(c) the extent to which the assets and interests are acquired economically, used efficiently, accounted for and safeguarded from losses of all kinds arising from waste, extravagance, inefficient administration, poor value for money, fraud or other cause and that adequate business continuity plans exist;

(d) the suitability, accuracy, reliability and integrity of financial and other management information and the means used to identify measure, classify and report such information;

(e) the integrity of processes and systems, including those under development, to ensure that controls offer adequate protection against error, fraud and loss of all kinds; and that the process aligns with the authority’s strategic goals;

(f) the suitability of the organisation of the units audited for carrying out their functions, and to ensure that services are provided in a way which is economical, efficient and effective;

(g) the follow-up action taken to remedy weaknesses identified by Internal Audit review, ensuring that good practice is identified and communicated widely;

(h) the operation of the authority’s corporate governance arrangements.

4. The Role of the Audit Panel

In keeping with good corporate governance practice, a Panel of elected members should have oversight of the activities of the Internal Audit Service for the following purposes:

v The Panel should monitor Internal Audit’s performance, both in terms of the quality and quantity of its work;

v The Panel should satisfy itself that Internal Audit has devoted its attention to the appropriate issues;

v The Panel should consider the results of Internal Audit reviews to ensure that any significant findings are addressed, including control weaknesses and to ascertain whether, in the opinion of the Chief Internal Auditor, adequate and satisfactory responses have been given by the Authority’s management;

v The Panel should recommend, if necessary, that further attention should be given to some of the issues raised.

5. REVIEW OF 2003/2004

(a) Developments In The Internal Auditing Profession

The professional environment within which internal audit operates continued to be dynamic during the last financial year. The Office of the Deputy Prime Minister published new Accounts and Audit Regulations in March 2003 that inter alia introduced the requirement for local authorities to include a Statement on Internal Control (SIC) within its published financial statements. This initiative has a wide-ranging impact not just on the work of internal audit but also on all senior managers across the council. The implications of this development are discussed in more detail below.

Aside from specific initiatives such as the SIC, in general terms there has been an increasing expectation that internal audit units will become more involved in reviewing risk management and corporate governance arrangements operating in their host organisations. The driver for this comes from H.M. Treasury that is keen to see the roll out of sound corporate governance practices as developed in the private sector some ten years ago across the entire public sector. In this regard, Local Government is behind the Civil Service and the Health Service in being required to adopt these practices.

(b) The Isle of Wight Council Response to Required Change

Comprehensive Performance Assessment

In October 2002 the original CPA assessment and in particular the Auditor Judgement for the Internal Audit Service was graded as 2 out of a potential maximum score of 4. A score of 2 means generally satisfactory service but with weaknesses. The Audit Commission made a number of recommendations for improvement in the Audit Service which have been addressed during financial year 2003/04 and before. The CPA scores were reviewed by the Audit Commission in autumn of 2003 and the score for Internal Audit Services improved from a 2 to a 3. A score of 3 means satisfactory with no major areas of weakness. Our ambition for the future is to further improve on this score to a 4.

Risk Based Auditing

In response to the central government drive to embed risk management in local authorities, during 2003/2004 Audit Services re-assessed the audit methodologies we employ and developed a new approach to operational/management audits called risk based auditing. This involves working collaboratively with management to determine service objectives, to identify and assess the risks threatening the achievement of objectives and to identify the management information and performance targets needed to ensure business success. The majority of these audits commence with a risk assessment workshop facilitated by internal audit staff. We revert to a more traditional audit approach when testing the reliability of the management information that informs management decision-making.

A consequence of changing methodologies and essentially re-tooling the section has been a considerable investment in staff training and development during the financial year. This in turn has impacted upon productivity and the achievement of the internal audit plan. Whereas our original aim was to achieve 90% of the approved audit plan, the actual achievement was 68%. Other factors which contributed to the lower than expected output were unforeseen staff vacancies arising during the year and other development work detailed below.

Development of New Audit Manuals and the Quest for Quality Assurance Certification

The process of re-tooling the service has also required comprehensive re-writing of the Internal Audit Manuals to reflect modern best practice. This process was largely completed during the financial year and the new manuals are now being used by internal audit staff.

It is our intention to seek certification to the internationally recognised Quality Assurance standard ISO 9001. In order to successfully achieve this standard it is essential that all procedures are documented and therefore the development of up to date audit manuals supports this aspiration. We hope to achieve certification by mid 2005.

6. Benchmarking Comparisons.

The service annually submits data to the Institute of Public Finance benchmarking Club to allow us to monitor our performance against other Internal Audit sections in Unitary Authorities. Attached at appendix A are the benchmarking results for the financial year ended 31^st March 2004.

(a) Cost Analysis

Table one in appendix A compares the IOW performance in terms of costs against the average for unitary authorities. The cost per £m gross turnover shows that on average unitary authorities invested 29% more on internal audit services for the amount of money at risk than does the Isle of Wight Council.

The days per auditor at 141 chargeable days compares unfavourably with the unitary average. However, much of this reduced productivity can be explained by the consequences of changing operating methods with the inevitable training requirement that accompanied the changes. This is illustrated in table two where training time is higher as well as other non-chargeable days. The other non-chargeable days figure is high owing to the need to have far more staff meetings than normal to explain the changes required and to win the hearts and minds of audit staff so that they would accept the required changes.

(b) Audit Coverage

Table four shows the areas of audit coverage per £m compared with the average for unitary authorities. In general our coverage is less than other authorities with the significant exception of ICT audit when we were fortunate to have two qualified ICT auditors for part of the year which bolstered activity in this important area of audit work. Coverage of ICT audit was also enhanced by purchasing particular ICT audit technical expertise from the private sector to cover technical audits that we could not resource in-house.

(c) Staffing Matters

During the course of the year we had an average of 6.53 full time equivalent staff in post. This includes an additional whole time staff member that was an agreed growth bid for financial year 2003/04. Additionally, as one member of staff was seconded to the GAGs programme for part of the year, we recruited a temporary member of staff who provided an additional 52 days of productive time during the year. We also, as mentioned above bought some 50 days specialist ICT audit time from an external contractor ACIT services Ltd.

Table five illustrates the overall pay structure of internal audit staff. As can be seen some 27% of audit staff are paid more than 25k compared with 53% for the average of other unitaries. Table 6 shows that in terms of qualified accountants/internal auditors, 61% of our staff are qualified compared with 34% for the average of all other unitaries. Table 7 demonstrates the high levels of audit experience our staff bring to the task.

(d) Overall Direction of Travel

The benchmarking data for 2003/04 shows an overall improvement in the performance of the service over the recent past. If the plans for further improvements (discussed in more detail below) are realised, then the service should be performing in line with the average of unitary authorities during the current financial year.

Moreover, the changes made in methodologies have increased the added value delivered by the service and will make a positive contribution to assisting the authority in improving its overall CPA score. We also are geared up to assist in improving the council’s corporate governance and risk management arrangements.

7. OUTLOOK FOR 2004/2005

(a) Benchmarking Comparisons

Attached at appendix B are the benchmarking estimates projecting to the end of the current financial year.

Table 1 projects a better cost performance with our cost per auditor forecast to fall below the average for unitary authorities for the first time in three years. Table two projects an 18% improvement in productivity by increasing productive days per auditor from 141 in 2003/04 to 167 in the current year. The first quarters actuals for 2004/05 indicate that we are on track to achieve this higher level of productivity. Finally table 4 shows improved audit coverage over the various categories of audit work albeit still below the averages for all unitaries due to staff resource constraints.

(b) Consolidation

The main aims for financial year 2004/2005 are to consolidate on the methodological improvements achieved in 2003/2004 and to drive up productivity levels so that the service can be seen to be delivering value for money in all its activities. Allied to these aims, as stated above, we also wish to demonstrably improve the quality of our work by establishing a robust quality management system capable of being certified to ISO 9001 by mid 2005.

8. THE COUNCILS INTERNAL CONTROL ENVIRONMENT

(a) The Statement on Internal Control

This year for the first time, the authority is obliged to publish a Statement on Internal Control to be published as part of the council’s financial statements. The mechanism for developing the statement relies on Heads of Service producing assurance statements that they are actively managing their risks through the development and maintenance of robust control systems. In circumstances where they are not adequately managing their risks this must be acknowledged in the statement and a plan for remedial action must be identified.

Internal audit’s role as far as the SIC is concerned is to give independent assurance that there are no significant control problems which have not been identified and therefore effectively give assurance that the statements made in the compilation of the SIC are accurate. Additionally, internal audit, together with colleagues in the Insurance and Risk Management section have worked hard during the year to raise the awareness of risk management across the organisation so that the authority is in a position to sensibly respond to the requirements of the SIC.

(b) Internal Audit’s Overall Opinion on the State of the Council’s Internal Control Environment.

During the course of financial year 2003/2004, we have performed audit reviews of the council’s operations and the core financial systems operated by the council in accordance with the agreed annual audit plan for the year. During the course of that work, we found no evidence of significant control failures which would materially damage either the councils financial standing or its reputation. The only issue which we felt needed to be identified in the Statement of Internal Control is the fact that the authority’s risk management arrangements were underdeveloped for much of the duration of financial year 2003/2004, albeit by the end of the financial year much progress had been made in remedying this situation.

Therefore, we can give the Audit Panel reasonable assurance that the internal control system operating in financial year 2003/2004 met the Council’s requirements.

RELEVANT PLANS, POLICIES, STRATEGIES and PERFORMANCE INDICATORS

None

CONSULTATION PROCESS

None

FINANCIAL, LEGAL, CRIME AND DISORDER IMPLICATIONS

There are no significant financial or legal implications of this report , given that it is a progress report on the Internal Audit function. The Panel is reminded that the Council is required by statute (the Accounts and Audit Regulations) to have an adequate and effective Internal Audit function.

APPENDICES ATTACHED

Appendix A - Compares the IOW performance in terms of costs against the average for unitary authorities

Appendix B - benchmarking estimates projecting to the end of the current financial year.

BACKGOUND PAPERS USED IN THE PREPARATION OF THIS REPORT

13. IPF Benchmarking file held by G Richardson - extension 3683

Contact Point : G Richardson, Chief Internal Auditor ( 823683

GED RICHARDSON

Chief Internal Auditor

APPENDIX A

BENCHMARK COMPARISONS 2003/2004 ACTUALS

TABLE ONE – COST ANALYSIS - 2003/2004 ACTUALS

BENCHMARKS	IOW	AVERAGE ALL UNITARIES
Audit days per £m gross turnover	3.35	4.99
Cost per £m gross turnover	£959	£1,237
Days per auditor (staff on payroll)	141	165
Cost per auditor	£45,468	£41,916
Staff cost per auditor (all staff)	£34,027	£32,413
Overheads cost per auditor (all staff)	£11,411	£9,504
Hours per Audit Day	7.4	7.3

TABLE TWO – CHARGEABLE DAYS PER AUDITOR 2003/04 ACTUALS

Chargeable days – Staff on payroll	IOW DAYS	IOW DAYS/FTE	AVERAGE ALL UNITARIES DAYS/FTE
Total days pa	1,719	263.2	260
Non-Chargeable Days:
Public holidays	79	12.1	9.1
Annual leave	199	30.5	29
Special leave	na	na	4.4
Sickness	49	7.5	10.5
Training – Audit qualification	25	3.8	4.9
Training - other	82	12.6	7.6
Other non-chargeable days	362	55.4	32.3
Chargeable days	923	141.3	165

TABLE THREE – OVERHEAD COSTS – 2003/04 ACTUALS

Overhead costs	IOW £’000	IOW £’000/FTE	AVERAGE ALL UNITARIES £’000/FTE
Transport and travel	7	1.0	0.5
Other running costs	8	1.2	2.0
Accommodation	8	1.2	1.9
IT	10	1.5	2.0
Other central charges	44	6.5	3.1
Total	77	11.4	9.5

TABLE FOUR – AUDIT DAYS PER £M BY TYPE OF AUDIT - 2003/2004 ACTUALS

Audit days per £m	IOW DAYS	IOW DAYS/£M	AVERAGE ALL UNITARIES DAYS/£M
Fundamental financial systems	155	0.51	0.84
Assurance work on other systems	180	0.59	1.2
Risk management	113	0.37	0.07
Corporate governance	8	0.03	0.14
Performance management	12	0.04	0.12
Establishment audit	121	0.40	0.75
Audit of IT Systems	223	0.74	0.26
Fraud etc.	41	0.14	0.59
Contract audit	105	0.35	0.26
VFM/Management	-	-	0.10
Consultancy, advice	26	0.09	0.40
Other	30	0.10	0.23
Total	1,014	3.35	4.99

TABLE FIVE – STAFF SALARY BANDINGS AT 31^ST MARCH 2004

Salary bandings	IOW FTE	IOW %	AVERAGE ALL UNITARIES %
Under £15k	0.5	6	9
£15 – 20k	-	0	15
£20 – 25k	5.1	67	23
£25 – 30k	1.0	13	23
£30 – 40k	1.0	13	22
Over £40k	-	0	8
Total	7.6

TABLE 6 – AUDIT STAFF QUALIFICATIONS AT 31^ST MARCH 2004

Qualifications	IOW FTE	IOW %	AVERAGE ALL UNITARIES %
CCAB/MIIA/PIIA	4.6	61	34
AAT	1.8	24	26
Other specialists	-	0	6
Part Qual/Trainees	-	0	19
Non-Qualified	1.2	15	15
Total	7.6	100	100

TABLE 7 – AUDIT EXPERIENCE AT 31^ST MARCH 2004

Audit Experience
	Overall			At current authority
	IOW FTE	IOW %	AVERAGE ALL UNITARIES %	IOW FTE	IOW %	AVERAGE ALL UNITARIES %
Under 1 yr	-	0	6	2.0	26	13
1 – 5 yrs	2.0	26	26	2.0	26	34
6 – 10 yrs	2.0	26	20	2.0	26	23
Over 10 yrs	3.6	48	48	1.6	21	28
Total	7.6			7.6

APPENDIX B

BENCHMARK COMPARISONS 2004/2005 ESTIMATES

TABLE ONE – COST ANALYSIS - 2004/2005 ESTIMATES

BENCHMARKS	IOW	AVERAGE ALL UNITARIES
Audit days per £m gross turnover	3.84	5.04
Cost per £m gross turnover	£885	£1,223
Days per auditor (staff on payroll)	167	174
Cost per auditor	£42,763	£43,316
Staff cost per auditor (all staff)	£32,237	£34,192
Overheads cost per auditor (all staff)	£10,526	£9,124
Hours per Audit Day	7.4	7.3

TABLE TWO – CHARGEABLE DAYS PER AUDITOR 2004/05 ESTIMATES

Chargeable days – Staff on payroll	IOW DAYS	IOW DAYS/FTE	AVERAGE ALL UNITARIES DAYS/FTE
Total days pa	1,910	251.3	260
Non-Chargeable Days:
Public holidays	88	11.6	10.3
Annual leave	177	23.3	29.3
Special leave	na	na	2.9
Sickness	56	7.4	6.9
Training – Audit qualification	25	3.3	4.7
Training - other	74	9.7	7.0
Other non-chargeable days	218	28.7	25.8
Chargeable days	1,272	167.4	174.1

TABLE THREE – OVERHEAD COSTS – 2004/05 ESTIMATES

Overhead costs	IOW £’000	IOW £’000/FTE	AVERAGE ALL UNITARIES £’000/FTE
Transport and travel	8	1.1	0.6
Other running costs	8	1.1	1.7
Accommodation	7	0.9	1.9
IT	10	1.3	1.8
Other central charges	47	6.2	3.1
Total	80	10.5	9.1

TABLE FOUR – AUDIT DAYS PER £M BY TYPE OF AUDIT - 2004/2005 ESTIMATES

Audit days per £m	IOW DAYS	IOW DAYS/£M	AVERAGE ALL UNITARIES DAYS/£M
Fundamental financial systems	190	0.58	0.83
Assurance work on other systems	290	0.89	1.25
Risk management	25	0.08	0.09
Corporate governance	34	0.10	0.15
Performance management	25	0.08	0.11
Establishment audit	130	0.40	0.69
Audit of IT Systems	221	0.68	0.32
Fraud etc.	120	0.37	0.48
Contract audit	129	0.39	0.30
VFM/Management	-	-	0.15
Consultancy, advice	45	0.14	0.36
Other	63	0.19	0.20
Total	1,272	3.88	5.04

INTERNAL AUDIT PERFORMANCE REPORT 2003/2004