Issue - meetings

INTERNAL AUDIT UPDATE

Meeting: 22/11/2016 - Audit and Risk Management Committee (Item 29)

29 INTERNAL AUDIT UPDATE pdf icon PDF 100 KB

Additional documents:

Minutes:

The Chief Internal Auditor introduced his report that identified and evaluated the performance of the Internal Audit Section and included items of note arising from the actual work undertaken during the period 1 September to 31 October 2016. The report focused upon:

 

·  Any items of note arising from audit work conducted;

·  Any issues arising that require actions to be taken by Members;

·  Performance information relating to the Internal Audit Service;

 

Members’ attention was drawn specifically to a number of items of note that had been identified, which included:

 

Cyber Security

An audit had been conducted of the Council’s Cyber Security position as it was widely acknowledged that effective controls in this increasingly high risk area were vital to public bodies as they were in the front line of the cyber criminal’s targets and (across the public sector) had recently experienced a dramatic increase in this type of activity.

 

The conclusion from the work undertaken was that Wirral had controls in place to address some of the business risks reviewed, however a number of areas were identified for improvement to address emerging risks and a ‘Moderate’ overall risk to the organisation, these included:

 

  • Firewalls
  • Vulnerability Monitoring
  • Rogue Wireless Access Points
  • Information Risk Register
  • Information Security Training
  • Cyber Insurance

 

Prepaid Cards – Local Welfare Assistance Scheme (LWAS)

A number of additional measures and controls had been agreed with management following the audit in order to enhance the control environment of the system and these had been implemented with immediate effect. In addition a significant number of issues were identified in respect to the service provided by ‘allpay’ Limited which had adversely impacted on the effectiveness of the prepaid card operation for the LWAS. It had been agreed that these matters will be raised directly with representatives of the company and that Internal Audit would continue to provide support to the Business Support and Housing Benefit Managers in resolving these issues.

 

Performance and Management Planning

Members were informed that a review of performance management will involve testing a sample of operational performance indicators and indicators from the Wirral Plan in order to assess the robustness of data quality.

 

Children’s Services

An audit had recently been commissioned as part of the Children’s Services Improvement Plan to evaluate and test data quality across a number of performance indicators currently in operation. The report informed that findings from this piece of work including identified development actions will be included within the Improvement Plan and reported to senior managers and Members.

 

The Chief Internal Auditor informed the Committee that here were currently no significant issues arising although it should be noted that achievement of the audit plan was slightly behind schedule for this time of year. This was primarily due to a number of vacant posts within the section that had proven difficult to fill. He advised that work was currently ongoing to attempt to address this issue and two recent staffing appointments had been made.

 

Members thanked the Officer for his comprehensive report, but expressed concern  ...  view the full minutes text for item 29