconsultation process, the scope of the transfer and the proposedtimetable. We note that the detailed business case remainsoutstanding and a draft will be brought back to Council inOctober 2014.

The following good practice was found:There is evidence that the proposals to change thearrangements for the provision of cultural services have beensubject to a thorough process of consultation with key usersand stakeholders including meetings with Community CentreManagement Committees, briefings to area forums,consultation with service users, trades unions and staff, andengagement with elected members.There is a thorough approach to project management,including risk management, through the deployment ofprocesses to manage the project in line with Council policy.Project management have reviewed the guidance from theAccounts Commission issued in 2011 – How Councils Work: animprovement series for councillors and officers – Arm’s lengthexternal organisations (ALEOs): are you getting it right?) andare using the toolkit included in that document in designinggovernance and scrutiny processes relating to the project.

0 0 0 Formalmanagementresponsesreceived fromCorporateTransformation &Services Director

Management haveagreed the reportfindings.

Internal Audit willcarry out furtherwork during thenext phase of theproject andproduce a reportaccordingly.



Subject: Proposed transfer ofCultural Services to a Trust

(cont’d)

While not making specific recommendations, we offer thefollowing comments by way of emphasis and to document thekey issues which will require management consideration as theproject progresses. Management are generally aware of thesematters and have them in hand.

The requirement for Elected Members to undertake training intheir roles as trustees of the charity, and their legalresponsibilities as directors of a charitable company.An appropriate performance management framework inrelation to the trust to be prepared and specified in theagreement between the Council and the Trust. It is importantto ensure that the framework includes these three elements:the initial specification and agreement of relevant performancemeasures; monitoring mechanism of performance measures;periodic reporting of the performance measures to a Councilcommittee for scrutinising and assessing the efficacy ofdelivery arrangements.The business case to set out in more detail the nature of theincome generating opportunities the Trust will seek to exploit.A protocol for the regular exchange and scrutiny of financialinformation to be developed to fulfil the requirement tomonitor the financial standing of the trust, including itsliquidity and profitability, and plans for raising additionalinvestment and seeking further efficiencies in service delivery.There may be some merit in preparing estimated costings andexamining funding scenarios in relation to two areas (anywithdrawal or amendment to the concession in favour ofregistered charities which mandates relief of 80% of the ratescharge; and repairs and maintenance of Cultural Services’facilities). There is a significant risk to the viability of theproposals if there are significant unfunded costs which havenot been quantified.



Subject: Community Planning,Joint Working & Partnerships

No: 050/006


Risk category: High


The purpose of the review was to confirm that robust systemsand procedures are in place to assist the Council deliver aneffective, consistent and integrated approach to work with andcommunicate to the community in setting, delivering andreporting on its vision, priorities and plans; taking advantage ofdelivering services through joint working and partnerships;controls are in place to ensure funds are used effectively andeconomically.The scope of the audit was a review of the action plan agreed bythe Council in response to the Accounts Commission report onthe Community Planning Partnership issued on 20 March 2013.The scope of the audit was limited to those areas of the actionplan which are assigned to the Council itself. Where we haveincluded comments relating to implementation of parts of theaction plan by other partners, we have relied on informationcontained in the updated action plan from June 2014.We found that, in general, good progress has been made againsteach element of the improvement plan. Where actions have notyet been completed, the partnership has a clear understanding ofdependencies on other processes and has made a realisticappraisal of timescales for completion.Audit Scotland wrote to the Leader of the Council on 21 July2014, giving feedback on a recent visit. In the letter, AuditScotland comment that they “…were encouraged to see theprogress made by the CPP against its improvement agenda”, andthat “…it is clear that the CPP is taking action to address all ofthe areas in its improvement agenda”. Audit Scotland areplanning a formal follow up audit visit in 2015/16.

Internal Audit considers that the level of assurance we are ableto give is substantial. Largely satisfactory risk, control, andgovernance systems are in place. There is, however, some scopefor improvement as current arrangements could undermine theachievement of objectives.

0 0 0 Formalmanagementresponsesreceived fromService DirectorStrategy & Policy.




Subject: HR Shared Services

No: 079/008


Risk category: Medium

Level of Assurance:Comprehensive Assurance

The purpose of the review was to ensure there are adequatecontrols in place to deliver efficient and effective administrationprocedures including completeness and accuracy of overtimepayments, use of HR system Resourcelink functionality forreporting, and filling a vacant position.

HR Shared Services arrange the payments being made on receiptof forms authorised by Line Managers and complete random testchecks on payment calculations and authorisation.

Exception reporting is in the planning stage within HR SharedServices with a target of being implemented by the end of thisfinancial year.

There are good processes in place regarding vacancy filling,although the timeliness is dependent on manager’s availabilityfor sifting applications and interviewing. A new software packagehas been implemented and is working effectively.

Quarterly management reports are produced for CMT providinginformation on Overtime, Extra Hours, and Mileage Information,whilst PRD Completion and Absences are provided monthly.

Internal Audit considers that the level of assurance we are ableto give is comprehensive. Sound risk, control, and governancesystems are in place. These should be effective in mitigatingrisks to the achievement of objectives. Some improvements in afew, relatively minor, areas may be required.

0 0 0 Formalmanagementresponsesreceived fromChief Officer HR.




Subject: Early Years

No: 126/005

Date issued: 27 August 2014



The purpose of the review was to assess whether adequatecontrols are in place to ensure provision of childcare and learningservices via Council-run facilities and third parties is efficient andeffective to meet early intervention objectives.

The Early Years service runs 45 school nurseries providing 1,674places for three and four year olds. 7 nursery classes alsooperate wraparound care for 27 children per day. There is also a1 full day nursery catering for 17 children including 6 places for 3and 4 year olds. A further 785 places are commissioned through32 private and voluntary nurseries. The base budget of theservice for 2014/15 was £5.965m.

We identified the following areas of good practice in themanagement of the Early Years review:

The review of the provision of the Early Years service withinthe Council, including the increase in the provision for 3 and4 year olds to 600 hours per year, is being managed in linewith principles of good project governance and Councilpolicy, including the review of options for the future runningof the service, and the identification of stakeholders andconsideration of their interests;Risk is managed in line with good practice;The financial consequences of the proposed service changeshave been assessed and considered by the Project Board.

We note that contractual arrangements with third party providerswill be reviewed in the light of the revised legislation as reportedto Executive Committee and Council in June 2014.

Internal Audit considers that the level of assurance we are ableto give is comprehensive. Sound risk, control, and governancesystems are in place. These should be effective in mitigatingrisks to the achievement of objectives. Some improvements in afew, relatively minor, areas may be required. We made norecommendations.

0 0 0 Formalmanagementresponsesreceived fromChief OfficerStrategy & PolicyDevelopmentChildren & YoungPeople.




Subject: DevelopmentManagement Fees

No: 150/007

Rescheduled from 2013/14

Date issued: 22 July 2014



The purpose of the review was to assess whether adequatecontrols are in place over income and expenditure and use ofresources in respect of Development Management fees whichhave been affected by the economic downturn and other externalfactors.

The 2013/14 Outturn was £725k for development managementfees income compared to Base Budget £948k and RevisedBudget £764k. The 2014/15 Base Budget is £948k. Whilst thereis evidence of effective budgetary control in year, the setting ofunrealistic base budgets adds to the financial risk at the start ofeach year.

We found effective controls in operation in the following areas:There are detailed procedural notes on the registrationprocess to the Uniform system.Applications are validated before the application is consideredand the applicant informed of the decision.Lodging fees charged are in accordance with the publishedscale of charges and legislation.Performance of the Service is routinely monitored andreported to Management and elected members.

Internal Audit considers that the level of assurance we are ableto give is substantial. Largely satisfactory risk, control, andgovernance systems are in place. There is, however, some scopefor improvement as current arrangements could undermine theachievement of objectives or leave them vulnerable to error ormisuse.

We have made the following recommendations:

All fee income should be banked immediately after theapplications have been validated. (P2)

Fee income budget assumptions should be realistic and basedon trend analysis and anticipated growth or reduction. (P2)

0 2 0 Formalmanagementresponsesreceived fromService DirectorRegulatoryServices.

Management haveaccepted thereport findingsand agreed toimplement therecommendations



Subject: Building Standards –Emergency Works

No: 153/004

Date issued: 18 July 2014



The purpose of the review was to ensure adequate controls are inplace for emergency works income and expenditure includingcredit control responsibilities.

Where a building poses a danger to members of the public theCouncil has a duty under the Building (Scotland) Act 2003 toeither immediately carry out (Section 29 cases), or urgentlycarry out (Section 30 cases), the work necessary to remove thatdanger (including demolishing the building). In respect of urgentaction, the owner(s) must first be notified by serving a noticeunder Section 30 allowing the opportunity to carry out thenecessary work. If this fails, the Council will take action and willreclaim the costs and expenses from the owner(s).

In the period 1 January 2013 to 28 May 2014 a total of 71Section 29 and Section 30 cases were recorded in the Uniformsystem.

There are robust procedures in place to ensure that all dueamounts are recovered, unbilled work is kept under review, andinvoices are raised when appropriate. The holding codes at thetime of our audit have balances totalling £125k. In recent yearsimprovements have been made to the processes for assessingand providing for non recoverability of unbilled expenditure.


We have made the following recommendation:

Management should enhance existing reportingarrangements to include key aspects of performance inrespect of S29 and S30 enforcement. (P3)

0 0 1 Formalmanagementresponsesreceived fromService DirectorRegulatoryServices.

Management haveaccepted thereport findingsand have agreedto implement therecommendation.



Subject: Proposed transfer ofSocial Work Adult Services to anLLP (ALEO)

No: 179/555/003


Consultancy

The purpose of the review was to assess the preparation andanalysis for the potential transfer of social work directly providedadult care services from the Council to an Arm’s Length ExternalOrganisation (ALEO), and to inform how the Council will establishand maintain governance and accountability for finance,performance and delivery of services, and the dynamicrelationship with Council back-office services.

An options appraisal was presented to the Council on 30 January2014 where it was agreed that a full business case be completedto progress the recommended option of a Local Authority TradingCompany (LATC) or Limited Liability Partnership (LLP). Abusiness case was presented to Council on 26 June 2014recommending the LLP vehicle as the preferred option. A furtherreport is due to be presented to Council in October 2014.

Best practice guidance is included in Accounts Commission’sreport on “Arm’s-length external organisations (ALEOs): are yougetting it right?” which was referred to in the report to Council on26 June 2014. A key message from the section “Getting it rightfrom the start” states that “Any decisions to use an ALEO todeliver services should involve an appraisal of the optionsavailable and a sound business case, using expert advice whennecessary.”

At the Council this has been demonstrated by the following:During the course of its development the Consultants preparingthe options appraisal and the business case have undertakenpresentations at which senior officers and elected membershave been present. The presentations led to multiple revisionsof the business case as observations have been made andassumptions challenged.Furthermore there has been challenge by elected membersand officers on how the ALEO would meet the Council'spriorities and benefit the community, and about governancearrangements.

0 0 0 Formalmanagementresponsesreceived fromChief Social WorkOfficer


Internal Audit willcarry out furtherwork during thenext phase of theproject toconsider allremainingelements of theaudit scope andproduce a reportaccordingly. Wewill also assessthe projectmanagementmethodology toensure adherenceto Councilstandards.



Subject: Proposed transfer ofSocial Work Adult Services to anLLP (ALEO)

(cont’d)

To date, there has been detailed scrutiny of the business caseon the financial aspects of the ALEO and this is wheresignificant challenge has been directed. Finance and SocialWork officers have looked into the reasonableness ofassumptions which underpin the finance aspects of thebusiness case. They concluded that the assumptions madewere reasonable and that the ALEO is financially viable. It isintended that a more detailed financial plan, which willinclude the impact on support services, will be developed inthe second phase which is progressing in preparation for theALEO going live in April 2015.

The best practice guidance was used to support the businesscase development in particular around the rationale for theALEO.

A key message from the best practice guidance section “Settingthe Scene” states that “Where appropriate, ALEOs can offer thepotential for reduced costs, new sources of income and greaterflexibility. However, there may also be increased risks.” At theCouncil this has been demonstrated by the following:

The strategic risks and mitigation actions were identified inthe business case and also in the report to Council on 26 June2014 ensuring that the Council is aware of the risks of theALEO option on services and communities, the employees andthe Council.

Management have assured us that the Accounts Commissionbest practice guidance, complete with checklists, will continue tobe utilised by officers to ensure that the next steps for the ALEOare founded on: strong and effective governance, scrutiny andfinancial arrangements; clarity of roles and responsibilities;operational risk management and mitigation, and appropriateperformance monitoring and reporting.



Subject: Carbon ManagementProgramme

No: 202/007


Risk category: Low


The review was undertaken as part of the requirement under theCarbon Reduction Commitment Energy Efficiency Scheme (CRC)to carry out an annual audit. The purpose of the review was toensure that robust governance is in place to meet obligations onenergy efficiency including, but not limited to, the CarbonManagement Programme and the Carbon ReductionCommitment.

The Carbon Reduction Commitment (CRC) Scheme is mandatorywith the aim to reduce the amount of carbon dioxide (CO2)emitted in the UK and improve energy efficiency. The Council isobliged to participate in CRC, which means it has to monitor itsemissions and purchase allowances based upon each tonne ofCO2 emitted. The CRC Energy Efficiency Scheme Order 2010recommends that regular audits of the records are carried out toensure compliance with the CRC scheme and that an AuditCertificate is signed off by a nominated Senior Director.

We note that the 2013/14 annual submission has beencompleted and reported to Department of Energy and ClimateChange (DECC) by the end of July 2014 deadline. No allowancesare being purchased this year. The annual Audit Certificate willbe issued as necessary. Management action has been taken toaddress a previously identified weakness in that PerformanceManagement Reports on Energy Consumption in an Annual andQuarterly format have been prepared for Senior Managers andElected members.

Internal Audit considers that the level of assurance we are ableto give is comprehensive. Sound risk, control, and governancesystems are in place. These should be effective in mitigatingrisks to the achievement of objectives.

We have made no recommendations.

0 0 0 Formalmanagementresponsesreceived fromService DirectorCommercialServices.




Subject: Roads AssetManagement

No: 203/007


Risk category: High


The purpose of the review was to ensure there is a structuredframework for roads asset management to demonstrate efficientand effective use of resources in the delivery of the approvedapproach.

Effective practices are in operation in the following areas:The Council has developed, albeit not completely, a RoadAsset Management Policy Statement and Road AssetManagement Plan 2013-2018, based upon the Society ofChief Officers involved in Transportation in Scotland (SCOTS)Road Asset Management Planning Ramp#2 RecommendedPractices, which were approved in April 2014.Road Safety Inspectors are highly experienced andappropriately qualified to undertake inspections to acceptablestandards.

A Road Asset Management Plan (RAMP) defines the strategy,policies and operational standards for managing and maintainingthe Council’s roads asset. Audit Scotland place great emphasis inensuring all Councils have an operational RAMP in place in thereport ‘Maintaining Scotland’s Roads’ February 2009 and inFollow Up reports in February 2011 and May 2013. Progress hasbeen made recently by the Council though Managementrecognise that this is still an area for further development.

Inspection processes are based on the Code of Practice forHighway Maintenance Management which is generally acceptedas representing best practice although it has no statutoryauthority.


0 2 2 Formalmanagementresponsesreceived fromService DirectorNeighbourhoodServices andService DirectorCommercialServices.

Management haveagreed toimplement therecommendations



Subject: Roads AssetManagement

(cont’d)

We have made the following recommendations which aredesigned to improve processes in place to manage the Council’sroad assets:

The Council’s Road Asset Management Plan should becompleted to include footways, structures and traffic signals.In addition the Road Data Management Plan recommendedin the SCOTS Road Asset Management Planning Ramp#2Recommended Practices should be developed and approved.(P3)

A Road Maintenance Manual should be developed inaccordance with recently approved policy to enableconsistency in approach, methods and records. The manualshould set out agreed standards for working practices, crossreferenced to the Code of Practice for Highway MaintenanceManagement as appropriate. All relevant staff including roadsafety inspectors should have access to the manual andtraining in its application provided as necessary. (P2)

Workforce succession plans should be developed to enablecontinuous and sustainable road safety inspectionarrangements. (P3)

Management should receive regular performance informationin respect of road safety inspection and related repairs. (P2)



Subject: Fleet Management

No: 204/003




The purpose of the review was to assess whether there areadequate controls in place to ensure fleet asset records arecomplete and accurate, and fleet replacement decisionsrepresent value for money.

The following areas of good practice were identified:

There is an established process for centralised procurementand disposal of Plant and Vehicles with appropriate controlsin place;

There are procedures and processes in place to updateTranman (the fleet management system) and the AssetRegister (Capital Finance), though correspondingdocumentation needs to be updated to reflect currentpractice;

The requirements of the Operators Licence are such that allvehicles and plant requiring safety checks and servicing mustbe presented to Fleet Management in accordance with a settimetable. In this way maintenance is scheduled andevidenced, and insurance and driving licences checked. Italso unofficially functions as a form of inventory checkthough if management wish to rely on it in this capacity itshould be documented and assessed as fit for purpose;

Management are looking at automation of the assetprocurement process by enabling automatic links betweenTranman (the Fleet Management and Ordering system) andProactis. Control improvements are anticipated which wouldinclude necessary enhanced audit and authorisation controlsand increased efficiency. The costs and benefits of such achange are being assessed with support from colleagues inIT and Finance.

Budget monitoring takes place in accordance with RevenueBudget Monitoring corporate procedures.

0 0 0 Formalmanagementresponsesreceived fromService DirectorCommercialServices and ChiefFinancial Officer.




Subject: Fleet Management

(cont’d)

We followed up on progress with implementation of the tworecommendations made in previous audit report dated 20December 2012 on Capital Investment-Plant and VehicleReplacement. The audit recommendation on Recording of UsefulEconomic Life of Assets has been fully implemented andsignificant progress has been made in the completion of theother audit recommendation on Annual Spending Plan for Plant &Vehicle Replacement, and management have actions in hand toaddress the remaining outstanding areas to ensure fullimplementation of the audit recommendation.

The balance on the Plant & Vehicle Replacement Fund reported inthe draft accounts 2013/14 for the Council was £5.42 million.This balance is appreciably higher than reported in previousyears, reflecting partly significant deferral of expenditure.Slippage of £3.655 million due to a delay in confirming budgetavailability was reported to the Executive Committee at itsmeeting on 18 February 2014.

Work has been done to incorporate the Plant and Vehicle assetplanning process into the capital and revenue budget planningprocess, and to improve governance controls over thisexpenditure.

We have noted, quite generally, that much of the documentationto evidence and support key processes was in need of updatingto reflect current practice. We anticipate that this will beaddressed as part of the ongoing management actions.


Internal Audit willperform a furtherfollow-up onactions associatedwith theimplementation ofthe remainingprevious auditrecommendationand on progresswith othermanagementactions which areplanned.



Subject: Waste & RecyclingServices

No: 205/009



Risk category: High


The purpose of the review was to ensure adequate operationaland financial controls are in place for the effective delivery ofwaste and recycling services and sound governance is in placeover contract monitoring arrangements with third parties forfuture service delivery.The Waste service has a Revenue Budget of £9.339M (2014/15)and there is £2.637M (2014/15) within the Capital Financial Planfor investment in various Waste Management projects, some ofwhich are phased over the 3-year operational plan (£4.049 Totalfor 2014/15 to 2016/17).An Integrated Waste Management Strategy (IWMS) wasapproved by Council on 12 December 2013. The main aim of thestrategy is to provide services that are sustainable bothfinancially and environmentally and to ensure compliance withEuropean and national policy and legislation. The action plan withprojects that underpin the delivery of IWMS will be monitored bythe Waste Programme Board.To assist the service to recognise and manage the risksassociated with their waste financial efficiency targets of £800kby 2017/18, three risk workshops were held to producecomprehensive registers of risks and issues facing the service tohelp inform the service’s future business and financial plans.The previous internal audit recommendation to ensure that allrecycling and composting advisory services contracts and servicelevel agreements comply with procurement policy and guidelineshas been implemented and current partnership arrangementswere satisfactory for 2013/14. Reviews of arrangements for2014/15 will take place.Internal Audit considers that the level of assurance we are ableto give is comprehensive. Sound risk, control, and governancesystems are in place. These should be effective in mitigatingrisks to the achievement of objectives.

0 0 0 Management haveagreed the reportfindings.



Subject: Safer Communities –Pathway Project Grant FundingCompliance

No: 216/007



Risk category: Low


The purpose of the review was to determine whether costsclaimed under the grant are allowable, reasonable, and inaccordance with guidelines and terms and conditions of thegrant, and that the project is able to meet current or futureobjectives of the grant and claims of achievement are adequatelysupported by verifiable supporting data.

The Pathway Project which finishes in June 2015 is managedwithin Safer Communities. The Pathway project 2013/14 Outturnwas £314k which was majority funded by grants from the BigLottery and the Scottish Government.

We found controls in operation in the following areas to be good:

Processes are in place to safeguard grant funds and ensurecompliance with the terms and conditions of the grants withregard to the accuracy and eligibility of costs.

Progress towards achieving the project objectives is regularlymonitored and reports are submitted in a timely manner andaccurately reflect grant activity.


We have made the following recommendations:

Copies of invoices and other documentation supportingexpenditure claimed under the Pathway project grant shouldbe retained within the service. (P3)

Copies of spreadsheets and other documentation used tosupport performance information contained within thePathway project reports should be taken at the time that theinformation is produced. (P3)

0 0 2 Management haveagreed toimplement therecommendationswithin reasonabletimescales.

Documents

Internal Audit Work2014/15 to August 2014 · Internal Audit Work2014/15 to August 2014 Report by Chief Officer Audit & Risk Audit Committee 23 September 2014 ... workshops and user