Agenda and minutes

Kathryn Smart declared a non-pecuniary interest in respect of Waiver No.’s CPR 16/05/0003 and CPR 16/04/0005, of Appendix 2 of Agenda Item 9, by virtue of being and employee for RDASH (Rotherham Doncaster and South HumberNHS Foundation Trust).

RESOLVED that the minutes of the meeting held on 17th August, 2016, be approved as a correct record and signed by the Chair.

Colin Earl, Head of Internal Audit Services presented a report which updated Members on actions agreed at previous Audit Committee meetings, thereby allowing Members to monitor progress against these actions, ensuring satisfactory progress was being made.

Further to a request from a member of the Audit Committee, who had raised the issue of the difficulty in tracking actions agreed from previous Audit Committee meetings, this had resulted in the production of the Audit Committee Issues Log which was updated for each Audit Committee meeting, documenting all actions agreed during previous meetings that had not been fully completed.  Items that had not been fully completed since the previous Audit Committee meeting were also documented in the report and then removed for the following meeting log.

Members’ attention was drawn to the Appendix of the report, which detailed the follow-up actions from previous meetings; the majority of which were classified as “green”, either having been fully addressed and for removal from the following log or because arrangements were in hand and the actions were not yet due.

It was reported that there were, however, two “red” actions relating to procurement breaches that were on-going and further information was available on these items on the Financial and Purchasing and Contract Procedure Rules report (agenda item number 9 of the agenda papers).

RESOLVED that the progress being made against the actions agreed at the previous committee meetings, be noted.

Minute No. 18 – ‘Strategic Risk Report Mapping’ – 17 August, 2016

Further to the above Minute, the Committee considered its first ‘Deep Dive’ review of the Adults Health and Wellbeing (AHWb) directorate, in order to provide a more in-depth picture of how it managed strategic risks, as requested by this Committee at its meeting on 17th August 2016.  The report provided details of the grip the directorate had on its 2 specific strategic risks and the variety of ways in whichthe key components of the risks were focussed upon.  The 2 strategic risks identified included:

·       SR01 -  The agreed standards and policies are not adequately understood and implemented by practitioners who work with vulnerable adults increasing the risk of vulnerable people experiencing harm or abuse (current score, impact 5 critical, likelihood 2 unlikely).

·       SR02 - Health and social care services do not change fast enough, impacting on quality, accessibility and affordability of services for people who need them most (current score, impact 5 critical, likelihood 3 possible).

Kim Curry, Director Adults, Health and Wellbeing, was in attendance at the meeting to respond to Members questions and concerns.

In response to a query with regard to the areas that were outstanding following the independent quality assurance review undertaken in September 2016, as highlighted in Paragraph 16 of the report, Members were informed that the areas of progress made so far were on the work that had been undertaken with the Doncaster Safeguarding Adults Board, which was now chaired by an Independent Chair and a Performance Framework had since been put in place.  Members noted that support to the Board was currently being reviewed. It was explained that the area for consideration was particularly in relation to the national agenda for ‘Self neglect and vulnerable people’, which related to homeless people and those people who were often badged as ‘difficult to engage’ and was about how the local authority and its partners could help in such situations.  Whilst this issue was not particularly specific to Doncaster, the Council was looking at how this could be built into the Safeguarding process and there were a number of ways that this was being achieved through the Safer, Stronger approach and the Stronger Families approach.  The Council was also looking at a ‘Community MARAC’ (multi-agency risk assessment conference) approach, where individual organisations meet to talk about vulnerable people. A key issue was finding a way to communicate and engage with this cohort of people.

During discussion, Members noted that whilst the current risk scores were provided for in the report, the target risk scores had not been included. Therefore, it was requested that in future, an extract from the Risk Register be appended to the report for comparative purposes.

In response to a query in relation to re-scoring of risks and the frequency of the Quarterly Review of the Risks identified in the table at Appendix A to the report, assurances were provided that monthly performance Directorate Leadership Team  ...  view the full minutes text for item 25.

Minute No. – 5 – ‘Adults, Health and Wellbeing Audit Recommendations progress report including the recovery of overpayment of Direct Payments’ – 22 June, 2016

Further to the above Minute, the Committee considered a report which provided a further update on the completion of the recommendations and those that were still outstanding as at 31st October, 2016.

Members noted that progress had been made in reducing the number of outstanding recommendations since the last meeting in June 2016 and there were now 11 actions still outstanding, some from the initial audit, some from a later review. 13 individual actions had been marked as implemented (5 major risk and 8 significant risk).  Of the 11 actions still outstanding (3 major risk and 8 significant risk) all were progressing and many nearing completion as described in Paragraphs 17 to 20 of the report and in more detail in Appendix 1 of the report.

Whilst the report was encouraging with regard to the progress made against the audit recommendations, the Chair requested that Internal Audit undertake a further audit next year of Direct Payments, as there was still a number of issues outstanding.  Members were advised that Internal Audit was working closely with the service in respect of the improvements to be made and the strengthening of controls.

Pat Higgs was in attendance at the meeting and responded to a number of questions from Members.

It was acknowledged that the Council had to do more to increase the number of people using direct payments, working with colleagues in Commissioning, a new framework solution was being developed to widen the offer of direct payment with money management support services, which would remove the concerns that come with handling monies, as the Council would be working to develop tenders that would enable this work to be led by a third party.

In terms of a risk register for managing the uptake of Direct Payments, it was reported that an action plan had been developed and was being closely monitored by the IBI project board that was made up of representatives from Corporate Services, other directorates within the Council and external representatives, which linked into the overall Programme Board that oversees how improvements were being made.  It was noted that whilst progress was being made implementing the action plan, there were a number of cultural and operational issues that had to be addressed as part of this work.

RESOLVED that

(1)        the update on the current Audit recommendations outstanding, be noted; and

(2)        Internal Audit undertake a further audit next year of Direct Payments.

Minute No. 20 – ‘Adults, Health and Wellbeing - Learning Disability/Supporting Living Review - Update Report’ – 17 August, 2016

Further to the above Minute, the Committee considered an update and progress report on the Supported Living Review for people with Learning Disability.

Members noted that all 267 individuals had now had a financial assessment and were now contributing to their care where appropriate.  To ensure that people in supported living were charged correctly in the future, the three operating systems, which operated independently of each other, were to be migrated into one data set.  Work was on going in respect of this issue and it was anticipated that this was to be completed by October 2017.

Responses to the questions raised by Members of the Audit Committee in August, 2016, were detailed within Paragraphs 21 to 38 of the report. 

Pat Higgs, Assistant Director of Adult Social Care provided further details in respect of the responses set out in the report and responded to further questions from Members; in particular, relating to the financial difficulty of clients in respect of affordability, the challenges of implementing Direct Payments and working with partners to deliver significant transformational plans.

Members whilst acknowledging that progress was being made in this area, due to the level of on-going work, requested that Internal Audit include this item in their schedule for the 2017/18 Work Programme.

RESOLVED that

(1)        the update and progress made on the Supported Living Review for people with a Learning Disability, be noted;

(2)         theAdults, Health and Wellbeing - Learning Disability/Supporting Living Review, be included in the Internal Audit’s 2017/18 Work Programme.

Minute No. 49 - ‘   - 17th April, 2016

Further to the above Minute, the Committee considered a report, providing Members with details of waivers and breaches to Finance and Contract Procedure Rules for the period 1st April, 2016 to the end of October, 2016.

Members noted that there had been an unprecedented number of breaches to Contract Procedure Rules for this period, with the majority of breaches within the Adults, Health and Wellbeing (AHWb) directorate.  A series of improvement actions had been identified, details of which were outlined at paragraphs 17 and 18).

It was reported that there were 7 breaches and 23 waivers to Council Procedure Rules for this period, details of which were provided within Appendices 1 and 2 of the report.  Members noted that investigations were on going in respect of breaches of financial procedure rules, the outcome of which would be presented to a future meeting.

Members were informed that there had been unprecedented levels of procurement activity and the focus at Officer Level had been supporting high value procurements and this had detracted from the normal scrutiny of the contracts register. 

Arrangements were now in place to support this more effectively including, a commissioning lead to support Adults, Health and Wellbeing and closer monitoring at directorate level. Even though more work was required, these measures should reduce the number of breaches to Finance and Contract Procedure Rules. Members requested that future reports should provide more detail in respect of proposed actions to address the breaches.

Denise Bann, Head of Procurement and Steve Mawson, Chief Financial Officer and Assistant Director of Finance answered specific questions in relation to the breaches and the reasons why the breaches had occurred.

RESOLVED that

(1)        the information and actions contained in this report, regarding waivers and breaches of C.P.R’s, be noted; and

(2)        future reports provide more detail in respect of the proposed actions to address the breaches.

Helen Potts, Principal Legal Officer presented a report which provided an update on the Regulation of Investigatory Powers Act (RIPA) surveillance applications, as attached at Appendix 1 to the report since the last report to Committee in April 2016 and the outcome of such matters. 

The report also set out the Action Plan following an inspection carried out by the Surveillance Commissioner H.H. Norman Jones QC on 5th January, 2016.

Members noted that the following three recommendations and actions arising from the January 2016 inspection had now been completed:-

·       to amend the central record to show the date the authorising officer approved the surveillance. The form previously only showed when the Magistrates had approved the surveillance.

·       to arrange a training programme to improve RIPAknowledge. An external trainer with expertise in the field provided training on the 7^th April 2016 for those within the Council whose work regularly involves RIPA. Internal training will be provided in April 2017. An online RIPA course has been developed but we are currently waiting for it to be changed to the new Adapt format so that it can be released to all council employees as an introduction to RIPA.

·       to amend the RIPA procedure documentation.

Further to discussion at the Committee’s pre-training session prior to this meeting, as to the benefits for the RIPA training to be made mandatory for relevant Line Managers due to Members concerns around un-regulated activity, and whether Audit Committee Members could undertake RIPA training on-line, Helen Potts gave an undertaking to speak to Human Resources with regard to these matters.

RESOLVED to note that:

(1)        the Action Plan following the inspection carried out by the Surveillance Commissioner HH Norman Jones QC on 5th January 2016 had been completed; and

(2)        the RIPA applications that have been authorised since the last report in April 2016, attached at Appendix 1. No RIPA applications have been refused by the Magistrates during the period to which this report relates.

Minute No. 38, ‘                     - 27 January, 2016

Further to the above Minute, the Committee received a report which provided an update in respect of the Strategic Risk identified around Data Quality and an update on Information Management.

In response to a question from Kathryn Smart regarding resource support to implement the Data Quality Plan, the Committee was advised that the resource focus at this stage was on having Data Quality standards consistent across the Council’s key systems to provide meaningful data capture and interpretation. This approach required sign up and commitment by all services contributing to the data sets.  The Council was also looking to achieve Level 2 standard of the Information Governance Toolkit commissioned by the department of Health Policy.  Once achieved, the Council would be able to share more data with NHS organisations to support integrated health and social care commissioning.

In respect of data storage, it was noted that physical storage had now been completed.  In moving forward, a key challenge would be the recording of electronic data.  The Vice-Chair, Councillor R. Allan Jones suggested that it would be helpful for all documents produced within the Council to be version controlled. The Chief Finance Officer and Assistant Director for Finance and Corporate Services advised that version controls existed for Strategy documents and Policies, however, due to resources this did not exist for every document produced by the Council.  Selected documents did have version control such as overpayment records, which had to be accurate and up to date.  Colin Earl, the Head of Internal Audit stated that this could be an issue raised at the Governance Group.

During subsequent discussion, Steve Mawson, Chief Financial Officer and Assistant Director of Finance advised Members of the systems in place in Governance Services to ensure that the correct version of reports were presented to Committee and was happy for Members to see how this information was logged.

RESOLVED that the contents of the Update report on Data Quality and Information Management, be noted.

In accordance with Council Procedure Rule 4, the Chair sought the consent of Members to vary the order of business by considering agenda item 16 (Changes to the arrangements for the Appointment of External Auditors), after item 12, before returning to the order of business as specified on the agenda, to allow for consideration of this item due to a Member of the Committee having to depart early from the meeting.

RESOLVED that in accordance with Council Procedure Rule 4, the order of business be varied by considering agenda item 16 (Changes to the arrangements for the Appointment of External Auditors) after item 12, before returning to the order of business as specified on the agenda, to allow for consideration of this item due to the early departure of an Elected Member.

The Committee was provided with an update on the progress made in relation to Strategic Risks for Quarter 1 2016/17.

Members noted that no risks had been identified for demotion.  A new risk had been proposed to highlight the short, medium and long term implications and impacts of the referendum:-

As a result of the decision for the UK to leave the European Union there was increased uncertainty across a number of policy and funding areas that could lead to disruptions in funding and/or projects locally in Doncaster.

As a consequence of the decision to leave the EU, the Quarter 1 challenge revised the wording for the risk around austerity to read as follows:-

The potential personal financial position facing individual citizens across Doncaster Borough may result in an increase of poverty and deprivation

In presenting the report, Steve Mawson, Chief Financial Officer and Assistant Director of Finance informed Members that since the writing of the report, the Q2 finance and performance report, which included information with regard to the Strategic Risk Register was to be issued shortly. 

In response to Members questions regarding the timeliness of presenting quarterly reports to the Committee in order to allow Members to make meaningful and timely contributions, the Chief Financial Officer and Assistant Director of Finance stated that he would review current reporting arrangements to address this time lag and the way that information was presented to the Committee.  This would include, highlighting the identification of any major changes to the risks, available comparative data relating to previous periods in time and the direction of travel. This was welcomed by the Committee. The Chief Financial Officer and Assistant Director of Finance also undertook to provide Members with a copy of the Quarter 2 finance and performance report when available.

During consideration of this item, the Chief Financial Officer and Assistant Director of Finance responded to Members questions and concerns on specific performance indicators in particular, relating to the Pensions Deficit and the two risks relating to the Children’s Trust. 

RESOLVED that

(1)        the report and the Strategic Risk profiles attached at Appendix A to the report; be noted; and

(2)        the revisions to the Strategic Risk Register (paragraphs 4 and 5 of the report), be noted.

The Committee considered a report which summarised the changes to the arrangements for appointing External Auditors following the closure of the Audit Commission and the end of the transitional arrangements at the conclusion of the 2017/18 audit, and makes recommendations for the future appointment of external auditors by the Council. The regulations relating to external audit appointments required that any decision to opt-in to a sector-led procurement option had to be made by the full Council.

The Council’s current external auditor was KMPG and the arrangements come to an end on 31st March 2018 and the Council would move to local appointment of its external auditor. 

The Council had until December 2017 to appoint its external auditors.

The Head of Internal Audit outlined the following options open to the Council by which the appointments could be made, which were provided for in more detail at paragraphs 12 to 15 of the report:-

• To make a stand-alone appointment
• Set up a joint Auditor Panel/local joint procurement
• Opt-in to a sector led body

The Committee considered the 3 options and endorsed the recommended option to opt-in to a sector led body.

RESOLVED that

(1)        the options for appointing External Auditors from April 2018 resulting from the Local Audit and Accountability Act 2014, and the advantages and disadvantages of each option, be noted; and

(2)        a recommendation to the full Council in January 2017 to appoint the Public Sector Audit Appointments Ltd to negotiate and appoint the External Auditor for Doncaster Council, be supported.

(Minute No. 19 – 17 August, 2016) 

Further to the above Minute, the Committee considered a report which built on the Counter Fraud report presented to the Committee in August and was intended to give the Audit Committee:-

·         an understanding of the fraud risks that the Council was currently exposed to;

·         an assessment of the Council’s current compliance with the CIPFA Code of Practice for Managing Fraud and Corruption;

·         an understanding of the innovative work being undertaken in the field of data matching and data analytics to prevent and detect fraud for the Council.

The Council had identified, 30 high level types of fraud (fraud risks) to which it is exposed.  Inherent risk ratings had been assessed for all of these risks and work was underway to agree final residual risk ratings for all risks.  New fraud risks continued to emerge all the time, particularly in the field of cyber-crime/cyber-fraud. Maintaining resilience to these risks was key to protecting the public purse and the interests of the Council and the citizens that it serves.

The Council had assessed itself as compliant with the Code of Practice on Managing Fraud and Corruption. Members noted that 2 actions remained on going but were not considered to fundamentally affect compliance with the Code.  These actions included finishing the assessment of residual fraud risk and to launch the previously delivered face to face fraud training undertaken in February/March 2016 in electronic format to the rest of the Council. These actions were considered to be progressed to a sufficient stage to meet the requirements of the code or are covered (in the case of the electronic training) by other training provisions delivered in the last 12 months.

It was reported that good progress was being made within the Council with regard to producing a Risk Register and showed that against the CIFPA Code, the Authority was compliant in managing fraud and corruption.

In response to a question from Members, Colin Earl, Head of Internal Audit reported that the risk register had been developed following extensive engagement with Service Managers.  He stated that a report would be submitted to the next meeting on how identified risks were managed.  In addition, Members were informed that the next pre-meeting training session of the Committee was to focus on anti-fraud in more detail.

Kathryn Smart enquired whether the Council had the right skills in place to prevent cyber fraud and Malware attacks. Members were informed that the Information Risk Officer and the Information Governance Group were continually looking at the threats that were emerging and ensuring the Council had got the appropriate safeguards in place to prevent such risks. The Council was aware of other authorities who had suffered from attacks and had been held to substantial ransoms. It was acknowledged this was a real risk, particularly in terms of a financial risk as well as control and loss of the Councils security.

Awareness raising of these risks was considered critical and a range of measures were being put  ...  view the full minutes text for item 34.

Minute No. 16 ‘Statement of Accounts’ – 17th August, 2016

Further to the above Minute, the Committee received a report, which referred to KMPG’s Annual Audit Letter for 2015/16, which signified the formal sign off of the audit to the Audit Committee. The report detailed that in signing off the Audit, the external auditor had:-

• issued an unqualified opinion on the Council’s core financial statements and associated disclosure notes included in the Council’s 2015/16 Statement of Accounts;

• concluded that the Council made appropriate arrangements to secure financial resilience and economy, efficiency and effectiveness in the use of its resources; and

• issuedan audit certificate to demonstrate that the full requirements of both the Audit Commission’s Code of Audit Practice and the Audit Commission Act 1998 have been discharged for the year.

Members noted that there were no high priority recommendations resulting from the 2015/16 audit work and only one medium priority recommendation in relation to the valuation of the Waste Management PFI Contract. This would be re-valued and recognised at its up to date value in 2016/17 financial statements.

Members welcomed the report and were pleased to note that the Council had received an unqualified opinion.

In response to a query with regard to paragraph 2 of page 155 of the Annual Audit Letter, where reference was made to KMPG’s network of independent member firms being affiliated with KMPG International Cooperative (KMPG International) being a ‘Swiss entity’, the Chief Financial Officer and Assistant Director of Finance undertook to look into this matter.

RESOLVED that

(1)        the contents of the Annual Audit Letter, be noted; and

(2)        the overall significant and positive progress made by the Council, be noted.

(Minute No. 54 – 7th April, 2016 and Minute No. 17 – 17 August, 2016)

Further to the above Minute’s Colin Earl, Head of Internal Audit presented a report which proposed revisions to the 2016/17 Internal Audit Plan.

Members noted that the Head of Internal Audit had considered the changes and was satisfied that the changes to the plan and the current level of resource was sufficient to provide an opinion at the end of the year to the Audit Committee and the Chief Financial Officer and Assistant Director of Finance on the adequacy of the Council’s control environment.

Paragraph 4.2 of the report set out the proposed revisions to the Audit Plan for November, 2016.  In addition, new reviews proposed to be added to the Audit Plan and those audits that had been removed from the original plan as agreed at the Committee’s meeting in April, on the basis of an assessed lower risk rating, which were to be reassessed as part of the planning process for the 2017/18 Audit Plan, were outlined in Paragraphs 4.3 to 4.4 of the report. 

RESOLVED to note:

(1)  the proposed revisions to the 2016/17 Internal Audit Plan; and

(2)  that the Head of Internal Audit had considered these changes and was satisfied that the proposed changes to the plan and the current level of resource was still sufficient to provide an opinion at the end of the year to the Audit Committee and the Chief Financial Officer and Assistant Director - Finance on the adequacy of the Council’s control environment.