Toggle mobile menu visibility

Bank holiday information - Easter

Bank holiday information for our services, including opening times and emergency contacts. All recycling collections will take place on the usual days.

Agenda and minutes

Venue: Committee Room 5, Guildhall, Swansea. View directions

Contact: Democratic Services: - 636923 

Items
No. Item

38.

Disclosures of Personal and Prejudicial Interests.

Minutes:

In accordance with the Code of Conduct adopted by the City and County of Swansea, the following interests were declared: -

 

Councillor P M Black – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – Member of governing body of Burlais Primary School – personal.

 

Councillor T J Hennegan – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Clwyd Community School – personal.

 

Councillor P R Hood-Williams – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Crwys Primary School – personal.

 

Councillor J W Jones – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Dunvant School and my wife is Governor at Hendrefoilan School – personal.

 

Councillor P K Jones – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Bishop Gore School – personal.

 

Councillor M B Lewis – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Gwyrosydd Primary School and Pension Fund Committee Member – personal.

 

Councillor W G Thomas – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – School Governor at Newton Primary School and Pension Fund Committee Member – personal.

 

Councillor T M White – Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 and Minute No.42 - Wales Audit Office ISA 260 Report CCS Pension Fund - Chair of Governors at Brynhyfryd Primary School, Pension Fund Committee Member and benefactor of the Pension Fund – personal.

 

Geraint Norman (Wales Audit Office) - Minute No.40 – Internal Audit Monitoring Report Q1 2018/19 – My wife is the Head Teacher of Pontlliw Primary School.  The Wales Audit Office has controls in place to mitigate – personal.

39.

Minutes. pdf icon PDF 121 KB

To approve & sign the Minutes of the previous meeting(s) as a correct record.

Additional documents:

Minutes:

Resolved that the Minutes of the previous meetings of the Audit Committee held on 14 and 23 August 2018 be approved as correct records.

40.

Internal Audit Monitoring Report - Q1 2018/19. pdf icon PDF 131 KB

Additional documents:

Minutes:

The Chief Auditor presented the audits finalised and any other work undertaken by the Internal Audit Section during the period 1 April 2018 to

30 June 2018.

 

A total of 30 audits were finalised during Quarter 1. The audits finalised were listed in Appendix 1, which also showed the level of assurance given at the end of the audit and the number of recommendations made and agreed.  A total of 247 audit recommendations were made and management agreed to implement all but one of the recommendations i.e. 99.6% against a target of 95%.

 

Appendix 2 outlined that by the end of June 2018, approximately 66% of the Audit Plan was either completed or in progress.  Out of the 30 audits finalised in Quarter 1, 18 had been audits that were included in the 2017/18 audit plan that were ongoing at the end of the financial year, that had since been finalised in 2018/19.

 

Information regarding additional work and details of follow-ups completed between 1 April and 30 June 2018 were specified.

 

Details of the significant issue which led to a moderate rating issued in the Quarter for Disaster Recover & Business Continuity were provided.  The Audit objectives were to ensure that the Authority had an ICT Disaster Recovery Plan (DR Plan) in place and that the plan was regularly reviewed, tested and updated.  The audit included the testing of controls established by management over the following areas within the DR Plan: Ownership and Management; Risk Assessment and Prevention; The Corporate Plan; IT User Plans; Resourcing and Training.

 

The reasons for the moderate rating were provided as follows: -

 

·         Checks were carried out to confirm that the responsibility for the Councils IT Disaster Recovery Policy and Recovery Plan had been formally assigned. No Terms of Reference had been established for the Disaster Recovery Team.

·         It was found that the Team had not carried out regular reviews of the Disaster Recovery Plan.  A review of the Disaster Recovery Plan revealed that it had not been updated on at least an annual basis. The last review was undertaken in April 2017. 

·         Testing was carried out of the Information Asset Register to ensure that data in relation to each system, interface and its users was recorded. A sample of three system entries was selected for checking.  For the sample of systems selected it was found that:

o   There was no indication of the length of time that the Council could function without the system / systems.

o   Minimum resources required to get the system up and running again in respect of hardware, software and communications were not detailed. 

·         A further sample check of these systems was carried out to confirm that the Register contained details of the systems objectives and that there were explanations detailed of how each element of the IT service will address the objectives.  It was found that the objectives of the systems were recorded, however, there was no information detailed as to how the IT service would address the objectives.

·         A review of the Councils Risk Registers to check that each system risk had been recorded revealed that risks were not listed individually in the Registers.  It was noted that only a general entry had been made regarding the risk of not having a full Disaster Recovery Plan in place.

·         A review of the current Corporate Disaster Plan to confirm that all required information was detailed revealed that:

o   Full details of Risk Assessments were not recorded.

o   Recovery sites had not been established.

·         A sample of four key IT system users were contacted and asked to provide copies of their Business Continuity Plans, particularly in relation to Hardware and Software.  For all Plans, hardware and software issues had not been addressed in the individual Business Continuity Plans.

·         Information was requested from the Insurance Section to confirm that a policy was in place to cover a disaster situation should one occur, however, to date no evidence had been received.

·         It was also confirmed that no formal testing took place in relation to the Disaster Recovery Plan.

 

Jo Harley, the Interim Head of Digital and Transformation Services provided the Committee with a thorough explanation on the progress made in respect of the issues raised in the moderate rating.  She referred to each specific reason and confirmed the progress / developments made in order to provide the Committee with assurance that improvements were being implemented.

 

The Committee asked questions of the Officer, who responded accordingly.  Discussions centred around: -

 

·         Companies providing Cloud based systems being located in the UK;

·         Concern regarding BT infrastructure;

·         Consideration being given to each system prior to any cloud migration decision.  This will lead to a hybrid solution of cloud and on premise systems;

·         Potential cost of transferring to the Cloud and the different options / packages available;

·         Risk assessments of the Service Areas systems is the responsibility of services;

·         Internal Audit keep pace with the changes in IT.

 

Resolved that the contents of the report be noted.

41.

Wales Audit Office - ISA 260 Report - City and County of Swansea. pdf icon PDF 405 KB

Minutes:

Geraint Norman and Anthony Veale, Wales Audit Office presented Wales Audit Office ISA 260 report 2017/18 – City and County of Swansea.   The report set out for consideration, matters arising from the audit of the 2017-18 financial statements for the Council that required reporting under ISA 260.  It was stated that it was the Auditor General’s intention to issue an unqualified audit report on the financial statements.

 

It was added that the auditors had received the draft financial statements for the year ended 31 March 2018 on 4 June, prior to the deadline of 30 June 2018.  The Wales Audit Office were reporting the more significant issues arising from the audit, which they believed must be considered prior to approval of the financial statements.  These issues had already been discussed with the Section 151 Officer.

 

It was the Auditor General’s intention to issue an unqualified audit report on the 2017-18 financial statements.   The final letter of representation was contained at Appendix 1, the proposed audit report was provided at

Appendix 2, the corrected mis-statements were provided at Appendix 3 and the key recommendations arising from the financial audit work were set out in Appendix 4.

 

The Committee asked questions in relation to the following which were responded to by the Wales Audit Office Representatives: -

 

·         Capital Accounting advice regarding current arrangements;

·         Progress made regarding registering deeds with the Land Registry;

·         Reconciliation of the Council’s Revaluation Reserve.

 

The Chair expressed his appreciation to the Finance staff for providing the accounts to the Wales Audit Office well before the required deadline.

 

Resolved that the contents of the report be noted.

42.

Wales Audit Office - ISA 260 Report - City & County of Swansea Pension Fund. pdf icon PDF 126 KB

Minutes:

David Williams, Wales Audit Office presented a report that set out for consideration the matters arising from the audit of the financial statements of the Pension Fund for 2017/18, which required reporting under ISA 260.

 

The gross assets controlled by the Pension Fund amounted to £1.9 billion.  The quantitative levels at which misstatements were judged to be material for the Pension Fund is £19.1 million.  The report provided the matters arising from the audit of the financial statements of the Pension Fund for 2017-18. 

 

The draft financial statements for the year ended 31 March 2018 were received on 25 May 2018, prior to the 30 June 2018 deadline.  The Wales Audit Office were reporting the more significant issues arising from the audit, which they believed must be considered prior to approval of the financial statements.  These issues had already been discussed with the Section 151 Officer.

 

It was the Auditor General’s intention to issue an unqualified audit report on the financial statements once the Authority had provided a Letter of Representation based on that set out in Appendix 1.

 

The proposed audit report was set out in Appendix 2. The Pension Fund was included within the Council’s main financial statements and therefore the opinion shown was that proposed for the Council’s main financial statements incorporating the Pension Fund.

 

It was outlined that there were no non-trivial misstatements identified in the financial statements which remained uncorrected.  There were misstatements which had been corrected by management but which the auditors felt should be highlighted due to their relevance to the responsibilities of the Authority over the financial reporting process. These were set out with explanations in Appendix 3. These amendments increased the value of investments in the Net Assets Statement by £2.5 million.  There were also a number of other presentational amendments made to the draft financial statements arising from the audit.  Other significant issues arising from the audit were also reported.

 

The key recommendations arising from the financial audit work were set out in Appendix 4.  Management had responded to them and progress would be checked during next year’s audit.  Where any actions were outstanding, the auditors would continue to monitor progress and include it in the report next year.

 

The Chair expressed his appreciation to the Finance staff for providing the accounts to the Wales Audit Office well before the required deadline.

 

Resolved that the contents of the report be noted.

43.

Corporate Fraud Annual Report 2017/18. pdf icon PDF 184 KB

Minutes:

Jeff Fish and Jonathan Rogers presented a summary of the work completed by the Fraud Function of Internal Audit in 2017/18.

 

The report provided the background to the Fraud Function, an overview of activities and its value.  The key activities in 2017/18 covered the following areas of work: -

 

·         Review of Direct Payment Strategy / forms;

·         Joint work with DWP’s Fraud and Error Service;

·         National Fraud Initiative 2016

·         Fraud Awareness;

·         Inter-Agency work and Data Exchange;

·         Special investigations.

 

The Review of the Fraud Function Plan for 2017/18 reported that out of the 9 planned activities, 6 were fully achieved and 3 partly achieved.  Appendix 3 of the report provided details of these activities.

 

The Committee asked questions of the Officers, who responded accordingly.  Discussions centred around the following: -

 

·         Overpayments, the reasons surrounding why they had occurred and the follow up process;

·         The pilot scheme relating to overpayments.

 

Resolved that the contents of the report be noted.

44.

Audit Committee Action Tracker Report. (For Information) pdf icon PDF 121 KB

Minutes:

The Chief Auditor presented the Audit Committee Tracker Report for information.

 

He highlighted two additional actions in relation to the Draft Audit Committee Annual Report 2017/18 and outcomes that required reports being provided to future Committee meetings.

45.

Audit Committee Work Plan. (For Information) pdf icon PDF 94 KB

Additional documents:

Minutes:

The Audit Committee Work Plan was reported for information.

 

The Chief Auditor highlighted two updated actions at Appendix 2 relating to the Wales Audit Office.  Geraint Norman stated that it was for the Committee to decide how it wished to progress the issues.

 

Resolved that the items be discussed at the next scheduled meeting.