London Borough of Sutton · Sutton’s Audit Committee has a vital role to play in ensuring that residents are getting good quality services and value for money. It is a review and

London Borough of Sutton

Annual Review of the Audit Committee 2008/09

Agenda Item 8Page 103

Agenda Item 8 Page 104

‘ 3

CONTENTS

Introduction from the Chairman of the Audit Committee 2008/09 page 4 Sutton’s Audit Committee –questions and answers page 5 Appendix A - Audit Committee activity 2008/09 page 8 Appendix B - Committee functions and relevant activity 2008/09 page 9 Appendix C - Self-assessment of the Audit Committee 2008/09 page 11 Appendix D - Committee Workplan for 2009/10 page 13

Contact Information

Strategic Director - Resources London Borough of Sutton

Civic Offices Sutton SM1 1EA

Tel 020 8770 5511 [email protected]


Audit Committee Annual Report 4 June 2009

Introduction by the Chairman of the Audit Committee 2008/09

The Audit Committee has quickly established itself as an important element in the Council’s governance structure. This is the second annual report of the committee and describes how it has carried out its role during the year ending 30th April 2009.

During the year the Audit Committee was able to exercise nearly all its designated functions, and thereby provide assurance that our governance arrangements are regularly monitored and that when high standards are not maintained, this is detected and addressed quickly and effectively.

Apart from the areas you would expect us to cover, such as reviewing planned external and internal audit work, anti fraud and risk management activity and changes in governance arrangements, we also put the spotlight on information security, property management and Council Tax single person’s discounts.

Audit Committee and Scrutiny members also acted very swiftly to commission, and then examine at an extra meeting, an independent review of the council’s treasury management arrangements in the wake of the freezing of Heritable Bank deposits in October last year.

The Committee’s membership has been maintained at five, the right number I believe, with Cllr. Simon Wales as Vice Chairman and well supported by Cllrs. Tim Crowley, John Leach and Roger Thistle. We have put aside party politics at our meetings and concentrated on ensuring Sutton Council maintains its deservedly high reputation for delivering good governance openly and honestly.

I am always keen to learn and benchmark, and I was joined by Simon and John at an Audit Committee seminar organised by Croydon Council last November. We brought back plenty of ideas to consider, but were pleased to find that what we currently do is good practice.

The Council has new external auditors, the Audit Commission, who have taken over from Baker Tilly. We built up a good relationship with Baker Tilly and have started doing the same with the Audit Commission.

Support for my role as chair has been led by Sue Higgins, who is soon to leave the Council for a director general’s role in the Department for Children, Schools and Families. Simon Bailey who has filled the Chief Internal Auditor role is also leaving soon, but arrangements are seamlessly maintained, in that his successor, David Dobbs, has been appointed and has already started work.

I, too, am now taking on new challenges, but still as a councillor, and have enjoyed my two years as chairman, and have great confidence that my successor, Tim Crowley, will be able to develop further the committee’s effectiveness.

Councillor Terry Faulds, Chairman of the Audit Committee, June 2009



SUTTON’S AUDIT COMMITTEE QUESTIONS AND ANSWERS Why do we need it? Sutton’s Audit Committee has a vital role to play in ensuring that residents are getting good quality services and value for money. It is a review and challenge function that monitors the maintenance of effective internal control and corporate governance and holds The Executive to account where necessary. When does it normally meet? It meets four times a year and works to a strategic plan. Membership is five councillors, three/two in proportion to the Council’s political composition, with an Opposition Chair. It is open to the public.

When did it start work? The governance structure was revised with effect from May 2007 to separate the audit and scrutiny roles. Since then the audit committee and the four scrutiny committees have successfully developed their roles, and this has resulted in a strengthening of the governance framework by allowing each committee to concentrate on its own clearer remit. When did it meet in 2008/09? There were four scheduled meetings in the year: 26th June, 18th September and 18th December in 2008 and 16th April 2009. An extra meeting was convened

on 24th October to receive an independently produced report following Heritable Bank going into receivership. The agenda items covered are shown in Appendix A.

Why was there an extra meeting? When Heritable Bank’s funds were frozen on 7th October 2008, the Council had two significant amounts of money on deposit with the bank, and the Audit Committee and Scrutiny decided to commission an independent report in as short as time as possible to establish if governance arrangements had been breached and what lessons could be learnt. The committee met on 24th October and concurred with the conclusions of the independent review’s findings that no breach of internal control arrangements was found, and that the proposals for strengthening the treasury management internal control framework were appropriate in the greatly changed global financial environment. What was its main workload in 2008/09? A work plan was set up at the start of the year and all the planned work was completed, including:

• the Audit Commission’s and the external auditor’s financial reports to the Council

• internal audit activity against plan



• internal audit reports with limited assurance opinion (that is, not of the standard expected)

• the Annual Governance Statement

• risk and treasury management

• anti fraud activity.

Details of work done are shown in Appendix B below, where you can see that a lot of ground was covered. Taking the year as a whole, the Audit Committee has been successful in:

• Maintaining a watchful overview of internal control and governance

• Taking swift action in light of the Heritable Bank situation

• Supporting the accounting and internal audit functions, including maintaining the achievement of maximum CPA scores for internal control

• Ensuring data quality and security are rigorously monitored

• Reviewing the options and deciding on a way forward for staffing the internal audit service

• Focusing attention on services receiving limited assurance audit opinions

• Reviewing the various assurances needed for the Annual Governance Statement.

What types of work were covered? Coverage of topics was split as follows. This is an approximation as elements of many topics overlap:

treasury management 26%

Internal audit reporting 16%

Internal control and security 16%

External audit 14%

Risk management and

corporate governance 10%

VFM/Use of Resources 10%

Anti fraud 8%

Did it cover the right things? To ensure that we did meet our remit, we matched our activity to that of our designated functions (these are in the Council’s Constitution) and the results are in Appendix C. This shows that we covered all the areas that we needed to. The functions not covered were only those that come into consideration in particular circumstances. What is the role of the Council’s internal auditors? The internal audit function is an in-house service that carries out reviews throughout the year on the effectiveness of the Council’s governance and internal control arrangements, including risk management, data quality and financial management in schools. It reports its activity regularly to the Audit Committee and also provides annual assurance on the effectiveness of internal control.



Who are the Council’s external auditors? The Audit Commission has overall responsibility for appointing a council’s external auditors and for arranging inspections. It carries out this work itself or appoints other auditors or inspection organisations. Prior to 2008/09 our external auditors were Baker Tilly, who also reviewed the Council’s Use of Resources arrangements. They reported their work in respect of the 2007/08 accounts and Use of Resources arrangements to the September and December 2008 meetings of the Audit Committee.

From 2008/09 onwards our external auditors are the Audit Commission themselves and they will report to this committee in September 2009 on their work in respect of the 2008/09 accounts. The Audit Committee built up a good working relationship with Baker Tilly and has started to do the same with the Audit Commission’s external audit team, led by Lindsey Mallors and Ade Oyerinde, who usually attend Audit Committee meetings. Does it meet best practice standards? The functions of the Audit Committee are the same as the terms of reference suggested by the Chartered Institute for

Public Finance and Accountancy (CIPFA) in its 2005 publication “Audit Committees – Practical Guidance for Local Authorities”. It is highly rated by the Audit Commission. To test its ongoing effectiveness in 2008/09, the Committee has carried out a self-assessment against a detailed checklist that CIPFA include within the above Guidance. The results are in Appendix D and show a satisfactory situation.

What is planned for 2009/10? The Committee’s work plan for 2009/10 is shown as Appendix D. These are the items that are needed to ensure the committee covers its remit. The committee also is likely to want progress reports on certain issues such as treasury management, data sharing and IT security. Possible areas for development to add later to the work plan are:

• selecting particular risk management arrangements to review for effectiveness and compliance

• partnership aspects of corporate governance

• liaising with Standards Committee over coverage of personal conduct issues.



APPENDIX A

AUDIT COMMITTEE ACTIVITY 2008/09

Meeting 26th June 2008

Items covered:

Annual Review of the Audit Committee 2007/08

Internal Audit Full Year Report 2007/08 Annual Governance Statement 2007/08

Risk Management Annual Review 2007/08

Treasury Management Annual Report 2007/08.

Meeting 18th September 2008

Items covered:

Audit of Accounts 2007/08 – presentation and report by external auditors, including the Statement of Accounts

Council Tax Single Person’s Discount Claims Verification

Information Management Security Arrangements

Update on the Future Options for the Internal Audit Service

Partnering Arrangements with Contractors - Update

Meeting 24th October 2008

Extra meeting to consider the specially commissioned report on the Audit of Treasury Arrangements

Meeting 18th December 2008

Items covered:

Internal Audit Half Year Report 2008/09

Update on Heritable Bank and Treasury Management

Treasury Management Half Year Report 2008/09

Council Tax Single Person’s Discount Update

Update Report on the Future Options for the Internal Audit Service Use of Interim Staff and Consultants – follow up report

Future Options for the Internal Audit Service – update report

CPA Use of Resources 2008 Scores.

Meeting 16th April 2009

Items covered:

Review of Corporate Governance 2008/09

Annual Audit and Inspection Letter and 2008 Use of Resources and Data Quality Reports

Annual Internal Audit Plan 2009/10

External Audit Progress Report

Update Report On Management Of Current Responsive, Servicing And Minor Works Partnering Framework Contractors

Heritable Bank And Treasury Management - Update On New Criteria

Information Management Security Update

Audit Committee Workplan 2009/10.



APPENDIX B

COMMITTEE FUNCTIONS AND RELEVANT ACTIVITY 2008/09

FUNCTION OF AUDIT COMMITTEE RELEVANT ACTIVITY IN 2008/09

Annual Accounts

to consider the Council’s compliance with its own and other published standards and controls

Annual Governance Statement reported to AC (Audit Committee) 26th June 2008

to review the annual statement of accounts – specifically to consider whether appropriate accounting policies have been followed and whether there are concerns arising from the financial statements or from the audit that need to be brought to the attention of the Council.

Statement of Accounts 2007/08 presented to AC 18th Sept 2008

to consider the external auditor’s report to those charged with governance on issues arising from the audit of the accounts

Audit of the Accounts 2007/08 presented to AC 18th Sept 2008

Risk Management and Governance

to monitor the effective development and operation of risk management and corporate governance in the Council

Annual Review of Risk Management report to AC 18th Sept 2008

Annual Insurance Review presented to AC 18th December 2008

to oversee the production of the authority’s Annual Governance Statement and to recommend its adoption

Statement reviewed AC 26th June 2008

to consider the Council’s arrangements for corporate governance and agreeing necessary actions to ensure compliance with best practice

Review of Corporate Governance 2008/09 reported to AC 16th April 2009

to maintain an overview of the Council’s Constitution in respect of contract procedure rules, financial regulations and codes of conduct and behaviour

Local Code of Conduct revised AC 17th April 2008

to monitor Council policies on “Raising Concerns at Work” and the anti-fraud and anti-corruption strategy and the Council’s complaints process

Annual Anti-fraud review to AC 26th June 2008 covered monitoring policies

to review any issues referred to it by the Chief Executive or a Strategic Director, or any Council body

This has not yet arisen

Internal Audit

to consider the Chief Internal Auditor’s annual report and opinion, including a summary of internal audit activity (actual and proposed) and the level of assurance it can give over the Council’s corporate governance arrangements

Internal Audit Full Year Report and Chief Internal Auditor Opinion 2007/08 to AC 26th June 2008 and

Internal Audit Full Year Report and Chief Internal Auditor Opinion 2008/09 to AC 18th June 2009



FUNCTION OF AUDIT COMMITTEE RELEVANT ACTIVITY IN 2008/09

to consider summaries of specific internal audit reports as requested

Reports with limited assurance are summarised in Half and Full Year Internal Audit Reports – no others have been specifically requested so far

to consider reports dealing with the management and performance of the provision of internal audit services

Half and full year Internal Audit reports contain performance information and the AC has updated regularly on progress towards a permanent staffing solution for the section

to consider a report from internal audit on agreed recommendations not implemented within a reasonable timescale

Follow up reports were requested and provided on implementing property maintenance recommendations (AC 18th September 2008 and 16th April 2009)

External Audit

to consider the external auditor’s annual letter, other relevant reports, and the report to those charged with governance

Annual Audit and Inspection Letter Reported to AC 16th April 2009

to consider specific reports as agreed with the external auditor

This has not yet arisen

to comment on the scope and depth of external audit work and to ensure it gives value for money

This has not yet arisen (there was a change of auditors at the start of the year)

to liaise with the Audit Commission over the appointment of the Council’s external auditor

This has not arisen within 2008/09

to commission work from internal and external audit

This has not arisen during 2008/09



APPENDIX C

SELF-ASSESSMENT OF THE AUDIT COMMITTEE 2008/09

AGAINST CIPFA CRITERIA

Code Ref

Adherence to CIPFA Audit Committees: Practical Guidance for Local Authorities Checklist

Y P N Evidence/Appraisal

1 Terms of Reference

1.1 Have the committee’s terms of reference been approved by full council?

Y This was done at the formation

of the committee in 2007.

1.2 Do the terms of reference follow the CIPFA model?

Y In all respects.

2 Internal Audit Process

2.1 Does the committee approve the strategic audit approach and the annual programme?

Y This is normally at the April

meeting.

2.2 Is the work of internal audit reviewed regularly?

Y This is at least twice a year.

2.3 Are summaries of quality questionnaires from managers reviewed?

P This is not regarded as a significant monitoring function, but any adverse quality issues would be reviewed by the Committee.

2.4 Is the annual report, from the head of audit, presented to the committee?

Y

This is normally at the June meeting. A half year report is presented at the December meeting.

3 External Audit Process

3.1 Are reports on the work of external audit and other inspection agencies presented to the committee?

Y Usually only those of external

audit.

3.2 Does the committee input into the external audit programme?

Y It has the option to make

representations directly to external audit.

3.3 Does the committee ensure that officers are acting on and monitoring action taken to implement recommendations?

Y It has called in reports where it is

important that recommendation implementation is monitored. There has been no instances where external audit recommendations have needed to be followed up.

3.4 Does the committee take a role in overseeing:

risk management strategies internal control statements anti-fraud arrangements whistle-blowing strategies?

Y Updates and progress are

monitored at least annually.



Code Ref

Adherence to CIPFA Audit Committees: Practical Guidance for Local Authorities Checklist

Y P N Evidence/Appraisal

4 Membership

4.1 Has the membership of the committee been formally agreed and a quorum set?

Y See Section 2 Article 8 of the

Constitution. The quorum is three.

4.2 Is the chair free of executive or scrutiny functions?

Y The Chairman is from the

majority opposition party.

4.3 Are members sufficiently independent of the other key committees of the council?

Y The Chairman was also a

member of the Standards Committee.

4.4 Have all members’ skills and experiences been assessed and training given for identified gaps?

Y By informal assessment.

4.5 Can the committee access other committees as necessary?

Y References have been made to

The Executive and scrutiny committees.

5 Meetings

5.1 Does the committee meet regularly? Y

There are four scheduled meetings a year.

5.2 Are separate, private meetings held with the external auditor and the internal auditor?

Y Where necessary.

5.3 Are meetings free and open without political influences being displayed?

Y No bias has been apparent.

5.4 Are decisions reached promptly? Y

No issues have been deferred.

5.5 Are agenda papers circulated in advance of meetings to allow adequate preparation by members?

Y Usually ten days before

meetings.

5.6 Does the committee have the benefit of attendance of appropriate officers at its meetings?

Y Relevant Resources staff attend

all meetings. See also 3.3 above.

6 Training

6.1 Is induction training provided to members? Y

By presentations and relevant documents/material.

6.2 Is more advanced training available as required?

Y Audit Committee seminar

November 2008 attended by three AC members.

7 Administration

7.1 Does the authority’s s151 officer or deputy attend all meetings?

Y Both usually attend.

7.2 Are the key officers available to support the committee?

Y The Chief Internal Auditor

usually attends, and others (eg risk manager) are available as required.

Glossary

Y = Met P = Part met or not strictly applicable N = Not met



APPENDIX D

AUDIT COMMITTEE WORKPLAN 2009/10

18th June 2009

Item Officer

Annual Review of the Audit Committee 2008/09 SDR/CIA

Internal Audit Full Year Report 2008/09

(a) Chief Internal Auditor’ Audit Opinion 2008/09

(b) Audit Performance 2008/09

(c) Review of the System of Internal Audit 2008/09

(d) Anti-Fraud Review 2008/09

(e) Data Quality Review 2008/09

(f) Key Systems Review 2008/09

CIA

External Audit and Inspection Plan for 2009/10 Audit Commission

Annual Governance Statement 2008/09 EHFS

Risk Management Review 2008/09 Risk Manager

Treasury Management

(a) Annual Report 2008/09 (b) Update on Heritable Banking Deposits

EHFS

2008/09 Pension Fund Plan Audit Commission

Treasury Management

(a) Annual Report 2008/09 (b) Update on Heritable Banking Deposits

EHFS

Update on Corporate Area Assessment 2009 SDR

24th September 2009

Item Officer

Audit of Accounts 2008/09

(a) Report of Executive Head of Financial Services

(b) Report of Council’s External Auditor

(c) Statement of Accounts 2008/09

SDR

EHFS/

Audit Commission

Treasury Management – Update on Heritable Banking Deposits EHFS

Use of Resources – Progress Report SDR

Revenue & Customs Review on Directly Paid Persons – Progress Update re 17 April 2008 Meeting (Minute 374/08)

CIA



17th December 2009

Item Officer

Use of Resources 2009 Scores SDR

Internal Audit Half Year Report 2009/10

(a) Review of 2008/09 National Indicator Outcomes

CIA

Treasury Management

(a) Half Yearly Monitoring Report (b) Update on Heritable Banking Deposits

EHFS

External Auditor’s Data Quality Assessment 2009 (if available) Audit Commission

Insurance Review 2009 (including self insurance arrangements) Insurance Manager

22nd April 2010

Item Officer

Review of Corporate Governance 2009/10 CIA

Internal Audit Annual Plan 2010/11 CIA

Audit Commission/external auditor’s annual letter Audit Commission

To agree work plan for 2010/11 All

Treasury Management

(a) Half Yearly Monitoring Report (b) Update on Heritable Banking Deposits

EHFS

Glossary

CIA Chief Internal Auditor

EHFS Executive Head of Financial Services

SDR Strategic Director – Resources


Documents

London Borough of Sutton · Sutton’s Audit Committee has a vital role to play in ensuring that residents are getting good quality services and value for money. It is a review and