PAPER C
AUDIT PANEL - 16 FEBRUARY 2005
REPORT OF THE CHIEF INTERNAL AUDITOR
1. The purpose of this report is to inform
the Audit Panel of the proposed internal audit activity for the next financial
year.
BACKGROUND
2. The council is the largest employer on
the island, spending and receiving around £327 million per annum and employing
around 5,000 staff. In addition, it manages its own pension fund valued at £150
million. The council seeks to achieve its objectives through the maintenance of
a comprehensive system of risk management that should ensure that services are
delivered in a proper, economic, efficient and effective manner. Internal
audit’s role is to assess the adequacy and effectiveness of the risk management
system and in particular the quality of the internal control arrangements
designed to mitigate risks. Internal audit is part of the control regime and
being a finite resource, needs to plan and allocate resources in a rational and
systematic way in order to ensure that all the council’s activities receive an
appropriate amount of attention.
3. The annual audit plan that is attached
to this report at Appendix A. This annual plan is essentially the second year
of the three year strategic plan presented to the Panel at its meeting in July
last year. The plan has been modified slightly from what was reported last year
to take account of changes in the authority’s risk profile as well as high risk
activities not audited as planned in the current years plan. The plan sets out
the specific activities to be audited, the audit approach to be adopted and the
time needed to execute the audit. Clearly, there are some activities and
systems that need to be audited more frequently than others. This is
illustrated by the approach to the council’s main financial systems such as the
main accounting system where we need to be able to give annual assurance that
these systems are operating in line with management’s expectations and can be
relied upon to provide accurate information for the production of the
authority’s published financial statements.
Resource allocation to other areas of the plan and in particular the
frequency of review is based on risk assessment and available audit resources,
the idea being to match risk with internal audit resource.
4. The audit
plan is structured under eight headings:
(i)
Compliance
audits which are primarily concerned with determining the extent to which the
council’s activities are conducted in accordance with internal rules,
regulations and the law.
(ii)
Financial
systems audits which aim to give assurance to management that the council’s
core financial systems are appropriately controlled and can be relied upon to
produce accurate financial information for internal management purposes and
support the production of the council’s published financial statements.
(iii)
Operational
audits which essentially are concerned with the management of business risks to
ensure that operations and hence the council as a whole will achieve their
objectives.
(iv)
Anti-fraud
audits which seek to either reduce the risk of fraud through the dissemination
of good practice or seek to discover fraud in high risk areas.
(v)
Contracts
audits that review the controls over the council’s procurement systems.
(vi)
ICT
audits which are technical evaluations of the councils ICT infrastructure and
systems to ensure that the council’s information management arrangements are
secure, adequate and effective.
(vii)
Project
audits designed to give real time assurance that strategic projects will be
successfully implemented.
(viii)
Follow-up
audits are intended to improve internal audit effectiveness by determining
whether agreed recommendations from earlier reviews have been implemented and
if not why not.
5. Elsewhere on the agenda, members will
be appraised of the contents of the Audit Commission’s Annual Audit Letter. Two
particular issues regarding internal audit are included in the management
letter: the balance of work between financial systems and operational audits
and the arrangements for performing follow-up audits. These comments relate to
financial year 2003/04. In the current financial year and in the plans for next
year, the concerns expressed by the Audit Commission have been addressed and
appropriately balanced plans including provision for follow-up audit have been
prepared.
6. Existing audit resources, after making
allowances for training and other indirect activity are included in summary in
the plan. The number of available days totals 1,214.5 which matches the resource rationed plan.
7. The Audit
Panel is requested to :
(i)
consider
the relative priorities and amounts of time devoted to areas of council
activity;
(ii)
make
recommendations as appropriate about the priorities of the audit teams work;
(iii)
approve
the annual audit plan for 2005/06.
This Annual Audit Plan is derived from the Strategic Audit
Plan approved by the Panel last year. The strategic plan takes account of Corporate
objectives, BVPIs, the Annual Action Statement as well as local internal audit
performance indicators.
Audit planning file held by G. Richardson
Contact point: G.B. Richardson, Chief Internal Auditor, 3683
G B RICHARDSON
Chief Internal Auditor
|
Expected Audit Resources 2005/06 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ICT AUDITOR |
CIA |
AUDITOR |
AUDITOR |
AUDITOR |
AUDITOR |
AUDITOR |
ADMIN. |
TOTAL |
|
|
|
|
|
|
|
|
|
|
|
|
Total Days Available |
261 |
261 |
212 |
212 |
239 |
261 |
261 |
64 |
1771 |
|
|
|
|
|
|
|
|
|
|
|
|
Less: |
|
|
|
|
|
|
|
|
|
|
Annual Leave |
20 |
25 |
20 |
20 |
35 |
26 |
20 |
5.5 |
171.5 |
|
Bank Holidays |
10 |
10 |
10 |
10 |
10 |
10 |
10 |
5 |
75 |
|
Training |
10 |
10 |
10 |
28 |
28 |
10 |
10 |
1 |
107 |
|
Management |
|
50 |
|
|
|
|
|
|
50 |
|
Administration |
12 |
15 |
12 |
12 |
12 |
12 |
12 |
30 |
117 |
|
Sickness |
5 |
5 |
5 |
5 |
5 |
5 |
5 |
1 |
36 |
|
Total Indirect Time |
57 |
115 |
57 |
75 |
90 |
63 |
57 |
42.5 |
556.5 |
|
|
|
|
|
|
|
|
|
|
|
|
Net Productive Time |
204 |
146 |
155 |
137 |
149 |
198 |
204 |
21.5 |
1214.5 |
|
|
|
|
|
|
|
|
|
|
|
|
Productivity % excl A/L and B/H |
88 |
65 |
85 |
75 |
77 |
88 |
88 |
40 |
80 |
|
|
|
|
|
|
|
|
|
|
|
|
Productivity % |
78 |
56 |
73 |
65 |
62 |
76 |
78 |
34 |
69 |
|
|
|
|
|
|
|
|
|
|
|
|
Average WTEs |
6.79 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Average Productive Days WTE |
178.99 |
|
|
|
|
|
|
|
|
|
|
RISK RATING |
FREQ. YEARS |
2005/06 DAYS |
|
ANNUAL
AUDIT PLAN 2005/2006 |
|
|
|
|
|
|
|
|
|
COMPLIANCE
AUDITS: |
|
|
|
|
|
|
|
|
|
SCHOOLS |
|
|
|
|
|
|
|
|
|
Primary Education |
|
|
|
|
|
|
|
|
|
Arreton
St George's CEP |
C |
1 |
0.5 |
|
Bembridge
CEP |
C |
1 |
0.5 |
|
Binstead
Primary |
C |
1 |
3 |
|
Brading
CEP |
C |
1 |
3 |
|
Brighstone
CEP |
C |
1 |
0.5 |
|
Carisbrooke
CEP |
C |
1 |
0.5 |
|
St
Thomas' CP |
C |
1 |
0.5 |
|
Chale CEP |
C |
1 |
0.5 |
|
Chillerton
Primary |
C |
1 |
0.5 |
|
Cowes
Primary |
C |
1 |
3 |
|
Love Lane
Primary |
C |
1 |
3 |
|
East
Cowes Grange Primary |
C |
1 |
0.5 |
|
Holy
Cross CP |
C |
1 |
0.5 |
|
Freshwater
All Saints CEP |
C |
1 |
0.5 |
|
Gatten
& Lake Primary |
C |
1 |
0.5 |
|
Godshill
Primary |
C |
1 |
3 |
|
Gurnard
Primary |
C |
1 |
0.5 |
|
Hunnyhill
Primary |
C |
1 |
0.5 |
|
Nettlestone
Primary |
C |
1 |
0.5 |
|
Newchurch
Primary |
C |
1 |
0.5 |
|
Barton
Primary |
C |
1 |
0.5 |
|
Nine
Acres Primary |
C |
1 |
0.5 |
|
Newport
CEP |
C |
1 |
3 |
|
Niton
Primary |
C |
1 |
0.5 |
|
Northwood
Primary |
C |
1 |
0.5 |
|
Greenmount
Primary |
C |
1 |
0.5 |
|
Haylands
Primary |
C |
1 |
0.5 |
|
Oakfield
CEP |
C |
1 |
3 |
|
St Mary's
CP |
C |
1 |
0.5 |
|
Dover
Park Primary |
C |
1 |
0.5 |
|
St Helens
Primary |
C |
1 |
3 |
|
Sandown
CEP |
C |
1 |
0.5 |
|
Broadlea
Primary |
C |
1 |
0.5 |
|
St Johns
CEP |
C |
1 |
0.5 |
|
Shalfleet
CEP |
C |
1 |
0.5 |
|
Shanklin
CEP |
C |
1 |
0.5 |
|
Totland
Primary |
C |
1 |
0.5 |
|
St
Saviours CP |
C |
1 |
3 |
|
St
Wilfrids CP |
C |
1 |
0.5 |
|
St
Boniface CEP |
C |
1 |
0.5 |
|
St
Margarets CEP |
C |
1 |
0.5 |
|
Whippingham
Primary |
C |
1 |
0.5 |
|
Wootton
Primary |
C |
1 |
0.5 |
|
Wroxall
Primary |
C |
1 |
3 |
|
Yarmouth
CEP |
C |
1 |
0.5 |
|
Summerfields
Primary |
C |
1 |
0.5 |
|
|
|
|
|
|
|
|
|
|
|
Middle Schools |
|
|
|
|
|
|
|
|
|
Archbishop
King CM |
B |
1 |
0.5 |
|
Bishop
Lovett CEM |
B |
1 |
0.5 |
|
Downside
Middle |
B |
1 |
0.5 |
|
Forelands
Middle |
B |
1 |
3 |
|
Lake
Middle |
B |
1 |
0.5 |
|
Mayfield
CEM |
B |
1 |
0.5 |
|
Trinity
CEM |
B |
1 |
0.5 |
|
Nodehill
Middle |
B |
1 |
0.5 |
|
Osborne
Middle |
B |
1 |
0.5 |
|
Kitbridge
Middle |
B |
1 |
0.5 |
|
Sandham
Middle |
B |
1 |
0.5 |
|
Solent
Middle |
B |
1 |
0.5 |
|
Somerton
Middle |
B |
1 |
0.5 |
|
Swanmore
Middle |
B |
1 |
0.5 |
|
Ventnor
Middle |
B |
1 |
0.5 |
|
West
Wight Middle |
B |
1 |
0.5 |
|
|
|
|
|
|
High Schools |
|
|
|
|
|
|
|
|
|
Carisbrooke
High |
B |
1 |
1 |
|
Cowes
High |
B |
1 |
1 |
|
Ryde High |
B |
1 |
1 |
|
Sandown
High |
B |
1 |
1 |
|
Medina
High |
B |
1 |
1 |
|
|
|
|
|
|
Special Schools |
|
|
|
|
|
|
|
|
|
Medina
House |
C |
1 |
0.5 |
|
St
Georges |
C |
1 |
0.5 |
|
|
|
|
|
|
Education
Other |
|
|
|
|
|
|
|
|
|
Teachers
Pay |
A |
2 |
3 |
|
PLASC |
B |
3 |
3 |
|
|
|
|
|
|
COMMUNITY SERVICES |
|
|
|
|
|
|
|
|
|
Leisure
Centres |
C |
4 |
5 |
|
Tourist
Information Centres |
B |
3 |
3 |
|
Beaches
and Esplanades |
A |
2 |
3 |
|
Museums |
C |
4 |
5 |
|
Pop
Festival |
A |
1 |
3 |
|
|
|
|
|
|
Financial
Services |
|
|
|
|
|
|
|
|
|
Bankline |
A |
1 |
2 |
|
|
|
|
|
|
Highways |
|
|
|
|
|
|
|
|
|
Public
Transport Support |
A |
2 |
10 |
|
|
|
|
|
|
Coastal Protection |
|
|
|
|
|
|
|
|
|
SCOPAC |
D |
1 |
1 |
|
Certification
checks |
B |
1 |
1 |
|
|
|
|
|
|
Consumer Protection |
|
|
|
|
|
|
|
|
|
Licensing |
C |
4 |
7 |
|
|
|
|
|
|
Property Services |
|
|
|
|
|
|
|
|
|
Markets |
C |
4 |
3 |
|
|
|
|
|
|
|
|
|
|
|
Fire
and Rescue |
|
|
|
|
|
|
|
|
|
Retained
Firefighters Pay |
B |
3 |
3 |
|
|
|
|
|
|
Adult
Operations |
|
|
|
|
|
|
|
|
|
Direct
Services |
|
|
|
|
|
|
|
|
|
Daycare
Elderly/Other Services |
C |
4 |
3 |
|
|
|
|
|
|
Fieldwork |
|
|
|
|
|
|
|
|
|
Pooled
Budgets for Nursing Care |
B |
3 |
1 |
|
CSDP/Occupational
Therapists |
C |
4 |
3 |
|
|
|
|
|
|
Central
Services |
|
|
|
|
|
|
|
|
|
ESF/SRB
Grants |
C |
4 |
3 |
|
Contracts/SLAs
including Meals on Wheels |
C |
4 |
6 |
|
|
|
|
|
|
CORPORATE
SERVICES |
|
|
|
|
|
|
|
|
|
Legal
and Democratic Services |
|
|
|
|
|
|
|
|
|
Members
Allowances |
C |
4 |
3 |
|
|
|
|
|
|
|
|
|
|
|
TOTALS |
|
|
134.5 |
|
FINANCIAL
SYSTEMS |
RISK |
FREQ. |
2005/6 |
|
|
RATING |
YEARS |
DAYS |
|
Main Systems |
|
|
|
|
|
|
|
|
|
Main
Accounting |
C |
1 |
20 |
|
Housing
Benefit |
A |
1 |
60 |
|
Council
Tax |
B |
1 |
20 |
|
NNDR |
D |
1 |
10 |
|
Creditors |
B |
1 |
30 |
|
Customer
Accounts |
C |
1 |
10 |
|
Payroll |
B |
1 |
20 |
|
Pension
Benefits/Contributions |
C |
1 |
20 |
|
|
|
|
|
|
|
|
|
|
|
Corporate Finance |
|
|
|
|
|
|
|
|
|
Formula
Spending Share (FSS) |
A |
2 |
20 |
|
Treasury
Management |
B |
2 |
10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TOTAL |
|
|
220 |
|
|
RISK RATING |
FREQ. YERAS |
2005/06 DAYS |
OPERATIONAL
AUDITS |
|
|
|
|
|
|
|
|
|
Children's
Services |
|
|
|
|
|
|
|
|
|
Overall Management
Arrangements |
A |
2 |
20 |
|
|
|
|
|
|
Education |
|
|
|
|
|
|
|
|
|
Behavioural
Support |
C |
4 |
10 |
|
Financial
Services |
D |
5 |
5 |
|
|
|
|
|
|
|
|
|
|
|
Children's Services |
|
|
|
|
|
|
|
|
|
ISP/New
Care Leavers Grant |
B |
3 |
10 |
|
Fostering
and Adoption |
B |
3 |
10 |
|
Children’s
Disability Team |
B |
3 |
10 |
|
|
|
|
|
|
Maintenance |
|
|
|
|
|
|
|
|
|
Electrical
Services |
C |
4 |
10 |
|
|
|
|
|
|
Design |
|
|
|
|
|
|
|
|
|
Car Parks |
D |
5 |
10 |
|
Road
Safety |
D |
5 |
10 |
|
|
|
|
|
|
Consumer Protection |
|
|
|
|
|
|
|
|
|
Trading
Standards |
D |
5 |
5 |
|
|
|
|
|
|
Planning |
|
|
|
|
|
|
|
|
|
Development
Control |
B |
3 |
5 |
|
Building
Control |
D |
5 |
10 |
|
Countryside
Services |
C |
4 |
10 |
|
|
|
|
|
|
Property Services |
|
|
|
|
|
|
|
|
|
Energy |
D |
5 |
5 |
|
|
|
|
|
|
FIRE
AND RESCUE SERVICE |
|
|
|
|
|
|
|
|
|
Overall Management
Arrangements |
A |
2 |
10 |
|
|
|
|
|
|
ADULT AND COMMUNITY SERVICES Mental Health |
|
|
|
|
|
|
|
|
|
Management
of Mental Health Services |
B |
3 |
10 |
|
|
|
|
|
|
Housing |
|
|
|
|
|
|
|
|
|
Supporting
People |
B |
1 |
10 |
|
Enforcement |
D |
5 |
5 |
|
|
|
|
|
|
CORPORATE
SERVICES |
|
|
|
|
|
|
|
|
|
Economic Development |
|
|
|
|
|
|
|
|
|
Economic
Development |
B |
3 |
10 |
|
|
|
|
|
|
Legal and Democratic
Services |
|
|
|
|
|
|
|
|
|
Legal
Services - General |
D |
5 |
5 |
|
Local
Land Charges |
D |
5 |
5 |
|
|
|
|
|
|
Business Services |
|
|
|
|
|
|
|
|
|
Customer
Service Centre/Post Room |
D |
5 |
5 |
|
|
|
|
|
|
CORPORATE
ISSUES |
|
|
|
|
|
|
|
|
|
Partnerships |
A |
1 |
10 |
|
Agenda
21/ISO 140000 |
B |
1 |
10 |
|
Crime and
Disorder |
B |
3 |
10 |
|
|
|
|
|
|
CORPORATE
GOVERNANCE |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Statement
on Internal Control |
A |
1 |
20 |
|
Risk
Management System |
A |
1 |
20 |
|
Performance
Indicators |
A |
1 |
20 |
|
PSA
Indicators |
A |
1 |
20 |
|
|
|
|
|
|
TOTAL |
|
|
300 |
|
ANTI
FRAUD AUDITS |
RISK |
|
2005/6 |
|
|
RATING |
|
DAYS |
|
|
|
|
|
|
Reviewing Policies
& Procedures |
|
|
|
|
|
|
|
|
|
Gifts and
Hospitality |
C |
|
1 |
|
Codes of
Conduct |
B |
|
5 |
|
|
|
|
|
|
Fraud awareness
training workshops |
B |
|
10 |
|
|
|
|
|
|
|
|
|
|
|
Pro-Active Fraud
Detection Work |
|
|
|
|
|
|
|
|
|
Claims
Based Payments |
A |
|
20 |
|
|
|
|
|
|
|
|
|
|
|
TOTAL |
|
|
36 |
|
|
RISK |
FREQ. |
2005/6 |
|
|
RATING |
YEARS |
DAYS |
|
CONTRACTS
AUDITS |
|
|
|
|
|
|
|
|
|
ONGOING WORK |
|
|
|
|
|
|
|
|
|
Final
Accounts |
A |
1 |
18 |
|
Contracts
Administration |
|
|
10 |
|
Pre
Tender Work |
A |
1 |
12 |
|
Contracts
Advice |
B |
1 |
5 |
|
Current
Contracts |
A |
1 |
12 |
|
Post
Contract Reviews |
A |
1 |
5 |
|
Financial
Evaluations |
A |
1 |
5 |
|
|
|
|
|
|
SPECIFIC PROJECTS |
|
|
|
|
|
|
|
|
|
Service
Contracts Monitoring |
A |
1 |
15 |
|
Use of
Consultants |
A |
2 |
15 |
|
Social
Services Contracting Processes |
A |
3 |
15 |
|
Leisure
Contracting Processes |
A |
3 |
10 |
|
Highways
Contracts |
A |
1 |
10 |
|
|
|
|
|
|
TOTAL |
|
|
132 |
|
|
RISK |
FREQ. |
|
2005/6 |
|
|
RATING |
YEARS |
|
DAYS |
|
ICT
AUDIT PLAN |
|
|
|
|
|
|
|
|
|
|
|
Determine
the IT organisation and relationships |
B |
3 |
|
10 |
|
Manage
the IT investment |
A |
2 |
|
10 |
|
Manage
human resources |
B |
3 |
|
5 |
|
Ensure
compliance with external requirements |
A |
1 |
|
10 |
|
Assess
risk |
A |
1 |
|
5 |
|
Manage
projects |
B |
2 |
|
10 |
|
Manage
quality |
A |
1 |
|
5 |
|
|
|
|
|
|
|
Acquire
and maintain application software |
B |
2 |
|
10 |
|
Acquire
and maintain technology infrastructure |
A |
1 |
|
5 |
|
Develop
and maintain procedures |
B |
2 |
|
10 |
|
Install
and accredit systems |
B |
2 |
|
5 |
|
Manage
changes |
A+ |
1 |
|
5 |
|
|
|
|
|
|
|
Manage
third party services |
B |
3 |
|
10 |
|
Ensure
continuous service |
A+ |
1 |
|
10 |
|
Ensure
systems security |
A+ |
1 |
|
10 |
|
Identify
and allocate costs |
B |
2 |
|
10 |
|
Manage
the configuration |
A |
1 |
|
5 |
|
Manage
problems and incidents |
A |
1 |
|
5 |
|
Manage
data |
A+ |
1 |
|
5 |
|
Manage
facilities |
A |
1 |
|
5 |
|
Manage
operations |
A+ |
1 |
|
5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
TOTAL |
|
|
|
155 |
|
PROJECT
AUDITS |
RISK |
|
2005/06 |
|
|
RATING |
|
DAYS |
|
|
|
|
|
|
|
|
|
|
|
Gags
(DIP/CRM/BPR/Info Mgt/FOWG) |
A |
|
68 |
|
eGovernment
(IEG,ePIPS,ePROCUREMENT,eForms etc |
A |
|
7 |
|
ACCISS
Replacement |
B |
|
5 |
|
|
|
|
|
|
|
|
|
|
|
TOTAL |
|
|
80 |
|
FOLLOW
- UP AUDITS |
|
|
2005/06 |
|
|
|
|
DAYS |
|
|
|
|
|
|
|
|
|
|
|
BVPIs |
|
|
1 |
|
Youth
& Community |
|
|
1 |
|
Schools
Inspectorate |
|
|
1 |
|
Wight
Leisure |
|
|
1 |
|
Tourism |
|
|
1 |
|
Environment
Services OMA |
|
|
1 |
|
Coastal
Protection |
|
|
1 |
|
Environmental
Health |
|
|
1 |
|
Property
Services |
|
|
1 |
|
Adult
& Community OMA |
|
|
1 |
|
Children’s
Services |
|
|
1 |
|
Homecare
Services |
|
|
1 |
|
Care
Management & Needs Assessment |
|
|
1 |
|
Safer
Communities |
|
|
1 |
|
Supporting
People |
|
|
1 |
|
Homelessness |
|
|
1 |
|
Corporate
Services OMA |
|
|
1 |
|
Human
Resource Management |
|
|
1 |
|
Governance
Framework |
|
|
1 |
|
AV Unit |
|
|
1 |
|
Development
Control |
|
|
1 |
|
Fostering |
|
|
1 |
|
Section
17 |
|
|
1 |
|
Resource
Centres |
|
|
1 |
|
Mental
Health Day Centres |
|
|
1 |
|
Capital |
|
|
1 |
|
Section
106 Agreements |
|
|
1 |
|
|
|
|
|
|
|
|
|
|
|
TOTAL |
|
|
27 |
|
Annual
Plan 2005/2006 |
|
|
2005/06 |
|
|
|
|
DAYS |
|
SUMMARY
SHEET |
|
|
|
|
|
|
|
|
|
Compliance
Audits |
|
|
134.5 |
|
Financial
Systems Audits |
|
|
220 |
|
Operational
Audits |
|
|
300 |
|
Anti
Fraud and Corruption Audits |
|
|
36 |
|
Contracts
Audits |
|
|
132 |
|
ICT
Audits |
|
|
155 |
|
Project
Audits |
|
|
80 |
|
Follow-Up
Audits |
|
|
27 |
|
Contingency |
|
|
130 |
|
|
|
|
|
|
TOTAL |
|
|
1214.5 |