Agenda and minutes

RESOLVED that the minutes of the meeting held on 14 June 2018 be confirmed.

     I.       

John Scott, Audit Manager, updated Audit Committee in relation to insurance/tenancy fraud trends in 2017/18 as follows:

·         The number and value of insurance claims relating to arson had decreased.

·         The number of housing stock sub-lettings was low and stable. The number of notices to quit/non occupancy levels had risen from 6 in 2013/14 to 24 in 2017/18. Advice taken from housing officers suggested this could be caused by a number of vulnerable people not being able to cope in independent accommodation.

    II.       

John Scott, Audit Manager updated Audit Committee as follows:

·         The review of Boultham Park Refurbishment Programme Partnership Agreement with Linkage Trust should be complete in September 2018.

·         The Transport Hub final account had been agreed. The Health and Safety file was currently being reviewed.

RESOLVED that the order of business be amended to allow the External Audit Annual Governance Report to be considered before the Statement of Accounts/Annual Governance Statement.

Please note that, in accordance with the Members' Code of Conduct, when declaring interests members must disclose the existence and nature of the interest, and whether it is a disclosable pecuniary interest (DPI) or personal and/or pecuniary.

No declarations of interest were received.

Sally Brooks, Data Protection Officer:

a.    sought approval of the Information Management Policies required in accordance with the EU General Protection Regulation and the Data Protection Act 2018

b.    advised that data protection was critical to the Council to ensure that the data received, processed, retained and shared was protected in accordance with the legal framework

c.    reported that the Data Protection Act 1988 had been replaced by a new Data Protection Act 2018 (DPA), which supplemented the EU General Data Protection Regulation (GDPR) directly applicable from 25 May 2018, although both documents needed to be read side by side

d.    emphasised the need for the Council’s policies to be compliant with the new legal framework, the Information Governance team were required to roll out the policies in order to increase awareness of the GDPR to officers’ and councillors in order that members of the public could be confident that the organisation was aware of its new legal responsibilities

e.    outlined the background to the implementation of the information policies and the data protection principles as detailed at paragraphs 3 and 4, attached for consideration within Appendices A-J of her report

f.     requested members’ comments in respect of the content of the report prior to referral to Executive for approval.

Jane Nellist, Independent Member, highlighted the following points:

·         Formatting issues –headings within the presentation of the GDPR/DPA Policy had failed to come out in bold on the last few pages.

·         The flowchart on page 87 of the Information Sharing Policy was not clear.

Sally Brooks, Data Protection Officer, thanked Jane Nellist for these comments. She confirmed that the issues identified would be rectified before the policies were published.

Jane Nellist, Independent Member, further enquired how the policies would be communicated to staff and whether a record of learning would be kept.

Sally Brooks, Data Protection Officer, confirmed that GDPR/DPA Policy had already been delivered to all staff via our new IT system Netconsent. All staff were required to confirm that they had read and understood the Policy as evidence for the first time of individual sign up to the Policy. The other Information Management policies would be released to all staff via the Council’s Communications Team and staff would be asked via Netconsent again to confirm that they were aware they had been reviewed and knew where to find the policies.

RESOLVED that the Information Management Policies be forwarded to Executive for approval.

Sally Brooks, Data Protection Officer:

a)    presented an update on progress in relation to the Information Management project and the implementation, of the EU General Data Protection Regulation (GDPR),

b)    referred to the GDPR Action Plan as detailed at Appendix A to her report

c)    reported on progress made in relation to GDPR, the majority of work which was now complete

d)    outlined remaining actions ongoing following the implementation of GDPR legislation on 25 May 2018, as detailed within paragraph 2 of the report, covering the following main areas:

·         Training

·         Privacy Impact Assessments

·         Contract Review for GDPR clauses

·         Record of Processing Activities

·         Individual Rights

·         Policies and Procedures

e)    confirmed the Annual Governance Statement (AGS) status for the Information Governance section currently at amber, work on implementation of the GDPR would be reviewed in due course to see whether the Council might improve this status

f)     advised that the GDPR project was included as one of the Vision 2020 projects to be delivered in year 2018/19, which the Data Protection Officer and Information Governance Group continued to implement

g)    requested members’ feedback on the content of the report.

Members discussed the content of the report in further detail.

Members queried whether the Council’s contractors were also monitored for GDPR compliance?

Sally Brooks, Data Protection Officer, confirmed that the legislation applied to suppliers as well as controllers as reflected in the individual contract agreements in force with contractors employed. GDPR had processor liability now for the first time, however, it was important GDPR compliance was included within contractors’ agreements taken on by the authority to ensure it was legally enforceable

Members asked how Data Protection training had been prioritised and rolled out.

Sally Brooks, Data Protection Officer, explained that there were two levels of training. Employees handling personal data on a daily basis had been prioritised for training first followed by the remaining members of staff who had also received Data Protection training. New employees were trained as part of the induction process, monitored by managers.

Members queried the timescale for refresher training.

Sally Brooks, Data Protection Officer, advised that the frequency required for training to be refreshed was not set out in law, although this authority ensured it was renewed every two years on a rolling process in accordance with recommended advice from the Information Commissioner’s Office.

RESOLVED that the content of the report including the GDPR Action Plan appended to her report be noted.

Jaclyn Gibson, Chief Finance Officer:

a.    introduced the Annual Governance Report from the Councils external auditors, KPMG, summarising the findings from the 2017/18 audit, which was substantially complete

b.    highlighted that the Annual Governance Report identified the key issues that members should consider before an opinion, conclusion and certificate were issued

c.    explained that the Council’s financial statements were an important means by which the Council accounted for its stewardship of public funds, Council members held final responsibility for the financial statements; it was therefore important for Audit Committee to consider KPMG’s findings before recommending the adoption of the financial statements to Full Council

d.    advised that subject to the satisfactory conclusion of any outstanding work, KPMG proposed issuing an unqualified audit opinion by 31 July 2018

e.    referred to the draft letter of representation attached as Appendix B to thereport, to be approved by Audit Committee on behalf of the Council before KPMG issued an opinion,conclusion and certificate

f.     requested members’ feedback on the content of the report.

Andy Bush and Mike Norman, representing the Council’s external auditors, KMPG:

a.    presented the Annual Governance Report summarising the findings from the 2017/18 audit (Appendix A), which covered the following main areas:

b.    reported that the annual audit by KPMG was practically complete, there were still final procedures to be undertaken which did not however anticipate any problems, although Audit Committee would be notified if there were any issues apart from minor formatting changes

c.    detailed the summary messages from the 2017/18 audit as defined at pages 8-9 of the report

d.    advised that additional audit reporting requirements had been complied with in respect of £561,000 of listed debt on the London Stock Exchange now designated as an EU Public Interest Entity (EU PIE), details of which would need to be included with the published final financial statements

e.    reported on one adjustment identified, a transfer of £80k required between the Revaluation Reserve and the Capital Adjustment Account to correct a prior year issue, it had been agreed to action this adjustment in 2018/19

f.     reported that in addition a small number of presentational changes had been identified in the financial statements during the course of the audit and amendments to the draft accounts would be made in this respect

g.    advised that subject to the satisfactory conclusion of any outstanding work, KPMG proposed issuing an unqualified audit opinion by 31 July 2018

h.    reported that in relation to value for money the auditors had concluded that the authority had made proper arrangements to secure economy, efficiency and effectiveness in its use of  ...  view the full minutes text for item 17.

Jaclyn Gibson, Chief Finance Officer:

1. presented for consideration the Statement of Accounts (including the Annual Governance Statement) for the financial year ended 31 March 2018 (as summarised at Appendix A), together with a short summary of the key issues reflected in the statutory financial statements for scrutiny

2. reported that the Statement of Accounts for 2017/18 provided a comprehensive picture of the council's financial circumstances, compiled to demonstrate probity and stewardship of public funds

3. advised that the Council was statutorily required to publish its Statement of Accounts for 2017/18 with an audit opinion and certificate by no later than 31 July 2018

4. highlighted that the Statement of Accounts for 2017/18 had been subject to external audit by the council’s external auditors, KPMG; as reported to committee previously on tonight’s agenda

5. advised that the Council had made the Statement of Accounts available for public inspection for 30 working days which ran from 1 June 2018 until 12 July and the External Auditor had been available to answer questions during this period; no questions had been received

6. highlighted that the overall level of assurance for 2017/18 was high and in line with our Code of Corporate Governance

7. reported on one defined significant issue carried over from the previous year that had not yet reached completely acceptable levels of performance relating to Information Management, which would remain a focus in 2018/19 and would be regularly reported by management to Audit Committee

8. summarised the key issues within the financial statements covering the following main areas:

9. invited Member's scrutiny and comment on the Statement of Accounts, prior to approval by Council on 24 July 2018.

Members discussed the content of the report in further detail.

RESOLVED that the Statement of Accounts 2017/18 be agreed and forwarded to Council on 24 July 2018 for approval.

The Audit Manager:

a.    presented a report to provide details of the assessment of the effectiveness of the Audit Committee and Internal Audit, and obtain agreement in terms of the composition of a member review group to carry out this task

b.    reported that CIPFA had recently updated the guidance for Audit Committees with a Local Government practice note also awaited for revised Internal Audit Standards, as a result the Audit Committee terms of reference had been revised, being the subject of a separate Committee report on tonight’s agenda

c.    highlighted that reviews of effectiveness should also be undertaken for both the Audit Committee and Internal Audit against terms of reference, standards and guidance

d.    advised that Internal Audit was subject to a formal assessment against audit standards in October 2016, however, it was still good practice to undertake a periodic internal review of effectiveness

e.    requested nominations for the formation of a review group in September 2018 to report back to Audit Committee in December 2018, consisting of the Audit Committee Chair, Independent Member, plus any other member who may wish to be included, with assistance from the Chief Finance Officer and Audit Manager

f.     requested member’s consideration of the report, and agreement on the composition of the review group.

RESOLVED that the composition of the Review Group be agreed as follows:

·         Councillor G Ellis - Chair

·         Councillor Sue Burke -Vice Chair

·         Councillor Thomas Dyer

·         Jane Nellist, Independent Member

John Scott, Audit Manager:

1. presented a report to obtain comments on an update to the Audit Committee terms of reference, based on best practice issued by the Chartered Institute of Public Finance and Accountancy (CIPFA), prior to referral to Full Council for approval

2. reported that the terms of reference should be amended to reflect a recent update by CIPFA on their guidance on Audit Committees

3. outlined the main changes to the terms of reference as detailed at paragraph 4 and Appendices A and B of the report

4. advised that a report on the proposal to review the governance and assurance arrangements for significant partnerships or collaborations in outline form would be presented to the next meeting of Audit Committee on 27 September 2018

5. requested member’s consideration of the revised terms of reference for Audit Committee.

Jane Nellist, Independent Member, enquired whether in the interests of good practice, further changes to our terms of reference should be considered to reflect new guidance published by the Financial Reporting Council ‘UK Code of Corporate Governance for Private Companies’, which focussed on culture and increased emphasis on internal audit.

Officers highlighted that the Council took its advice/guidance from CIPFA, although the above publication would be considered to see if there were any relevant points to report back to Committee.

In relation to the review of significant partnerships, members requested clarification on the meaning of partnership work.

John Scott, Audit Manager, highlighted that the remit of Audit Committee was to look at inter council collaborations rather than contractual partnerships.

Jaclyn Gibson, Chief Finance Officer, confirmed that an officer group was currently working on a list of the council’s partnership agreements across the City to ensure we had the correct governance procedures in place. Once this piece of work was completed officers would report back to Audit Committee categorising the various partnership arrangements in place.

RESOLVED that the revised terms of reference be agreed and referred to Full Council for adoption.

Jaclyn Gibson, Chief Finance Officer:

a)    presented to Audit Committee the outcome of the process to appoint an external auditor for the Council with effect from 1 April 2018

b)    confirmed that the transitional arrangements in respect of the appointment of the Council’s external auditors, currently KMPG LLP, were due to come to an end following the audit of the 2017/18 accounts

c)    advised that in 2017 the Council agreed to opt into the appointing persons arrangements made by the Public Sector Audit Appointments (PSAA) for the appointment of its external auditors and following a tender process to procure the audit services, the PSAA had appointed Mazars LLP as the Council’s external auditor for five years from 2018/19, commencing on 1 April 2018

d)    explained the process for the appointment of the local auditor as detailed at paragraph 4 and Appendix A of her report

e)    highlighted that the appointment of Mazars LLP as the Council’s external auditor excluded the Housing Benefits Certification work which must be procured separately; Council was currently undertaking a separate procurement process for this element of assurance work with The Department for Work and Pensions (DWP

f)     invited members’ questions and comments.

RESOLVED that the appointment by PSAA of Mazars LLP as the external auditor for the Council for a five year period from 1 April 2018 be noted.

John Scott, Audit Manager, on behalf of Martin Walmsley, Head of Shared Revenues and Benefits:

a.    updated Audit Committee on a small number of amendments to the already adopted Fraud Sanction Policy, in respect of the Shared Revenues and Benefits service between City of Lincoln Council and North Kesteven District Council, as detailed within Appendix A of the associated report

b.    highlighted the purpose of the policy to assist the Councils in the shared service in preventing and detecting fraud in a consistent, effective, efficient and equitable manner

c.    reported on the background for the requirement for the policy to be reviewed within paragraph 2 of the report

d.    outlined the proposed amendments to the Fraud Sanction Policy as detailed at paragraph 3.1 of the report

e.    further explained the timeline for the revised policy to go through the consideration/approval process at the City of Lincoln Council and North Kesteven District Council at paragraph 3.2 of the report

f.     requested that Audit Committee note the proposed amendments to the Fraud Sanction Policy.

RESOLVED that the proposed amendments to the Fraud Sanction Policy be noted.

Date: 16 October 2018

Venue: The Council Chamber, North Kesteven District Council, Kesteven Street, Sleaford.  NG34 7EF

Time: 9.30 – 4pm

John Scott, Audit Manager, requested any members wishing to attend the Audit Committee Forum on 16 October 2018 at The Council Chamber, North Kesteven District Council to contact Ali Hewson, Democratic Services Officer, to book a place.

Jane Nellist, Independent Member referred to lectures she would be giving to students as part of an audit module at the University of Lincoln in the second semester of the next academic year, which members were welcome to attend.

Members expressed an interest in this further training opportunity.

Jane Nellist, Independent Member agreed to circulate relevant training dates.

RESOLVED that the above training opportunities be noted.

John Scott, Audit Manager:

a.    presented the Audit Committee with its 2018/19 work programme

b.    invited members’ questions and comments.

RESOLVED that the 2018/19 work programme be noted.