area before an opinion on the effectiveness of the system of internal control can be expressed. The full document is available using the following link:

http://www.iwight.com/council/documents/performance/

The key issues in the identified areas are as follows:

· The Council has adopted a constitution which sets out the framework within which the Council operates, how decisions are made and the procedures to ensure that they are efficient, transparent and accountable. The constitution is reviewed on a regular basis to ensure it remains fit for purpose

· The Cabinet is responsible for the majority of the functions of the authority, within the budget and policy framework set by Full Council. Executive decisions can be taken by the Cabinet, by portfolio holders or by officers acting under delegated powers, depending upon the significance of the decision being made. A Forward Plan is published providing details of member decisions for consideration by other elected members, the public and Strategic Directors in time for advice and recommendations to be made

· The Council discharges its overview and scrutiny functions through 5 member bodies. Internal scrutiny of Council functions and decision making is carried out by the Corporate Scrutiny Committee. A separately constituted Audit Committee oversees internal and external audit, and the outcome of external inspections

· A properly designated Monitoring Officer has been appointed by the Council, with adequate resources to carry out the role effectively. The Monitoring Officer has a duty to report on any actual or likely decision which would result in an unlawful act or maladministration

· The Council is required to make arrangements for the proper administration of its financial affairs and to secure that one of its senior officers has responsibility for the administration of those affairs. The Council has designated the chief financial officer as that officer in accordance with S151 of the Local Government Act 1972

· Following extensive consultation with staff and partners the Council produced a Corporate Plan in 2002 to be pursued through a four year period by service development and improvement. The Plan is implemented through Annual Action Statements which detail specific initiatives to be achieved, in particular identifying Priority Improvement Areas. The Corporate Plan focuses attention on corporate priorities, and this is then cascaded through the organisation via service plans, team plans and the development review process for all employees. The process is laid out in the Annual Planning Cycle

· Performance management is delivered through an agreed framework, the main focus being a process of quarterly performance management reports (QPMRs). The QPMRs include achievement against key actions identified from Annual Action Statements and a range of other sources, and are reported to the Cabinet via the Directors Group and Directorate Management Teams. Emphasis is placed on Priority Improvement Areas and any other issue which may impact on delivery of the Council’s objectives, and explanations are provided for any corrective actions which may have been taken in the preceding quarter

· The Council has a comprehensive framework for identifying and managing risk. The risk management system has been developed, and is maintained, with the active participation of those involved in planning and delivering services, to the extent that each service head is required to maintain a service risk register, updated on a regular basis and which forms part of the service planning process. Appropriate staff with links to each service area have been trained in the assessment, management and monitoring of risks, and these staff form the basis of the Risk Management Group, which has responsibility for embedding risk management throughout the authority, reviewing service risks and identifying strategic risks. The Risk Management Group reports directly to the Strategic Risk Group, which comprises directors and an elected member champion and manages strategic risks on an exception basis

· The Council has an approved Procurement Strategy and Improvement Plan which sets out the key actions necessary to achieve strategic direction and focus over its procurement activity. This includes delivery of an Electronic Marketplace and Procurement Card solution which will be implemented in autumn 2005; also being implemented is a Gateway Review process, used to control the progress of significant individual procurements, and ensuring that greatest attention is paid to those which represent most risk or are of strategic importance to the Council

· Financial management of the authority is delivered in accordance with the rules set out in the Constitution and with Financial Procedure Rules. The Accounts and Audit Regulations 2003 require the Council to ensure that its financial management is adequate and effective, and that there is a sound system of internal control which facilitates the effective exercise of the Council’s functions. In addition, CIPFA have produced various codes of practice and standards of professional practice with which finance staff are required to comply, and the chief financial officer is required to advise the Council on the robustness of its budget and the adequacy of its reserves, to regularly monitor financial performance against budget, and to produce a medium term financial strategy to support the medium term aims of the Corporate Plan

· The Council maintains an Internal Audit function whose role is to provide an independent and objective assurance about the Council’s functions aimed at adding value and improving the Council’s operations

· All services are delivered by properly trained and experienced staff. Each post has a job description and person specification, and the training requirements of each member of staff are identified through the Development Review Process, linked to the Competency Framework which was developed by the Council’s Training Champions Group

· All services of the Council are subject to reviews by external inspection agencies, external auditors, Internal Audit, Policy Commissions and as a result of prioritisation initiatives. The results of these inspections inform the review process and allow the Council to seek means of ensuring the economic, efficient and effective use of resources in achieving the Council’s objectives, and securing continuous improvement in the delivery of its services

· The Council has an objective and professional relationship with its external auditors as demonstrated in the Annual Audit and Inspection Letter, and also the Final Accounts Memorandum

4. Review of effectiveness

The Isle of Wight Council has responsibility for conducting, at least annually, a review of the effectiveness of the system of internal control. The review of the effectiveness of the system of internal control is informed by the work of the internal auditors and the executive managers within the authority who have responsibility for the development and maintenance of the internal control environment, and also by comments made by the external auditors and other review agencies and inspectorates.

The process that has been applied by the Council in maintaining and reviewing the effectiveness of the system of internal control during 2004/05, and in the period to publication of this statement, includes:

· Following the elections in May 2005, the Council has a change in political administration, which has meant that that the priorities and objectives of the Council have changed. This has necessitated a review of many of the internal control procedures, in particular those linked to corporate governance procedures

· The Monitoring Officer has a duty to keep under review the operation of the Constitution to ensure it is lawful, fit for purpose and up to date. The Council reviews the Constitution each year at the Annual Meeting of Full Council

· The Council has four Policy Commissions as part of the overview and scrutiny functions. These Commissions have work programmes reflecting the priorities of the administration, and provide the opportunity for stakeholders to participate in Council initiatives and matters of public concern

· In addition, the Council has also established a Corporate Scrutiny Committee to review Council functions and decision making, and an Audit Committee to oversee internal and external audit, review the adequacy of internal controls and the outcome of external inspections

· Internal Audit are responsible for bringing a systematic and disciplined approach to the evaluation and improvement of the effectiveness of risk management, internal control and governance processes. The audit approach is risk based ensuring available resources are directed at areas of greatest need. An audit plan is developed which is approved by the Audit Committee, and from which the annual audit work programme is derived. The reporting process requires a report on each audit to be submitted to the relevant Head of Service, service manager and any other relevant officer. Such reports will include recommendations for improvement and a timescale for implementation. Recommendations are reviewed to ensure action has been taken, and the results of audit reports are also taken to the Audit Committee

· The work programme of Internal Audit is subject to regular review and discussion with the Council’s external auditors, who place reliance on the work carried out by the section when forming their own judgements about the effectiveness of internal control

· During 2004/05 the Council reviewed and revised its Financial Procedure Rules and Contract Standing Orders, and the revised versions were approved in July 2005

· The Council has had a Risk Management Group in place for some years now – however during 2004/05 its role was reviewed, and membership broadened, to include ‘risk champions’ chosen to represent each service area. These ‘risk champions’ have been trained in the assessment, management and monitoring of risk, as well as use of the Council’s risk management database, with the aim of ensuring that management of risk is properly embedded throughout the organisation. First meeting of the ‘new’ group took place in May 2005, and there will be quarterly meetings thereafter to ensure that the risk register is regularly reviewed, and that management action is being taken to minimise risk to the Council’s operations

· Performance management is reviewed on a quarterly basis by the Directors Group and Cabinet through the QPMR process. Any areas of concern are highlighted and explanations provided of corrective action taken. In particular, focus is placed on identified Priority Improvement Areas, which have been selected on the basis of poor performance in the past. These services get priority for additional resources to secure sustained improvement and are closely monitored to ensure such an outcome is achieved

· With regard to the key elements of the Council’s internal control environment, assurance statements were sought from service managers throughout the Council regarding the effectiveness of the internal control arrangements in their service area. These assurance statements were provided in December 2004 for the first part of the financial year. The assurance process was reviewed in a joint arrangement between Internal Audit and the Audit Commission during the early part of 2005, and updated to take account of recommendations arising from the review. Further assurances were then sought in June 2005 for the full financial year

· The Chief Internal Auditor carried out an independent review of the assurance statements, the risk register and other supporting evidence in order to draw some conclusions about the effectiveness of the system of internal control throughout the Council. The results of his review have been summarised into broad control themes and form the basis of the issues identified in section 5 below

· Both the Monitoring Officer and Chief Financial Officer have been involved in the review and approval process of the Statement on Internal Control

5. Significant internal control issues

The following significant internal control issues have been identified, arising from the assurances provided by service managers, review of the risk register database, and the results of external inspection processes:

No.	Issue	Action Planned
1	There is a need to ensure that risk management is embedded in the culture of the organisation	Review the function of the Risk Management Group and appoint ‘risk champions’ to represent each service area and be fully trained in all aspects of risk management. By May 2005 Develop the risk register and improve accessibility to the risk management database by enabling a web browser access to the system for ‘risk champions’ and other relevant staff By June 2005
2	The Council Constitution has been recently reviewed, however requires further refinement to accommodate bedding in of new administration and governance structures	Awareness sessions planned with stakeholders and partners; development of new intranet/web based resource to ensure available governance documents are more accessible By October/November 2005
3	Executive decision making requires more clarity around member role in gate-keeping corporate change management plan and performance management	New arrangements for change management plan and performance management structures adopted by Cabinet By September 2005
4	Overview and scrutiny functions need to be refined to ensure they are sufficiently independent and robust	Revised arrangements in place to allow appointments to be made to both Scrutiny Committee and Audit Committee By October 2005
5	There is no systematic review of new/emerging legislation to ensure areas of corporate significance are identified	Add systematic review of new legislation to Legal Services team plan for 2006/07 Team plan October 2005
6	Register of Employee’s Personal Interest forms are not completed consistently throughout the Council	All line managers are expected to ensure that the declaration of interest forms are completed at each development review meeting and updated at the half-yearly review By November 2005
7	Business continuity planning and disaster recovery plans need to be embedded in the culture of the organisation to meet the requirements of the Civil Contingencies Act	ICT criticality review to identify business critical systems By August 2005 Pilot scheme developed to implement BCP By September 2005 Awareness seminars for members and senior managers By October 2005 Implementation seminars for BCP By March 2006 Collate individual plans and produce Co-ordination and Crisis Management Procedure By June 2006
8	The Council’s procurement procedures need to be cascaded throughout the organisation to ensure consistency of application and compliance with national guidelines	Contract standing orders to be updated to set out necessary actions to be taken according to the strategic importance of a procurement; also to include the competitive process required in each instance, in particular the requirements of the EU procurement regulations By July 2005
9	There is a need to identify more resources for highway maintenance in order to secure full compliance with Section 41 of the Highways Act 1980 (duty to maintain the highway)	Manage the highways network within existing resources, both capital and revenue, in order to minimise the potential impact on road users Utilise the LTP process to secure adequate resources to maintain the highway network through capital investment Planned implementation of a highway asset management PFI scheme to improve the quality of the highways network throughout the local area By Spring 2008
10	There is a need to identify more resources for property maintenance to prevent deterioration of the asset base and allow resources to be targeted at statutory requirements e.g. Health and Safety, Asbestos, Disability Discrimination Act	CDM/professional advice from external agents. Condition surveys and resourced plan to manage and monitor risk. Action plan for remedial works necessary to bring property assets to a consistent standard Manage the property portfolio within existing resources, both revenue and capital, in order to improve standards for users Deliver an updated Asset Management Plan By April 2006
11	Need for identification of more resources to support some areas of enforcement and Health and Safety Policy	Bid to DEFRA for ring-fenced funding to assist delivery of animal health enforcement By June 2005 Resources have been identified and set aside to assist delivery of a corporate Tree Safety Policy – suitable member of staff with relevant experience to be recruited By September 2006
12	Management of partnership arrangements needs to be improved to ensure they are dealt with consistently throughout the authority and in the same manner as other methods of service delivery	Corporate project team to be established to set best practice standards for partnership management and ensure they are applied consistently By August 2005 Partnership register to be created to record details of significant partnership arrangements By October 2005
13	Performance management arrangements need to be refined to ensure they are embedded throughout the Council’s service areas	Implement improved performance management standards through the Council’s Change Management Plan and procure and implement a corporate performance management system By April 2006
14	Corporate ICT systems need to be regularly reviewed to ensure system security is safeguarded and that all systems are fit for purpose and updated for current technology	Upgrade power, air conditioning and fire alarms in server farm Implement new internet filtering and security systems ICT criticality review to identify business critical systems By August 2005 Appoint ICT Security Manager and review ICT security policy By October 2005 Implement business continuity plan for networks and business critical systems By March 2006
15	Medium term financial strategy needs to be reviewed and updated to reflect changing Council priorities and the changing Government grant regime	MTFP to be updated to take account of the Council’s Change Management Plan and the new 3 year Government grant settlement By February 2006
16	Human resource issues need to be improved to provide support to the Council’s workforce and enable their development through improvements to working practices and morale	Change Management Plan will require Workforce Plan to identify staff development needs and develop a career management scheme By March 2006 Stress risk assessments carried out Regular employee surveys to monitor morale Exit interviews to identify reasons for staff turnover Health and Safety training programme implemented ICT training programme to be further developed to assist staff keep pace with new technology By March 2006

Andy Sutton Date

Leader of the Council

Mike Fisher Date

Chief Executive Officer

APPENDIX A

STATEMENT ON INTERNAL CONTROL