Limited support for Guildford

We do not currently provide detailed weekly summaries for Guildford Council. Running the service is expensive, and we need to cover our costs.

You can still subscribe!

If you're a professional subscriber and need support for this council, get in touch with us at community@opencouncil.network and we can enable it for you.

If you're a resident, subscribe below and we'll start sending you updates when they're available. We're enabling councils rapidly across the UK in order of demand, so the more people who subscribe to your council, the sooner we'll be able to support it.

If you represent this council and would like to have it supported, please contact us at community@opencouncil.network.

Audit and Risk Committee - Wednesday, 17th September, 2025 7.00 pm

September 17, 2025 View on council website Watch video of meeting

Chat with this meeting

Subscribe to our professional plan to ask questions about this meeting.

“Why was local government reorganisation's risk likelihood increased?”

Subscribe to chat
AI Generated

Summary

The Guildford Council Audit and Risk Committee convened to discuss internal and external audit assessments, risk management, and covert surveillance policies, among other items. The committee approved the Internal Audit Charter 2025-26 and the Internal Audit Risk-Based Plan 2025-26, and noted the updated corporate risk registers. Members also reviewed and discussed the annual update on whistleblowing, requesting further information on outstanding cases.

Here's a more detailed breakdown of the key topics discussed:

Risk Management and Corporate Risk Registers

The committee reviewed the updated corporate risk registers for the first quarter of 2025/26, which included both strategic and operational risks. Luke Harvey, the Joint Assistant Director for Strategy and Corporate Services, presented the report.

Strategic risks are those that could impact the council's medium to long-term priorities, while operational risks are encountered in the delivery of services. Red-rated operational risks are reported to both the Audit and Risk Committee and the Executive.

Several substantive changes were made to the strategic risk register since the last update:

  • Financial Sustainability (SR1): Mitigations were updated to include information on the level of reserves, final accounts, and the Independent Assurance Panel. The committee heard that the levels of reserves had been increased through a number of changes, including a reduction in the capital programme and a VAT claim during 2023/24.
  • Local Government Reorganisation (SR2): The likelihood score was increased from Unlikely to Possible to reflect the implications of the Weyside Urban Village project and the financial uncertainties of local government reorganisation. Mitigations and actions were also updated.
  • Scale and Pace of Change (SR3): Mitigations and actions were updated.
  • Fraud (SR10): Mitigations and actions were updated and rescored.
  • New Risks: Two new risks were added: Safeguarding (SR12) and Contract Management (SR13).

Internal Audit Strategy 2025-28

The committee reviewed the Internal Audit Strategy 2025-28, as presented by Neil Pitman, Head of Southern Internal Audit Partnership. The strategy includes a vision, strategic objectives, and supporting initiatives for the internal audit function. The top three objectives, based on feedback from a survey of audit committee members and senior officers, are:

  1. Agile Auditing: Innovate to explore a more agile approach to the audit process, building efficiencies and producing more timely feedback to the organisation.
  2. Optimisation of Standards: Embrace and prioritise conformance and embedding of the Global Internal Audit Standards in the UK Public Sector and maximising their potential to benefit the organisation and the internal audit function.
  3. Data Analytics by Default: Further engage with the organisation to enhance and optimise the full potential of data analytics in the internal audit process.

Internal Audit Progress Report July 2025

The committee received the Internal Audit Progress Report July 2025, which provided an overview of internal audit activity and assurance work completed in accordance with the approved audit plan. The report highlighted resourcing issues within the Southern Internal Audit Partnership due to a higher than average level of attrition. Despite this, contingency arrangements are in place to mitigate the impact on service delivery.

Internal Audit External Quality Assessment

The committee discussed arrangements for the pending external assessment of the Southern Internal Audit Partnership against the Global Internal Audit Standards in the UK Public Sector. The assessment, which is required at least once every five years, will be conducted as a self-assessment with independent validation (SAIV). The key drivers for the SAIV approach include that it is a recognised approach within the standards, it requires external validation from an independent, qualified external assessor, it provides a more economical approach, and it minimises capacity implications for partners.

Regulation of Investigatory Powers: Update and Review of Covert Surveillance Policy

The committee received an annual report on the council's use of covert surveillance operations, as regulated by the Regulation of Investigatory Powers Act 2000 (RIPA)1. Since the last report, there have been no new applications for covert surveillance activities. Training for Authorising Officers took place in September 2024, with further training planned for October 2025.

Update on Whistleblowing

The committee received an update on outstanding whistleblowing cases, as requested at its previous meeting. Further information was provided in an exempt appendix to the report. The committee noted the contents of the appendix and may suggest additional improvements to be made.

  1. The Regulation of Investigatory Powers Act 2000 (RIPA) regulates the use of covert surveillance and investigatory powers by public bodies in the United Kingdom. It aims to balance the need for these powers to combat crime and protect national security with the need to protect individuals' privacy and human rights. 

Attendees

Profile image for CouncillorPhil Bellamy
Councillor Phil Bellamy  Liberal Democrats •  Ash Wharf
Profile image for CouncillorSallie Barker MBE
Councillor Sallie Barker MBE  Conservative •  Pilgrims
Profile image for CouncillorJoss Bigmore
Councillor Joss Bigmore  Residents for Guildford and Villages •  Merrow
Profile image for CouncillorStephen Hives
Councillor Stephen Hives  Liberal Democrats •  Stoke
Profile image for CouncillorVanessa King
Councillor Vanessa King  Liberal Democrats •  Stoke
Profile image for CouncillorThe Mayor, Howard Smith
Councillor The Mayor, Howard Smith  The Mayor 2025-26 •  Labour •  Westborough
Simon Schofield
Tim Wolfenden
John Armstrong

Topics

No topics have been identified for this meeting yet.

Meeting Documents

Agenda

Agenda frontsheet 17th-Sep-2025 19.00 Audit and Risk Committee.pdf
Supplementary Agenda Pack Agenda Items 11 and 13 17th-Sep-2025 19.00 Audit and Risk Committee.pdf

Reports Pack

Public reports pack 17th-Sep-2025 19.00 Audit and Risk Committee.pdf

Minutes

Item 03 - Draft Minutes - 11 June 2025.pdf

Additional Documents

Item 07 - Internal Audit Strategy 2025-28.pdf
Item 06 1 - Internal Audit External Quality Assessment - App 1 - QAIP.pdf
Item 06 - Internal Audit External Quality Assessment.pdf
Item 07 2 - Internal Audit Strategy 2025-28 - App 2 - Feedback.pdf
Item 08 1 - Internal Audit Progress Report - App 1.pdf
Item 09 1 - Risk Management - App 1 - Strategic Risk Register Q1.pdf
Item 08 - Internal Audit Progress Report July 2025.pdf
Item 09 - Risk Management.pdf
Appendix 1 - Covert_Surveillance_and_Investigative_Powers_Policy_and_Procedure_Updated_2024.pdf
Item 09 2 - Risk Management - App 2 - Operational Risk Register Q1.pdf
Item 10 - GBC RIPA Update.pdf
Item 07 1 - Internal Audit Strategy 2025-28 - App 1.pdf
Item 11 - Whistleblowing Update Report.pdf