Agenda and draft minutes

Audit Committee - Monday, 28th September, 2020 2.00 pm

Venue: Remote Access - Via On Line or Telephone Conference Call. View directions

Contact: Allison Taylor  0117 92 22237

Link: Watch Live Webcast

Items
No. Item

34.

Welcome, Introductions and Safety Information pdf icon PDF 98 KB

Minutes:

The Chair welcomed Members to Committee.

35.

Apologies for absence.

Minutes:

Apologies were received from Cllr Nicola Bowden Jones

36.

Declarations of Interest

To note any declarations of interest from the Councillors.  They are asked to indicate the relevant agenda item, the nature of the interest and in particular whether it is a disclosable pecuniary interest.

 

Any declarations of interest made at the meeting which is not on the register of interests should be notified to the Monitoring Officer for inclusion.

 

Minutes:

Cllr Clive Stevens, declared a pecuniary interest as he has recently produced a book about local government. However, he does not believe it is necessary to withdraw from any items on the agenda.

 

Cllr Tim Kent declared an interest as he has a relative with an Education Health and Care Plan, and children with Special Educational Needs are likely to come up in discussion.

 

37.

Minutes of Previous Meeting pdf icon PDF 192 KB

To agree the minutes of the previous meeting as a correct record.

Minutes:

Adebola Adebayo is incorrectly listed as Chief Internal Auditor, this needs correcting.

 

Once this correction is made, the minutes of the 27 August 2020 Audit Committee are agreed as a correct record.

38.

Action sheet pdf icon PDF 65 KB

Report to follow.

Minutes:

Discussion Notes:

The response to Colin Molton’s Projects says that the details are available in the 30 April 2020 HR report. However, that information is not available to members of the public. It was confirmed that a list of projects was given in response to Audit Committee PQ02 on the 27 August 2020 and that this would be circulated to members after the meeting (ACTION).

39.

Public Forum pdf icon PDF 170 KB

Up to 30 minutes is allowed for this item.

 

Any member of the public or Councillor may participate in Public Forum.  The detailed arrangements for so doing are set out in the Public Information Sheet at the back of this agenda.  Public Forum items should be emailed to democratic.services@bristol.gov.uk and please note that the following deadlines will apply in relation to this meeting:-

 

Questions - Written questions must be received 3 clear working days prior to the meeting.  For this meeting, this means that your question(s) must be received in this office at the latest by 5 pm on Tuesday 22 September.

 

Petitions and Statements - Petitions and statements must be received on the working day prior to the meeting.  For this meeting this means that your submission must be received in this office at the latest by 12.00 noon on Friday 25 September.

 

Additional documents:

Minutes:

The following Public Forum was received:

 

Questions

Number

 

Name

Title

PQ1

Suzanne Audrey

Committee Access to Information

PQ2

Suzanne Audrey

SIRO Assurance Report

PQ3

Joanna Booth

Bristol Energy

PQ4

Joanna Booth

Bristol Energy Minutes

PQ5

Joanna Booth

SIRO Assurance Report

CQ1

Cllr Clive Stevens

Committee Access to Information

 

Discussion notes:

·       The Monitoring Officer will be writing to Audit Committee members about Access to Information explaining the legal regime. This letter could potentially be made public if this is deemed appropriate. (ACTION)

·       PQ2 supplementary question: the response says the reports will be published at the end of the year. What is the reason for them not being published now? (ACTION)

·       It was confirmed to committee that answers to public forum are drafted by council officers and are not pre-approved by the chair.

·       PQ5 supplementary question: what is the cost of the Quality of Life Survey and the Citizen Panels? (ACTION)

·       PQ5 supplementary question: the response says that the BCC website has a privacy statement. However, this statement was not present in March 2018 when Impact Social did their data collection. What types of notices (if any) were present in March 2018? (ACTION)

·       Members asked for a list of what laws and regulations mean that audit committee cannot have Access to Information on par with Cabinet and Scrutiny. The Monitoring Officer confirmed that this would be included in his letter as previously discussed.

·       A recent whips meeting was discussed where it was believed that AC would get equal access to information, but it was confirmed this assumption was based on outdated advice.

·       The Monitoring Officer was asked for a register of decisions on when information has been released in the public interest. The MO confirmed that this would be legal advice and is therefore privileged.

 

40.

Work Programme pdf icon PDF 81 KB

To note the work programme.

Minutes:

Discussion notes:

·       Access to Information to be added to the November Audit Committee agenda. (ACTION)

·       November Audit Committee contains Company Assurance. Members asked whether it would be possible to do a Value for Money review of the Bristol Energy sale; however this cannot be done until the sale completes. 

41.

External Audit Update Report pdf icon PDF 377 KB

Additional documents:

Minutes:

Jon Roberts introduced the report and summarised it for the committee. This is the last time audit letters will be produced. They will be replaced by a new annual report.

 

Discussion Notes:

·       Committee recommended a workshop after the election in May once the AC membership is finalised to bring new members up to speed.

·       Covid-19 restrictions have put all authorities in a difficult position. It makes forward planning difficult and going concerns uncertain.

·       There was a discussion on External auditors triggering public interest reports following the failure of Robin Hood Energy in Nottingham. This is a potential option for Bristol Energy, but the External Auditor will decide if this is required.

·       This is the second year that GT has been External Auditor for BBC, so they have a better awareness of the organisation and its issues. Technical accounting has improved and information is better presented.

·       Value for Money sections in this report refer to 19/20 so will not cover the Bristol Energy sale. External Audit will monitor the situation for issues but will not do anything that undermines the sale.  

42.

Treasury Management Annual Report 2019/20 pdf icon PDF 1 MB

Minutes:

Mike Pilcher introduced the report and summarised it for the committee.

 

Discussion Notes:

·       Members asked for a list of where investments are made. There are significant sums being invested elsewhere and stability of these investments is important. It was explained that most investment was with other councils and banks. (ACTION)

·       There was a discussion on Capital Spending. There is a cap of 10% of the revenue stream for Capital funding. Any increase in the current level of capital expenditure would require revenue savings. The Capital Strategy is a 30 year plan with affordable borrowing to match Bristol’s infrastructure needs without impacting on revenue.

·       Members noted that the Ethical Investment Policy in this repost is dated 2015. The policy is currently under review and will come back to AC for approval.

·       New AC members coming in May 2021 will need training on treasury management and other relevant matters. The training programme should start to be developed now, as it is a significant challenge to get level of knowledge up.

 

43.

SIRO Assurance Report pdf icon PDF 140 KB

Additional documents:

Minutes:

Tim O’Gara introduced the report and summarised it for the committee.

 

Discussion Notes:

·       It was confirmed that assurance is embedded via an Information Governance Board, which contains the Head of Internal Audit.

·       In addition to the board, there is also a programme of audit work. Last year this examined half a dozen areas of concern and took reports to the Information Board and later to the Audit Committee. This included data breaches, data processing, data sharing reports, etc. We work with the board to identify areas that need assurance.

·       The SIRO needs to show that information governance is effective. If you look at the work, there are weak areas being identified and the SIRO is putting measures in place that remedy these. They will need to provide assurance that the measures are successful.

·       Cllr Stevens requested some examples of data breach reports. The SIRO agreed to share some after the meeting. (ACTION)

·       Cllr Kent said that he had reported a serious data protection breach 7 months ago but had not received any update on the outcome. TK also requested figures for number of breaches and number of cyber-attacks per year. The SIRO said he would find the relevant information on Cllr Kent’s breach and would have a meeting with him to discuss the metrics. (ACTION)

·       The SIRO recognised that most breaches are caused by human error, which means procedures and training is vital. The ICO considers these when making an assessment.  

 

44.

Corporate Risk Report Q1 pdf icon PDF 206 KB

Additional documents:

Minutes:

Jan Cadby introduced the report and summarised it for the committee.

 

Discussion Notes:

·       It was confirmed that BAU stands for Business as Usual.

·       The narrative on the SEND risk seems to blame the judicial review for the risk, when responsibility lies with the council. This should be reworded. (ACTION)

·       Some members discussed how housing has a knock on effect for other risks and they thought a future discussion on this would be helpful.  

·       JC confirmed that she would be attending people scrutiny in November to discuss their risks, including SEND. SEND was added to the risk register in July. Some members thought that it should be considered high risk rather than medium.

·       A member asked whether it would be possible for Audit Committee to see the next iteration of the risk report before January. This will need to be checked as the report must go to Cabinet first. (ACTION)

45.

Risk Management Annual Report and Improvement Plan pdf icon PDF 203 KB

Additional documents:

Minutes:

Jan Cadby introduced the report and summarised it for the committee. Members thanked JC and the risk team for recent improvements to the risk process and reporting.

46.

Internal Audit Activity Report pdf icon PDF 161 KB

Additional documents:

Minutes:

Simba Muzarurwi introduced the report and highlighted the following points:

·       The activity report covered the period from 1 April to 31 August and confirmation was given that no new internal audit activities were undertaken in Q1 to allow management to effectively respond to Covid19. Progress made by the team in relation to Q2 priorities are summarised in Appendix 1 recognising that IA activities effectively resumed in July. As a result most of the audits earmarked for completion in Q2 are still in progress. Consistent with the rolling plan methodology, Appendix 2 highlighted areas of focus for Q3. Q4 priorities will be highlighted at the November committee.

·       The whistleblowing update was presented at the July committee and the half year  counter fraud report for November committee will have updated details on whistleblowing.

·       The installation of new audit management software should improve audit data management and reporting. The process for following up and reporting agreed management actions will also  be automated with this software and a demonstration can be given to committee in future.

·       Internal Audit is currently procuring strategic partner to build resilience in the team.

 

Discussion Notes:

·       Members were encouraged by the progress on whistleblowing, which is a subject that has been flagged at the committee several times. The July annual report showed that most actions related to whistleblowing have been implemented.

·       It was confirmed that whistleblowing within the external companies is the responsibility of those companies and their respective audit committees.

·       There are separate mechanisms for reporting incidents like suspected fraud, which can be notified via BCC. The difference between whistleblowing, grievances and fraud is outlined in the policy documents.

·       Members asked about Brexit risk and preparation. There is a Brexit group working on this, and there are regular updates at the relevant forums which internal audit attends. This is considered adequate oversight unless there are some major changes to Brexit before the end of the year.

 

The Chief Internal Auditor invited several senior officers of BCC departments into the meeting who had audit reports with  limited audit assurance opinions to provide updates on the progress in implementing the agreed actions and answer questions from the committee.

 

Commercialisation:

·       Have worked closely with audit this year to improve robustness. This includes a revised strategy and action plan. It is still early stage for embedding commercialisation in planning. There have been actions to assist this e.g. proper shortlisting and assessment of opportunities.

·       The report is clear about what is required and actions being taken to tackle outstanding issues. There will be more work on this until audit can give reasonable assurance, but there is no estimated date for when this may happen as the nature of the work is dynamic and dependent on the market. 

 

Trading with schools:

·       There was substantial audit assurance on operations. However commercialisation was limited as there is no operating plan or business model for TwS.

·       The 2012 proposal from cabinet established TwS as an in-house trading entity. The Phase 2 alternative service model was never  ...  view the full minutes text for item 46.