There were no apologies for absence.

There were no declarations of interest given at the meeting.

The minutes of the meeting held on 7 March 2022 were confirmed.

There were no matters arising for the above minutes which were not covered elsewhere on the agenda.

The Committee received and considered the work programme.

RESOLVED:-

That the Committee note the work programme.

The Committee received and considered the report from the Head of Internal Audit.

The Head of Internal Audit reported that this report is issued to assist the Authority in discharging its responsibilities in relation to the internal audit activity. The Public Sector Internal Audit Standards also require the Chief Audit Executive to report to the Audit Committee on the performance of internal audit relative to its plan, including any significant risk exposures and control issues. The frequency of reporting and the specific content are for the Authority to determine. 

To comply with the above this report includes:-

• Any significant changes to the approved Audit Plan;
• Progress made in delivering the agreed audits for the year;
• Any significant outcomes arising from those audits; and
• Performance Indicator outcomes to date.

Councillor Wainwright referred to appendix 2 of the report, Contract Monitoring, and questioned whether this area had been thoroughly reviewed. Councillor Wainwright refereed to the issuing of a letter of intent, and not a signed contract, to Pentaco to instruct them to undertake the refurbishment of the Market Place. This project had subsequently exceeded the budget and he wanted to know why this had not been picked up earlier.

The Head of Internal Audit agreed to take this matter away and undertake further investigation and report back to the Committee.

Councillor Wainwright informed the Committee that he was aware that an independent audit had been commissioned but he thought that internal audit should be involved in this process.

The Chairman reported that he wished to see multi-layered contact monitoring checks carried out for all future multi-million pound projects, such as the Wintergardens, to ensure that this did not happen again.

RESOLVED:-

That the Committee note the progress made between 26 February 2022 to 14 July 2022 in relation to the delivery of the revised Annual Internal Audit Plan for 2021/22.

The Committee received and considered the report from the Head of Internal Audit.

The Head of Internal Audit reported on the internal audit activity undertaken during 2021/22 which provides an Annual Opinion concerning the Council’s framework of governance, risk management and control, concludes on the effectiveness of internal audit and provides key information for the Annual Governance Statement. 

The Chairman asked for confirmation that GYN had provided internal audit with all the information they required in a timely manner. The Head of Internal Audit informed the Committee that she had requested vast amounts of information from GYN.

Councillor Wainwright reported that at a recent meeting of the Housing & Neighbourhoods Committee, that our Housing Stock was non-complaint in several areas due to GYN.

RESOLVED:-

That the Committee:-

(i) Receive and consider the contents of the Annual Report and Opinion of the Head of
Internal Audit for 2021/22.

(ii) Note the opinion given in relation to the framework of governance, risk management and controls 
for the year ended 31 March 2022.

(iii) Note that the opinions expressed together with any significant matters arising from the internal audit work and contained within this report should also be given due consideration when developing the Annual Governance Statement for 2021/22; and

(iv) Note the conclusion of the review of the effectiveness of internal audit.

The Committee received and considered the 2020/21 Audit Plan from Ernst & Young LLP.

Sappho Powell gave an overview of the salient areas of the Audit Plan which set out how EY intended to carry out their responsibilities as auditor. Its purpose was to provide the
Audit and Risk Committee with a basis to review the proposed audit approach and scope for the 2020/21 audit in accordance with the requirements of the Local Audit and Accountability Act 2014, the National Audit Office’s 2020 Code of Audit Practice, the Statement of
Responsibilities issued by Public Sector Audit Appointments (PSAA) Ltd, auditing standards and other professional requirements. It is also to ensure that the audit was aligned with the Committee’s service expectations.

This Audit Plan summarised our initial assessment of the key risks driving the development of an effective audit for the Council, and outlined the planned audit strategy in response to those risks. The planning procedures remained ongoing; EY would inform the Audit and Risk Committee if there were any significant changes or revisions once we had completed these procedures and would provide an update to the next meeting of the Committee.

Councillor A Wright asked whether additional staff resources were required to undertake this work. Sappho Powell informed Councillor A Wright that staffing levels had been built into the budget.

RESOLVED:-

That the Committee note the report.

The Committee received and considered the report from the Corporate Risk Officer.

The Corporate Risk Officer reported that the Corporate Risk Register was last reviewed by Executive Leadership Team in June 2022. The risk matrix showed how the risks identified in the Corporate Risk Register were distributed. There were currently 28 risks included on the Corporate Risk Register. The risks considered to be outside the Councils risk appetite had action plans in place to mitigate or reduce the risk. The risks that fell within the risk appetite or were deemed acceptable risks, have action plans in place to reduce the risk further.

Since presenting the Corporate Risk Register to the Audit and Risk Committee in December 2021, five new risks have been added to the register as follows:-

(i)  12B. Capacity and Resilience of the Control Centre
(ii) 17.  BT upgrade network from analogue to digital & Caister exchange upgrade
(iii) 25.  Creation of Local Authority Subsidiary Company for Operational Services
(iv) 26. Failure to reduce the Carbon footprint of the Council as an organisation / Failure to embrace sustainability and mitigate the impact of climate change; and
(v) 28.  Confidential Risk 

Three risks have been removed from the register as they were no longer perceived to be a significant risk to the Council.

The risk rating for one risk had reduced due to the implementation of the action plan and further control measures in place:-

RESOLVED:-

That the Committee review the Corporate Risk Register.

The Committee received and considered the report from the Corporate Risk Officer.

The Corporate Risk Officer informed the Committee that the report provided an annual report of key risk management developments across the Council over the last 12 months for the Committee to review. The Chief Executive Officer had strategic responsibility for risk management, supported by the Management Team who acted as the Council’s strategic risk management group. Heads of Service and Directors directed the risk management process in their service areas.

RESOLVED:-

That the Committee note and approve the Annual Report on the Council's Risk Management arrangements.

The Committee received and considered the report from the Corporate Risk Officer.

The Corporate Risk Officer informed the Committee that from a legal perspective, the Council was required at least once a year to undertake a review of the effectiveness of its system of internal control and include a statement of this review (the Annual Governance Statement) with its published Statement of Accounts. The Code of Practice on Local Authority Accounting, which the Council follows when preparing its Statement of Accounts, expected that authorities should give regard to the CIPFA guidance when preparing their Annual Governance Statement.

RESOLVED:-

That the Committee approve the updated Code of Corporate Governance.

The Committee received and considered the report from the Corporate Risk Officer.

The Corporate Risk Officer reported that the governance arrangements had been effectively operating during the year with the exception of those areas identified in the statement. Over the coming year, steps would be taken to address the issues identified in the report to further enhance the governance arrangements. These steps would address the need for improvements that were identified during the review of effectiveness and would monitor their implementation and operation as part of our next annual review.

Whilst the AGS made an assessment of the governance in place during 2021/22, the Coronavirus pandemic had impacted the financial, operational performance and workforce of the Council at the end of the 2019/2020 financial year, more so in 2020/2021 and during 2021/2022.

Work had been undertaken to ensure that there were robust governance arrangements, risk management and internal control measures in place within the Council. Policies and procedures had been reviewed and implemented throughout the Council to ensure the safety and wellbeing of officers, members and customers during the pandemic and preparation for returning to the office environment. Systems of internal control were required to be reviewed which resulted in revised working practices and processes at the start of the lockdown and the requirement to introduce alternative/additional control measures. Officers had been re-deployed to assist with the delivery of the service offered by the new Community Team and COVID 19 business grant. 

Councillor Wainwright referred to page 218 of the report, Procurement, and requested confirmation as to how Pentaco had been procured to undertake the Market Place refurbishment. He was concerned as contract procurements for large projects, such as the refurbishment of the former Palmers building and the Wintergardens, were imminent and must be carried out robustly. The Corporate Risk Officer informed the Committee that the Contract Management arrangements were being reviewed by the Monitoring Officer and she would go back to her and flag the Committee's concerns.

The Chairman asked if the deadline given as 30 June 2022 in the report had been extended. The Corporate Risk Officer reported that it had been extended with control measures in place. The Head of Internal Audit reported that audit time had been allotted to look at the Council's procurement processes. 

RESOLVED:-

That the Committee consider and approve the 2021/22 Annual Governance Statement.

(i) The Finance Director informed the Committee that with regard to the Work Programme, the deadline for the publishing of the 2021/22 accounts was the end of July 2022. However, the Finance Team was concentrating on getting the 2020/21 accounts finalised, so it was expected that the 2021/22 accounts would not be published until the middle or the end of August 2022 and she wanted to make the Committee aware of this.