Agenda and minutes

Audit Committee - Thursday, 23rd September 2021 6.00 pm

Venue: Committee Rooms 1-2, City Hall. View directions

Contact: Claire Turner (01522) 873619 Email: democratic.services@lincoln.gov.uk

Items
No.	Item
29.	Confirmation of Minutes PDF 107 KB · 15^th July 2021 · 22nd July 2021 Additional documents: Minutes , 22/07/2021 Audit Committee , item 29. PDF 207 KB Minutes: RESOLVED that the minutes of the meetings held on 15^th and 22^nd July 2021 be confirmed and signed by the Chair.
30.	Declarations of Interest Please note that, in accordance with the Members' Code of Conduct, when declaring interests members must disclose the existence and nature of the interest, and whether it is a disclosable pecuniary interest (DPI) or personal and/or pecuniary. Minutes: No declarations of interest were received.
31.	Information Governance Update PDF 149 KB Additional documents: Appendix A- IG Risk Register September 2021 V0.1 , item 31. PDF 601 KB Minutes: Sally Brooks, Data Protection Officer: a. presented a report to update Audit Committee on progress made with Information Management monitoring the council’s compliance with data protection legislation including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA) b. highlighted that update reports were submitted to Audit Committee on a bi-annual basis, the last report was provided in March 2021. c. advised that Information Management resources continued to be required in the arrangements surrounding the response to the pandemic. This was in addition to the council’s ‘business as usual’ date protection compliance. This had included ongoing updates to the customer privacy notice, business support grants, retention arrangements for new datasets created, promoting vaccine up take in 18-30 year olds and self-isolation payments for parents and carers. d. advised on data protection training that was underway by the council at paragraph 4 of the officer’s report which was a legal requirement under the GDPR and the ICO e. reported on work completed in relation to contracts, Brexit and UK GDPR as detailed at paragraph 5 of the report f. updated members of Audit Committee in relation to progress made with the Office 365 roll out as detailed at paragraph 6 of the report. g. reported that the Annual Governance Statement (AGS) status for Information Governance had been downgraded from Red to Amber due to progress made in the implementation of the GDPR and had since been removed from the AGS although remained closely monitored with reports submitted to IG Board, CMT and Audit Committee. h. invited committees’ questions and comments Question: Referred to the e-learning and asked if staff were still able to ask questions and who would be responsible for providing support. Response: The e-learning would have a testing element to ensure that staff understood the information. The Data Protection Officer and Legal Services would provide support and be available to answer any questions. Question: Referred to section 6 of the report and asked how the roll out of Office 365 had progressed. Response: Approximately two thirds of staff had received the new equipment, however, there was now a global shortage of equipment which was difficult to source. All staff had access to Teams even if they did not have new equipment. Question: Asked if Zoom would still be used for meetings. Response: Teams would be available to everyone and Zoom would be phased out. Question: Asked if the data breaches were of a serious nature? Response: On average there were four to five data breaches each month. There had not been a significant increase in the number data breaches with home working. Question: Referred to risk number 11 on the risk register and asked if it had been reported correctly and should be shown as a declining risk instead of a static risk? Response: The risk was not declining as there had been improvement, it would be updated to reflect this. Question: Asked how the Independent Member would receive the training as she did ... view the full minutes text for item 31.
32.	IT Disaster Recovery Update and ICT Recommendation Progress PDF 177 KB Minutes: Matt Smith, Business Development and IT Manager: a. presented an update on ICT Disaster Recovery (DR) and Audit recommendations for the ICT Service as requested by the Audit Committee. b. advised that in terms of Disaster Recovery the Council had a limited amount of resource and where possible sought to optimise benefits from the resources available by adopting solutions that worked towards resolving more than one issue. c. summarised the risks associated with the provision of an IT Service as detailed at paragraph 2.4 of the report and gave details of the significant workload that this imposed on the service and further explained the resource implications. d. detailed several aspects that had been developed which would assist with delivery of the Disaster Recovery Solution over a number of years: I. Backup arrangements – allowing multiple copies of data to be held within two locations on premises, and a further copy to be maintained offsite, in the ‘cloud’ II. Refresh of infrastructure – a duplicate copy of the infrastructure had now been delivered which could be invoked should a disaster occur at the primary site III. Enhanced DR copies of data – some data was not held within ‘real-time’ copies to reduce the likelihood of data loss should an emergency issue arise. This would reduce the amount of data that could be lost since the previous backup cycle. IV. A DR plan had been developed. e. highlighted further improvements that could be implemented as detailed at paragraph 3 of the report and explained that the Disaster Recovery work would continue to be reviewed to seek opportunities for improvement. f. advised that since October 2018 there had been 5 Internal Audits, which had resulted in a number of recommendations, many of which had been concluded. g. explained that one of the main outstanding actions was to review the ICT Policy, a draft had been completed and it was currently being reviewed by other stakeholders prior to the committee process. h. further advised that some recommendations would require finance to be made available in order to complete them, this was under ongoing review and would be considered alongside other pressures on the budget a part of the normal cycle. i. advised that an ICT Risk Register has also been developed over the last year. There were currently 90 risks documented. The higher-level risks have actions in defined projects i.e. DR, which also competed for resource, or were also identified on the corporate risk register e.g. for financial and staff resources in general. j. invited members questions and comments. Question: Referred to the back up arrangement as detailed at paragraph 3.2 of the report and asked if the multiple copies of data were kept in sync. Response: Some of the data was replicated overnight, some was synchronised, and some was held in the cloud. Question: Asked if the ICT Security Policies would be overruled by stakeholders during the consultation. Response: The consultation was with HR, Audit and external consultants and was to intended to ... view the full minutes text for item 32.
33.	Annual Complaints Report PDF 276 KB Minutes: Jaclyn Gibson, Chief Finance Officer: a. presented the annual complaints report which included reference to the Annual Review of Local Authority Complaints issued by the Local Government and Social Care Ombudsman (LGSCO), and details of the decisions of the Housing Ombudsman b. reported also on the overall number of complaints received by the Council including response times and percentage of complaints upheld on a directorate basis for the full year 2020-21. c. highlighted the background to the council’s complaints procedure at paragraph 2 of the report d. advised that the Housing Ombudsman had published a Complaint Handling Code, details of which were contained at paragraph 2.3 of the report. e. explained that as a result of the guidance, and in consultation with the Resident Involvement Panel, new time targets for handling complaints had been introduced: · Initial acknowledgment within 5 days · Level 1 complaints to be responded to within 10 working days · Level 2 complaints to be resolved within 20 working days. f. reported that the number of complaints received over the year had decreased significantly on the previous year. There were some council services that had suspended their operations for several months, and this would have reduced the potential for something to go wrong. g. stated that there had been a slight increase in the amount of time taken for officers to respond to complaints at 8.1 days over all four directorates h. detailed further the breakdown of directorate complaints at paragraph 4 of the report i. highlighted that of the 260 complaints responded to in 2020-2021, 39% (102) were upheld, this was consistent with the percentage upheld in the previous year which was 40% j. explained that tenancy related complaints i.e. those which were classed as a landlord function, were now referred to the Housing Ombudsman (HOS) rather than being dealt with by the LGSCO highlighted the trend in complaints as detailed at paragraph 7 of the report highlighted the number of compliments received from members of the public acknowledging professionalism of staff across all service areas invited members' questions and comments. Question: Asked for the details of the complaint in relation to the Cornhill Development. Response: The details would be circulated following the meeting. The Chair commented on the importance of receiving compliments and that they should be recognised as much as complaints were. RESOLVED that the content of the 2020-2021 complaints report be noted.
34.	Assessment of Going Concern Status PDF 258 KB Minutes: Jaclyn Gibson, Chief Finance Officer a. presented a report to inform the Audit Committee of an assessment of the Council as a going concern for the purposes of producing the Statement of Accounts for 2020/21. b. explained the background of the report as detailed at paragraph 2 and advised that the concept of ‘going concern’ assumed that an authority, its functions and services would continue in operational existence for the foreseeable future. c. advised that the report set out the position of the City Council and provided justification for the 2020/21 financial statements being prepared on a ‘going concern’ basis. d. highlighted the main factors which underpinned the assessment: · The Council’s current financial position · The Councils projected financial position · The Council’s balance sheet · The Council’s cash flow · The Council’s governance arrangements · The regulatory and control environment applicable to the Council as a local authority. e. detailed the Councils current Financial Position and highlighted the following areas: · General Fund · Housing Revenue Account (HRA) · Covid-19 f. further detailed the following: · The Council’s Projected Financial Position – Revenue Resources · The Council’s Balance Sheet as at 31^st March 2021 · The Council’s Cash Flow · The Council’s Governance Arrangements · The External Regulatory and Control Environment · Material Uncertainties g. advised that it was considered that having regard to the Council’s arrangements and such factors as highlighted in the report that the Council remained a ‘going concern’ and the Council’s accounts for 2020/21 had appropriately been prepared on this basis. The report gave that assessment by the Council’s Section 151 Officer in support of presenting the Accounts for approval and provides assurance to Mazars, the Council’s external auditor. Question: Referred to the BIFFA contract and asked if it was linked to inflation. Response: The majority of contracts were linked to inflation. There was a risk each year that there would be a change to the inflation which had been forecast. Question: Asked if Officers tried to predict the inflation rate. Response: The contract had to be set to RPI or CPI and would be affected by the actual rate as at the contract date. Officers did make predictions, however there was a risk to the budget that the inflation rate could be higher or lower than predicted. RESOLVED that the outcome of the assessment of the Councils going concern status for the purpose of preparing the Statement of Accounts 2020/21 be accepted
35.	Internal Audit Progress Report PDF 31 KB Additional documents: 3. Internal Audit Progress Report - Sept 2021 , item 35. PDF 554 KB Minutes: John Scott, Audit Manager: a. presented the Internal Audit Progress Report to Audit Committee, incorporating the overall position reached so far and summaries of the outcome of audits completed during the period June 2021 to August 2021, as detailed at Appendix A b. highlighted that Audit Committee held the responsibility for receiving a regular progress report from Internal Audit on the delivery of the Internal Audit Plan as a key requirement of public sector internal audit standards c. detailed the content of the report covering the following main areas: · Progress against the plan · Summary of Audit work · Current areas of interest relevant to the Audit Committee d. invited questions and comments RESOLVED that the report be accepted and the monitoring arrangements be continued.
36.	Audit Committee Work Programme PDF 119 KB Additional documents: Appendix A TOR Audit Cttee , item 36. PDF 90 KB 2. Appendix B Audit Committee 21-22 work programme FINAL , item 36. PDF 195 KB Minutes: John Scott, Audit Manager: a. presented a report to inform members of the Audit Committee on the work programme for 2021/22 as detailed at Appendix A of the report. b. referred to paragraph 4 of the report and highlighted the changes to the work programme. c. advised that the Audit Committee Terms of Reference was attached at Annex A of the report for information. RESOLVED that the contents of the Audit Committee work programme 2021/22 be noted.