Issue - meetings

Report of the Director – Finance and Corporate Services

Mr Armstrong from BDO, the Council’s Internal Auditors, presented the Internal Audit Progress Report Quarter 2.

Mr Armstrong referred to page 17 of the report which showed the table detailing progress of work completed so far and work due. He confirmed that five of the nine reports had been fully completed, that one was in draft and one was ongoing, with two outstanding, with the final reports due in February and June 2026. He confirmed that all were in line with and on time with the Audit Plan.

Mr Amstrong said that the two audit reports completed within this quarter related to Main Financial Systems and Business Continuity and Emergency Planning.

In relation to Main Financial Systems, Mr Armstrong explained that it was an annual review as part of the core assurance auditing and that different areas of the financial systems were reviewed each year. He said that for this year, accounts payable and procurement cards had been reviewed and that a moderate rating for Design and substantial rating for Effectiveness had been given, with one medium and one low level finding.

Mr Armstrong advised that the medium rating related to the procurement card log, but not the use of the cards, as there were some late submissions of logs and receipts to the Finance Team. He noted that procurement cards could be an area of risk hence why it had been raised even though no misuse had been found. He referred the Group to part B of the response which listed actions taken to log and chase up card holders. He referred to the low finding regarding the absence of a written audit trail for a card limit increase.

In relation to the review of Business Continuity and Emergency Planning, Mr Armstrong said that a substantial rating for both design and effectiveness had been given with two low level findings. He said that one low level rating related to a structured multi-year programme for scenario testing of business continuity risks not being in place, although there were ad hoc testing sessions on a range of different vulnerabilities. The other related to reporting to the Executive Management Team not being supported by documentation summarising risks and action implementation and also that Resilience Review meetings were not documented.

Mr Armstrong noted that the budget had been released since the audit had been published, with key announcements around council tax changes and business rates revaluation which would have administration and cost impacts for local authorities, and whilst the Government had said that local authorities would be fully compensated for administration costs, this would need to be monitored. He also noted announcements regarding additional investment in planning and licensing.

Councillor G Wheeler asked about future impacts from the budget and Mr Armstrong said that BDO had put out an announcement about potential impacts and that as part of the audit reviews the broader landscape of risk was considered with possible impact from the budget.

Councillor G Wheeler asked how the Council’s business continuity  ...  view the full minutes text for item 23