The Head of Audit Partnership introduced the report which set-out the annual internal audit plan 2023/24 and detailed how the plan was devised, the resources available through the Partnership and the specific audit activities to be delivered over the course of the year.  The Head of Audit Partnership read-out the three recommendations as outlined in the report.

The Head of Audit Partnership said that the Public Sector Internal Audit Standards (PSIAS) required the Internal Audit Plan to be risk-based and she referred to page 10 of the report which highlighted the global and sector risks, and pages 11 and 12 of the report which outlined the Council’s specific risks. 

The Head of Audit Partnership reported that it was hoped that the vacancies within the audit team would be filled by July 2023 and she said they would utilise the specialist expertise they had access to, via framework agreements, to assist with delivery of the plan during the recruitment period.  She referred to Section 15 of the report which set-out the days allocated to deliver the plan, and Section 18 of the report which set-out the audit engagements they aimed to deliver.  She said it was important to note that there was flexibility within the plan to respond to any organisational change that might occur throughout the year.

In response to comments from a Member, the Head of Audit Partnership explained that the Leisure Services audit had not been delivered due to resource issues within the Mid-Kent Audit Partnership and the Leisure Services team and also the Covid-19 Pandemic.   Following the ‘weak’ rating of Land Charges in 2017/18 the recommendations advised following that audit had been implemented and it was a shared service and had not been looked at across the three authorities.  The Head of Audit Partnership said that with regard to Counter Fraud it was important that the necessary policies were in place.

A Member raised concern in respect of staff wellbeing as set-out on page 11 of the report.  He asked what the Council were doing to mitigate the risks of homeworking and whether audit could review this?  The Head of Audit Partnership explained that Internal Audit reviewed the risks associated with staff wellbeing as part of the audit planning process and that homeworking was considered within the Human Resources audit.  It was managements responsibility to set the policy for homeworking, but this was not something Internal Audit would review.

In response to comments from Members, the Head of Audit Partnership said they would be undertaking a stand-alone audit of Emergency Planning which would include work on the Council’s business continuity.  They planned to carry out an audit of Emergency Planning across the partnership to ensure best practice across all areas.  She said that the risks around Cyber Security were increasing and spoke about the National Initiatives that provided guidelines to ensure Cyber Security within local authorities was up to standard.  The Head of Audit Partnership reported that they worked very closely with the ICT Partnership with whom they had a good relationship.  She advised that following a restructure, the ICT Partnership had appointed a specific Cyber Security Officer.

Councillor Tim Gibson proposed the recommendations, which were seconded by Councillor Richard Palmer.

Resolved:

(1)   That the Internal Audit & Assurance Plan for 2023/24 be approved and that the Head of Audit Partnership be given delegated powers to keep the plan current as set out in Appendix I of the report.

(2)   That the Head of Audit Partnership’s view that the Partnership currently had sufficient resource to deliver the Plan and a robust Head of Audit Opinion be noted.

(3)   That the Head of Audit Partnership’s assurance that the Plan was compiled independently and without inappropriate influence from management be noted.