The Audit Committee of Devon County Council met on Monday, 23 February 2026, to discuss a range of financial and governance matters. Key topics included the progress of external audits for the council and the Devon Pension Fund, the internal audit plan and charter for the upcoming year, and the council's reserves strategy. The committee also reviewed the council's risk management framework and an update on its development of a strategic performance framework.

Devon County Council and Devon Pension Fund Audit Progress Report and Sector Update

The committee was scheduled to receive an update from Grant Thornton, the external auditors, on their progress with the audits of Devon County Council and the Devon Pension Fund. The report indicated that detailed audit planning and interim testing for Devon County Council were scheduled to commence in March 2026, with draft audit plans expected by the end of the month. Significant audit risk areas identified included management override of controls, valuation of land and buildings, and the valuation of the net defined benefit liability. For the Pension Fund, significant risks included management override of controls and the valuation of Level 3 investments. The report also highlighted the council's implementation of a new Unit4 ERP financial system as an area of focus for IT auditors.

The auditors also planned to review financial sustainability, including actions to manage demand and costs in Adults' and Children's Services, and efforts to reduce the Dedicated Schools Grant (DSG) deficit. Governance arrangements and progress in strengthening the control environment within Children's Services, including Special Educational Needs and Disabilities (SEND), were also to be assessed.

The report also provided sector updates on national developments such as reforms following the local audit backlog backstop, the Fair Funding Review, pressures relating to SEND, preventative spending guidance, and evolving expectations around business cases for net zero.

Internal Audit Draft Plan 2026/27

The committee was set to review the draft Internal Audit Plan for 2026/27, prepared by the Head of Devon Assurance Partnership. The plan, developed through a detailed process, aims to ensure conformance with the Global Internal Audit Standards (GIAS) as required by the Accounts and Audit Regulations. The plan was compiled with input from Directorate Leadership Teams and uses a risk-based approach aligned with Devon County Council's strategic and operational priorities. It also considers insights from prior work, emerging risks, and regulatory requirements, and is designed to remain flexible and adaptable to changes in risk or context.

The proposed plan covers a wide range of areas, including Integrated Adult Social Care, Children & Young People's Futures, Climate Change, Environment & Transport, Public Health & Communities, and Corporate Governance. Specific audit areas within these categories include SEND, the SEND Transformation Plan, Highways Maintenance, Public Health initiatives, and Cyber Security.

Internal Audit Charter and Strategy 2026/27

The committee was scheduled to review and consider the Internal Audit Charter and Strategy for 2026/27. This document formally defines the purpose, authority, and responsibility of the internal audit activity, consistent with the Definition of Internal Auditing, the Code of Ethics, and the Standards. The charter also addresses public sector requirements, including defining 'board' and 'senior management', arrangements for resourcing, the role of internal audit in fraud-related work, and avoiding conflicts of interest. The Devon Assurance Partnership (DAP) commits to adhering to the mandatory elements of The Institute of Internal Auditors' International Professional Practices Framework, including the Global Internal Audit Standards and Topical Requirements. The Chief Audit Executive (Head of DAP) is responsible for reporting conformance to the Audit Committee.

Internal Audit Update Report for 2025/26

This report was intended to provide an update on the performance of the Devon Assurance Partnership (DAP) during the 2025/26 financial year and summarise the outcomes of their work. The key objective of Internal Audit is to provide assurance to Members, the Leadership Group, and the Director of Finance (as the Council's section 151 responsible officer ) on the adequacy and security of the County Council's internal control systems. The report indicated an overall opinion of Reasonable Assurance on the adequacy and effectiveness of the internal control framework, with an exception of Limited Assurance for Children's and Young Peoples Futures due to a higher number of limited reviews in that service area. The report also highlighted the ongoing engagement with the Risk Management team to ensure reviews are focused on the right areas and to increase resilience.

2026/27 Devon County Council County Fund Balance and Earmarked Reserves Strategy

The committee was to consider the County Fund Balance and Earmarked Reserves Strategy for 2026/27, which forms part of the 2026/27 Budget Book. The strategy aims to manage financial risk and ensure long-term sustainability by outlining planned annual contributions to reserves. This approach aligns with an improvement recommendation made by the external auditors in their 2024/25 Value for Money report. The strategy details how the Authority will increase and manage reserves prudently, including limiting their use and making greater use of Flexible Use of Capital Receipts where appropriate. The report projected that the Authority's reserves and balances would increase over the medium term, contributing to improved financial resilience. Specific reserves discussed included the Budget Management Reserve, Business Rates Risk Management Reserve, Climate Change Emergency Reserve, Emergency Reserve, Resilience Reserve, and Service Transformation Reserve.

Risk Management Strategy and Policy

The committee was scheduled to review the updated Risk Management Policy and Strategy for 2026-2030. This document outlines the council's approach to identifying, assessing, managing, and controlling risks and opportunities. It details the risk management process, including risk identification and assessment using methodologies like the Risk Bow-Tie method, risk treatment, monitoring, and reporting. The policy also defines the council's risk appetite, categorised into Averse, Minimalist, Cautious, Open, and Eager, with specific statements for different risk categories such as Cyber Security, Safeguarding, Financial Sustainability, and Local Economy. The document also covers project risk management, continuous improvement, and the integration of audit, risk, and counter fraud functions.

Risk Management Update

This report was intended to provide an update on the council's current risk position, highlighting notable changes and areas of high risk. It was to summarise the existing risk position through visual reporting using the Power BI platform and detail updates to the risk management process. The report indicated that the council had 111 recorded risks, with three assessed as 'Very High' and 37 as 'High'. Specific 'Very High' risks included the failure to deliver responsibilities regarding Special Educational Needs and Disabilities (SEND), the risk of cyber security impacting digital data and operational resilience, and risks to the health, safety, and wellbeing of the council's people. The report also noted the introduction of new risks related to cyber attacks on DCC partners and Local Government Reorganisation.

Update on the Development of a Strategic Performance Framework

The committee was to receive an update on the development of the council's new Strategic Performance Framework and its associated Strategic Scorecard, designed to monitor progress against the Strategic Plan 2025-29. The framework is built on three layers: indicative performance measures aligned to the Strategic Plan's commitments, supporting measures providing further insight, and dated milestones for statements of intent. The approach focuses on understanding data (Inwards ), benchmarking performance (Outwards ), and anticipating future trends (Forwards ), underpinned by high-quality, combined data. The report outlined the phased implementation of the framework, with quarterly reporting to Cabinet planned, culminating in a comprehensive report incorporating all three layers by September 2026.

Exemptions from Tender Overview (Direct Contract Awards) April to December 2025

This report provided an overview of exemptions from tender granted for direct contract awards between April and December 2025. The committee was asked to agree to accommodate a standing item on each agenda for regular reporting of these exemptions on a three-month rolling cycle. The report detailed the number and value of exemptions granted per directorate, noting that financial values were tracking higher than usual due to a small number of high-value projects, particularly in Climate Change, Environment and Transport. The report also provided a synopsis of each exemption, its rationale, and a trend analysis compared to previous years.

Audit Committee Self Assessment Summary Report

The committee was scheduled to review the summary report of its self-assessment against the Chartered Institute of Public Finance and Accountancy (CIPFA) Audit Committee Guidance and Position Statement 2022. The assessment identified areas of alignment with CIPFA principles, with a Reasonable rating across Audit Committee Purpose and Governance, Functions of the Committee, Membership and Support, and Effectiveness of the Committee. The report highlighted areas for enhancement, including the production of an annual report, development of a training programme, regular training needs assessments, performance and feedback measures, and an improvement plan. Specific recommendations included meeting privately with auditors and updating the Terms of Reference.

Cabinet Response to Audit Committee Task Group Recommendations

This report presented the Cabinet's formal response to the recommendations made by the Audit Committee Task Group following its review of the Future Delivery Model for Highways Maintenance. Cabinet agreed with all four recommendations, which focused on improving transparency and consistency in council decision-making processes. These included actively considering and responding to Scrutiny Committee recommendations, continuing regular information sessions for councillors on highways matters, developing a clear protocol for voting procedures, and considering the provision of electronic voting equipment.

Audit Committee Annual Report - Process for Completion

The committee was asked to note the process for preparing its Annual Report, which summarises its work, key assurances received, and how it has discharged its responsibilities. The report highlighted that producing an annual report is recognised as best practice by CIPFA, strengthening accountability and evidencing compliance with good governance. Due to timing constraints with the Council's Annual General Meeting, it was proposed to delegate authority to the Chair and Vice Chair, in consultation with the Director of Legal and Democratic Services, to approve the final version of the report.

Matters or Information Circulated to Members

For awareness and consideration, the committee was provided with the response of Councillor Denise Bickley, Cabinet Member for Children's Services SEND, regarding national responsibilities and funding arrangements for health provision in Education, Health and Care Plans (EHCPs). Additionally, the response from Councillor Helen Brown, Chair of the Corporate Infrastructure and Regulatory Services Scrutiny Committee, regarding the Future Delivery Model for Highways Maintenance Service was circulated.