None.

Members are requested to indicate at this stage in the proceedings any items on the agenda in which they intend to declare an interest. Members are reminded that if the interest is a Disclosable Pecuniary Interest (as defined in the Members’ Code of Conduct) they must leave the room for the whole of that item. If the interest is not a Disclosable Pecuniary Interest, but is such that a member of the public could reasonably regard it as being so significant that it is likely that it would prejudice their judgment of the public interest (as explained in the Code of Conduct) then they may make representations, but then must leave the meeting for the remainder of the item.

None.

Minutes of the meeting held Tuesday 26 November 2019 attached to be signed as a correct record by the Chair.

That the minutes of the Governance Committee meeting held on Tuesday 26 November 2019 be agreed as a correct signing for the Chair.

Report of the Council’s External Auditor, Grant Thornton attached.

Simon Hardman from the Council’s External Auditor, Grant Thornton, presented the audit progress report and sector update.

It was reported that the 2018-2019 audit work was still ongoing. Members were further advised that the Council’s annual Housing Benefit Subsidy claim audit was now complete and no issues had been found. Simon Hardman thanked the benefit’s team for their assistance throughout the process.

Reference was also made to Grant Thornton’s review of fees in light of changes made to audit quality and local government financial reporting by the Financial Reporting Council (FRC). Discussions would be undertaken with the Council’s Section 151 Officer, including any proposed variations to the fees set by PSAA Limited, before communication with the Governance Committee.

A discussion took place on when the 2018/19 audit deliverables would be complete. It was reported that the 2018/19 deliverables were still ongoing due to the work being undertaken by the Council’s Internal Audit. Following the work of Internal Audit, the Draft Annual Governance Statement would need to be refreshed before being presented to Committee, for Grant Thornton to start their work.

RESOLVED: (Unanimously)

That the report be noted.

Report of the Interim Head of Shared Assurance attached.

The Committee considered a report of the Interim Head of Shared Assurance which provided a summary of the Internal Audit work undertaken for the period 1 April 2019 to 31 December 2019.

Members were advised that the internal audit was currently 52% completed. However, when considering the work in progress and reports waiting review this figure was 73%. The Internal Head of Shared Assurance explained that temporary staffing resource had been extended to March 2020 and there were weekly progress meetings in place to monitor the situation. The Interim Head of Shared Assurance advised that the completion rate at the end of March 2020 would be between 80-90%.

Following a member query, it was confirmed that any issues which received a limited rating would be reported back to the Committee. However, due to the frequency of the Governance Committee meetings it would be a challenge to bring issues back

In response to an enquiry about the rating of Commercial Properties, the Interim Head of Shared Assurance explained that the audit carried forward for 2018/19 used a different approach when auditing. The Assistant Director of Property and Housing had anticipated the limited rating and had commissioned an external gap review to be undertaken. This resulted in a 73-point action plan. Following a period of implementation, Internal Audit would revisit the work area and provide an update to the Committee.

RESOLVED: (Unanimously)

That the report be noted.

Report of the Interim Head of Shared Assurance to follow.

The Council’s Interim Head of Shared Assurance presented a report which provided the complete audit reports for 2019/20 where the opinion was of limited assurance.

The first audit report presented was performance management. Members were advised that there were significant areas of weaknesses. Internal Audit looked at a number of performance indicators and found 18/31 definitions were ineffective, and no evidence was found to support officer data. Since the audit, management actions had been devised with Leadership Team and the Policy and Performance Manager with some work now completed.

Following a member query, it was confirmed that some actions contained within the management plan would remain ongoing throughout the year.

In response to a member enquiry regarding data owners’ responsibilities, the Interim Head of Shared Assurance confirmed that Leadership Team were responsible for the data owned with the Policy and Performance Manager responsible for ensuring that a Data Quality framework was in place.

The Interim Head of Shared Assurance presented the second audit report on General Data Protection Rules (GDPR). Members were advised that the report focused on implementation and compliance with GDPR and performed a gap analysis. There were two opinions formed, both of which had a limited rating. The Interim Head of Shared Assurance advised members that the action plan did not yet contain agreed actions due to sickness and annual leave. The management actions would be brought back to Committee in March.

It was provided that Internal Audit had conducted spot checks and found several issues with the way that data contained on paper was being stored, such as boxes being left in open areas. Although it had been noted the data held on computers was stored better, computers were locked by staff when away from desks.

In response to a member enquiry, the Interim Chief Executive explained that a wider culture change was needed in order to become more compliant, it was recognised that there was a need for the Council to become paperless to reduce risk.  Members were advised that the Senior Risk Information Officer (SIRO) had now been appointed and senior officers were now recognising the importance of data management.

Following an enquiry, members were advised that the internal audit report on GDPR was available publicly.

RESOLVED: (Unanimously)

That the report be noted.