The HIWFRA Audit and Governance Committee is scheduled to meet to discuss internal and external audit matters, the annual statement of accounts, fire standards, risk management and the committee's annual report. The meeting will receive updates and provide oversight on financial management and governance within the Hampshire & Isle of Wight Fire and Rescue Service (HIWFRA).

Annual Statement of Accounts

The committee is scheduled to review and approve the unaudited Statement of Accounts for 2024/25. The report pack states that the Accounts and Audit Regulations require the authority to consider the statement of accounts, approve it by resolution, and ensure it is signed and dated by the presiding person. The statement of accounts has been prepared following the code of practice on local authority accounting, and aims to provide information so that the public, members of the authority, partners, stakeholders and other interested parties can:

• understand the overall financial position of the authority and the outturn position for 2024/25
• have confidence that the public money with which the authority has been entrusted has been used and accounted for in an appropriate manner
• be assured that the financial position of the authority is sound and secure.

The report pack notes that EY, the external auditor, presented their audit planning report to the July 2025 Audit and Governance Committee meeting. The intention is to conclude the audit in time for the Audit Results Report to be presented to the December 2025 meeting, and for the audited accounts to be published before the statutory deadline of 27 February 2026.

The report pack also indicates that the committee will be asked to delegate authority to the Chief Financial Officer, Rob Sarfas, to approve any non-material changes to the 2024/25 accounts agreed with the external auditor prior to the issue of the final audit opinion and publication of the audited Statement of Accounts.

Audit Progress Report (EY)

The Audit and Governance Committee is scheduled to receive an update from EY, the external auditor, on the progress of the audit of the Statement of Accounts for 2024/25. According to the report pack, the audit is designed to express an opinion on the 2024/25 financial statements and address current statutory and regulatory requirements. The report will provide an update on the progress made, matters to bring to the committee's attention, and an outline of the process for completing this year's audit.

The report pack notes that EY may use their EY Real Estate team to assist with the review of the authority's land and buildings valuations.

Internal Audit Strategy 2025-28

The committee is scheduled to receive a report providing them with the Internal Audit Strategy 2025–2028. The report pack states that the Global Internal Audit Standards in the UK Public Sector require all internal audit providers to develop and maintain an internal audit strategy, defined as:

a plan of action designed to achieve a long-term or overall objective. The internal audit strategy must include a vision, strategic objectives, and supporting initiatives for the internal audit function. An internal audit strategy helps guide the internal audit function towards the fulfilment of the internal audit mandate.

The report pack states that engagement with the Audit and Governance Committee and senior management has been imperative in developing the internal audit strategy, to ensure the Southern Internal Audit Partnership's strategic objectives align with stakeholder expectations.

The report pack states that the top three objectives that form the basis of the internal audit strategy are: agile auditing, optimisation of standards, and data analytics by default.

Internal Audit Progress Report

The Audit and Governance Committee is scheduled to receive the Internal Audit Progress Report for August 2025. According to the report pack, this report is required by the Global Internal Audit Standards in the UK Public Sector and offers the committee a concise overview of internal audit activity and assurance work completed in accordance with the approved audit plan. The report pack also states that the Southern Internal Audit Partnership have made all necessary adaptions to its processes, procedures and practices to ensure it is best placed to conform with these requirements with effect from 1 April 2025.

The report pack indicates that the Chief Internal Auditor, Penny Knowles, is required to provide a written status report summarising:

• ongoing confirmation or otherwise regarding independence, and impairments
• a summary of significant issues and escalation of matters of importance
• overview and sufficiency of resourcing
• communication of unresolved issues that fall outside of the Authority's risk tolerance
• update on progress and any changes to the annual audit plan
• internal audit performance measures
• status of 'live' internal audit reports and status on the implementation of management actions

The report pack also notes that the Southern Internal Audit Partnership are currently experiencing a higher than average level of attrition resulting in vacancies at auditor, senior auditor and audit manager level.

Internal Audit External Quality Assessment

The committee is scheduled to receive a report providing an overview of the alternative options considered in commissioning an external assessor to undertake the pending independent assessment of the Southern Internal Audit Partnership against the Global Internal Audit Standards in the UK Public Sector.

The report pack states that the standards require the Chief Internal Auditor to develop, implement and maintain a quality assurance and improvement programme that covers all aspects of the internal audit function, including external and internal assessments. The external audit assessment must be performed at least once every five years by a qualified, independent assessor or assessment team.

The report pack notes that there are two approaches to meeting the requirement of an External Quality Assessments: a full-scope external quality assessment, and a self-assessment with independent validation.

The report pack states that it is proposed that the Southern Internal Audit Partnership conduct their external assessment as a Self-Assessment with Independent Validation (SAIV).

Internal Audit Management Actions Report

The Audit and Governance Committee is scheduled to receive a report providing the latest update on the medium and high internal audit management actions that have not been completed within the agreed target date and are now overdue. The report pack states that the Audit and Governance Committee has a key scrutiny role in monitoring the implementation of internal audit management actions.

The report pack notes that internal audit is provided by the Southern Internal Audit Partnership and is one of various assurance mechanisms that the service utilises as part of their wider assurance programme.

The report pack states that the Hampshire and Isle of Wight Fire and Rescue Service (HIWFRS) Planning, Change and Assurance Team maintains mechanisms to monitor management actions that are as a result of finalised internal audits. Heads of Service are responsible for the delivery of management actions that fall within their areas of responsibility.

Fire Standards Progress Report

The committee is scheduled to receive a report providing an assurance update on the service's progress in adopting, complying with and embedding Fire Standards within the service.

The report pack states that Fire Standards are an important mechanism that set out how fire and rescue services should operate, covering the whole spectrum of the activities of the service and providing assurance, evidence, and an understanding of areas where the service is performing well, and areas where they can learn and improve.

The report pack notes that there are currently 19 published Fire Standards, and each Fire Standard has a number of desired outcomes for which an analysis is carried out to determine the overall assurance rating for the whole Fire Standard. The ratings that can be given to a Fire Standard are: substantial, reasonable, and limited.

Audit and Governance Committee - Annual Report: Content and Timeline

The committee is scheduled to receive a report setting out the content and timeline for the Audit and Governance Committee Chairman's Annual Report. The report pack states that the production of an annual report aligns with the Chartered Institute of Public Finance and Accountancy (CIPFA) Position Statement on Audit Committees, representing recognised best practice for local government bodies.

The report pack notes that the annual report will include: a summary, recommendation, background, information about the committee, activities and key areas of focus, training and development, effectiveness, and forward look and priorities.

The report pack also sets out a proposed timeline for the annual report, with officers supporting ongoing evidence gathering and impact tracking throughout the year, a mid-year review in December, an end-of-year review in April, presentation to the Audit and Governance Committee in July, and presentation to the Full Authority in October.

Organisational Risk Register

The committee is scheduled to receive a report providing an update on the status of the Organisational Risk register in line with the Authority's Corporate Governance Policy and the Service's Risk Management Procedure.

The report pack states that the Organisational Risk Register forms part of the service's approach to managing risk, enabling effective management of the service's strategic risks that may affect the service's ability to meet the Fire Authority's objectives within the Safety Plan 2025-2030.

The report pack notes that the Executive Group is responsible for risk management across the service, ensuring the practice of effective risk management is fully embedded through the organisation, routinely scrutinising the Organisational Risk register, identifying potential opportunities for service improvement, and collectively deciding what risks are logged on the Organisational Risk register.

The report pack indicates that there are currently five organisational risks recorded: cyber attack, inability to crew the on-call duty system, impact on the service as a result of service employee or past employee suffering ill health effects due to fire contaminants, balanced budget not achieved for 2026/2027, and death of an employee at work in the course of their duties.

Other items

The agenda includes items relating to:

• Apologies for absence
• Declarations of interest
• Minutes of the previous meeting
• Deputations
• Chairman's announcements