Upload
others
View
16
Download
0
Embed Size (px)
Citation preview
Report of Meeting Date
Assistant Chief Executive (Business Transformation &
Improvement)
Audit Committee 19/03/08
FRAUD & CORRUPTION RISK REGISTER PURPOSE OF THE REPORT 1 To inform members of the outcome of an important review recently conducted by Internal
Audit, to compile a corporate Fraud & Corruption Risk Register, which identifies and addresses specific fraud risks throughout the Council.
RECOMMENDATIONS 2 That the report is noted. EXECUTIVE SUMMARY OF REPORT 3 This committee report summarises the attached Internal Audit report, which explains the
reasons for and the process involved in compiling the Register. CORPORATE PRIORITIES 4 The report relates to the following strategic objectives:
Put Chorley at the heart of regional economic development in the central Lancashire sub region
Develop local solutions to climate change
Improving equality of opportunity and life chance
Develop the character and feel of Chorley as a good place to live
Involving People in their Communities
Ensure Chorley is a performing Organisation
�
BACKGROUND
5 Although the Council has experienced relatively few incidents of fraud in recent years, the
Audit Commission is keen to ensure that all councils commit sufficient resources to this area. In their 2006 Use of Resources report the Commission recommended that the Council should "further develop proactive counter fraud and corruption work, determined by a formal risk assessment which is adequately resourced".
6 Our main response to this recommendation has been to work with Directors to compile a
corporate Fraud & Corruption Risk Register, which identifies and addresses specific fraud risks in individual service areas.
7 Although the main purpose of the exercise was to address the Audit Commission's
recommendations, it also enhances the Council's compliance with the CIPFA / SOLACE guidelines on governance in relation to probity and ethics and provides a more robust Anti-Fraud & Corruption Strategy.
8 The attached report explains the process involved in compiling of the Register and the
resulting Action Plan, which is also attached. SUMMARY OF RESULTS 9 The exercise established that a well developed anti fraud culture is already embedded
within the Council. Of 117 potential fraud risks that were identified in the Council's operations, 92 were discounted because they present very low levels of risk, the existing controls are adequate or they are already being addressed by projects or other actions in progress.
10 However a limited controls assurance rating was awarded in acknowledgement of the fact
that action is needed to further mitigate the remaining risks. These are a mix of corporate and directorate specific issues and are summarised in the attached report, together with a detailed Action Plan to address them.
IMPLICATIONS OF REPORT 11 The attached Internal Audit Report is currently being discussed with all the Directors
concerned and detailed actions agreed with them to further mitigate the risks identified.
GARY HALL ASSISTANT CHIEF EXECUTIVE BUSINESS TRANSFORMATION & IMPROVEMENT
Background Papers
Document Date File Place of Inspection
Use of Resources Assessment 2006
Delivering Good Governance
In Local Government CIPFA SOLACE
2006
2007
FINANCE
UNION ST OFFICES
Report Author Ext Date Doc ID
Garry Barclay Andy Armstrong
5468 5465
10/03/08 F&CRR.doc
CONTENTS
BACKGROUND AUDIT APPROACH IMPACT ON GOVERNANCE MAIN CONCLUSIONS
• OVERALL AUDIT OPINION
• OVERVIEW
• FRAUD & CORRUPTION RISK REGISTER
• RISKS REQUIRING FURTHER ACTION ACTION PLAN
BACKGROUND
1 The Council takes the threat of fraud and corruption very seriously and has a constitutional commitment "not to tolerate fraud and corruption in the administration of its responsibilities whether from inside or outside the authority”. This is underpinned by a formal Anti-Fraud & Corruption Strategy, which seeks to ensure that serious concerns are properly raised and addressed. It also sets out the Council’s specific policies towards the prevention, detection, notification and investigation of fraud and corruption and summarises the responsibilities of members, managers and officers in this respect.
2 Although the Council has experienced relatively few incidents of fraud in recent years, the Audit
Commission is keen to ensure that all councils commit sufficient resources to this area. In their 2006 Use of Resources report the Commission recommended that the Council should "further develop proactive counter fraud and corruption work, determined by a formal risk assessment which is adequately resourced".
3 In response to this an section of the Internal Audit Plan is now devoted to anti-fraud & corruption
work. This includes:
• Acting as the Council's local co-ordinator / contact for the National Fraud Initiative (NFI) data matching exercise;
• Developing a suite of computerised interrogations of our own systems to identify any incidence of fraud or error;
• Publishing regular fraud bulletins on the Loop to bring any current issues or scams to the attention of officers in order to raise their awareness of fraud.
4 Our main response to the Commission's recommendation however has been to work with Directors
to compile a corporate Fraud & Corruption Risk Register, which identifies and addresses specific fraud risks in individual service areas.
5 This report explains the process involved in compiling of the Register and the resulting Action Plan,
which is attached.
AUDIT APPROACH
6 The best practice guidance set out in the CIPFA publication “Managing the Risk of Fraud” and the
approach outlined in the HM Treasury Guidance for Managers “Managing Fraud Risk” were the main sources of reference to establish and categorise potential fraud risks.
7 Directors and other senior officers were interviewed to establish the extent to which the potential
fraud risk could actually materialise within their spheres of operation.
IMPACT ON GOVERNANCE
8 Although the main purpose of this exercise was to address the Audit Commission's Use of
Resources recommendations, it will also enhance the Council's compliance with the CIPFA / SOLACE guidelines on governance in relation to probity and ethics.
9 Taking an internal perspective, this exercise also contributes to a more robust Anti-Fraud &
Corruption Strategy. MAIN CONCLUSIONS
OVERALL AUDIT OPINION (*) 10 The Council is now required to include a statement in the annual accounts regarding the
effectiveness of its overall system of governance. To facilitate this, Internal Audit reports contain an opinion as to the adequacy of the internal controls in each separate system / area reviewed. In our opinion, the number and nature of risks identified during this exercise and the totality of action required to mitigate them provide Limited Assurance
AUDIT OPINION RATINGS Inadequate - the Authority cannot place sufficient reliance on the controls. Substantive control weaknesses exist. Limited - the Authority can place only limited reliance on the controls. Significant control issues need to be resolved. Sound - the Authority can place sufficient reliance on the controls. Only minor control weaknesses exist.
OVERVIEW 11 The exercise has established that a well developed anti fraud culture is already embedded within the
Council and this is reflected in the systems and procedures implemented by management. The limited controls assurance rating awarded is in acknowledgement of the fact that additional action is needed to mitigate some significant risks that remain. Implementation of the recommendations from this exercise together with other planned follow up work will build on the foundations already in place and will develop and enhance corporate resilience against fraud further.
12 We also found that many of the potential risk factors considered during discussions with Directors did
not present a real threat within the Directorates concerned or there was an array of mitigations and controls in place or in progress.
FRAUD AND CORRUPTION RISK REGISTER 14 The complete results of the exercise are recorded in the Fraud & Corruption Risk Register at the
Appendix to the report. The key contents of the Register are explained as follows: Fraud Category - the generic types of fraud risk set out in the prevailing guidance
Area of Risk - the detailed, potential fraud risks within each category Mitigation / Controls - the measures already in place within the Council to reduce the likelihood and / or impact of the potential fraud risks Risk Rating - taking the existing mitigation / controls into account, whether the level of risk remains high, medium or low (using the corporate risk matrix) The remaining columns were only completed in respect of high / medium risks as no further action was considered necessary in respect of low risks Exposures Identified - the potential impact on the Council's operations should the risks materialise Recommendations - the action that should be taken to address the high / medium risks identified Existing Action Planning Vehicles - where the high / medium risks identified are already being addressed by current projects, audit action plans or other actions in progress Recommendation Number - where risks remain of high or medium exposure and no form of action is currently in progress to address them. These have been transposed to the attached Action Plan
RISKS REQUIRING FURTHER ACTION
15 117 potential fraud risks were identified in the Council's operations, 92 of which were discounted because they present very low levels of risk, the existing controls are adequate or they are already being addressed by projects or other actions in progress.
16 However 25 risks remain of medium or high exposure where further action is required to address
them. These are a mix of corporate and directorate specific issues and are captured in the Action Plan below, together with recommendations, which will be discussed with the managers concerned. The remaining risks are summarised and prioritised as follows:
Corporate ICT related risks - including the safety of data during transit and mobile working, the use
of internet and e-mail, the unauthorised use of data, official publications and intellectual property rights.
Funds and grants - the control and administration of a “basket” of separate internal bank accounts
and grants provided to external organisations where the value involved may be low but reputational risk is high.
Employment and staffing matters - ranging from corporate arrangements for the vetting or
termination of staff to the administration of individual incentive schemes such as car loans and recruitment expenses.
Control and use of corporate assets – weaknesses relating to the recording of assets within
Directorates together with an issue relating to the authority for the disposal of land. Control over vehicles and fuel – specific issues relating mainly to the control of fuel and petrol
issues and the disposal of vehicles and plant at the Bengal Street Depot. Collection of miscellaneous income – relating to the collection of several discreet streams of
income but most notably the corporate arrangements for the recovery of charges for the private use of telephones and printing.
Procurement – an isolated but corporate weakness to adequately consult with the Director of
Corporate Governance on low value contracts.
AC
TIO
N P
LA
N
Re
c
No
R
isk
R
eg
N
o
Are
a o
f R
isk
P
rio
rity
R
ec
om
me
nd
ati
on
s
Re
sp
on
sib
le
Off
ice
r D
ate
Co
rpo
rate
IC
T r
ela
ted
ris
ks
1
44
Theft o
f IC
T e
quip
ment and s
upplie
s
2 2
ICT
sto
ckro
om
- A
sto
ck c
ontr
ol re
gis
ter
will
be
imple
mente
d t
og
eth
er
with p
rocedure
s for
bookin
g
mate
rials
in a
nd o
ut and r
eg
ula
r sto
ck t
akes.
Genera
l -
An invento
ry o
f all
IT e
quip
ment lo
cate
d
within
each r
oom
will
be intr
oduced a
nd s
igned o
ff b
y
each r
espective D
irecto
r.
Corp
ora
te
Directo
r of
ICT
2
53
Unauth
orised a
ccess/u
se o
f in
form
ation a
nd
record
s d
ue to -
uncontr
olle
d m
ovem
ent
of
unencry
pte
d d
ata
1
2
A H
om
e w
ork
ing P
olic
y incorp
ora
ting s
uitable
sta
ndard
s
and g
uid
ance w
ill b
e d
evelo
ped a
nd im
ple
mente
d a
s
part
of
the d
evelo
pm
ent of
the H
om
e W
ork
ing
pro
ject.
Mem
bers
netw
ork
access w
ill b
e t
ransfe
rred t
o "
Thin
C
lient"
with a
ll data
held
centr
ally
.
Corp
ora
te
Directo
r of
ICT
3
83
Theft o
r m
isuse o
f off
icia
l docum
ents
, public
ations o
r in
telle
ctu
al pro
pert
y r
ights
due
to w
eak d
ocum
ent contr
ol
arr
ang
em
ents
/sta
ndard
2 2
The S
ecurity
Polic
y w
ill b
e a
mended t
o inclu
de a
section c
onta
inin
g a
dvic
e a
nd g
uid
ance f
or
sta
ff a
bout
docum
ent security
and "
cla
ssific
ation"
Advic
e a
nd g
uid
ance o
n this
issue w
ill b
e inclu
ded in
the IC
T e
lem
ent
of
induction s
essio
ns f
or
sta
ff
Corp
ora
te
Directo
r of
ICT
4
98/9
9
lack o
f m
onitoring
info
rmation a
nd u
nre
str
icte
d
access leadin
g to u
ndis
clo
sed/inappro
priate
private
inte
rnet
or
excessiv
e/inappro
priate
private
e-m
ail
use during o
ffic
e h
ours
1 1
The I
nte
rnet
and e
accepta
ble
use p
olic
y w
ill b
e
revis
ed a
nd r
eis
sued.
ICT
Serv
ices w
ill intr
oduce a
pro
cedure
to c
arr
y o
ut
reg
ula
r m
onitoring (
both
Inte
rnet and e
-mail)
to e
nsure
th
at its p
rovis
ions a
re im
ple
mente
d b
y a
ll users
.
Corp
ora
te
Directo
r of
ICT
5
100
Auth
orised s
taff
may u
ndert
ake t
he
unauth
orised e
xport
of
off
icia
l data
/info
rmation
2
The p
roposed e
monitoring p
rocedure
will
in
clu
de
a c
heck t
o identify
and r
evie
w o
utg
oin
g e
-mails
that
have a
larg
e f
ile s
ize o
r volu
me o
f data
Corp
ora
te
Directo
r of
ICT
F
un
ds
an
d g
ran
ts
6
58
Theft/m
isappro
priation fro
m the M
ayors
Charity
B
ank A
ccounts
due t
o p
oor
contr
ol
arr
ang
em
ents
2 2
Imple
ment an a
nnual in
dependent re
concili
ation o
f in
com
e a
nd e
xpenditure
D
evelo
p a
nd issue p
rocedura
l g
uid
ance n
ote
s to the
Ma
yors
Secre
tary
reg
ard
ing
the c
ontr
ol of
incom
e.
Assis
tant C
hie
f E
xecutive
(BT
&I)
C
orp
Directo
r (G
overn
ance)
7
71/7
4
Act
as
the
"accounta
ble
body"
on
National
Lott
ery
funded p
roje
cts
there
fore
lia
ble
in t
he
event
of
third p
art
y f
raud o
r m
isappro
priation
2
When w
ork
ing w
ith p
art
ners
docum
enta
ry e
vid
ence o
f expenditure
will
be o
bta
ined o
r in
spection c
arr
ied o
ut to
obta
in a
ssura
nce o
f com
plia
nce
with p
roje
ct
req
uirem
ents
.
Assis
tant C
hie
f E
xecutive
(P&
P)
Corp
ora
te
Directo
r (P
eople
)
8
59
Theft/m
isappro
priation fro
m the E
lections B
ank
Accounts
(4)
- E
uro
pean -
Parlia
menta
ry -
C
ounty
- M
unic
ipal
2 2
An a
dditio
nal auth
orised s
ignatu
re w
ill b
e e
sta
blis
hed
and a
rrang
em
ents
will
be a
mended t
o r
eq
uire tw
o
independent
sig
natu
res o
n e
ach c
heque issued.
The c
ontr
ol and r
econcili
ation a
rrang
em
ents
should
be
carr
ied o
ut
by tw
o p
eople
.
Corp
ora
te
Directo
r (G
overn
ance)
9
75
Mis
appro
priation/u
nauth
orised u
se o
f fu
nds b
y
applic
ants
obta
ined a
s g
rants
due t
o a
lack o
f confirm
ation o
f expenditure
in a
ccord
ance w
ith
the g
rant applic
ation
2
Appro
ved g
rant applic
ations w
ill b
e m
onitore
d to o
bta
in
assura
nce o
f com
plia
nce w
ith t
he a
pplic
ation
req
uirem
ents
by o
bta
inin
g d
ocum
enta
ry e
vid
ence o
f expenditure
or
by inspection.
Corp
ora
te
Directo
r (P
eople
)
10
76
Unauth
orised u
se o
f fu
nds o
bta
ined a
s s
mall
2
A s
tandard
form
of
agre
em
ent w
ill b
e d
evelo
ped a
nd
Corp
ora
te
valu
e c
onserv
ation g
rants
due to a
lack o
f confirm
ation o
f expenditure
in a
ccord
ance w
ith
the g
rant applic
ation
imple
mente
d f
or
each g
rant
appro
ved.
Directo
r (B
usin
ess)
E
mp
loym
en
t a
nd
sta
ffin
g m
att
ers
11
43
Deception -
bre
ach o
f conditio
ns o
f th
e c
ar
loan s
chem
e d
ue to a
lack o
f th
e inspection o
f drivers
docum
enta
tion
2
Imple
ment an a
nnual check o
n d
ocum
enta
tion
V5/I
nsura
nce/D
rivin
g L
icence t
o c
onfirm
com
plia
nce
with t
he s
chem
e c
onditio
ns.
Assis
tant C
hie
f E
xecutive
(BT
&I)
12
86
Subm
issio
n o
f fr
audule
nt cla
ims u
nder
the
"Schem
e f
or
Fin
ancia
l In
centives T
o
Recru
itm
ent"
2
The r
esponsib
ility
for
ow
ners
hip
of
the s
chem
e w
ill b
e
cla
rified -
the s
chem
e a
nd d
ocum
enta
tion w
ill b
e
revis
ed a
nd u
pdate
d a
nd t
he p
aym
ent m
ediu
m c
larified
Corp
ora
te
Directo
r of
Hum
an
Resourc
es
13
113
Inadeq
uate
vett
ing
of te
mpora
ry o
r ag
ency
sta
ff a
nd c
ontr
acto
rs
2
Em
plo
ym
ent
Polic
ies a
nd a
rrang
em
ents
should
be
revie
wed t
o p
rovid
e a
dvic
e a
nd g
uid
ance t
o m
anag
ers
about th
e r
isks r
ela
ting
to t
he e
mplo
ym
ent of
ag
ency/c
ontr
acto
r and a
ssocia
ted s
tandard
of
backgro
und v
alid
ation r
eq
uired.
Corp
ora
te
Directo
r of
Hum
an
Resourc
es
14
114
Ma
licio
us/u
nath
orised/ille
gal activity d
ue t
o the
lack o
f a c
lear
exit s
trate
gy t
o a
ddre
ss
dis
gru
ntled m
em
bers
of sta
ff/leavers
2
Em
plo
ym
ent
Polic
ies a
nd a
rrang
em
ents
should
be
revie
wed t
o inclu
de a
form
al exit s
trate
gy to b
e a
dopte
d
when t
he c
ircum
sta
nces a
rise.
Corp
ora
te
Directo
r of
Hum
an
Resourc
es
15
38
Collu
sio
n o
r m
isappro
priation fro
m w
eak
contr
ol over
the a
d h
oc s
ele
ction,
eng
ag
em
ent
and p
aym
ent of
Coaches,
ente
rtain
ers
and
art
iste
s
2 2
When a
uth
orisin
g o
rders
/invoic
es m
anag
em
ent
will
undert
ake o
ccasio
nal spot
checks o
n p
aym
ents
that
drill
dow
n in t
o t
he s
ele
ction a
nd justification f
or
paym
ents
. A
valid
ate
d "
sele
ct
list"
will
be e
sta
blis
hed a
nd o
pera
ted
for
each type o
f activity.
Corp
ora
te
Directo
r (P
eople
)
Co
ntr
ol
an
d u
se
of
co
rpo
rate
ass
ets
16
79
Sale
of
land tra
nsactions c
om
ple
ted u
nder
seal
by t
he D
irecto
r of
Corp
ora
te G
overn
ance
where
clie
nt
instr
uctions d
o n
ot conta
in
refe
rence to the a
uth
ority
for
dis
posal
2
A c
ontr
ol w
ill b
e p
ut in
pla
ce t
o r
eq
uire a
clie
nt
offic
er
to
pro
vid
e c
lear
evid
ence o
f th
e a
uth
ority
for
dis
posal as
part
of
the "
clie
nt in
str
uctions"
to L
eg
al S
erv
ices.
Corp
ora
te
Directo
r (G
overn
ance)
17
31
Theft o
r m
isappro
priation fro
m "
the A
stley H
all
colle
ction"
by inte
rnal or
exte
rnal sourc
e
1 1
Imple
ment a c
om
pre
hensiv
e "
art
efa
cts
data
base"
in
com
plia
nce w
ith M
useu
ms S
ocie
ty s
tandard
s a
nd
recom
mended s
oft
ware
. U
ndert
ake a
"ro
lling p
rogra
m"
of
sto
ck r
econcili
ation
ag
ain
st th
e a
rtefa
cts
data
base w
hic
h inclu
des
independent
verification b
y L
eis
ure
Serv
ices
Manag
em
ent.
Corp
ora
te
Directo
r (P
eople
)
18
41
Mis
appro
priation/loss o
f eq
uip
ment
due to
obsole
te A
sset
Reg
iste
rs
2
Each D
irecto
rate
will
revis
e a
nd u
pdate
the a
sset
reg
iste
r to
ensure
it is
com
pre
hensiv
e a
nd u
p t
o d
ate
.
All
Directo
rs
Co
ntr
ol
ove
r ve
hic
les a
nd
fu
el
19
66/6
7
Theft o
f die
sel fu
el is
sued fro
m B
eng
al S
treet
Depot
or
petr
ol is
sued fro
m B
ung
alo
w S
erv
ice
Sta
tion a
/c d
ue t
o p
oor
contr
ol and
reconcili
ation.
1 1
Fully
im
ple
ment th
e c
om
pute
rised fuel is
sues
applic
ation/d
ata
base.
Revie
w c
urr
ent
opera
tional arr
ang
em
ents
and p
ut in
pla
ce a
form
al ag
reem
ent/
pro
cedure
incorp
ora
ting
eff
ective c
ontr
ol arr
angem
ents
.
Corp
ora
te
Directo
r (N
'hoods)
20
68
Obta
inin
g a
pecunia
ry a
dvanta
ge fro
m the
2
Develo
p a
nd im
ple
ment a c
learly d
ocum
ente
d "
Vehic
le
Corp
ora
te
dis
posal of
obsole
te v
ehic
les,
pla
nt and
eq
uip
ment
and P
lant
Dis
posal P
olic
y/P
rocedure
D
irecto
r (N
'hoods)
21
60
Theft o
f fu
el obta
ined for
Ma
yora
l cars
2 2
Month
ly r
econcili
ation o
f fu
el is
sues a
nd v
erification o
f m
pg
for
the c
ar
to b
e c
arr
ied o
ut as p
art
of
paym
ent
auth
orisation r
outine.
Inclu
de v
ehic
le d
eta
ils in the c
om
pute
rised fuel is
sues
applic
ation d
ata
base. (s
ee 1
9 a
bove)
Corp
ora
te
Directo
r (G
overn
ance)
Corp
ora
te
Directo
r (N
'hoods)
C
oll
ec
tio
n o
f m
isc
ella
ne
ou
s i
nc
om
e
22
2
N
on p
aym
ent
of
private
phone c
all
(landlin
e &
m
obile
)/printing c
harg
es d
ue t
o lack o
f eff
ective
colle
ction m
echanis
ms
1 1
Eff
ective t
ele
phone m
onitoring
arr
ang
em
ents
will
be
inclu
ded in t
he im
ple
menta
tion o
f th
e n
ew
tele
phony
contr
act.
A
sta
ndard
corp
ora
te p
rocedure
will
be im
ple
mente
d
and p
rom
ote
d t
o r
ais
e s
taff
aw
are
ness u
sin
g team
brief/
loop/e
-new
s a
nd v
iew
s.
Corp
ora
te
Directo
r of
ICT
C
orp
ora
te
Directo
r of
ICT
&
Off
ice
Support
23
7
Lack o
f cla
rity
about
arr
ang
em
ents
for
the
colle
ction o
f In
com
e fro
m s
ale
s o
f O
rdnance
Surv
ey M
aps.
2
As p
art
of th
e p
rocessin
g o
f th
e m
onth
ly invoic
e f
rom
"S
tansfield
s"
(Map S
upplie
r) the n
um
bers
of
pla
ns
pro
duced b
y the s
yste
m w
ill b
e r
econcile
d t
o t
he
num
bers
dow
nlo
aded a
nd t
he incom
e r
eceiv
ed m
onth
ly
- and d
iscre
pancie
s w
ill b
e investig
ate
d.
Corp
ora
te
Directo
r of
ICT
24
8
Colle
ction o
f charg
es for
serv
ices t
o C
CH
2
Directo
r of
ICT
Serv
ices to c
onfirm
that adeq
uate
deta
ils a
re s
pecifie
d in the c
ontr
act and s
uitable
m
onitoring a
rrangem
ents
are
in p
lace.
Corp
ora
te
Directo
r of
ICT
P
roc
ure
me
nt
25
61
Failu
re t
o c
onsult L
egal S
erv
ices a
nd p
ut
eff
ective a
gre
em
ents
in p
lace t
o p
rote
ct th
e
Council
for
serv
ices u
sually
under
£10000
2 2
The C
orp
ora
te P
rocure
ment G
uid
ance a
nd p
rocedure
s
will
be a
mended to s
pecify a
req
uirem
ent to
consult w
ith
Leg
al S
erv
ices t
o e
nsure
an a
ccepta
ble
agre
em
ent
is
put
in p
lace.
Leg
al S
erv
ices t
o p
roduce a
"g
ood p
ractice g
uid
e"
conta
inin
g b
ulle
t poin
ts s
ett
ing
out th
e m
ain
issues t
o
consid
er
and p
ote
ntial pitfa
lls t
o a
void
when c
om
ple
ting
contr
acts
at th
is level.
Corp
ora
te
Directo
r (G
overn
ance)
P
RIO
RIT
Y 1
A
gre
ed
acti
on
s t
hat
are
co
nsid
ere
d e
ssen
tial
as t
hey i
mp
act
sig
nif
ican
tly o
n t
he C
ou
ncil
's s
yste
m o
f g
overn
an
ce a
nd
in
tern
al
co
ntr
ol
an
d m
ay in
flu
en
ce exte
rnal
insp
ecti
on
o
utc
om
es.
A la
ck o
f ti
mely
im
ple
men
tati
on
w
ill
be re
po
rted
to
th
e A
ud
it
Co
mm
itte
e.
PR
IOR
ITY
2
Ag
reed
acti
on
s t
hat
will
sig
nif
ican
tly i
mp
rove t
he l
evel
of
co
ntr
ol
an
d w
ill
be m
on
ito
red
by I
nte
rnal
Au
dit
. A
lack o
f ti
mely
im
ple
men
tati
on
may b
e r
ep
ort
ed
to
th
e A
ud
it C
om
mit
tee.