Agenda and minutes

Apologies for absence had been received from Councillors Reynolds and Cattanach.

A copy of the Register of Interest for each Selby District Councillor is available for inspection at www.selby.gov.uk.

Councillors should declare to the meeting any disclosable pecuniary interest in any item of business on this agenda which is not already entered in their Register of Interests.

Councillors should leave the meeting and take no part in the consideration, discussion or vote on any matter in which they have a disclosable pecuniary interest.

Councillors should also declare any other interests. Having made the declaration, provided the other interest is not a disclosable pecuniary interest, the Councillor may stay in the meeting, speak and vote on that item of business.

If in doubt, Councillors are advised to seek advice from the Monitoring Officer.

There were no disclosures of interest.

To confirm as a correct record the minutes of the Audit and Governance Committee held on 18 April 2018.

The Committee considered the minutes of the Audit and Governance Committee meeting held on 18 April 2018.

RESOLVED:

To approve the minutes of the Audit and Governance Committee meeting held on 18 April 2018.

The Chair informed the Committee that Councillor Mike Jordan had resigned from the Audit and Governance Committee and thanked him for his contribution, and wished him well for the future. 

The Chair welcomed Councillor Cattanach who had been appointed to the Audit and Governance Committee.

The Chair introduced Peter Williams, Head of Finance, Selby and explained that he was present to observe the meeting, but was available to answer questions if required.

The Chair indicated that he would be amending the order of business to allow item number 11, Consideration of Internal Audit Reports – (PCI DSS) to be considered first as item number 8; the rest of the business would follow as set out in the agenda.

To confirm the start time of meetings for the 2018/19 municipal year.

It was proposed and seconded that the start time of the Audit and Governance Committee meetings for the 2018/19 municipal year be 5.00 pm.

RESOLVED:

To approve the start time of the Audit and Governance Committee as 5.00 pm for the 2018/19 municipal year.

To review the Audit Action Log.

The Committee reviewed the Audit Action Log.  The Democratic Services Officer provided updates on the remaining actions, which were noted by the Committee.

RESOLVED:

To note the Audit Action Log.

To note the current Work Programme and consider any amendments.

The Committee considered the current Audit and Governance Work Programme. There were no comments or amendments.

RESOLVED:

To note the Work Programme.

To consider the Internal Audit report which relates to PCI DSS.

The Audit Manager from the Council’s internal auditors Veritau presented the report, which advised that an audit had been completed on 12 July 2018 and the overall opinion was that the controls within the system only provided “Limited Assurance”.  As such, the findings had been brought to the Committee for presentation and discussion.

The Audit Manager confirmed that the arrangements for managing the risk required improvement before an effective control environment would be in operation.

The Audit Manager explained that an actions proposal to improve the situation would be developed accordingly and presented to the Leadership Team.

The Committee was satisfied that appropriate action was being taken.

RESOLUTION:

                                    To note the report.

To receive the report of the Audit Manager, Veritau, which provides a summary of risk management activity in 2017/18 and proposed risk management actions for 2018/19.

The Committee received the report from Veritau, which summarised the risk management activity during the year 2017/18, whilst also showing planned work for the current 2018/19 municipal year, including the Corporate Risk Register which would be covered at the next agenda item.

RESOLVED:

                                    To note the report.

To receive the report of the Audit Manager, Veritau, which updates Councillors on the Corporate Risk Register and asks Councillors to endorse the actions of officers in furthering the progress of risk management

The Committee received the report, presented by the Chief Finance Officer, who highlighted that the Corporate Risk Register had been refreshed following a risk workshop with the Extended Leadership Team.  It was explained to Members that following the refresh, the Risk Register contained more information on how, once identified, risks would be mitigated, managed and monitored.

At this point Councillor Sage joined the meeting.

In response to queries from the Chair in relation to Brexit, the Chief Finance Officer advised that due to the current uncertainty surrounding the Brexit process it was not possible to assess in detail and plan appropriate actions to mitigate. However, the Committee was assured that developments were being monitored along with any legislative changes.

Members of the Committee highlighted how much clearer the Corporate Risk Register was and that they found the scoring easier to understand.

RESOLVED:

To endorse the actions of officers in furthering the progress of risk management.

 At this point in the meeting Councillor Jordan entered the room.

To receive the report of the Head of Internal Audit, which presents the Annual Report for 2017/18.

The Committee received the report, presented by the Audit Manager from Veritau.

The Audit Manager confirmed that the overall opinion of the Head of Internal Audit on the governance, risk management and control framework operated by the Council was that it provided Reasonable Assurance, although there were weaknesses in the areas of payroll, creditors and PCI DSS.

The Audit Manager highlighted that some excellent responses had come out of the annual customer satisfaction survey, and that Veritau conformed with the Public Sector Internal Audit Standards (PSIAS).

Members noted the section of the report relating to the Council’s counter fraud activity in 2017/18, which highlighted that 41 investigations had been completed to date, and actual savings of £22,194 had been achieved.

The Committee were informed that the National Fraud Initiative was running a pilot exercise looking at business rates fraud.  Following a successful bid, Selby District Council were one of seven authorities chosen to take part in the initiative.  It was noted that the results from the pilot were expected in September 2018.

In response to a query from Members regarding information security, the Solicitor to the Council assured the Committee that the Council building was secure and that all computers were encrypted. The audit findings had outlined that some cupboards had been left unlocked; in order to mitigate this risk the Council had invested in key safes and installed them across the building.

RESOLVED:

                        To note the report.

To receive the report of the external auditor, which asks the Committee to consider the work of the external auditor during the financial year ending 31 March 2018.

The Chair drew Members’ attention to the supplementary information that had been circulated for this item.

The Council’s external auditor Mazars LLP presented the report and explained that it set out a summary of the external audit progress for 2017/18 and praised the excellent work of officers for their assistance with the audit.  Members noted that the supplementary information had been provided to the Committee as some items had still been in progress at the date the report had been published.

Officers explained the specific testing carried out for the audit and confirmed that no significant issues had arisen.  It was highlighted that the financial statements had been received ahead of the deadline which was a great achievement. The Committee was informed that there were no significant issues arising from the audit, although internal control recommendations had been made and actions agreed with officers.  It was confirmed that the Council would be issued with a value for money conclusion for the 2017/18 financial year.  The Committee noted that within the report before Members there was a draft management representation letter that the external auditor would receive later in the meeting.

The Chair thanked the manager from Mazars for his work on the Committee and wished him well for the future, as this was his final Audit and Governance meeting.

Members asked a number of questions on the report in relation to the HRA budget underspend and the increased business rates from Drax Power Station.  The Chief Finance Officer confirmed that any HRA surpluses went into the HRA reserves, to support the ongoing maintenance of homes. In respect of the increased business rates, it was confirmed that funds received had been allocated to Programme for Growth, alongside an action plan that supported this however it was noted that the increased business rates were not guaranteed to continue.

RESOLVED:

                                    To consider the report.

To receive the report of the Chief Finance Officer, which asks the Committee to approve the Annual Governance Statement as included in the Statement of Accounts.

The Committee received the Annual Governance Statement presented by the Chief Finance Officer, who explained that the report provided an assessment of the current governance environment.  Members acknowledged that there had been no new additions to the action plan which was being monitored by the Leadership Team.

RESOLVED:

                                    To approve the Annual Governance Statement.

To receive the report of the Head of Technical Finance, which asks the Committee to approve the Statement of Accounts for the financial year 2017/18.

The Committee received the Statement of Accounts, presented by the Chief Finance Officer.  The Committee were pleased to note that it had been a very positive year; Members were referred to Appendix B of the report which sets out a narrative of key movements in the 2017/18 municipal year.

Members queried the reason for the fall in domestic rates income in this period; the Chief Finance Officer explained that closure of  Eggborough Power Station had impacted on the reduction.  It was confirmed that the Council collected the income on behalf of the government.  The Committee were informed that the Council was able to keep £2 million of the total amount collected through the rates retention system, with the rest being distributed between central government, North Yorkshire County Council and the Fire Authority.

The Committee approved the Statement of Accounts.

RESOLVED:

                                    To approve the Statement of Accounts.

The meeting was paused at 5.50 pm to allow the Chair of the Audit and Governance Committee and the Chief Finance Officer to sign off the Statement of Accounts.

The meeting re-commenced at 5.53 pm

To review an update in relation to the Council’s data protection policies and information asset register following the enforcement of the General Data Protection Regulation (GDPR).

The Solicitor to the Council presented the report which provided an update on progress made on the Council’s data protection policies and information asset register, as requested by the Committee at the last meeting of Audit and Governance in April 2018.

The Solicitor to the Council confirmed that when the GDPR legislation came into force on 25 May 2018, a working group had been set up.  It was noted that the key work on policies and procedures and updating the Information Asset Register had been completed and the Council website was up to date. It was highlighted that at the time of the April 2018 meeting of the Committee progress on implementation had stood at 29% whilst current progress was at 82%. 

Members noted that at present the Information Governance Officer was rotating around Council teams considered at high risk, where large amounts of information were held, in order to better understand how and where data was processed and to provide assistance. 

The Committee was assured that after full compliance was achieved, it would continue to be monitored and maintained to ensure that the Council remained compliant.

Members of the Committee approved of this approach.

The Solicitor to the Council indicated that further updates would be included in the Information Governance Annual Report in January 2019.

In response to a query on the costs involved the Solicitor to the Council assured the Committee that new systems had not been required, and that the only costs incurred had been in terms of officer hours to implement the changes. 

RESOLVED:

                                    To note the report.