Rutland Council - Audit and Risk Committee

This meeting of the Audit and Risk Committee saw the consideration of a range of reports that covered topics including internal audit, financial management, the statement of accounts, value for money, and risk management.

The committee were also asked to note the minutes from the previous meeting of the committee on 24 September 2024 ¹.

Development of the 2025/26 Internal Audit Plan

The committee was asked to note and endorse the proposed approach to developing the 2025/26 Internal Audit Plan.

The committee was asked to highlight to Rachel Ashley-Caunt, Chief Internal Auditor, any risk areas it wanted to be considered for inclusion in the plan by 1 February 2025 ².

a) Reviewing the Council’s Risk Register and Corporate Plan;

b) Analysing coverage of Internal Audit reviews over the last four years and the assurance opinions provided following each review, to identify any assurance gaps or areas where follow up work would be of value;

c) Identifying any other sources of assurance for each of the Council’s key risks, which may reduce the added value of an Internal Audit review and where work could be aligned with other assurance providers;

d) Identifying any areas of the Audit Universe (a list of potential areas for audit review across the Council) which have not been subject to Internal Audit review during the last four years;

e) Consultation with the Audit and Risk Committee to discuss the planning process and areas where Members require assurances from Internal Audit during 2025/26, in the form of this report; and

f) Meetings with senior management to discuss key risks and emerging risk areas for the year ahead and any areas where Internal Audit support would be beneficial either in an assurance or consultancy role.

Internal Audit Update

The committee was asked to note the Internal Audit progress update report ³.

The committee was also asked to approve proposed amendments to the 2024/25 Internal Audit Plan. These included removing the audit of the Ofsted action plan, postponing the audit of the council's flood authority statutory duties to 2025/26 and replacing these with an audit of the council’s engagement with the Building Control Partnership, and an advisory review of Equalities, Diversity and Inclusion.

Annual Report of the Audit and Risk Committee

The committee was asked to recommend to full council that it note the Annual Report of the Audit and Risk Committee.

Financial Management

The committee was asked to note the findings and recommendations of a review of financial management commissioned by the council to support its wider transformation agenda ⁴.

Statement of Accounts 2023-24

The committee was asked to consider and approve the Statement of Accounts for 2023/24, taking into account the findings of the external audit as set out in the Audit Findings Report ⁵ provided by Grant Thornton.

“the Council should consider how to include an additional layer of control within the journal process to evidence that the relevant manager has appropriately reviewed the supporting documentation for the journal and has approved it accordingly.”

The report pack also asked the committee to consider and approve the Management Representation Letter.

Value for Money Report 2023-24

The committee was asked to consider the draft Auditor’s Annual Report for 2023/24 ⁶. The committee was also asked to consider the auditor's assessment against the Value for Money criteria, any recommendations the auditor had made, and the management response to these.

“Continue to review its current financial position, identify and implement actions that reduce its reliance on reserves to balance the budget in the medium term.”

Risk Management Policy - Proposed Revisions

The committee was asked to consider the updated Risk Management Policy, which is to be put to Cabinet for approval on the same day as the meeting ⁷.

• The Strategic Director for Law and Governance becomes the CLT member designated the guardian of the Policy and the champion of the risk management process, replacing the Strategic Director for Resources

• Terminology is updated to amend “Strategic Management Team” and “SMT” to “Corporate Leadership Team” and “CLT”

• A new term - “Corporate Risks”- is introduced to describe those risks which relate to the achievement of the long-term purpose, priorities and plans of the Council; impact more than one directorate or which require a response to be co-ordinate across multiple directorates; as well as Directorate risks which, if they materialised, would have the potential to impact significantly on service delivery and the reputation of the Council.

• The risk register has been redesigned to automate the links between directorate and project registers and the Corporate Risk Register

• The risk assessment criteria have been amended to replace a fixed timescale measure linked to a corresponding probability measure, with an urgency measure

Information Governance

The committee was asked to note the Information Governance Annual Report 2023/24, which provides a summary of information governance activity during the year. The report identifies a number of areas for improvement, including that the council should:

“Continue to work towards improving its response to Subject Access Requests (SARs). To continue to monitor the new approach to managing SAR’s and report back to committee on improvements made.”

The report notes that 17 data breaches were reported during the year, none of which were reported to the Information Commissioner’s Office (ICO).

These minutes describe an update that was provided verbally to the committee on the council's Strategic Risk Register by Kirsty Nutton, Strategic Director for Resources on behalf of Angela Wakefield, Monitoring Officer and Strategic Director for Law and Governance. The minutes also describe the approval of the Statement of Accounts 2023/24. You can find the minutes on the Rutland County Council Website. ↩
In her report, Ms Ashley-Caunt sets out how she proposes to identify and prioritise areas for inclusion in the 2025/26 Internal Audit Plan. She writes that she will: ↩
This progress report summarises how the Internal Audit function is performing, and how well management are implementing previously made recommendations. It highlights that at the time of reporting, work was underway or complete on 50% of planned assignments, and that 25% was complete to at least draft report stage. It also notes that 18 actions arising from previous audits remain overdue for completion, one of which is rated high priority, and overdue by more than 3 months. ↩
This review was conducted by C.Co, a trading arm of the Chartered Institute of Public Finance and Accountancy (CIPFA), and was informed by a series of workshops with budget managers and members of the finance team at the council. The report identified a number of areas for improvement, and included recommendations relating to implementation approaches, roles and responsibilities, training and development, and system improvements. ↩
The audit findings report notes that the council was one of only 128 councils in England to publish its draft Statement of Accounts by the statutory deadline, and that Grant Thornton were confident that the accounts would be signed off by December. However, the report does identify one recommendation, concerning the way in which journals are approved. Grant Thornton write that: ↩
This report concluded that the council has proper arrangements in place to secure economy, efficiency and effectiveness in its use of resources. It made 2 recommendations, the first of which was that the council should: ↩
The proposed revised Risk Management Policy replaces the current policy, which was approved in April 2022. It proposes a number of changes, including that: ↩

Subscribe to updates

Audit and Risk Committee - Tuesday, 10th December, 2024 7.00 pm

Summary