Agenda item

Internal Audit Update


The Chief Internal Auditor presented a report which identified and evaluated the performance of the Internal Audit section. It included details of issues that had arisen from the actual work undertaken during the period 1 November to 31 December 2014 and provided specific details of four items of note, which were brought to the attention of the Committee:


·  Creditor Payments

·  Commissioning

·  School Audits

·  ICT Business Continuity


The Chief Internal Auditor provided details of outstanding Audit recommendations that had not currently been implemented and he commented that all were RAG rated as ‘amber’, which indicated that progress was being made to address the issues identified. He also drew the Committee’s attention to developments within internal audit.


Responding to comments from Members, the Chief Internal Auditor stated that the Schools Audit was a statutory requirement. Some of the work identified in the appendix was not pre-programmed but rather additional to specific planned internal audits so the information provided might on occasion differ as to outcomes etc. Members should only be concerned if an item remained on the appendix of outstanding audit recommendations indicating that actions had not been taken by officers within agreed timescales.


In respect of ‘Data Loss Prevention’ he outlined the reasons for the re-scheduling of follow up work which had occurred as a result of significant transformation and high turnover of staff within the service area under review. The Council’s Information Governance Board had subsequently assumed responsibility for overseeing a range of actions designed to improve the arrangements in place over data management and was currently raising awareness of this throughout the Authority. Significant improvement had been made on data storage and security including the development of policy and procedure and PSN compliance. All identified outstanding issues had now been included in a specific action plan and its implementation was being overseen by the board. More work was to be done but things were moving in the right direction. A report on this would be brought back to the March Committee including data on instances of data loss.


With regard to ‘Commissioning’ the Strategic Director of Transformation and Resources outlined the situation in respect of this specific case.


In the absence of the Director of Resources in August 2014 an E111 form (Business case to exceed contract by over 10% threshold) was forwarded to the Chief Executive in respect of a contract extension relating to work being undertaken by V4 Services Limited (‘V4’). The Chief Executive aware of the requirement to authorise variations to contracts in advance of expenditure, was not prepared to sign the E111 form and requested further research of this matter.


The Strategic Director, Families and Wellbeing, as responsible officer for this contract, was informed of the Chief Executive’s views and requested details of all invoices to gain assurances regarding the payments. The relevant Portfolio Holder was involved in the initial commissioning arrangements under her delegated authority. Following the tender process, she was alerted as soon as it became apparent that the threshold had been breached and then kept informed throughout. Following discussions with the Chief Internal Auditor, the Strategic Director of Transformation and Resources requested Internal Audit to formally undertake a review of payments to V4, covering what was commissioned by Council officers, what was actually spent, and whether officers had followed the Council’s relevant rules.


The initial commissioning and subsequent tendering for the Transformation of Leisure Services was undertaken correctly but senior managers did not comply with elements of the Council’s Contract Procedure Rules (CPR) in that expenditure under the contract had  exceeded the 10% threshold and this was a breach of the CPRs as prior approval had not been obtained. The approved spend was £97,500 but actual spend was £117,928, 11 per cent above the agreed 10 per cent CPR threshold. It was also incorrectly believed that a continuation of previously procured services from this company, through a national Procurement Framework for a separate programme of work, could be applied in relation to the Business Case for the Development of a Local Authority Trading Company for DASS Day Services. .


Whilst there was no inference of impropriety on behalf of any Council officer, it was crucial the Council’s rules were fully complied with to ensure legality, demonstrate transparency, and protect reputation. The audit identified that management controls had not been as robust as they should have been; this included a lack of formal orders or contracts for the additional programme of work.


Moreover, commissioning a Review and Challenge Report via the company who had performed the work being subject to review had been accepted as the incorrect process to have followed. A review by a wholly independent body was in the process of being commissioned.


The breaches of the CPRs detailed in the Audit report had to be reported to this Committee under the terms of CPR E123.


The total gross payments to V4 were £193,620 in relation to Leisure Services and £91,912 in relation to DASS, an overall total of £285,532. It was the opinion of the relevant service areas involved that the company had enabled Leisure Services to reduce its costs and in relation to DASS, had helped realise the savings required as well as providing the necessary knowledge to design the implementation plan. The Strategic Director for Families and Wellbeing was satisfied with the results and conclusions of their work. Therefore there was no suggestion of any need for claw back of any funds from them.


However, there had been breaches of the Council's CPRs in the process of awarding and monitoring work with V4. There was no inference of impropriety against any Council officer but there had been examples of poor control which needed to be corrected.


The outcomes of this audit reinforced the need for the Council to give serious priority to the centralisation of payments processes and this was being taken forward through the development of the Transaction Centre. Appropriate training would be initiated for senior managers across the organisation as a result of the lack of awareness of the Council’s CPRs.


In all, 11 recommendations had been made and they had all been accepted and agreed. These recommendations had been shaped into an appropriate action plan. Formal progress against this action plan would be monitored via the Council’s internal Corporate Governance Group which reported into the Portfolio Holder for Governance, Commissioning and Improvement and SLT. Internal Audit would also continue to monitor and an update would be brought back to this Committee in the future.


The CPRs were currently under review to ensure they complied with the (draft) Public Contract Regulations 2015 that were anticipated to be laid before Parliament on or before 30 March 2015. Officers in Procurement and Legal Services would take the opportunity to review, improve and clarify procedures and practices to help ensure all reasonable steps were taken to mitigate a recurrence. Members would have the opportunity to review the revised CPRs before they were recommended to Council for approval.


Responding to comments from Members the Strategic Director restated that officers had been found to have breached the Contract Procedure Rules but no impropriety had been found. These officers had been reminded of their responsibilities and had received training. The end date of the contract extension was not tied down tightly enough and this had been acknowledged by Internal Audit. A central database of all contracts was held and when there were genuine reasons for a contract extension these needed to be explicit.


Resolved – That the report be noted.

Supporting documents: