Agenda item

To note progress on delivery of internal audit, counter fraud and information governance work and the plans for work to be completed in 2021-22.

The Audit Manager, Veritau presented the quarterly report which provided the Committee with an update on the delivery of the internal audit work plan for 2021-22, along with an update on the counter fraud and information governance work undertaken to date in 2021-22.

The Committee were informed that nine 2021-22 audits were in progress.  It was highlighted that at the onset of the pandemic, it had been agreed with the Leadership Team to concentrate resources on following up higher priority actions and normal activity had been suspended.  Members noted that normal follow up activity had now been resumed therefore actions that remained outstanding would be escalated as appropriate.

The Audit Manager, Veritau provided an update on the Limited Assurance report which had been brought to Committee in September 2021, in relation to non-compliance with the Payment Card Industry Data Security Standard (PCI DSS), it was noted that the new income management system procured from Civica to enable PCI DSS compliance had gone “live” today and therefore the issue had been resolved.  In terms of Performance Management, this action was still ongoing, but should be completed by the next Committee in April 2022.

In relation to Information Technology (IT) and the considerable effort to ensure that officers had the correct technology resources, were trained to work from home, and facilitate and attend remote meetings, Members queried if Veritau had undertaken checks in this area of work.  It was confirmed that audit work was due to commence on IT, to look at the effective management of those assets, and once the audit had been completed the summary and findings would be brought to Committee in April 2022.

The Counter Fraud Manager, Veritau presented the section of the report related to the Council’s counter fraud activity 2021-22.

The Committee heard that there had been an increase in both regional and national attempts by organised criminals operating from overseas to divert genuine payments made to Council suppliers.  To combat this the counter fraud team were reviewing the Council’s processes for verifying changes to supplier’s details, to ensure the process was robust enough to counter the latest threats posed by fraudsters.

Members noted that the Revenue and Benefits team had benefitted from

fraud awareness training sessions: in addition, two campaigns had been undertaken to raise awareness of fraud with officers and members of the public, to inform them of how to report fraud if they suspected it was taking place.

The Committee were informed that in December 2021 the Chancellor had announced an additional support scheme for the hospitality and leisure sector, the counter fraud team had supported officers with pre and post payment assurance work and investigated potential suspected frauds highlighted when officers verified the applications.

In terms of housing fraud, Members noted that investigative work had supported the recovery of a council property which would be made available to a prospective tenant on the housing waiting list.

The Information Governance Manager, Veritau drew the Committee’s attention to Annex 3 of the report which provided an update onInformation Governance matters, to include the General Data Protection Regulation (GDPR) action plan. 

Members were informed that to date, 24 privacy notices had been reviewed, the relevant changes applied and once finalised would be published; and the amended Information Governance Policies had been approved and published onto the Council website.

In terms of officer training, dates were in the process of being identified to provide online training sessions on subjects to include Records Management, Data Protection Rights and Principles and a new session around Data Protection Impact Assessments.  A virtual law enforcement training course was now available for selected officers and had been specifically designed to meet the requirements of the Council.

RESOLVED:

To note progress on delivery of internal audit, counter fraud and information governance work, and the plans for work to be completed in 2021-22.