Audit and Risk - UK.COM

Audit and Risk

Date: Thursday, 13 February 2014

Time: 18:30

Venue: Supper Room

Address: Town Hall, Hall Plain, Great Yarmouth, NR30 2QF

AGENDA

Open to Public and Press

DECLARATIONS OF INTEREST You have a PERSONAL INTEREST in a matter being discussed at a meeting IF • It relates to something on your Register of Interests form; or • A decision on it would affect you, your family or friends more than other people in your

Ward. You have a PREJUDICIAL INTEREST in a matter being discussed at a meeting IF • It affects your financial position or that of your family or friends more than other people

in your Ward; or • It concerns a planning or licensing application you or they have submitted • AND IN EITHER CASE a reasonable member of the public would consider it to be so

significant that you could not reach an unbiased decision. If your interest is only PERSONAL, you must declare it but can still speak and vote. If your interest is PREJUDICIAL, you must leave the room. However, you have the same rights as a member of the public to address the meeting before leaving.

TRAINING ON INTERNAL AUDIT PLANNING PROCESS

Training will take place at 6pm prior to the meeting.

of 348

1 MINUTES

To confirm the minutes of 19 September 2013.

5 - 8

2 GROUP MANAGERS RISK REPORTS

The Committee will consider the Area of Risk reports from the Group Manager's for Customer Services, Resources, Environmental Services and Tourism & Communications.

9 - 38

3 ANNUAL AUDIT LETTER 2012-13

The Committee will consider the attached report.

39 - 50

4 ANNUAL CERTIFICATION REPORT 2012-13


51 - 58

5 AUDIT AND CERTIFICATION FEES 2013-14

The Committee is requested to note the briefing report which is for information only.

59 - 61

6 LOCAL GOVERNMENT AUDIT COMMITTEE BRIEFING


62 - 70

7 FOLLOW UP ON EXTERNAL AUDIT RECOMMENDATIONS

The Committee will consider the report.

71 - 75

8 FOLLOW UP ON INTERNAL AUDIT RECOMMENDATIONS


76 - 115

9 PROGRESS REPORT 2013-14


116 - 155

10 INTERNAL AUDIT CHARTER


156 - 197

11 WORKING PROTOCOL BETWEEN INTERNAL AUDIT AND

EXTERNAL AUDIT


198 - 218

12 TREASURY MANAGEMENT STRATEGY MID YEAR REPORT


219 - 234

13 TREASURY MANAGEMENT STRATEGY


235 - 264

14 RISK MANAGEMENT FRAMEWORK


265 - 280

15 CORPORATE PROCUREMENT STRATEGY


281 - 295

16 REVISED CONTRACT STANDING ORDERS

The Chairman has requested that the Committee's attention be brought to this report.

296 - 325

of 348

17 CODE OF CORPORATE GOVERNANCE


326 - 349

18 ANY OTHER BUSINESS

To consider any other business as may be determined by the Chairman of the meeting as being of sufficient urgency to warrant consideration.

19 DATE AND TIME OF NEXT MEETING

To confirm that the next meeting will be held on Thursday, 17 April 2014.

of 348

AUDIT AND RISK COMMITTEE

19 September 2013 – 6.30 pm

PRESENT: Councillor Sutton (in the Chair); Councillors T Coleman, Marsden, Pettit, A Smith and B Walker. Councillor M Coleman attended as substitute for Councillor Hanton. Mrs J Beck (Director of Customer Services), Mr R Hodds (Cabinet Secretary), Mrs L Mockford (Group Manager Governance), Mrs V George (Group Manager Housing Services for the Elderly), Mr R Gregory (Group Manager Neighbourhoods and Communities) and Mr D Minns (Group Manager Planning and Building Control). Ms E Hodds (Deputy Audit Manager) and Mr D Riglar (External Audit Manager). Apologies for absence had been received from Councillors Hanton, Holmes and Stone. 1. MEMBERS MEETING WITH REPRESENTATIVES FROM INTERNAL AUDIT AND

AUDIT COMMISSION The Committee agreed that there were no relevant issues to be discussed in private with the Deputy Audit Manager. 2. MINUTES The minutes of the meeting held on the 27 June 2013 were confirmed. 3. AREAS OF RISK (a) Governance The Committee considered the Group Manager (Governance) report with regard to the areas of risk in respect of service areas relating to Corporate Governance, Electoral Services, Information, Licensing, Member Services and nplaw client. The Corporate Risk Assessment had identified three specific areas within Governance relating to information security, data quality and non compliance with legislation.

LARGER PRINT COPY AVAILABLE

PLEASE TELEPHONE: 01493 846325

of 348

Audit and Risk Committee 19 September 2013 (b) Housing, Health and Wellbeing The Committee considered the Group Manager (Housing, Health and Wellbeing’s) Service Risk Assessment relating to services in respect of Private Sector Housing and Renewal Services and services for older people. Members were advised that the purpose of this group of services was to help older and vulnerable people live the way they want through the provision of support services, advice and information and adaptations to their homes. (c) Neighbourhoods and Communities The Committee considered the Group Manager (Neighbourhood and Communities) report on areas of risk relating to functions including Community Centres, Partnerships, Indoor and Outdoor Leisure, Sports Development, Arts and Culture Development and youth engagement. (d) Planning and Building Control The Committee considered the Group Manager (Planning’s) report on areas of risk relating to Planning and Development Control. The Group Manager’s report identified the key risks, the potential impact of the risks and which service area could be affected and what action could be taken to address such risks. In particular the Group Manager referred to risks relating to new legislative implications for Development Control and on issues with regard to the delivery of the new Local Plan. Members noted that the reports were new to the committee but wanted to see a consistent approach in reporting. Reports to focus on key risks and unmitigated risks. RESOLVED: That the Group Manager’s reports in relating to (a) to (d) above be noted. 4. STATEMENT OF ACCOUNTS 2012/13 The Committee was advised that the Accounts and Audit (England) Regulations 2011 require the approval of the Council’s Statement of Accounts 2012/13 by the statutory deadline of the 30 September 2013. In discussing the report, the Committee expressed their concern with regard to the lack of financial officer support at this meeting. However, Members were assured by External Audit that the Statement of Accounts had not materially changed since they reviewed the draft version at the previous committee meeting. RESOLVED: That Council be recommended to approve the audited annual Statement of Accounts

2012/13. 5. ANNUAL FINANCIAL REPORT The external Audit Manager presented his annual financial report for the year ended 31 March 2013. Mr Riglar reported that his report summarised the findings from the 2012/13 audit which was substantially complete. It included the messages arising from the audit of the financial statements and the results of the work undertaken to assess the Council’s arrangements to secure value for money in the use of resources. As from the 17 September 2013 the external auditors expected to issue an un-qualified opinion. The external audit demonstrated that the Council has prepared its financial statements well. Mr Riglar reported

of 348

Audit and Risk Committee 19 September 2013 that appropriate arrangements were in place to secure economy, efficiency and effectiveness in the use of resources. Mr Riglar also noted the improvement journey that the Council had made of the past six years in completing a clean set of accounts. One matter that was reported with the Annual Financial Statement was in relation to the Councils Financial Regulations and standing orders and that these had not been formally reviewed since 2006. RESOLVED: (i) That Council be recommended to approve the annual results report for the year ended 31 March 2013. (ii) That Cabinet be recommended to approve a review of the current standing orders for procurement. 6. LETTER OF REPRESENTATION The Committee considered the letter of representation for the 2012/13 financial statements audit for the Borough Council audit for the year ended 31 March 2013. RESOLVED:

That a letter of representation to be signed on behalf of the Council by the Chairman and the Chief Finance Officer prior to the audit opinion and conclusion being issued be agreed.

7. REPORT ON THE STATUS OF AUDIT RECOMMENDATIONS DUE FOR IMPLEMENTATION BETWEEN THE 1 APRIL AND 31 JULY 2013 The Committee considered the internal audit consortium manager’s report which informed Members as to the latest progress made in relation to the management’s implementation of agreed audit recommendations falling due between the 1 April and 31 July 2013. The Committee noted that steady progress has been made by management in relation to the implementation of audit recommendations and were encouraged to note that responses had been received from all managers and that reasons for delay were justified. RESOLVED: That the Committee receive a note the current position in relating to the completion of agreed audit recommendations. 8. PROGRESS REPORT ON INTERNAL AUDIT ACTIVITY 1 APRIL – 31 AUGUST 2013 The Committee considered the internal audit consortium manager’s report which examined progress made between the 1 April and 31 August 2013 in relation to delivery of the Annual Audit Plan for 2013/14, and included abbreviated management summaries in respect of four audit reviews which have been finalised during this period. In discussing the report Members recorded their concern in relation to the rescheduling of the Tourism and Marketing audit to October as this was when work would be underway with regard to the Seafront BID. Members were assured by the Director of Customer Services that there is capacity to do both.

of 348

Audit and Risk Committee 19 September 2013

RESOLVED: (i) That the Committee receive a note the outcomes of those audits finalised during the first five months of the financial year. (ii) That the Committee note the current status of the Annual Plan for 2013/14 and where the re-timetabling of some work has proved necessary. 9. CORPORATE RISK REGISTER The Committee considered the Corporate Risk Officer’s report which asked Members to review the Corporate Risk Register to determine whether the register correctly reflects the risk affecting the authority. Members were advised that the register was reviewed. The Deputy Audit Manager assured the Committee that the changes to the timing of the audit had been agreed with the Group Manager and the Director of Customer Services also confirmed that this would not be an issue. The Chairman queried the limited assurance level awarded to Print and Design as this had previously been awarded such an opinion. The Chairman was assured by the Deputy Audit Manager that the action plan had been agreed and the Director of Customer Services assured the Chairman that management of the area has now settled down and due progress would be made against the recommendations. RESOLVED: That the Corporate Risk Officer’s report on the Corporate Risk Register be noted. 10. DATE AND TIME OF NEXT MEETING Members noted that the next meeting of the Committee will take place on the 13 February 2014 at 6.30 pm. 11. CLOSURE OF THE MEETING The meeting ended at 8.05 pm.

of 348

Subject: Customer Services – Areas of Risk

Report to: Audit and Risk Date: 13th February 2014

Report by: Group Manager Customer Services

1. Introduction

Customer Services consists of the following service areas:

Administration of Housing Benefit and Local Council Tax Reduction Scheme Customer Service – telephony, face to face and online including Corporate

Website Support Services including Reception and Cashiers Bereavement Services –Crematorium Parking Services ICT Client – Shared Service

2. Corporate risks

The corporate risk assessment already identifies the following risks within the Customer Services Group:

Economy - Increased workload Housing Benefit & Council Tax Reduction Administration

Business Continuity – Loss of IT Systems Information Security – Electronic Access to key DWP systems Customer Needs – Failure to deliver expectations of customers

3. Other identified risks within the service group There are two further main areas of risk within the group: Introduction and national rollout of Universal Credit

Housing costs to be included within Universal Credit Original migration plan for transfer of Housing Benefit caseload to Universal

Credit has been delayed No replacement migration plan available yet Uncertainty for Housing Benefit and Customer Service staff, have already started

to lose experienced staff at a time when demand is still high and the caseload unchanged

Inability to forward plan effectively Uncertainty over future funding Ultimately facing staff redundancy through migration to end of legacy Housing

Benefit Support and assistance for customers moving on to Universal Credit

of 348

Bereavement Services – Replacement Cremators

Crawfords Europe Ltd, contracted by Morgan Sindall on GYBC behalf Crawfords Europe Ltd now in liquidation Installation of new cremators incomplete – Abatement system not operational No ongoing maintenance contract in place Emergency remedial work following fire in place with temporary maintenance

agreement Need to tender for new maintenance contract to complete works and comply with

legislation Legal action ongoing with GYBC contractor, Morgan Sindall

of 348

Customer Service – Service Risk Assessment

Service Function

Risks associated with service

Likelihood

Impact

Action taken/To be taken

Comments

Housing Benefit Administration And Customer Services

A-Very High B-High C-Significant D-Low E- Very Low F- Almost Impossible

1- Catastrophic 2- Critical 3-Marginal/Moderate 4-Negligible

Housing Benefit Delivery & Customer Service

Introduction of Universal Credit

Timescales and Migration Plan for Housing Benefit Caseload to transfer to Universal Credit

A

3

Engagement with DWP and JobCentre Plus/ attendance to workshops/seminars – access to web pages for communication updates

The national roll out of UC has been delayed and timescales for migration are yet to be finalized. Difficulties for service planning Some certainty around Pensioner Cased which will remain until at least 2017 - Housing costs for supported accommodation to remain with local authorities

Loss of key resource insufficient to meet continued demand due to uncertainty of timescales, impact on quality and subsidy audit

A

2

Ongoing overtime to help meet demand Intensive training for new inexperienced staff

The service has already experienced a loss of experience staff due to opportunities within the council following restructures – caseload has remained stable but workload remains high of 348

Staff redundancy due to loss of Housing Benefit Caseload

A

3

Vacant posts have been and will be filled on a temporary basis

GYBC will retain responsibility for the assessment and delivery of Local Council Tax Reductions Scheme, Housing Costs for those in supported accommodation and other Discretionary schemes like Discretionary Housing Payments

Local support for Customers claiming Universal Credit including Housing Costs

A

3

Multi agency approach already in place for wider welfare reform changes with referral for money management and debt advice in place Continued encouragement for customers to access services online in readiness for claiming UC – development of interactive services on GYBC website Continued engagement with DWP and Job centre plus at a local level

The Government has produced a draft Local Support Services Framework which gives information relating to how customers claiming Universal Credit can be supported locally through the process. The document outlines best practice from a selection of organizations supporting customers through the welfare changes The document also outlines some certainty around Local Authority involvement with support for customers at least in the short term including working jointly with other agencies and voluntary organizations although funding is yet to be further defined of 348

Service Function


Likelihood

Impact

Action taken/To be Taken

Comments

Bereavement Services



Cremations Crematorium

No current maintenance contract in place for the completion and ongoing maintenance of the new cremators

A

2

Emergency maintenance agreement in place to keep operational until maintenance contract can be tendered for

Following fire above Cremator 1, ATI were appointed to make remedial works to get cremators operational – they have agreed to a temporary emergency maintenance arrangement

Inability to complete works on and have operational cremator abatement system

B

3

This will not be investigated until maintenance contract has been retendered and awarded

Failure to get Abatement system operation : Two options: a) Purchase new Abatement System (£3-400k Approx) b) Enter into National or Local Burden Sharing Scheme (£100k PA Approx)

Completion of successful legal action against Contractor

C

3

GYBC and Contractors Legal teams are in communication

of 348

Subject: Resources – Areas of Risk

Report to: Audit and Risk Date: 13.February 2014

Report by: Group Manager - Resources

1. Introduction

Resources consists of the following service areas:

Finance – Treasury Management, Systems, Creditors, Budgets, Annual Accounts, Internal and External Audit

HR Revenues – Council Tax, NNDR, Systems & Fraud

2. Corporate risks

The corporate risk assessment already identifies the following risks within the Resources Group:

Delivery of Long Term Strategic Objectives – Medium Term Financial Strategy Lack of Resources – Medium Term Financial Strategy Limited Capacity – Medium Term Financial Strategy Business Continuity – Business Continuity Plans Reliance on Key Individuals – Job Evaluation

3. Other identified risks within the service group There are three further main areas of risk within the group:

Introduction and national rollout of Universal Credit and Single Fraud Investigation Service (SFIS) Uncertainty for Revenues System staff, who maintain the system for the Housing

Benefits Team The SFIS is due to come into existence by March 2015, which means a difficult

and uncertain year for the Revenues Fraud team Inability to forward plan effectively Uncertainty over future funding Ultimately facing staff redundancy through migration to end of legacy Housing

Benefit

Staff Resourcing and Skills The HR team have recently been through a restructure which resulted in

compulsory redundancies and therefore, loss of skills and knowledge The Revenues team have been through a period of turmoil and have suffered

with vacancies and staff illness

of 348

Bank Contract

The Co-operative Bank have informed all local authorities that once their banking contract comes to the end of its term, the bank will not renew the contract

GYBC will need to find another bank to deliver its banking services by April 2016 Significant volumes of transactions go through the main bank account and there

are risks involved in transferring information GYBC last changed bank accounts approximately 10 years ago

of 348

Customer Service – Service Risk Assessment

Service Function


Likelihood

Impact

Action taken/To be taken

Comments

Revenue Services – Systems team and Fraud team



Introduction of Universal Credit

Timescales and Migration Plan for Single Fraud Investigation Service (SFIS)

A

3

Engagement with DWP

The national roll out of SFIS is programmed to be completed by March 2015. Details of ‘how and when’ are limited which will cause difficulties for service planning

Staff redundancy due to loss of Housing Benefit Systems support

A

3

Vacant posts will be filled on a temporary basis

The impact on the systems team is unknown as GYBC will retain responsibility for the assessment and delivery of Local Council Tax Reductions Scheme, Housing Costs for those in supported accommodation and other Discretionary schemes like Discretionary Housing Payments, all of which will require systems support staff. of 348

Service Function


Likelihood

Impact


Comments

Staffing



HR

The HR team have gone through a restructure which resulted in two compulsory redundancies and one voluntary redundancy. The loss of knowledge and skill at a senior HR level may leave the organization vulnerable. Two members of the team will be on maternity leave during 2014 leaving the team further exposed.

A

3

After the process an experienced HR Business Partner commenced with the team to cover the interim period. The team has only been covering the day to day operational and the development of the team, policies, etc. will commence once the team is fully resourced. One of the maternity posts has been covered by an experienced HR administrator, therefore, reducing the risk. An internal appointment has been made to the vacant HR Officer post and the new post-holder will strengthen the team.

The agency person has settled well into the team and operationally the team is delivering.

of 348

Service Function


Likelihood

Impact


Comments

Revenues

The Revenues team have had several vacancies throughout the year, and several incidences of staff sickness. The key post of Local Taxation Team Manager has been vacant since August and despite being advertised we have been unsuccessful in making a new appointment. This post is currently being covered by agency.

A

3

The post for Local Taxation Team Manager will be re-advertised. Some minor changes to line management have taken place and this will hopefully make the post more attractive to candidates.

The agency person has settled well into the team and operationally the team is delivering.

Co-Operative Bank Account



The transfer of the bank account will require a significant amount of staff time to prepare and transfer the information accurately. There are costs associated with this -transfer of staff time, tender process costs for consultant, legal fees, IT support.

A 2 We are currently working with all Norfolk local authorities to pursue the option of a group tender.

of 348

of 348

Environmental Services Group – Service Risk Assessment

Page 1 of 6

ENVIRONMENTAL SERVICES - SERVICE RISK ASSESSMENT Introduction The Environmental Services Group comprises of the following services: Environmental Health:

o Food Safety o Internal & External Health and Safety o Port Health o Licensing (Animal, Scrap Metal & Skin Piercing) o Environmental Protection o Nuisance & ASB o Private Sector Housing Enforcement

Environmental Rangers & Waste & Recycling Communications:

o Enviro Crime Enforcement o Waste & Recycling Communications o Environmental Policy o Stray Dogs

Emergency Planning Coastal Management Client Services - GYBServices

The purpose of this group of services is to protect the health, safety and environment of residents, employees and visitors within the Borough

of 348


Page 2 of 6

SERVICE FUNCTION RISKS ASSOCIATED WITH SERVICE

FUNCTION

LIKELIHOOD IMPACT ACTIONS TAKEN OR BEING TAKEN TO

MITIGATE THE RISK

COMMENTS

Environmental Health

A: Very High B: High C: Significant D: Low E: Very Low F: Almost Impossible

1: Catastrophic 2: Critical 3: Marginal/Moderate 4: Negligible

To protect the health, safety and environment of residents, employees and visitors within the Borough by

Investigating requests for service

Undertaking proactive inspections

Inspecting under the relevant licensing framework

Increase in demand during summer months often means officer resources are stretched resulting in

Backlog of service requests

Inspections not completed by due dates – backlogs created

Licensing inspections and issuing delayed

C

2

Risk assessment of service requests undertaken, all high risk or related to a vulnerable group are prioritised. Customers notified of expected response times. Additional support during the summer months has been brought in for the last two years under an existing budget provision. Some licence work has been rescheduled for winter months. Any proactive project work across health is planned for quieter periods. Ongoing systems thinking work to continue to drive out any

This is an annual risk and one that can be planned for so that the steps to mitigate the risks are put in place at the start of each season.

of 348


Page 3 of 6

waste from the system. SERVICE FUNCTION RISKS

ASSOCIATED WITH SERVICE

FUNCTION


MITIGATE THE RISK

COMMENTS

Environmental Rangers and Waste & Recycling Communication




Investigating requests for service

Undertaking proactive inspections

Providing effective communication around waste & recycling issues

3 Rangers and 1 Waste Communication & Recycling Officer permanently employed (2 further through DCLG funding) results in a relatively small team covering the Borough, so officer absence could impact on service delivery.

D

2

All officers in Environmental Health and now Civil Enforcement officers are authorised to issue FPN’s for dog fouling and littering. All officers in Environmental Health can undertake most of the Rangers work so resources can be moved around during times of need. Forward planning for waste communications work currently taking place to plan for reduction of staff when DCLG funding expires.

The actions outlined help to mitigate this risk.

of 348


Page 4 of 6

SERVICE FUNCTION RISKS

ASSOCIATED WITH SERVICE

FUNCTION


MITIGATE THE RISK

COMMENTS

Emergency Planning & Coastal Management




By planning for and responding in emergency situations

By producing and implementing the Shoreline Management Plan

Loss of key staff as there are two post holders who hold technical and specific information in each of these specialist areas.

B

2

Movement into Environmental Services has allowed for some resilience to be established, mainly through the Community Protection Manager.

Further work needs to be undertaken to build on this resilience and succession planning for these areas of work, currently resources are the barrier to this progressing.

of 348


Page 5 of 6

SERVICE FUNCTION RISKS ASSOCIATED

WITH SERVICE FUNCTION


MITIGATE THE RISK

COMMENTS

Client services - GYBServices




Ensuring GYB Services undertake their functions as specified in the JV Contract and Service Level Agreements

Pressure to make financial savings having a potential to impact on service delivery.

C

3

Close working relationships with GYBServices when dealing with budget pressures. Ongoing liaison with members when saving options are considered. Liaison Board meetings monitor ongoing performance and service delivery of GYB Services.

Minimal impact from ongoing savings provided by GYBServices already.

Reduced contract management as part of the change in the contract with GYBServices, which has now moved to a Joint Venture with the Authority

D

2

As part of the Joint venture GYBServices now operates as an extension of this Authority, developing stronger working relationships with this Authority. Liaison Board meetings

The actions outlined help to mitigate this risk

of 348


Page 6 of 6

are held, and chaired by the Environmental Portfolio holder where contract and financial issues can be raised and discussed.

of 348

DCLG Project Work Plan

Green – Completed

Yellow – Started

Date Work to be Started by

Task Working with Key Milestones Date Completed

Task Lead Cost Notes

1/1/13 - Implement weekly collections for 4,500 properties

GYB Services Environmental Services Residents Press Councillors

- Mass implementation for 4,500 properties

12/8/13 Simon Mutten – GYBS

£151,967 for vehicle (actual) £330,000 depot staff running costs for 3 years

Weekly Collection list provided by GYBS details weekly collection rounds

12/8/13 - Implement weekly collections for a further 2,500 properties

GYB Services Environmental Services Residents

- Year 2 implementation for ? properties - Year 3 implementation for ? properties

Simon Mutten – GYBS

N/A Met with Simon Mutton 14/1/14 to progress lists for year 2 & 3

1/8/13 - Vehicle livery advertising recycling

GYB Services Environmental Services

- New dustcart livery in place

1/9/13 Paul Shucksmith – GYBC

£773.00

1/9/13 - Purchase of recycling facilities in communal areas

GYB Services Environmental Services Community Housing

- Identify facilities to be purchase - Identify suitable

Paul Shucksmith – GYBC

£45,000 Mapping currently being undertaken in these areas to determine what facilities will be

of 348

Residents installation sites - Installation

provided

1/1/13 - Ongoing recycling promotion in areas of weekly collections


- Ongoing general comms - Comms project around MRF -Comms project around new recycling facilities

1/1/13 – Ongoing


£100,000 waste comms officers for one & three years £5,000 promotional materials

Ongoing – Comms team respond to all requests for service and contaminated bin info

1/1/13 -Work with community housing /neighbourhoods & community & voluntary organisations re recycling promotion

Environmental Services Community Housing Neighbourhood & Communities


1/1/13 – Ongoing


£100,000 waste comms officers for one & three years £5,000 promotional materials

Ongoing – through Comms team

1/9/13 -Recycling promotion in schools

Environmental Services



£100,000 waste comms officers for three years £5,000 promotional materials

Promotional events completed in five schools – all schools in DCLG areas will be visited

1/3/13 -Increase in Garden waste recycling


-Delivery of promotional campaigns/deals


£100,000 waste comms

Successful promotion of a free brown bin

of 348

Borough wide officers for three years£5,000 promotional materials

1/6/13 – 31/7/13

1/1/13 -Work to reduce fly tipping in areas of weekly collections

Environmental Services

- Ongoing investigation of complaints by Env Rangers

1/1/13 – Ongoing


£0 Ongoing –Rangers respond to all requests for service. Also trialing a project to highlight fly tips in areas prior to collection.

1/8/13 - Work to improve route for weekly collections in target areas

GYB Services Environmental Services Community Housing Residents

- Identify structural changes & feasibility - Implement changes


£42,500 Mapping currently being undertaken in these areas to determine what facilities will be provided. Discuss potential financial contribution from community Housing

Estimated Total £675,240

Original Bid £675,625

of 348

1

Subject: Tourism and Communications – Areas of Risk Report to: Audit & Risk Date: 13th February 2014 Report by: Group Manager: Tourism and Communications

1. Introduction a. Tourism and Communications consists of the following service areas.

i. Tourism and Corporate Marketing ii. Print & Design iii. Events and Town Hall Function Rooms including portering services iv. Tourist information Services v. Mayoral and Civic Events vi. Communications and Media vii. Greater Yarmouth Tourist Authority

2. Corporate Risks

a. The corporate risk assessment identifies no specific areas within Tourism & Communications but several risks could be applied in general terms including

i. Climate change (1) ii. Changes in local and national economy (2) iii. Lack of financial resources (5) iv. Infra-structure not being able to meet demand (13) v. Partnership working (27)

b. The tourism industry in particular has built up a degree of resilience to changes in the economy and climate change (adverse weather)

3. Other risks within the group of services a. Tourism and Corporate Marketing

i. Resources is always a key issue in order to remain competitive amongst strong competition from the UK and overseas destinations. Once approved the Great Yarmouth Business Improvement District will mark the start of a new era for destination marketing.

b. Print & Design i. Loss of key staff and key equipment is the main risk although a

failure to generate outside work to help support the operation may impact on its potential to deliver services in the future.

ii. Combining a range of skills within the department will help ensure that staff retain and develop the necessary skills and continue to develop their commercial activities.

c. Events and Town Hall Function Rooms including portering services i. The greatest risk revolves around accident or incidents which result

in injury or death and would leave a damaging impact on the reputation of the Borough Council.

of 348

2

ii. All events follow a set of procedures which include event management planning, risk assessment and health & safety checks to minimise the potential risk.

d. Tourist information Services i. The biggest risk is the prospect of future funding cuts and a

subsequent inability to continue with the service and its potential damage to the reputation of Great Yarmouth as a premier visitor destination.

ii. The new BID project may deem it necessary to underpin the work of the TIC to secure the future of the service.

e. Mayoral and Civic Events i. In addition to potential funding cuts the main risk is the protection of

the civic regalia; protocols surrounding the safe-keeping of the civic regalia are documented in the new civic protocols.

f. Communications and Media i. Communications become a vital tool during any crisis so the

importance of the use of several different communications channels is very importance. Total reliance on one type of communication channel is therefore avoided.

g. Greater Yarmouth Tourist Authority (GYTA) i. Insolvency is always a major risk for the GYTA; most critically the

risk; albeit minimised, of bad weather during the annual Maritime Festival affecting attendance levels and thus voluntary contributions.

ii. Failure to deliver the Business Improvement District may prompt a gradual downturn of GYTA voluntary membership making its long term survival unlikely. A lack of tourism leadership absence of any partnership working will inevitably lead to a gradual decline in the local tourism industry.

iii. However all the current indications are that the GYTA will succeed in the effort to form a new BID.

of 348

Tourism and Communications – Service Risk Assessment

Page 1 of 8

TOURISM AND COMMUNICATIONS - SERVICE RISK ASSESSMENT

1. Introduction Tourism and Communication Group comprises of the following Services:-

a. Tourism Marketing & Corporate Marketing b. Print and Design c. Events and Town Hall Function Rooms including portering services d. Tourist Information Services e. Mayoral and Civic Events f. Communications and Media g. Greater Yarmouth Tourist Authority

2. The purpose of the group of services is to harness the skills of Marketing, PR, Event Management in order to add to the

quality of life of residents and visitors by ensuring that they are made fully aware of the range of leisure and cultural activities and Council services available within the Borough and subsequently acting as a stimulus to the local economy and towards the creation of jobs

of 348


Page 2 of 8

SERVICE FUNCTION

RISKS ASSOCIATED WITH SERVICE

FUNCTION


MITIGATE THE RISK

COMMENTS

(1) Marketing: Tourism & Corporate



-To develop and implement a dynamic marketing mix to promote Greater Yarmouth as a Tourism Destination. -To manage and develop the marketing of Great Yarmouth Borough Council across all section (in conjunction with the Communications Officer)

Limited financial resources in order to compete with UK and European destinations.

C

2

Working in partnership with GYTA

Working towards the creation of a Borough-wide Tourism Business Improvement District

The new BID should start in the spring for a five-year period

Loss or further reduction of key staff or insufficient staff to meet demand

C

2

Monthly monitoring of workload

Industry expectations of an effective support mechanism is very high; outcomes constantly monitored through GYTA Working Groups and Board of Directors

Inconsistent message from Council departments that may damage reputation of the Borough Council

C 2 Already have a Communication protocols document

Working on a Social Media strategy & a corporate marketing strategy

Negative publicity about Great Yarmouth causing damage to its reputation as a visitor destination

D 2 The department has key staff who have experience in handling the media including negative PR

of 348


Page 3 of 8

SERVICE FUNCTION


FUNCTION


MITIGATE THE RISK

COMMENTS

(2) Print and Design



-To develop the Print & Design team to provide essential services to Council functions and increase income from external jobs.

Loss of key staff D

2

To some degree support staff can cover any loss of staff in the short term although existing workloads would place unacceptable pressure on remaining staff in the medium and long term

Failure of essential print and design equipment & software

D

3

Service contracts are in place covering our main equipment.

Injury to staff by printing machinery

D 2 All staff are fully trained before they are permitted to work any of the equipment.

of 348


Page 4 of 8

SERVICE FUNCTION


FUNCTION


MITIGATE THE RISK

COMMENTS

(3) Events and Town Hall Functions



Compiling, scheduling and managing an indoor/ outdoor events programme and civic events programme in accordance with current Health & Safety legislation and event management guidelines. To manage the Town Hall porters; work in a team to promote and manage functions as the Town Hall.

Loss of key staff D

2


Reduced funding or complete cut in funding

C

3

Attempts are made to make all events self-financing.

It is hoped that through the Business Improvement District the events programme will be greatly enhanced. Events play a crucial and growing role as an economic driver.

Major incident at a Council-organised event

D

2

All events are thoroughly planned and risked assessed.

Event Management Plans are always present to the Event Safety Advisory Group

Major incident in Town Hall function Room; ie accident or food poisoning resulting in damage to reputation of the function venue and the Council.

D 2 Following a formal tendering procedure GYBC now have a sole caterer.

All events within the function room are risk assessment to limit to likelihood of any incidents.

Injury to Porters during normal working or working alone

D 2 Regular training given to Porters on areas such as manual handling

A risk assessment for the porters role is being constantly reviewed.

of 348


Page 5 of 8

SERVICE

FUNCTION RISKS ASSOCIATED

WITH SERVICE FUNCTION


MITIGATE THE RISK

COMMENTS

(4) Mayoralty & Civic Events



To co-ordinate all aspects of the Mayors engagements and Civic events.


D

2

Staff are able to demonstrate the importance of the ambassadorial role both inside and outside the Borough

The Mayor also promotes the Borough of Great Yarmouth in a positive manner and acts as a link between the Council and various local groups and organisations.

Loss of key staff D 3 Monthly monitoring of workload

Continued training and development of staff.

The department has support staff that are able to cover the absence of principle officers

Loss of Civic Regalia D

2

Mayor is advised not to take any unnecessary risks with the Civic Regalia.

Whilst the Civic Regalia is irreplaceable the extent to which should be protected is detailed in the Mayoral and Civic Protocols.

of 348


Page 6 of 8

SERVICE FUNCTION


FUNCTION


MITIGATE THE RISK

COMMENTS

(5) Tourist Information Services



To act as a support mechanism and as a ‘signpost’ for a range of services, amenities and attractions to encourage both residents and visitors to gain maximum enjoyment.

Loss of key staff D

2


Staff carry a wealth of experience and knowledge of the local area.


C

2

Possible financial support through the Business Improvement District

The TIC is arguably the shop-window of the Borough tourism industry. All year opening demonstrates the authorities commitment to becoming an all-year visitor destination

of 348


Page 7 of 8

SERVICE FUNCTION

RISKS ASSOCIATED WITH

SERVICE FUNCTION

LIKELIHOOD IMPACT ACTIONS TAKEN OR BEING TAKEN TO MITIGATE THE RISK

COMMENTS

(6) Communications and Media



To work with media and public relations matters to promote the work and reputation of the council

Loss of key staff D

2

Limited backup is available within the department in the absence of the Communications Manager



C

2

Service is able to demonstrate its key outcomes in promoting the reputation of the Council through enhanced press and media coverage

The Communications role supports all departments in promoting their services to local residents

Inconsistent message from Council departments that may damage reputation of the Borough Council

D

3

The communications team have already published a set of media protocols and are currently working on a Social Media protocol in order to ensure a consistent message is maintained.

Breakdown of communication channels during a local crisis (ie flood alert)

C 2 To avoid sole reliance on one channel a range of communication channels are used during an emergency situation

of 348


Page 8 of 8

SERVICE FUNCTION


FUNCTION

LIKELIHOOD IMPACT ACTIONS TAKEN OR BEING TAKEN TO MITIGATE THE

RISK

COMMENTS

(7) Greater Yarmouth Tourist Authority



To work with media and public relations matters to promote the work and reputation of the council.

Loss of key staff D

2

GYTA employed their own Project Manager and GYBC support the work of the GYTA through the GYBC Tourism Staff

GYTA is externally funded. GYBC makes no financial contribution to the GYTA.

GYTA becoming insolvent due to the collapse of a particular project

E 2 All GYTA projects are risked assessed.

The GYTA Board take full responsibility for approving critical projects aware of the potential scale of the risk

The Maritime Festival is perhaps the biggest ‘risk’ project undertaken by the GYTA. The Board of aware of the potential financial impact of very bad weather.

Council\Meetings\Audit & Risk\Tourism and Communications

of 348

Great Yarmouth Borough Council

Year ending 31 March 2013

Annual Audit Letter

31 October 2013

of 348

DELIBERATELY LEFT BLANK FOR PRINTING PURPOSES

of 348

Ernst & Young LLP One Cambridge Business Park Cambridge CB4 0WZ

Tel: + 44 1223 394400 Fax: + 44 1223 394401 ey.com

Tel: 023 8038 2000 Fax: 023 8038 2001 www.ey.com/uk

The Members Great Yarmouth Borough Council Town Hall Hall Plain Great Yarmouth Norfolk, NR30 2QF

16 October 2013

Dear Members,

Annual Audit Letter

The purpose of this Annual Audit Letter is to communicate to the Members of Great Yarmouth Borough Council and external stakeholders, including members of the public, the key issues arising from our work, which we consider should be brought to their attention.

We have already reported the detailed findings from our audit work to those charged with governance of Great Yarmouth Borough Council in the 2012/13 Audit results report, issued 19 September 2013. The matters reported here are the most significant for the Council. I would like to take this opportunity to thank the officers of Great Yarmouth Borough Council for their assistance during the course of our work.

Yours faithfully

Mark Hodgson Director For and behalf of Ernst & Young LLP Enc

of 348

DELIBERATELY LEFT BLANK FOR PRINTING PURPOSES

of 348

EY i

Contents

1. Executive summary .......................................................................... 1

2. Key findings ...................................................................................... 3

3. Control themes and observations .................................................. 6

In March 2010 the Audit Commission issued a revised version of the ‘Statement of responsibilities of auditors and audited bodies’ (Statement of responsibilities). It is available from the Chief Executive of each audited body and via the Audit Commission’s website.

The Statement of responsibilities serves as the formal terms of engagement between the Audit Commission’s appointed auditors and audited bodies. It summarises where the different responsibilities of auditors and audited bodies begin and end, and what is to be expected of the audited body in certain areas.

The Standing Guidance serves as our terms of appointment as auditors appointed by the Audit Commission. The Standing Guidance sets out additional requirements that auditors must comply with, over and above those set out in the Code of Audit Practice 2010 (the Code) and statute, and covers matters of practice and procedure which are of a recurring nature.

This Audit Results Report is prepared in the context of the Statement of responsibilities. It is addressed to the Members of the audited body, and is prepared for their sole use. We, as appointed auditor, take no responsibility to any third party.

Our Complaints Procedure – If at any time you would like to discuss with us how our service to you could be improved, or if you are dissatisfied with the service you are receiving, you may take the issue up with your usual partner or director contact. If you prefer an alternative route, please contact Steve Varley, our Managing Partner, 1 More London Place, London SE1 2AF. We undertake to look into any complaint carefully and promptly and to do all we can to explain the position to you. Should you remain dissatisfied with any aspect of our service, you may of course take matters up with our professional institute. We can provide further information on how you may contact our professional institute.

of 348

http://www.audit-commission.gov.uk/pages/default.aspx

Executive summary

Ernst & Young 1

1. Executive summary

Our 2012/13 audit work has been undertaken in accordance with the Audit Plan we issued on 28 March 2013 and is conducted in accordance with the Audit Commission’s Code of Audit Practice, International Standards on Auditing (UK and Ireland) and other guidance issued by the Audit Commission. The Council is responsible for preparing and publishing its Statement of Accounts, accompanied by the Annual Governance Statement. In the Annual Governance Statement, the Council reports publicly on an annual basis on the extent to which they comply with their own code of governance, including how they have monitored and evaluated the effectiveness of their governance arrangements in the year, and on any planned changes in the coming period. The Council is also responsible for putting in place proper arrangements to secure economy, efficiency and effectiveness in its use of resources. As auditors we are responsible for:

► forming an opinion on the financial statements;

► reviewing the Annual Governance Statement;

► forming a conclusion on the arrangements that the Authority has in place to secure economy, efficiency and effectiveness in its use of resources; and

► undertaking any other work specified by the Audit Commission. Summarised below are the conclusions from all elements of our work:

Audit the financial statements of Great Yarmouth Borough Council for the financial year ended 31 March 2013 in accordance with International Standards on Auditing (UK & Ireland)

On 30 September 2013 we issued an unqualified audit opinion in respect of the Council.

Form a conclusion on the arrangements the Council has made for securing economy, efficiency and effectiveness in its use of resources.

On 30 September 2013 we issued an unqualified value for money conclusion.

Issue a report to those charged with governance of the Council (the Audit and Risk Committee) communicating significant findings resulting from our audit.

On 19 September 2013 we issued and presented our report in respect of the Council to the Audit and Risk Committee.

Report to the National Audit Office on the accuracy of the consolidation pack the Council is required to prepare for the Whole of Government Accounts.

We reported our findings to the National Audit Office on 30 September 2013

Consider the completeness of disclosures in the Council’s Annual Governance Statement, identify any inconsistencies with the other information of which we are aware from our work and consider whether it complies with CIPFA / SOLACE guidance.

No issues to report.

Consider whether, in the public interest, we should make a report on any matter coming to our notice in the course of the audit.

We did not issue such a report.

Determine whether any other action should be taken in relation to our responsibilities under the Audit Commission Act.

We did not take such action.

Issue a certificate that we have completed the audit in accordance with the requirements of the Audit Commission Act 1998 and the Code of Practice issued by the Audit Commission.

On 30 September 2013 we issued our audit completion certificate.

of 348

Executive summary

Ernst & Young 2

Issue a report to those charged with governance of the Council summarising the certification (of grants claims and returns) work that we have undertaken.

We plan to issue our annual certification report to those charged with governance with respect to the 2012/13 financial year by 31 January 2014.

1.1 Audit fees

The table below sets out the scale fee and our final proposed audit fees.

Planned fee Scale fee Final

Code audit work £73,500 £73,500 £73,500

Certification of claims and returns

£37,100 £37,100 see note below

Non-Code work Nil Nil Nil

Our actual fee is in line with the agreed fee for the Code audit work. Work on the certification of claims and returns is not yet complete. We will report our final fee for the certification work in our report to be issued by 31 January 2014. We confirm that we have not undertaken any non-audit work outside of the Audit Commission’s Audit Code requirements.

of 348

Key findings

EY 3

2. Key findings

2.1 Financial statement audit

We audited the Council’s Statement of Accounts in line with the Audit Commission’s Code of Audit Practice, International Standards on Auditing (UK and Ireland) and other guidance issued by the Audit Commission. We issued an unqualified audit report on 30 September 2013. In our view, the quality of the process for producing the accounts, including the supporting working papers was good, which was reflected in the low number of errors reported. The main issues identified as part of our audit were:

Significant risk 1: Valuation of property, plant and equipment assets

We concluded that valuations of non-current assets are free from material misstatement and that non-current asset additions were capital in nature.

Significant risk 2 – HRA self financing

The government reformed local authority housing finance by adopting a self-financing model from 1 April 2012. This involved a one-off settlement payment to central government in March 2012.

The in year accounting for self-financing commenced in 2012/13 and required changes in accounting practices for HRA depreciation and the allocation of debt charges between housing and general fund services.

We tested HRA depreciation and confirmed the accuracy of the charge.

We concluded that the Council adopted the approach recommended by Cipfa to record general fund and HRA debt, and the associated financing costs.

Other risk 1 - Weak journal processing controls

We identified journals that were prepared and authorised by the same person. Sample testing of these journals did not identify errors.

Other risk 2 – Jobs processed between Norse and Anite

We tested property maintenance expenditure to underlying evidence. We concluded that the job had occurred and was correctly charged.

Other risk 3 - Housing rents debtor and creditor balances at the year end

We concluded that adequate audit trails were provided to support debtor and creditor housing rents.

Other risk 4 – Exit packages and termination benefits

We concluded that exit packages and termination benefits recorded were complete and correctly disclosed in the accounts.

Other risk 2: Risk of misstatement due to fraud and error.

We carried out the following audit procedures and did not identify any specific fraud risks: ► made enquiries and assessed management’s response about risks of fraud and the controls put in place to

address those risks; ► assessed the oversight given by the Audit and Risk Committee, as those charged with governance, of

management’s processes over fraud; ► performed mandatory procedures regardless of specifically identified fraud risks; and ► considered the results of the Audit Commission’s National Fraud Initiative.

Other key findings:

We identified one material misstatement during our audit. This related to a disclosure error in the note for Property Plant and equipment. It did not change the net present value of property, plant and equipment.

Management have corrected all misstatements. The impact of audit changes was increased usable reserves by £0.14 million.

of 348

Key findings

EY 4

2.2 Value for money conclusion

We are required to carry out sufficient work to conclude on whether the Council has put in place proper arrangements to secure economy, efficiency and effectiveness in its use of resources. In accordance with guidance issued by the Audit Commission, in 2012/13 our conclusion was based on two criteria:

► The organisation has proper arrangements in place for securing financial resilience; and

► The organisation has proper arrangements for challenging how it secures economy, efficiency and effectiveness.

We issued an unqualified value for money conclusion on 30 September 2013. Our audit did not identify any significant matters. The following is a brief summary of our findings against each of these criteria.

Criteria and findings

1. Financial resilience

The Council has robust arrangements in place to ensure its financial resilience. The Council has a history of good financial management and delivery of budgets.

At 31 March 2013, the Council’s general fund balance which is available to meet unforeseen circumstances stood at £5.70 million, while earmarked reserves were £4.10 million. Although the majority of these are earmarked for specific purposes, they do provide the Council with enhanced flexibility to manage its financial position in the current economic environment.

In 2012/13 the council achieved a surplus of £0.12 million on the general fund that was used to increase general fund reserve balances.

Following confirmation that the Council would receive the Efficiency Support Grant, the Council is planning on a contribution to general fund reserves of £0.50 million in 2013/14.

The Council’s general fund reserves are planned to be £6.00 million at 31 March 2014. Without further savings, or receipt of additional funding the Council would need to draw £2.00 million from reserves in 2014/15 to balance the budget. This would lower general fund reserves to £4.00 million at 31 March 2015, but they would still be above the minimum set level approved by the Council of £1.90 million.

The Council is developing plans to address the savings requirement identified in 2014/15 and 2015/16.

2. Securing economy efficiency and effectiveness

The Council has demonstrated that it has effective arrangements in place for securing economy, efficiency and effectiveness.

The Council has a record of prioritising its resources within tighter budgets through the achievement of cost

reductions, e.g. a management restructure, procurement reviews, and by improving efficiency and productivity. The

Council has plans to meet further budget gaps through increasing income streams and through the better use of

council assets.

2.3 Whole of government accounts

We reported to the National Audit office on 30 September 2013 the results of our work performed in relation the accuracy of the consolidation pack the Council is required to prepare for the whole of government accounts. We did not identify any areas of concern.

2.4 Annual governance statement

We are required to consider the completeness of disclosures in the Council’s Annual Governance Statement, identify any inconsistencies with the other information of which we are aware from our work, and consider whether it complies with CIPFA / SOLACE guidance. of 348

Key findings

EY 5

We completed this work and did not identify any areas of concern.

2.5 Certification of grants claims and returns

We have not yet completed our work on the certification of grants and claims. We will issue the Annual Certification Report for 2012/13 in January 2014.

of 348

Control themes and observations

EY 6

3. Control themes and observations

As part of our audit of the financial statements, we obtained an understanding of internal control sufficient to plan our audit and determine the nature, timing and extent of testing performed. Although our audit was not designed to express an opinion on the effectiveness of internal of internal control we are required to communicate to those charged with governance at the Council any significant deficiencies in internal control.

We had no such matters to report.

of 348

EY | Assurance | Tax | Transactions | Advisory

Ernst & Young LLP

© Ernst & Young LLP. Published in the UK. All rights reserved.

The UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001 and is a member firm of Ernst & Young Global Limited.

Ernst & Young LLP, 1 More London Place, London, SE1 2AF.

ey.com

of 348

The UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001 and is a member firm of Ernst & Young GlobalLimited. A list of members’ names is available for inspection at 1 More London Place, London SE1 2AF, the firm’s principal place of business and registered office.

Ernst & Young LLPOne Cambridge Business ParkCambridgeCB4 0WZ

Tel: + 44 1223 394400Fax: + 44 1223 394401ey.com

Tel: 023 8038 2000

The MembersGreat Yarmouth Borough CouncilTown HallHall PlainGreat YarmouthNorfolk,NR30 2QF

27 January 2013

Direct line: 01223 394547

Email: [email protected]

Dear Member

Certification of claims and returns annual report 2012-13Great Yarmouth Borough Council

We are pleased to report on our certification work. This report summarises the results of our work onGreat Yarmouth Borough Council’s 2012-13 claims and returns.

Scope of workLocal authorities claim large sums of public money in grants and subsidies from central government andother grant-paying bodies and are required to complete returns providing financial information togovernment departments. In some cases these grant-paying bodies and government departmentsrequire certification from an appropriately qualified auditor of the claims and returns submitted to them.

Under section 28 of the Audit Commission Act 1998, the Audit Commission may, at the request ofauthorities, make arrangements for certifying claims and returns because scheme terms and conditionsinclude a certification requirement. When such arrangements are made, certification instructions issuedby the Audit Commission to appointed auditors of the audited body set out the work they must undertakebefore issuing certificates and set out the submission deadlines.

Certification work is not an audit. Certification work involves executing prescribed tests which aredesigned to give reasonable assurance that claims and returns are fairly stated and in accordance withspecified terms and conditions.

In 2012-13, the Audit Commission did not ask auditors to certify individual claims and returns below£125,000. The threshold below which auditors undertook only limited tests remained at £500,000. Abovethis threshold, certification work took account of the audited body’s overall control environment forpreparing the claim or return. The exception was the housing and council tax benefits subsidy claimwhere the grant paying department set the level of testing.

Where auditors agree it is necessary, audited bodies can amend a claim or return. An auditor’scertificate may also refer to a qualification letter where there is disagreement or uncertainty, or theaudited body does not comply with scheme terms and conditions.

Statement of responsibilitiesIn March 2013 the Audit Commission issued a revised version of the ‘Statement of responsibilities ofgrant-paying bodies, authorities, the Audit Commission and appointed auditors in relation to claims andreturns’ (statement of responsibilities). It is available from the Chief Executive of each audited body andvia the Audit Commission website.

of 348

2

The statement of responsibilities serves as the formal terms of engagement between the AuditCommission’s appointed auditors and audited bodies. It summarises where the different responsibilitiesof auditors and audited bodies begin and end, and what is to be expected of the audited body in certainareas.

This annual certification report is prepared in the context of the statement of responsibilities. It isaddressed to those charged with governance and is prepared for the sole use of the audited body. We,as appointed auditor, take no responsibility to any third party.

Summary

Section 1 of this report outlines the results of our 2012-13 certification work and highlights the significantissues.

We checked and certified three claims and returns with a total value of £82.148 million. We met thesubmission deadlines for the housing and council tax benefits subsidy claim and the pooling of capitalreceipts.

The audit submission of the national non-domestic rates return was late. This was due to Council’sinability to produce supporting audit trails for the claim.

We issued two qualification letters, one for the housing and council tax benefits subsidy claim and onefor the national non-domestic rates return. Details of the qualification matters are included in section 1.Our certification work found errors which the Council corrected. The amendments had a marginal effecton the grant due.

Fees for certification work are summarised in section 2. The Audit Commission applied a generalreduction of 40% to certification fees in 2012-13. We have included the actual fees for 2011-12 to assistyear on year comparisons.

We welcome the opportunity to discuss the contents of this report with you at the February 2014 Auditand Risk Committee.

Yours faithfully

Mark HodgsonDirectorErnst & Young LLPEnc

of 348

Contents

Certification of claims and returns annual report 2012-13

Contents

1. Summary of 2012-13 certification work ..................................................................... 12. 2012-13 certification fees ........................................................................................... 33. Looking forward ......................................................................................................... 4

of 348

Summary of 2012-2013 certification work

EY ÷ 1

1. Summary of 2012-13 certification work

We certified three claims and returns in 2012-13. The main findings from our certification work are providedbelow.

Housing and council tax benefits subsidy claim

Scope of work Results

Value of claim presented for certification £53,039,434

Amended Yes – subsidy increased by £5,670 to £53,045,104

Qualification letter Yes

Fee - 2012-13Fee - 2011-12

£35,130£67,361

Councils run the Government's housing and council tax benefits scheme for tenants and council taxpayers.Councils responsible for the scheme claim subsidies from the Department for Work and Pensions (DWP)towards the cost of benefits paid.

The certification guidance requires auditors to complete more extensive ‘40+’ testing (extended testing) ifinitial testing identifies errors in the calculation of benefit or compilation of the claim. We found errors andcarried out extended testing in several areas.

Extended ‘40+’ testing and other testing identified errors which the Council amended. They had a small netimpact on the claim. We have reported underpayments, uncertainties and the extrapolated value of othererrors to the DWP in a qualification letter. The following are the main issues which was included in ourqualification letter:

o Income assessment errors across all four main benefit types, Non HRA Rent Rebates, HRARent Rebates, Rent Allowance and Council Tax Benefit. Extended 40+ testing was applied toquantify results and report.

o Incorrect classification of eligible overpayments for Rent Allowances and Council Tax Benefits.Extended 40+ testing was applied to quantify results and report.

o Errors in the disregard applied and income assessment for Rent Rebate, Rent Allowance andCouncil Tax Benefit modified scheme cases.

National non-domestic rates return


Value of return presented for certification £27,985,239

Limited or full review Full review

Amended Yes – payments to the pool increased by £7,314 to£27,992,553

Qualification letter Yes

Fee – 2012-13Fee – 2011-12

£3,140 (Additional fee raised)£2,002

of 348

Summary of 2012-2013 certification work

EY ÷ 2

The Government runs a system of non-domestic rates using a national uniform business rate. Councilsresponsible for the scheme collect local business rates and pay the rate income over to the Government.Councils have to complete a return setting out what they have collected under the scheme and how muchthey need to pay over to the Government.

We found three errors in the national non-domestic rates return and we certified the amount payable to thepool with qualification. The issues found were:

· The audit trail totals did not agree to the draft return. Four entries in the claim were amended.

· The date the last VO direction has been taken into account was amended to 27/2/2013.

· Testing of transitional relief cases identified one error. The failure related to the base liability used tocalculate the transitional relief. As we were unable to quantify the overall impact, this was reportedin our qualification letter.

An additional fee of £2,310 was discussed and agreed with officers for this additional work.

Pooling of housing capital receipts


Value of return presented for certification £1,110,289

Limited or full review Full review

Amended No

Qualification letter No

Fee – 2012-13Fee – 2011-12

£1,140£1,640

Councils pay part of a housing capital receipt into a pool run by the Department of Communities and LocalGovernment. Regional housing boards redistribute the receipts to those councils with the greatest housingneeds. Pooling applies to all local authorities, including those that are debt-free and those with closedHousing Revenue Accounts, who typically have housing receipts in the form of mortgage principal and rightto buy discount repayments.

We found no errors on the pooling of housing capital receipts return and we certified the amount payable tothe pool without qualification.

of 348

2012-13 certification fees

EY ÷ 3

2. 2012-13 certification fees

For 2012-13 the Audit Commission replaced the previous schedule of maximum hourly rates with acomposite indicative fee for certification work for each body. The indicative fee was based on actualcertification fees for 2010-11 adjusted to reflect the fact that a number of schemes would no longer requireauditor certification. There was also a 40 per cent reduction in fees reflecting the outcome of the AuditCommission procurement for external audit services.

The indicative composite fee for Great Yarmouth Borough Council for 2012-13 was £37,100. The actual feefor 2012-13 was £39,410. This compares to a charge of £71,003 in 2011-12.

Claim or return 2011-12 2012-13 2012-13

Actual fee

£

Indicative fee

£

Actual fee

£

Certification of claims and returnsincluding the annual report

71,003* 37,100 39,410

*Adjusted for fees charged in 2011-12 for claims and returns not audited in 2012-13

Fees for annual reporting and for planning, supervision and review have been allocated directly to theclaims and returns.

The fees for 2012-13 were calculated based on those for 2010-11 less 40%.

Fees fell overall compared to 2010-11 because of the Audit Commission’s 40% reduction. However, afterallowing for the 40% reduction there was a small increase in fees for the following claims and returns:

The actual fee is £2,310 higher than the indicative fee due to the additional fee reported in section1 for theaudit of the NNDR return.

of 348

Looking forward

EY ÷ 4

3. Looking forward

For 2013-14, the Audit Commission has calculated indicative certification fees based on the latest availableinformation on actual certification fees for 2011-12, adjusted for any schemes that no longer requirecertification. The Audit Commission has indicated that the national non-domestic rates return will not requirecertification from 2013-14.

The Council’s indicative certification fee for 2013-14 is £39,700. The actual certification fee for 2013-14 maybe higher or lower than the indicative fee, if we need to undertake more or less work than in 2011-12 onindividual claims or returns. Details of individual indicative fees are available at the following link:[http://www.audit-commission.gov.uk/audit-regime/audit-fees/201314-fees-and-work-programme/individual-certification-fees/]

We must seek the agreement of the Audit Commission to any proposed variations to indicative certificationfees. The Audit Commission expects variations from the indicative fee to occur only where issues arise thatare significantly different from those identified and reflected in the 2011-12 fee.

The Audit Commission has changed its instructions to allow appointed auditors to act as reportingaccountants where the Commission has not made or does not intend to make certification arrangements.This removes the previous restriction saying that the appointed auditor cannot act if the Commission hasdeclined to make arrangements. This is to help with the transition to new certification arrangements, such asthose DCLG will introduce for business rates from 1 April 2013.

of 348

Ernst & Young LLP

Assurance | Tax | Transaction | Advisory

www.ey.com/uk

The UK firm Ernst & Young LLP is a limited liabilitypartnership registered in England and Wales withregistered number OC300001 and is a member firmof Ernst & Young Global Limited


© Ernst & Young LLP 2014. Published in the UK.All rights reserved.

of 348

of 348

Contents at a glance

Sector and economic news

Accounting, auditing and governance

Regulation news

Find out more

IntroductionThis sector briefing is one of the ways that we hope to continue to support you and your organisation in an environment that is constantly changing and evolving.

It covers issues which may have an impact on your organisation, the Local government sector and the audits that we undertake. The public sector audit specialists who transferred from the Audit Commission form part of EY’s national Government and Public Sector (GPS) team. Their extensive public sector knowledge is now supported by the rich resource of wider expertise across EY’s UK and international business. This briefing reflects this, bringing together not only technical issues relevant to the local government sector but wider matters of potential interest to you and your organisation.

Links to where you can find out more on any of the articles featured can be found at the end of the briefing, as well as some examples of areas where EY can provide support to Local Authority bodies. We hope that you find the briefing informative and should this raise any issues that you would like to discuss further please do contact your local audit team.

Local Government Audit Committee briefing

November 2013

of 348

2 | Local Government Audit Committee briefing November 2013


Proposals for the use of capital receipts from asset sales to invest in reforming services On 25 July 2013 the Government launched a consultation on ‘Proposals for the use of capital receipts from asset sales to invest in reforming services’. The consultation aimed to gather views from the Local Government sector on proposals to allow part or even the whole of a capital receipt from new asset sales to be used for one-off revenue purposes.

The broad aims of the proposed policy are to:

► Encourage good asset management planning and incentivise the appropriate sale of local authority assets so that they are put into productive use and support growth.

► To enable additional resources, from local authority asset sales, to give a capital receipt flexibility for the one-off cost of reforming, integrating or restructuring services.

Views were sought to gauge the level of support for the proposed policy, as well as comments on how it would work in practice and the mechanisms for delivery.

A competitive bidding process is the preferred mechanism for approving such use of capital receipts. It is proposed that any application under a bid based process should set out a cost/benefit analysis to demonstrate value for money.

The criteria to evaluate competing applications from local authorities could include:

► Amount of expenditure and proposed use of that revenue

► The reduction of ongoing/long-term costs

► How you plan to transform your services

► Working across the wider public sector

► Asset to be sold

► Possible forward use of an asset

The consultation also considered how any approved proposals would be implemented, highlighting two possible methods:

► A Direction from the Secretary of State, allowing specified revenue expenditure to be treated as capital expenditure

► Through the existing provisions in The Local Authorities (Capital Finance and Accounting) Regulations 2003 (SI: 2003/3146).

The preferred option set out in the consultation documented is through a letter of Direction from the Secretary of State, as this would more closely fit with the competitive bid process.

of 348


The consultation closed on 24 September, and it is expected that there will be a response to the consultation in Autumn setting out the finalised proposals. The indicative timeline set out in the consultation document is set out below.

Event Timing

Bid process commences Winter 2013

Bid process decisions Spring 2014

Direction letter issued Spring 2014

Disposal of Asset August 2013–March 2016

Revenue Expenditure April 2015–March 2016

Economic outlookThe ITEM Club, one of the UK’s foremost independent economic forecasting groups, sponsored by EY, published its Autumn Forecast in October 2013. It recognises that the UK economy is improving with GDP now projected to grow by 1.4% this year and 2.4% next year after a 0.1% rise in 2012. It notes that this is supported by the encouraging outlook for exports and business investment. It warns, however, that unforeseen events could disrupt this positive outlook, not least new external shocks such as the US budget deadlock. It believes that the view that the UK government’s initiatives to support the housing market will result in a housing bubble is strongly overplayed. It states that the current rises in prices and transactions are from a historically very low base, and remain way below pre-crisis levels. With the housing recovery knocking on into wider consumer spending, and virtually all surveys of business confidence trending upwards, the economic outlook for the UK is continuing to brighten — despite the inevitable risks.


of 348



Audit Commission briefing on the Local Audit and Accountability BillOn 4 September 2013 the Audit Commission released a briefing paper on the Local Audit and Accountability Bill, which is currently passing through Parliament.

The briefing provides an up-to-date view of where the Commission believes that amendments and refinements could further improve and strengthen the Bill.

Eight areas are identified in the briefing, where the Commission believes improvements to the bill could be made:

1. Including an option for optional collective procurement arrangements.

2. Strengthening the arrangements for the appointment of auditors, by having external members on audit committees rather than separate audit panels.

3. Expanding the data collected as part of the National Fraud Initiative.

4. Allowing more time to develop a proportionate audit regime for small bodies, by allowing current arrangements to be extended to 2020.

5. Ensuring that there continues to be central returns and publications to support accountability to Parliament and the public.

6. Including reporting on arrangements to secure value for money.

7. Updating the legislative framework governing local public audit.

8. Considering the transitional issues to the new regime, given that contracts under the current framework end in 2016/17 (with potential extensions to 2020), but the Commission, who manage the contracts, is due to be fully abolished in 2015.

Minimum Revenue Provision (MRP)The Local Authorities (Capital Finance and Accounting) (England) (Amendment) Regulations 2008 (SI 2008/414) became effective from March 2008. These regulations replaced the formula-based method for calculating MRP which existed under previous regulations under the Local Government Act 2003. The new requirement was for an authority to:

‘�Determine�for�the�current�financial�year�an�amount�of�minimum�revenue provision which it considers to be prudent’.

No definition of ‘prudent’ was given, although DCLG issued statutory guidance in 2008, which authorities had to take account of, setting out their interpretation. This was updated in 2012 to take account of HRA self-financing and the implications of IFRS regarding PFI schemes. For authorities with a positive Capital Financing Requirement (CFR) the guidance set four out options, but indicated that any alternatives that met the basic criteria included within the statutory guidance was acceptable. The four options are briefly described below:

1. Regulatory Method (for expenditure incurred before 1st April 2008, and supported expenditure incurred after that date):

► MRP is charged at 4% of the Authority’s capital financing requirement (or underlying need to borrow for a capital purpose) which has been reduced by Adjustment A (calculated in 2004 under previous regulations).

2. CFR Method (for expenditure incurred before 1 April 2008, and supported expenditure incurred after that date):

► MRP is simply charged at 4% of the Authority’s capital financing requirement at the end of the preceding financial year (with no technical adjustment).

of 348


3. Asset Life Method (for unsupported capital expenditure incurred on or after 1st April 2008):

► An MRP provision is made over the estimated life of the asset for which the borrowing (or other long-term financing) has been undertaken. This will be based either on the ‘equal instalment method’ or the ‘annuity method’.

4. Depreciation Method (for unsupported capital expenditure incurred on or after 1st April 2008):

► An MRP provision is calculated in accordance with the standard rules for calculating depreciation provision.

The use of a broad framework rather than the formulaic approach has resulted in incorrect interpretation and calculation of MRP at a number of authorities in the past. Our audit work during the last year identified examples where authorities were not following their own accounting MRP policy or were, in a number of cases, overstating the amount of MRP that they set aside. Detailed work at selected sites identified that these non-compliance and calculation errors had accumulated overstatements of MRP of more than £10mn which could be reversed. Similar in-depth reviews can be incorporated within the 2013/14 audit programmes.


of 348


Regulation�news

Pensions Regulator to have oversight of public sector pensionsThe 2013 Public Service Pensions Act which received royal assent in April afforded the Pensions Regulator an enhanced role — broadening its remit to include oversight of public sector pensions from April 2015. It will set standards of governance and administration for public sector schemes in response to the Independent Public Service Pensions Commission’s 2011 recommendations make improvements to both of these areas.

The schemes include approximately 22,000 employers and 12.6mn members (2012 figures taken from the Pensions Regulator website), and span Local Government, NHS, Police, Fire, Teachers, Civil Service, Armed Forces and Judicial pension schemes.

The Pensions Regulator has published a report, together with the supporting research, which documents current practice in these eight categories of public sector pension schemes.

The Pensions Regulator has promised to ‘take action if necessary’ to ensure public sector pension schemes are run to high standards following government reforms that will see it assuming oversight of the public sector.

Following the passage of the 2013 Public Service Pensions Act the regulator will set standards of governance and administration for public sector schemes from April 2015 including Police and Fire.

On September 6, the Pensions Regulator produced a report summarising current practice in eight categories of civil service pension schemes.

The survey of current schemes found room for improvement but also highlighted areas of good practice.

Local Government Pension Scheme findings:

► The survey noted that governance and administration had been on the agenda for these schemes for several years, and that this was evident in the survey findings, which demonstrated greater awareness of these matters.

► Ninety eight percent had a governance board in place. The majority of schemes also had a risk register in place, with risks and internal controls being reviewed at least annually; a conflict of interests policy and a register of members’ interests.

► Eighty one percent of LGPS arrangements are administered in-house and the majority have service standards which are documented and reported against.

► LGPS schemes when compared the others in the survey had the most active member communication.

The Regulator is now working on producing code of practice as well as the regulatory strategy, and has plans to monitor and report on the progress of public sector schemes each year.

of 348


Local Government Pension Scheme Structural ReformIn addition to the review of investment regulations noted in the previous sector update, a wide ranging consultation was announced by Brandon Lewis MP (Minister for Local Government) in a speech at the National Association of Pension Funds local authority conference in May 2013. The consultation was launched by DLCG and the LGA in June 2013 and aimed to identify reforms that will both improve investment performance and reduce fund management costs, in advance of the implementation of the new scheme in April 2014.

The consultation closed at the end of September, and the analysis of submissions is expected to inform a further consultation on options for change, which is to be released in early 2014.

At the same time, further detail has been provided about the proposed governance arrangements for the new LGPS in the DCLG discussion paper ‘Local Government Pension Scheme (England and Wales) New Governance arrangements, also issued in June 2013.

The paper set out the proposed response to five specific sections of the Public Service Pensions Act 2013 which impact on the governance arrangements of the new scheme:

1. Responsible authority

2. Scheme manager

3. Pension board

4. Pension board information

5. Scheme Advisory board

The intention is for new regulations to be in place before April 2014, which will require new scheme advisory boards and local pension boards to become operational later in the year. In the intervening period between the commencement of the new LGPS scheme and the governing bodies becoming operational, existing governance arrangements under Section 101 of the Local Government Act 1972 will continue to apply.

This consultation closed at the end of August.

Regulation�news

of 348


Find out more

To find out more on the articles above, please follow the links below:

Proposals for the use of capital receipts from asset sales to invest in reforming services Full details can be found at: https://www.gov.uk/government/consultations/proposals-for-the-use-of-capital-receipts-from-asset-sales-to-invest-in-reforming-services.

Economic outlookFor the full analysis go to: http://www.ey.com/UK/en/Issues/Business-environment/Financial-markets-and-economy/ITEM---Forecast-headlines-and-projections

Audit Commission briefing on the Local Audit and Accountability BillThe full briefing can be found at: http://www.audit-commission.gov.uk/2013/09/public-briefing-on-the-local-audit-and-accountability-bill/

Minimum Revenue ProvisionFor more information, please see the DCLG guidance at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/11297/2089512.pdf For more details on calculating MRP, please refer to Chapter 6 of the Practitioners’ Guide to Capital Finance in Local Government (CIPFA 2008).

For details on incorporating a more in-depth review of MRP into your 2013/14 audit programmes, contact your audit team.

Pensions Regulator to have oversight of public sector pensionsFor more information see the Pensions Regulator website at: http://www.thepensionsregulator.gov.uk/index.aspx and the civil service pension schemes report at: http://www.thepensionsregulator.gov.uk/docs/public-service-research-summary.pdf

Local Government Pension Scheme Structural Reform:For further detail on the consultation, and to view all available consultations and consultation outcomes within the Local Pension series please visit: https://www.gov.uk/government/organisations/department-for-communities-and-local-government/series/local-government-pensions

of 348

https://www.gov.uk/government/consultations/proposals-for-the-use-of-capital-receipts-from-asset-sales-to-invest-in-reforming-services



http://www.ey.com/UK/en/Issues/Business-environment/Financial-markets-and-economy/ITEM---Forecast-headlines-and-projections



http://www.audit-commission.gov.uk/2013/09/public-briefing-on-the-local-audit-and-accountability-bill/

http://www.audit-commission.gov.uk/2013/09/public-briefing-on-the-local-audit-and-accountability-bill/

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/11297/2089512.pdf

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/11297/2089512.pdf

http://www.thepensionsregulator.gov.uk/index.aspx

http://www.thepensionsregulator.gov.uk/docs/public-service-research-summary.pdf

http://www.thepensionsregulator.gov.uk/docs/public-service-research-summary.pdf

https://www.gov.uk/government/organisations/department-for-communities-and-local-government/series/local-government-pensions




About EYEY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

Ernst & Young LLPThe UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001 and is a member firm of Ernst & Young Global Limited.


© 2013 Ernst & Young LLP. Published in the UK. All Rights Reserved.

ED None

1377228.indd (UK) 10/13. Artwork by Creative Services Group Design.

In line with EY’s commitment to minimise its impact on the environment, this document has been printed on paper with a high recycled content.

Information in this publication is intended to provide only a general outline of the subjects covered. It should neither be regarded as comprehensive nor sufficient for making decisions, nor should it be used in place of professional advice. Ernst & Young LLP accepts no responsibility for any loss arising from any action taken or not taken by anyone using this material.

ey.com/uk

of 348

W:\Central services\Member Services\CMIS\Audit & Risk\Report - External Audit Recs - 13 Febuary 2014.doc Page 1 of 5

Subject: FOLLOW UP OF AUDIT COMMISSION RECOMMENDATIONS Report to: Audit and Risk Committee – 13th February 2014 Report by: Corporate Risk Officer This report is for those recommendations with an implementation date of 31 January 2014 or before.

1 Background 1.1 Some audit reports indicate system weaknesses, which need to be addressed

immediately to safeguard the Authority against fraud or loss. Others recommend the introduction of best practice. The reports list the auditor’s recommendations and an agreed timescale within which to implement them.

The Audit Commission uses a ‘High’, ‘Medium’ and ‘Low’ rating for their recommendations and an explanation of the priority levels is provided below;

High A significant weakness that requires immediate attention. Medium A weakness that requires attention within six months. Low A non significant weakness that requires attention within six

months.

1.2 The Council’s Performance Management System requires that a report be prepared for the Audit and Risk Committee indicating which recommendations have not been implemented within the agreed timescale.

1.3 This report is for those recommendations with an implementation date of 31st

January 2014 or before. 2 Audit Commission reports 2.1 The table below illustrates that there was 4 recommendations, which was to be

implemented by 31st January 2014.

Audit No of recs to be No. not Reason for not

of 348


Commission report

implemented by 31 January 2014

implemented implementing

Annual Governance Report 09/10

1 1 Progress made –

revised date



revised date



revised date

Total 4 3 2.2 A full copy of any of the above reports can be obtained from the Corporate Risk

Officer, ext 621.

3 The next report 3.1 The next report will be presented to the Audit and Risk Committee in December

2014 and will cover the period up to 31 October 2014. Background papers: Audit Commission Reports

19 Annual Governance Report 09/10 19 Annual Governance Report 10/11 19 Annual Governance Report 11/12

of 348


Report Title Recommendation Responsible Officer(s)

and agreed date Y/N Satisfactory implementation?

14 - Annual Governance Report 09/10

R10 Review land and property assets to ensure that they are all registered with the land registry.

Head of Resources & Governance

Date: 31 March 2011

Revised Date: 31 March 2012

Group Manager – Property & Construction

Revised Date: 31 March 2013 Revised Date: 30th September 2014

N [From Report] There is a rolling programme to register all the Council’s Assets We are presently dealing with a project to voluntarily register all of the Council’s property assets working with the Land Registry. This project has been in train for a number of years and is partly out of my control, and is made more complex by the scale of the property assets coupled with limitations of resource. Nevertheless we are progressing as quickly as resource allows including that set aside by the Land Registry. The project has been phased into bite sized chunks and all of the outlying villages, north and south have so far been completed. Gorleston is nearing completion, and the data has been submitted for Southtown and Cobholm. The final area is Great Yarmouth which is the greatest single area, and we are close to ready to submit data to the Land Registry but this can only be done once they have the resource aligned and ready to progress. June 12 update Progress being made June 13 – Progress continues. Resource has been diverted to Asset Database project so this project has slowed. Jan 14 – Progress continues. All villages complete. Central Yarmouth currently being registered. Charter land will be the last to be registered.

of 348


Report Title Recommendation Responsible Officer(s) and agreed date

Y/N Satisfactory implementation?


R8 Establish the following arrangements for asset management: ■ update the asset management plan so that it links to the capital strategy; ■ ensure the universal asset register is comprehensive, accurate and includes an assessment of whether assets are fit for purpose; ■ consider how resources can be obtained to ensure data for local performance indicators for assets is consistently collated; and ■ demonstrate how these performance indicators show that value for money is being derived from the Council’s assets.

Head of Resources and Governance

Revised date: 31 March 2013

Group Manager – Property & Construction Revised Date: 30th September 2014

N June 12 update - The Asset management plan was approved by Cabinet in November, with Performance indicators. The only outstanding element is the Asset Register, which is due for completion in March 2013. Nov 12 update - Asset Register project still being progressed. June 2013 – Asset Register project still being progressed. Concerto database purchased and first phase asset data being loaded. Jan 14 – Phase 1 data loaded and being tested in live environment. Phase 2 data being collected and loaded.


R3 Ensure the Property, Plant and Equipment verification exercise is complete at the year-end.

Capital Accountant

Date: 31 March 2013

Revised Date: 31 August 2013

COMPLETED

N [From Report] Agreed Although this exercise is carried out annually and the intention is always to have it complete by year end, it has in more recent years proved trickier. For this reason, we have begun to collate extra information on assets to make them more identifiable to cost centre managers (so that they can more easily ascertain ownership). I think it would also be wise to start the 12-13 exercise earlier to ensure completion by year end. June 2013 – this years’ exercise is going well – I have had responses from all responsible managers but some assets are still proving difficult to verify and these are still being investigated. The process should still be complete in time for the Audit of the final accounts (July). Jan 14 – The asset verification process was

of 348


Report Title Recommendation Responsible Officer(s) and agreed date

Y/N Satisfactory implementation?

indeed complete by the beginning of the Final Accounts Audit in July 2013. No issues with the completed verification exercise were bought to my attention during the Audit.


R4 Review IT controls to ensure: ■ appropriate arrangements are in place to manage the IT services contract; ■ project management is applied to significant IT system changes or upgrades; and ■ user access is kept up to date.

Group Manager – Resources

Date: 31 March 2013 Group Manager – Customer Services

Revised Date: 31 August 2013

Revised Date: 31st March 2014

[From Report] Agreed Nov 12 update - In progress – to undertake a full review / evaluation of the contract with NCC. March 2013 update. Review and evaluation of NCC Contract still in progress. Jan14 – GYBC and NCC have been in discussion over review of shared service contract and are currently in negotiation for our revised rolling 5 year contract taking effect 2014. NCC has embarked on a major procurement exercise in relation to their Digital Norfolk Ambition. This has run alongside GYBC contract review and includes future options for new IT kit and modern technology solutions. The revised contract will define the managed ICT service, service levels and support of significant IT changes and upgrades. Over the last 6 months significant work has been undertaken via PCN controls around user access/secure access. Contract to be in place by 31st March 2014

End

of 348

Subject: Report on the Status of Audit Recommendations due for

implementation between 1 August and 31 December 2013

Report to: Audit and Risk Committee, 13 February 2014

Report by: Internal Audit Consortium Manager

SUBJECT MATTER / RECOMMENDATIONS

This report seeks to inform members as to the latest progress made in relation to

management‘s implementation of agreed audit recommendations falling due

between 1 August and 31 December 2013.

It is recommended that the Committee:

Receive and note the current position in relation to the completion of agreed

audit recommendations.

1. BACKGROUND

1.1 In accordance with previously agreed reporting provisions, the Audit and Risk Committee receives regular updates concerning progress made by management with regards to the implementation of Internal Audit recommendations, designed to strengthen the Council’s internal control environment. This latest report, and in particular, the tables at paragraph 2.1 provides a position statement as to the delivery of audit recommendations, analysing them in accordance with their priority classifications, i.e. high, medium or low, whilst Appendices 2 and 3 also adhere to the same format i.e. our findings are reported by the priority ratings assigned originally to the recommendations.

1.2 In terms of the follow up process developed to extract the information contained within this report, there has been no change to previous arrangements, in so far as officers nominated to be responsible for the implementation of agreed actions arising from final audit reports have been asked to provide updates on recommendations due to be completed by 31 December 2013. The Finance Team liaises between Deloitte and the responsible officers to ensure that all responses are received as required. Thereafter, the Deloitte auditors have performed an independent verification exercise on all high priority rated recommendations and the majority of medium priority rated recommendations.

of 348

2. OVERALL POSITION

2.1 The number of outstanding recommendations, listed per audit, is attached at Appendix 1, whilst a summary of the current and previously reported positions is provided below:

Status of Recommendations as at 31 March 2013 (year end) High Medium Low Total %Completed / superseded

3 18 20 41 57.75

Outstanding

1 21 4 26 36.62

Unable to confirm status

0 4 0 4 5.63

Total due for implementation

4 43 24 71 100.00

Status of Recommendations as at 31 July 2013

High Medium Low Total %Completed / superseded

2 21 11 34 48.57

Outstanding

3 28 5 36 51.43



5 49 16 70 100.00

Status of Recommendations as at 31 December 2013 High Medium Low Total %Completed / superseded

1 22 6 29 39.73

Outstanding

5 30 9 44 60.27



6 52 15 73 100.00

Key: H – High priority: A fundamental weakness in the system that puts the Council at risk. To be addressed as a matter of urgency, within a 3-month time frame wherever possible, or, to put in place compensating controls to mitigate the risk identified until such a time as full implementation of the recommendation can be achieved. M – Medium priority: A weakness within the system that leaves the system open to risk. To be resolved within a 4 - 6 month timescale. L – Low priority: Desirable improvement to the system. To be introduced within a 7 - 9 month period.

2.2 The tables at paragraph 2.1 essentially provide a snapshot of the year end position at 31 March 2013 and the positions to date in year - the figures are not cumulative but enable an overview to be maintained as to the nature of progress being made in relation to completing agreed actions at intervals over the financial year.

of 348

2.3 Committee will recall that at year end 2012/13 a much improved position was achieved in relation to the implementation of agreed actions arising from our review work, concerning responses being received from management for the majority of recommendations and with reference to the number of recommendations being completed.

2.4 Responses have been received from management in relation to all the recommendations that were due by 31 December 2013. These management responses can be seen in full at Appendices 2 and 3 to this report.

2.5 Completion of audit recommendations remains steady; however there has been a decrease within year, from 48.57% completed as at 31 July 2013, to 39.73%% completed as at 31 December 2013.

2.6 With reference to the outstanding audit recommendations, during 2013/14 the percentage involved here has been rising. Looking back over the first 9 months of the year, the figures have increased from 51.43% outstanding at 31 July 2013 to 60.27% outstanding at 31 December 2013.

2.7 In relation to the high priority recommendations that remain outstanding this has also increased from 3 to 5. Of the 3 previously reported as outstanding one has recently been completed in relation to the audit of the Citrix application (GY/12/19). The position with the 5 recommendations is summarised thus:

Business Continuity (GY/13/15) There are currently 2 high priority recommendations that remain outstanding within this area, both of which have previously been reported to this Committee. Management responses indicate that these were on track; however the recent tidal surge came at a time when these were due to be completed. It is reassuring to note however that during this natural disaster, procedures were followed and services were maintained. The manager has also indicated that lessons have been learned from this incident and will be incorporated into updated plans. There are also 3 medium and 1 low priority recommendations due within this area; again implementation was affected by the tidal surge. Management responses do however indicate that all recommendations will be implemented by financial year end. Markets (GY/14/03) A recent audit of Markets resulted in an unsatisfactory assurance level being awarded, with 11 recommendations being raised on conclusion of the work. 3 of these recommendations carried a high priority rating and are outstanding at present. Management response indicates that a thorough overhaul of the system is currently underway and these recommendations will be addressed by financial year end. In relation to the remaining 8 recommendations; 1 medium priority recommendation has been completed and 5 (4 medium and 1 low) are not yet due for implementation. The outstanding 2 medium priority recommendations have revised dates of the end of the financial year.

2.8 Committee is also asked to note the following specific audits where the

of 348

assurance level awarded was negative i.e. limited or unsatisfactory and a number of audit recommendations remain outstanding:

Procurement (GY/13/02) The report was issued on 13 August 2013 and a limited assurance level

was awarded. There are currently still 3 medium recommendations outstanding in relation to this audit, with the other 3 having been previously implemented. Management response indicates that a revised policy, strategy and procedures will be taken to the Audit and Risk Committee in February and implementation and training will follow shortly thereafter, thus addressing the outstanding recommendations.

Network Infrastructure and Security (GY/13/16) This audit has previously been reported to Committee in relation to the

implementation of audit recommendations at the meeting in September. Since this time a further 4 of the 16 recommendations have been completed, leaving just 2 medium priority recommendations requiring closure. Management responses have provided revised deadlines of 31 December 2014, with reasons behind these detailed in the management comment at Appendix 3.

2.9 It is also worth Committee noting that considerable progress has been made in relation to audits that were completed prior to the financial year 2012/13, whereby previously there had been a considerable number with recommendations recorded as outstanding. There are now only 3 systems audits (3 recommendations) and 3 IT audits (5 recommendations) with outstanding recommendations. The management responses to these can be found at Appendices 2 and 3 and the audits are: Sundry Debtors (GY/10/14), Planned and Responsive Maintenance (GY/12/03), Corporate Governance and Risk Management (GY/12/15), referred to above, IT Governance (GY/11/20), Integra Applications (GY/12/17) and Capita Axis Application (GY/12/18).

2.10 As previously mentioned, Appendices 2 and 3 to this report provide the detail in relation to current outstanding systems and computer audit recommendations, and management responses received in respect of these items.

2.11 It is also worth noting that of the recommendations made to date in year, a further 20 recommendations are not yet due for implementation, 1 of which carries a high priority recommendation – see Appendix 1 for the audit areas to which these relate. As mentioned although the dates set for completion have not yet been reached, until they are actioned, they represent weaknesses in the control environment which leave the authority open to risk.

3. CONCLUSION

3.1 At the end of the financial year, enhancements had been made to the follow up process, as a result of the recommendation put forward by Cabinet to improve the situation. We are pleased to confirm that we are

of 348

now being fully appraised by management as to the status of their recommendations and good progress is being made to address issues with systems of internal control. However there are still a number of recommendations that are outstanding, ultimately putting the Council’s overall control environment at risk.

FINANCIAL IMPLICATIONS:

None

LEGAL IMPLICATIONS:

None

EXECUTIVE BOARD OR DIRECTOR CONSULTATION:

None RECOMMENDATIONS It is recommended that the Committee:

Receive and note the current position in relation to the implementation of

agreed audit recommendations.

Does this report raise any

legal, financial, sustainability,

equality, crime and disorder or

human rights issues and, if so,

have they been considered?

Issues None

Legal None

Financial None

Risk None

Sustainability None

Equality None

Crime and Disorder None

Human Rights None

Every Child Matters None

APPENDICES:

Appendix 1: Summary of Agreed Internal Audit Recommendations as at 31 December 2013

Appendix 2: Outstanding Systems Audit Recommendations as at 31 December

2013

Appendix 3: Outstanding Computer Audit Recommendations as at 31 December 2013

of 348

Summary of Agreed Audit Recommendations at 31 December 2013 Appendix 1

OutstandingTotal

Outstanding

Total Audit Recommendations to

be actioned

Reference Description Assurance Level H M L H M L H M L H M L

GY1014 Sundry Debtors Adequate 1 1 1GY1103 Waste Management Adequate 1 0 0GY1122 HRA Major Works Programme Adequate 1 0 0GY1203 Planned and Responsive Maintenance Adequate 2 1 1 1GY1208 Markets Limited 3 0 0GY1209 Sundry Debtors Unsatisfactory 1 0 0

GY1215 Corporate Governance and Risk Management Limited 1 1 1GY1302 Procurement Limited 1 3 3 3GY1303 Private Sector Housing Adequate 1 1 1GY1305 Waste Management Adequate 3 2 0 0GY1306 Housing Rents Adequate 1 1 1GY1307 Licensing Adequate 1 0 0GY1309 Payroll & HR Adequate 1 3 4 4GY1310 Property Portfolio Management Adequate 2 2 4 4GY1311 Exchequer Services Adequate 1 1 1 1 1GY1312 Work to Support the AGS Not Applicable 1 2 0 0GY1313 Homelessness Adequate 1 1 1

GY1314 HRA Major Works Programme Adequate 1 1 0 0GY1317 Corporate Governance Adequate 1 0 0GY1318 Parking Services Adequate 3 1 3 3 1 4

GY1401 Printing Services, Reception and Customer Services Adequate / Limited 6 0 3 3

GY1403 Markets Unsatisfactory 1 3 2 5 4 1 10GY1404 Bereavement Services Adequate 1 0 2 2GY1405 Planned and Responsive Maintenance Adequate 1 1 4 1 6GY1406 Localism and Communities Adequate 2 3 0 0

SYSTEMS AUDIT TOTALS 0 13 7 0 16 4 3 17 7 0 0 0 27 0 14 2 43

GY1120 IT Governance Adequate 1 1 1GY1217 Integra Application Adequate 1 1 1GY1218 Capita Axis Application Adequate 1 3 3 3GY1219 Citrix Adequate 1 1 0 0GY1315 Business Continuity Limited 3 1 2 3 1 6 6

GY1316 Network Infrastructure, Security and Telecoms Limited 2 5 2 2 2 2 2 2GY1416 Revenues and Benefits Adequate 1 0 0GY1417 Data Centre, Back Up and Disaster Recovery Limited 0 1 3 4GY1419 Remote Access Adequate 2 3 1 4 4

COMPUTER AUDIT TOTALS 2 8 4 1 6 2 2 13 2 0 0 0 17 1 3 0 21

Not yet due to be implementedUnable to confirm statusCompleted between 1 April

and 31 December 2013

Completed between 1 September and 31

December 2013

of 348

Appendix 2 – Outstanding Systems Audit Recommendations as at 31 December 2013

1

Recommendation Action Agreed / Initial

Response Due Date Responsibility Status Management Response

Audit – GY1403 Markets Report Issued - 28 Nov 13Recommendation: 7 - Attendance and Fee Log, and Independent Reconciliation Priority: High – A log should be put in place by the Council in order to document as the following aspects: • Attendees of the Market; • Fees paid by traders with the date and receipt number documented; and, • Rent free periods, discounts or specific payment arrangements set down with traders. An independent reconciliation should be undertaken of income received against the amounts expected from this.

Agreed. An electronic system will be put in place to record such issues as well as current arrears levels. Training needs for staff to enable continued maintenance of the spreadsheet are being addressed. Finance staff will assist in conducting reconciliations of income received.

Initial Deadline: 31 Dec 13 Revised Deadline: 31 Mar 14

Group Manager - Property

Agreed Outstanding

December 2013: A thorough overhaul of the system in process with an implimentaion date of 1st April 2015. Paper records of attendance and fee logging being produced. Deadline to be extended to 31st March 2014.

Audit – GY1403 Markets Report Issued - 28 Nov 13Recommendation: 9 - Cash Handling Procedures Priority: High Revisions should be made to the method of taking cash so that two people are in attendance when cash is taken and recorded. This should be updated within procedural guidance stated within Recommendation 2.

The issue in relation to two people being present when cash is taken has been acknowledged and will be considered in further detail as to how it can be implemented following issue of the report. It was noted by the Markets Manager that two people will be on site to take cash during the Easter Fair as a result of the number of attendees.



Agreed Outstanding

December 2013: Revised proceedures being developed as part of overall Market management review.

Audit – GY1403 Markets Report Issued - 28 Nov 13 Recommendation: 10 - Arrears reports Priority: HighArrears reports should be produced and updated on a regular basis with recovery action taken, including the case identified in our review. Arrears reports should be produced by an officer independent of that taking the monies with receipts produced being used to formulate the reports. The Council should

Agreed. Current arrears levels and action taken will be recorded against individual traders within the log to be implemented as a result of Recommendation 7.



Agreed Outstanding

December 2014 See Recommendation 7. Deadline to be extended to 31st march 2014.

of 348



look to produce an electronic version of the reports so that they can be easily updated. Audit – GY1203 Planned and Responsive Maintenance Report Issued - 19 Sep 11Recommendation: 1 - Property Maintenance Strategy Priority: Medium A Property Maintenance Strategy should be devised. This document should clearly set out the Council’s strategy for the long-term delivery of repairs and maintenance activity and how this contributes to the Council’s corporate priorities.

Agreed, A strategy is to be produced the form of a comprehensive Asset Management Strategy to fit with Great Yarmouth Community Housing’s 30 year Business Plan currently developed in the light of the move to Self Financing from the HRA Subsidy system in April 2012.

Initial Deadline: 30 Apr 12 Revised Deadline: 31 Jan 14

Interim Housing Asset Manager

Agreed Outstanding

December 2013: Not completed but hopefully to be finalised by end of January 2014. August 2013: This was ascertained to still be outstanding within audit GY Planned and Responsive Maintenance. May 2013 The Asset Management Strategy has not yet been written. However it is still our intention to do so. As previously stated, our headline strategy is set out in our 30 year business plan and has brought about some fundamental chnge in the way in which we deliver our investment programme, ranging from increasing our kitchen renewals, completing replacement of doors and windows and building new properties. However, a more detailed Asset Management Strategy needs to be produced but has been delayed by the amount of structural changes that have been happening in Community Housing and the Council. We accept that this is a long outstanding reccommendation. We have begun a thorough review of our approach from responsive repairs up to major investment and new build and would say that the end of September is a reaslistic deadline for production of the Asset

of 348



Management Strategy. Revised deadline date 30th September 2013 February 2013 A Repairs, Maintenance and Improvement strategy will be developed by the end of March 2013. Revised deadline date; 30th April 201 November 2012-10-29 As per update for June 2013. Previously revised deadline not yet reached. August 2012 As per update for June 2012 June 2012: The Business Plan was produced in time for the commencement of self financing in April 2012 and included some high level detail in relation to asset management which will underpin the strategy over the first three years of the Business Plan. The full Asset Management strategy is still to be produced. Community Housing has just gone through a major management restructure, part of which was driven by the need to bring more clarity of who is responsible for the work in this area. The full Asset Management strategy will now follow on from this restructure. Deadline – January 2013

of 348



March 2012 On track for completion by 30.4.12 Nov 2011 No management update

Audit – GY1215 Corporate Governance and Risk Management Report Issued - 29 May 12 Recommendation: 2 - RM Training and Monitoring of Risks at Service Level Priority: Medium Training with regards to the changes to the Risk Management Framework management responsibilities for managing and monitoring service level risks should be provided to Service Unit Managers (SUMs). The Corporate Risk Officer should gain assurance that SUMs are monitoring risks at a service/operational level, e.g. obtain service team meeting notes and/or attend service team meetings.

The Corporate Risk Officer will request copies of service team meeting notes / minutes to check that risk is a standard item on agenda’s and service risks are identified and reviewed. The Corporate Risk Officer will review these risks to check if any risks identified need to be reflected in the Corporate Risk Register. The Corporate Risk Officer will email all SUM’s., attaching a copy of the Risk Management Framework informing them that the framework and their Roles and Responsibilities have been reviewed. The Corporate Risk Officer will email HOD’s and SUM’s to see if they require further Risk Management Training and if so what training they require.

Initial Deadline: 31 Oct 12 Revised Deadline: 01 Jul 14

Corporate Risk Officer

Agreed Outstanding

Dec 2013: Resources have prevented organising Risk Management Training. Revised date: 1st July 2014 August 2013: Deadline not yet reached. May 2013: No capacity to attend service team meetings. SUMS’s were requested to provide team meeting notes but these have not been provided. Service Plans are going to be produced therefore this part of the recommendation will ot be implemetns. Resources have prevented organising risk management training. Revised date: 30 September 2013 February 2013 No further update. November 2012 Nov 12 - Risk Management training will be arranged once the new structure is in place. Revised date: 30 April 2013

of 348



Aug 12 Email sent to all SUM’s on 27 June 2012 requesting copies of service team meeting notes / minutes. To date only one response received. All SUM’s were emailed on 11 June 2012 infromeding them that their roles and responsibilities had been reviewed and a copy of the Risk Management Framework attached. All HOD’s and SUM’s emailed on 19 June 2012 to identify risk management training. To date 7 responses recveived. Corporate Risk Officer to review these responses and identify appropriate risk management course.

Audit – GY1302 - Procurement Report Issued - 13 Aug 12 Recommendation: 1 - Procurement Strategy Priority: MediumThe Procurement Strategy should be updated, formally approved and disseminated to relevant officers, with a record held of who this is issued to. The previous version of the Procurement Strategy should be removed from the Council's website along with any other redundant policies. Procurement guidance within the Council’s Constitution should also be reviewed and revised accordingly in line with the new strategy.

Agreed. Initial Deadline: 31 Jan 13 Revised Deadline: 31 Mar 14

Director Resources and Growth

Agreed Outstanding

Dec 13: Response to all recommendations is that a revised policy, strategy and procedures will be taken to A&R in February 2014. Implementation and training will follow shortly afterwards. August 2013: A consultant is in place who will look at the procurement Strategy and Policies. We were advised during the exit meeting for Printing that the service has consulted. May 2013: Outstanding – this will be picked up as part of the new procurement officer role. We have entered discussions with Improvement East about suport in the procurement role.

of 348



February 2013 Outstanding – this will be picked up as part of the new procurement officer role. Revised deadline 31 July 2013 November 2012: Not yet due. Procurement strategy to be revised December.

Audit – GY1302 - Procurement Report Issued - 13 Aug 12Recommendation: 2 - Procurement Training Priority: Medium Budget holders with responsibility for the procurement of goods and services should be provided with refresher procurement training: The training should include, but not be limited to the following areas: • The Council’s vision, aims and objectives as set out in the Council’s Procurement Strategy (once it is updated); • Requirements of the Council’s Constitution with respect to procurement; • Single tender contract procedures; • OJEC thresholds; and • Contract register maintenance. Periodic refresher training should be held going forward, with documented records retained and periodically reviewed of staff who have received/require training.



Agreed Outstanding

Dec 13: Response to all recommendations is that a revised policy, strategy and procedures will be taken to A&R in February 2014. Implementation and training will follow shortly afterwards. August 2013: A consultant is in place who will look at the procurement Strategy and Policies. We were advised during the exit meeting for Printing that the service has consulted. May 2013: Outstanding – this will be picked up as part of the new procurement officer role. We have entered discussions with Improvement East about suport in the procurement role. February 2013 Outstanding – this will be picked up as part of the new procurement officer role. Revised deadline 31 July 2013

of 348



November 2012: Not yet due. Training due in January 2013

Audit – GY1302 - Procurement Report Issued - 13 Aug 12 Recommendation: 6 - Single Tender Contracts Priority: Medium Officers responsible for procurement should be provided with the policy around single tenders and reminded of the requirement to obtain approved waivers.

Agreed. This will be undertaken as part of the training agreed within the response to recommendation 2.

Initial Deadline: 31 Jan 13 Revised Deadline: 31 Mar 14


Agreed Outstanding

Dec 13: Response to all recommendations is that a revised policy, strategy and procedures will be taken to A&R in February 2014. Implementation and training will follow shortly afterwards. August 2013: A consultant is in place who will look at the procurement Strategy and Policies. We were advised during the exit meeting for Printing that the service has consulted. June 13 Outstanding – this will be picked up as part of the new procurement officer role. We have entered discussions with Improvement East about suport in the procurement role February 2013 Outstanding – this will be picked up as part of the new procurement officer role. Revised deadline 31 July 2013 November 2012: Not yet due.

Audit – GY1303 Private Sector Housing Report Issued - 23 Aug 12 Recommendation: 1 - Refresh Housing Renewal Strategy/Policy Priority: Medium The Private Sector Housing Renewal Policy should be reviewed

Agreed. This work is programmed and a new policy will be

Initial Deadline: 31 Mar 13

Group Manager - Housing, Health

Agreed

December 2013: There has been a delay in finalising

of 348



and updated to reflect the implications arising from the Housing Stock Model and Health Impact Assessment, undertaken in early 2012. It should also reflect the national strategic objectives, along with the types of assistance that the Council currently offers.

developed following approval of the Private Sector Housing Strategy by the Council.

Revised Deadline: 31 Mar 14

and Wellbeing Outstanding the draft due to other commitments – now working to a revised deadline for draft of end of January 2014, aiming to complete and agree document by end of March 2014. August 2013: Still on course for completion. May 2013: Following the retirement of the previous Manager this piece of work has now been picked up by the Private Sector Housing Team & Group Manager. An initial draft is currently being worked on and should be available for consultation/discussion by beginning of August 2013. The aim to complete and agree the strategy by the end of the year. Revised deadline date: 30 November 2013 February 2013: Management response: In progress. November 2012 Private Sector Housing Strategy is currently being worked on.

Audit – GY1306 Housing Rents Report Issued - 18 Oct 12 Recommendation: 3 - Monitoring of Former Tenant Arrears Priority: Medium Former tenant rent arrears should be pursued within a set timescale. Aged arrears reports should be reviewed to determine whether the debt could still be recovered. Where debts are deemed irrecoverable, they should be subject to the write off processes.

Agreed in principle – Community Housing is currently reviewing its structures as part of addressing the Council’s overall budget deficit targets and this workstream will be redefined in January 2013. As such, structures/responsibilities over former tenant arrears may be relocated or undertaken in a

Initial Deadline: 31 Dec 12 Revised Deadline: 28 Feb 14

Group Manager - Housing Services

Agreed in Principal Outstanding

December 2013: This will be reviewed during the AGS audit which is due for completion by the end of February. August 2013: Following a recent restructure, the responsibility for collecting former

of 348



different manner. Clear definition of structures will be made by January 2013 and this recommendation can be addressed.

tenant arrears has been passed to a newly formed Rent Income Team. This team has just been recruited to and a reasonable deadline for having proper systems in place to ensure robust FTA collection is October 2013. The new team are in place however, former tenants work is still to be integarted. This will take place in the next few months with robust written procedures to follow. AT: Recommendation to be reviewed on 31/10/2013. May 2013: Following a recent restructure, the responsibility for collecting former tenant arrears has been passed to a newly formed Rent Income Team. This team has just been recruited to and a reasonable deadline for having proper systems in place to ensure robust FTA collection is October 2013. Revised deadline date: 31st October 2013 February 2013 This process is currently on hold as the previous posholder has left and the duties will be re-allocated in the review of the structure within Tenancy Services. MJK/11-02-2013 Revised deadline: 30th April 2013

of 348



Nov 12 – (mjk) This recommendation will be reviewed as previously agreed as part of the Councilwide restructure in Dec 12 / Jan 13

Audit – GY1309 Payroll and HR Report Issued - 16 Jan 13 Recommendation: 4 - Relocation Allowance Recovery Processing Priority: Medium Future recovery of relocation allowance should be processed through the Council’s debtors system, with an invoice raised for the amount due.

Agreed. The procedure will be used immediately, if a case arises. A section will be added to the payroll manual.

Initial Deadline: 31 Mar 13 Revised Deadline: 31 Mar 14

Senior HR Manager - Payroll

Agreed Outstanding

December 2013: Due to extreme work pressures in HR, this change will be implemented by end March 14. August 2013: Deadline for updating payroll manual has been extended due to other priorities to end September 13. Revised deadline 31/10/2013. May 2013: A further two employees have left since this recommendation was agreed. The outstanding amount was deducted successfully from final pay in both case, therefore leaving no risk to the Council. If an employee leaves and it is not possible to recover the entire amount from them in their final pay then this procedure will be used. A project to update the payroll manual will be undertaken in July 2013. February 2013: Working towards agreed deadline of 31/03/2013

Audit – GY1310 Property Portfolio Management Report Issued - 16 Jan 13 Recommendation: 1 - Oversight of Asset Management Plan Priority: Medium Evidence should be retained regarding delivery of the AMP 2012-15 is subject to on-going senior management monitoring through an appropriate forum.

Executive management team/ Corporate Management Board will receive quarterly reports to update on the progress towards delivering the Strategic aims within the AMP. Due date will be March 2013 for the first report.



Agreed Outstanding

December 2014 Migration of Phase 2 data now complete and the system is now in a live testing mode. Testing phase to be completed by 31st March 2014. September 2013:

of 348



We are in the process of migrating data into the new Concerto system which does include information about vacant assets. However, the audit requirements are more about office procedures than the data itself. Yes, there will be information available from the system and yes part of my deliverable is to ensure appropriate support documentation is available for use of Concerto. The introduction of Concerto will be an opportune moment to re-design many such office procedure. Concerto is simply the enabler for this to happen.

Audit – GY1310 Property Portfolio Management Report Issued - 16 Jan 13Recommendation: 6 - Reconciliation of Asset Register to Property Services Records Priority: Medium Discrepancies between Property Services asset records and the Asset Register maintained by Finance should be subject to further investigation and resolution.

Agreed - Since the writing of this audit report many of the discrepancies thrown up by the reconciliation between the Property Services Asset Database and the Finance Asset Register have been investigated and resolved. As the report suggests, most of the discrepancies in asset values were caused by a depreciated value having been taken from the Finance Asset Register rather than the gross asset value which should have been equivalent to the last valuation. As it stands now, there are only five outstanding anomalies, which are currently being dealt with. Two of these relate to properties which have been disposed of and were removed from the Finance Asset Register for the 2011-12 accounts, but have not yet been removed from the Property Services Asset Database because the necessary completion

Initial Deadline: 30 Jun 13 Revised Deadline: 31 Jan 14

Modernisation Delivery Manager

Agreed Outstanding

Dec 2013 : Migration of the data from the interim solution to Concerto is complete and the system is now ‘live’. The data provided by FS for the reconcilation has been revisited and the discrepancies highlighted. These are not significant but need to be worked through to conclusion with FS. A meeting has been requested to finally deal with all such outstanding matters. (Jan 2014) August 2013 : FS have concluded a reconciliation but as the data for both the interim solution and what is now in Concerto is ‘frozen’ no adjustments can be made until the migration is complete.

of 348



documents, which are required as per the procedural guidance for the amendment of this system, have not yet been located. A further reconciliation will be conducted between the two systems before any data is migrated across to Concerto. This will be particularly important if the migration is to be conducted after 31st March 2013 as the Finance Asset Register will be updated as part of the 2012-13 Final Accounts Closedown process.

The reconciliation and any subsequent adjustments will now be rescheduled once all data has been successfully migrated and tested. June 2013: Data has been provided in early April to Financail Services for reconcilation. FS are struggling with workload around this time as financial year-end and system changes impact. February 2013 No action to date since we are still maintaining the interim solution data prior to ‘freezing’ it in preparation for migration. Now that the Concerto system is on order planning for the financial reconcilation can take place to align with system implementation.

Audit – GY1311 Exchequer Services Report Issued - 12 Apr 13Recommendation: 1 - Review of Access for Generic Accounts Priority: Medium The generic accounts within the system that have been afforded requisition limits above that of £1 should be reviewed to confirm their necessity.

These requisition levels are required to enable the creditors team to ‘force through’ mismatched orders, e.g. orders that have a price difference. The limits will be reviewed, but it would be difficult to get independent authorisation due to volume.

Initial Deadline: 30 Jun 13 Revised Deadline: 31 Mar 14

Business Analyst Agreed Outstanding

December 2013: Dec 13: Still on going pending a review of Procurement. Revised Date 31st March 2014 August 2013: Still on going pending a review of PO and Invoice approval following restructure and reduction in staff levels Revised Date: 31 December 2013 May 2013: Not yet due.

Audit – GY1313 Housing Options and Strategic Housing Report Issued - 25 Apr 13 Recommendation: 3 - Local Investment Plan Refresh Priority: Medium The LIP should be refreshed to The LIP is to be refreshed in Initial Deadline: Group Manager - Agreed December 2013: This work remains

of 348



reflect current Council priorities. Completed projects should be removed from the plan with existing and new projects added. The updated LIP should be subject to Council approval.

2013. We shall consult stakeholders at the next LIP meeting with a view to completing the refresh by 30.9.2013.

30 Sep 13 Revised Deadline: 31 Jan 14

Housing ServicesOutstanding

outstanding. A final deadline of 30.6.14 has been agreed with a project plan to be completed by 31.1.14. August 2013: The next LIP review meeting will take place on 25.9.13 where progress will be monitored. Dure to unforseen absence the final refresh will probably slip to 31.10.13 AT: Revided deadline 31/10/2013 June 13 On track to be completed by 30.9.13 Revised deadline date 30th September 201

Audit – GY1318 - Parking Services Report Issued - 23 May 13 Recommendation: 2 - Staff Parking Pass Policy Priority: MediumA policy should be developed over the issue of staff parking passes. This should contain clarification over: • Eligibility to hold staff parking passes; • Eligibility for barrier passes; and, • Passes issued to staff/departments for various vehicles.

Accepted. This is considered a Corporate issue and will be dealt with by the Director.


Director of Customer Services

Agreed Outstanding

December 2013: Management will work with HR to develop a policy, however, the emphasis is on the service, but HR will ensure the policy is consistent and fair.

Audit – GY1318 - Parking Services Report Issued - 23 May 13 Recommendation: 6 - Permit Stock Checks Priority: Medium Reconciliatory checks should be undertaken on permit stock on at least a quarterly basis.

All permits forms received are checked and logged by Parking Services. This should help to identify any gaps within the listings.

Initial Deadline: 22 May 13 Revised Deadline: 31 Mar 14

Parking Services Manager

Agreed Outstanding

January 2014 All used permit books are now returned to Parking Services and these will be used to check all permits have been issued or accounted for and in conjunction with the application forms assist in identifying gaps. IA Comment - to be closed once this has been completed.

of 348



August 2013 Agreed, a process is to be put in place. Revised deadline 30 September 2013.

Audit – GY1318 - Parking Services Report Issued - 23 May 13 Recommendation: 9 - Vehicle Usage Policy Priority: Medium Guidance should be developed over the use of vehicles held by the Parking Service. Staff should be required to sign a declaration to confirm their understanding of policies over the use of the vehicle.

Agreed. This policy will need to be a corporate document which can be used for all vehicle users.


Director of Customer Services

Agreed Outstanding

December 2013: Management will liaise with HR to decide if this is just an operational policy for car parking or should apply corporately to all services, depending on if other services have vehicles.

Audit – GY1403 Markets Report Issued - 28 Nov 13 Recommendation: 3 - Service Monitoring Priority: Medium Mechanisms for the monitoring of service performance and progress should be introduced to ascertain how the service is performing against its service objectives. Aspects of the service to be monitored should link to the objectives identified by the strategy raised in Recommendation 1.

Agreed. Service measures are being developed at present which will be produced on a quarterly basis.



Agreed Outstanding

December 2014: Still being developed. Extend deadline to 31st March 2014

Audit – GY1403 Markets Report Issued - 28 Nov 13 Recommendation: 11 - Timely receipting of Cash Priority: Medium Receipts for cash or cheques taken by the Markets Superintendent should be produced after monies have been received.

This was acknowledged by the Markets Manager who stated that he would never date a receipt before it has been issued and would communicate this to the Markets Superintendent.


Markets Manager Agreed Outstanding

Dec 13: Limited progress due to other work comittments revised date: 31st March 2014

Audit – GY1014 Sundry Debtors Report Issued - 18 Mar 10 Recommendation: 3 - Periodic checks of validity of recurring Sundry Debtor invoices Priority: Low The Council should implement a suitable process to periodically check the validity of the recurring Sundry Debtors. Documentation should be retained as evidence of this checking.

Agreed in Principle. Recurring debts are confirmed as valid by a Lettings Form from the Head of Department and not from an invoice creation request form. Once the system is devolved to services more detail will be available to them but as there are so many different types of service

Initial Deadline: 30 Nov 10 Revised Deadline: 31 Mar 14

Recovery Team Manager

Agreed in Principal Outstanding

December 2013 We still believe that we will need the new Ad-hoc reporting system (Data PA) to be installed before we can complete this requirtement. Curently this is waiting Norfolk County Council IT department to approve the specification before this can be installed.

of 348



one solution will not suit them all.

BB - Revised deadline entered of 31 March 2014 although audit to be conducted in January 2014. August 2013: New Civca system is now installed and working. We are now looking at how we forfill this requirement using the new system. Current we think we will need the new Ad-hoc reporting system (Data PA) to be installed before we can complete this requirtement. Revised deadline 31/10/2013. May 2013: Conversion to Civica system is nearing completion and work has begun to address the points raised in the Audit. February 2013 Conversion to Civica under way and should be complete by end of April, once complete we will be able to address the points in the Audit. Revised deadline 31st May 2013 August 2012: No change June 2012: We are in the process of beginning to change over from Integra system to IBS system for Sundry Debts so we will address the points raised in the audits as part of this process. March 12 No further update is available, this work was transferred to Wellbeing

of 348



Service in May 2011 so no update will be available until April 2012 at the earliest. Revised Deadline 31 July 2012 Oct 2011 No further update is avalible, this work was transferred to Wellbeing Service in May 2011 so no update will be avalible until April 2012 at the earliest. Sept 2011 No further update is avalible, this work was transferred to Wellbeing Service in May 2011 so no update will be avalible until April 2012 at the earliest. June 2011 A crystal report will be produced annually showing all recurring debts. These will be passed to the department who want the recurring debt to be created, to check against their records and update us of any changes. By October 2011 A process will be required to validate debts prior to invoicing. This will need to be part of the new Debt recovery team remit as directed by the Head of Service. March 2011 No further updates October 2010 Comment as per Sept 2010 still applies. September 2010 See management response: This will be reviewed as part of a roll out

of 348



of the sundry debtors administation to individual services

Audit – GY1309 Payroll and HR Report Issued - 16 Jan 13 Recommendation: 1 - Procedural Guidance for Relocation Scheme Priority: Low A procedural guide should be produced and made available to staff setting out the correct processes to follow in respect of relocation allowances processing. The guide should include, but not be limited to the following: - Instructions on how to deduct income tax for a proportion of the allowance that is not supported by receipts; - Recovery arrangements i.e. steps taken to inform the claimant that monies are due, invoice raising responsibilities, debt chasing responsibilities. - The requirement to check all leavers’ records to confirm that a relocation allowance was not claimed within the last two years

Agreed. A section on Removal and Disturbance allowances is to be added to Payroll Manual.



Agreed Outstanding

December 13 Due to extreme work pressures in HR, this change will be implemented by end March 14. August 2013: Deadline for updating payroll manual has been extended due to other priorities to end September 13. Revised deadline 31/10/2013. May 2013: No response as yet. A project to update the payroll manual will be undertaken in July 2013. February 2013: Working towards deadline of 31/03/13

Audit – GY1309 Payroll and HR Report Issued - 16 Jan 13Recommendation: 5 - Cross-Departmental Trends Analysis Priority: Low The Council should investigate the potential to extend the current trends analysis processes to encompass cross-departmental comparisons. Departments with significantly higher or lower sickness absence rates than the Council average should then be investigated for: areas of best practice in absence management that could be applied elsewhere in the Council; and/or areas of potential weakness in absence management that need to be addressed.

Agreed in Principle. The functionality required to provide the necessary management information will be identified and Chris21 investigated to determine whether it can do the job.

Initial Deadline: 30 Jun 13 Revised Deadline: 31 Mar 14


Agreed Outstanding

December 13 Due to extreme work pressures in HR, this change will be implemented by end March 14. August 2013: EMT are currently provided with analysis of sickness by group to enable them to identify areas of significantly high or low sickness absence (since June 13) on a monthly basis. By October 13 they will be provided with sickness data by service to allow even further trend analysis. AT: In Progress. Revised deadline 31/10/2013. May 2013:

of 348



Working towards a revised deadline of 30/09/2013. February 2013: Working towards agreed deadline of 30/06/2013

Audit – GY1309 Payroll and HR Report Issued - 16 Jan 13 Recommendation: 7 - Amendments to Mileage Claim Forms Priority: Low A control should be introduced to prevent mileage claim forms being amended by employees following approval.

Agreed. Through discussion with the Senior HR Manager (Payroll) it was determined that the most suitable way of addressing the control weakness would be to enforce a process in HR whereby any mileage claim forms for which the overall amount claimed appears to have been tampered with or amended will be void and therefore rejected. Officers will be asked to complete a new form in such instances. The form will also be amended to make this requirement clear.



Agreed Outstanding

December 13 Due to extreme work pressures in HR, this change will be implemented by end March 14. August 2013: Amendments to form will be made by 30 September. Revised deadline 31/10/2013. May 2013: Any forms that have been altered are queried. The form will be amended to make this clear by the end of June 2013. February 2013 Working towards agreed deadline of 31/03/2013

Audit – GY1310 Property Portfolio Management Report Issued - 16 Jan 13 Recommendation: 2 - Procedural Guidance for New Processes Priority: Low Up to date procedural guidance for the Property Services team should be produced in line with the introduction of the new asset database.

Procedural Guidance will be reviewed alongside the introduction of the of the new asset database system. This will likely have been reviewed 12 months from full implementation of new system.

Initial Deadline: 31 Dec 13 Revised Deadline: 30 Jun 14


Agreed Outstanding

December 2013: Procedural Guidance is being reviewed during the testing phase of Concerto. Reised deadline June 2014 May 2013: No response made at present.

Audit – GY1310 Property Portfolio Management Report Issued - 16 Jan 13 Recommendation: 3 - Vacant Properties Priority: LowThe Vacant Property Sheet and Vacant Property Procedures Check List should be completed after all completed end of tenancy inspection and retained on file. In addition, a copy of the up-to-date

Agreed - These will be reviewed alongside Recommendation 2. The new asset database system will incorporate these functions. In the meantime, we will confirm that all required checks have been



Agreed Outstanding

December 2013: Concerto system in testing phase. Paper records being completed. May 2013: No response made at present.

of 348



Electrical Test Certificate should be retained for all outgoing tenants.

conducted and have been retained prior to closing the file.

Audit – GY1405 Planned and Responsive Maintenance Report Issued - 18 Oct 13 Recommendation: 6 - Aged Debt Reports for Tenant Recharges Priority: Low Aged debt reports in relation to recharges for responsive or void repairs should be received into the Housing service.

The Housing Customer Services Manager will look into having this report sent on a monthly basis. When received, the service will look at the data within the report to identify the position and situation of debt, and potentially take action or consider its approach.


Housing Customer Services Manager

Agreed Outstanding

This is yet to have been fully introduced.

of 348

Appendix 3 – Outstanding Computer Audit Recommendations as at 31 December 2013

1

Recommendation Action Agreed / Initial Response Due Date Responsibility Status Management Response

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13 Recommendation: 5 - Reviewing and Updating the Corporate business continuity plan Priority: HighManagement should ensure that Corporate business continuity planning documentation undergoes an immediate review and are sent for formal senior management approval. The latest templates for completing these documents should be utilised and should make reference to service business continuity plans, where appropriate. Areas where further improvements are required are: • Ensuring all sections are fully completed, for example, the Corporate Plan includes a section on Critical Priority Council Functions which is not complete; • Ensure that the salvage section in the Corporate plan is completed and ensure that the specific service plans reference specific equipment to salvage where appropriate, especially if the items in question are of a higher value or difficult to replace. The inclusion of floor plans that show the locations of relevant equipment may also be helpful to the emergency or salvage services for them to locate the equipment more easily; • Once amended, ensuring that copies of the Corporate business continuity planning documentation are distributed to named individuals, with copies also being stored at an alternate site within a known and accessible location and electronically on memory media;

Agreed. Initial Deadline: 30 Jun 13 Revised Deadline: 31 Jan 14

Emergency Planning Manager

Agreed Outstanding

December 2013: Managers were due to submit their updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans. I’ve been through the audit recommendations for BC and apart from the delay in submitting the updated BIA/BC plans we seem to be generally on track. September 2013: Progress has been made in revising and updating the Corporate BC Plan: • Critical priority council functions were reviewed and agreed at the BC Workshop on 09/09/13 • There are existing arrangements with the emergency services for salvage of certain items which will be listed in the revised Corporate Plan. Further development of service BC plans will identify any additional significant items for salvage.

of 348


• Coordinating IT function to ensure that they are involved with the review of the Business Continuity Plans so that they can work with the service areas to develop an appropriate Disaster Recovery Plan. The Disaster Recovery Plan should be included within the Corporate Plan to help demonstrate that the required priority services can be recovered as required; • Ensure that updated network topology documentation is included; and • Ensuring that the Council’s business continuity documentation is aligned to the Council’s IT Strategy. Such reviews should be undertaken on a periodic basis, for example, annually or as required following organisational change.

• Specific IT requirements for critical functions are being systematically determined and recorded to inform the ICT disaster recovery plan. • The Corporate Plan will be circulated to senior managers when updated

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13 Recommendation: 6 - Reviewing and Updating the Service business continuity plans Priority: HighManagement should work with all Service areas to ensure that all Service business continuity planning documentation undergo an immediate review and are sent for formal senior management approval within their respective areas. The latest templates for completing these documents should be utilised.

Agreed. Initial Deadline: 30 Jun 13 Revised Deadline: 31 Mar 14


Agreed Outstanding

December 2013: Managers were due to submit their updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans. I’ve been through the audit recommendations for BC and apart

of 348


from the delay in submitting the updated BIA/BC plans we seem to be generally on track. September 2013: BC Workshop held on 09/09/13 for Directors and Group Managers to review audit recommendations, agree updates to the BIA/BC Plan template and agreed a realistic timetable for revised BC Plans. Report with actions circulated on 10/10/13 with a target of mid-December for completion of BC Plans.

Audit – GY1120 - IT Governance Report Issued - 02 Mar 11 Recommendation: 2 - ICT Strategy and Policies Require Review Priority: Medium Management should undertake a review of the Council's IT Strategy and policies to ensure: • They are current; • The policy is in line with the County Council Policies and meet GYBC’s own requirements; and • The IT strategy is clear and can be taken forward within the arrangements.

Agreed. Initial Deadline: 30 Nov 11 Revised Deadline: 31 Dec 14

IT Shared Service Business Partner

Agreed Outstanding

Dec 13 (SL) We now have PSN accreditation for GYBC. Review of strategies and policies will be part of ISO 27001 accreditation work during 2014 as part of DNA project implementation Revise deadline to December 14 September 2013: The GYBC infrastructure was moved to County Hall at the end of January 2013 and the final network connectivity was completed at the end of March 2013. PSN compliance has also been worked on for GYBC and part of this work now is to review all the policies to ensure that they mirror the PSN compliance requirements. This work is to be timetabled in shortly. Revised deadline December 13 May 2013: No further information received will follow up with GYBC Information Manager and NCC Security

of 348


Architect and provide a revised deadline. Feb 2013 No further progress made, will chase up. Revised deadline March 13 November 2012: No further progress to report September 2012 Work is currently taking place to introduce the Departmental Information Security Officers (DISO) to GYBC which will incorporate policy review. June 2012: The ICT Strategy has been approved at GYBC Cabinet and published on the internet. The policies are being reviewed as part of the ICT programme, the framework of which has been agreed and work has commenced. Specific timescales for individual policies have yet to be finalised. Revised deadline October 12 March 2012: The ICT strategy for Norfolk County Council is now going through the approval process. A meeting is to be held on 13th March 2012 to adapt this to incorporate the requirements of GYBC and ensure that it becomes a

of 348


GYBC ICT strategy. Once complete it will go through the GYBC approval process. The policies are in the process of being reviewed by NCC and a piece of work is underway to combine both service desks and standardise processes. This is scheduled for April 2012. Revised deadline is July 12 Nove 11: No progress to date. Revise deadline to March 12. Sept 11 There were delays in looking at this area while discussions were had with south Norfolk DC. Now decisions have been made this will be moved forward.

Audit – GY1217 Integra Application Report Issued - 03 Nov 11 Recommendation: 4 - Change Controls Priority: Medium Administrators should work with other Council colleagues to draft and agree a formal change control process that clearly documents all testing, results and formal acceptance of all application changes.

Agreed – A meeting is to be set up with our Revenues Team to examine their procedures around change and implement similar protocols for changes within Integra. Bearing in mind the number of Integra modules and the number of menu options to be tested.

Initial Deadline: 31 Mar 12 Revised Deadline: 30 Sep 14

Business Analyst Agreed Outstanding

December 2013 Dec 13: Still on-gong revised date 30 Sep 2014 August 2013: Still on going following the installation of the new integra environment in April 2013 Revised date 31 December 2013 May 2013: No response as yet. February 2013 Still ongoing.

of 348


Revised date 30 Sep 2013 November 2012: Still on-going Revised date 30 June 2013 IA Comment: Accepted however more details to justify extensions would be appreciated in the future. June 2012: Still on-going Revised date 31 December 2012.

Audit – GY1218 Capita Axis Application Report Issued - 15 Dec 11 Recommendation: 4 - System Log Priority: Medium The issue of the information contained within the system log should be escalated within Capita to ensure that activity within the application, including security events, can be adequately reviewed.


Chief Cashier Agreed Outstanding

December 2013 We still haven’t had an upgrade. The upgrade is scheduled for the next 2 months but if there are any delays it will be postoned until after Annual Billing. Revised deadline 1st March 2014 August 2013: See previous response. June 13 This will be done when we upgrade to version 9 towards the end 2013. February 2013 The fix is done in the next upgrade V8 Revised deadline: 30th September 2013 November 2012: Capita have tried to fix the system

of 348


log on several occasions but as yet it is not fixed. It is still an open call with Capita. September 2012 Capita have tried to fix the system log on several occasions but as yet it is not fixed. It is still an open call with Capita. June 2012: This will be done when the next system installation is done. Revised deadline 31 October 2012 March 2012: No response

Audit – GY1218 Capita Axis Application Report Issued - 15 Dec 11 Recommendation: 5 - Database Housekeeping/Integrity Checks Priority: Medium Management should investigate the feasibility of implementing database housekeeping processes on the AXIS database.

Agreed. We will investigate and implement appropriate solutions.



Agreed Outstanding

Dec 13 (BH) No further action on this due to delays in current project. Will review when current project is nearing completion. August 2013: Adhoc checks are currently carried out at various stages of implementation of projects. Over the last few years we have had key projects in this system so these have been regularly done. Member of the application support team is allocated to this system and leads on projects for ICT so has a good understanding of system and requirements. Will carry out further work to plan in regular housekeeping checks outside of project work after completion of latest project which is due to be complete Jan 14 Revise deadline to March 14

of 348


May 2013: BB to ask PK over previous issue. Feb 2013 Due to change in personnel within ICT it is no longer clear what actions are required by ICT to move this recommendation forward. Further clarification is required from auditors. Revised Deadline June 13 November 2012: No further progress to report. September 2012 No change to previous update June 2012: Work is currently being done around server migration so this piece has been delayed Revised deadline December 12 March 2012: No response

Audit – GY1218 Capita Axis Application Report Issued - 15 Dec 11Recommendation: 7 - Change Controls Priority: Medium Management should review the existing change control processes to allow for greater transparency. The following could be used as a baseline for the recording of test results: • Test description; • Test Result; • Result as expected (Y/N)?; • If no, why not?; and • Retest plan.

Agreed. Initial Deadline: 31 Dec 11 Revised Deadline: 31 Mar 14

Chief Cashier Agreed Outstanding

December 2013 I haven’t been asked to test the upgrade for V7 only send data. Revised 31st March 2014 August 2013: The Aim project hasn’t been done yet. As previous response. June 13 This will be done when we upgrade

of 348


to version 9 towards the end 2013 Revised deadline date: 30th September 2013 February 2013 Test data sent from the cash system for use in the AIM testing but the testing is being controlled by Nikki Web November 2012 There hasn’t yet been any structured testing required for the AIM Project. Liasing with Nikki Webb, not rolled out to all sections due to Capita delays in fixes. REVISED DEADLINE 30 APRIL 2013 September 2012 There hasn’t yet been any structured testing required for the AIM Project. IA: No revised deadline provided. June 2012: This will be done for the AIM Cash management planned completion 2012. March 2012: No response

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13Recommendation: 3 - Inventory Priority: Medium Management should create physical inventory for each department that

Agreed. Initial Deadline: 31 Jul 13


Agreed

December 2013: Managers were due to submit their

of 348


contains key manual documentation that they would need in the event of a Business Continuity invocation. For example, the inventory would likely contain blank application forms, procedure manuals and stationery as a minimum. The local department plans should also update their requirements for desks and PCs over time and work with other departments to share facilities wherever possible. The inventory for each department should also be reviewed on a periodic basis.

Revised Deadline: 31 Mar 14

Outstanding updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans. I’ve been through the audit recommendations for BC and apart from the delay in submitting the updated BIA/BC plans we seem to be generally on track. September 2013: The revision and updating of the BIA/BC Plans will involve the drawing up of inventories. Some services have had “battle boxes” for several years (e.g. Environmental Health) but these have not necessarily been listed in the plans. They will now be listed in the revised BC Plans.

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13 Recommendation: 8 - Business continuity plan testing Priority: MediumManagement should draft and agree a formal Business Continuity testing programme as follows: • The programme encompasses a range of differing disaster scenarios that require different resource deployments, from theoretical desktop exercises to practical incident tests that mimic the most likely incident scenarios that the Council could encounter;

Agreed Initial Deadline: 30 Jun 13 Revised Deadline: 31 Jan 14


Agreed Outstanding

December 2013: Managers were due to submit their updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge

of 348


and • The tests should be formally documented into test reports or "lessons learnt" documents that are scrutinised and used to update the relevant plans. It should be possible to track how the plan updates have been initiated using agreed change control processes.

indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans. I’ve been through the audit recommendations for BC and apart from the delay in submitting the updated BIA/BC plans we seem to be generally on track. September 2013: A formal BC testing programme will be developed alongside the revision of BC Plans so that as plans are revised they can be tested. In the meantime tests have been carried out in advance of planned work that could have BC implications. This has been related to testing IT system contacts for the server move at the end of January and in advance of the power changeover at County Hall in September 2013.

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13Recommendation: 9 - Maintaining the Plan Priority: Medium Management should ensure that a process whereby all relevant service area documentation/materials is reviewed on a periodic basis or following an incident that effects the plans to ensure that they are complete and up to date, should be implemented. This could be supported by a prompt from the Emergency Planning Manager, together with a documented confirmation from each service when the review has been completed.

Agreed. Initial Deadline: 30 Jun 13 Revised Deadline: 31 Jan 14


Agreed Outstanding

December 2013: Managers were due to submit their updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans.

of 348


I’ve been through the audit recommendations for BC and apart from the delay in submitting the updated BIA/BC plans we seem to be generally on track. September 2013: All revised and updated BC plans will have an annual review date. Plans and review dates will be recorded on a summary spreadsheet maintained and monitored by the Emergency Planning Manager. This is currently being established so that as BC Plans are finalised they will be entered and monitored.

Audit – GY1316 Network Infrastructure Report Issued - 10 May 13 Recommendation: 13 - Service Level Agreement (SLA) Priority: MediumManagement should work with Norfolk County Council to draft and agree an appropriate SLA that is regularly monitored.

Agreed. We are working on a scoping document that will form the basis of an SLA.

Initial Deadline: 31 Aug 13 Revised Deadline: 31 Dec 14


Agreed Outstanding

Dec 13 (BH) There is to be a review of the service provision for GYBC due to the introduction of the new DNA set up. As part of this the delegation agreement will need to be updated together with the production of an SLA. Amend deadline to December 14 and change responsibility to Beverley Houghton Aug 2013 No further information received

Audit – GY1316 Network Infrastructure Report Issued - 10 May 13 Recommendation: 16 - IT Security Policy Requires Update Priority: Medium Management should ensure that appropriate IT security policies are updated to raise awareness of virus and malware/adware issues and provide advice on how to report them.

Agreed. Norfolk County Council are working with Great Yarmouth Human Resources to make changes to staff contracts so that they are required to comply with Norfolk County Council IT policies, which will replace the equivalent Great Yarmouth policies in this area.

Initial Deadline: 31 Jul 13 Revised Deadline: 31 Dec 14


Agreed Outstanding

Dec 13 (SL) We now have PSN accreditation for GYBC. Review of strategies and policies will be part of ISO 27001 accreditation work during 2014 as part of DNA project implementation. ICT will work with GYBC HR to notify users when policy is available

of 348


September 2013: The GYBC infrastructure was moved to County Hall at the end of January 2013 and the final network connectivity was completed at the end of March 2013. PSN compliance has also been worked on for GYBC and part of this work now is to review all the policies to ensure that they mirror the PSN compliance requirements. This work is to be timetabled in shortly. Revised deadline December 14 September 2013: This should be the responsibility of the HR service Manager. The Manager has been on leave and was not initially made aware of the recommendation therefore a full update cannot be provided at present. Revised deadline date 31st January 2014

Audit – GY1419 Remote Access Report Issued - 06 Sep 13 Recommendation: 1 - IT Security Policy Priority: Medium Management should ensure that the IT Security policy and Contractors/Suppliers connecting to Great Yarmouth BC Network Policy are reviewed as soon as possible and then at least annually thereafter. After each review, the updated policy should be communicated to all staff.

Agreed. Initial Deadline: 31 Dec 13 Revised Deadline: 31 Mar 14

Information Manager

Agreed Outstanding

December 2014 No action since the Norfolk County Council ICT Security Architect left in the summer of 2013.

Audit – GY1419 Remote Access Report Issued - 06 Sep 13 Recommendation: 2 - User remote access signoff Priority: Medium Management should ensure that all staff with remote access privileges are required to sign off a declaration in a similar way to the process used

Agreed in principle. Users are already required to sign off their acceptance of Council policy as part of their contract of

Initial Deadline: 31 Dec 13 Revised Deadline:

Information Manager

Agreed Outstanding

December 2014: All remote users now have to use two-factor authentication

of 348


for suppliers where they have been asked to sign off a Code of Connection policy.

employment. Disclaimer screens are also shown on screen when users log into the network and must be clicked away before being granted access to the network. This will continue when users are migrated to the two-factor authentication process.

31 Mar 14 No action on the policy since the Norfolk County Council ICT Security Architect left in the summer of 2013 Revised deadline to be stated as March 2014.

Audit – GY1419 Remote Access Report Issued - 06 Sep 13 Recommendation: 4 - Regular review of accounts with remote access privileges Priority: MediumManagement should implement a process whereby a regular review of user accounts with remote access privileges is conducted to identify accounts that may have fallen into disuse. All such accounts should have their remote access privileges revoked.

Agreed. We are currently conducting fortnightly reviews of user activity to understand which accounts are the most active. This is for the purposes of identifying which accounts should have their remote access revoked and which should be migrated to the new two-factor authentication process. Once this has been established, a six monthly review will be implemented.


Information Manager

Agreed Outstanding

December 2014 1 report sent by Norfolk County Council in October that only contained data from the 1st october due to a fault in countys report No reports since. Revised deadline stated as March 2014.

Audit – GY1315 Business Continuity Report Issued - 25 Apr 13 Recommendation: 4 - Contact details and third parties Priority: Low Management should ensure that relevant contact details for all key resources that will be required are identified. These must include out of hours staff contact details and third party contractor contacts.

Agreed. Initial Deadline: 31 Jul 13 Revised Deadline: 31 Mar 14


Agreed Outstanding

December 2013: Managers were due to submit their updated BIA/BC Plans by mid-December. A number have been submitted but some are still being developed. The Tidal Surge came at a time when many managers were diverted to implementing actual BC measures and were not able to complete in time for the mid-December deadline. The tidal surge indicated procedures were followed which maintained services for the period of the tidal surge. There are lessons to be learned from this experience which can be incorporated into the updated plans. I’ve been through the audit recommendations for BC and apart from the delay in submitting the

of 348


updated BIA/BC plans we seem to be generally on track. September 2013: Issues related to maintaining up to date contact details of key staff and third parties were discussed at the BC Workshop on 09/09/13. It was agreed that a central record of contacts will be maintained rather than include in each individual BC Plan. Key staff will have access to the confidential contact sheet which supports all emergency and BC plans. There are several advanatages to this approach which can help to overcome the sensitive nature of recording personal data.

Audit – GY1419 Remote Access Report Issued - 06 Sep 13 Recommendation: 3 - Proactive monitoring of remote access connections Priority: LowManagement should implement a process whereby remote access connections are proactively monitored.

Stated in the debrief meeting that the service will look at the feasibility of implementing the recommendation, being mindful of the fact that the service is only used by a very small number of users. Group Manager – Customer Services to liaise with Norfolk County Council staff over the implementation of the recommendation


Group Manager - Customer Services

Agreed Outstanding

December 2014 With the PSN work now complete a quarterly review of user remote access connections will be undertaken. ICT Business partner will provide a report of usage which will be invetigated and reviewed by GYBC Information Manager. Ongoing.

of 348

Subject: Progress Report on Internal Audit Activity, 1 September 2013 to 23

January 2014




This report examines progress made between 1 September 2013 and 22 January

2014 in relation to delivery of the Annual Audit Plan for 2013/14, and includes

abbreviated management summaries in respect of six audit reviews and the

Computer Audit Needs Assessment which have been finalised during this period.


Receive and note the outcomes of those audits finalised during the preceding 5

month period.

Note the current status of the Annual Plan for 2013/14 and where the re-

timetabling of some work has proved necessary.

1. BACKGROUND

1.1 The Accounts and Audit Regulations 2011 require that the Council must undertake an adequate and effective internal audit of its accounting records and of its system of internal control in accordance with the proper practices in relation to internal controls. To assist the authority with fulfilling this responsibility, this Progress Report, the first to be presented to members during the financial year, comments on the results of Internal Audit work carried out between 1 April and 1 August 2013, in relation to the Annual Audit Plan for 2013/14.

1.2 The Public Sector Internal Audit Standards which came into affect on 1 April 2013 also require that this Committee receives regular communications regarding Internal Audit’s performance in relation to the plan. This report seeks to meet this requirement and ensure that independence and objectivity (Standard 1100) is maintained.

1.3 Members will recall that our first Progress Report for this year was submitted on 19 September 2013 and contained Management Summaries from 3 completed audit assignments.

2. THE CURRENT COMPOSITION OF THE ANNUAL AUDIT PLAN

2.1 There has been one change to the overall complexion of the Annual Audit Plan since it was approved by this Committee on 28 March 2013. It has been necessary to postpone the planned audit of Performance Management, Corporate Policy and Business Planning (GY/14/14) to 2014/15 due to the current redevelopment of the Council’s performance

of 348

management framework. This change was discussed and agreed with both the Chair of this Committee and the Section 151 Officer in advance of any changes being agreed with the relevant Group Manager.

2.2 We were also able to negotiate a slight reduction in the number of days for the completion of the Data Centre, Back Up and Disaster Recovery audit (GY/14/17) as it was undertaken in conjunction with the same audit for Breckland District Council. Both Councils’ IT infrastructure is supported by Norfolk County Council, hence there was some cross over in coverage enabling the reduction in days.

2.3 These changes have resulted in the planned audit days for 2013/14 reducing by 10.5 days, from 241 days to 230.5 days.

2.4 There has also been some minor rescheduling of 2 audit assignments. Here, we have agreed with management to slightly delay the start date of the Accountancy Services (GY/14/07) audit fieldwork to ensure that the reviews are undertaken with minimal disruption to staff. Whilst the Corporate Governance and Risk Management (GY/14/15) work has shifted from January to February to ensure that this audit can review as much of operational practices followed in year as possible.

2.5 The rescheduling of the work within the current year and the updated timetable for undertaking the 2013/14 audit assignments is noted in Appendix 1 to this report.

3. DELIVERY OF PROGRAMMED AUDIT WORK IN ACCORDANCE WITH THE ANNUAL AUDIT PLAN FOR 2013/14

3.1 As confirmed in Appendix 1, Internal Audit has been tasked to provide a total of 230.5 revised days of programmed work. At the time of writing this report, a total of 194 days had been received from the Internal Audit Services contractor. This figure equates to 84% of the planned days earmarked for delivery in 2013/14.

3.2 Between September 2013 and January 2014, we have been able to achieve the following:

Six assignments have been completed and final reports issued (Audit Nos. GY/14/02 Tourism, Marketing, Communications and Media, GY/14/03 Great Yarmouth Market, GY/14/05 Planned and Responsive Maintenance, GY/14/06 Localism and Communities, GY/14/17 Data Centre, Back Up and Disaster Recovery and GY/14/19 Remote Access);

The final report has been issued in relation to the Computer Audit Needs Assessment (GY/14/18);

A draft report has also been issued in relation to Audit no. GY/14/08 Receipt, Handling and Banking of Remittances, with management responses to this imminent;

of 348

Fieldwork has been performed in respect of Audit No. GY/14/09 Environmental Health Services, with the draft report due to be issued shortly.

Fieldwork is in progress for 5 assignments, Audit Nos. GY/14/07 Accountancy Services, GY/14/10 Sundry Debtors, GY/14/11 Housing Benefit and Council Tax Support, GY/14/12 Work to Support the Annual Governance Statement and GY/14/13 Council Tax and NNDR; and

An audit brief has been drafted for one further assignment; Audit No. GY/14/15 Corporate Governance and Risk Management.

4. OUTCOMES OF WORK UNDERTAKEN

4.1 With reference to the work completed in the preceding period to 22 January 2014, as mentioned above, we have been able to finalise six audits during this period and their respective management summaries are attached at Appendix 2 to this report. We have also finalised the Computer Audit Needs Assessment during this period and the final report is attached at Appendix 3 to this report.

4.2 In the case of the audit of Tourism, Marketing, Communications and Media (GY/14/02) an adequate assurance level was awarded, remaining the same since the previous audit. The medium priority recommendations are designed to improve controls in relation to the Tourism Action Plan, guidance is issued for marketing protocols and that the Social Media Policy is finalised and approved. It was also acknowledged that the Greater Yarmouth Tourist Authority was in the process of applying for Business Improvement District status. This initiative aims to generate more revenue to support increased marketing activity, amongst other things. It was additionally noted that the Marketing Action Plan and budget will need some reworking to reflect this if the bid is successful.

4.3 With reference to the audit of Great Yarmouth Market (GY/14/03), an overall unsatisfactory assurance opinion was awarded on conclusion of the review, with the assurance level deteriorating since the last audit. A total of 11 recommendations (3 high, 7 medium and 1 low) were put forward upon conclusion of our work. Recommendations have been raised or referenced in relation to the majority of risks and controls identified in the audit brief, therefore reflecting a lack of control across all aspects of the scope and service covered.

The recommendations made within the audit report relate to the log of attendees, segregation of duty for cash handling and receipting, arrears reports, the need for a Markets Strategy, procedural guidance, monitoring of market activities, public liability insurance checks, review of licences, and the maintenance of an issues log. Management have agreed all the recommendations raised within the report and note the improvement that is necessary to the system of internal control. Management are committed to addressing these recommendations by financial year end and are

of 348

currently reviewing the service in conjunction with progressing the recommendations.

4.4 We have given an overall adequate assurance opinion to the Council’s Planned and Responsive Maintenance service (Audit No. GY/14/05). The level of assurance has remained unchanged since we previously examined operational arrangements, thus indicating a stable control environment within this area. On conclusion 7 medium priority and 1 low priority recommendations have been made to improve the system of internal control, particularly in the area of responsive maintenance where 4 of the 7 recommendations have been made to improve both the adequacy and effectiveness of the control environment.

4.5 A review of Localism and Communities (GY/14/06) was undertaken for the first time in 2013/14, with an adequate assurance opinion being awarded. The audit covered Community Right to Bid, Community Right to Challenge and Neighbourhood Planning; concluding that the Council is adequately prepared for receiving applications and appropriate processes are in place in readiness for any activity in these areas. Recommendations have been made to further enhance the effectiveness of these controls going forward.

4.6 The audit of Data Centre, Back Up and Disaster Recovery (GY/14/17) concluded in a limited assurance opinion being awarded. Although only 4 recommendations have been raised, the lack of an agreed Disaster Recovery Plan and testing of the plan is considered to be sufficiently high risk to warrant the limited grade. In addition 2 further recommendations were made to ensure that the Council consults with Norfolk County Council (NCC) to obtain assurance that NCC can support its services should the primary site fail and to ensure that the Council works with NCC to understand the nature of the work being done to incorporate monitoring of the Council’s network switch infrastructure.

4.7 The final audit to be completed relates to Remote Access (GY/14/19) where an adequate assurance level was awarded. Five recommendations were raised relating to policies and procedures, monitoring of remote access and access controls.

4.8 As mentioned above, we have also concluded the Computer Audit Needs Assessment which formulates a programme of computer audits to address the areas of risk identified in the courses of discussion and review of the current position of the Council’s IT infrastructure, management of IT provisions generally and software applications currently in use. Proposed future review work will generate independent assessments as to the efficiency and effectiveness of the Council’s IT systems, procedures and operations.

No changes were sought to computer audit coverage timetabled for 2013/14. The Computer Audit Needs Assessment (attached at Appendix 3) singled out 10 audits for completion over the next three years, alongside a further assessment, required in 2016/17 to set another programme of IT reviews for successive years. Whilst the new cycle of work has outlined computer audit activity up to 2016/17 it is important to note that the current Internal Audit Services Contract comes to an end in September 2014, so

of 348

the blend of future audits may well change again, depending on the Internal Audit Service delivery model that the Council seeks to adopt from that point forward.

It is also required that there is an ongoing need to revisit agreed actions from previous audit work to confirm progress made to address internal control weaknesses and/or introduce enhancements to existing operational arrangements. Hence the Computer Audit Needs Assessment advocates that follow up work is undertaken regularly and provision has been made to permit this.

5. CONCLUSION

5.1 Good progress has been made to date with the delivery of the revised Annual Audit Plan for 2013/14, and the programmed work is advancing as expected.


None

LEGAL IMPLICATIONS:

None

EXECUTIVE BOARD OR DIRECTOR CONSULTATION:

None RECOMMENDATIONS It is recommended that the Committee:

Receive and note the outcomes of those audits finalised during the preceding

5 month period ending 22 January 2014.

Note the current status of the Annual Plan for 2013/14 and where the re-

timetabling of some work has proved necessary.






Issues None

Legal None

Financial None

Risk None

Sustainability None

Equality None


Human Rights None


APPENDICES:

of 348

Appendix 1: Review Work delivered in accordance with the Annual Audit Plan for 2013/14

Appendix 2: Management Summaries of Completed Audit Assignments Appendix 2 (1) GY/14/02 Tourism, Marketing, Communications and Media Appendix 2 (1) GY/14/03 Great Yarmouth Market Appendix 2 (3) GY/14/05 Planned and Responsive Maintenance Appendix 2 (4) GY/14/06 Localism and Communities Appendix 2 (5) GY/14/17 Data Centre, Back Up and Disaster Recovery Appendix 2 (6) GY/14/19 Remote Access Appendix 3: Computer Audit Needs Assessment and Strategic Plan

of 348

Appendix 1

Audit No. Description of Audit Frequency of Audit

Coverage

Original Days Planned

Revised Days

Planned

Days Delivered

Original Scheduling Status Assurance Level applicable

Summary Report Details presented

to Members

GY/14/01 Printing Services, Reception and Customer Services

3-yearly 8 8 8 April CompleteFinal Report issued 2 September 2013

Print and Design - Limited

Reception, Town Hall & Customer Services -

Adequate

19 September 2013

GY/14/02 Tourism, Marketing, Communications and Media

3-yearly 10 10 10 AprilOctober

CompleteFinal Report issued 8 January 2014

Adequate 13 February 2014

GY/14/03 Great Yarmouth Market 2-yearly 12 12 12 MaySeptember

CompleteFinal Report issued 28 November 2013

Unsatisfactory 13 February 2014

GY/14/04 Bereavement Services 3-yearly 10 10 10 May CompleteFinal Report issued 14 August 2013

Adequate 19 September 2013

GY/14/05 Planned and Responsive Maintenance 2-yearly 18 18 18 July CompleteFinal Report issued 18 October 2013


GY/14/06 Localism and Communities 2-yearly 10 10 10 September CompleteFinal Report issued 4 December 2013


GY/14/07 Accountancy Services 2-yearly 17 17 15 OctoberDecember

Fieldwork currently underway.

GY/14/08 Receipt, handling and banking of remittances

2-yearly 10 10 9 October Draft report issued and management response imminent

Adequate

GY/14/09 Environmental Health Services 3-yearly 15 15 14 November Fieldwork complete and draft report due to be issued

GY/14/10 Sundry Debtors 2-yearly 10 10 6 December Fieldwork currently underway.GY/14/11 Housing Benefits and Council Tax Support 2-yearly 22 22 18 December Fieldwork currently underway.

GY/14/12 Work to Support the AGS Annual 11 11 4 January Fieldwork currently underway.GY/14/13 Council Tax and NNDR 2-yearly 20 20 16 January Fieldwork currently underway.GY/14/14 Performance Management, Corporate

Policy and Business Planning2-yearly 10 0 0 January Audit cancelled due to redevelopment of

the Council's Performance Management framework to be undertaken in 2014/15.

GY/14/15 Corporate Governance and Risk Management

Annual10 10 January

FebruaryDraft audit brief prepared

Systems audit follow up 10 10 7.5 4 x exercises to coincide with reporting to Audit and Risk Committee

203 193 157.5 82%

GY/14/16 Revenues and Benefits 2-yearly 12 12 12 AprilCompleteFinal Report issued 10 July 2013

Adequate 19 September 2013

GY/14/17Data Centre, Back Up and Disaster Recovery

3-yearly 10 9.5 9.5May

November/DecemberCompleteFinal Report issued 8 January 2014

Limited 13 February 2014

GY/14/18Computer Audit Needs Assessment 3-yearly 5 5 5 June

AugustCompleteFinal Report issued 8 October 2013

Not applicable 13 February 2014

GY/14/19Remote Access 4-yearly 7 7 7 September Complete

Final Report issued 6 September 2013Adequate 13 February 2014

Computer audit follow up 4 4 3 4 x exercises to coincide with reporting to Audit and Risk Committee

38 37.5 36.5 97%

241 230.5 194 84%

Review Work delivered in accordance with the Annual Audit Plan for 2013/14

TOTAL PLANNED WORK

PLANNED COMPUTER AUDIT WORK

TOTAL PLANNED COMPUTER AUDIT WORK

PLANNED SYSTEMS AUDIT WORK

TOTAL PLANNED SYSTEMS AUDIT WORK

of 348

Management Summaries of Completed Audit Assignments

Appendix 2(1) Report No. GY/14/02 – Final Report issued 8 January 2014 Audit Report on Tourism, Marketing, Communications and Media Audit Scope The scope of the audit covered the following areas to help confirm that control environment is operating effectively and efficiently:

Tourism; Marketing; and Communications (including Media).

Assurance Opinion

Unsatisfactory Assurance

Limited Assurance Adequate Assurance

Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed adequate in managing the risks associated with Tourism, Marketing, Communications and Media that fall within the scope of this audit. The assurance opinion has been derived as a result of four medium and two low priority recommendations having been raised. The assurance level has remained the same since the previous audit. The four medium priority recommendations relate to the need to ensure the Tourism Action Plan records all relevant details, the receipt numbers for all marketing products are recorded, guidance is issued for marketing protocols and the Social Media Policy is finalised approved and issued. The Greater Yarmouth Tourist Authority is in the process of applying for Business Improvement District status, with polling of members to take place in March/April 2014. This aims to increase revenue that will be used, among other things, to increase marketing activity. It was noted within the audit that the current strategies and plans (in particular the Marketing Plan) do not take into account the potential increase in budget; these will be updated if the application is successful. The assurance opinion is based upon the current status and strategies of the service. The Communications and Press Relations Officer commenced employment with the Council in July 2013 and has initiated changes to the process. Communications protocols have been developed and are due to be approved by the Portfolio Holder prior to approval. Examples were obtained of cases whereby the principle of these protocols has been upheld. However, it was noted during the audit that these have been informally introduced and followed as appropriate.. Press enquiries are not currently recorded within a collated log due to them all being received by the single Communications and Press Relations Officer. The Council should consider introducing a formal log should the number of press releases increase or additional members of staff be assigned to dealing with press enquiries, although a recommendation will not be raised based upon the current situation. A risk register is currently in development by the service which is being compiled by the Group Manager as part of the implementation of a new system of risk management within the

of 348

Council. A review of Corporate Governance and Risk Management is to be undertaken in February 2014. A source of income for the service is through the sale of tickets, souvenirs and merchandise through the Tourist Information Centre. Receipt of income within the Tourist Information Centre has not been tested within this audit and will be considered within audit GY/14/08 Receipt, Handling and Banking of Remittances. Positive Findings We found that the Council has demonstrated the following areas where sound controls are in place and operating consistently.

The Council’s strategies in relation to Tourism are linked to the Greater Yarmouth Tourist Authority, which has approved the content of the strategy.

A Marketing Plan is in place that states the methods to which the Council will look to spend on marketing activity during 2013/14.

Monthly updates on marketing activity and success are provided to the Greater Yarmouth Tourist Authority Board. These updates have been reported to the Marketing Group of the Greater Yarmouth Tourist Authority, although this group has not met on a consistent basis and consideration should be taken as to whether the group meets on a more regular basis.

Communications protocols have been developed, which state staff responsibilities with regard to press releases and enquiries. They implement a process by which the Communications and Press Relations Officer will have involvement in all releases and enquiries and thus use his expertise in dealing with the press.

Control weaknesses to be addressed During our work we have identified the following area(s) where we believe that the processes / arrangement within Tourism, Marketing, Communications and Media would benefit from being strengthened, and as a result of these findings medium priority recommendations have been made:

The Tourism Strategy Action Plan should state clear individual responsibilities and timeframes for completion. Monthly updates should be clearly stated with no generalised or ambiguous statements made in order to identify and report upon exact progress, and identify further actions and timeframes for completion.

Receipt numbers for income received for marketing products should be stated on the spread sheet at all times to enable prompt tracking of income received.

There are no policies, procedures or protocols currently in place governing how marketing is undertaken by services. Clearly defining responsibilities of the service and cases where the service should seek guidance from the Marketing team will help to confirm that appropriate, effective marketing methods are adopted.

A Social Media Policy should be introduced which sets down the Council’s approach and staff responsibilities in the use of social media in order that opportunities to market Council activities and services are maximised and also to confirm that staff are aware of their responsibilities when using social media.

In addition, we have raised two low priority recommendations for control enhancements in respect of training for staff on communications and publishing of policies and procedures for marketing and communications on the intranet.

of 348

Summary of the adequacy and effectiveness of controls

High Priority Recommendations No high priority recommendations have been raised as a result of this audit Management Responses Management have accepted the recommendations raised.

Adequacy and Effectiveness Assessments

Area of Scope Adequacy

of Controls

Effectiveness of Controls

Recommendations Raised

High Medium Low Tourism Green Amber 0 1 0 Marketing Amber Amber 0 2 0 Communications Amber Amber 0 1 2

Total

0 4 2

of 348

Appendix 2(2) Report No. GY/14/03 – Final Report issued 28 November 2013 Audit Report on Great Yarmouth Market Audit Scope The scope of the audit covered:

General Market Operations; Licences and Operations of Traders; and Income.

Assurance Opinion – Unsatisfactory Assurance



Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed unsatisfactory in managing the risks associated with Great Yarmouth Market that fall within the scope of this audit. The level of assurance has deteriorated since the previous audit undertaken for this area in 2011/12 which received a limited assurance opinion. The assurance opinion has been derived as a result of three high, seven medium and one low priority recommendations being raised. This also reflects recommendations having been raised which address the risk of fraud as stated in 2.3.3 and the lack of progress made on recommendations raised within the previous two reports, which are noted in 2.3.4. Recommendations have been raised or referenced in relation to the majority of risks and controls identified within the audit brief. This therefore reflects a lack of control within all aspects of the scope and service covered within this audit. Areas entitled ‘General’ and ‘Licences and Operations of Traders’ have been afforded Amber ratings within table 2.6 meaning that there is inadequacy in control and thus controls have been proposed in order to improve this. Four recommendations have been made to ensure that; there is up to date and complete procedural guidance, that a log is maintained to retain an audit trail of attendees within the market and expected fees, that cash receipting processes are revised in order to demonstrate receipt of all expected cash and the necessity to produce arrears reports in a more timely manner to enable proactive action to be taken. These all relate to issues where there is the risk of fraud and the proposed recommendations will enable to the Council to more fully mitigate against this. Four recommendations relate to issues which have been previously raised in audit reports with no action taken to implement the recommendations, these relate to; procedural guidance, service monitoring, public liability insurance checking and arrears reports.

of 348

Positive Findings

We found that the Council has demonstrated the following points whereby sound controls are in place and operating consistently:

The Council has a regular presence within the Market. The Markets Superintendent is based on the Market place four days per week (with an additional day within the summer period). The Council has a locked office within the Market within which cash and documents can be stored.

The Council has encouraged traders to pay by direct debit and has seen an increase so that 29 of 34 six day and 10 of 44 two day traders pay by direct debit.

Reconciliations are undertaken to confirm that cash and cheques deposited within the bank have been correctly accounted for.

Control weaknesses to be addressed During our work we have identified the following key area(s) where we believe that the processes / arrangements within Great Yarmouth Market would benefit from being strengthened, and as a result of these findings high priority recommendations have been made:

A log of attendees within the market and expected fees and ad hoc arrangements such as discounts or rent fee periods should be implemented in order to allow for reconciliation of fees received. Recommendation 3 of audit GY/12/08 Markets related to the requirement to document key decisions. No recent progress was made on the implementation of this recommendation with earlier responses within follow up reviews suggesting that no relevant decisions had been made. The current review identified examples whereby specific arrangements have been put in place, which have not been documented to display the reasons and which should have been discussed with the Portfolio Holder, therefore a new recommendation has been raised to supersede the previous recommendation.

Additional control should be added to the cash handling and receipting process so in order to enable segregation of duties and subsequent checking of income received against attendance records. At present, there is no control in place which provides assurance over confirming that cash has been taken for all traders, regular and casual.

Arrears reports should be produced on a regular basis to enable monitoring of the current status of arrears amongst market traders and to facilitate prompt chasing of rental arrears. Issues have been previously raised in relation to the need to ensure that Debt Recovery Procedures are implemented.

During our work we have identified the following areas where we believe that the processes / arrangements within Great Yarmouth Market would benefit from being strengthened, and as a result of these findings the following medium priority recommendations have been made.

A strategy should be put in place over Great Yarmouth Market which clearly states the Council’s vision, aims and objectives to enable a specific approach and monitoring of outcomes.

Procedural guidance should be put in place within the service for areas such as cash handling, receipting and banking, arrears recovery, correspondence with other departments and events management. This will help to enable a consistent and controlled approach to these areas. Recommendation 1 of audit GY/12/08 Markets related to the requirement to implement a debt recovery policy. No progress has been made on the implementation of the policy and therefore this wider recommendation has superseded the previous one.

of 348

Monitoring of market activities should be undertaken on a regular basis to identify and confirm how objectives are being set. Recommendation 6 of audit GY/12/08 Markets related to the requirement to implement performance measures. No progress has been made on the implementation of the recommendation and it was felt that heightened clarification over expectations were required, particularly following the adoption of systems thinking principles within the Council and therefore this recommendation has been superseded.

Public Liability Insurance checks are not undertaken prior to traders commencing trading on the market. Recommendation 2 of audit GY/12/08 Markets related to this and we were informed by management during quarterly follow up checks that this had been implemented, however this found to not be the case and the recommendation has been restated in this report.

A review of licences should be undertaken to confirm that they are reflective of current practices and contain details of all traders’ responsibilities. Revised licences should be reissued with the Traders Guide to confirm that all traders have received licences reflective of current management expectations and to provide affirmation of traders’ responsibilities.

An issues log should be put in place to document key queries, issues and arrangements which have been put in place, which can also be used to monitor the satisfactory closure of such issues.

Receipts should only be produced when payment has been received and not in order to pre-empt payment. An example was identified where there was a delay between receipt and banking of cash with this provided as explanation.


High Priority Recommendations A total of 3 high priority recommendations have been raised as a result of this audit: General Market Operations Attendance and Fee Log, and Independent Reconciliation Recommendation 7) A log should be put in place by the Council in order to document the following aspects:

Attendees of the Market; Fees paid by traders with the date and receipt number documented; and, Rent free periods, discounts or specific payment arrangements set down with

traders. In addition, an independent reconciliation should be undertaken of income received against the amounts expected from this.



of Controls Effectiveness of

Controls


High Medium Low General Market Operations

Amber Amber 0 3 0

Licences and Operations of Traders

Amber Amber 1 3 1

Income Green Amber 2 1 0 Total

3 7 1

of 348

General Market Operations Cash Handling Procedures (Recommendation 9) Revisions should be made to the method of taking cash so that two people are in attendance when cash is taken and recorded. This should be updated within procedural guidance stated within Recommendation 2. General Market Operations Arrears Reports (Recommendation 10) Arrears reports should be produced and updated on a regular basis with recovery action taken, including the case identified in our review. Arrears reports should be produced by an officer independent of that taking the monies with receipts produced being used to formulate the reports. The Council should look to produce an electronic version of the reports so that they can be easily updated. Management Responses Management have accepted all recommendations raised as a result of our review work.

of 348

Appendix 2(3) Report No. GY/14/05 – Final Report issued 18 October 2013 Audit Report on Planned and Responsive Maintenance Audit Scope The scope of the audit covered:

Strategy, Policies and Procedures; Annual Servicing; Planned Maintenance; Responsive Maintenance; and, Voids.

Assurance Opinion – Adequate Assurance



Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed adequate in managing the risks associated with Planned and Responsive Maintenance that fall within the scope of this audit. The level of assurance has remained the same since the previous audit undertaken for this area. The assurance opinion has been derived as a result of seven medium and two low priority recommendations being raised. A medium priority recommendation raised in the previous audit (GY/12/03 Planned and Responsive Maintenance) in relation to the requirement to develop a Property Maintenance Strategy also remains outstanding which has impacted upon the assurance opinion awarded within this report. The contract with Norse is due to be extended from 30th September 2013. The contract extension has been produced however it had not been signed at the time of fieldwork. It has also been noted within the audit that improvements have been identified within void repairs processes. This includes the introduction of a Voids Standard and trial of new processes within the Greyfriars area within which void repairs are initiated when keys are received, as opposed to a delay which had been occurring following systems thinking recommendations. Evidence has been seen that these are in the process of being implemented and therefore they have not impacted upon the assurance. Positive Findings

We found that the Council has demonstrated the following points whereby sound controls are in place and operating consistently:

Following the Systems Thinking Intervention in 2010, the Responsive and Void Repairs Team have sat with Norse call handlers within Maritime House. This enables co-working and timely resolving of issues.

Payments made to Norse for responsive repairs are checked and approved in line with policy.

of 348

Control weaknesses to be addressed During our work we have identified the following areas where we believe that the processes / arrangements within Planned and Responsive Maintenance would benefit from being strengthened, and as a result of these findings the following medium priority recommendations have been made.

There is insufficient evidence to confirm that the Council had met the 5-8% target in respect of quality checks undertaken on the annual servicing of gas boilers and oil burners over the previous 12 months. This will help to confirm the standard of services being completed by the contractor.

The Planned Maintenance Revenue Programme has not been conducted within 2012/13 or 2013/14. This should be reintroduced to maintain the condition of properties in line with their needs.

The type of information obtained within the Management Information Report should be reviewed to confirm its relevance. In particular, consideration should be given as to the inclusion of details regarding the type, scale and urgency of works conducted within performance reports.

Quarterly and monthly contract meetings with Norse are not currently minuted to provide evidence of discussions and decisions taken.

Effective quality assurance processes are not undertaken on responsive repairs and a mechanism for undertaking sample testing should be devised to confirm the quality of works in line with the contract.

A mechanism for the recording and monitoring of complaints should be introduced to provide assurance over their handling within the service and inform corporate monitoring.

Inspections should be conducted on completed void repairs to confirm that the property is suitable for tenancy.


High Priority Recommendations No high priority recommendations have been raised as a result of this audit Management Responses Management have accepted the recommendation raised.



of Controls Effectiveness of

Controls


High Medium Low Strategy, Policies and Procedures

Green Amber 0 0 1

Annual Servicing

Green Amber 0 1 0

Planned Maintenance

Amber Green 0 1 0

Responsive Maintenance

Amber Amber 0 4 1

Voids Amber Amber 0 1 0 Total

0 7 2

of 348

Appendix 2(4) Report No. GY/14/06 – Final Report issued 4 December 2013 Audit Report on Localism and Communities Audit Scope The scope of the audit covered the systems and controls in place within Localism and Communities to confirm they are operating adequately, effectively and efficiently, in particular, over the following areas:

General; Community Right to Bid; Community Right to Challenge; and Neighbourhood Planning.

Assurance Opinion Unsatisfactory Assurance


Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed adequate in managing the risks associated with Localism and Communities that fall within the scope of this audit. The assurance opinion has been derived as a result of two medium recommendations made to ensure that policies indicate clear responsibilities and to ensure that any potential conflict of interest in relation to right to bid applications. Since this is the first review of this area a direction of travel indicator is not appropriate. It is acknowledged that the Council has had one Community Right to Bid nomination to date and no formal expressions of interest for Community Right to Challenge or Neighbourhood Planning. The Council has also taken the approach that procedures are defined but it will await expressions of interest as opposed to proactively seeking applicants for these areas. The assurance opinions is therefore based upon the Council’s preparedness for receiving applicants and the controls and processes that have been put in place in readiness for ant activity within these areas. The three low priority recommendations have been assessed as such due to low level of interest in Community Right to Bid, Community Right to Challenge or Neighbourhood Planning to date. It was noted during initial planning that a key risk to the Council is resource availability should an increase in interest arise in these areas, particularly for Neighbourhood Planning where the Council has a responsibility to aid the parish council or community forum in the production of their plan. A recommendation has not been raised in this area. However, this should be considered and monitored to confirm preparedness if interest in Neighbourhood Planning increases. Positive Findings We found that the Council has demonstrated the following areas where sound controls are in place and operating consistently.

Briefing has been undertaken of staff and members in the terms of the Localism Act. This is supported by reports to Executive Management Team (EMT) in relation to Right to Bid, Right to Challenge and Neighbourhood Planning to clarify processes.

of 348

The Council has published a register of unsuccessful applicants for community assets on its website. It has not approved a successful application to date.

Standard procedures have been produced for Neighbourhood Planning which have been made available of the Council’s website. The Statement of Community Involvement has been updated to reflect the Localism Act and the Council’s intentions stemming from it.

Control weaknesses to be addressed During our work we have identified the following area(s) where we believe that the processes / arrangements within Localism and Communities would benefit from being strengthened, and as a result of these findings two medium priority recommendations have been made:

Policies over the Community Right to Bid and Community Right to Challenge processes should be revised and subsequently approved by EMT in order to clarify the roles and responsibilities for processing and approving applications and the requirement to complete land searches when a Community Right to Bid nominations is received.

Clarification should be sought from NP Law to consider whether it is able to receive legal counsel in Right to Bid applications/nominations where Norfolk County Council is the owning party of the land in question. Action should be taken to secure alternative advice if NP Law cannot be utilised in this instance.


* - Recommendation 1, raised within this area, is also relevant to areas on Community Right to Bid and Community Right to Challenge. Recommendation 2, raised within this area, is also relevant to areas on Community Right to Bid, Community Right to Challenge and Neighbourhood Planning. High Priority Recommendations No high priority recommendations have been raised as a result of this audit. Management Responses Management have accepted the recommendations raised.


Area of Scope Adequacy of Controls



High Medium Low General Green Amber* 0 2 1* Community Right to Bid

Green Amber* 0 0 0

Community Right to Challenge

Green Amber* 0 0 1

Neighbourhood Planning

Green Amber* 0 0 1

Total

0 2 3

of 348

Appendix 2(5) Report No. GY/14/17 – Final Report issued 8 January 2014 Audit Report on Data Centre, Backup and Disaster Recovery Audit Scope The audit covered the following areas:

Disaster recovery plan and procedures; Temporary arrangements; DRP test plan; Backup and recovery; Server Room performance monitoring; Server Room physical access controls; Server Room environmental controls; Planning and change control arrangements; and System performance monitoring.

Assurance Opinion



Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed to be limited in managing the risks associated with the Data Centre, Backup and Disaster Recovery that fall within the scope of this audit. Although only four recommendations have been raised, the lack of an agreed Disaster Recovery Plan and testing of the plan is considered to be a high enough risk to warrant the limited grade awarded here, with three further medium priority rated recommendations raised. The high priority recommendation relates to the need to develop, agree and implement appropriate Disaster Recovery plans. The three medium priority recommendations relate to the need to consult with Norfolk County Council to ensure that it will be able to support the Great Yarmouth Borough Council’s priority systems should the County Hall server facility be unavailable, the need to develop, implement and report on appropriate Disaster Recovery plan tests and to work with Norfolk County Council to understand the nature of the work being done to enhance System Centre Operations Manager (SCOM) to include the monitoring of network switches. Positive Findings We found that the Council has demonstrated the following points of good practice as identified in this review:

The County Hall Data Centre incorporates adequate environmental and physical controls that are monitored; and

The server infrastructure is monitored via the SCOM application, which helps to ensure that server performance issues can be detected and resolved in a timely manner.

of 348

Control weaknesses to be addressed During our work we have identified the following key area where we believe that the processes / arrangements within Data Centre, Backup and Disaster Recovery would benefit from being strengthened, and as a result of these findings a high priority recommendation has been made:

An appropriate Disaster Recovery Plan that supports the Council’s identified Business Priorities adequately should be drafted, agreed and implemented to help ensure that the Council’s priority systems can be recovered as per the timelines defined within the Business Continuity Plan.

During our work we have identified the following areas where we believe that the processes / arrangement within Data Centre, Backup and Disaster Recovery would benefit from being strengthened, and as a result of these findings medium priority recommendations have been made:

Having agreed a relevant Disaster Recovery Plan, it should be periodically tested. Lessons learnt from the tests should be formally documented and communicated to senior management at both Norfolk County Council and Great Yarmouth Borough Council. In addition, the Disaster Recovery Plans should be appropriately updated to reflect the lessons learnt using agreed change control protocols;

Management should consult with Norfolk County Council to satisfy themselves that Norfolk County Council can adequately support its services should its primary site at County Hall be unavailable for any reason;

Management should work with Norfolk County Council Management to understand the nature of the work being done to enhance the SCOM application to incorporate the monitoring of the Council's network switch infrastructure.

of 348


High Priority Recommendations One high priority recommendation has been raised as a result of this audit. Disaster Recovery Procedures Development of appropriate Disaster Recovery Plan (Recommendation 1) Management should work with Norfolk County Council to develop , agree and implement appropriate Disaster Recovery Plans that adequately support Great Yarmouth Borough Council's defined business priorities as set out in their Business Continuity Plan. Management Responses Management have accepted the recommendations raised.


Area of Scope

Adequacy of

Controls



High Medium Low Disaster Recovery Procedures

Red Red 1 0 0

Temporary Arrangements

Amber Amber 0 1 0

DRP Test Plan Red Red 0 1 0 Backup and Recovery

Green Green 0 0 0

Server Room Performance Monitoring

Green Green 0 0 0

Server Room Physical access Controls

Green Green 0 0 0

Server Room Environmental Controls

Amber Amber 0 0* 0

Planning and Change Control Arrangements

Red Red 0 0** 0

Systems Performance Monitoring

Amber Amber 0 1 0

Total

1 3 0

of 348

Appendix 2(6) Report No. GY/14/19 – Final Report issued 10 September 2013 Audit Report on Remote Access Audit Scope The audit reviewed the systems and controls in place for remote access to ensure that they are operating adequately, effectively and efficiently within the following areas;

Policies and procedures; Remote access monitoring; Remote access change controls; and, Access Controls.

Assurance Opinion



Good Assurance

Rationale supporting the award of the opinion The system of internal control is, overall, deemed adequate in managing the risks associated with Remote Access that fall within the scope of this audit. The assurance opinion has been derived as, although a number of controls were found to be in place and working effectively, further improvements were required to ensure regular reviews are conducted of both policies governing remote access and users granted remote access permissions, the development of a process for staff to sign up to remote access policies similar to that in place for suppliers, the continued roll out of the two-factor authentication and the disabling of supplier remote access when not specifically requested/required. This has resulted in five medium recommendations being raised. Additionally, one low priority recommendations has been raised for the pro-active monitoring of remote access connections. Positive Findings We found that the Council has demonstrated the following points of good practice whereby sound controls are in place and operating effectively:

The Norfolk County Council change control and incident management processes that are also used for managing change and security incidents for Great Yarmouth Borough Council systems are considered to be adequate; and

All remote access connections are being logged. Control weaknesses to be addressed During our work we have identified the following area(s) where we believe that the processes / arrangement for Remote Access would benefit from being strengthened, and as a result of these findings the following medium priority recommendations have been made.

The Great Yarmouth IT Security Policy and Contractors/Suppliers connecting to the Great Yarmouth BC Network Policy should be reviewed as soon as possible, with at least annual scrutiny thereafter to check the on-going adequacy and completeness of provisions documented therein;

of 348

All users with remote access privileges should be required to formally sign off their acceptance of specific remote access policies upon receipt of such privileges and thereafter when policies are subsequently updated;

Regular reviews of accounts with remote access privileges should be conducted to identify accounts no longer used;

Users should be migrated to the new two–factor authentication model that the suppliers have already been migrated to; and

Supplier accounts should be disabled by default and only opened following an authorised change request.

Additionally, one low priority recommendation has been put forward to promote proactive monitoring of remote access connections in the future. Summary of the adequacy and effectiveness of controls

High Priority Recommendations No high priority recommendations have been raised as a result of this audit. Management Responses Management have accepted the recommendations raised.


Area of Scope

Adequacy of

Controls



High Medium Low Policies and Procedures

Amber Amber 0 2 0

Monitoring of remote access

Amber Amber 0 0 1

Remote access change controls

Green Green 0 0 0

Access controls

Amber Amber 0 3 0

Total

0 5 1

of 348

Appendix 3

COMPUTER AUDIT NEEDS ASSESSMENT AND STRATEGIC PLAN


GY/14/18 – Final

October 2013

of 348


Computer Audit Needs Assessment and Strategic Plan

CONTENTS

SECTION PAGE

1. INTRODUCTION 1

2 AUDITABLE AREAS 1

3. PRIORITISATION CRITERIA 2

4. METHODOLOGY 2

5. RISK ASSESSMENT APPROACH 2

6. COMPUTER AUDIT PRIORITY ANALYSIS 3

7. ANNUAL COMPUTER AUDIT ACTIVITY PLANS 4

APPENDIX 1 CANA METHODOLOGY 10

of 348

1

1. INTRODUCTION

We are pleased to present our Computer Audit Needs Assessment and Strategic Plan for Great Yarmouth Borough Council. We believe that such an assessment is a vital component of the planning process and allows direction of audit effort towards areas of risk within the IT environment that are of specific importance to the Authority. Our approach reflects our philosophy that the computer audit function should be seen as a constructive management tool that provides useful advice to management on the efficiency and effectiveness of systems, procedures and operations. This approach has been successfully introduced across a wide range of our clients including those in the Public Sector.

The following sections give further details of how our assessment has been conducted and the conclusions we have reached.

2. AUDITABLE AREAS

We assess the risk in terms of a number of audit areas so that audit types are distinguished by different audit risk objectives, e.g. Applications, Management issues and Infrastructure.

The nature of auditable areas differs between audit types, e.g. for an application audit the auditable area can be within a specific installation, for Management and Infrastructure audits it can be Council wide, departmental, outsourced, or some combination of these, and impact on a variety of corporate risks. These areas were discussed with the interviewees to establish their views on the inherent risk of each of the audit areas, and previous external audit reports were reviewed to identify areas of weaknesses which were identified.

It is important to note that although audits are planned separately, so that the appropriate criteria can be applied to each type of audit, it may be appropriate to combine audits for the purposes of execution. Where this is in the best interest of the Council, synergy between audits has and will be sought.

The following notes set out the ground rules and the proposed definitions of units for each of the audit types.

Ground rules

As far as practicable, the audit types have been divided so that the auditable areas:

are comparable with each other - significance analysis is ineffective if unlike units are compared, e.g. comparing an existing system with a project;

represent logical groupings which will result in an efficient use of audit resources;

reflect the reporting lines within the organisation so that any issues raised have immediate relevance to an identified management team and the channels for communicating findings are clear;

provide a reasonably homogeneous population, especially as regards size - there should not be extremely large or extremely small audit units in the same population; and

are of manageable size.

of 348

2

3. PRIORITISATION CRITERIA

This section sets out the approach used for determining priorities. A significance analysis was performed, which took account of both the risk and the possible consequence of a breakdown in controls. The detailed methodology factors are shown below.

4. METHODOLOGY

Assessment Categories

The Risk Assessment model takes account of four assessment categories to produce a risk index for each auditable area. The auditable area is scored in each category using assessment criteria to gauge the degree of risk or materiality associated with the particular area. The table below summarises the four assessment categories and what each is intended to measure.

Assessment Category Measure

Corporate Importance – Objectives/Priorities Corporate materiality

Corporate Sensitivity – Impact Political materiality

Inherent Risk Inherent vulnerability

Control Risk Control effectiveness

The full definition for each category and the scoring criteria are described in Appendix 1.

5. RISK ASSESSMENT APPROACH

Auditable areas

In order to identify the auditable areas and establish the areas of risk or specific importance within the Council, we adopted an approach involving discussion and review of the current position. Information was gathered by completing the Computer Audit Needs Assessment matrix with four selected officers within the Council. These individuals are identified below.

In addition to the input from Council personnel to the needs assessment matrix, the following information was also included:

review of the available information within the current Internal Audit Strategy;

background information obtained from previous audits and our discussions to date with the Council;

professional judgement after careful consideration of the key risks to the Council with the above officers; and,

Name Title

Miranda Lee Group Manager, Customer Services

Geoff Jones Information Manager

Victor Moraru Principal Server Analyst, NCC

Beverley Houghton ICT Shared Service Business Partner, NCC

of 348

3

review of current and previous computer audit plans and local strategic issues facing the Council.

This has resulted in auditable areas being classified into four bands according to their significance. These bands have been used to determine the priority and frequency of audits to be undertaken. Band Very High (VH) is the highest and contains the systems identified as of most significance to the organisation, and Band Low (L) the least significant.

Those in the higher bands will normally be audited more frequently and to a greater depth than those in the lower bands, unless special requirements arise as a result of specific management concerns about an area.

Assessment of Needs

The Needs Assessment is based on an audit analysis of 40 discrete auditable areas which together are considered to comprise the key aspects of the IT environment within the Council. A separate analysis was also carried out to complement these areas to determine the Council’s key applications and upcoming projects, which have also been incorporated into the Needs assessment.

6 COMPUTER AUDIT PRIORITY ANALYSIS Table 1

PROPOSED STRATEGIC COMPUTER AUDIT PLAN FOR 2013/14 TO 2016/17

FROM STRATEGIC COMPUTER AUDIT NEEDS ANALYSIS AUDITABLE AREA Risk Last

Audited13/14 14/15 15/16 16/17

Other Computer Audit Needs Assessment (CANA) 5 5 Follow up of audit recommendations 4 4 4 4 Infrastructure Network Security VH 2012/13 12 Remote Access (Supplier and User) M 7 Mobile Device Security VH 10 Management Issues Business Continuity H 2012/13 7 Data Centre, Backup & Disaster Recovery VH 9.5 8* Software Licensing VH 7 DPA & FoI VH 10 Applications Revenues & Benefits – IBS VH 2010/11 12 BACS Transfer H 3 Environmental Health (Flare) H 7 HR/Payroll (Chris21) H 2010/11 10 Financial Management System (IB Solutions) VH 2011/12 11 Total 37.5 34 34 34 * Excludes backup element of scope

Where possible a number of audits where there is a crossover in scope have been consolidated to provide efficiencies. Some areas of scope are covered as part of a number of audits and therefore have not been included as a separate audit.

When scheduling the proposed timetable for auditing specific areas, the date the areas was last audited, together with the assurance opinion provided at that time has been considered. Additionally, timescales were discussed to identify if there were any

of 348

4

factors that might affect the timing of the audit that should be considered, for example new or improved system/process to be implemented.

The table below shows that eleven areas have been put into reserve as, although deemed important, they have either been recently audited, the last audit grade was Adequate or higher, use established software solutions or are time dependent.

Table 2 RESERVE AUDITS

AUDITABLE AREA Risk Days Infrastructure Firewall M 7 Virtualisation M 10 IT Strategy M 6 Data Back Up M 6 Management IssuesProgramme Management M 7 Applications Register of Electors, Postal Vote Counter Software (EROS) M 10 Document Imaging and Workflow (Civica DM) M 10 Cashiers system (Axis) M 12 Licensing (Lalpac) M 10 Planning & Building Control (Ocella) M 10 GIS (CADcorp) M 10

7. ANNUAL COMPUTER AUDIT ACTIVITY PLANS Table 3

Annual Computer Audit Plan 2013/14

AUDITABLE AREA Risk Days

Other Computer Audit Needs Assessment (CANA) 5 Follow up of audit recommendations 4 Infrastructure Remote Access (Supplier) M 7 Management Issues Data centre, backup and DR VH 9.5 Applications Benefits and Revenues (Reduced Scope) VH 12 Total 37.5

The above extract (Table 3) from the Strategic Computer Audit Needs Analysis (Table 1) shows that three areas are due for review as part of the 2013/14 Audit Plan. These reviews are:

Computer Audit Needs Assessment

A Computer Audit Needs Assessment (CANA) takes into account the current infrastructure and IT requirements at the Council to help develop a strategic, risk based Audit plan to cover the next three years. This report is the output from the CANA.

Data Centre, Backup and DR

of 348

5

The audit will look at how the Council manages its Data Centre, Data Backup processes and relevant Disaster Recovery processes. In previous years this audit has been undertaken in conjunction with Business Continuity, however, as Business Continuity is not an IT responsibility where Disaster Recovery is (although feeding from the Business Continuity requirements), they are now treated as separate audits so responsibility is no longer distorted between the two.

Benefits and Revenues (Reduced Scope)

IBS OpenRevs from Civica is the Council’s Revenues and Benefits System. The purpose of the Revenues and Benefits Application is to maximise the collection of local taxes and miscellaneous credit income at a minimum cost, whilst actively promoting benefits in qualifying cases in accordance with statutory and local requirements, and protecting public funds by reducing fraud and error. In order to achieve this, the application needs to be secure whilst allowing authorised access and processing to be carried out. This application was last audited in 10/11 where it achieved an adequate assurance. In the 13/14 audit plan we will be reducing the scope by not covering the Data Input and Output controls as these are relatively static. The audit will therefore look at the following aspects of the Application:

Access Controls;

Data Processing;

Interfaces;

Management Trails;

Backup and Recovery; and

Support Arrangements and Change Controls.

Table 4 Annual Computer Audit Plan 2014/15

AUDITABLE AREA Risk Days Other Follow up of audit recommendations 4 Management Issues Software Licensing VH 7 DPA & FoI VH 10 Applications BACS Transfer (Microgen) H 3 HR/Payroll (Chris21) H 10 Total 34

The above extract (Table 4) from the Strategic Computer Audit Needs Analysis (Table 1) shows that four areas are due for review as part of the 2014/15 Audit Plan.

These reviews are:

Software Licensing

of 348

6

A Software Licensing audit assesses the adequacy and effectiveness of Software Licensing and Management within the Council and has not been reviewed to date. The purpose of this audit is to provide high level assurance over a number of key activities and services both within ICT and the Council and includes:

Software Policies;

Software Inventory;

Security of Software;

Software Copyright; and

Software Licensing Procurement.

Data Protection & Freedom of Information

This audit will look at the Data Protection and Freedom of information arrangements in place within the Council. These areas have traditionally been included within other audits at a high level and have now been chosen for a more detailed review. There are a number of changes being introduced in terms of shared and hosted systems, for example CMIS (new Committee Management System) and ECINS (multi media case management system for the Empowering Communities which is in place for multi agency case management of licensed premises and houses of multiple occupation), where data is to be shared mutually with other public sector organisations. The timing of the audit is to allow the work to complete before the Data Protection aspects of the scope can be reviewed.

BACS Transfer system (Microgen)

The Council’s BACS transfer application has been placed in the 2014/15 plan to allow work to replace the current Microgen application with a similar one managed by Norfolk County Council to complete. This is a reduced scope audit to look at the security aspects of this system and will cover:

User responsibilities;

Access Control;

Management trail; and

Maintenance, contingency and recovery.

HR/Payroll (Chris21)

Chris 21 is the Council’s HR/Payroll application. Payroll processes have included an element of hosted services whereby Frontier process the payroll having received relevant files from the Council. There is some work underway to bring that aspect of the process back in house and, hence, an audit of the application has been placed within the 2014/15 plan to allow that work to complete. This area was last audited in 2010/11and received a Limited assurance at that time. This audit will cover the following aspects:

Access controls;

Data input;

Data processing;

Data output;

Interfaces; of 348

7

Backups; and

Support and maintenance.

Table 5


AUDITABLE AREA Risk Days Other Follow up of audit recommendations 4 Infrastructure Network Security VH 12 Management Issues Business Continuity H 7 Applications Financial Management System (IB Solutions) VH 11 Total 34

The above extract (Table 5) from the Strategic Computer Audit Needs Analysis (Table 1) shows that three areas are due for review as part of the 2015/16 Audit Plan. These reviews are:

Network Security

The network infrastructure enables users to connect to servers and equipment which is not directly connected to their own physical PC or workstation. This could be on the next desk (as in printers), other rooms, other buildings or even other countries depending on the type of network. A review of the network security will look at how the Council’s network is accessed, how it is supported and monitored and how the network is secured against unauthorised access. As part of the audit we will use a Computer Audit Tool called SekChek to look at the Network Server Operating System (O/S) configuration and logical access controls. This audit was last undertaken in 2012/13 and received a Limited audit opinion. That audit also included Network infrastructure, administration and telecoms management, which have been excluded on this occasion because elements of this scope overlaps with the Public Sector Network (PSN) Health check, although recommendation raised in relation to these areas will be reviewed during this audit.

Business Continuity

The audit will look at the Council’s Business Continuity arrangements. Business Continuity is the foundation, which will help the Council continue operations in the event of a disaster or significant incident affecting Council staff, premises or systems. Business Continuity concentrates on the user end of the recovery process and is also a key requirement of the 2004 Civil Contingencies Act. This area was last audited in 2012/13 and received a Limited assurance, which has resulted in a new review being planned for the 2015/16 audit year to allow remedial work to be completed.

Financial Management System (AP, AR and GL) – (CAPITA IB Solutions)

The Council’s financial application is of critical importance to the Council’s operation. This audit will cover the application controls for the key financial modules within the application including Accounts Payable, Accounts

of 348

8

Receivable and General Ledger. The application was last reviewed in 2011/12 using a reduced scope, which resulted in an adequate audit opinion being given. As it has received a ‘Very High’ risk rating on this occasion and taking into account that fact that it has only been audited quite recently, it has been placed within the 2015/16 audit plan. The areas covered in this audit will include:

Access controls;

Data Input;

Data Processing;

Data Output;

Interfaces;

Management Trails;

Backup; and

Support Arrangements and Change Controls.

Table 6


AUDITABLE AREA Risk Days

Other Computer Audit Needs Assessment (CANA) 5 Follow up of audit recommendations 4 Infrastructure Mobile device security VH 10 Management Issues Data Centre and Disaster Recovery VH 8 Applications Environmental Health (Flare) H 7 Total 34

The above extract (Table 6) from the Strategic Computer Audit Needs Analysis (Table 1) shows that three areas, together with a Computer Audit Needs Assessment, are due for review as part of the 2016/17 Audit Plan. These reviews are:

Computer Audit Needs Assessment

A Computer Audit Needs Assessment (CANA) takes into account the current infrastructure and IT requirements at the Council to help develop a strategic, risk based Audit plan to cover the next three years. This report is the output from the CANA.

Mobile device security

This audit has traditionally separated laptops from other mobile devices. As both types of devices are now considered to be the same, the scope has been combined into one audit of mobile device security. As there is a County-wide project known as the “Digital Norfolk Ambition” (DNA) being planned and which will affect how mobile devices will be used, this audit has been placed within the 2016/17 audit plan to give the project time to complete. The audit will look at the following areas:

of 348

9

Mobile device strategy;

Mobile device security policy;

Technical security;

Anti-Virus protection;

Asset management;

Mobile device management; and

Flash drive and portable storage devices.

Data Centre and Disaster Recovery

This audit has also been planned for the 2013/14 audit year and has been included again in the 2016/17 audit plan to take account of the fact that Norfolk County Council are about to conduct a full review of their Data Centre, which will also affect their customers, which includes Great Yarmouth Borough Council. The audit will look at how the Council manages its Data Centre and relevant Disaster Recovery processes.

Environmental Health application (APP Flare)

Flare is to replace the current environmental health application, which has not previously been audited at Great Yarmouth Borough Council. Hence, it has been placed within the 2016/17 audit plan to allow the changes to be completed and taking account of the fact that it has received a ‘High’ risk rating. The remit of the Environmental Health Service is the protection of public health and the environment. This is achieved through the regulation of Environmental Health legislation and includes working with businesses, the public and other agencies. The work undertaken by the service includes food safety, occupational health and safety, environmental protection, general public health and environmental health licensing. This is managed through the Council’s environmental health application. This is a reduced scope audit to concentrate on the security aspects of the application and the areas covered in this audit will include:

Access controls to the application;

Data Processing and Interfaces;

Management Trails;

Backup and Recovery; and

Support and Maintenance.

of 348

10

APPENDIX 1 Governance-based COMPUTER Audit Needs Assessment Methodology

Assessment Categories

The Risk Assessment model takes account of four assessment categories to produce a risk index for each auditable area. The auditable area is scored in each category using assessment criteria to gauge the degree of risk or materiality associated with the particular area. The table below summarises the proposed four assessment categories and what each is intended to measure.

Assessment Category Measure

A Corporate Importance – Objectives/Priorities Corporate materiality

B Corporate Sensitivity – Impact Political materiality

C Inherent Risk Inherent vulnerability

D Control Risk Control effectiveness

The full definition for each category and the scoring criteria are described overleaf.

of 348

11

Assessment Process

Assessment was based on professional judgement after careful consideration of the key risks to the Council with the IT Manager and Director of Finance, Property and IT, a review of current and previous computer audit plans and local strategic issues facing the Council.

The following steps were followed in performing the risk assessment:

Step Action

1 Select the Application/Operating System and Corporate Controls to be risk assessed, to ensure a clear and unambiguous understanding of the area under review. This is normally called the Auditable Area

2 Select the most appropriate assessment criterion and therefore the score in each assessment category

3 Record the scores.

4 Compute the risk index by reference to the following section

Calculation of the Audit Risk Index

Internal Audit risk is the product of risk and materiality. In valuing materiality it is appropriate to add the constituent assessments of Corporate Importance and Corporate Sensitivity to generate a Materiality Factor on a scale of 100.

Total Risk is the product of inherent and control risk. For the purposes of simplicity in this model Inherent Risk is assessed on a scale of 5-10 and Control Risk on a scale of 2-10. The minimum Risk Factor is produced by multiplying these components is therefore 10% (2 x 5).

The Audit Risk Index for each auditable area is, therefore, the Materiality Factor multiplied by the Risk Factor.

Results of the Audit Risk Assessment

The structured list of auditable areas with illustrative assessment scores is reported in Appendix C. The Appendix further summarises the scores to give the Risk Factor and Materiality Factor and the resultant Audit Risk Index.

The list of auditable areas is then ranked by reference to the Audit Risk Index and grouped as high, medium or low priority. The top third are considered to be high priority, the next medium priority, and the bottom third low priority.

of 348

12

Internal Audit Risk Assessment Matrices

A Corporate Importance This aspect considers the effect on a Council of any inability to achieve management defined service objectives should the system or process fail. This aspect also takes into account the financial exposure or materiality of the area. The consequential impact, either directly or indirectly, on other systems and processes is also relevant to the assessment. Overall it is a measure of the extent to which the Council depends on the correct running of the system to achieve its strategic objectives.

Score Risk to Department, Corporate and/or Service Objectives

Operational Risk Exposure Financial Risk Exposure

10 Negligible impact on achievement of service objectives. This would still be achieved with minimum extra cost or inconvenience.

or Minor inconvenience or Under 2% of total operating income or net assets.

20 Service objectives only partially achievable without compensating action being taken or reallocation of resources.

or Difficult to recover or Between 2% and 10% of operating income or net assets.

30 Unable to achieve service objectives without substantial additional costs or time delays or adverse effect on achievement of national targets / performance indicators.

or Permanent loss of data or Between 10% and 30% of operating income or net assets.

40 Unable to achieve service objectives resulting in significant visible impact on service provision such as closure of facilities.

or Unable to restore system or Between 30% and 50% of operating income or net assets.

50 Unable to achieve service objectives, resulting in inability to fulfil corporate obligations.

or Council unable to function or Over 50% of total operating income or net assets

of 348

13


B Corporate Sensitivity This aspect takes into account the sensitivity / confidentiality of the information processed, or service delivered by the system, or decisions influenced by the output. It also assesses any legal and regulatory compliance requirements. The measure should also reflect any management concerns and sensitivities.

Score Risk to Public Image Risk of Adverse Publicity

Risk to Accountability Risk of non-legal Compliance

10 Negligible consequences or No regulatory requirements

20 Some public embarrassment but no damage to reputation or standing in the community

or Information would be of interest to local press

or Minimal regulatory requirements and limited sensitivity to non-compliance

30 Some public embarrassment leading to limited damage

or Information would be of interest to local MPs

or Modest legal and regulatory requirements

40 Loss of credibility and public confidence in the service concerned

or Incident of interest to National Press

or Incident potentially leading to the dismissal or resignation of the responsible functional manager

or Extensive legal and regulatory requirements with sanctions for non-compliance

50 Highly damaging to reputation of the Council with immediate impact on public confidence

or Incident of interest to the External Audit and government agencies

or Incident potentially leading to the resignation or dismissal of a Chief Officer

or Possible court enforcement order for non-compliance

of 348

14


C Inherent Risk This aspect considers the inherent risk of the system, service, process or related assets to error, loss, irregularity, inefficiency, illegality or failure. The particular service sector, nature of operations and the pace of change will also affect the level of inherent risk. Similarly the relative complexity of the system will influence the inherent risk or error. The inherent vulnerability of a system, service or process cannot be altered, only mitigated by the quality of controls considered in section D.

Score Inherent Risk – Vulnerability

Risk of Error due to System Complexity

Risk resulting from Pace of Change

Risk to Asset Security

5 Low vulnerability Simple system with low risk of error

or No changes planned or Undesirable low value assets not at risk of fraud or loss

6 Medium or low inherent risk

or or Limited changes planned with reasonable timescale

7 Medium vulnerability or Moderately complex system with medium risk of error

or Moderate level of change over medium term

8 Medium to high inherent risk

or or Significant level of change with restricted timescale

10 Highly vulnerable or Complex system with high risk of error

or Extensive changes planned with short timescale

or Highly desirable assets exposed to high risk of fraud or loss

of 348

15


D Control Risk This aspect assesses the level of control risk based upon the results of past audits of the control environment under review. This aspect also takes into account of the operating history and condition of systems and processes and knowledge of management controls to minimise exposure to risk. CRSA and extensive Control Risk Workshops under the leadership of the Council’s Risk Manager could support evaluation.

Score History of Risk Management Success Management Risk and Control Environment

Condition of Risk Management Controls

2 No history of control weakness or There is effective risk management in place and adequate controls operated by risk-aware management

or Effective controls and robust attitude to the management of all material risks. Embedded risk management culture

4 No history of significant weakness or Good management risk and control environment

or Stable system with history of reliability and controls. Risk management issued considered regularly.

6 No high risk issues outstanding from the previous audit/investigation/best value/external review

or No knowledge of management risk and control environment

or Risk management and system controls not validated.

8 Some significant problems were identified and are known to be outstanding from the previous audit/review

or Some significant concerns have been expressed by management (through Controls Risk Workshops)

or Technical health of system of risk management and controls in doubt.

10 Major weaknesses in risk management and controls were identified and are known to be outstanding

or Major concerns have been expressed by management (through Controls Risk workshops)

or Obsolete system with history of problems and ineffective control. Little or no work undertaken on risk management.

of 348

Subject: Internal Audit’s Charter, Code of Ethics, Audit Strategy, Strategic

and Annual Audit Plans, Summary of Internal Audit Coverage and

Performance Indicators for 2014/15




This report provides an overview of the stages followed prior to the formulation of the Strategic Audit Plan for 2014/15 to 2016/17 and the Annual Audit Plan for 2014/15. The Annual Audit Plan will then serve as the work programme and initial terms of reference for the Authority’s Internal Audit Services Contractor, Mazars Public Sector Internal Audit Ltd, and provide the basis upon which the Internal Audit Consortium Manager will subsequently give Audit Opinions on Great Yarmouth Borough Council’s system of internal control and risk management, and corporate governance arrangements for 2014/15. Members’ attention is also drawn to the fact that this is the first time that an Audit Charter has been presented. Previously, Terms of Reference had been submitted annually, but now, in accordance with Public Sector Internal Audit Standards, which came into effect from 1 April 2013, it has been necessary to develop an Audit Charter to reflect how the Internal Audit Service will operate in accordance with updated mandatory standards. The foundations of the Public Sector Internal Audit Standards however are not so fundamentally different to those requirements formerly specified in the CIPFA Code of Practice for Internal Audit, although the structure of the Charter must follow a prescribed format which defines the purpose, authority and responsibility of the Internal Audit activity, and clear definitions need to be given of those governance elements fulfilling responsibilities of the ‘board’ and ‘senior management’ The Committee is requested to approve:

Internal Audit’s Charter for 2014/15; Internal Audit’s Code of Ethics for 2014/15; Internal Audit’s Strategy for 2014/15; The Strategic Audit Plan for 2014/15 to 2016/17; The Annual Audit Plan for 2014/15; The Summary of Internal Audit Coverage for 2014/15; and, Performance Indicators for 2014/15.

1. INTRODUCTION / BACKGROUND

1.1 In accordance with legislative, regulatory and best practice requirements, Great Yarmouth Borough Council has made arrangements for a continuous internal audit to examine the accounting, financial and other operations of the organisation. This is effectively achieved through contractual and group agreement arrangements, which exist between Great Yarmouth Borough Council and South Norfolk Council, whereby the Internal Audit Consortium Manager, based at South Norfolk Council, has developed on behalf of Great Yarmouth Borough Council, an Audit Charter and overarching Strategy which explain the methodology that has been

of 348

applied when determining future audit coverage of the organisation’s business operations.

1.2 A number of other key supporting papers have also been developed to ensure clarity regarding the Code of Ethics that will be adopted by Internal Auditors, together with the Performance Indicators to be used to monitor service delivery. In conjunction with these documents, an insight into future audit input envisaged over the next 3 years has been provided via a new Strategic Audit Plan for 2014/15 onwards, alongside a more detailed analysis of audit assignments being lined up for the next financial year. The sequencing of the latter is encapsulated in the Annual Audit Plan for 2014/15 and a Summary of Internal Audit Coverage has also been compiled, which explains where audit focus will be directed.

2. THE AUDIT CHARTER

2.1 The Public Sector Internal Audit Standards have been primarily introduced to:

Define the nature of internal auditing; Set basic principles for carrying out internal audit; Establish a framework for providing internal audit services, which add

value to the organisation, leading to improved organisational processes and operations.

Establish the basis for the evaluation of internal audit performance and to drive improvement planning.

As part of evidencing that these requirements are being adhered to, there is a duty on the Internal Audit Service to construct an Audit Charter which demonstrates how these elements are being handled and managed. The Internal Audit Consortium Manager for Great Yarmouth Borough Council has therefore compiled a Charter which covers off the above requirements, acknowledging too that some additional appendices have been needed to give further clarity on important issues such as the Code of Ethics and the Performance Indicators adopted by the Internal Audit function.

2.2 In migrating from previously maintained Terms of Reference (which were last reviewed by the Audit and Risk Committee in March 2013) to the establishment of an Audit Charter that fully complies with the mandatory standards, it has been necessary to:

Apply a revised definition of internal auditing. Under previous Code of Practice arrangements, the emphasis had been on Internal Audit as an assurance function, whereas now there is recognition that the function should be operating on two levels, providing assurance and also giving advice and guidance on governance and control, in a consulting capacity.

Utilise the Audit Charter to establish the purpose, authority and responsibilities of the Service provision, its rights of access and the scope of its activities.

Develop information explaining Quality Assurance and Improvement processes to be followed, which includes commentary on how both internal and external assessments willl be addressed.

of 348

Recognise and define in the Audit Charter, the terms ‘board’ and ‘senior management’ for the purposes of Internal Audit activity and acknowledge the role of the Chief Audit Executive. The interpretation of these important governance roles at Great Yarmouth Borough Council has therefore been examined at Section 4 of the Charter in the section covering Organisation and Relationships.

2.3 Finally, there is an obligation under the mandatory standards to review and re-present the Audit Charter in much the same way that previous Terms of Reference had to be revisited annually. The Charter has to be re-evaluated by the Internal Audit Consortium Manager to confirm its ongoing validity and completeness, and thereafter, the documentation requires the scrutiny and endorsement of senior management and the Audit and Risk Committee.

2.4 The Audit Charter can be found attached at Appendix 1 and is sub-divided into 10 Sections, which dovetail with key elements of the Public Sector Internal Audit Standards, whilst the Performance Indicators by which service delivery will be measured are included at Appendix 8.

3. CODE OF ETHICS

3.1 An addendum to the Audit Charter headed up ‘Internal Audit - The Code of Ethics for 2014/15’ sets out the expected behaviours of Internal Audit staff in relation to service delivery and is located at Appendix 2. The basis of standards of conduct for 2014/15 remain unchanged with reference to those followed by Internal Audit in 2013/14, as the Code of Ethics developed for the current financial year was originally rewritten to mirror the incoming obligations in this area as per the Public Sector Internal Audit Standards. It has, however, been necessary to make one small amendment to the Code of Ethics for 2014/15, in relation to Section 6 of the Code of Ethics, and this has been to mark the changeover from the Deloitte auditors to the Mazars auditors, the latter now being engaged to deliver the Annual Audit Plan for the Great Yarmouth Borough Council. It is to be noted that the nature of the Internal Audit Services contractor’s role has been more fully explored in several sections of the Audit Charter.

3.2 Aside from the Code of Ethics, the Internal Audit Consortium Manager in the role of the Chief Audit Executive will also be cognisant of and comply with requirements laid down in CIPFA’s Statement on the Role of the Head of Internal Audit, and it is further acknowledged that all Internal Audit staff will operate in accordance with their own professional bodies’ Code of Ethics, as well as any organisational Codes of Ethics or Conduct relating to their employer or the client authority served.

4. INTERNAL AUDIT STRATEGY

4.1 The Internal Audit Strategy (see Appendix 3) is another document that sits alongside the Audit Charter, but with the overarching purpose of establishing how the annual programme of audit assignments has been devised, in terms of the process followed when undertaking the annual audit needs assessment, the risk factors applied and how this information is then used to populate the Strategic and Annual Audit Plans.

of 348

4.2 Following a review of the Strategy and discussions with the Director of Resources, Governance and Growth and their Deputy – the Group Manager – Resources on 28 November 2013 and representatives of the Executive Management Team together with Group Managers on 4 December 2013 regarding audit coverage of Council operations envisaged over the next 3 years, management’s acceptance was obtained to proposals put forward. In the course of this liaison with management, it was further confirmed that it was no longer viable to support a previously agreed move from annual to 2-yearly audit examination of the system of risk management and corporate governance arrangements. The Public Sector Internal Audit Standards have influenced this change of approach, whereby Internal Audit will once again undertake annual assessments of the provisions in these areas.

4.3 When compiling the new Strategic Audit Plan for 2014/15 onwards, it was further noted that an audit earmarked for delivery in 2013/14 subsequently had to be deferred. This particular assignment relating to Performance Management, Corporate Policy and Business Planning had needed to be postponed at the time because the Council’s performance framework was undergoing considerable redevelopment with new measures being formulated. Hence, the requirement for this audit has been carried over to the new Strategic Plan, as well as the new Annual Audit Plan for 2014/15.

5. THE STRATEGIC AUDIT PLAN FOR APRIL 2014 TO MARCH 2017

5.1 The overarching objective of the Strategic Audit Plan (included at Appendix 4) is to provide a comprehensive programme of review work over the next three years, with each year providing sufficient audit coverage to give annual opinions, which can be used to inform the organisation’s Annual Governance Statement.

5.2 In the past, there has been some variation, year-on-year, with regards to the number of planned audit days and projects requiring delivery by Internal Audit Services. Going forward, we confirm that there is a continuing need for wide ranging review work in order to meet Public Sector Internal Audit Standards and the revised definition of Internal Auditing that they have introduced but we have also tried to balance the quota of days required annually, smoothing out peaks and troughs in audit coverage arising in the past. We have therefore striven to produce a new Strategic Audit Plan which satisfies the obligations of the Public Sector Internal Audit Standards, and provides a more predicable number of days per year, which equate to an acceptable minimum level of audit coverage capable of generating the requisite audit assurances to the organisation, whilst also being affordable, as confirmed with the Director of Resources, Governance and Growth.

5.3 In terms of bottom line yearly totals on the new Strategic Plan, they appear to have risen sharply compared with 2013/14, but this has been partly due to the fact that the originally approved Annual Audit Plan for 2013/14 aggregated 241 days, although this figure was later commuted to 230.5 days due to a saving of 0.5 days achieved when completing the computer audit review of Data Centre and Disaster Recovery and later agreeing with management to defer our scheduled review of Performance Management, Corporate Policy and Business Planning to the following year, which led to

of 348

a further reduction of 10 days to previously approved provisions. It is also to be noted that revised planned days for 2013/14 were also considerably lower than those requiring delivery in 2012/13, which totalled 273 days.

6. THE ANNUAL AUDIT PLAN FOR APRIL 2014 TO MARCH 2015

6.1 Having developed the Strategic Audit Plan, the Annual Audit Plan is next extracted, as can be seen in Appendix 5 to the report, with timings added to show the sequencing of assignments over the course of the financial year. The Annual Audit Plan for 2014/15 as already mentioned above totals 265 days, encompassing 20 assignments and audit verification work concerning audit recommendations implemented to improve the Council’s internal control environment.

7. SUMMARY OF INTERNAL AUDIT COVERAGE FOR 2014/15

7.1 The Summary information, attached at Appendix 6 has next been formulated to give an indication as to the nature of forthcoming work over the next 12 months. The information has been developed to ensure that the Executive Management Team, Group Managers and the Audit and Risk Committee have a clear understanding as to the direction of Internal Audit work over the course of the new financial year, but additionally, that both External Audit and the Internal Audit Services contractor receive a steer as to the focus of individual audits over the coming year. Certainly, as far as the Internal Audit Services contractor is concerned; the Summary document offers a starting point for more detailed audit planning meetings with management. However, the guidance therein should be viewed with some flexibility, as the scope and subsequent parameters for some audits may need to alter in the event of changing corporate priorities, and/or terms of reference requiring adoption may not become wholly clear until discussions have been held with management as to the key priorities and risks facing service delivery, as well as due consideration being given to how forthcoming audits might potentially add further value for the organisation.

7.2 In the course of reviewing the Summary of Internal Audit coverage, it is also helpful to look at this future planned input in conjunction with the outcomes of previous work conducted in the relevant areas. For this purpose, the Assurance Chart is provided (as attached at Appendix 7), which records previous opinions given to areas audited.

8. CONCLUSION 8.1 In reviewing and approving the Audit Charter and related strategic and

operational audit planning information, the Audit and Risk Committee is making appropriate provisions to ensure that the Internal Audit requirements as stated in the Local Government Finance Act 1982, c.32 and the Accounts and Audit Regulations 2011 are being properly met, and due support is being given to securing an Internal Audit Service, which is compliant with statutory internal auditing standards applicable to public sector organisations.

of 348


Steps have been taken when formulating Internal Audit coverage for the year

ahead, to ensure that the proposals put forward are affordable and do not exceed

the approved audit budget for 2014/15.

LEGAL IMPLICATIONS:

None

EXECUTIVE MANAGEMENT TEAM CONSULTATION:

The new Audit Plans have been agreed with the Director of Resources,

Governance and Growth (specifically in his role as Section 151 Officer), as well as

representatives of the Executive Management Team and Group Managers.

RECOMMENDATIONS It is recommended that the Committee approve:

Internal Audit’s Charter for 2014/15; Internal Audit’s Code of Ethics for 2014/15; Internal Audit’s Strategy for 2014/15; The Strategic Audit Plan for 2014/15 to 2016/17; The Annual Audit Plan for 2014/15; The Summary of Internal Audit Coverage for 2014/15; and, Performance Indicators for 2014/15.






Issues None

Legal None

Financial As above

Risk A failure to approve the Plans presented could result in additional risks to the authority, through the Internal Audit Consortium Manager not being able to provide the necessary opinions, and the External Auditors being required to perform additional audit testing. There is also the risk that reductions in Internal Audit coverage could lead to ongoing weaknesses in the internal control environment at the Council not being detected and reported upon, and subsequently resolved

of 348

through remedial work being taken.

Sustainability None

Equality None


Human Rights None


Appendices attached to this report

Appendix 1: Terms of Reference for Internal Audit for 2014/15 Appendix 2: Internal Audit – Code of Ethics for 2014/15 Appendix 3: Internal Audit Strategy for 2014/15 Appendix 4: Strategic Audit Plan – April 2014 to March 2017 Appendix 5: Annual Audit Plan – April 2014 to March 2015 Appendix 6: Summary of Internal Audit Coverage for 2014/15 Appendix 7: Assurance Chart Appendix 8: Performance Indicators for 2014/15

of 348

Appendix 1 GT YARMOUTH BOROUGH COUNCIL

INTERNAL AUDIT CHARTER FOR 2014/15

1. Introduction 1.1 Organisations in the UK public sector have historically been governed by an

array of differing internal audit standards. The Public Sector Internal Audit Standards (the PSIAS), which took effect from the 1 April 2013, and are based on the mandatory elements of the Institute of Internal Auditors (IIA) International Professional Practices Framework (IPPF) now provide a consolidated approach to promoting further improvement in the professionalism, quality, consistency, transparency and effectiveness of Internal Audit across the whole of the public sector.

1.2 The PSIAS require that all aspects of Internal Audit operations are

acknowledged within an Audit Charter that basically defines the purpose, authority and responsibilities of the service provision. The Charter therefore establishes the position of the Internal Audit Service within Gt. Yarmouth Borough Council; its authority to access to records, personnel and physical properties relevant to the performance of engagements; in addition to defining the scope of Internal Audit activities.

1.3 There is also an obligation under the PSIAS for the Charter to be periodically

reviewed and presented to the Audit Committee, the Section 151 Officer and senior management. This Charter will therefore be revisited annually to confirm its ongoing validity and completeness, and be circulated in accordance with the requirements specified above.

2. Purpose 2.1 In accordance with the PSIAS, Internal Auditing is defined as an independent,

objective assurance and consulting activity designed to add value and improve the Council’s operations. It helps the Council accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

2.2 However, it should also be appreciated that the existence of Internal Audit

does not diminish the responsibility of senior management to establish appropriate and adequate systems of internal control and risk management. Internal Audit is not a substitute for the functions of senior management, who should ensure that Council activities are conducted in a secure, efficient and well ordered manner with arrangements sufficient to address the risks which might adversely impact on the delivery of corporate priorities and objectives.

3. Authorisation 3.1 The requirement for an Internal Audit Service is outlined within the Accounts

and Audit Regulations 2003, as amended in 2006 and 2011, which state that “a relevant body must undertake an adequate and effective internal audit of its accounting records and of its system of internal control in accordance with

of 348

the proper practices in relation to internal control”. This statutory requirement for continuous Internal Audit has been formally recognised and endorsed within Gt. Yarmouth Borough Council’s Constitution.

3.2 Further, there are additional requirements place upon the Chief Audit

Executive (as more fully defined below in Section 4 - Organisation and Relationships), to fulfil all aspects of CIPFA’s Statement on the Role of the Head of Internal Audit in Public Sector Organisations, whilst the Council’s Constitution makes Internal Audit primarily responsible for carrying out an examination of the accounting, financial and other operations of the Council, under the independent control and direction of the Section 151 Officer. The role of Section 151 Officer at Gt. Yarmouth Borough Council is fulfilled by the Director of Resources, Governance and Growth.

3.3 The internal audit activity, with strict accountability for confidentiality and

safeguarding records and information, is authorised to have full, free, and unrestricted access to any and all of the organisation's: records, documents and correspondence (manual and electronic)

relating to any financial and other transactions; physical properties, i.e. premises and land, plus cash, stores or any

other Council property; and, personnel – requiring and receiving such explanations as are

necessary concerning any matter under examination and generally assisting the Internal Audit activity in fulfilling its roles and responsibilities;

recognising that all of the requirements stated above are pertinent to Internal Audit being able to carry out its commitments/engagements. Such access shall be granted on demand and shall not be subject to prior notice, although in principle, the provision of prior notice will be given wherever possible and appropriate, unless circumstances dictate otherwise.

4. Organisation and Relationships 4.1 Within the PSIAS, the terms ’Chief Audit Executive,’ ‘Board’ and ‘Senior

Management’ are used to describe key elements of the organisation’s governance, and the ways in which they interact with Internal Audit. The PSIAS require that the terms are defined in the context of the governance arrangements in each public sector organisation, in order to safeguard the independence and objectivity of Internal Audit. At Gt. Yarmouth Borough Council, the following interpretations are applied, so as to ensure the continuation of the current relationships between Internal Audit and other key bodies at the Council.

4.2 Chief Audit Executive 4.2.1 At Gt. Yarmouth Borough Council, the Chief Audit Executive is the Internal

Audit Consortium Manager based at South Norfolk Council. This is due to the fact that Gt. Yarmouth’s Internal Audit Service is delivered by means of a Group Agreement that exists between Breckland, Broadland, South Norfolk and North Norfolk District Councils, Great Yarmouth Borough Council and the Broads Authority, collectively known as the Norfolk Internal Audit Consortium. All authorities have signed an agreement under which South Norfolk Council procures delivery of Annual Audit Plans and any specified ad-hoc assignments from an external contractor on behalf of the six named

of 348

organisations. The contractor was originally Deloitte & Touche Public Sector Internal Audit Ltd but following a shares purchase agreement is now Mazars Public Sector Internal Audit Ltd, with effect from 1 February 2014. It is further noted that the current contract has been in place since 1 October 2007 and is due to expire on 30 September 2014.

4.2.2 As a consequence of the service structure outlined above, the Internal Audit Consortium Manager heads up an Audit Management Team situated within South Norfolk Council’s Corporate Resources Directorate, acts as the Contract Manager to Mazars Public Sector Internal Audit Ltd, and reports directly to the Deputy Chief Executive at South Norfolk Council for administrative purposes.

4.2.3 The Internal Audit Consortium Manager also has a direct line of reporting to the Director of Resources, Governance and Growth at Gt. Yarmouth Borough Council given that this individual is the Council’s ‘Responsible Financial Officer/Section 151 Officer’, who is charged with controlling and directing a continuous Internal Audit.

4.2.4 In response to requirements laid down within the PSIAS, it is further confirmed that the Internal Audit Consortium Manager has a direct reporting line and free and unfettered access to the Chief Executive at Gt. Yarmouth Borough Council.

4.3 Board 4.3.1 In the context of overseeing the work of Internal Audit at Gt. Yarmouth

Borough Council, the ‘Board’ will be the Audit and Risk Committee of the Council, which has been established as part of the Corporate Governance arrangements at the Council. The Committee is responsible for the following with reference to Internal Audit:

Agreeing the Internal Audit Charter. Approving the risk based Strategic and Annual Audit Plans, together

with a Summary of Internal Audit Coverage for the forthcoming financial year.

Reviewing progress achieved in relation to the completion of assignments featuring in the Annual Audit Plan.

Monitoring delivery of agreed Audit Recommendations. Approving updated versions of the Anti-Fraud and Corruption Policy

and Whistleblowing Policy, as appropriate. Considering the findings and conclusions of any Special/Ad-hoc

investigations commissioned by the Audit and Risk Committee or members of the authority’s senior management, i.e. Executive Management Team.

Noting the Annual Report and Opinion of the Internal Audit Consortium Manager.

Undertaking Annual Audit Committee Self Assessment exercises. Considering the outcomes of the Annual Review of the Effectiveness

of the Internal Audit Service. Overseeing External Assessments of the Internal Audit Service, at

least once every 5 years. Approving the Audit Joint Working Protocol between Internal and

External Audit.

of 348

4.3.2 Internal Audit will work closely with the Chair and members of the Audit and Risk Committee to facilitate and support the activities of the Committee. Moreover, the Internal Audit Consortium Manager also has a direct reporting line, and free and unfettered access to the Chair of the Audit and Risk Committee.

4.4 Senior Management 4.4.1 In the context of ensuring effective liaison between Internal Audit and senior

officers responsible at Gt. Yarmouth Borough Council for specific aspects of internal control and governance, in a way that ensures the independence of Internal Audit, and provides for a critical challenge to the way that Internal Audit activities are carried out, ‘Senior Management’ for the purposes of this Charter are the Executive Management Team of which the Section 151 Officer (Director of Resources, Governance and Growth) is a key member.

4.5 External Audit 4.5.1 In terms of Internal Audit’s interaction with the Council’s External Auditors –

Ernst and Young, an Audit Joint Working Protocol has been developed, which recognises the respective responsibilities of each body, relevant audit areas that will be covered, liaison and information sharing arrangements between the two bodies, audit testing and sample size requirements to be observed by the two bodies and generic key financial controls requiring examination each year. The Protocol has been primarily devised to minimise any potential duplication of work and determine the assurance that can be placed on the respective work of the two parties, whilst also ensuring that External Audit can place maximum reliance on the work of Internal Audit, wherever possible.

4.6 Other Internal Audit Service Providers 4.6.1 Internal Audit will also liase with other Council’s Internal Audit Service

providers, where shared service arrangements exist between themselves and Gt. Yarmouth Borough Council. In such cases, a dialogue will be opened with the other Council’s equivalent Chief Audit Executive to agree a way forward regarding the future auditing of ‘shared’ services, which will be both efficient and cost effective for all parties involved, and cause least disruption to the area(s) being audited.

4.6.2 In the event of Gt. Yarmouth’s Internal Auditors undertaking work for other Councils outside the Norfolk Internal Audit Consortium, arrangements over liability of internal audit work performed will be covered by either a Hold Harmless letter with Mazars Public Sector Internal Audit Ltd, or contractual arrangements will be extended through a Standard Letter of Engagement – whichever is the appropriate response at the time. Conversely, if the other Council’s Internal Auditors are nominated to undertake audit work on behalf of Gt. Yarmouth Borough Council, formal confirmation of their liability/accountability for that work will be required, so that full reliance can be placed upon the audit working papers and report generated in consequence. In addition, Gt. Yarmouth’s Internal Audit Consortium Manager will review all such work to ensure that it is providing the requisite assurances to feed into her annual audit opinion and should it be found that insufficient or inadequate work has been carried out, Gt. Yarmouth’s Internal Audit Consortium Manager reserves the right to request additional work is undertaken.

of 348

4.7 Other External Review and Inspection Bodies 4.7.1 The Internal Audit Section confirms it will likewise co-operate with all external

review and inspection bodies that are authorised to assess and evaluate the activities of the Council, to determine compliance with regulations, standards or targets. Internal Audit will, wherever possible, utilise third party assurances arising from this work.

5. Objectives and Scope 5.1 The provision of assurance services is the primary role of Internal Audit and

there is a duty of care on the Chief Audit Executive to give an annual internal audit opinion based on an objective assessment of the framework of governance, risk management and control. This responsibility to evaluate the governance framework far exceeds examination of controls applying to the Council’s core financial systems. Instead, Internal Audit is required to scrutinise the whole system of risk management, internal control and governance processes established by management.

5.2 Internal Audit also has a secondary role, whereby it will provide consultancy

services which are advisory in nature and generally performed at the request of the Council to facilitate improved governance, risk management and control, and potentially contribute to the annual audit opinion.

5.3 A risk based Strategic Audit Plan will be developed each year to determine an

appropriate level of audit coverage to generate an annual audit opinion, which can then be used to assist with the formulation of the Council’s Annual Governance Statement. Moreover, audit work performed will seek to enhance the Council’s overall internal control environment. In the event of deficiencies in arrangements being identified during audit assignments, Internal Audit will put forward recommendations aimed at improving existing arrangements and restoring systems of internal control to a satisfactory level, where relevant. The way in which the Strategic Audit Plan is evolved, is explored further within the Charter at Section 8.2 Audit Planning and, in Appendix 3 – Internal Audit Strategy.

5.4 In accordance with the PSIAS, the Internal Audit Service will evaluate and

contribute to the improvement of:

5.4.1 The design, implementation and effectiveness of the organisation’s ethics-related objectives, programmes and activities.

5.4.2 The effectiveness of the Council’s processes for performance management and accountability.

5.4.3 The Council’s IT governance provisions in supporting the organisation’s corporate priorities, objectives and strategies.

5.4.4 The Council’s risk management processes in terms of significant risks being identified and assessed; appropriate risk responses being made that align with the organisation’s risk appetite, the capturing and communicating of risk information in a timely manner, and its use by staff, senior management and

of 348

members to carry out their responsibilities and inform decision making generally.

5.4.5 The provisions developed to support achievement of the organisation’s strategic objectives and goals.

5.4.6 The systems formulated to secure an effective internal control environment.

5.4.7 The completeness, reliability, integrity and timeliness of management and

financial information.

5.4.8 The systems established to ensure compliance with legislation, regulations, policies, plans, procedures and contracts, encompassing those set by the Council and those determined externally.

5.4.9 The systems designed to safeguard Council assets and employees.

5.4.10 The economy, efficiency and effectiveness with which resources are used in

operations and programmes at the Council.

5.5 In addition to the areas recorded above, where Internal Audit will give input to their continuing enhancement; as previously acknowledged at Section 4.2.3 of the Charter, the Service will also provide support to the Director of Resources, Governance and Growth in the discharge of his duties as the Section 151 Officer with responsibility for the probity and effectiveness of the Authority’s financial arrangements and internal control systems.

5.6 Managing the risk of fraud and corruption is the responsibility of management.

However, as part of the scope of Internal Audit, it will be alert in all its work to the risks and exposures that could allow fraud or corruption to occur and will monitor the extent and adequacy of risk controls built into systems by management, sharing this information with External Audit.

5.7 In the course of delivering services encompassing all the elements stated

above, should any significant risk exposures and control issues subsequently be identified, Internal Audit will report these matters to senior management, propose action to resolve or mitigate these, and appraise the Audit Committee of such situations.

6. Independence

6.1 The Internal Audit Section operates within an organisational framework that preserves the independence and objectivity of the assurance function, and ensures that Internal Audit activity is free from interference in determining the scope of internal auditing, performing work and communicating results.

6.2 The framework allows the Internal Audit Consortium Manager direct access to

and the freedom to report unedited in her own name, as she deems appropriate, to the Audit and Risk Committee, the Chief Executive, Director of Resources, Governance and Growth (Section 151 Officer) and the Esecutive Management Team.

of 348

6.3 Internal Auditors have no operational responsibilities or authority over any of the activities that they are required to review. As a consequence, they do not develop procedures, install systems, prepare records, or engage in any other activity, which would impair their judgement. In addition, Internal Auditors will not assess specific operations for which they were previously responsible, and objectivity is presumed to be impaired if an Internal Auditor provides assurance services for an activity for which they had responsibility within the previous 12 months. Internal Auditors may however provide consulting services relating to operations over which they had previous responsibility.

6.4 If however, Internal Audit’s independence or objectivity is impaired in fact or

appearance, the details of impairment will be disclosed to senior management and the Audit and Risk Committee. The nature of the disclosure will depend upon the impairment.

6.5 The Internal Audit Consortium Manager will confirm to the Audit and Risk

Committee, at least annually, the organisational independence of the Internal Audit activity.

7. Professional Standards 7.1 Gt. Yarmouth Borough Council’s Internal Auditors operate in accordance with

the Public Sector Internal Audit Standards, 2013.

7.2 The Internal Auditors are also governed by the policies, procedures, rules and regulations established by Gt. Yarmouth Borough Council. These include the Constitution (with special attention to Financial Regulations and Finance Procedure Rules, plus Contract Standing Orders), the Anti-Fraud and Corruption Policy, and the Code of Conduct. Similarly, the Council’s Internal Auditors will be heedful of external bodies’ requirements (e.g. as identified by CIPFA), and all legislation affecting the Council’s activities.

7.3 The Council’s Internal Auditors will additionally adhere to the Code of Ethics

as contained within the PSIAS, details of which are explained at Appendix 2.

7.4 Internal Auditors will also demonstrate due professional care in the course of their work and consider the use of technology-based audit and other data analysis techniques, wherever feasible and considered beneficial to the Council.

7.5 All working arrangements and methodologies, which will be followed by the

Gt. Yarmouth Borough Council’s Internal Auditors are set out in the Audit Manual maintained by the Audit Management Team, the Specification within the Internal Audit Services Contract, and the Internal Audit Services contractor’s own Audit Manual and quality assurance processes.

8. Audit Resources and Planning 8.1 Audit Resources 8.1.1 The Internal Audit Consortium Manager will be professionally qualified

(CMIIA, CCAB or equivalent) and have wide internal audit management experience, to enable them to deliver the responsibilities of the role.

of 348

8.1.2 The Internal Audit Consortium Manager will ensure that the Internal Audit Service has access to a team of staff that have an appropriate range of knowledge, skills, qualifications and experience to deliver requisite audit assignments. The type of reviews that will be provided in year include computer audits, contract audits, systems reviews, grant certification work, consultancy input to new/modified systems, and special/fraud investigations.

8.1.3 In the event of special/fraud investigations being required, there is no contingency in the Audit Plans to absorb this work. Hence, additional resources will need to be made available to the Internal Audit Service when such input is necessary.

8.2 Audit Planning 8.2.1 In accordance with earlier statements made at Section 5.3 of the Charter, the

Chief Audit Executive will develop an annual audit strategy, together with strategic and annual audit plans and a summary of annual audit coverage using a risk based methodology, which takes into account documented corporate and operational risks, as well as any risks or concerns subsequently notified to the Internal Audit Consortium Manager by senior management. Copies of these documents will then be submitted to Executive Management Team for their approval prior to being taken forward to the Audit and Risk Committee for final endorsement, in advance of the new financial year to which they relate.

8.2.2 The audit strategy can be found in Appendix 3 and explains the processes followed to populate the risk based Strategic Audit Plan attached at Appendix 4. From the Strategic Audit Plan, an Annual Audit Plan will be extracted, which is included at Appendix 5 and a Summary of Annual Audit Coverage drawn up after consultation with senior management. Audit Coverage information is contained within Appendix 6.

8.2.3 The Annual Audit Plan includes the timing, as well as budget and resource requirements for the next fiscal year. Completion of the assignments is contracted to Mazars Public Sector Internal Audit Ltd and the outcomes of their work will be monitored throughout the year with any requested deviations to the approved Plan being agreed with the Section 151 Officer and the Chair of the Audit and Risk Committee, before then being brought to the attention of the Audit and Risk Committee through the periodic activity reporting process.

9. Reporting 9.1 Upon completion of each audit assignment, an Internal Audit report will be

prepared that: Provides an opinion on the risks and controls of the area reviewed, and

this will contribute to the annual opinion on the internal control environment, which, in turn, informs the Council’s Annual Governance Statement.

Provides a formal record of points arising from the audit and management responses to issues raised, to include acceptance of audit

of 348

recommendations with implementation timescales, as well as reasons for rejecting recommendations.

Prompts management to implement agreed actions within targeted dates. 9.2 The Internal Audit Consortium Manager or their nominated Deputy will

approve a draft version of all reports before their issue to the relevant officer, e.g. Chief Executive, Director and Group Manager. A copy is also supplied to the Director of Resources, Governance and Growth and the Group Manager - Resources.

9.3 Exit meetings are accommodated enabling senior management to discuss

issued Draft Audit Reports with the Internal Audit Services contractor, the Internal Audit Consortium Manager or their nominated Deputy.

9.4 Accountability for management’s response to Internal Audit recommendations

lies with the Chief Executive, Directors, and/or Group Managers, as appropriate, who can either, accept and implement guidance given or formally reject it. However, if audit proposals to strengthen the internal control environment are disregarded and there are no compensating controls justifying this course of action, an audit comment will be made in the Final Audit Report, reiterating the nature of the risk that remains and recognising that management has chosen to accept this risk. Furthermore, depending on the severity of the risk, the matter may be escalated upwards and drawn to the attention of the Audit and Risk Committee.

9.5 Final Audit Reports will be issued in line with agreed working protocols to the

relevant nominated officers. The Audit and Risk Committee will also be provided with management summaries from Final Audit Reports at each meeting, via Internal Audit’s Progress Report and the Internal Audit Consortium Manager’s Annual Report.

9.6 Where Action Plans apply to Final Audit Reports – these will be subject to

follow up input. Management are requested to comment on progress achieved in relation to agreed actions at regular intervals (to coincide with Audit and Risk Committee meetings), following formal issue of the Final Audit Report. In addition, Internal Audit will undertake verification work to review evidence of action initiated and the outcomes of this work will be communicated to the Audit and Risk Committee at each meeting.

9.7 The Internal Audit Consortium Manager’s Annual Report

This will contain the annual audit opinion commenting upon:

9.7.1 The scope including the time period to which the opinions pertains;

9.7.2 Scope limitations; 9.7.3 Consideration of all related projects including the reliance on other assurance

providers;

9.7.4 The risk or control framework or other criteria used as a basis for the overall opinion;

of 348

9.7.5 The overall opinion, providing reasons where an unfavourable overall opinion is given; and

9.7.6 A statement on conformance with the Public Sector Internal Audit Standards and the results of the quality assurance and improvement programme.

9.8 The full range of Internal Audit related reports to be brought to the attention of

Gt. Yarmouth Borough Council’s Audit and Risk Committee are listed out at Section 4.3.1 of this Charter.

10. Quality Assurance and Improvement 10.1 The PSIAS require that the Internal Audit Consortium Manager develops and

maintains a quality assurance and improvement programme that covers all aspects of the Internal Audit activity, and includes both internal and external assessments. In the event of an improvement plan proving necessary to formulate and implement, in order to further develop existing service provisions, the Internal Audit Consortium Manager will initiate the appropriate action and annually, the results of the quality and assurance programme together with progress made against the improvement plan will be reported to senior management and the Audit and Risk Committee.

10.2 Internal Assessments 10.2.1 Internal Assessments must include on-going monitoring of the performance of

the internal audit activity. The Service operates in accordance with a number of key performance indicators, which are confirmed in the Internal Audit Services contract and detailed at Appendix 8. Contractor performance is subject to regular review by the Audit Management Team.

10.2.2 Internal arrangements also include receipt of post audit feedback from auditees and should criticism be received, this will immediately be investigated with the Internal Audit Services contractor and steps taken to resolve matters raised.

10.2.3 The PSIAS additionally require periodic self-assessments or assessments by other persons within the organisation with sufficient knowledge of Internal Audit practices. This obligation is satisfied by the Internal Audit Consortium Manager performing an annual self-assessment of the effectiveness of Internal Audit, the outcomes of which are then forwarded to the Section 151 Officer with appropriate evidence, for their independent scrutiny, before the results are submitted to the Audit and Risk Committee. Presenting this information to the Audit and Risk Committee enables members to be assured that the Internal Audit Service is operating in a satisfactory manner such that reliance can be placed on the subsequent annual audit opinion provided by the Internal Audit Consortium Manager.

10.3 External Assessments 10.3.1 External assessments must be conducted at least once every five years by a

qualified, independent assessor or assessment team from outside the organisation. External assessments can be in the form of a full external assessment, or a self assessment with independent external verification. The

of 348

Internal Audit Consortium Manager will agree with the Audit and Risk Committee and the Director of Resources, Governance and Growth:

The form of the external assessments; and, The qualifications and independence of the external assessor or

assessment team, including any potential conflict of interest.

10.3.2 The Internal Audit Consortium Manager will use their professional judgement when assessing whether an assessor or assessment team demonstrates sufficient competence to be qualified. An independent assessor or assessment team means not having any real or apparent conflict of interest and not being part of, or under the control of Gt. Yarmouth Borough Council, i.e. the organisation to which the Internal Audit activity belongs.

of 348

Appendix 2 GT YARMOUTH BOROUGH COUNCIL

INTERNAL AUDIT – CODE OF ETHICS FOR 2014/15 1. Introduction 1.1 This Code of Ethics sets the minimum standards for the performance and

conduct of Gt. Yarmouth Borough Council’s Internal Auditors. It is intended to clarify the standards of conduct expected from the Internal Auditors when carrying out their duties and promote an ethical, professional culture at all times when undertaking audit duties. This Code applies to all staff responsible for delivering Internal Audit within Breckland, Broadland, South Norfolk and North Norfolk District Councils, Great Yarmouth Borough Council and the Broads Authority, but does not supersede or replace the requirement on individual auditors to comply with their own professional bodies’ Codes of Ethics, as qualified members or student members, as well as any organisational Codes of Ethics or Conduct relating to their employer or the client authorities they serve.

There are four main principles, which must be observed in addition to having due regard to the Committee on Standards of Public Life’s ‘Seven Principles of Public Life’. The principles involved are as follows:

Integrity; Objectivity; Confidentiality; and, Competency.

2. Integrity 2.1 Principle 2.1.1 The integrity of Internal Auditors establishes trust and thus provides the basis

for reliance on their judgement. 2.2 Rules of Conduct

Gt. Yarmouth Borough Council’s Internal Auditors shall:

2.2.1 Perform their work with honesty, diligence and responsibility. 2.2.2 Observe the law and make disclosures expected by the law and the

profession. 2.2.3 Not knowingly be a party to any illegal activity, or engage in acts that are

discreditable to the profession of internal auditing or to the organisation. 2.2.4 Respect and contribute to the legitimate and ethical objectives of the

organisation.

of 348

2.3 Summary 2.3.1 Thus Gt. Yarmouth Borough Council’s Internal Auditors will demonstrate

integrity in all aspects of their work. Their relationship with colleagues and external contacts should be one of honesty and propriety. Such conduct will both support and develop an environment of trust, which provides the basis for reliance on all activities carried out by the Internal Auditors.

3. Objectivity 3.1 Principle 3.1.1 Internal Auditors exhibit the highest level of professional objectivity in

gathering, evaluating and communicating information about the activity or process being examined.

3.1.2 Furthermore, Internal Auditors make a balanced assessment of all the

relevant circumstances and are not unduly influenced by their own interests or by others in forming judgements.

3.2 Rules of Conduct

Gt. Yarmouth Borough Council’s Internal Auditors shall: 3.2.1 Not participate in any activity or relationship that may impair or be presumed

to impair their unbiased assessment. This participation includes those activities or relationships that may be in conflict with the interests of the organisation.

3.2.2 Not accept anything that may impair or be presumed to impair their

professional judgement. 3.2.3 Disclose all material facts known to them that, if not disclosed, may distort the

reporting of activities under review. 3.3 Summary 3.3.1 Objectivity is a state of mind that has regard to all considerations relevant to

the activity or process being examined without being unduly influenced by personal interest or the views of others. Gt. Yarmouth Borough Council’s Internal Auditors will display professional objectivity at all times when providing opinions, assessments and recommendations.

4. Confidentiality 4.1 Principle 4.1.1 Internal Auditors respect the value and ownership of information they receive

and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so.

of 348

4.2 Rules of Conduct

Gt. Yarmouth Borough Council’s Internal Auditors shall: 4.2.1 Be prudent in the use and protection of information acquired in the course of

their duties. 4.2.2 Not use information for any personal gain or in any manner that would be

contrary to the law or detrimental to the legitimate and ethical objectives of the organisation.

4.3 Summary 4.3.1 Gt. Yarmouth Borough Council’s Internal Auditors will therefore utilise

information received in the appropriate manner and for the purpose it was originally requested and provided, as prescribed by the requirements of the above Rules of Conduct, and will additionally take suitable steps to safeguard all information made available.

5. Competency 5.1 Principle 5.1.1 Internal Auditors apply the knowledge, skills and experience needed in the

performance of internal auditing services. 5.2 Rules of Conduct

Gt. Yarmouth Borough Council’s Internal Auditors shall: 5.2.1 Engage only in those services for which they have the necessary knowledge,

skills and experience. 5.2.2 Perform internal auditing services in accordance with the International

Standards for the Professional Practice of Internal Auditing. 5.2.3 Continually improve their proficiency and effectiveness and quality of their

services. 5.3 Summary 5.3.1 Gt. Yarmouth Borough Council’s Internal Auditors will not accept or perform

work that they are not competent to undertake, unless they have received adequate training and support to carry out the work to an appropriate standard.

5.3.2 It is also essential that the Head of Internal Audit operates in accordance with

the best practice guidance recommended in CIPFA’s Statement on ‘The Role of the Head of Internal Audit’ and undertakes an annual compliance check against the core principles stated therein.

of 348

6. Operational Arrangements 6.1 Achieving Compliance with the Code of Ethics 6.1.1 On an annual basis, the Internal Audit Consortium Manager, the Deputy Audit

Manager and the Mazars Auditors will revisit the Code of Ethics to reinforce their understanding of and confirm their on-going commitment to the obligations placed upon them as specified in this document, and ensure that they continue to fully comply with these when discharging their day-to-day duties in relation to Gt. Yarmouth Borough Council.

6.2 Securing Integrity 6.2.1 In order to be assured that the Internal Auditors demonstrate integrity in all

aspects of their work, quality control processes have been developed to protect Gt. Yarmouth Borough Council’s position in this matter.

6.3 Maintaining Audit Objectivity 6.3.1 In addition, it is essential that Internal Audit personnel are able to

demonstrate independence and hence, objectivity. To this end, Internal Audit staff are obligated to declare potential conflicts of interest as they arise, so as to enable other staff to be assigned to specific reviews, thereby avoiding any compromising of independence. Audit objectivity will also be upheld, in so far as Internal Auditors will not be able to carry out audits in an area where they have had previous operational roles within the last 12 months.

6.4 Observing Confidentiality 6.4.1 A breach of confidentiality by an Internal Auditor will not be tolerated and will

result in the expulsion of the individual from the Internal Audit Services contract.

6.5 Demonstrating Competency 6.5.1 It is a pre-requisite that all Internal Audit staff are aware of and understand:

The organisation’s aims, objectives, risk and governance arrangements; The purpose, risks and issues affecting the service area to be audited; The terms of reference for the audit assignment so that there is a proper

appreciation of the parameters within which the review will be conducted; and,

The relevant legislation and other regulatory arrangements that relate to the service areas to be audited, e.g. Statutes, the Authority’s Scheme of Powers delegated to Officers, the Authority’s Financial Regulations and Standing Orders relating to Contracts, Partnership/Service Level Agreements, Internal Strategies/Policies/Procedural Notes.

of 348

Appendix 3

GT YARMOUTH BOROUGH COUNCIL INTERNAL AUDIT STRATEGY FOR 2014/15

1 INTRODUCTION AND OVERVIEW 1.1 The objectives of Gt. Yarmouth Borough Council’s Internal Audit Service are

set out in Internal Audit’s Charter, although they can essentially be summarised as follows: ‘To deliver a risk-based audit plan in a professional, independent manner, to provide the organisation with an opinion on the level of assurance it can place upon the internal control environment, systems of risk management and corporate governance arrangements, and to make recommendations to improve these provisions, where further development would be beneficial’.

1.2 Internal Audit’s Charter is subject to annual review by the Internal Audit Consortium Manager and will then be re-presented to the Audit and Risk Committee for formal approval.

1.3 Each year, an audit needs assessment is undertaken by the Internal Audit

Consortium Manager in order to develop an updated 3-year Strategic Audit Plan, with an Annual Audit Plan being extracted from the latter for adoption in the succeeding financial year.

1.4 A computer audit needs assessment (CANA) is also usually performed on a

3-yearly cycle by the Internal Audit Services contractor, and the outcomes of this exercise will additionally feed into the reworked 3-year Strategic Audit Plan and the Annual Audit Plan.

2 WHAT THE INTERNAL AUDIT STRATEGY SETS OUT TO ACHIEVE 2.1 The purpose of the Internal Audit Strategy is to confirm:

How the service will be delivered to the Council over the next 12 months. The level of audit resources (i.e. planned audit days) required to secure

annual audit opinions in relation to the Council’s systems of internal control and risk management, and corporate governance arrangements.

The range and scope of the assignments selected for scrutiny, which collectively will provide an appropriate body work and corresponding evidence to derive annual audit opinions as required by the Public Sector Internal Audit Standards for the year ahead.

The opinions will generate independent sources of assurance which will serve to inform the authority’s Annual Governance Statement.

Internal Audit coverage has recognised and responded to the changing risks and priorities that face the Council.

There is adequate annual examination of the fundamental financial systems with audit sampling and testing sufficient for External Audit purposes, such that Ernst and Young can place reliance upon the outcomes of Internal Audit work in these areas.

Appropriate audit support has been made available to senior management and steps initiated to provide added value, wherever possible.

of 348

3 DEVELOPMENT OF THE CURRENT INTERNAL AUDIT STRATEGY 3.1 The formation of the present Internal Audit Strategy is essentially risk driven,

whilst also acknowledging that the primary issues to the Council at present are the ongoing need to deliver financial savings and legislative changes, and this in itself generates additional risks for the authority. As a result, extensive consultations have been undertaken with the Director of Resources, Governance and Growth (the Section 151 Officer and the Group Manager – Resources, in order to refine draft strategic audit planning proposals, and thereafter, a meeting has been held with the Executive Management Team (representatives of) and Group Managers to finalise future audit coverage and the sequencing of audit projects to provide a programme of planned work that utilises audit resources to best advantage, supports the authority in the delivery of its corporate aims and generates independent assurances on operational arrangements where they are needed most. In undertaking the audit needs assessment, we have also considered a number of core documents that have enhanced our understanding of the operational environment at the Council. These documents have encompassed the Corporate priorities and objectives, plus the risks to their achievement as noted in the Corporate Risk Register and via documented operational risks, a range of Cabinet and Committee Reports, new and amended Policies and Strategies, as well as External Audit documentation.

3.2 Seven key risk factors have then been applied to potential auditable areas and their impact on the organisation evaluated in terms of: Materiality – the value of annual direct income/expenditure associated

with the systems/activities; Materiality – an estimate of the number of transactions processed by the

systems/activities per annum; Significance – the significance of the systems to the objectives and

activities of the Council; Complexity of the organisation’s systems/activities in terms of their

operation and auditability; Modifications to the organisation’s systems/activities or the likelihood of

changes (i.e. new arrangements) being introduced within the duration of Audit Plans being put forward;

Inherent risk, i.e. the likelihood of threats, error or malpractice to the organisation, because of the nature of its business activity, the regulatory framework, its size, its growth, its history, etc; and,

Profile of auditable areas, reflecting on the political sensitivity of the systems/activities.

3.3 With reference to inherent risk, the Audit Needs Assessment is cognisant of

those areas where there is a higher incentive, motivation and rationalisation to commit a fraudulent or corrupt act, e.g. o Housing Benefits o Housing provision o Provision of Discounts (e.g. Council Tax Discounts) o Awarding of Grants – Community Grants and Private Sector Housing, and

other similar “direct” payments o Cash Collection o Credit Income o Creditor Payments o Contracts and Procurement

of 348

o Loans and Investments o Payroll, Expense Claims and Recruitment o Disposal of Assets o Awarding of Planning Consents o Awarding of Licences o Gifts and Hospitality

3.4 The risk factors have been weighted to produce a risk score, expressed as a

percentage that is, in turn, translated into a risk rating of Very High, High, Medium or Low. Once risks have been categorised, it is then possible to determine the frequency with which areas identified, should be subject to audit scrutiny. Low risk systems will be examined on a 5-yearly cycle. Medium risk assessed systems should be reviewed on a 3-yearly basis. High risk areas will be audited on a 2-yearly basis, and Very High areas will be scrutinised on an annual basis. There can be exceptions to the rule but these are explained on both the Strategic and Annual Audit Plans, where relevant.

3.5 Prior to finalising our annual audit needs assessment, we have also been

mindful of changes to the Annual Audit Plan for 2013/14 and where previously agreed with management, have brought forward a deferred audit to 2014/15 – this concerns Performance Management, Corporate Policy and Business Planning.

3.6 As mentioned previously in paragraph 1.4, a computer audit needs

assessment is also performed by the Internal Audit Services contractor in parallel to the audit needs assessment work carried out by the Internal Audit Consortium Manager. The CANA effectively evaluates the key risks affecting the IT environment within the Council and having identified risk priority ratings, it is then possible to use this information to populate a Strategic Computer Audit Priority Analysis and Annual Computer Audit Plans. The Internal Audit Services contractor applies a different methodology to the Internal Audit Consortium Manager however, i.e. very high risk scores call for 2-yearly audit input, high risk scores warrant 3-yearly review and medium risk scores dictate 4-yearly audit involvement.

4 FORMULATION OF THE STRATEGIC AND ANNUAL AUDIT PLANS 4.1 As noted above in Section 3 of the Strategy, prior to completing the annual

audit needs assessment for 2014/15, there has been liaison with key personnel at the Council to identify a level of audit coverage necessary to provide requisite annual audit opinions.

4.2 Draft strategic audit planning proposals for 2014/15 were discussed with the

Director of Resources, Governance and Growth and the Group Manager – Resources on 28 November 2013 and then with the Executive Management team (representatives of) and Group Managers on 4 December 2013 to confirm their acceptance of the coverage to be submitted to the Audit and Risk Committee for approval. Moreover, we have also provided External Audit with copies of the new Strategic and Annual Audit Plans, prior to their presentation to the Audit and Risk Committee.

4.3 Upon receiving the Audit and Risk Committee’s approval to the new year

Audit Plans, the Internal Audit Consortium Manager will instruct the Internal

of 348

Audit Service contractor (Mazars Public Sector Internal Audit Ltd) to adopt the Annual Audit Plan as their work programme for 2014/15.

of 348

Great Yarmouth Borough Council - Strategic Audit Plan April 2014 - March 2017

Appendix 4

Description of audit 2013/14 Corporate Risk Assessment No.

2014/15 2015/16 2016/17

Days delivered

Days planned

Days planned

Days planned

DIRECTOR OF RESOURCES, GOVERNANCE AND GROWTH

Corporate Governance and Risk Management / Change Control 10 1,2,5,7,10,11 High Annual 10 10 10

Work to support the preparation of the Annual Governance Statement - Additional Key Control Testing

11 5 Very High Annual 16 11 16

Follow up previous systems audit recommendations 10 Not applicable Annual 10 10 10


Accountancy services - control accounts, banking, bank reconciliation, asset register, budgetary control and treasury management

17 4,5,7,10 Very High 2-yearly 17

Creditors - Electronic ordering and payments and insurance 5 High 2-yearly 13 13Payroll (includes officers' expenses) and human resources 5 High 2-yearly 15 15Sundry Debtors 10 5,9 High 2-yearly 10Council Tax and NNDR 20 5 High 2-yearly 20

DIRECTOR OF HOUSING AND NEIGHBOURHOODS

Housing rents and associated activities 5 High 2-yearly 18 18

DIRECTOR OF CUSTOMER SERVICES

Receipt, handling and banking of remittances 10 5 High 2-yearly 10Housing Benefits and Council Tax Support 22 5,9 Very High 2-yearly 22

Assessed audit risk

Frequency of coverage

ANNUAL OPINION AUDITS

FUNDAMENTAL FINANCIAL SYSTEM AUDITS

Page 1 of 4

of 348


Appendix 4


2014/15 2015/16 2016/17

Days delivered

Days planned

Days planned

Days planned

Assessed audit risk



Member Services, Training, Allowances and Expenses 5 Medium 3-yearly 8

Data Protection, Freedom of Information 5 Low 5-yearly 8

Procurement 1,4,5,31 High 2-yearly 12 12Performance Management, corporate policy and business planning 1,2,4,5,7,11,31 High 2-yearly

Brought forward from 2013/14

Annual Audti Plan

10 10

Property portfolio management including seafront 5 High 2-yearly 18 18Great Yarmouth Market 12 5 High 2-yearly 12Elections and Electoral Registration 5 Medium 3-yearly 12Economic Development 5 Low 5-yearly 10


Bereavement services 10 5 Medium 3-yearly 10Waste Management includes contract / agreement monitoring, income collection and monitoring, refuse collection, street cleansing, recycling, clinical waste, abandoned vehicles and grounds maintenance

5 High 2-yearly 18 18

Licensing 5 Medium 3-yearly 10Car Parking 5 High 2-yearly 16 16Environmental Health Services includes emergency planning, food safety, environmental protection, pest control, dog warden and pollution control

15 5 Medium 3-yearly 15

Development control includes planning applications, planning enforcement, s106 agreements, Community Infrastructure Levy, Land Charges and Building Control

5,13,16,36 Medium 3-yearly 22

Printing Services, Reception and Customer Services 8 5 Medium 3-yearly 8Tourism, Marketing, Communications and Media 10 5,9 Medium 3-yearly 10

OTHER SYSTEMS AUDIT

Page 2 of 4

of 348


Appendix 4


2014/15 2015/16 2016/17

Days delivered

Days planned

Days planned

Days planned

Assessed audit risk



Homelessness and Housing Strategy 5 Medium 3-yearly 14

New Homes Bonus/ Affordable Housing Initiatives/ Home Options 5 Low 5-yearly 10Private Sector Housing - Disabled Facilities Grants & discretionary improvement grants

5 Medium 3-yearly 10

Sports and Leisure 5 Medium 3-yearly 10Services for the Elderly plus Sheltered Housing 5 Medium 3-yearly 7Housing Right To Buy 5 Low 5-yearlyPlanned and responsive maintenance 18 5 High 2-yearly 18Localism and Communities (new audit) 10 5 Low 5-yearly

Neighbourhood Management / Community Development 5 Medium 3-yearly 12

DIRECTOR OF RESOURCES, GOVERNANCE AND GROWTHANDDIRECTOR OF HOUSING AND NEIGHBOURHOODS

Partnerships 4,5,7,31 Medium 3-yearly 10

TOTAL DAYS PER ANNUM FOR SYSTEMS AUDIT 193 207 232 199


General Fund Capital Programme Contracts 5,9 High 2-yearly 12 12


Housing Revenues Account - Major Works Programme Contracts 5,9 High 2-yearly 12 12

TOTAL DAYS PER ANNUM FOR CONTRACT AUDIT 0 24 0 24

CONTRACT AUDIT

Page 3 of 4

of 348


Appendix 4


2014/15 2015/16 2016/17

Days delivered

Days planned

Days planned

Days planned

Assessed audit risk



Follow up of previous computer audit recommendations 4 4 4 4Computer audit needs assessment 5 5Provision for computer audit coverage pending results of needs assessment

Infrastructure

Remote Access 7 Medium 4-yearlyNetwork Security Very High 3-yearly 12Mobile device security Very High 10

Management IssuesBusiness Continuity 16,22 High 3-yearly 7Data Centre and Disaster Recovery (Back Up in 2013/14 only) 9.5 High 3-yearly 8Software Licensing Very High 7Data Protection and Freedom of Information Very High 10

Application SystemsRevenues and Benefits 12 Very High 2-yearlyBACS Transfer (Microgen) High 3HR/Payroll (Chris 21) High 4-yearly 10Financial Management System (IB Solutions) High 3-yearly 11Environmental Health (Flare) 7

TOTAL DAYS PER ANNUM FOR COMPUTER AUDIT 37.5 34 34 34

TOTAL DAYS 230.5 265 266 257

COMPUTER AUDIT

Page 4 of 4

of 348

GREAT YARMOUTH BOROUGH COUNCILANNUAL AUDIT PLAN - APRIL 2014 TO MARCH 2015

Appendix 5

2014/15

Directorate Identification of areas to be auditedAssessed Audit Risk

Frequency of audit coverage

Days Planned

Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar

ANNUAL OPINION AUDITS


Corporate Governance and Risk Management

High Annual 10 10

Work to support the preparation of the Annual Governance Statement - Additional Key Control testing

Very high Annual 16 16

Follow Up of previous systems audit recommendations

n/a Annual 10 2.5 2.5 2.5 2.5


Creditors - Electronic Ordering and payments and Insurance

High 2-yearly 13 13

Payroll and HR High 2-yearly 15 15


Housing rents and associated activities High 2-yearly 18 18

Quarter 4Quarter 2Quarter 1

FUNDAMENTAL FINANCIAL SYSTEMS

Quarter 3

of 348


Appendix 5

2014/15



Days Planned


Quarter 4Quarter 2Quarter 1 Quarter 3


Procurement High 2-yearly 12 12

Performance Management, corporate policy and business planning

High

2-yearlyBrought

forward from 2013/14 Annual

Audit Plan

10 10

Property Portfolio Management inc seafront

High 2-yearly 18 18

Elections and Electoral Registration Medium 3-yearly 12 12


Waste Management includes contract / agreement monitoring, income collection and monitoring, refuse collection, street cleansing, recycling, clinical waste, abandoned vehicles and grounds maintenance

High 2-yearly 18 18

Car Parking High 2-yearly 16 16

Development Control includes planning applications, planning enforcement, s106 agreements, Community Infrastructure Levy, Land Charges and Building Control

Medium 3-yearly 22 22


Sports and Leisure Medium 3-yearly 10 10

Service for the Elderly plus Sheltered Housing

Medium 3-yearly 7 7

TOTAL SYSTEMS AUDIT DAYS 207 18 25 2.5 32 0 2.5 0 43 20.5 25 26 12.5

OTHER SYSTEMS AUDIT

of 348


Appendix 5

2014/15



Days Planned


Quarter 4Quarter 2Quarter 1 Quarter 3


General Fund Capital Programme Contracts

High 2-yearly 12 12


Housing Revenue Account - Major Works Programme Contracts

High 2-yearly 12 12

24 0 0 0 0 0 0 12 0 0 0 12 0


Software Licensing Very High 7 7

Data Protection and Freedom of Information

Very High 10 10

BACS Transfer (Microgen) High 3 3

HR/Payroll (Chris 21) High 4-yearly 10 10

Follow Up n/a Annual 4 1 1 1 1

34 0 0 8 3 0 1 10 0 11 0 0 1

265 18 25 10.5 35 0 3.5 22 43 31.5 25 38 13.5TOTAL DAYS FOR SYSTEMS, COMPUTER AND CONTRACT AUDIT IN 2014/15

TOTAL COMPUTER AUDIT DAYS

COMPUTER AUDIT

CONTRACT AUDIT

TOTAL CONTRACT AUDIT DAYS

of 348

of 348


Levels of Assurance Awarded from 2007/08 onwards

Appendix 7

2007-08 2008-09 2009-10 2010-11 2011-12 2012-13 2013-14 2014-15

Corporate Governance AdequateAssurance Framework AdequateAGS - Assurance Framework Adequate

Sundry Debtors Limited Adequate Unsatisfactory XAGS - Sundry Debtors AdequateRemittances Limited Adequate Adequate AdequateAccountancy Services Limited Adequate Adequate Adequate XAGS - Fixed Assets AdequateAGS - General Ledger AdequateAGS - Cash and remittances AdequateAGS - Treasury Management AdequateAGS - Budgetary Control AdequateHousing and Council Tax Benefits Limited Limited Adequate Adequate Adequate XAGS - Housing and Council Tax Benefits AdequateCouncil Tax / NNDR Adequate Adequate Adequate XAGS - Council Tax / NNDR AdequateCreditors Limited Adequate Adequate XPayroll / HR Adequate Adequate Adequate XTreasury Management LimitedHousing Rents Adequate Adequate Adequate Adequate X

GF Capital Programme Limited Limited Adequate XMember Services, LegalServices, Civic Functions, Data Protection, FoI, Gifts and hospitalityMember Services, Training, Allowances and Expenses

Good

DPA and FOI

Printing, Reception, Customer Services

LimitedPrint & Design

- LimitedReception,

Town Hall & Customer Services - Adequate

Procurement Limited XMarket Limited Limited UnsatisfactoryProperty Portfolio Managementinc Seafront Adequate Adequate X

Elections and Electoral Registration Adequate XEconomic Developmen, Conservation, Regeneration

Adequate Adequate

Performance Management, Corporate Policy and Business

Adequate

AdequateDeferred to

2014/15 X

Partnerships Limited

Licensing Limited AdequateDevelopment Control Adequate Adequate XCar Parking Limited Adequate Limited X XAGS - Car Parking AdequateEnvironmental Health Services Limited Adequate XWaste Management Adequate Adequate Adequate XBereavement Services Adequate Adequate Tourism, Marketing, Communication and Media and Seafront Management

AdequateAdequate

Concessionary Fares LimitedPrivate Sector Housing Adequate Adequate

Homelessness and Housing Strategy CBL Adequate Adequate

New Homes Bonus / Affordable Housing / Home Options Limited AdequateCulture, Sport and Leisure Limited Limited XPlanned and Responsive Maintenance Adequate Adequate AdequateAGS - Planned Maintenance AdequateHRA Capital Programme Adequate Adequate Adequate XServices for the Elderly andSheltered Housing

AdequateX

Housing Right to Buy Deleted AdequateLocalism and Communities Adequate

Data Quality Adequate

Housing Application AdequateNetwork Infrastructure Limited LimitedEnd User Controls AdequateGeneral IT Controls LimitedIntegra Application Adequate AdequateIT Security AdequateDocument Application Adequate

Change Control / IT GovernanceAdequate

Revenues and Benefits Application

AdequateAdequate

HR and Payroll Application Limited XCash Receipting Application AdequateCitrix AdequateBusiness Continuity LimitedRemote Access AdequateData Centre, Back Up and Disaster Recovery LimitedSoftware Licensing XData Protection and Freedom ofInformation XBACS Transfer (Microgen) X

Notes: Changes to areas of coverage agreed as part of the process for agreeing the 2013/14 audit plans, mainly due to the structural changes at the Council. Changes are shown in bold font or by way of strikethrough.

Customer Services

Housing and Neighbourhoods

IT Audits

X

One-off audit

Key - AGS relates to Work to Support the preparation of the Annual Governance Statement. This work scrutinises key controls only,rather than providing for an in-depth review of systems in their entirety and because of this, the type of assurance that we are able to

Adequate Adequate

One-off audit

Annual Opinion Audits

Fundamental Financial Systems

Resources, Governance and Growth

Integrated into Corporate Policy, then from 2013/14 a separate audit

Transferred to the County Council

Corporate Governance and Risk Management X

Limited

Elected to no longer have audit coverage

give is restricted to adequate or limited.

Adequate

of 348

Appendix 8

Performance Indicators for the Internal Audit Service

Internal Audit performance is monitored as detailed below. Indicator Target Purpose% audit recommendations accepted by management

90% Acceptance of audit recommendations by management ensures that where improvements are required to the internal control environment, appropriate action will be taken to secure these enhancements. However, there can be occasions where recommendations are disputed. In these cases, there may be justifiable reasons for management not supporting the recommendation, e.g. compensating controls have been put in place. Conversely, management can take the decision to accept the risks identified, particularly if insufficient resources preclude action being taken. However, this will mean that there are vulnerabilities in systems of internal control, which are not being addressed.

% high priority recommendations implemented

100% Management’s commitment in implementing high priority recommendations ensures that high profile risks/fundamental flaws in systems of internal control are suitably resolved.

Number of days between the issue of Internal audit briefs and commencement of audit fieldwork

10 working days

Management should have sufficient time to consider and shape audit objectives driving review work before the fieldwork starts. Hence, adequate consultation is permitted enabling management to make a contribution to terms of reference thereby ensuring the audit adds value to their service area.

Number of days between the expected completion of audit fieldwork (as per the audit brief) and actual completion of audit fieldwork

0 working days This indicator seeks to check that audit fieldwork finishes in a timely manner and thus audits progress as expected, and there are no unnecessary delays.

Number of days between the completion of audit fieldwork and issue of draft report

10 working days

The draft report is the first stage after which management will have written confirmation of the audit outcomes. Issue on a timely basis provides better opportunity for management to be able to comment, and also ensures that the audit plan is delivered as expected.

Number of days between the issue of the draft and final report

15 working days

Delivery of a timely final report ensures that management can commence the process of addressing internal control weaknesses.

Number of days between the completion of the fieldwork and issue of a final report

25 working days

This is a combination of the two performance indicators above and reflects the total time incurred in completion of the audit process.

of 348

Indicator Target PurposeAverage score given to audit feedback

Adequate This is the main indicator of audit quality and is based upon the feedback received by management for individual audit assignments, which range on a 6-point basis, namely poor, weak, less than adequate, adequate, good and excellent.

Compliance with the Public Sector Internal Audit Standards

Full These Standards encompass the mandatory elements of the Institute of Internal Auditors (IIA) International Professional Practices Framework. A checklist has been developed from the guidance, which will be completed annually, with the results feeding into our review of the effectiveness of internal audit.

Compliance with the CIPFA Statement on the Role of the Head of Internal Audit

Full This Statement sets out what CIPFA considers being best practice for Heads of Internal Audit in terms of providing a summary of the core responsibilities entailed in the role to support the Council in achieving its objectives, by giving assurance on its internal control arrangements and playing a key part in promoting good corporate governance. A checklist has been developed from the guidance, which is completed annually and feeds into our review of the effectiveness of internal audit.

of 348

Subject: Working Protocol between Internal and External Audit for 2013/14

and 2014/15




An Audit Joint Working Protocol has been developed between Internal Audit and the Council’s External Auditors – Ernst and Young, which recognises the respective responsibilities of each body, relevant audit areas that will be covered, liaison and information sharing arrangements between the two bodies, audit testing and sample size requirements to be observed by the two bodies and generic key financial controls requiring examination each year.

The Protocol has been formulated to avoid any potential duplication of work and determine the assurance that can be placed on the respective work of the two parties, whilst also ensuring that External Audit can place maximum reliance on the work of Internal Audit, wherever possible.


Approve the Audit Protocol and thereby give its endorsement to the level of

interaction, which will be adopted by Internal and External Audit throughout

the remaining quarter of 2013/14 and the financial year 2014/15.

1. INTRODUCTION/BACKGROUND 1.1 Prior to Ernst and Young being appointed as the Council’s External Auditors,

Internal Audit had operated an Audit Joint Working Protocol with the Audit Commission to facilitate close working relationships, ensuring that the services of Internal and External Audit were as integrated as possible, in order to maximise the effectiveness and efficiency of the overall approach to audit operated within Great Yarmouth Borough Council.

1.2 Post Ernst and Young being made responsible for the provision of External Audit Services to the authority, Internal Audit has been actively pursuing formulation of a similar Protocol, aimed at clarifying the individual roles of each body, how they will liaise with each other and where it is feasible to rely on each other’s work, ensuring that sample sizes and key control testing are such that the work of Internal Audit can be used by External Audit to inform their work.

1.3 There have been two stages involved in extracting the Protocol which is being presented to the Audit and Risk Committee today. Initially, it was recognised that until such time as Ernst and Young had been through the complete cycle of a Financial Statement Audit, it would be difficult for them to confirm the key

of 348

controls applying to the Council’s core financial systems. As an interim measure, it was therefore agreed that Internal Audit would adopt External Audit’s approved sample sizes for testing of the organisation’s key fundamental systems from 2012/13 onwards and, in addition, Ernst and Young would produce a Briefing Paper which explained fully how they intended to place reliance on Internal Audit’s work.

1.4 The Briefing paper acknowledged that before the work of Internal Audit could be used to inform the work of External Audit, it was essential to undertake an overall assessment of the Internal Audit function, to determine whether our work was likely to be adequate for the purposes of their audit, and how this could complement delivery of their key in-year tasks. This assessment was duly performed without any issues arising.

1.5 Moreover, in recent weeks, we have achieved the second stage of the process - compiling a formal Protocol for adoption from the final quarter of 2013/14 onwards, following a collaborative exercise between the Internal Audit Management Team and the External Audit Manager.

2. OVERALL POSITION 2.1 The new Protocol, attached at Appendix 1, explains the overarching aims of

the document, recognises the respective responsibilities of each auditing body, itemises audit areas of primary concern, reviews liaison arrangements including who will be the key audit contacts at the Council, and comments on provisions for accessing audit files and reports. There are then 3 separate appendices, which tabulate the working arrangements that will be followed, the nature of audit sample sizes to be extracted and hence used for testing purposes, and a summary of financial key controls identified for in-year evaluation.

2.2 In applying the Protocol, good working relationships between Internal and External Audit will be further strengthened, thereby securing a fully integrated and therefore more efficient approach to the provision of audit services to the Authority.

3. CONCLUSIONS 3.1 This new Protocol seeks to build on the working relationships that have

already been developing between Internal and External Audit, further enhancing how the two bodies will interact, and adopting arrangements designed to secure seamless integration of work and avoidance of any unnecessary duplication of effort.

FINANCIAL IMPLICATIONS: None.

LEGAL IMPLICATIONS: None.

of 348

RISK IMPLICATIONS: If the Audit and Risk Committee fails to endorse the

Protocol, this deviation from best practice could potentially result in

undermining the developing working relationships between Internal and

External Audit, in terms of improving upon what can be achieved jointly.

EXECUTIVE BOARD OR DIRECTOR CONSULTATION: None. RECOMMENDATIONS It is recommended that the Audit and Risk Committee approve the adoption of the Audit Protocol. Does this report raise any





Issues No

Legal No

Financial No

Risk See separate section

above on Risk Implications

for the Council.

Sustainability No

Equality No

Crime and Disorder No

Human Rights No

Every Child Matters No

Appendix 1: Audit Joint Working Protocol

of 348

Ernst & Young LLP

Audit Joint Working Protocol Great Yarmouth Borough Council

January 2014

of 348

Contents

EY i

Contents

1. Introduction – aims ....................................................................................................... 1

2. Respective responsibilities .......................................................................................... 2

3. Audit areas .................................................................................................................... 4 3.1 Opinion ....................................................................................................................................................... 4 3.2 Fraud .......................................................................................................................................................... 4 3.3 Value for money ......................................................................................................................................... 4 3.4 Other work areas ........................................................................................................................................ 4

4. Liaison arrangements ................................................................................................... 5

5. Review of Internal Audit: Audit documents and reporting ......................................... 6

Appendix A Working arrangements ............................................................................... 7

Appendix B Controls testing and sample sizes ............................................................. 9

Appendix C Summary of key financial controls .......................................................... 10

Appendix D Approach to reliance on Internal Audit .................................................... 15

of 348

Introduction – aims

EY 1

1. Introduction – aims

1. This document sets out the basis for effective co-ordinated working arrangements between Great Yarmouth Borough Council’s Internal Audit service and EY as the Council’s appointed external auditors.

2. The aims of the protocol are to aid joined-up working and reduce duplication of audit work by:

► Clarifying respective responsibilities for work associated with the Code;

► Developing further a close and effective working relationship; and

► Facilitating the effective co-ordination of our work without impairing the independence and integrity of either party.

3. This document sets out:

► Confirmation of the liaison arrangements between Internal Audit and EY ;

► The requirements to be followed in order that EY can place the desired level of assurance on the work of internal audit;

► Working protocol Arrangements (Appendix A);

► Details of sample sizes (Appendix B);

► A detailed summary of control tests that EY consider to be key in proving the internal financial control systems (Appendix C);

► The approach for relying on Internal Audit work (Appendix D).

4. The protocol takes into account the requirements of the revised Audit Commission’s Code of Audit Practice 2010 (The Code).

of 348

Respective responsibilities

EY 2

2. Respective responsibilities

1. Great Yarmouth Borough Council (The Council) has a responsibility to put in place proper arrangements for the governance and stewardship of its resources.

2. Internal Audit provides an essential element of the Council’s arrangements. In the course of discharging its responsibilities, Internal Audit is required to deliver a service which meets the professional standards laid down in the Public Sector Internal Audit Standards effective from 1 April 2013. And CIPFA’s published Statement on the Role of the Head of Internal Audit in Public Service Organisations 2010.

3. Internal Audit’s responsibilities require them to evaluate the effectiveness of the control environment in achieving the organisation’s objectives. In part fulfilment of their responsibilities, Internal Audit carry out reviews of systems and key controls, including evaluating and testing those controls. This work is directly relevant to our own responsibilities.

4. Under the Audit Commission Act 1998 and the Code of Audit Practice the external auditor appointed by the Audit Commission is responsible for reviewing and reporting on the Council’s:

► Financial statements and Annual Governance Statement;

► Arrangements for securing economy, efficiency and effectiveness in its use of resources: and,

► Grant certification.

5. In issuing the opinion external auditors express a view whether the Council’s financial statements:

► Present fairly the financial position of the Council and its expenditure and income for the year in question; and

► Have been prepared properly in accordance with relevant legislation and applicable accounting standards.

6. External Auditors are required to follow the UK and Ireland’s version of International Standards on Auditing – ISA (UK&I). These took effect from 2005/06 requiring greater emphasis on gaining an understanding of governance arrangements of the Audited and Inspected Body (AIB). In order to comply with ISA315, EY identifies, evaluates, documents and tests those of the Council’s systems that have a material impact upon its financial statements.

7. EY also consider whether the Annual Governance Statement has been presented in accordance with relevant requirements and report if it does not meet those requirements or if the statement is misleading or inconsistent with our knowledge of the Council.

8. Internal and external audit have different roles but many shared objectives. Effective co-operation is essential in order to minimise duplication of effort and maximise the benefits of audit. It should enable both parties to devote more time to the key audit issues and ensure that the Council gets value from its total audit resource. Both are committed to an open and constructive relationship, based on an understanding of each other’s roles and approaches to achieving their respective objectives.

9. The Audit Commission emphasises this need for co-operation in a number of its publications:

of 348

Respective responsibilities

EY 3

► The Code of Audit Practice 2010 states that external auditors should establish effective co-ordination arrangements between internal and external audit and seek to place maximum reliance on the work of internal audit wherever possible;

► ‘It Takes Two’ (Published in 1996) is a good practice guide to assessing and improving co-operation between internal and external auditors; and

► The Managed Audit Good Practice Guide 1995 promotes a more efficient audit by encouraging reliance on the control environment, which includes internal audit.

10. Key areas of co-operation are summarised in Appendix A.

of 348

Audit areas

EY 4

3. Audit areas

3.1 Opinion 1. In complying with the Internal Audit standards in undertaking systems work, Internal

Audit will follow the relevant guidance to:

► Use adequate sample sizes to support conclusions and recommendations;

► Select samples appropriately, which are representative of the population and the period covered; and

► Evidence and document the work in accordance with professional standards.

2. Internal Audit tests of samples will cover the financial year from 1 April to 31 March. Internal Audit undertakes detailed work on financial systems on a cyclical basis and top up their work with tests of the remaining systems. In this way Internal Audit provide sufficient coverage for the annual Governance Statement and ensure that testing covers the whole financial year.

3. EY liaise with Internal Audit each year to identify the scope for external audit to drawing assurance from Internal Audit systems work. To be successful this will involve synchronising work timetables. EY will liaise with Internal Audit each year as to the timing of Internal Audit’s work. Appendix B sets out the minimum sample sizes for the testing of key controls.

4. Appendix C details the key controls within the main financial systems identified by EY as part of the 2012/13 audit work. These controls may change in future years.

3.2 Fraud 5. Internal Audit will notify EY promptly of all frauds exceeding £10,000, and any cases of

corruption and any fraud cases of particular interest or complexity, and will set out the details on an AF70 for submission to the Audit Commission Counter-Fraud Unit.

6. In the event of a fraud, both EY and Internal Audit will exchange relevant information. Normally, Internal Audit will then oversee the investigation of the case and keep EY informed of progress.

3.3 Value for money 7. EY and Internal Audit will liaise over any forthcoming value for money work. Should

Internal Audit undertake value for money work, EY will consider the findings of that work as part of our review of the Council’s Value for Money Conclusion assessment.

3.4 Other work areas 8. The following additional areas of Internal Audit activity may also be relevant to our work:

► Ad hoc investigations into suspected fraud or corruption; and

► Reviews of systems development and replacement.

of 348

Liaison arrangements

EY 5

4. Liaison arrangements

1. Liaison meetings will be held regularly in line with the Audit Committee cycle.

2. Standard agenda items for liaison meetings are likely to include:

► An update of progress against Internal Audit and EY plans;

► Issues affecting delivery of plans;

► Reports finalised since last meeting;

► Key findings and emerging issues from current work;

► Details of special investigations and sensitive issues;

► Internal Audit involvement in systems development work, etc.; and

► General audit news and intelligence from Internal Audit and EY networks (internally and externally).

3. A representative from EY will be available to attend Audit Committee meetings and any other sessions regarding audit matters. As a minimum EY representative will attend the Audit Committee to present the Audit Plan, Audit Results (ISA 260) Report and the Annual Audit Letter.

4. Key contacts for purposes of communications on the common areas of work are shown in Table 1.

Table 1: Key audit contacts

Council management Internal audit EY

Seb Duncan, Director of Resources, Governance & Growth

To be confirmed David Riglar, Manager

Donna Summers, Group Manager - Resources

Emma Hodds Deputy Audit Manager Lorna Snow, Lead Executive

5. First contacts for enquiries on specific audit areas are shown in Table 2.

Table 2: Key audit contacts

Work area Council key contact

Audit Planning, control and reporting Donna Summers,Group Manager - Resources

Financial systems David Cowl, Financial Services Manager

Housing benefits Miranda Lee, Group Manager – Customer Services

Anti-fraud and corruption Emma Hodds, Deputy Audit Manager

Grant claims David Cowl, Financial Services Manager

Performance Management Colin Rowland, Corporate Policy & Performance Officer

IT Bev Houghton, IT Service Unit Manager

of 348

Review of Internal Audit: Audit documents and reporting

EY 6

5. Review of Internal Audit: Audit documents and reporting

1. EY reviews Internal Audit’s work to consider whether it meets the Internal Audit standards and can be relied upon for providing assurance on the Council’s control arrangements. Reviewing relevant files is an essential step in this process. Internal Audit has agreed to provide us with access to their records and will include EY on the distribution list for all draft and final reports. Any records EY receive from Internal Audit will be kept secure at all times.

2. EY will consider all requests for Internal Audit access to EY files. However, EY will have to take account in each case of the statutory restrictions on the disclosure of information by External Auditors. Internal Audit will have sight of reports that go to the Audit Committee. Where appropriate, meetings will be scheduled with Internal Audit to discuss reports before finalising.

3. EY also undertakes detailed reviews of specific pieces of Internal Audit work upon which EY wishes to place reliance. This will encompass a review of the audit file to assess the scope of the work and the adequacy of sample sizes, standards of evidence and documentation, quality assurance and reporting. This may involve re-performing some tests, or testing an additional sample, if deemed appropriate.

4. Arrangements for relying on Internal Audit work are set out in Appendix D.

of 348

Working arrangements

EY 7

Appendix A Working arrangements

Arrangements Responsibility Comments

EY and Internal Audit will discuss Internal Audit’s annual audit plans for all significant financial systems, one off projects and for anti-fraud and corruption work.

Appendix B sets out EY minimum sample sizes for the testing of key controls.

Appendix C details the key controls identified by EY from the 2012/13 audit.

Joint Internal Audit testing in previous years has covered the key controls of the following systems on a cyclical basis and annually to support the Annual Governance statement.

► General ledger maintenance (including journals)

► Purchasing and payables/Creditors

► Income receivable/debtors.

► Payroll and pensions

► Property, Plant and Equipment

► Cash;

► Treasury Management.

► Housing and Council Tax Benefits.

► Council Tax and National Non-Domestic Rates.

► Budgetary control.

► Housing Rents.

► Car Parking.

► Planned Maintenance.

Details of EY expectations for the above work will be supplied by EY. Internal Audit will plan their coverage of the work and ensure their working papers are clearly referenced to indicate how they may be used to support the external audit.

Joint Internal Audit’s first responsibility is to provide a comprehensive Internal Audit service to the Council. In doing so it is mutually advantageous for Internal and External Audit to closely co-operate over key areas of the audit.

A timetable will be agreed for these systems to ensure that work is available for review at the appropriate time.

Joint Approximate timings for audit work are agreed at the audit planning meeting usually held in February or March. Details can be updated at each liaison meeting.

Regular meetings will be held to review progress and discuss any matters arising.

Joint Amongst other things these meetings will provide a forum for feedback and informal discussion of findings, discussions of changes necessary for co-ordination of our work plans, etc.

EY will review aspects of the Internal Audit function on an annual basis.

Joint The scope of our review of Internal Audit work is set out at Appendix D.

EY will consider all requests for Internal Audit access to EY systems documentation. However, EY will have to take account in each case of the statutory restrictions on the disclosure of information by External Auditors.

Joint EY and Internal Audit will have sight of reports that go to the Audit Committee. Where appropriate, meetings will be scheduled with Internal Audit to discuss reports before finalising.

Internal Audit should report on the control environment, in line with the Public Sector Internal Audit Standards effective from 1 April 2013.

Internal Audit Public Sector Internal Audit Standards effective from 1 April 2013 requires the Head of Internal Audit to include in the annual Internal Audit report to the Authority an opinion on the overall adequacy and effectiveness of the authority’s internal control environment, providing details of any weaknesses that qualify this opinion and bringing to the attention of the Authority any issues particularly relevant to the preparation of the Annual Governance Statement. Provided it can satisfy itself that Internal Audit operates to the standards set out in the Code, the relevant body is justified in taking assurance from this opinion.

Internal Audit will continue to manage the Council’s involvement in and responses to the NFI programme

Internal audit EY will consider the work of Internal Audit and the Council on this project.

Internal Audit and EY will keep each other informed of any frauds discovered

Joint Any frauds discovered are to be reported to both of 348

Working arrangements

EY 8

Arrangements Responsibility Comments

or suspected. Internal Audit and EY.

of 348

Controls testing and sample sizes

EY 9

Appendix B Controls testing and sample sizes

EY select relevant controls to test that address the ‘what can go wrongs’ (WCGWs) for each relevant financial statement assertion for which EY plans to rely on controls. EY tests controls to evaluate the operating effectiveness of controls over the significant classes of transactions (SCOTs) and significant disclosure processes to prevent or detect and correct material misstatements at the assertion level. Relevant controls are those controls that EY intend to rely on for the purpose of the audit to address the risks of material misstatements at the assertion level. EY will share with Internal Audit details of the controls EY has identified as relevant controls on an annual basis.

The following sample sizes are applied to EY controls testing:

Nature of control and frequency of performance Minimum number of items to test

Manual control, performed daily or many times a day 25

Manual control, performed weekly 5

Manual control, performed monthly 2

Manual control, performed quarterly 2

Manual control, performed annually 1

The sample selected should cover the whole of the financial year to obtain evidence that the control operated throughout the audit period.

The minimum sample size of 25 assumes 250 occurrences. Between 50 to 250 occurrences, the minimum sample is 10% of occurrences. If less than 50 occurrences, the minimum sample size is 5 or 10% if there are less than 5 occurrences.

If errors or uncertainties are identified within the controls testing undertaken an extended sample should be chosen for testing to focus further on the specific area of risk identified.

of 348

Summary of key financial controls

EY 10

Appendix C Summary of key financial controls

The following tables set out the key controls that EY identified as part of the 2012/13 audit work. These may therefore change in future years. These are the key controls EY seeks to understand and evaluate on an annual basis to support the external audit work under the Code of Audit Practice. The tables do not detail a complete list of all controls within the financial system and therefore it may be appropriate to supplement these with further controls to meet Internal Audit objectives.

The tables cover the following areas:

► General ledger maintenance (including journals);

► Purchasing and payables/creditors;

► Income receivable/debtors;

► Payroll and pensions;

► Property, plant and equipment

► Cash;

► Treasury management;

► Housing and council tax benefits;

► Council tax and National non-domestic rates;

► Budgetary controls – including budget setting and monitoring;

► Housing Rents;

► Car Parking; and

► Planned Maintenance.

General ledger maintenance

Key Controls All manual journals raised are appropriately authorised and input into the system. Journals are only raised by accounting officers and approved by a senior accounting officer.

Creditors and accounts payable

Key Control Appropriately authorised orders should be raised for all purchases. Goods received notes (GRNs) received should be agreed to orders raised. Invoices received should be matched to orders and GRNs (where applicable) for accuracy and confirmation of receipt of the goods/service. Invoices should be appropriately authorised. Invoices input into the system for payment should be checked for accuracy. BACS payments should be appropriately authorised. The weekly payment projection report (which shows the amount they are due to pay) equals the amount on the purchase ledger control report. of 348


EY 11

Creditor control accounts/purchasing system to general ledger system interfaces should be reconciled with all reconciling items should identified, investigated and resolved on a timely basis. An independent review of the reconciliation should be performed on a timely basis Appropriate segregation of duties and restricted access should be ensured. New Vendor forms should be appropriately authorised prior to a new vendor being set up on the purchasing system. Amendments to standing data (e.g. supplier details) should be appropriately authorised and accurately input on to the system. Tendering procedures should be followed for all purchases above the limit set.

Debtors and accounts receivable

Key Control Invoice requisitions should be appropriately authorised and raised in a timely manner.Invoices raised should be checked to invoice requisition to ensure accuracy and completeness of invoices raised. Receipt of income should be reconciled to the amount banked. Debtor control accounts/receivables system to general ledger system interfaces should be reconciled and all reconciling items should be identified, investigated and resolved on a timely basis. An independent review of the reconciliation should be performed on a timely basis. Appropriate segregation of duties and restricted access should be ensured. Appropriate procedures should be in place for monitoring the recoverability of aged debts. Bad debts should be written off after appropriate authorisation per the financial regulations.

Payroll

Key Control Starter forms should be appropriately completed by the HR department and employee (based on the employment contract) prior to input into the payroll system. Input of details into the payroll system should be checked for accuracy. Leaver forms must be appropriately authorised and accurately input into the payroll system. Amendments to standing data must be authorised by the employee and appropriate manager and accurately input into the payroll system. Payroll control accounts/payroll system to general ledger system interfaces should be reconciled and all reconciling items should be identified, investigated and resolved on a timely basis. An independent review of the reconciliation should be performed on a timely basis. Managers should be asked to verify the completeness and accuracy of employee information on the payroll system on at least a quarterly basis. The Council produce a report of all differences in pay greater than 5% from the previous month. Payroll data file provided by the company providing the payroll service is checked before payroll is processed Monthly reconciliations of payroll to the ledger include the "payroll control Account" reconciliation. Appropriate segregation of duties and restricted access should be ensured.

Property, plant and equipment

Key Control All capital additions should be appropriately authorised in accordance with procedures. All capital disposals should be appropriately authorised in accordance with procedures. The fixed asset register is reconciled to the general ledger on a regular basis. The reconciliation should be signed and dated by the preparer as evidence of completion. An of 348


EY 12

independent review of the reconciliation should be performed and evidenced by the reviewer (signature and date). Restricted access to the fixed asset register should be ensured. Capital expenditure should be monitored and controlled against budget. The budget set should be realistic and based upon appropriate assumptions.

Cash

Key Control The amount of income received on the cash receipting system should be checked to the amount of income recorded as banked from bank statements / reports. A monthly exception / verification report is produced from the cash receipting system which highlights any differences / errors. The amount of cash received in the cash system is automatically posted to the ledger; exception reports / suspense highlight any errors or omissions. The general ledger suspense account should be reviewed on a monthly basis, and any long outstanding items cleared. Bank reconciliations for all bank accounts should be performed on a monthly basis and all reconciling items fully identified, investigated and resolved as necessary. The reconciliation should be signed and dated by the preparer as evidence of completion. An independent review of the reconciliation should be performed and evidenced by the reviewer (signature and date). Appropriate segregation of duties and restricted access should be ensured.

Treasury Management

Key Control All investment / loan decisions, including the identification of investment options, decisions made, whether the investment / loan was approved or not, and the transfer of funds are fully documented, showing independent approval, in line with delegated responsibility. Main financial records are regularly reconciled to the loans and investments register.Loan / investment activity is reconciled to the bank statement and the general ledger. Interest received is reconciled to the general ledger. Confirmation of investment / loan is obtained.

Housing and council tax benefits

Key Control Claimant details are input correctly and the appropriate supporting information obtained. Backdated claims are supported by a backdating form and are subject to authorisation by the backdating officer to ensure this is performed in accordance with the rules. BACS payments should be appropriately authorised. Cheque payments should be appropriately authorised All payments over £750 should be subject to independent review to ensure accuracy of the payment. Visiting officers visit claimants to gain assurance that details are unchanged. This is performed in accordance with the recommended schedule. Overpayments are checked to ensure they have been accurately classified and calculated. Overpayments per the benefits system are reconciled to the debtors system. The recovery of overpayments is monitored and action taken to collect debts. The benefits system is reconciled to the Council Tax and General Ledger systems on at least a monthly basis. Appropriate segregation of duties and restricted access should be ensured. All required updates have been made to the benefits system, arising from any national updates required by DWP, updates required from system provider, any annual parameters required have been input accurately. of 348


EY 13

Council tax (CT)

Key Control The Council ensures the record of properties as per the Council Tax (CT) system reconciles to the list of properties notified to them by the Valuation Office. CT exemptions/discounts are reviewed on a weekly basis to identify exemptions due for review in the next 7 days, exemptions that have no end date and exemptions passed their review date but which have not been reviewed. There is a sample check of all CT processing. The system is set up to produce sample check work processes for management, which go in to an ‘in tray’ and these tasks, are completed on an-going basis. CT precepts per property band are input onto the CT system before the start of the financial year and reviewed for accuracy by a senior officer. A reconciliation of returned Direct Debits’ is performed against the value of reversals on the CT system on a monthly basis. A daily enforcement report is produced showing all adjustments which have resulted in a change in liability; this is independently reviewed and issues resolved. Weekly integrity reports are produced highlighting unusual transactions. These are independently reviewed and issues resolved. CT BACS payments are agreed to system totals and independently authorised. CT refunds are authorised by a senior billing officer. Refunds over £10,000 must have a payment voucher authorised by the Head of Revenues. The Council Tax system is reconciled to the General Ledger and benefits systems on at least a monthly basis. Appropriate segregation of duties and restricted access should be ensured for CT The system has hierarchical password access (i.e. ensure that users access is relevant to their role)m for CT. There is a daily reconciliation of cash receipts / cash postings / reversals against movement on outstanding debt for CT.

National non-domestic rates (NNDR)

The Council ensures the record of properties and their total rateable value as per the National Non-Domestic Rates (NNDR) system reconciles to the list of properties and total rateable value notified to them by the Valuation Office (VO). NNDR exemptions/reliefs are reviewed on a weekly basis to identify exemptions due for review in the next 7 days, exemptions that have no end date and exemptions passed their review date but which have not been reviewed. There is a sample check of all NNDR processing. The NNDR rateable value multiplier is put onto the NNDR system and reviewed for accuracy by a senior officer. A reconciliation of returned Direct Debits’ is performed against the value of reversals on the NNDR system. NNDR refunds are authorised by a senior billing officer. Refunds over £10,000 must be authorised by the Head of Revenues. The NNDR system is reconciled to the General Ledger system on at least a monthly basis. Weekly exception reports are reviewed to highlight any unusual transactions. These are independently reviewed and issues resolved. BACS payments are agreed to system totals and independently authorised. Appropriate segregation of duties and restricted access should be ensured for NNDR The system has hierarchical password access (i.e. ensure that users access is relevant to their role) for NNDR. There is a daily reconciliation of cash receipts / cash postings / reversals against movement on outstanding debt for NNDR.

of 348


EY 14

Budgetary control

Key Control Budgets should be approved prior to the start of the financial year and be based upon appropriate and reasonable assumptions. Budgets should be assigned to appropriate personnel and should be monitored regularly throughout the year. Budgetary information should reconcile to the general ledger.

Housing Rents

Key Control Annual rent calculation parameters have been checked for accuracy and completeness before and after upload to the housing rent system. Reconciliations between the housing rent system and the cash receipting system, general ledger housing benefit system. Rent arrears are subject to appropriate monitoring. Access to the housing rent system is restricted. Car Parking Key Control Ensure car park machines automatically produce reports stating how much money should be in the cash box when removed. Securicor provide returns of car park income collected. This is used to compile a journal to the general ledger recording the amount of income collected. On a monthly basis, the amount of income recorded on the spreadsheet is reconciled to the general ledger Access to the car park system is restricted Planned Maintenance Key Control The amount of expenditure incurred on planned maintenance recorded on the Anite system is periodically reconciled to the amount of expenditure incurred on the general ledger

of 348

Approach to reliance on Internal Audit

EY 15

Appendix D Approach to reliance on Internal Audit

In accordance with International Standards on Auditing (ISA) 610, when EY plan to rely on the work completed by Internal Audit, EY:

► Undertakes an overall assessment of the Internal Audit function to determine if Internal Audit’s work is likely to be adequate for the purposes of EY’s audit. EY evaluate:

► The objectivity of the Internal Audit function

► The technical competence of the Internal Auditors

► Whether the work of the Internal Auditor is carried out with due professional care

► Whether there is effective communication between Internal and External audit.

► Determines the effect of Internal Audit’s work on EY’s procedures. When determining whether, and to what extent, EY uses the work of Internal Audit, EY will consider both the risks associated with the areas being tested and our judgments as to the competence and objectivity of those who have or will perform the work. If EY plan to use the work of Internal Audit, EY will agree in advance with Internal Audit:

► The work that EY plan to use and the timing of such work

► Testing thresholds

► Method of sample selection

► Documentation of the work including retention of working papers

► Review and reporting procedures.

► Evaluate the individual piece of work completed by Internal Audit that EY plans to use and conclude whether it is adequate for EY’s purposes. EY will evaluate whether:

► The work was performed by Internal Auditors having adequate technical training and proficiency

► The work was properly supervised, reviewed and documented

► Adequate audit evidence has been obtained to enable reasonable conclusions to be drawn

► Conclusions reached and reported are appropriate

► Any exceptions or unusual matters disclosed by the internal auditors are properly resolved.

of 348


Ernst & Young LLP

© Ernst & Young LLP. Published in the UK. All rights reserved.

The UK firm Ernst & Young LLP is a limited liability partnership registered in England and Wales with registered number OC300001 and is a member firm of Ernst & Young Global Limited.


ey.com

of 348

Quarter Ended 30th September 2013

Treasury Management Strategy Statement & Annual

Investment Strategy

Mid-Year Review Report 2013/14

of 348

2

Contents

1. Economic Background ................................................................................................ 3

2. Interest Rate Forecast ................................................................................................ 5

3. Annual Investment Strategy ..................................................................................... 10

4. New Borrowing ........................................................................................................ 10

5. Debt Rescheduling .................................................................................................... 11

6. Compliance with Treasury and Prudential Limits ...................................................... 12

7. Other ........................................................................................................................ 12

APPENDIX 1: Prudential and Treasury Indicators as at 30th September 2013 .................. 13

APPENDIX 2: Investment Portfolio .................................................................................. 16

of 348

3

Treasury Management Update

Quarter Ended 30th September 2013

The CIPFA (Chartered Institute of Public Finance and Accountancy) Code of Practice for Treasury Management recommends that members be updated on treasury management activities regularly (TMSS, annual and midyear reports). This report therefore ensures this Council is implementing best practice in accordance with the Code.

1. Economic Background

The quarter ended 30 September saw:

- Indicators suggested that the economic recovery accelerated;

- Household spending growth remained robust;

- Inflation fell back towards the 2% target;

- The Bank of England introduced state‐contingent forward guidance;

- 10‐year gilt yields rose to 3% at their peak and the FTSE 100 fell slightly to 6460;

- The Federal Reserve decided to maintain the monthly rate of its asset purchases.

After strong growth of 0.7% in Q2, it appears that UK GDP is likely to have grown at an even

faster pace in Q3. On the basis of past form, the CIPS/Markit business surveys for July and August

point to quarterly growth of potentially over 1.0% in the third quarter of 2013. Similarly, the

official data have continued to improve. Admittedly, industrial production was flat in July. But

even if it held steady in the rest of the quarter, it would still be 0.9% higher in Q3 than in Q2. In

addition, the service sector expanded by 0.2% m/m and the construction sector grew by 2.2%

m/m in July after growth of 1.8% q/q in Q2.

Consumer spending also continued to rise and may beat the increase seen in Q2. While the 1.1%

monthly rise in retail sales in July was almost entirely offset by a 0.9% fall in August, the

unusually warm weather in August is likely to have had a part to play in this. The retail surveys

also painted a positive picture for household spending growth, with the Bank of England’s

Agents’ Scores, BRC and CBI retail sales indicators showing stronger growth in Q3. And while

growth in non‐high street spending may have slowed, it probably remained robust. For example,

although annual growth in new car registrations eased from the 24% rate seen in Q2, it was still a

strong 15% in August.

The run of good news on the labour market continued, with the Internal Labour Organisation

(ILO) unemployment rate falling to 7.7% in July from 7.8% in June. Employment rose by 80,000 in

the three months to July, supported by an even bigger rise in full‐time employment. This meant

that the ratio of full‐time to part‐time workers continued to rise after it troughed last summer.

The timelier claimant count measure of the unemployment rate also fell. Indeed, the cumulative

fall in unemployment of 68,900 in July and August – the biggest two month fall since May and of 348

4

June 1997 – brought the claimant count unemployment rate down from 4.4% at the end of Q2 to

4.2% in August. Despite this, the headline (3 month average of the annual) rate of pay growth fell

from 2.2% in June to just 1.1% in July. Excluding bonuses, earnings growth ticked up slightly to

1.1% y/y, but this remained well below the rate of CPI inflation at 2.7% in August, meaning real

wages continued to fall.

Meanwhile, the cost of new credit has continued to fall, perhaps in response to the extension of

the Bank of England’s Funding for Lending Scheme (FLS) earlier this year. The quoted interest

rate on a 5‐year fixed mortgage at a 75% loan‐to‐value ratio was 3.34% in August, 7 basis points

lower than in June and 77 basis points lower than when the FLS was introduced in July 2012.

Demand in the housing market continued to grow at a fast pace, supported by the FLS and the

Government’s Help to Buy scheme, which provide equity loans to credit‐constrained borrowers.

The Royal Institution of Chartered Surveyors (RICS) housing market survey reported that new

buyer enquiries hit their highest level on record in August. Mortgage approvals for new house

purchase rose to their highest level since February 2008 in August. Consequently, house prices

continued to rise, with the Halifax and Nationwide measures recording 6.2% and 3.5% y/y rises in

August, respectively. Office for National Statistics (ONS) data, though, shows that in real terms

only London experienced year‐on‐year price rises in July. All other regions saw modest falls.

The economic recovery may finally be feeding through to the public finances. Although the

government registered a surprise deficit in July (a month that normally delivers a surplus), in

August net borrowing was ‘just’ £13.2bn, compared to £14.4bn in August 2012.

The new Governor of the Bank of England, Mark Carney, took office in July. Alongside the August

Quarterly Inflation Report, the Bank introduced its new policy of forward guidance in which the

Monetary Policy Committee (MPC) pledged not to raise official interest rates, or reduce the size

of the asset purchase facility, until the ILO unemployment rate falls to 7%. At this point, the MPC

would discuss whether or not to alter official policy. This guidance was subject to three

‘knockouts’ which, if breached, would invalidate the guidance. These are that the MPC forecasts

inflation at or above 2.5% in 18‐24 months’ time, inflation expectations are no longer sufficiently

well anchored or financial stability is threatened by the stance of monetary policy. On the MPC’s

current forecasts, the unemployment rate is most likely to reach 7% in late 2016.

However, financial markets continued to price in increases in Bank Rate by mid‐2015, with

overnight index swap rates and gilt yields rising after the announcement of forward guidance.

Members of the MPC subsequently appeared at the Treasury Select Committee and three gave

further speeches to clarify the guidance, but there was little market impact. However, the Bank

of England’s surveys suggest the message may have got through to the public as the balance of

people expecting interest rates to rise over the next 12 months fell from 29% in May to 24% in

August.

Meanwhile, CPI inflation fell from a 2013 peak of 2.9% in June to 2.7% in August. The fall was

primarily the result of a drop in the contribution from petrol prices and a reduction in core

inflation from 2.3% in June to 2% in August. CPI inflation looks likely to have edged down again in

of 348

5

September, perhaps to about 2.5%, reflecting a further fading of both energy prices and core

inflation.

The big news in financial markets was that the Federal Reserve unexpectedly decided not to

taper its asset purchases in September. In announcing its decision to maintain monthly purchases

at $85bn, the Fed explained that it wanted to “await more evidence that [the economic recovery]

will be sustained before adjusting the pace of its purchases.” This came despite previous hints of

tapering from the Fed and the fall in the unemployment rate in both July and August. It currently

stands at 7.3%.

Across the quarter as a whole, advanced economy bond markets sold off, suggesting the rise in

UK gilt yields was not solely down to markets’ scepticism about domestic forward guidance. Gilt

yields tracked US Treasury yields up, with ten‐year gilts rising by around 60 basis points to reach

3% in early September for the first time since mid‐2011. After the Fed’s decision not to taper, gilt

yields fell back, although not enough to offset the previous rise. Ten‐year gilts finished the

quarter at 2.7%. Equity markets stayed relatively flat over the quarter. While the FTSE 100 rose

from 6470 to 6620 over the first few weeks of June, the index closed the quarter at 6462.

Meanwhile, Eurozone business surveys suggested that the economy continued to expand in Q3,

albeit at a moderate pace. There was also a general election in Germany in which the incumbent

Chancellor, Angela Merkel, performed better than expected by winning 41.5% of the vote. She is

now likely to form a coalition, but it remains to be seen what form this will take.

2. Interest Rate Forecast

The Council’s treasury advisor, Capita Asset Services, has provided the following forecast:

Dec-13 Mar-14 Jun-14 Sep-14 Dec-14 Mar-15 Jun-15

Bank rate 0.50% 0.50% 0.50% 0.50% 0.50% 0.50% 0.50%

5yr PWLB rate 2.50% 2.50% 2.60% 2.70% 2.70% 2.80% 2.80%

10yr PWLB rate 3.70% 3.70% 3.70% 3.80% 3.80% 3.90% 4.00%

25yr PWLB rate 4.40% 4.40% 4.40% 4.50% 4.50% 4.60% 4.70%

50yr PWLB rate 4.40% 4.40% 4.40% 4.50% 4.60% 4.70% 4.80%

Capita Asset Services undertook a review of its interest rate forecasts in late September as a result of

an increase in confidence in economic recovery, chiefly in the US, but more recently, also in the UK

and Eurozone. The latest forecast now includes a first increase in Bank Rate in quarter 3 of 2016

(previously quarter 4). of 348

6

SUMMARY OUTLOOK

UK economy

After the previous Inflation Report included a somewhat encouraging shift towards optimism in

terms of a marginal upgrading of growth forecasts, the August Inflation Report occurred in the midst

of a welter of economic statistics which have left economists and forecasters speechless in terms of

finding suitable words to describe a major simultaneous shift up in gear of the economy in all of the

three sectors of services, manufacturing / industrial AND construction! It is therefore not surprising

that the Report upgraded growth forecasts for 2013 from 1.2% to 1.4% and for 2014 from 1.7% to

2.5%. However, Bank Governor Mark Carney put this into perspective by describing this welcome

increase as not yet being “escape velocity” to ensure we return to strong AND sustainable growth,

after what has been the weakest recovery on record after a recession. So very encouraging ‐ yes, but,

still a long way to go! As for inflation, it was forecast to be little changed from the previous Report –

falling back to 2% within two years and staying there during year three.

In addition to the stimulus provided by Quantitative Easing (QE), the Funding for Lending Scheme

(FLS), is aimed at encouraging banks to expand lending to small and medium size enterprises. The

FLS certainly seems to be having a positive effect in terms of encouraging house purchases (though

levels are still far below the pre‐crisis level), and causing a significant increase in house prices – but

only in London and the south east. FLS is also due to be bolstered by the second phase of Help to

Buy aimed to support purchasing of second hand properties, which is now due to start in October.

Forward guidance caveats

The Bank of England also issued forward guidance with the Inflation Report which said that the Bank

will not start to consider raising interest rates until the jobless rate (Labour Force Survey / ILO i.e. not

the claimant count measure) has fallen to 7% or below. This would require the creation of about

750,000 jobs and was forecast to take three years. The UK unemployment rate currently stands at

2.5 million i.e. 7.7 % on the LFS / ILO measure. The Bank's guidance is subject to three provisos,

mainly around inflation; breaching any of them would sever the link between interest rates and

unemployment levels. This actually makes forecasting Bank Rate much more complex given the lack

of available reliable forecasts by economists over a three year plus horizon. The Capita Asset Services

view is that the recession since 2007 was notable for how unemployment did NOT rise to the levels

that would normally be expected in a major recession. The latest Inflation Report noted that

productivity has sunk to 2005 levels. We are, therefore, concerned that there has been a significant

level of retention of labour, which will mean that a significant amount of GDP growth can be

accommodated without a major reduction in unemployment.

In summary, our current views are centred around the following: ‐

UK

Growth has been on an upward trend – 0.3% in Q1; 0.7% in Q2 and likely to be much stronger in Q3. The so called double dip recession at the beginning of 2012 was erased by the latest revision of statistics.

Business surveys, consumer confidence, consumer borrowing and house prices are all on the up and may help to create a wide spread feel good factor. However, this is still a long way away from the UK getting back to sustainable strong growth.

of 348

7

A fair proportion of UK GDP is dependent on overseas trade; the high correlation of UK growth to US and EU GDP growth means that the UK economy is still vulnerable to what happens in overseas markets.

Consumer expenditure is likely to remain suppressed by inflation being higher than increases in average earnings i.e. disposable income will continue to be eroded.

The coalition government is hampered in promoting growth by the need to tackle the budget deficit. However, the March Budget did contain measures to boost house building and the supply of mortgages, and brought forward, by one year to April 2014, the start of a £10,000 tax free allowance for incomes.

There is little sign of a co‐ordinated strategy for the private sector to finance a major expansion of infrastructure investment to boost UK growth.

Government inspired measures to increase the supply of credit to small and medium enterprises (which are key to achieving stronger growth) by banks are not succeeding.

Gilt yields remain vulnerable to pressures to rise, especially as they are powerfully influenced by US treasury yields and American investors have been spooked by Chairman Bernanke’s comments on tapering QE. The Fed’s reluctance to start tapering in September has, potentially, only delayed a trend for gilt yields to rise.

Eurozone

Most Eurozone countries are now starting to see a return to growth after a prolonged recession.

The prospects for growth, at least in the short term, have also improved. However, for some

countries, austerity programmes could prove to be a self defeating spiral of falling demand, tax

receipts, and GDP, leading to a rise, not fall, in debt to GDP ratios. Debt ratios in excess of 90%

will cause market concern as beyond this level, the costs of servicing such debt becomes

oppressive and growth inhibiting. This could, therefore, lead to an inevitable end game in the

over the next few years of withdrawal from the Eurozone bloc in order to regain national control

of a currency, government debt, monetary policy and, therefore, of setting national interest

rates. The ECB’s pledge to provide unlimited bond buying support for countries that request an

official bailout means that market anxiety about these countries is likely to be subdued in the

near term. However, the poor economic fundamentals and outlook for some economies could

well mean that an eventual storm in financial markets has only been delayed, not cancelled.

The ECB maintained its central policy rate at 0.5% in this quarter.

Greece: after the agreement to a further major financial support package amounting to nearly

€50bn in December 2012, it now looks almost certain that the country will need another, smaller,

bailout package as progress has not been quick enough in rectifying the national finances.

Spain: there is also increasing concern over the Spanish economy; the social cost and pain of a

very high level of unemployment of 27%, similar to the level in Greece, could mean that both

countries are approaching the limit of operating austerity programmes within democratic

systems. Spain has, to date, resisted asking for an official national bailout, although it has

received financial support to recapitalise its four largest banks.

Italy: the general election created a highly unstable political situation where the two dominant

parties initially formed an unlikely coalition due to the blocking power of the new upstart Five

Star anti‐austerity party which has 25% of seats and has refused to enter a coalition agreement

with ANY party. There could therefore be volatility in Spanish and Italian bond yields over the

next year, depending on political and economic developments.

of 348

8

Germany: the general election in September returned Angela Merkel’s party to power, but not

with an overall majority. It will have to form a coalition, but with a new makeup, as the previous

junior party was wiped out.

Cyprus: the fallout from the bail out in March 2013 has done huge damage to the Cypriot

economy and many commentators consider it is only a matter of time before another bailout will

be needed – or exit from the Euro.

The Eurozone remains particularly vulnerable to investor fears of contagion if one country gets

into major difficulty.

US

There has been a marked improvement in consumer, investor and business confidence this year.

Unemployment has continued on a steady, but unspectacular decline to 7.3%, but is still a long way from the target rate of 6.5% for an increase in the Fed policy rate.

The housing market has turned a corner, both in terms of rising prices and in increases in the volume of house sales. More householders are, therefore, escaping from negative equity.

US equities have reached all time highs.

The package of tax increases and cuts in Government expenditure starting in 2013 does not appear to be having a major impact on depressing growth.

GDP in Q1 was disappointingly downgraded from +2.4% to a sub par +1.8% before rising to 2.5% in Q2.

The shale gas revolution is providing some solid underpinning to the US economy by enhancing its international competitiveness through cheap costs of fuel.

There has been a start to the repatriation of manufacturing production from China to the USA as Chinese labour costs have continued their inexorable rise and new forms of high tech production have made home based production more viable and flexible.

China

Concerns that Chinese growth could be heading downwards have been allayed by recent stronger statistics. There are still concerns around an unbalanced economy which is heavily dependent on new investment expenditure, and for a potential bubble in the property sector to burst, as it did in Japan in the 1990s, with its consequent impact on the financial health of the banking sector.

There are also increasing concerns around the potential size, and dubious creditworthiness, of some bank lending to local government organisations and major corporates. This primarily occurred during the government promoted expansion of credit, which was aimed at protecting the overall rate of growth in the economy after the Lehmans crisis.

Japan

The initial euphoria generated by “Abenomics”, the huge QE operation instituted by the Japanese government to buy Japanese debt, has tempered as the follow through of measures to reform the financial system and introduce other economic reforms, appears to have stalled.

Our forward view

Economic forecasting remains difficult with so many external influences weighing on the UK. Major

volatility in bond yields is likely during the remainder of 2013/14 as investor fears and confidence

ebb and flow between favouring more risky assets i.e. equities, and safer bonds. of 348

9

Near‐term, there is some residual risk of further QE ‐ if there is a dip in strong growth or if the MPC

takes action to do more QE in order to reverse the rapid increase in market rates, especially in gilt

yields and interest rates up to 10 years. This could cause shorter‐dated gilt yields and PWLB rates

over the next year or two to significantly undershoot the forecasts in the table below. The failure in

the US, (at the time of writing), over passing a Federal budget for the new financial year starting on 1

October, and the expected tension over raising the debt ceiling in mid October, could also see bond

yields temporarily dip until any binding agreement is reached between the opposing Republican and

Democrat sides. Conversely, the eventual start of tapering by the Fed could cause bond yields to rise.

The longer run trend is for gilt yields and PWLB rates to rise, due to the high volume of gilt issuance

in the UK, and of bond issuance in other major western countries. Increasing investor confidence in

economic recovery is also likely to compound this effect as a continuation of recovery will further

encourage investors to switch back from bonds to equities.

The overall balance of risks to economic recovery in the UK is currently weighted to the upside after

five months of robust good news on the economy. However, only time will tell just how long this

period of strong economic growth will last; it also remains exposed to vulnerabilities in a number of

key areas.

Downside risks currently include:

The conflict in the UK between market expectations of how quickly unemployment will fall as opposed to the Bank of England’s forecasts

Prolonged political disagreement over the US Federal Budget and raising the debt ceiling A return to weak economic growth in the US, UK and China causing major disappointment to

investor and market expectations. The potential for a significant increase in negative reactions of populaces in Eurozone countries

against austerity programmes, especially in countries with very high unemployment rates e.g. Greece and Spain, which face huge challenges in engineering economic growth to correct their budget deficits on a sustainable basis.

The Italian political situation is frail and unstable. Problems in other Eurozone heavily indebted countries (e.g. Cyprus and Portugal) which could

also generate safe haven flows into UK gilts. Monetary policy action failing to stimulate sustainable growth in western economies, especially

the Eurozone and Japan. Weak growth or recession in the UK’s main trading partners ‐ the EU and US, depressing

economic recovery in the UK. Geopolitical risks e.g. Syria, Iran, North Korea, which could trigger safe haven flows back into

bonds

The potential for upside risks to UK gilt yields and PWLB rates, especially for longer term PWLB rates

include: ‐

A sharp upturn in investor confidence that sustainable robust world economic growth is firmly expected, causing a surge in the flow of funds out of bonds into equities.

A reversal of Sterling’s safe‐haven status on a sustainable improvement in financial stresses in the Eurozone.

Further downgrading by credit rating agencies of the creditworthiness and credit rating of UK Government debt, consequent upon repeated failure to achieve fiscal correction targets and

of 348

10

sustained recovery of economic growth which could result in the ratio of total government debt to GDP to rise to levels that undermine investor confidence in the UK and UK debt.

UK inflation being significantly higher than in the wider EU and US, causing an increase in the inflation premium inherent to gilt yields.

In the longer term – an earlier than currently expected reversal of QE in the UK; this could initially be implemented by allowing gilts held by the Bank to mature without reinvesting in new purchases, followed later by outright sale of gilts currently held.

3. Annual Investment Strategy

The Treasury Management Strategy Statement (TMSS) for 2013/14, which includes the Annual

Investment Strategy, was approved by the Council on 26th February 2013. It sets out the Council’s

investment priorities as being:

Security of capital;

Liquidity; and

Yield

The Council will also aim to achieve the optimum return (yield) on investments commensurate with

proper levels of security and liquidity. In the current economic climate it is considered appropriate to

keep investments short term to cover cash flow needs, but also to seek out value available in higher

rates in periods up to 12 months, with highly credit rated financial institutions, using our suggested

creditworthiness approach, including sovereign credit rating and Credit Default Swap (CDS) overlay

information provided by Capita Asset Services.

A full list of investments held as at 30th September 2013 is attached at Appendix 2.

4. New Borrowing

No new borrowing was undertaken during the first half of the year.

PWLB certainty rates, quarter ended 30th September 2013

1 Year 5 Year 10 Year 25 Year 50 Year

Low 0.98% 1.95% 3.17% 4.19% 4.27%

Date 18/07/2013 18/07/2013 18/07/2013 18/07/2013 18/07/2013

High 1.17% 2.6% 3.79% 4.48% 4.51%

Date 18/09/2013 11/09/2013 11/09/2013 11/09/2013 11/09/2013

Average 1.07% 2.27% 3.47% 4.32% 4.37% of 348

11

0.50%

1.00%

1.50%

2.00%

2.50%

3.00%

3.50%

4.00%

4.50%

5.00%

1 Year 5 Year 10 Year 25 Year 50 Year 25 Year Target

To minimise investment risk, the Council has reduced the overall debt liability by repaying £3m of

external debt. However, this policy will require ongoing monitoring in light of economic conditions

prevailing at the time.

Borrowing in advance of need

This Council has not borrowed in advance of need during the half year ended 30th September 2013

and has no intention to borrow in advance in 2013/14.

5. Debt Rescheduling

Debt rescheduling opportunities have been limited in the current economic climate and following the

increase in the margin added to gilt yields which has impacted PWLB new borrowing rates since

October 2010. No debt rescheduling was undertaken during the first half of the year.

of 348

12

6. Compliance with Treasury and Prudential Limits

It is a statutory duty for the Council to determine and keep under review the affordable borrowing

limits. The Council’s approved Treasury and Prudential Indicators (affordability limits) are included in

the approved TMSS.

During the financial year to date the Council has operated within the treasury and prudential

indicators set out in the Council’s Treasury Management Strategy Statement and in compliance with

the Council's Treasury Management Practices. The prudential and treasury Indicators are shown in

appendix 1.

7. Other

This authority previously invested the sum of £2m in Heritable Icelandic Bank which has been frozen.

The Icelandic Government has stated its intention to honour all its commitments as a result of their banks

being placed into receivership. The U.K. Government is working with the Icelandic Government to help

bring this about. At the current time, the process of recovering assets is still ongoing with the

administrators. The Local Government Association is co‐ordinating the efforts of all UK authorities with

Icelandic investments. Members will be periodically updated on the latest developments on these efforts.

At the end of September 2013, the Council had received a total of £1.899m of its £2m deposit from

Heritable which leaves an outstanding balance of £101k.

of 348

13

APPENDIX 1: Prudential and Treasury Indicators as at

30th September 2013

Treasury Indicators 2013/14 Budget

£’000

Revised Estimateat 30/09/13

£’000

Authorised limit for external debt 119,000 116,000

Operational boundary for external debt 112,000 111,000

Gross external debt 90,442 92,806

Investments 0 0*

Net borrowing 90,442 92,806

*Short term borrowing anticipated for cash flow purposes

Maturity structure of fixed rate borrowing ‐lower and upper limits

Under 12 months 0 – 20% 0 – 20%

12 months to 2 years 0 – 40% 0 – 40%

2 years to 5 years 0 – 60% 0 – 60%

5 years to 10 years 0 – 80% 0 – 80%

10 years to 20 years 0 – 100% 0 – 100%

20 years to 30 years 0 – 100% 0 – 100%

30 years to 40 years 0 – 100% 0 – 100%

40 years to 50 years 0 – 100% 0 – 100%

Upper limit of fixed interest rates based on net debt 100% 100%

Upper limit of variable interest rates based on net debt

100% 100%

Upper limit for principal sums invested for over 364 days

0 0

of 348

14

Prudential Indicators 2013/14 Budget

£’000

Revised Estimateat 30/09/13

£’000

Capital expenditure ‐ HRA Capital expenditure – Non HRA

9,410 5,681

9,531 12,850

Capital Financing Requirement (CFR) – HRA Capital Financing Requirement (CFR) – Non HRA

81,844 34,507

77,551 30,578

Annual change in CFR – HRA Annual change in CFR – Non HRA

2,045 720

0 (681)*

In year borrowing requirement – HRA In year borrowing requirement – Non HRA

2,045 1,815

0 458

Ratio of financing costs to net revenue stream – HRARatio of financing costs to net revenue stream – Non HRA

12.51% 11.67%

12.41% 11.81%

* For 2013‐14 it is now expected that the CFR will decrease as the Minimum Revenue Provision will exceed the expected borrowing for the year

Incremental impact of capital investment decisions:‐

a) Increase in council tax (band change) per annum. £6.64 £3.24*

b) Increase in average housing rent per week. £4.29 £14.84**

* General Fund Borrowing expected for 2013‐14 is now considerably lower than that predicted for the original budget. The predicted impact on revenue has therefore also decreased and this has, in turn, reduced this indicator.

** Following Housing Reform, the HRA now makes a large Revenue contribution to the Housing Capital Programme, whereas previously the programme would have been financed mainly by the Major Repairs Allowance. This increased impact on revenue is taken into account in the calculation of this indicator, hence the large increase between the original & the revised figures.

The table below summarises the overall increase in Non HRA capital expenditure of £7.169m:

of 348

15

£m

Budgets previously approved but rolled over from 2012‐13 as a result of programme slippage

3.185

Projects not originally budgeted for, but funded from external sources e.g. Refuse Vehicle funded by grant, playground renewals financed from S106 funds

1.664

Reductions to budgets which are no longer required – e.g. Car Park resurfacing expected to be under budget, Beacon Park Infrastructure costs now incorporated into main project etc

(2.449)

Beacon Park Phases 1‐4 – Project approved in year (further costs in 2014‐15) 2.320

Marina Centre – Project approved in year (further costs in 2014‐15 & 2015‐16) 1.361

Beacon Park – Phases 5‐8. Project included in revised budget following grant application

1.320

Empty Homes – Project approved via report 0.250

Vauxhall Bridge addition to Budget 0.208

Hopton Sea Defences – Project approved in year 0.200

Improvement Works at Churchill Road Depot – not originally budgeted for 0.116

Other small increases/overspends 0.133

Roll over of budgets into 2014‐15 due to programme slippage (1.139)

Overall Increase £7.169

The table below details the decrease of £1.357m for Non HRA borrowing need:

£m

Borrowing programmed in for 2013‐14 in the original budget, now to be financed from capital receipts

(1.815)

Borrowing relating to the St Georges Project‐ rolled over from 2012‐13 458

Overall Increase £1.357

of 348

16

APPENDIX 2: Investment Portfolio

Investments held as at 30th September 2013 compared to our counterparty list:

LONG TERM INVESTMENTS

COMPANY CURRENT

INVESTMENT

£

FROM

DATE

END

DATE

RATE

%

Royal Bank of Scotland 2,000,000 On Call 0.90

IGNIS (Money Market Fund) 655,000 On Call 0.43

Lloyds TSB 2,000,000 16/10/12 15/10/13 2.25

Bank of Scotland 2,000,000 16/10/12 15/10/13 2.25

6,655,000

of 348

GREAT YARMOUTH BOROUGH COUNCIL

Treasury Management Strategy Statement

Minimum Revenue Provision Policy Statement and Annual Investment Strategy

2014/15

of 348

2

INDEX 1 INTRODUCTION ......................................................................................................................... 3

1.1 Background ................................................................................................................................................... 3

1.2 Reporting requirements ................................................................................................................................ 3

1.3 Treasury Management Strategy for 2014/15 .............................................................................................. 4

1.4 Training .......................................................................................................................................................... 4 1.5 Treasury management consultants ............................................................................................................. 4

2 THE CAPITAL PRUDENTIAL INDICATORS 2014/15 – 2016/17 ............................................ 4

2.1 Capital expenditure ....................................................................................................................................... 5

2.2 The Council’s borrowing need (the Capital Financing Requirement) ....................................................... 5

2.3 Minimum revenue provision (MRP) policy statement ................................................................................ 6

2.4 Core funds and expected investment balances ......................................................................................... 7 2.5 Affordability prudential indicators ................................................................................................................. 7

2.6 Ratio of financing costs to net revenue stream........................................................................................... 7 2.7 Incremental impact of capital investment decisions on council tax. .......................................................... 7

2.8 Estimates of the incremental impact of capital investment decisions on housing rent levels. ................ 8

2.9 HRA ratios ..................................................................................................................................................... 8

3 Borrowing ................................................................................................................................... 8

3.1 Current portfolio position ............................................................................................................................... 9 3.2 Treasury Indicators: limits to borrowing activity .......................................................................................... 9 3.3 Prospects for interest rates......................................................................................................................... 11

3.4 Borrowing strategy ...................................................................................................................................... 12

3.5 Policy on borrowing in advance of need ................................................................................................... 13

3.6 Debt rescheduling ....................................................................................................................................... 13

4 ANNUAL INVESTMENT STRATEGY ..................................................................................... 15

4.1 Investment policy ........................................................................................................................................ 15

4.2 Creditworthiness policy ............................................................................................................................... 15 4.3 Country limits ............................................................................................................................................... 18

4.4 Investment strategy ..................................................................................................................................... 18

4.5 Icelandic bank investments ........................................................................................................................ 19

4.6 Investment risk benchmarking ................................................................................................................... 19 4.7 End of year investment report .................................................................................................................... 19

5 Appendices .............................................................................................................................. 20

5.1 Economic Background ............................................................................................................................... 21

5.2 Treasury Management Practice (TMP1) – Credit and Counterparty Risk Management ……………26

5.3 Approved countries for investments .......................................................................................................... 28

5.4 Treasury management scheme of delegation .......................................................................................... 29 5.5 The treasury management role of the section 151 officer ....................................................................... 30

5.6 Capital Programme – Revised 2013-14 & Forward 2014-15, 2015-16 & 2016-17 ............................... 31

of 348

3

1 INTRODUCTION

1.1 Background

The Council is required to operate a balanced budget, which broadly means that cash raised during the year will meet cash expenditure. Part of the treasury management operation is to ensure that this cash flow is adequately planned, with cash being available when it is needed. Surplus monies are invested in low risk counterparties or instruments commensurate with the Council’s low risk appetite, providing adequate liquidity initially before considering investment return. The second main function of the treasury management service is the funding of the Council’s capital plans. These capital plans provide a guide to the borrowing need of the Council, essentially the longer term cash flow planning to ensure that the Council can meet its capital spending obligations. This management of longer term cash may involve arranging long or short term loans, or using longer term cash flow surpluses. On occasion any debt previously drawn may be restructured to meet Council risk or cost objectives. CIPFA defines treasury management as:

“The management of the local authority’s investments and cash flows, its banking, money market and capital market transactions; the effective control of the risks associated with those activities; and the pursuit of optimum performance consistent with those risks.”

1.2 Reporting requirements

The Council is required to receive and approve, as a minimum, three main reports each year, which incorporate a variety of policies, estimates and actuals. Prudential and treasury indicators and treasury strategy (this report) - The first, and most important report covers:

the capital plans (including prudential indicators); a minimum revenue provision (MRP) policy (how residual capital expenditure is

charged to revenue over time); the treasury management strategy (how the investments and borrowings are to be

organised) including treasury indicators; and an investment strategy (the parameters on how investments are to be managed).

A mid year treasury management report – This will update members with the progress of the capital position, amending prudential indicators as necessary, and whether the treasury strategy is meeting the strategy or whether any policies require revision. An annual treasury report – This provides details of a selection of actual prudential and treasury indicators and actual treasury operations compared to the estimates within the strategy. Scrutiny The above reports are required to be adequately scrutinised before being recommended to the Council. This role is undertaken by the Audit & Risk Committee.

of 348

4

1.3 Treasury Management Strategy for 2014/15

The strategy for 2014/15 covers two main areas: Capital issues

the capital plans and the prudential indicators; the minimum revenue provision (MRP) policy.

Treasury management issues the current treasury position; treasury indicators which limit the treasury risk and activities of the Council; prospects for interest rates; the borrowing strategy; policy on borrowing in advance of need; debt rescheduling; the investment strategy; creditworthiness policy; and policy on use of external service providers.

These elements cover the requirements of the Local Government Act 2003, the CIPFA Prudential Code, CLG MRP Guidance, the CIPFA Treasury Management Code and CLG Investment Guidance.

1.4 Training

The CIPFA Code requires the responsible officer to ensure that members with responsibility for treasury management receive adequate training in treasury management. This especially applies to members responsible for scrutiny, and further training will be arranged as required. Members will receive training on 18 February 2014 prior to Council and last received training in March 2013. The training needs of treasury management officers are periodically reviewed.

1.5 Treasury management consultants

The Council uses Capita Asset Services, Treasury solutions as its external treasury management advisors. The Council recognises that responsibility for treasury management decisions remains with the organisation at all times and will ensure that undue reliance is not placed upon our external service providers. It also recognises that there is value in employing external providers of treasury management services in order to acquire access to specialist skills and resources. The Council will ensure that the terms of their appointment and the methods by which their value will be assessed are properly agreed and documented, and subjected to regular review.

2 THE CAPITAL PRUDENTIAL INDICATORS 2014/15 – 2016/17

of 348

5

The Council’s capital expenditure plans are the key driver of treasury management activity. The output of the capital expenditure plans is reflected in the prudential indicators, which are designed to assist members’ overview and confirm capital expenditure plans.

2.1 Capital expenditure

This prudential indicator is a summary of the Council’s capital expenditure plans, both those agreed previously, and those forming part of this budget cycle. Members are asked to approve the capital expenditure forecasts:

Capital expenditure

£m 2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Housing & Neighbourhoods

1.387 3.712 4.117 2.900 0.875

Customer Services 1.286 1.544 0.565 0.120 0.120 Resources, Governance & Growth

3.844 7.594 23.815 0 0

Non-HRA 6.517 12.850 28.497 3.020 0.995 HRA 6.812 9.531 11.470 11.341 11.101Total 13.329 22.381 39.967 14.361 12.096

The above financing need excludes other long term liabilities, such as leasing arrangements which already include borrowing instruments.

The table below summarises the above capital expenditure plans and how these plans are being financed by capital or revenue resources. Any shortfall of resources results in a funding borrowing need

Capital expenditure £m

2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Non-HRA 6.517 12.850 28.497 3.020 0.995 HRA 6.812 9.531 11.470 11.341 11.101 Total 13.329 22.381 39.967 14.361 12.096 Financed by: Capital receipts 0.915 9.810 18.864 0.660 0.690 Capital grants 3.834 4.682 7.758 0.657 0.470 Major Repairs Allowance

3.036 2.842 2.926 2.926 2.926

Revenue 2.891 4.589 6.954 4.865 5.000 Net financing need for the year

2.653 0.458 3.465 5.253 3.010

2.2 The Council’s borrowing need (the Capital Financing Requirement)

The second prudential indicator is the Council’s Capital Financing Requirement (CFR). The CFR is simply the total historic outstanding capital expenditure which has not yet been paid for from either revenue or capital resources. It is essentially a measure of the Council’s underlying borrowing need. Any capital expenditure above, which has not immediately been paid for, will increase the CFR.

The CFR does not increase indefinitely, as the minimum revenue provision (MRP) is a statutory annual revenue charge which broadly reduces the borrowing need in line with each assets life.

of 348

6

The CFR includes any other long term liabilities (e.g. finance leases). Whilst these increase the CFR, and therefore the Council’s borrowing requirement, these types of scheme include a borrowing facility and so the Council is not required to separately borrow for these schemes. The Council currently has £1.2m of such schemes within the CFR.

The Council is asked to approve the CFR projections below:

£m 2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Capital Financing Requirement CFR – non housing 31.259 30.578 32.875 34.015 33.215 CFR – housing 77.552 77.552 77.552 80.442 82.926

Total CFR 108.811 108.130 110.427 114.457

116.141

Movement in CFR 1.565 -0.681 2.297 4.030 1.684 Movement in CFR represented by Net financing need for the year (above)

2.653 0.458 3.465 5.253 3.010

Less MRP/VRP and other financing movements

1.089 1.139 1.168 1.223 1.326

Movement in CFR 1.565 -0.681 2.297 4.030 1.684

2.3 Minimum revenue provision (MRP) policy statement

The Council is required to pay off an element of the accumulated General Fund capital spend each year (the CFR) through a revenue charge (the minimum revenue provision - MRP), although it is also allowed to undertake additional voluntary payments if required (voluntary revenue provision - VRP).

CLG regulations have been issued which require the full Council to approve an MRP Statement in advance of each year. A variety of options are provided to councils, so long as there is a prudent provision. The Council is recommended to approve the following MRP Statement:

For capital expenditure incurred before 1 April 2008 or which in the future will be Supported Capital Expenditure, the MRP policy will be:

Existing practice - MRP will follow the existing practice outlined in former CLG regulations (option 1);

These options provide for an approximate 4% reduction in the borrowing need (CFR) each year.

From 1 April 2008 for all unsupported borrowing (including finance leases) the MRP policy will be:

Asset life method – MRP will be based on the estimated life of the assets, in accordance with the regulations (this option must be applied for any expenditure capitalised under a Capitalisation Direction) (option 3);

These options provide for a reduction in the borrowing need over approximately the asset’s life.

of 348

7

There is no requirement on the HRA to make a minimum revenue provision but there is a requirement for a charge for depreciation to be made (although there are transitional arrangements in place).

Repayments included in annual finance leases are applied as MRP.

2.4 Core funds and expected investment balances

The application of resources (capital receipts, reserves etc.) to either finance capital expenditure or other budget decisions to support the revenue budget will have an ongoing impact on investments unless resources are supplemented each year from new sources (asset sales etc.). Detailed below are estimates of the year end balances for each resource and anticipated day to day cash flow balances.

Year End Resources £m

2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Fund balances / reserves

16.079 15.301 11.030 7.995 3.249

Capital receipts 1.085 0 0 0 0 Provisions 1.269 0 0 0 0 Total core funds 18.433 15.301 11.030 7.995 3.249 Working capital* 0.023 0.023 0.023 0.023 0.023 Balance 18.456 15.324 11.053 8.018 3.272 Expected investments (4.000) 0 0 0 0 Under/(over) borrowing

14.456 15.324 11.053 8.018 3.272

*Working capital balances shown are estimated year end; these may be higher mid year

2.5 Affordability prudential indicators

The previous sections cover the overall capital and control of borrowing prudential indicators, but within this framework prudential indicators are required to assess the affordability of the capital investment plans. These provide an indication of the impact of the capital investment plans on the Council’s overall finances. The Council is asked to approve the following indicators:

2.6 Ratio of financing costs to net revenue stream

This indicator identifies the trend in the cost of capital (borrowing and other long term obligation costs net of investment income) against the net revenue stream.

% 2013/14

Estimate 2014/15

Estimate 2015/16

Estimate 2016/17

Estimate Non-HRA 11.81 12.06 11.65 11.92 HRA 12.41 11.73 11.17 10.65

The estimates of financing costs include current commitments and the proposals in this budget report.

2.7 Incremental impact of capital investment decisions on council tax

of 348

8

This indicator identifies the revenue costs associated with proposed changes to the three year capital programme recommended in this budget report compared to the Council’s existing approved commitments and current plans. The assumptions are based on the budget, but will invariably include some estimates, such as the level of Government support, which are not published over a three year period.

Incremental impact of capital investment decisions on the band D council tax

£ 2013/14

Estimate 2014/15

Estimate 2015/16

Estimate 2016/17

Estimate Council tax - band D

3.24 6.41 4.66 4.51

.

2.8 Estimates of the incremental impact of capital investment decisions on housing rent levels

Similar to the council tax calculation, this indicator identifies the trend in the cost of proposed changes in the housing capital programme recommended in this budget report compared to the Council’s existing commitments and current plans, expressed as a discrete impact on weekly rent levels.

Incremental impact of capital investment decisions on housing rent levels

£ 2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Weekly housing rent levels

14.84 22.62 16.14 16.60

This indicator shows the revenue impact on any newly proposed changes, although any discrete impact will be constrained by rent controls.

2.9 HRA ratios

£ 2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

HRA debt £m 77.195 74.986 74.415 73.867 72.908

Number of HRA dwellings

6017 5976 5936 5916 5896

Debt per dwelling £

12,829 12,548 12,536 12,486 12,366

3 BORROWING

of 348

9

The capital expenditure plans set out in Section 2 provide details of the service activity of the Council. The treasury management function ensures that the Council’s cash is organised in accordance with the the relevant professional codes, so that sufficient cash is available to meet this service activity. This will involve both the organisation of the cash flow and, where capital plans require, the organisation of approporiate borrowing facilities. The strategy covers the relevant treasury / prudential indicators, the current and projected debt positions and the annual investment strategy.

3.1 Current portfolio position

The Council’s treasury portfolio position at 31 March 2013, with forward projections are summarised below. The table shows the actual external debt (the treasury management operations), against the underlying capital borrowing need (the Capital Financing Requirement - CFR), highlighting any over or under borrowing.

£m 2012/13 Actual

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

External Debt Debt at 1 April 92.754 94.354 92.806 99.374 108.297 Expected change in Debt -0.041 -3.013 5.279 5.952 3.635 Other long-term liabilities (OLTL)

1.908 1.641 1.465 1.289 1.113

Expected change in OLTL

-0.267 -0.176 -0.176 -0.176 -0.176

Actual gross debt at 31 March

94.354 92.806 99.374 106.439 112.869

The Capital Financing Requirement

108.811 108.130 110.427 114.457

116.141

Under / (over) borrowing

14.456 15.324 11.053 8.018 3.272

Within the prudential indicators there are a number of key indicators to ensure that the Council operates its activities within well defined limits. One of these is that the Council needs to ensure that its gross debt does not, except in the short term, exceed the total of the CFR in the preceding year plus the estimates of any additional CFR for 2014/15 and the following two financial years. This allows some flexibility for limited early borrowing for future years, but ensures that borrowing is not undertaken for revenue purposes.

The Director of Resources, Governance & Growth reports that the Council complied with this prudential indicator in the current year and does not envisage difficulties for the future. This view takes into account current commitments, existing plans, and the proposals in this budget report.

3.2 Treasury Indicators: limits to borrowing activity

of 348

10

The operational boundary. This is the limit beyond which external debt is not normally expected to exceed. In most cases, this would be a similar figure to the CFR, but may be lower or higher depending on the levels of actual debt.

Operational boundary £m

2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Debt 109 111 115 117 Other long term liabilities 2 2 2 2 Total 111 113 117 119

The authorised limit for external debt. A further key prudential indicator represents a control on the maximum level of borrowing. This represents a limit beyond which external debt is prohibited, and this limit needs to be set or revised by the full Council. It reflects the level of external debt which, while not desired, could be afforded in the short term, but is not sustainable in the longer term.

1. This is the statutory limit determined under section 3 (1) of the Local Government Act 2003. The Government retains an option to control either the total of all councils’ plans, or those of a specific council, although this power has not yet been exercised.

2. The Council is asked to approve the following authorised limit:

Authorised limit £m 2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

Debt 114 116 120 122 Other long term liabilities 2 2 2 2 Total 116 118 122 124

Separately, the Council is also limited to a maximum HRA CFR through the HRA self-financing regime. This limit is currently:

HRA Debt Limit £m 2013/14 Estimate

2014/15 Estimate

2015/16 Estimate

2016/17 Estimate

HRA debt cap 89.998 89.998 89.998 89.998 HRA CFR 77.552 77.552 80.442 82.926 HRA headroom 12.446 12.446 9.556 7.072

of 348

11

3.3 Prospects for interest rates

The Council has appointed Capita Asset Services as its treasury advisor and part of their service is to assist the Council to formulate a view on interest rates. The following table gives our central view. Annual Average %

Bank Rate %

PWLB Borrowing Rates % (including certainty rate adjustment)

5 year 25 year 50 year Mar 2014 0.50 2.50 4.40 4.40 Jun 2014 0.50 2.60 4.40 4.40 Sep 2014 0.50 2.70 4.50 4.50 Dec 2014 0.50 2.70 4.60 4.60 Mar 2015 0.50 2.80 4.60 4.70 Jun 2015 0.50 2.80 4.70 4.80 Sep 2015 0.50 2.90 4.80 4.90 Dec 2015 0.50 3.00 4.90 5.00 Mar 2016 0.50 3.10 5.00 5.10 Jun 2016 0.75 3.20 5.10 5.20 Sep 2016 1.00 3.30 5.10 5.20 Dec 2016 1.00 3.40 5.10 5.20 Mar 2017 1.25 3.40 5.10 5.20

Until 2013, the economic recovery in the UK since 2008 had been the worst and slowest recovery in recent history. However, growth has rebounded during 2013 to surpass all expectations, propelled by recovery in consumer spending and the housing market. Forward surveys are also currently very positive in indicating that growth prospects are strong for 2014, not only in the UK economy as a whole, but in all three main sectors, services, manufacturing and construction. This is very encouraging as there does need to be a significant rebalancing of the economy away from consumer spending to construction, manufacturing, business investment and exporting in order for this start to recovery to become more firmly established. One drag on the economy is that wage inflation continues to remain significantly below CPI inflation so disposable income and living standards are under pressure, although income tax cuts have ameliorated this to some extent. This therefore means that labour productivity must improve significantly for this situation to be corrected by the warranting of increases in pay rates. The US, the main world economy, faces similar debt problems to the UK, but thanks to reasonable growth, cuts in government expenditure and tax rises, the annual government deficit has been halved from its peak without appearing to do too much damage to growth.

The current economic outlook and structure of market interest rates and government debt yields have several key treasury management implications:

As for the Eurozone, concerns have subsided considerably in 2013. However,

sovereign debt difficulties have not gone away and major concerns could return in respect of any countries that do not dynamically address fundamental issues of low growth, international uncompetitiveness and the need for overdue reforms of the economy (as Ireland has done). It is, therefore, possible over the next few years that levels of government debt to GDP ratios could continue to rise to levels that could result in a loss of investor confidence in the financial viability of such countries. This could mean that sovereign debt concerns have not disappeared but, rather, have only been postponed. Counterparty risks therefore remain elevated. This continues to suggest the use of higher quality counterparties for shorter time periods;

of 348

12

Investment returns are likely to remain relatively low during 2014/15 and beyond;

Borrowing interest rates have risen significantly during 2013 and are on a rising trend. The policy of avoiding new borrowing by running down spare cash balances has served well over the last few years. However, this needs to be carefully reviewed to avoid incurring even higher borrowing costs, which are now looming ever closer, where authorities will not be able to avoid new borrowing to finance new capital expenditure and/or to refinance maturing debt, in the near future;

There will remain a cost of carry to any new borrowing which causes an increase in investments as this will incur a revenue loss between borrowing costs and investment returns.

3.4 Borrowing strategy

The Council is currently maintaining an under-borrowed position. This means that the capital borrowing need (the Capital Financing Requirement), has not been fully funded with loan debt as cash supporting the Council’s reserves, balances and cash flow has been used as a temporary measure. This strategy is prudent as investment returns are low and counterparty risk is relatively high.

Against this background and the risks within the economic forecast, caution will be adopted with the 2014/15 treasury operations. The Director of Resources, Governance & Growth will monitor interest rates in financial markets and adopt a pragmatic approach to changing circumstances:

if it was felt that there was a significant risk of a sharp FALL in long and short term

rates (e.g. due to a marked increase of risks around relapse into recession or of risks of deflation), then long term borrowings will be postponed, and potential rescheduling from fixed rate funding into short term borrowing will be considered.

iAny decisions will be reported to the appropriate decision making body at the

next available opportunity.

Treasury management limits on activity

There are three debt related treasury activity limits. The purpose of these are to restrain the activity of the treasury function within certain limits, thereby managing risk and reducing the impact of any adverse movement in interest rates. However, if these are set to be too restrictive they will impair the opportunities to reduce costs / improve performance. The indicators are:

Upper limits on variable interest rate exposure. This identifies a maximum limit for variable interest rates based upon the debt position net of investments

Upper limits on fixed interest rate exposure. This is similar to the previous indicator and covers a maximum limit on fixed interest rates;

Maturity structure of borrowing. These gross limits are set to reduce the Council’s exposure to large fixed rate sums falling due for refinancing, and are required for upper and lower limits

of 348

13

The Council is asked to approve the following treasury indicators and limits:

£m 2014/15 2015/16 2016/17 Interest rate exposures Upper Upper Upper Limits on fixed interest rates based on net debt

100% 100% 100%

Limits on variable interest rates based on net debt

100% 100% 100%

Maturity structure of fixed interest rate borrowing 2014/15 Lower Upper Under 12 months 0% 20% 12 months to 2 years 0% 40% 2 years to 5 years 0% 60% 5 years to 10 years 0% 80% 10 years to 20 years 0% 100% 20 years to 30 years 0% 100% 30 years to 40 years 0% 100% 40 years to 50 years 0% 100% Maturity structure of variable interest rate borrowing 2014/15 Lower Upper Under 12 months 0% 20% 12 months to 2 years 0% 40% 2 years to 5 years 0% 60% 5 years to 10 years 0% 80% 10 years to 20 years 0% 100% 20 years to 30 years 0% 100% 30 years to 40 years 0% 100% 40 years to 50 years 0% 100%

3.5 Policy on borrowing in advance of need

The Council will not borrow more than or in advance of its needs purely in order to profit from the investment of the extra sums borrowed. Any decision to borrow in advance will be within forward approved Capital Financing Requirement estimates, and will be considered carefully to ensure that value for money can be demonstrated and that the Council can ensure the security of such funds. Borrowing in advance will be made within the constraints that:

Would not look to borrow more than six months in advance of need.

Risks associated with any borrowing in advance activity will be subject to prior appraisal and subsequent reporting through the mid-year or annual reporting mechanism.

3.6 Debt rescheduling

As short term borrowing rates will be considerably cheaper than longer term fixed interest rates, there may be potential opportunities to generate savings by switching from long term debt to short term debt. However, these savings will need to be considered in the

of 348

14

light of the current treasury position and the size of the cost of debt repayment (premiums incurred). The reasons for any rescheduling to take place will include:

the generation of cash savings and / or discounted cash flow savings; helping to fulfil the treasury strategy; enhance the balance of the portfolio (amend the maturity profile and/or the

balance of volatility). Consideration will also be given to identify if there is any residual potential for making savings by running down investment balances to repay debt prematurely as short term rates on investments are likely to be lower than rates paid on current debt. All rescheduling will be reported to the Cabinet / Council, at the earliest meeting following its action

of 348

15

4 ANNUAL INVESTMENT STRATEGY

4.1 Investment policy

The Council’s investment policy has regard to the CLG’s Guidance on Local Government Investments (“the Guidance”) and the revised CIPFA Treasury Management in Public Services Code of Practice and Cross Sectoral Guidance Notes (“the CIPFA TM Code”). The Council’s investment priorities will be security first, liquidity second, then return. In accordance with the above guidance from the CLG and CIPFA, and in order to minimise the risk to investments, the Council has below clearly stipulated the minimum acceptable credit quality of counterparties for inclusion on the lending list. The creditworthiness methodology used to create the counterparty list fully accounts for the ratings, watches and outlooks published by all three ratings agencies with a full understanding of these reflect in the eyes of each agengy. Using our ratings service potential counterparty ratings are monitored on a real time basis with knowledge of any changes notified electronically as the agencies notify modifications. Further, the Council’s officers recognise that ratings should not be the sole determinant of the quality of an institution and that it is important to continually assess and monitor the financial sector on both a micro and macro basis and in relation to the economic and political environments in which institutions operate. The assessment will also take account of information that reflects the opinion of the markets. To this end the Council will engage with its advisors to maintain a monitor on market pricing such as “credit default swaps” and overlay that information on top of the credit ratings. Other information sources used will include the financial press, share price and other such information pertaining to the banking sector in order to establish the most robust scrutiny process on the suitability of potential investment counterparties. The aim of the strategy is to generate a list of highly creditworthy counterparties which will also enable divesification and thus avoidance of concentration risk. The intention of the strategy is to provide security of investment and minimisation of risk. Investment instruments identified for use in the financial year are listed in appendix 5.4 under the ‘specified’ and ‘non-specified’ investments categories. Counterparty limits will be as set through the Council’s treasury management practices – schedules.

4.2 Creditworthiness policy

The primary principle governing the Council’s investment criteria is the security of its investments, although the yield or return on the investment is also a key consideration. After this main principle, the Council will ensure that:

It maintains a policy covering both the categories of investment types it will invest in, criteria for choosing investment counterparties with adequate security, and monitoring their security. This is set out in the specified and non-specified investment sections below; and

It has sufficient liquidity in its investments. For this purpose it will set out procedures for determining the maximum periods for which funds may prudently be committed. These procedures also apply to the Council’s prudential indicators covering the maximum principal sums invested.

of 348

16

The Director Of Resources, Governance & Growth will maintain a counterparty list in compliance with the following criteria and will revise the criteria and submit them to Council for approval as necessary. These criteria are separate to that which determines which types of investment instrument are either specified or non-specified as it provides an overall pool of counterparties considered high quality which the Council may use, rather than defining what types of investment instruments are to be used.

The minimum rating criteria uses the lowest common denominator method of selecting counterparties and applying limits. This means that the application of the Council’s minimum criteria will apply to the lowest available rating for any institution. For instance, if an institution is rated by two agencies, one meets the Council’s criteria, the other does not, the institution will fall outside the lending criteria. Credit rating information is supplied by Capita Asset Services our treasury consultants, on all active counterparties that comply with the criteria below. Any counterparty failing to meet the criteria would be omitted from the counterparty (dealing) list. Any rating changes, rating watches (notification of a likely change), rating outlooks (notification of a possible longer term change) are provided to officers almost immediately after they occur and this information is considered before dealing. For instance, a negative rating watch applying to a counterparty at the minimum Council criteria will be suspended from use, with all others being reviewed in light of market conditions.

The criteria for providing a pool of high quality investment counterparties (both specified and non-specified investments) is:

Banks 1 - good credit quality – the Council will only use banks which:

i. are UK banks; and/or

ii. are non-UK and domiciled in a country which has a minimum sovereign long term rating of AAA

and have, as a minimum, the following Fitch, Moody’s and Standard and Poors credit ratings (where rated):

i. Short term – F1,P1,A1

ii. Long term – A-,A3,A-

iii. Viability / financial strength – bb-,C-(Fitch / Moody’s only)

iv. Support – 3 (Fitch only)

Banks 2 – Part nationalised UK banks – Lloyds Banking Group and Royal Bank of Scotland. These banks can be included if they continue to be part nationalised or they meet the ratings in Banks 1 above.

Banks 3 – The Council’s own banker for transactional purposes if the bank falls below the above criteria, although in this case balances will be minimised in both monetary size and time.

Bank subsidiary and treasury operation -. The Council will use these where the parent bank has provided an appropriate guarantee or has the necessary ratings outlined above.

Building societies. The Council will use all societies which:

i. meet the ratings for banks outlined above;

ii. Have assets in excess of £2bn;

or meet both criteria.

Money market funds – AAA

of 348

17

Enhanced money market funds (EMMFs) with a risk score of 1.25

UK Government (including gilts and the DMADF)

Local authorities, parish councils etc

Supranational institutions

A limit of 30% will be applied to the use of non-specified investments.

Country and sector considerations - Due care will be taken to consider the country, group and sector exposure of the Council’s investments. In part, the country selection will be chosen by the credit rating of the sovereign state in Banks 1 above. In addition:

no more than 30% will be placed with any non-UK country at any time;

limits in place above will apply to a group of companies;

sector limits will be monitored regularly for appropriateness.

Use of additional information other than credit ratings. Additional requirements under the Code require the Council to supplement credit rating information. Whilst the above criteria relies primarily on the application of credit ratings to provide a pool of appropriate counterparties for officers to use, additional operational market information will be applied before making any specific investment decision from the agreed pool of counterparties. This additional market information (for example Credit Default Swaps, negative rating watches/outlooks) will be applied to compare the relative security of differing investment counterparties.

Time and monetary limits applying to investments. The time and monetary limits for institutions on the Council’s counterparty list are as follows (these will cover both specified and non-specified investments):

Fitch Long term Rating

(or equivalent)

Money

Limit

Time

Limit

Banks 1 higher quality AA £4m 3yrs

Banks 1 medium quality AA £4m 364days

Banks 1 lower quality A+ £3m 364days

Banks 2 – part nationalised N/A £4m per group

364days

Limit 3 category – Council’s banker (not meeting Banks 1)

A- £3m 1 day

DMADF AAA unlimited 6 months

Local authorities N/A £3m 1yr

Money market funds AAA £3m, £12m limit

liquid

Enhanced money market funds with a credit score of 1.25

AAA £3m liquid

of 348

18

3. The proposed criteria for specified and non-specified investments are shown in Appendix 5.4 for approval.

4.3 Country limits

The Council has determined that it will only use approved counterparties from countries , excluding the UK, with a minimum sovereign credit rating of AAA from Fitch. This list will be added to, or deducted from, by officers should ratings change in accordance with this policy.

4.4 Investment strategy

In-house funds. Investments will be made with reference to the core balance and cash flow requirements and the outlook for short-term interest rates (i.e. rates for investments up to 12 months). Investment returns expectations. Bank Rate is forecast to remain unchanged at 0.5% before starting to rise from quarter 2 of 2016. Bank Rate forecasts for financial year ends (March) are:

2013/14 0.50% 2014/15 0.50% 2015/16 0.50% 2016/17 1.25%

There are upside risks to these forecasts (i.e. start of increases in Bank Rate occurs sooner) if economic growth remains strong and unemployment falls faster than expected. However, should the pace of growth fall back, there could be downside risk, particularly if Bank of England inflation forecasts for the rate of fall of unemployment were to prove to be too optimistic. The suggested budgeted investment earnings rates for returns on investments placed for periods up to 100 days during each financial year for the next four years are as follows:

2014/15 0.50% 2015/16 0.50%

2016/17 1.00% 2017/18 2.00%

Investment treasury indicator and limit - total principal funds invested for greater than 364 days. These limits are set with regard to the Council’s liquidity requirements and to reduce the need for early sale of an investment, and are based on the availability of funds after each year-end.

The Council is asked to approve the treasury indicator and limit: - Maximum principal sums invested > 364 days

£m 2014/15 2015/16 2016/17 Principal sums invested > 364 days

£2m £2m £2m

of 348

19

For its cash flow generated balances, the Council will seek to utilise its business reserve instant access and notice accounts, money market funds and short-dated deposits (overnight to100 days) in order to benefit from the compounding of interest.

4.5 Icelandic bank investments

This authority previously invested the sum of £2m in Heritable Icelandic Bank which has been frozen. The Icelandic Government has stated its intention to honour all its commitments as a result of their banks being placed into receivership. The U.K. Government is working with the Icelandic Government to help bring this about. At the current time, the process of recovering assets is still ongoing with the administrators. The Local Government Association is co-ordinating the efforts of all UK authorities with Icelandic investments. Members will be periodically updated on the latest developments on these efforts. At the end of September 2013, the Council had received a total of £1.899m of its £2m deposit from Heritable which leaves an outstanding balance of £101k.

4.6 Investment risk benchmarking

These benchmarks are simple guides to maximum risk, so they may be breached from time to time, depending on movements in interest rates and counterparty criteria. The purpose of the benchmark is that officers will monitor the current and trend position and amend the operational strategy to manage risk as conditions change. Any breach of the benchmarks will be reported, with supporting reasons in the mid-year or Annual Report. Security - The Council’s maximum security risk benchmark for the current portfolio, when compared to these historic default tables, is:

0.02% historic risk of default when compared to the whole portfolio.

Liquidity – in respect of this area the Council seeks to maintain:

Bank overdraft - £250k

Liquid short term deposits of at least £2m available with a week’s notice.

Weighted average life benchmark is expected to be 45 days, with a maximum of 180 days.

Yield - local measures of yield benchmarks are:

Investments – internal returns above the 7 day LIBID rate

And in addition that the security benchmark for each individual year is:

1 year 2 years 3 years 4 years 5 years Maximum 0.02% 0.00% 0.00% 0.00% 0.00%

Note: This benchmark is an average risk of default measure, and would not constitute an expectation of loss against a particular investment.

4.7 End of year investment report

At the end of the financial year, the Council will report on its investment activity as part of its Annual Treasury Report.

of 348

20

5 APPENDICES

1. Economic background

2. Treasury management practice 1 – credit and counterparty risk management

3. Approved countries for investments

4. Treasury management scheme of delegation

5. The treasury management role of the section 151 officer

6. Capital Programme – revised 2013-14 & forward 2014-15, 2015-16 & 2016-17

of 348

5.1 APPENDIX: Economic Background

THE UK ECONOMY

Economic growth. Until 2013, the economic recovery in the UK since 2008 had been the worst and slowest recovery in recent history. However, growth strongly rebounded in 2013 - quarter 1 (+0.3%), 2 (+0.7%) and 3 (+0.8%), to surpass all expectations as all three main sectors, services, manufacturing and construction contributed to this strong upturn. The Bank of England has, therefore, upgraded growth forecasts in the August and November quarterly Inflation Reports for 2013 from 1.2% to 1.6% and for 2014 from 1.7% to 2.8%, (2015 unchanged at 2.3%). The November Report stated that: -

In the United Kingdom, recovery has finally taken hold. The economy is growing robustly as lifting uncertainty and thawing credit conditions start to unlock pent-up demand. But significant headwinds — both at home and abroad — remain, and there is a long way to go before the aftermath of the financial crisis has cleared and economic conditions normalise. That underpins the MPC’s intention to maintain the exceptionally stimulative stance of monetary policy until there has been a substantial reduction in the degree of economic slack. The pace at which that slack is eroded, and the durability of the recovery, will depend on the extent to which productivity picks up alongside demand. Productivity growth has risen in recent quarters, although unemployment has fallen by slightly more than expected on the back of strong output growth.

Forward surveys are currently very positive in indicating that growth prospects are also strong for 2014, not only in the UK economy as a whole, but in all three main sectors, services, manufacturing and construction. This is very encouraging as there does need to be a significant rebalancing of the economy away from consumer spending to construction, manufacturing, business investment and exporting in order for this start to recovery to become more firmly established. One drag on the economy is that wage inflation continues to remain significantly below CPI inflation so disposable income and living standards are under pressure, although income tax cuts have ameliorated this to some extent. This therefore means that labour productivity must improve significantly for this situation to be corrected by the warranting of increases in pay rates.

Forward guidance. The Bank of England issued forward guidance in August which stated that the Bank will not start to consider raising interest rates until the jobless rate (Labour Force Survey / ILO i.e. not the claimant count measure) has fallen to 7% or below. This would require the creation of about 750,000 jobs and was forecast to take three years in August, but revised to possibly quarter 4 2014 in November. The UK unemployment rate has already fallen to 7.4% on the three month rate to October 2013 (although the rate in October alone was actually 7.0%). The Bank's guidance is subject to three provisos, mainly around inflation; breaching any of them would sever the link between interest rates and unemployment levels. This actually makes forecasting Bank Rate much more complex given the lack of available reliable forecasts by economists over a three year plus horizon. The recession since 2007 was notable for how unemployment did NOT rise to the levels that would normally be expected in a major recession and the August Inflation Report noted that productivity had sunk to 2005 levels. There has, therefore, been a significant level of retention of labour, which will mean that there is potential for a significant amount of GDP growth to be accommodated without a major reduction in unemployment. However, it has been particularly encouraging that the strong economic growth in 2013 has also been accompanied by a rapid increase in

of 348

22

employment and forward hiring indicators are also currently very positive. It is therefore increasingly likely that early in 2014, the MPC will need to amend its forward guidance by reducing its 7.0% threshold rate and/or by adding further wording similar to the Fed’s move in December (see below).

Credit conditions. While Bank Rate has remained unchanged at 0.5% and quantitative easing has remained unchanged at £375bn in 2013, the Funding for Lending Scheme (FLS) was extended to encourage banks to expand lending to small and medium size enterprises. The second phase of Help to Buy aimed at supporting the purchase of second hand properties, will also start in earnest in January 2014. These measures have been so successful in boosting the supply of credit for mortgages, and so of increasing house purchases, (though levels are still far below the pre-crisis level), that the Bank of England announced at the end of November that the FLS for mortgages would end in February 2014. While there have been concerns that these schemes are creating a bubble in the housing market, house price increases outside of London and the south-east have been much weaker. However, bank lending to small and medium enterprises continues to remain weak and inhibited by banks still repairing their balance sheets and anticipating tightening of regulatory requirements. Inflation. Inflation has fallen from a peak of 3.1% in June 2013 to 2.1% in November. It is expected to remain near to the 2% target level over the MPC’s two year time horizon.

AAA rating. The UK has lost its AAA rating from Fitch and Moody’s but that caused little market reaction.

THE GLOBAL ECONOMY

The Eurozone (EZ). The sovereign debt crisis has eased considerably during 2013 which has been a year of comparative calm after the hiatus of the Cyprus bailout in the spring. In December, Ireland escaped from its three year EZ bailout programme as it had dynamically addressed the need to substantially cut the growth in government debt, reduce internal price and wage levels and promote economic growth. The EZ finally escaped from seven quarters of recession in quarter 2 of 2013 but growth is likely to remain weak and so will dampen UK growth. The ECB’s pledge to buy unlimited amounts of bonds of countries which ask for a bail out has provided heavily indebted countries with a strong defence against market forces. This has bought them time to make progress with their economies to return to growth or to reduce the degree of recession. However, debt to GDP ratios (2012 figures) of Greece 176%, Italy 131%, Portugal 124%, Ireland 123% and Cyprus 110%, remain a cause of concern, especially as many of these countries are experiencing continuing rates of increase in debt in excess of their rate of economic growth i.e. these debt ratios are continuing to deteriorate. Any sharp downturn in economic growth would make these countries particularly vulnerable to a new bout of sovereign debt crisis. It should also be noted that Italy has the third biggest debt mountain in the world behind Japan and the US. Greece remains particularly vulnerable and continues to struggle to meet EZ targets for fiscal correction. Whilst a Greek exit from the Euro is now improbable in the short term, as Greece has made considerable progress in reducing its annual government deficit and a return towards some economic growth, some commentators still view an eventual exit as being likely. There are also concerns that austerity measures in Cyprus could also end up in forcing an exit. The question remains as to how much damage an exit by one country would do and whether contagion would spread to other countries. However, the longer a Greek exit is delayed, the less are likely to be the repercussions beyond Greece on other countries and on EU banks.

of 348

23

Sentiment in financial markets has improved considerably during 2013 as a result of firm Eurozone commitment to support struggling countries and to keep the Eurozone intact. However, the foundations to this current “solution” to the Eurozone debt crisis are still weak and events could easily conspire to put this into reverse. There are particular concerns as to whether democratically elected governments will lose the support of electorates suffering under EZ imposed austerity programmes, especially in countries like Greece and Spain which have unemployment rates of over 26% and unemployment among younger people of over 50%. The Italian political situation is also fraught with difficulties in maintaining a viable coalition which will implement an EZ imposed austerity programme and undertake overdue reforms to government and the economy. There are also concerns over the lack of political will in France to address issues of poor international competitiveness,

USA. The economy has managed to return to robust growth in Q2 2013 of 2.5% y/y and 4.1% y/y in Q3, in spite of the fiscal cliff induced sharp cuts in federal expenditure that kicked in on 1 March, and increases in taxation. The Federal Reserve therefore decided in December to reduce its $85bn per month asset purchases programme of quantitative easing by $10bn. It also amended its forward guidance on its pledge not to increase the central rate until unemployment falls to 6.5% by adding that there would be no increases in the central rate until ‘well past the time that the unemployment rate declines below 6.5%, especially if projected inflation continues to run below the 2% longer run goal’. Consumer, investor and business confidence levels have all improved markedly in 2013. The housing market has turned a corner and house sales and increases in house prices have returned to healthy levels. Many house owners have, therefore, been helped to escape from negative equity and banks have also largely repaired their damaged balance sheets so that they can resume healthy levels of lending. All this portends well for a reasonable growth rate looking forward.

China. There are concerns that Chinese growth could be on an overall marginal downward annual trend. There are also concerns that the new Chinese leadership have only started to address an unbalanced economy which is heavily dependent on new investment expenditure, and for a potential bubble in the property sector to burst, as it did in Japan in the 1990s, with its consequent impact on the financial health of the banking sector. There are also concerns around the potential size, and dubious creditworthiness, of some bank lending to local government organisations and major corporates. This primarily occurred during the government promoted expansion of credit, which was aimed at protecting the overall rate of growth in the economy after the Lehmans crisis.

Japan. The initial euphoria generated by “Abenomics”, the huge QE operation instituted by the Japanese government to buy Japanese debt, has tempered as the follow through of measures to reform the financial system and the introduction of other economic reforms, appears to have stalled. However, at long last, Japan has seen a return to reasonable growth and positive inflation during 2013 which augurs well for the hopes that Japan can escape from the bog of stagnation and deflation and so help to support world growth. The fiscal challenges though are huge; the gross debt to GDP ratio is about 245% in 2013 while the government is currently running an annual fiscal deficit of around 50% of total government expenditure. Within two years, the central bank will end up purchasing about Y190 trillion (£1,200 billion) of government debt. In addition, the population is ageing due to a low birth rate and, on current trends, will fall from 128m to 100m by 2050.

of 348

24

CAPITA ASSET SERVICES FORWARD VIEW

Economic forecasting remains difficult with so many external influences weighing on the UK. Major volatility in bond yields is likely to endure as investor fears and confidence ebb and flow between favouring more risky assets i.e. equities, and safer bonds.

There could well be volatility in gilt yields over the next year as financial markets anticipate further tapering of asset purchases by the Fed. The timing and degree of tapering could have a significant effect on both Treasury and gilt yields. Equally, while the political deadlock and infighting between Democrats and Republicans over the budget has almost been resolved the raising of the debt limit, has only been kicked down the road. A final resolution of these issues could have a significant effect on gilt yields during 2014.

The longer run trend is for gilt yields and PWLB rates to rise, due to the high volume of gilt issuance in the UK, and of bond issuance in other major western countries. Increasing investor confidence in economic recovery is also likely to compound this effect as a continuation of recovery will further encourage investors to switch back from bonds to equities.

The overall balance of risks to economic recovery in the UK is currently evenly weighted. However, only time will tell just how long this period of strong economic growth will last; it also remains exposed to vulnerabilities in a number of key areas.

The interest rate forecasts in this report are based on an initial assumption that there will not be a major resurgence of the EZ debt crisis, or a break-up of the EZ, but rather that there will be a managed, albeit painful and tortuous, resolution of the debt crisis where EZ institutions and governments eventually do what is necessary - but only when all else has been tried and failed. Under this assumed scenario, growth within the EZ will be tepid for the next couple of years and some EZ countries experiencing low or negative growth, will, over that time period, see a significant increase in total government debt to GDP ratios. There is a significant danger that these ratios could rise to the point where markets lose confidence in the financial viability of one, or more, countries. However, it is impossible to forecast whether any individual country will lose such confidence, or when, and so precipitate a resurgence of the EZ debt crisis. While the ECB has adequate resources to manage a debt crisis in a small EZ country, if one, or more, of the large countries were to experience a major crisis of market confidence, this would present a serious challenge to the ECB and to EZ politicians.

Downside risks currently include:

UK strong economic growth is currently very dependent on consumer spending and recovery in the housing market. This is unlikely to endure much beyond 2014 as most consumers are maxed out on borrowing and wage inflation is less than CPI inflation, so disposable income is being eroded.

A weak rebalancing of UK growth to exporting and business investment causing a major weakening of overall economic growth beyond 2014

Weak growth or recession in the UK’s main trading partners - the EU and US, depressing economic recovery in the UK.

Prolonged political disagreement over the raising of the US debt ceiling. A return to weak economic growth in the US, UK and China causing major

disappointment in investor and market expectations. A resurgence of the Eurozone sovereign debt crisis caused by ongoing

deterioration in government debt to GDP ratios to the point where financial markets lose confidence in the financial viability of one or more countries and in

of 348

25

the ability of the ECB and Eurozone governments to deal with the potential size of the crisis.

The potential for a significant increase in negative reactions of populaces in Eurozone countries against austerity programmes, especially in countries with very high unemployment rates e.g. Greece and Spain, which face huge challenges in engineering economic growth to correct their budget deficits on a sustainable basis.

The Italian political situation is frail and unstable; this will cause major difficulties in implementing austerity measures and a programme of overdue reforms. Italy has the third highest government debt mountain in the world.

Problems in other Eurozone heavily indebted countries (e.g. Cyprus and Portugal) which could also generate safe haven flows into UK gilts, especially if it looks likely that one, or more countries, will need to leave the Eurozone.

A lack of political will in France, (the second largest economy in the EZ), to dynamically address fundamental issues of low growth, poor international uncompetitiveness and the need for overdue reforms of the economy.

Monetary policy action failing to stimulate sustainable growth in western economies, especially the Eurozone and Japan.

Geopolitical risks e.g. Syria, Iran, North Korea, which could trigger safe haven flows back into bonds.

The potential for upside risks to UK gilt yields and PWLB rates, especially for longer term PWLB rates include: -

A sharp upturn in investor confidence that sustainable robust world economic growth is firmly expected, causing a surge in the flow of funds out of bonds into equities.

A reversal of Sterling’s safe-haven status on a sustainable improvement in financial stresses in the Eurozone.

UK inflation being significantly higher than in the wider EU and US, causing an increase in the inflation premium inherent to gilt yields.

In the longer term – an earlier than currently expected reversal of QE in the UK; this could initially be implemented by allowing gilts held by the Bank to mature without reinvesting in new purchases, followed later by outright sale of gilts currently held.

of 348

26

5.2 APPENDIX: Treasury Management Practice (TMP1) – Credit and Counterparty Risk Management

The CLG issued Investment Guidance in 2010, and this forms the structure of the Council’s policy below. These guidelines do not apply to either trust funds or pension funds which operate under a different regulatory regime. The key intention of the Guidance is to maintain the current requirement for councils to invest prudently, and that priority is given to security and liquidity before yield. In order to facilitate this objective the guidance requires this Council to have regard to the CIPFA publication Treasury Management in the Public Services: Code of Practice and Cross-Sectoral Guidance Notes. This Council adopted the Code on 25/05/2004 and will apply its principles to all investment activity. In accordance with the Code, the Director of Finance has produced its treasury management practices (TMPs). This part, TMP 1(1), covering investment counterparty policy requires approval each year. Annual investment strategy - The key requirements of both the Code and the investment guidance are to set an annual investment strategy, as part of its annual treasury strategy for the following year, covering the identification and approval of following: The strategy guidelines for choosing and placing investments, particularly

non-specified investments. The principles to be used to determine the maximum periods for which funds

can be committed. Specified investments that the Council will use. These are high security (i.e.

high credit rating, although this is defined by the Council, and no guidelines are given), and high liquidity investments in sterling and with a maturity of no more than a year.

Non-specified investments, clarifying the greater risk implications, identifying the general types of investment that may be used and a limit to the overall amount of various categories that can be held at any time.

The investment policy proposed for the Council is: Strategy guidelines – The main strategy guidelines are contained in the body of the treasury strategy statement. Specified investments – These investments are sterling investments of not more than one-year maturity, or those which could be for a longer period but where the Council has the right to be repaid within 12 months if it wishes. These are considered low risk assets where the possibility of loss of principal or investment income is small. These would include sterling investments which would not be defined as capital expenditure with:

1. The UK Government (such as the Debt Management Account deposit facility, UK treasury bills or a gilt with less than one year to maturity).

2. Supranational bonds of less than one year’s duration. 3. A local authority, parish council or community council. 4. Pooled investment vehicles (such as money market funds) that have been awarded a

high credit rating by a credit rating agency. For category 4 this covers pooled investment vehicles, such as money market funds, rated AAA by Standard and Poor’s, Moody’s or Fitch rating agencies.

of 348

27

5. A body that is considered of a high credit quality (such as a bank or building society { For category 5 this covers bodies with a minimum short term rating of F1 (or the equivalent) as rated by Standard and Poor’s, Moody’s or Fitch rating agencies.

Within these bodies, and in accordance with the Code, the Council has set additional criteria to set the time and amount of monies which will be invested in these bodies. This criteria is shown in the table below:

Fitch Long term

Rating

(or equivalent)

Money

Limit

Time

Limit

Banks 1 higher quality AA £4m 3yrs

Banks 1 medium quality AA £4m 364days

Banks 1 lower quality A+ £3m 364days

Banks 2 – part nationalised N/A £4m per group

364days

Limit 3 category – Council’s banker (not meeting Banks 1)

A- £3m 1 day

DMADF AAA unlimited 6 months

Local authorities N/A £3m 1yr

Money market funds AAA £3m, £12m limit

liquid

Enhanced money market funds with a credit score of 1.25

AAA £3m liquid

Non-specified investments –are any other type of investment (i.e. not defined as specified above). At the present time the Council does not have the resources to consider Non-Specified investments.

The monitoring of investment counterparties - The credit rating of counterparties will be monitored regularly. The Council receives credit rating information (changes, rating watches and rating outlooks) from Capita Asset Services as and when ratings change, and counterparties are checked promptly On occasion ratings may be downgraded when an investment has already been made. The criteria used are such that a minor downgrading should not affect the full receipt of the principal and interest. Any counterparty failing to meet the criteria will be removed from the list immediately by the Director of Finance, and if required new counterparties which meet the criteria will be added to the list.

of 348

28

5.3 APPENDIX: Approved countries for investments

Based on lowest available rating AAA

Australia Canada Denmark Finland Germany Luxembourg Norway Singapore Sweden Switzerland

of 348

29

5.4 APPENDIX: Treasury management scheme of delegation

(i) Full board/council

receiving and reviewing reports on treasury management policies, practices and activities;

approval of annual strategy.

(ii) Boards/committees/council/responsible body

approval of/amendments to the organisation’s adopted clauses, treasury management policy statement and treasury management practices;

budget consideration and approval;

approval of the division of responsibilities;

receiving and reviewing regular monitoring reports and acting on recommendations;

approving the selection of external service providers and agreeing terms of appointment.

(iii) Body/person(s) with responsibility for scrutiny

reviewing the treasury management policy and procedures and making recommendations to the responsible body.

of 348

30

5.5 APPENDIX: The treasury management role of the section 151 officer

The S151 (responsible) officer

recommending clauses, treasury management policy/practices for approval, reviewing the same regularly, and monitoring compliance;

submitting regular treasury management policy reports;

submitting budgets and budget variations;

receiving and reviewing management information reports;

reviewing the performance of the treasury management function;

ensuring the adequacy of treasury management resources and skills, and the effective division of responsibilities within the treasury management function;

ensuring the adequacy of internal audit, and liaising with external audit;

recommending the appointment of external service providers.

of 348

W:\Central services\Member Services\CMIS\Audit & Risk\Risk Management.doc Page 1 of 16 December 2013 V6

RISK

MANAGEMENT

FRAMEWORK

Date of Policy: December 2013 Author: Corporate Risk Officer Document Status Final Version Next Review Date: December 2014

of 348


Index Number Detail Page

Number Risk Policy and Strategy

3

1 Introduction

5

2 Background

5

3 Corporate Governance

5

4 Leadership and Responsibility

6

5 Training 6

6 Resourcing Risk Management

6

7 Role of the Executive Management Team

7

8 Risk Management Role in the Cabinet and Audit and Risk Committee

7

9 Risk Identification 7

10 Involvement in other related groups

8

11 External Contacts

8

12 Partnerships

8

13 Methodology

8

14 Risk Appetite 9

15 Risk Management Approach

9

16 Reviews

9

Appendices

One Shared Leadership – Role and Responsibilities

11

Two Risk Scoring Criteria and Matrix

15

of 348


RISK MANAGEMENT POLICY AND STRATEGY Policy

1.1 We define risk as something that might have a detrimental impact on the achievement of the Council’s objectives, reputation, or service delivery.

1.2 The appraisal and management of risk will be part of our business planning, project management and change management process.

1.3 We will use risk management to promote innovation as well as to help secure our objectives.

Organisation

2.1 This risk management strategy will be subject to endorsement by the Audit and Risk Committee.

2.2 The Director of Resources, Governance and Growth is responsible for risk management. The Executive Management Team (EMT) will support the Director of Resources, Governance and Growth in assessing risks likely to have a significant impact on the achievement of the Council’s objectives. The EMT is responsible for the development of advice and guidance on risk management matters.

2.3 Directors will implement risk management within their services and ensure that;

risk is a standard agenda item on all directorate meetings to identify any emerging risk and changes.

managers carry out risk assessments as a routine part of service planning and management activities.

The Director of Resources, Governance and Growth is notified of any significant changes in service provision likely to arise if a risk materialises to enable him/her to ensure that appropriate and adequate insurance measures are in place.

The Director of Resources, Governance and Growth is informed if financing measures are needed to be put in place.

a risk aware culture is built across the department.

key risks to service objectives, project, partnership and change management process under their control are identified, recorded and managed.

those risks having a corporate impact are reported for consideration for inclusion in the Corporate Risk Register.

of 348


2.4 The Director of Resources, Governance and Growth is responsible for coordinating the Council’s approach to risk management. The Corporate Risk Officer sits within the Finance team and is responsible for monitoring the implementation and effectiveness of this risk management strategy and for reviewing compliance with controls introduced by EMT to manage risks.

2.5 The Audit and Risk Committee is responsible for reviewing the effectiveness of the systems and processes in place for managing risk.

Arrangements

3.1 Reports to Cabinet will include an appraisal of risk.

3.2 Corporate risks will be identified and:

- assessed for likelihood and impact

- mitigating controls identified

- allocated responsible officers for the mitigating controls

- cost implications of controls will be considered

3.3 Risk Management training will be provided to EMT and senior managers with the aim of ensuring that they have the skills necessary to identify, appraise and control the risks associated with the services they provide. Councillors will receive training on risk so that they can consider the implications of risk in their work for the Council.

3.4 Every partnership, project team or change management team will appraise strategic and operational risks and make provision for dealing with those risks.

3.5 This strategy will be communicated to Councillors and staff and will be reviewed annually by the EMT.

of 348


1. Introduction The fundamental principles adopted by the Council on Risk Management are described in the policy and strategy statement on Risk Management (page 3). Adopting and implementing the framework detailed below will achieve compliance with the policy and strategy. 2. Background All organisations face a wide variety of risks including physical risks to people or property, financial loss, failure of service delivery, information management and damage to the organisation's reputation. Risk for this purpose is defined as "the chance of an event happening and leading to unintended effects which will impair the organisation's ability to achieve its objectives". Good risk management is a key tool in assisting the organisation to manage uncertainty in order to enable the organisation to better achieve the outcome of its objectives. Risk management is intended to be a planned and systematic approach to the identification, assessment and management of the risks facing the organisation. It is essential that steps are taken to effectively manage those risks. Risk management supports innovative solutions as it carefully considers benefits, alongside the risks, that may occur. The traditional means of protecting against the more obvious risks has been through insurance. However, there are many risks which cannot be insured against and which must be addressed in different ways. Even in the case of those risks which are insurable, action can be taken to reduce the potential risks with consequent savings of premiums and disruption of work. 3. Corporate Governance Great Yarmouth Borough Council has adopted a Local Code of Corporate Governance setting out the framework through which it will carry out its responsibilities to deliver effective services. One of the elements of this framework is the requirement to ensure that an effective risk management system is in place. Effective risk management is an essential element of good corporate governance which, in turn, supports effective decision making and ultimately contributes to improved performance.

Performance

↑ Decision making

Corporate Governance

Risk Management The risk management framework aims to:-

of 348


Clarify responsibilities for identifying and managing risks Ensure that an appropriate level of risk management is consistently

applied across the Council Increase awareness and use of risk management as a normal element of

service management and improvement Facilitate sharing of experience and good practice across the Council and

with other bodies Embed the concept of risk management in the authority and by doing so

ensure that accurate and relevant statements are made in the Annual Governance Statement.

4. Leadership and Responsibility Given the diversity of Council services and the wide range of potential risks, it is essential that responsibility for identifying and taking action to address potential risks is clear. Responsibility for effective risk management rests with all Members and Officers of the Council. The Chief Executive Officer is the Officer with overall responsibility for securing adherence to the Council’s policy on Risk Management. The framework of roles and responsibilities in Appendix One shows how these are allocated. 5. Training Individual officers and Members will have different needs and these can be met with different methods. These will include appropriate awareness raising sessions as well as the more formal training. The e learning package includes a module on risk and this will be used to deliver part of the training requirements. External providers will be identified to deliver specific training and, where appropriate, in house training will be used. 6. Resourcing Risk Management Risk management is not a new issue and, as identified at paragraph 4, every Member and Officer is responsible for considering risk implications as they relate to their actions. However, it is recognised that the concept of risk management needs to become formalised and part and parcel of the culture of the Council. The designated Risk Champion(s) at Executive Management Team Level is The Director of Resources, Governance and Growth.

of 348


The Corporate Risk Officer will be the link for all aspects of risk management. 7. Role of the Executive Management Team Whilst acknowledging the wide variety of risks that face the Council, and the differing circumstances that apply in different services, it is essential that there is some consistency in the way that risks are identified and assessed. This helps to ensure that all areas of risk are adequately considered and relative priorities for action can be judged. The EMT will provide this consistency of approach. The Group acts as a link between group managers, specialised groups dealing with particular areas of risk, senior management and Members. Quarterly updates on the Corporate Risk Register will be provided to EMT and risk will be an agenda item on all meetings to identify any emerging risks or changes. 8. Risk Management Role in the Cabinet and Audit and Risk Committee The Cabinet is responsible for ensuring that an adequate risk management framework and associated control environment exists within the Council. The Audit and Risk Committee is responsible for monitoring the arrangements in place for the identification, monitoring and management of strategic and operational risk. To provide the Audit and Risk Committee with the necessary information to undertake these responsibilities, regular progress updates on the Corporate Risk Register are reported at specific Audit and Risk Committee meetings. 9. Risk Identification To meet the requirements of this framework, risk(s) must be capable of being identified at any level, and by anybody, within the Authority. The key people are the group managers who will identify, record and manage key risks to service objectives, project, partnership and change management processes under their control and identify mitigating processes to help reduce their impact. Service risks should be included as an agenda item on each Departmental Management Team meeting, to review whether any additions, deletions or other changes need to be made. Any risk can, if appropriate, be escalated to being a corporate risk through the Director of Resources, Governance and Growth, Corporate Risk Officer and eventually the Executive Management Team.

of 348


Members and Senior Officers can also identify corporate or service risks through EMT. The Corporate Risk Register will be reviewed on a quarterly basis and updated to reflect any changes to the risks currently included and to include any new risks identified. 10. Involvement of Other Related Groups The Council’s Internal Audit section also contributes to the management of risk. The work of Internal Audit is based on a needs and risk assessment process that identifies and focuses resources on higher risk areas. Audit findings are reported to the relevant Director and Group Manager together with recommendations for improvement and an action plan. Checks are undertaken by Internal Audit to ensure agreed recommendations are implemented. 11. External Contacts The potential risks faced by the Council are in many cases similar to those faced by other authorities and it is practical and cost effective to learn from the experience of others. In order to share risk management information and experiences, the Council has established networks with other authorities and agencies. 12. Partnerships A Partnership Guidance is available and outlines the Council’s approach to assessing partnership risks for partnerships. The guidance note explains the steps that should be taken to assess risks before the decision is made to enter into a partnership and also how to undertake ongoing monitoring of risk once a partnership has been established. 13. Methodology A methodology for identifying, assessing and managing risk within the Council has been developed. This methodology has the advantage of being relatively straightforward to use and can be applied to both the strategic risks of the Council and as part of the routine service, project planning and change management processes. Once a risk has been identified it is essential to determine the level of impact and likelihood. The Impact and likelihood criteria is set out in Appendix 2. The Corporate Risk Register is held by the Corporate Risk Officer and published on the intranet. The format of the register is as below: CORPORATE RISK ASSESSMENT – GREAT YARMOUTH BOROUGH COUNCIL

of 348


Reviewed: Next Review Date: No Vulner-

ability

Trigger

Conse- quence

Mitigation Current Score

Target Score

Action Plan / Progress update

Respon-sible officer

Due Date

Link to Strategic Priority

Almost all projects can be assessed using the three categories, schedule/time, costs and performance/ quality of end product. Projects should follow Prince 2 principals. The Council’s risk management methodology should be followed to produce these risk assessments and a summary of the findings given in reports to Members. A guidance note will be available on the Council’s intranet, which explains how risk should be presented in reports to Members. 14 Risk Appetite Risk appetite refers to the Organisations attitude towards risk, which in turn dictates the amount of risk that it considers acceptable. As a result, risk appetite refers to our willingness to tolerate a particular level of exposure to specific risks. The appetite is also a function of our capacity to bear risk which should not be exceeded. 15. Risk Management Approach The development of a consistent, corporate approach to risk management needs to be done in a methodical and proportionate way in order to avoid the creation of a self-defeating bureaucratic burden. To ensure that risk management is handled in the most efficient way within the Council, risk is included as an agenda item on all departmental meetings to identify emerging risks and changes. Work to integrate risk management and performance management is under way. The following chart (from bottom up) shows how a risk could be identified and escalated:

Corporate Risk Register Executive Management Team

of 348


↑

1. Decides risk is corporate 2. Reviews all service risks and

brings attention to ones recurring in different services.

1. Director 2. Corporate Risk Officer

↑

Service Risk Register Group Manager adds ↑

Evaluate and decide action With Group Manager ↑

Risk identified By anyone 16. Reviews The Framework will be reviewed by EMT and the Audit and Risk Committee on an annually basis and published on the Councils Intranet and internet. The Corporate Risk Register will be reviewed by EMT on a quarterly basis and Audit and Risk Committee every six months and published on the Councils Intranet.

of 348


APPENDIX ONE Shared Leadership – Role and Responsibilities Everyone has a role to play in an integrated risk management framework. Combining shared leadership with a team approach will help contribute to its ultimate success. Roles as identified at present are: 1. CABINET Approve the Risk Management Framework which includes the Risk Management Policy and Strategy. Consider Council’s corporate strategic risks and agree a programme of risk reduction where appropriate. Consider risks attached to proposals for new / changed policies and service delivery arrangements. Reports to Cabinet will include an appraisal of risk.

Review effectiveness of Risk Management.

Ensure proper insurance is in place where appropriate. 2. AUDIT AND RISK COMMITTEE Provide proactive leadership and direction on Risk Management Governance issues and champion Risk Management throughout the Council. Receive progress reports on risk reduction programme and agree revisions to the corporate risk register. Receive progress reports on the corporate risk register at least six monthly. Monitor to ensure that an adequate risk management framework and associated control environment is in place. Monitor arrangements for the identification, monitoring and management of strategic and operational risk within the Council Consider an annual report on Risk Management arrangements. 3. CHIEF EXECUTIVE OFFICER Promote Risk Management and its benefits throughout the Council. Overall responsibility for securing adherence to the Council’s Policy on Risk Management.

APPENDIX ONE (contd)

of 348


Appoint a Director to take responsibility for risk management.

4. EXECUTIVE MANAGEMENT TEAM (EMT)

Agree the Corporate Risk Management Framework including the Risk Management Policy and Strategy. Consider risks attached to proposals for new / changed policies and service delivery arrangements. Ensure that this framework is applied. Consider and agree the Council’s corporate strategic risks and identify those requiring further action on a quarterly basis. Allocate responsibility to Directors to develop action plans for corporate strategic risks. Receive progress reports on risk reduction programme and propose revisions to “corporate risk register” Responsible for the development of advice and guidance on risk management matters.

Supports the Director of Resources, Governance & Growth in assessing risks likely to have a significant impact on the achievement of the Council’s objectives.

5. DIRECTOR OF RESOURCES, GOVERNANCE AND GROWTH The Director of Resources, Governance & Growth is responsible for risk management. The Director of Resources, Governance & Growth is responsible for coordinating the Council’s approach to risk management.

The Director of Resources, Governance and Growth is responsible for the insurance provision within the Authority.

6. DIRECTORS

Directors will implement risk management within their services and ensure that;

Risk is an agenda item on all directorate meetings to identify any emerging risk and changes.

Key risks to service objectives, project, partnership and change management processes under their control are identified, recorded and managed.

of 348


APPENDIX ONE (contd)

managers carry out risk assessments as a routine part of service planning and management activities

Director of Resources, Governance & Growth is notified of any significant changes in service provision likely to arise if a risk materialises to enable him/her to ensure that appropriate and adequate insurance and financing measures are in place.

Those risks having a Corporate impact are reported for consideration for inclusion in Corporate Risk Register.

A risk aware culture is built across the department.

7. CORPORATE RISK OFFICER The Corporate Risk Officer sits within the Finance team and is responsible for monitoring the implementation and effectiveness of this risk management strategy and for reviewing compliance with controls introduced by EMT to manage risks.

Coordinate risk management activity across the Council

Report on risk management activity to EMT and Members

Maintain a corporate risk register and liaise with Group Managers relating to service risks.

Provide risk management training for officers and Members, appropriate to their needs and responsibilities.

Provide advice and assistance as required.

Maintain the insurance cover for the Authority and review on an annual basis

Report on Risk Management arrangements on an annual basis. Review Risk Management Framework on an annual basis. 8. GROUP MANAGERS Develop action plans in relation to corporate strategic risks as they relate to their area. Identify risks attached to proposals for new / changed policies and service delivery arrangements. Assist management to identify and record all key risks to service, project, partnership and change management processes.

of 348


APPENDIX ONE (contd) 9. EMPLOYEES Maintain awareness of risk management principles and take responsibility for managing risk within their own working environment Apply risk management to those risks requiring further action, particularly new developments and "project" work Maintain a record of risk assessments undertaken relating to them and any resulting action plans

10. INTERNAL AUDIT Internal Audit reports to Management on the organisations performance under the Risk Management Framework and the adequacy and effectiveness of systems of risk management. 11. EXTERNAL AUDIT External Audit reports to Management on the organisations performance on risk management.

of 348


APPENDIX TWO RISK SCORING CRITERIA AND MATRIX

Likelihood:

Likelihood Probability Timing A Very High Over 90% This week B High 55 % to 90 % Within 6 months C Significant 15 % to 55 % This year D Low 5 % to 15 % Next year E Very Low 1 % to 5 % Probably within 10–15 years F Almost Impossible Less than 1 % Probably not for at least 15 years Where the probability and timing score differently, a judgement should be made as to the correct likelihood score. Impact

Impact Type Negligible (IV) Marginal / Moderate (III) Critical (II) Catastrophic (I)

Financial (loss)

£0k – £10k £10k – £200k £200k – £1m Over £1m

Service Provision

No effect Some disruption to

Services

Significant disruption to Service or

Suspended Short Term

Service suspended long term or statutory duties not

delivered

Projects Minor Delay – days A few Milestones missed A Major Milestone

missed

Project does not achieve objectives and misses majority of Milestones

Health & Safety

Sticking Plaster / First-aider

Broken bones / illness Extensive or

multiple injuries / Major illness

Major Loss of Life / Large scale Major illness

Objectives No effect Team Objectives not met Portfolio Objectives

not met Corporate Objectives not

met

Morale No effect Some hostile

relationships and minor non-cooperation

Industrial Action Mass Staff leaving / unable

to attract staff

Reputation No media attention /

minor letters Adverse local media

Leader Adverse National

publicity

Extensive coverage in National Press and on TV.

Requires resignation of Senior Officer / Member

Government Objectives No effect Poor Assessments(s)

Service taken over temporarily

Service taken over permanently

of 348


APPENDIX TWO (contd) MATRIX

Lik

elih

oo

d

A

B

C

D

E

F

IV III II I

Impact

Corporate Risk Appetite

of 348

Corporate Procurement Strategy 2013 – 2016

of 348

Corporate Procurement Strategy 2013- 2016

2

1 INTRODUCTION & SUMMARY ................................................................................. 3

2 BACKGROUND .............................................................................................................. 3

2.1 CORPORATE PLAN ........................................................................................................ 3 2.2 MEDIUM TERM FINANCIAL STRATEGY ......................................................................... 4 2.3 DEFINITION OF SUSTAINABLE PROCUREMENT .............................................................. 4 2.4 PROCUREMENT MISSION STATEMENT .......................................................................... 4 2.5 PROCUREMENT ACTIVITY ............................................................................................ 4

3 CURRENT ARRANGEMENTS 2011/12 ...................................................................... 5

4 PROCUREMENT ARRANGEMENTS & STRUCTURE 2013/16 ............................ 5

4.1 ORGANISATION AND MANAGEMENT OF PROCUREMENT AND CONTRACTS ................... 5 4.1.1 Procurement Structure ......................................................................................... 5 4.1.2 Group Managers .................................................................................................. 5 4.1.3 Group Managers will ........................................................................................... 6

5 FUTURE CHALLENGES .............................................................................................. 6

6 CORPORATE PROCUREMENT STRATEGY 2013 – 2016 ..................................... 6

6.1 COMPREHENSIVE SPENDING REVIEW 2010, LOCAL GOVERNMENT “BIG WINS”

STRATEGY, LOCALISM ACT AND PUBLIC SERVICES (SOCIAL VALUE) ACT ............................. 6 6.2 THE APPROACH TO CORPORATE PROCUREMENT. ......................................................... 7

7 THE APPROACH - VALUE FOR MONEY ................................................................ 8

7.1 BUSINESS EFFICIENCY .................................................................................................. 8 7.1.1 Systems ................................................................................................................. 8 7.1.2 Value for Money ................................................................................................... 8 7.1.3 Contract management .......................................................................................... 9 7.1.4 Collaboration and partnering .............................................................................. 9 7.1.5 Monitoring and measurement ............................................................................ 10

7.2 LEADERSHIP ............................................................................................................... 10 7.2.1 Strategic focus .................................................................................................... 10 7.2.2 Guidance ............................................................................................................ 11 7.2.3 Communication .................................................................................................. 11

8 THE APPROACH - RESPONSIBILITY .................................................................... 12

8.1 SOCIALLY RESPONSIBLE PROCUREMENT ..................................................................... 12 8.1.1 Sustainability...................................................................................................... 12 8.1.2 Ethical Purchasing ............................................................................................. 13 8.1.3 Economic Development ..................................................................................... 13

9 RISK MANAGEMENT................................................................................................. 14

10 SUMMARY .................................................................................................................... 14

10.1 STRATEGIC PROCUREMENT OBJECTIVES ................................................................ 14

of 348


3

1 Introduction & Summary

In revising the Corporate Procurement Strategy for 2013 ‐2016, it is intended to further enhance the adoption of best practice procurement. This is a “living document” to be progressed, monitored and reported to evidence the achievements of the procurement function.

There is a real opportunity to develop procurement within the Council and reap the financial, economic and reputational benefits enjoyed by other successful public bodies.

The first section of this document considers the factors, which influence the future role and requirements of the procurement function over the next three years.

Implementation of the Corporate Procurement Strategy will lead to:

Enhanced profile and supply chain influence of the procurement of works, goods and services for the Council

The implementation of “Good Practice” procurement

The development of corporate procurement procedures and guidance to support the Council’s requirements

Embedding the use of the e‐procurement platform for all aspects of procurement activities, standardised systems and processes

Supporting the Council’s wider aims and objectives through effective use of financial resources

Supplier relationships, partnerships, framework contracts, sustainability and value for money are fundamental to the procurement strategy and the delivery of a cost effective procurement process.

2 Background

2.1 Corporate Plan Effective procurement can both directly and indirectly support the priorities of the Council and the Corporate Procurement Strategy has a key role to play in enabling the Council to deliver the key strategic objectives:

Being an enterprising and ambitious Council – through the innovation of procurement and the procurement of innovative solutions

Promoting economic growth and job creation – by engaging with local businesses and providing access to opportunities

Creating and engaging with healthy, vibrant communities – by implementing the localism act, supporting the living wage and encouraging skills development

of 348


4

Protecting and supporting vulnerable people – through the generation of council‐wide savings to support essential services

2.2 Medium Term Financial Strategy

The Medium Term Financial Strategy (MTFS) sets out how the Council will deliver its medium term financial objectives, within the framework set by the corporate plan.

One of the key building blocks of this financial vision is the increased emphasis on delivering value for money. As part of the Comprehensive Spending Review 2010 (CSR10), there are significant pressures on council spending and as a result efficiency savings/productivity gains have been built into base budgets with a programme to identify further savings for 2013/14 in year (1 – 2% of net budget requirement). Effective procurement will be essential to deliver these savings without affecting services. This revised procurement strategy will be implemented and provide demonstrable benefits to the council.

2.3 Definition of Sustainable Procurement

‘a process whereby organisations meet their needs for goods, services, works and utilities in a way that achieves value for money on a whole life basis in terms of generating benefits not only to the organisation, but also to society and the

economy, whilst minimising damage to the environment’1

Whole life is the period from the initial definition of the business need through to the end of the useful life of the asset or service contract. Procurement has a far wider scope than “purchasing”, “buying” or “commissioning”. It is about securing services and products that best meet the needs of users and the local community in its widest sense.

2.4 Procurement Mission Statement

Great Yarmouth Borough Council will undertake to deliver a fair and transparent procurement service, which is both efficient and effective for the benefit of the Council, its suppliers and other stakeholders.

2.5 Procurement Activity

In the financial year 2012 – 2013, the Council made payments, totalling approximately £76 million. A significant proportion of this spend is on expenditure such as salaries, pension contributions etc and it is more realistic to consider a total “in scope” spend of

1 Procuring the Future – June 2006

of 348


5

approximately £12 million, spent with over 1235 suppliers, which can be directly influenced by professional procurement practices.

3 Current Arrangements 2012/13 Procurement in the Council is currently undertaken within service units, where the technical specialists are located, with some centralised arrangements for commonly used goods and services, which are administered by the Customer Services Group.

4 Procurement Arrangements & Structure 2013/16 This strategy will introduce a new structure for procurement that will give a strong platform of accountability, providing for much‐improved outcomes in service, efficiency, sustainability, risks and financial performance. Core to this structure is the responsibility for Strategic Procurement and for implementing the Corporate Procurement Strategy, this lies with the Group Managers and the leadership of this implementation rests with the Director of Resources, Governance & Growth. A dedicated procurement post will be created to provide technical expertise, guidance and support to all procurement activity and to monitor the implementation of the Strategy.

4.1 Organisation and Management of Procurement and Contracts

4.1.1 Procurement Structure

Members

Executive Management Team (EMT)

Group Managers

Procurement Officer

4.1.2 Group Managers

Take a lead in the development, implementation and monitoring of the procurement strategy, reporting progress to EMT

Make use of support, guidance and advice on procurement practice

from the Procurement Officer and assist on major procurement exercises

Become a focal point for sharing good practice across the Council Ensure that procurement training is made available to procuring

officers in departments Procure and manage contracts for authority‐wide goods and services

and make sure that they are used appropriately

of 348


6

Together with the Procurement Officer undertake an analysis of the Council’s expenditure to highlight areas for potential savings/benefits to the authority and any gaps in the contracts register

Ensure the use, maintenance and development of the e‐procurement

system

4.1.3 Group Managers will

Be responsible for procurement activity in their respective areas

Provide updates to the Contracts Register and information on anticipated future procurement activity (Procurement Plan)

Provide information on the outcome of procurement exercises and contract performance

Utilise framework contracts for goods, services and works administered by the Council, consortia (e.g. ESPO), central government (e.g. GPS) and other public bodies

5 Future Challenges

In achieving the principle objectives of the Comprehensive Spending Review 2010 it is considered that the Group Managers and EMT are well positioned to meet the procurement challenges of the next three years until 2016, which are likely to fall within four main areas:

Shared services/collaboration

e‐Procurement/Invoicing/Tendering/Auctions/contract management etc.

Improved efficiency in all aspects of procurement delivering cashable and non‐cashable gains

Sustainable procurement objectives both environmental and socio‐economic

6 Corporate Procurement Strategy 2013 – 2016

The content of the Corporate Procurement Strategy for the next three years is designed to be as ‘jargon’ free as possible and consists of a number of pledges to meet the Council’s duty to operate both efficiently and responsibly.

6.1 Comprehensive Spending Review 2010, Local Government “Big Wins” Strategy, Localism Act and Public Services (Social Value) Act

of 348


7

In compiling a corporate procurement strategy for the next three years until 2016, appreciation must be taken of the underlying impact of the 2010 Comprehensive Spending Review, Local Government “Big Wins” Strategy, the Localism Act and the Public Services (Social Value) Act 2012.

There are six main themes into which the various recommendations can be categorised:

Value for Money

Fitness for purpose

Community engagement

Collaboration

Strategic approach

Social benefits

Consequently, consideration has been given not only as to how it provides a route‐map for the development of the procurement function within the Council, but also as a response to the requirements of good practice procurement.

6.2 The Approach to Corporate Procurement.

It is accepted that the Council will strive, at all times, to achieve value for money and efficiency in its procurement of goods, services and works but will do so within an environment of transparency and fairness. However, there is increasing recognition that the Council must achieve efficiencies whilst taking into account its responsibilities for the impact of any procurement decisions made, in terms of sustainability, equality, diversity, local economy and other social implications.

The first part of the strategy relating to value for money has been subdivided into business efficiency and leadership with specific commitments and priorities related to each. The second element addresses responsibility issues within procurement.

of 348


8

7 The Approach ‐ Value for Money

7.1 Business efficiency 7.1.1 Systems

The Council will assess the current procurement systems and identify areas for improvement. Systems will be developed to create streamlined efficient processes, eliminating the use of paper where possible.

7.1.2 Value for Money

The Council has long practiced the inclusion of quality in the assessment of value for money and will continue to evaluate key issues together with cost in purchasing decisions.

The principles of Value for money lie at the heart of the procurement process, including options for whether service delivery should be provided internally or outsourced, and measured against any of the recognised options for service delivery.

Cessation of a service in part or whole

Creation of a partnership

Market testing

Transfer of a service to another provider

Re‐negotiation of existing arrangements

Commitment

To complete the deployment of the e‐Procurement system.

To complete the full electronic purchase to payment process, including e‐invoicing.

To implement, where appropriate, e‐Tendering and Contract Management process improvements.

To develop systems that are transparent and accessible to local businesses.

To develop processes that enable the collection of sufficient data to allow the optimum use of intelligent management information.

Commitment It is intended to further develop the evaluation procedures adopted by the Council in order to ensure that any offer accepted by the Council, represents value for money, taking whole life costs, quality and sustainability into consideration. This policy will be fully communicated to the wider business community.

of 348


9

7.1.3 Contract management

It is recognised that public sector organisations do not always manage contracts effectively. This raises potential risks in sub‐optimal contract performance, a failure to maximise the opportunities for continuous improvement and inefficient exit planning and contract renewal.

It is also essential that managers can access information on contracts that the Council has in place to avoid duplication and an ensuing inefficient reputation with the supplier base.

7.1.4 Collaboration and partnering

It is widely accepted that particular categories and commodities of expenditure are more effectively procured at a multi‐organisational level, be this local, regional or national. There has also been increasing collaboration across public sector to leverage lower costs and/or to reduce the administrative burden.

This will necessitate the development of a range of external relationships to share future requirements and understand where opportunities arise to work collaboratively, where both requirements and timescales are compatible. It will also be important that managers are aware of consortium arrangements that are available for them to use.

Commitment

All contracts awarded by the Council will be risk assessed to determine the level of contract management required and ensure that scarce resources are used to their best effect.

Contract management training will be provided for all staff that are required to fulfil this role.

Systems and procedures will be implemented to create a database of contracts that are visible to managers to enable Council–wide contract support and to facilitate appropriate levels of contract management.

Commitment Where such arrangements represent a clear benefit to the Council, it will seek to strengthen collaborative and partnering relationships typically with neighbouring Councils, the Government Procurement Service, regional procurement consortiums (ESPO) and other centres of expertise in a bid to secure value for money for the Council. Where the Group managers have agreed that such contracts will be used they will be monitored to ensure that there is full contract compliance and any incidents of off‐contract buying, which are brought to the attention of the Group Managers, will be investigated.

of 348


10

7.1.5 Monitoring and measurement

This Corporate Procurement Strategy and related action plans will be monitored and progress will be regularly reported. It is also helpful to measure operational activities to assess the efficiency of procurement performance. There are standard metrics that are used across the public sector and can be benchmarked with similar organisations. The sharing of this information will help identify areas for improvement and will develop opportunities for sharing best practice.

7.2 Leadership 7.2.1 Strategic focus

It is important to the Council to promote economic growth and job creation. Progress towards this aim can be achieved through the Council’s own procurement practices and the Council will lead by example. Through the adoption of professional practices and by streamlining activity where possible the reputation of the Council will be enhanced with the business community.

Commitment The Group Managers will adopt as standard core key performance indicators as a means of measuring efficiencies, which include:

Proportion of invoices matched to official purchase orders.

Savings achieved.

Average spend per supplier overall in comparison to spend per local supplier.

Commitment

The Council will demonstrate high level commitment to embedding best procurement practice and this will be demonstrated through the support of value for money decisions.

The Council will adopt and communicate across departments the Chartered Institute of Purchasing and Supply (CIPS) ‘Code of Ethics’.

The Council will be open and transparent and will publish current and future contracts together with information to support local businesses.

of 348


11

7.2.2 Guidance

It is recognised that an important aspect of the role of the Group Managers is to provide guidance and advice to both council departments and to all stakeholders.

7.2.3 Communication

It is recognised that to further the development of good procurement practice it is important to engage with the whole procurement community, from those that develop specifications and tender documents to those that raise orders and manage contracts.

Commitment The Group Managers will work with the Procurement Officer to continue to develop a toolkit of informative guidance as follows:

The issuing of updated Contract Standing Orders

The creation of a comprehensive purchasing guide for all those involved in any procurement activity.

The development and issuing of a desk‐top quick guide to the key issues.

The development of quotation and tender template documents.

The creation and delivery of procurement training to all those with procurement responsibilities to develop an awareness of best practice and to encourage ownership of the procurement process.

The promulgation of the standard procurement terms and conditions for use whenever appropriate.

Commitment The Group Managers will endeavour to communicate with and inform and advise its stakeholders by means of:

Increased scope of the Procurement Section of the Council’s website.

Support to regional and national collaborative procurement activities and events. Provision of internal procurement update sessions for staff involved in

procurement.

of 348


12

8 The Approach ‐ Responsibility

This second part of the strategy relates to responsibility and includes socially responsible and ethical procurement and economic development, with specific objectives and priorities related to each.

The Council recognises that its activities have an impact on the economic, social and environmental aspects of the community in which it exists and in the wider context. Therefore it is required to take account of these factors in the acquisition of goods, materials and services.

8.1 Socially responsible procurement 8.1.1 Sustainability

As part of the Council’s commitment to the Nottingham Declaration the Group Managers are conscious that the Council’s decisions must take into account the social, economic and environmental impact that the procurement of goods, materials and services has on people and communities, including taking into account what products are made of, where they have come from, who has made them, how they are transported and how they are eventually disposed of. Consideration should even be given as to whether the purchase is required at all. The Council will regularly undertake an assessment of the categories of products and services that it procures to evaluate those that are high risk or where there is scope to improve and particular effort will be made to both reduce adverse impacts and maximise opportunities to achieve the following:

Supporting social skills, education and employment

Encouraging suppliers to implement the living wage

Effective protection of the environment

Prudent use of natural resources

Maintenance of high and stable levels of economic growth and development

Commitment

A regular assessment will be made for all categories of procurement and those that represent high levels of risk or opportunity will be targeted for specific attention to increase sustainability outcomes.

In accordance with the Public Services (Social Value) Act, all service contracts will take into consideration how what is proposed to be procured might improve the economic, social and environmental well‐being of the local area.

Where appropriate contractors will be encouraged to implement the living wage and to support its adoption throughout their supply chains.

The Council will incorporate in the procurement guide practical advice on how to address socio‐economic and environmental issues through procurement.

of 348


13

8.1.2 Ethical Purchasing

Procurement will support the aims and objectives of Fairtrade and its commitment to those objectives by promoting fairly traded products and by increasing awareness amongst users. However, ethical purchasing is a much wider subject than simply using products accredited with social ‘labels’. In its truest sense, it means without harm to, or exploitation of humans, animals or the environment and includes issues such as working conditions, equality, animal testing and biodiversity; throughout the supply‐chain.

Procurement whether it is in house, external or through partnerships will be operated in a professional manner to ensure the highest standards of openness and exclusivity, transparency, probity, integrity and accountability.

Procurement decisions will be fair, legal and consistent and major procurement will be on a project basis to include control of risk and to assure quality.

8.1.3 Economic Development

The Council has made a commitment to promote economic growth and job creation and this will be pursued both with direct suppliers to the Council and through the supply‐chain where practical.

It is also essential that the Council provide information and guidance to the business community to make opportunities accessible and to enable them to compete effectively for contracts.

Commitment

The Group Managers will take into account ethical considerations in the procurement of goods and services on behalf of the Council.

The procurement guide will include details on how to assess the relevance of specific issues within a procurement project and how to build in assurances where appropriate.

of 348


14

9 Risk management

Risk management is an integral part of the procurement process and is, to a varying degree, present in all procurement activity.

The risks will be identified, assessed and managed accordingly, by the lead buyers involved, at an early part of the procurement process. These risks may be financial, commercial, operational, environmental, economic, social or even reputational. Where necessary risks will be shared with stakeholders and opinions sought so that all decisions relating to procurement will be taken in the light of all the details.

10 Summary

The 2013/16 Procurement Strategy will be implemented through well managed action plans and will deliver a sound structure and framework to support ongoing procurement activity. This will enable the Council to maximise opportunities, minimise risks and support several of its Corporate Objectives through good procurement practice.

10.1 Strategic Procurement Objectives The Council’s strategic procurement objectives are as follows: • Procurement will contribute to the realisation of the Council’s Corporate Plan and medium

term financial strategy

Commitment

The Group Managers will engage with the business community and organisations such as the Federation of Small Businesses and Regional Chambers of Commerce to share opportunities and future strategies.

Contract opportunities will be published on both the Council website and ‘Contract Finder’.

Where possible user‐friendly electronic procurement systems will be used to streamline procurement processes, and documents will be simplified to avoid suppliers being asked for unnecessary information.

The Council will offer all unsuccessful bidders an explanation of the evaluation of their bid. Where appropriate a face to face debrief will be offered.

The Council will support attendance at targeted ‘meet the buyer’ and other events organised by the local Chamber of Commerce, the Federation of Small Businesses, etc.

The Council will publish a ‘How to do Business with GYBC Guide’ aimed at encouraging local businesses to find it easy to work with the Council

of 348


15

• Value for money must be obtained from the Council’s procurement spend in achieving efficiency, effectiveness and value for money

• All procurement projects must be professionally managed so that they are successful and

the intended benefits are realised • Partnering will be examined as a procurement strategy for all major projects where

mutual advantage can be gained through longer term relationships and continuous improvement

• There must be a successful transition to e‐commerce as part of the Council’s local e‐

government strategy • Consideration must be given to the impact on the economic well‐being of the local area of

procurement decisions • The purchasing power of the authority must be maximised

of 348


Contract Standing Orders

of 348

2

Contents 1. Purpose ............................................................................................................................... 4

2. Scope .................................................................................................................................. 4

3. Exception ............................................................................................................................ 4

4. Waiver to procurement / tender procedure ...................................................................... 5

5. Operational emergency ...................................................................................................... 5

6. Authorities and controls ..................................................................................................... 6

7. Segregation of duties .......................................................................................................... 6

8. Officer conduct ................................................................................................................... 6

a) Conflict of interests of officers........................................................................................ 6

b) Ethical procurement ....................................................................................................... 6

9. Framework Arrangements .................................................................................................. 6

10. Existing contracts ................................................................................................................ 7

11. New contract development ................................................................................................ 8

12. The Public Services (Social Value) Act 2012 ....................................................................... 9

13. Aggregation of demand ...................................................................................................... 9

14. Market research ................................................................................................................. 9

15. Development of the specification ...................................................................................... 9

16. Supplier selection ............................................................................................................. 10

a) Supplier databases ........................................................................................................ 10

b) Approved Standing Lists................................................................................................ 10

c) Qualification of suppliers .............................................................................................. 11

17. Advertising a quotation or tender .................................................................................... 11

18. Information to potential suppliers ................................................................................... 12

19. Meetings/discussions with tenderers .............................................................................. 12

20. Low value procedures ....................................................................................................... 12

21. Medium level procedures ................................................................................................. 13

22. High level procedures ....................................................................................................... 14

23. EU procedures .................................................................................................................. 15

24. Receipt of Tenders ............................................................................................................ 15

25. Opening of Tenders .......................................................................................................... 16

26. Late tenders ...................................................................................................................... 16

27. Errors or Discrepancies in Tenders ................................................................................... 16

28. Error by the Budget Holder .............................................................................................. 17

29. Tender evaluation ............................................................................................................. 17 of 348

3

30. Acceptance of Tenders ..................................................................................................... 18

31. Debriefing unsuccessful tenderers ................................................................................... 19

32. Negotiation ....................................................................................................................... 19

a) Post‐tender negotiation ................................................................................................ 19

b) Post contract negotiation ............................................................................................. 20

33. Form of Contract .............................................................................................................. 20

34. Purchase order ................................................................................................................. 21

35. Pricing ............................................................................................................................... 22

36. Transfer of undertakings (protection of employment) regulations 1981 (TUPE) ............ 22

37. Living wage ....................................................................................................................... 22

38. Variations .......................................................................................................................... 22

39. Cancellation of purchase order/contract ......................................................................... 23

40. Termination due to supplier non performance ................................................................ 23

41. Receipt of goods & services and payment ....................................................................... 23

42. Disposal of assets .............................................................................................................. 24

43. Audit requirements .......................................................................................................... 24

44. Archive records ................................................................................................................. 25

45. Review of Contract Standing Orders ................................................................................ 25

Appendix A Glossary of terms ........................................................................................... 26

Appendix B Procurement Authority Thresholds ............................................................... 28

APPENDIX C Exemption / Waiver Form ............................................................................ 30

of 348

4

1. Purpose These Contract Standing Orders are made in accordance with the requirements of Section 135 of the Local Government Act 1972. They do not provide guidelines on what is the best way to purchase works, supplies (goods) and services. They set out the minimum requirements to be followed. Further information and guidelines are set out in the Council’s Procurement Guide. The overall purpose of these Contract Standing Orders is threefold:

a) to ensure probity, transparency and equality in the procurement of works, goods and

services,

b) to ensure the Council gets best value from its procurements, and

c) to protect those involved in the procurement process.

2. Scope These Contract Standing Orders apply to all contracts for goods, services, works, concessions and capital projects undertaken by or on behalf of the Council with the exception of:

a) the acquisition of any interest in land.

b) the lending or borrowing of money.

c) employment of an individual employee.

d) the disposal of property (including any interest in land).

e) contracts secured through a compliant framework consortium agreement.

f) the engagement of Counsel

g) the awarding of Grants to third sector organisations

3. Exception

Subject to the requirements of the EU Directives, Acts of Parliament and UK Public Contract Regulations tendering is not required:

a) for supplies or materials which are available only as proprietary or patented articles from one contractor or supplier and for which the appropriate Director certifies that there is no reasonably satisfactory alternative available in the European Union and for repairs to, or the supply of, parts of existing proprietary or patented articles, including machinery or plant;

b) where the purchase is via a purchasing consortium, e.g. Government Procurement Service (GPS) or ESPO, provided that the purchasing consortium has, for the item(s) concerned, complied with the EU Procedure where the contract exceeds the EU threshold;

of 348

5

c) for works of art, museum specimens or historical documents;

d) for a procurement which constitutes a variation or extension of an existing contract and either:

i) the variation or extension is specifically provided for in the original contract (although in such cases the appropriate Budget Holder should first consider whether re‐tendering would be likely to result in better value for the Council), or

ii) the estimated value of the variation or extension is less than the greater of

£5,000 or 10% of the original contract sum.

e) for supplies or materials to be purchased at a public auction;

4. Waiver to procurement / tender procedure

In the exceptional circumstances when insufficient Suppliers are available from the market to enable competitive offers to be obtained or an Exception (as detailed above) applies a request to proceed using the Exemption / Waiver Form (Appendix C) must be made to the Director of Resources, Governance & Growth.

Such requests for a waiver must be in writing clearly recording how you will prove Value for Money by adopting this approach. The requests will be monitored by Internal Audit to ensure compliance and the delivery of Value for Money.

5. Operational emergency

An Operational Emergency is a situation that is the result of an unforeseen event over which the Council has no control. This procedure must not be used when a requirement has become late due to lack of planning on the part of the Budget Holder.

a) In cases of Operational Emergency, requirements should be obtained from existing contracts as a priority.

b) In the event of an existing contract being unavailable, the Budget Holder can contact

an available supplier direct to provide assistance.

Extreme caution must be exercised when considering procurement as a result of urgency. Regulations must not be compromised and full documentation must be completed regardless of the urgency of the requirement. A full audit trail must be maintained throughout the procurement process. Urgent requests should clearly state the reason for urgency and a specific delivery date supported by written justification within 48 hours.

of 348

6

6. Authorities and controls

No commitment to purchase, contract, lease, hire, or rent goods, services or works on behalf of the Council can be made without appropriate budget authority and delegated procurement authority.

Budget Authority rests with the Budget Holder. All expenditure must have prior budgetary approval. A budget is approved when the Budget Holder has received sanction through the budget process for the annual budget. This authority permits the Budget Holder to authorise, sign or issue purchase orders or contracts, or make any other form of commitment to suppliers within the limits of their delegated authority and with due regard to these Contract Standing Orders.

Refer to Appendix B Procurement Authority Thresholds

7. Segregation of duties

The activities relating to the contracting and procurement processes are segregated between the following phases:

Purchase Order

Commitment (contract signatory) / Authorisation

Receipt

Payment

Segregation of duties must exist between raising Purchase Orders and commitment of expenditure and also receipt and payment.

8. Officer conduct a) Conflict of interests of officers

Officers employed by the Council must comply with Paragraph 5.4 of the Council's "Code of Conduct", relating to conflicts of interest.

b) Ethical procurement

Procurement should only be undertaken by officers adhering to the strictest professional standards. The Council recognises the Chartered Institute of Purchasing & Supply (CIPS) Code of Ethics1 as the appropriate standard.

9. Framework Arrangements

1 http://www.cips.org/Documents/About%20CIPS/CIPS%20Code%20of%20Ethics.pdf of 348

7

In this Standing Order, a Framework Arrangement is a formal tendered arrangement which sets out terms and conditions under which specific purchases can be made throughout the term of the agreement. The appropriate Budget Holder may procure supplies, services or works from the successful framework tenderer(s) in unpredicted quantities at various times during the period that the agreement is in force. For this purpose, a Framework Arrangement may be set up by the Council, GPS, ESPO or some other Consortium, association or similar body of which the Council is a member or party.

In any case where a Framework Arrangement in accordance with these standing orders is in place:

a) Orders to be placed against a known price do not require further competition unless required by law.

b) In circumstances where the price was not specified under the Framework Arrangement an order can only be placed if further competition has been undertaken with all of the suppliers specified in the Arrangement. This competition may be undertaken utilising the Council’s Standard Request for Quotation or other means detailed within the Framework Arrangement terms. Further competition must be evaluated using the criteria as stated in the Framework Arrangement.

When advertising for a Framework Arrangement the advertisement must indicate:

a) That it is a Framework Arrangement which is being tendered.

b) The parties eligible to participate in the Framework Arrangement.

c) The duration of the Arrangement.

d) The expected maximum number of suppliers.

e) The estimated total value of the contracts to be covered by the Arrangement.

f) The award criteria for choosing suppliers and subsequent criteria for placing orders.

10. Existing contracts

Where a Contract has been awarded it must be used for all requirements that relate to that contract. A detailed contracts register will be maintained by the Group Manager for Resources and made available for all Budget Holders to access on the Procurement intranet.

The Council and its contracted Suppliers make a considerable investment in negotiating and preparing contracts and when a contract has been awarded to a contractor it must be honoured. To place purchase orders / contracts with alternative suppliers other than the contract holder may frustrate the contract and open the Council to expensive litigation.

In the exceptional occasions where a Budget Holder feels that better value can be obtained from sources alternative to those that have been awarded a Council contract, approval to

of 348

8

use those alternatives must be first obtained from the Group Manager or the Director of Resources, Governance & Growth.

Contracts should not be awarded that compete with an existing contract for similar requirements without the express approval of the Group Manager and Director of Resources, Governance & Growth.

11. New contract development When a Contract does not exist to meet a requirement the Budget Holder must follow the appropriate Competitive Process in compliance with Contract Thresholds2.

Before any procurement is begun the appropriate Budget Holder must estimate the value of the contract and must keep a written record of that estimate as part of the Contract Plan3 in the Department.

a) In the case of contracts for:

i) the hire of goods for an indeterminate period or

ii) the provision of services for a period in excess of 4 years or for an

indeterminate period.

the estimated value of the contract for the purpose of these Standing Orders must be the estimated monthly cost multiplied by 48 or; where monthly costs are inapplicable the estimated annual cost multiplied by 4.

b) In the case of contracts for the supply of goods or services over a period where the Council wishes to call off as required or has a series of regular requirements by standing order the estimated value of the contract is either:

i) the aggregate value of similar contracts over the previous 12 months (adjusted

for any known changes in demand);

ii) the estimated value of similar contracts over the next 12 months; or

iii) if the contract is for a definite term of more than 12 months, the estimated value

for the period of the contract.

c) For all supplies, services and works not covered by the above, the estimated value for the purpose of these Standing Orders must be the total estimated value of the supplies, services or works to be supplied over the period covered by the contract.

2 Refer to Appendix B ‐ Procurement Authority Thresholds 3 Refer to Appendix C‐ Contract Plan of 348

9

d) The value of a concession for the purpose of this Standing Order is the estimated gross value of the service before income.

12. The Public Services (Social Value) Act 2012

The Act requires that the Council has regard to economic, social and environmental well‐being in connection with public services contracts and considers the following in all procurement exercises for services:

a) how what is proposed to be procured might improve the economic, social and environmental well‐being of the relevant area, and

b) how, in conducting the process of procurement, it might act with a view to securing that improvement.

The Council must consider under subsection (3)(b) only matters that are relevant to what is proposed to be procured and, in doing so, must consider the extent to which it is proportionate in all the circumstances to take those matters into account.

13. Aggregation of demand

The separation of a requirement (disaggregation) into several smaller orders or contracts to avoid seeking the correct Procurement Authority or to avoid appropriate levels of competition is not permitted. When a Budget Holder instigates a quotation / tender procedure they must inform the Group Manager or their delegated manager of that requirement to enable the potential for aggregation to be managed.

14. Market research

Access to accurate and relevant commercial intelligence and knowledge of the marketplace is necessary in deciding which option is best. Relevant markets need to be researched and understood, however, care must be taken to ensure this does not distort competition or prejudice any bidder or potential bidder.

15. Development of the specification The Budget Holder, with the aid of specialist functions as appropriate, is responsible for compiling the specification which must include performance criteria. Budget Holders must use caution when communicating with potential suppliers during this stage of the process, to avoid compromising the Council’s ability to maintain transparency, equal treatment and impartiality.

It is the responsibility of the Budget Holder to source and contract with suppliers who will supply goods and services that will meet the Budget Holder’s specification as well as the commercial requirements of the contract. of 348

10

To ensure best value specifications should be generic and outcome‐based and not limit offers of equivalent solutions.

16. Supplier selection

The Council is committed to obtaining value for money through the procurement of all goods, services, works and capital projects. It is essential to ensure that only the most capable suppliers are selected as contractors to the Council. The selection and elimination of suppliers within a procurement exercise can only be made on grounds of capability and that assessment should include a balance of technical, professional and financial issues as appropriate. It is essential that any criteria used to select suppliers are notified to them in advance. This information should be contained within tender documents or where appropriate included within the OJEU advertisement.

a) Supplier databases

Various Supplier/Contractor databases exist to assist organisations select suppliers these data bases are available on‐line, e.g. Construction‐line, Sells, Yellow Pages, Kelly’s and professional bodies such as RICS. When using these lists care must be taken not to only use one source of information.

b) Approved Standing Lists

This Standing Order applies to contracts with an estimated value of less than the relevant EU threshold.

The list must be compiled and maintained by the appropriate Budget Holder and indicate the categories of contract and the values or amounts in respect of those categories for which those suppliers are approved.

Applications for inclusions to the list must be sought through advertisement in appropriate publications, websites or other media. This will depend on the estimated value and market conditions. The advertisement must include any minimum criteria to be applied in determining whether a contractor will be selected for the list or any part of the list.

The list must be regularly maintained and refreshed, at least every 3 years, and existing contractors must be contacted to confirm their details and inclusion on the list. Records relating to those responding to advertisement, those successful and those rejected must be kept for audit purposes, including any reasons for rejection.

Invitations to tender for a contract using an Approved Standing List must be sent to:

of 348

11

not less than four of the suppliers selected by the appropriate Budget Holder, from among those approved for a contract of the relevant category and amount or value; or

where fewer than four suppliers are approved for a contract of the relevant category and amount or value, all those suppliers.

c) Qualification of suppliers

Where open advertisements are used to attract potential suppliers the selection process will form a qualifying stage of the tender exercise. Qualification can only be assessed on the grounds of financial soundness, professional and technical ability.

There are 2 ways in which this process can be used and these follow the principles of the EU procedures.

i) Either, the pre‐qualification questionnaire is sent to suppliers together with the

scoring mechanism and only the suppliers that meet the required standard are then issued with the full tender documents.

ii) Or, suppliers are issued with the full Invitation to Tender (ITT) document of which the qualification questionnaire forms the first section.

The first option should be used where it is likely that the requirements of the Council, due to the risk or nature of the contract, will eliminate a reasonable proportion of suppliers. This approach will remove the possibility of large numbers of suppliers completing full tender documents unnecessarily. Conversely, where appropriate, the qualification stage within a full tender will be used to ensure that minimum standards are met and will allow evaluation of a wider range of tender offers. This will reduce the overall timescale of the tender. The purpose of pre‐qualification is not to reduce the number of potential bidders but to ensure that those tenders that are evaluated are from suppliers that are capable of meeting the quality standards required. Where possible pre‐qualification should be a simple as possible and this may involve as little as a requirement of tenderers to confirm that they can meet the stated minimum standard required.

17. Advertising a quotation or tender An advertisement should be published to invite potential suppliers to apply to complete a Pre‐Qualification Questionnaire and to participate in a quotation / tender process when;

a) A legal requirement to do so exists; for example an OJEU notice as part of EU Procurement Procedures.

b) An appropriate Approved Standing List does not exist.

c) You need to increase competition for the goods, services or works.

d) The value of the requirement exceeds £50,000.

of 348

12

e) The value of the requirement is less than £50,000 and it is determined as advantageous to do so.

f) The contract is for a services concession The advertisement shall be raised in conjunction with the Group Manager. The Advertisement shall be placed in an appropriate publication dependent upon the value and specialised nature of the requirement, e.g.:

a) Local or National Newspaper.

b) Trade or Professional Journal.

c) GYBC, Regional or National public sector website, e.g. UK Government Contracts Finder4

d) Official Journal of the European Union (OJEU)5.

18. Information to potential suppliers

All potential suppliers must receive the same detailed information that must reflect the business and Budget Holder requirements. Information given to tenderers that relates to anticipated volumes or value of business is for guidance only. It must be clearly stated that the Council will not be bound by this information. Tenderers must not be informed of the identity of competitors, as this can lead to supplier collusion and cartels and a potential loss of confidence among tenderers.

19. Meetings/discussions with tenderers

If it is part of the contract strategy to hold meetings with tenderers before tenders are submitted best practice is to hold one meeting with all suppliers present unless the Budget Holder and the Group Manager determines that it disadvantageous to do so. This approach ensures that all tenderers receive the same information.

If one or more tenderer makes enquiries for clarification during the course of tendering, the Budget Holder, in the interests of fairness, will advise all tenderers of the question and answers given. This is without attributing the source of the original query. No meetings or discussions shall take place during the tendering process between tenderers and the Budget Holder without the prior agreement of the Group Manager.

20. Low value procedures

This procedure should be used by Budget Holders teams with delegated authority for expenditure below £5,000 where the requirement is of low value/low risk.

4 https://online.contractsfinder.businesslink.gov.uk/?site=1000&lang=en 5 Where there is a requirement to advertise in the OJEU this notice must appear before other advertisements and notices elsewhere. of 348

13

These requirements are normally straightforward and require nothing more than the Council’s Standard Contract & Purchase Conditions. The Budget Holder is required to obtain 2 verbal competitive quotes which should be recorded to show that good value has been obtained. The Purchase Order Number must be provided to the supplier at the time that the commitment is made. The Budget Holder must confirm Purchase Order details in writing within 24 hours of placing an order using a Purchase Order generated by Integra. The use of facsimile or e‐mail should always be considered as an alternative to telephone enquiries.

21. Medium level procedures

a) For expenditure between £5001 and £15,000 a minimum of two written quotations from potential Suppliers is required on the Council’s standard Quotation Request Form6. This quotation may be returned by post, facsimile or e‐mail and at least 3 suppliers should be invited.

Commitments must be confirmed immediately with a Purchase Order generated by Integra and must include all associated costs including delivery and VAT. The Purchase Order must be marked “CONFIRMATION ORDER” if the supplier has already been instructed to proceed. The maximum duration of any contract should not exceed 1 year and automatic renewal or extension of contract is not permitted without referral to the Director of Resources, Governance & Growth.

b) For all requirements between £15,000 and £50,000 at least three contractors must

be invited to quote and respond. The enquiry may be issued utilising facsimile, e‐mail or postal services and must be made on the Council’s standard Quotation Request Form. The Form should include the Budget Holder’s specific requirements and the Standard Contract & Purchase Conditions to be used. It is also essential that the following is clearly stated:

i) the lowest priced quotation may not be accepted.

ii) the Council is under no obligation to accept any quotation.

iii) The Quotation will incorporate the phrase “your quotation must be despatched

to arrive at this office by... (time) on ... (date)”.

After the closing date and time all received quotations should be opened together within the department by at least two independent officers. Records of quotations sought and received must be retained for audit purposes. The maximum duration of any contract should not exceed 3 years and automatic renewal or extension of contract is not permitted without referral to the Director of Resources, Governance & Growth. Additionally the Quotation must be referred to

6 Located in the Procurement Guide of 348

14

the Group Manager when any of the following apply regardless of the contract value: i) The contract period will extend beyond 12 months.

ii) The contract will require special terms and conditions of contract.

iii) The Standard Contract & Purchase Conditions may need to be modified and/or

amended.

iv) The supplier insists on using their own Terms and Conditions of Contract.

Commitments must be confirmed immediately with a Purchase Order generated on Integra and must include all associated costs including delivery and VAT. The Purchase Order must be marked “CONFIRMATION ORDER” if the supplier has already been instructed to proceed.

Where requirements are complex and potentially high risk the high level procedures should be followed and full tender documentation used instead of the quotation Request Form.

22. High level procedures

a) For all requirements valued between £50,000 and the relevant EU threshold at least

3 competitive tenders must be sought. The Council’s standard documentation should be used, including the Standard Contract & Purchase Conditions. The evaluation criteria and scoring methodology must be clearly set out in the ITT documents and it is also essential that the following is clearly stated:

i) The lowest priced tender may not be accepted.

ii) The Council is under no obligation to accept any tender.

iii) All tenders must be submitted in a plain, sealed package, using the special

“TENDER RETURN” address label or envelope supplied for the purpose, clearly

marked with the reference number of the tender, the opening time and closing

date.

iv) The invitation will incorporate the phrase “your tender must be sealed and

despatched so as to arrive at this office by... (time) on ... (date)”.

v) The package/envelope should have no indication of, or reference to, the name

of the tenderer.

To ensure transparency, equality of access and opportunity to local businesses all

tenders will be advertised on the Council website, Contract Finder and in a local

newspaper, expressing the nature and purpose of the contract or stating where

further details may be obtained and inviting expressions of interest. If appropriate

the Budget Holder may also give such notice in an appropriate trade or professional

journal. of 348

15

The tender must be referred to the Director of Resources, Governance and Growth

when any of the following apply:

i) The contract period will extend beyond 36 months.

ii) The contract is an extension of an existing contract.

iii) The contract will require special terms and conditions of contract.

iv) The Standard Contract & Purchase Conditions may need to be modified and/or

amended.

23. EU procedures This procedure must be used for all requirements which are valued above 95% of the current EU Threshold. All contracts must be advertised in the Official Journal of the European Union (OJEU) and may also be advertised elsewhere as appropriate, but this must be following the OJEU notice publication.

There are four procurement routes that are available to use under the EU Directives and the choice of these procedures must be appropriate to the contract in question.

a) Open – this procedure is preferred by the Council, as it has the shortest timescales and is arguably most transparent. Any company who replies to the advertisement in the OJEU will be issued the ITT.

b) Restricted – this is a two‐stage process where the full ITT is only provided to bidders that are successfully assessed in the Pre‐Qualification Questionnaire.

c) Negotiated – following advertisement and pre‐qualification, the Council enters into negotiations with usually at least three companies before awarding the contract. The scope for using the Negotiated Procedure is limited by EU Regulations and must be justified; the most common circumstance being where the contract specification cannot be established with sufficient precision to permit the award of the contract by selection of the best tender according to the rules governing open or restricted procedures.

d) Competitive Dialogue – this is a two‐stage process. The first stage "the dialogue" allows for discussion between the invited bidders (no less than 3) and the Council. At the end of the dialogue phase bidders are invited to submit proposals which are then evaluated using the previously issued criteria.

Budget Holders will follow the appropriate procedures as detailed in the EU Procurement Directives and in the UK Public Contract Regulations, ensuring that all mandatory timescales are adhered to. Please see the procurement guidance for further details.

24. Receipt of Tenders

of 348

16

On receipt, the tenders shall be stamped with time and date and retained unopened in a secure environment until the opening date and time. The Director of Resources, Governance and Growth shall be responsible for the safekeeping of tenders for contracts over £50,000 until opening. All other tenders shall be recorded by the Budget Holder on a tender schedule sheet including “No Tenders” and “Late Tenders”.

If for any reason it becomes clear that insufficient time has been allowed for the preparation of tenders, the closing date may be extended. All tenderers must be advised of any change in the closing date, extension of time allowed, or of any other change in the tender arrangements.

25. Opening of Tenders Tenders must be opened at the same time, in the presence of two officers designated for the purpose by the Director responsible for the contract to which the tender relates, together with an officer designated by the Director of Resources, Governance and Growth. It is also recommended to include one other person not associated with the tender requirement this may or may not be a Member. No such tender shall be opened until after the date and time appointed for the final receipt of tenders for the proposed contract or sub‐contract. On opening tenders, each person present will sign each tender as near as possible to the price or costing detail. Any changes or modifications made by the tenderer must be marked as such and signed by each member of the opening team.

26. Late tenders

No Tender received after other tenders have been opened will be opened or accepted. A Tender received late but before the other tenders have been opened may be considered if there is evidence that it was despatched by post or other means early enough to be received in due time in normal circumstances. A Tender rejected due to late delivery will not be recorded nor included in the analysis process and will be returned to the tenderer.

27. Errors or Discrepancies in Tenders

Where examination of tenders reveals errors or discrepancies which would affect the tender figures in an otherwise successful tender, the tenderer is to be given details of such errors and discrepancies and afforded an opportunity of confirming or withdrawing the offer.

Where a tender is for a fixed sum and is for measured work calculated on Bills of Quantity with rates or Activity Schedules and the arithmetical calculations are erroneous the tenderer may confirm either the rate (or rates) or the total for that particular item or the tenderer may withdraw the offer. Where the Contractor has agreed to confirm their offer, any of 348

17

revision to the arithmetic total will require a compensating adjustment to provide a build up of cost to agree with the tendered sum.

Where a tender is for measured work calculated on Bills of Quantity with rates or Activity Schedules and is not for a fixed sum and the arithmetical calculations are erroneous the tenderer may confirm either the rate (or rates) or the total for that particular item or the tenderer may withdraw that offer.

If the tenderer withdraws, the next tender in competitive order is to be examined and then dealt with in the same way.

Any exception to this procedure must be authorised by the Director of Resources, Governance & Growth.

If a supplier discovers after receiving a contract that their tender had contained a genuine error, they must be asked to submit a detailed explanation of their case. If that demonstrates to the satisfaction of the Budget Holder that the error or omission was genuine, the revised details may be accepted subject to their approval within the relevant financial authority and the supplier’s bid remaining competitive.

Otherwise, the supplier must be required to stand by their tender or the contract may in extreme circumstances be terminated. This course of action must be at the discretion of the Budget Holder, in discussion with their Head of Department. If in any doubt of the action to be taken refer to the Director of Resources, Governance & Growth.

28. Error by the Budget Holder

If the Budget Holder finds an error in the requirement or specification of a tender, all potential suppliers must be informed of the correction and if necessary be given additional time to reply by extension of the tender return date.

If, following the issue of a Purchase Order, the Budget Holder finds a genuine error made in the process of placing the Purchase Order; the Budget Holder should advise the supplier and jointly discuss corrective action. The corrective action may be accepted subject to approval within the relevant financial authority.

In exceptional cases, cancellation of the contract may be necessary after discussion with the supplier and the Budget Holder.

29. Tender evaluation

The Budget Holder with delegated authority is responsible for leading the commercial evaluation procedure within the tender assessment team. Tender evaluation will utilise the services of any other specialists deemed necessary. The evaluation process must be

of 348

18

objectively followed using a team approach and by moderating scoring. All records of the evaluation process must be retained for audit purposes. The purpose of the evaluation is to identify the most economically advantageous tender, which will be a balance of cost and quality. The Budget Holder must draw up an evaluation matrix and methodology early in the process and this must be shared with the tenderers as part of the ITT documents. It is good practice to allot a weighting system to the scoring to enable greater emphasis to be attributed to the key outcomes required. The evaluation criteria must be relevant and proportionate and linked to the subject matter of the contract. These criteria will often include the following: Quality ‐ technical merit, aesthetic and functional characteristics, environmental characteristics, after sales service, technical assistance, delivery date and delivery period and period of completion.

Whole life cost ‐ price, running costs, maintenance, consumables, spares and disposal costs.

30. Acceptance of Tenders

The appropriate Budget Holder may accept from valid tenders received, in accordance with the decided award criterion:

a) the lowest tender, if that was the award criterion, provided that the tender is not more than 10 per cent above the estimated value; or

b) the most economically advantageous tender, if that was the award criterion and if one tender achieves an overall highest combined quality and cost score; or

c) any other tender only after consultation with the Director of Resources, Governance & Growth and after taking legal advice on the impact of EU Directives and subject to the appropriate Budget Holder making a written report; or

d) in the case of sales or concessions the highest tender, if that was the award criterion,

provided that the tender is not more than 10 per cent below the estimated value.

A Budget Holder may not reject an abnormally low tender without first giving the Tenderer the opportunity to explain the tendered price.

Acceptance of a tender must be in writing and may in some cases be in the form of an official purchase order and must be signed by the appropriate Director or by an Officer designated by him/her. The “acceptance” must not prejudice any formal contract required by Standing Order 33.

of 348

19

The appropriate Budget Holder must inform all tenderers of the name of the successful tenderer and (where practical) the amount of the tender accepted and (without connecting particular prices to particular tenderers) the prices submitted by other tenderers.

31. Debriefing unsuccessful tenderers

The Budget Holder must be prepared to explain to unsuccessful tenderers why their tenders were not accepted. Unsuccessful tenderers have a legal right to be debriefed, based on their tender, if they choose to make such a request. This is also good practice as it can help suppliers to improve and better compete for future business. Debriefing of an unsuccessful tenderer should only be arranged once the contract has been awarded and accepted by the supplier, and all unsuccessful tenderers have been informed. Debriefing in depth is likely to be needed only in respect of strategic or significant contracts. In doing so the Buyer must recognise and respect the confidentiality of information received from other tenderers.

32. Negotiation

All supplier negotiations should be controlled and led by the Budget Holder with delegated procurement authority. The Budget Holder should determine a strategy for the negotiation, irrespective of whether the negotiation concerns a new purchase, a renewal, or a supplier generated change. The Budget Holder may decide to involve other specialists as appropriate. The EU Directives do not permit price negotiation, however clarification is utilised to explore and understand the technical aspects of a tender. The result of clarification discussions may be an adjustment to the cost proposal.

a) Post‐tender negotiation

All post tender negotiations must be transparent and be carried out with all appropriate suppliers to remove possibility of preferential treatment of tenderers. No negotiations may take place under this Standing Order unless the tender documents specifically reserve the right to do so.

Post tender negotiation is the process whereby negotiation takes place with one or more selected tenderers after tenders have been assessed, in order to secure the value for money of the awarded contract or purchase order.

Post tender negotiation is a powerful tool available to the Budget Holder, and if used responsibly can result in the improvement of lead‐times or the provision of additional services, as well as lower pricing in some very limited circumstances. It will not always be practical, or appropriate, to use post tender negotiation. All discussions and concessions must be recorded and retained in the Contract file and confirmed with the supplier. Under no circumstances should prices tendered by one tenderer be disclosed of 348

20

and / or used to “negotiate” other tenderer’s prices down. This is an unethical practice and could be damaging to suppliers and the Council.

b) Post contract negotiation

Post contract negotiation refers to any negotiation which seeks to alter the contract conditions or which has any other direct implication for the delivery of goods or management of the contracted service, and which takes place after the award of contract. Either party can initiate post contract negotiation. Post contract negotiation must be conducted with the express authority of the Group Manager and should only be conducted with those personnel within the supplier’s organisation who are authorised to do so. It is particularly important that no unauthorised personnel engage in any activity that could be interpreted by the supplier as negotiation. Unauthorised activity could compromise the Council’s legal position in the event of a subsequent, related dispute. Personnel should be wary of the dangers of unwittingly giving implicit agreement to a change in the contract. Any discussions or correspondence that could be perceived to be related to changes in service requirements should be prefaced by stating or noting that they are “without prejudice” to the contract. Any changes that are agreed should be fully documented in accordance with the change procedures within the contract, and recorded as an addendum to the contract file.

33. Form of Contract

Purchase Contracts are normally utilised in addition to Purchase Orders for requirements over £50,000 in value. For specific requirements below £50,000 a contract may be appropriate where:

Supply will extend beyond one year.

Special conditions apply.

The requirement is complex.

There is significant risk associated with the purchase.

When a Purchase Contract is in place it must be used in preference to sourcing a requirement from another supplier.

All purchase contracts must:

of 348

21

• be in writing; and must specify the supplies, materials or services to be supplied, the price to be paid and must contain a statement as to the amount of any discount or other deductions, the period within which the contract is to be performed and such other conditions and terms as may be agreed between the parties; and

• include a clause prohibiting the contractor from transferring or assigning or sub‐letting to any person any portion of the contract without the written permission of the Council signified by the appropriate Director; and

• must contain a clause empowering the Council to cancel the contract and to recover from the contractor the amount of any resulting loss if the contractor or any person employed by him/her or acting on his/her behalf whether or not to his/her knowledge shall have offered or given or agreed to give to any person any gift or consideration of any kind as an inducement or reward for taking or for not taking any action in relation to the contract or any other contract with the Council, or, in relation to any contract with the Council, shall have committed any offence under the Prevention of Corruption Acts 1889 to 1916, or shall have given any fee or reward the receipt of which is an offence under Section 117(2) of the Local Government Act 1972.

Every such contract must either be under seal and attested to by the Director of Resources, Governance & Growth or an officer authorised by him/her or signed by two officers of the Council designated by the appropriate Director. Where two signatures are required at least one must be that of a person not involved in the tendering or negotiation of the contract.

Directors must produce a list of those Officers whom they have authorised to sign contracts on their behalf and deposit that list with the Director of Resources, Governance & Growth.

Every contract whose estimated value exceeds £100,000 must where possible provide for the payment of liquidated damages by the contractor where he/she fails to complete the contract within the time specified.

The standard Great Yarmouth Borough Council Standard Contract & Purchase Conditions must be incorporated in all contracts entered into by the Council unless the parties agree to the contrary or it is considered inappropriate to do so by the appropriate Director in consultation with the Director of Resources, Governance & Growth.

34. Purchase order

The standard Purchase Order is generated by the Integra system and is normally utilised for all individual requirements and to call off requirements from existing Contracts. The Purchase Order will be completed with all the appropriate details of the purchase and the Standard Contract & Purchase Conditions are referred to on the supplier’s copy of the Purchase Order.

of 348

22

The use of supplier‐prepared agreements is not acceptable, as the whole contract will be placed on the supplier’s terms and conditions, which are unlikely to be favourable to the Council.

35. Pricing

a) In the case of long‐term contracts (usually longer than one year) it may be necessary to

include provision for inflationary and deflationary factors during the course of the contract. Due care must be taken when drafting this type of clause and when used must be approved by the Director of Resources, Governance & Growth.

b) Only in the most exceptional circumstances may Purchase Contracts be placed on a cost‐plus basis and then only on the specific authority of the Director of Resources, Governance & Growth. The cost‐plus method of pricing is based on the supplier’s price being made up of materials and labour costs plus a percentage mark‐up. Cost‐plus pricing provides no incentive for the supplier to perform effectively and places an unnecessary post‐contract management burden on the Council.

Whenever it is used, the contract conditions must include a clause requiring the supplier to grant the Council open access to their books for cost audit. It is essential that the open book auditing is managed judiciously and recorded on the contract plan.

36. Transfer of undertakings (protection of employment) regulations 1981

(TUPE)

In relation to contracts where there is likelihood that employees may be transferred to a new employer the invitation to tender will state that the Council assumes that TUPE will apply unless evidence to the contrary is produced.

37. Living wage

In line with UK Government ambitions the Council supports the adoption of the ‘Living Wage’ and sees paying the Living Wage as good for business, good for the individual and good for society. Through procurement the Council will seek to source supplies, products and services from local suppliers who pay their staff a living wage and suppliers should be encouraged to make this commitment, although it is important to note that under the EU Directives this cannot be enforced as a requirement.

38. Variations

All requests to suppliers to amend any contract or requirement must be made in writing and include authorisation at the same level as the original instruction, or at a higher level if the level of expenditure exceeds the original authorisation levels.

of 348

23

When the Purchase Order has been issued, any changes in the requirement must be notified to the supplier in writing by an amendment to the Purchase Order/Contract Variation.

39. Cancellation of purchase order/contract All requests for cancellation must be made in writing to the contractor by the Budget Holder who initiated the contract. For complex contracts advice must be sought from the Director of Resources, Governance & Growth. Formal cancellation of the purchase order must be made in writing, ensuring Accounts Payable/Finance are informed. The details of any discussions and negotiation between the Budget Holder and the Supplier should be recorded with the reasons for cancellation and the outcomes of any discussion.

40. Termination due to supplier non performance

If the Supplier is not meeting their contractual obligations and negotiations fail to resolve the matter, the Purchase Order/Contract may need to be terminated.

The Budget Holder should review the consequences of the cancellation with regard to:

The Budget Holder’s needs.

Project timing and cost.

Overall relationship between the Council and the supplier.

The Council’s performance in the contract.

Contractual implication from the supplier’s point of view.

Future and other outstanding business with that supplier.

The possibility of negotiating damages or consequential losses.

41. Receipt of goods & services and payment

Payment cannot proceed until all supporting documentation has been completed. It is essential that receipt acknowledgements and invoices are returned promptly to the appropriate finance area by the Budget Holder after receipt of the goods or services. Before an invoice is paid by the finance department the following checks need to be completed to certify the specific invoice is passed for payment by confirming the following:

The VAT invoice is an original or certified copy

The goods and or services were received

That the prices and all costs were agreed and invoiced correctly

Applicable credits and or discounts have been applied

The arithmetic calculations are correct

of 348

24

The finance department will process invoices promptly for payment. The Council is targeted by central government to achieve all payments to suppliers within 30 days of receiving an invoice.

42. Disposal of assets

Disposal and/or reallocation of assets need to be managed with the same diligence as the supply process. The Council has a duty of care regarding the disposal of equipment where environmental issues are appropriate. Where Procurement is involved in disposal, records must be retained for the disposal of assets in a similar way as for purchase decisions.

Any items of stock (other than land) deemed obsolete or surplus to requirements must, where the expected loss on disposal is no more than £5,000, be sold or disposed of on the authorisation of the responsible Group Manager. Where the expected loss on disposal exceeds £5,000 the approval of the Director of Resources, Governance & Growth must be obtained.

Assets for disposal must be sold by public auction, except where better value for money is likely to be obtained by inviting quotations or tenders as determined by the Group Manager or Director of Resources, Governance & Growth. The method of disposing of surplus or obsolete stocks / stores or assets other than land must be determined as follows:

Total value Method / Number of tenders or quotes

Up to £5,000 Public auction or minimum of two tenders / quotations, after authorisation by the Group Manager

£5,000.01 and above (Invitation to Tender)

Public auction or minimum of three written tenders, after authorisation by the Group Manager and Director of Resources, Governance & Growth

Before an item is disposed of, consideration should be given as to whether there is a use for the item elsewhere within the Council. It is the responsibility of each Group Manager to establish that legal title rests with the Council prior to the disposal of any item. Disposal of land will in all cases require advice and guidance from the Group Manager: Property & Construction and Director of Resources, Governance & Growth, as set out in the Council’s Financial Regulations.

43. Audit requirements

All Budget Holders must be aware that their procurement actions will be subject to Internal and External Audit examination, to ensure that procurement is carried out in a proper and business‐like manner and in strict adherence to the Council’s Contract Standing Orders.

of 348

25

Decisions on procurement actions must be recorded on file to provide an acceptable audit trail. This is particularly important in respect of:

The Contract Plan.

Negotiation and contract reviews.

Justification of prices agreed other than by competitive tender.

Full tender documents including a record of evaluation processes.

These are the most important examples; it is neither exhaustive nor exclusive. If a Budget Holder is ever in doubt about whether facts need to be recorded, it is advisable to err on the side of caution and record them. It is equally important to note that recording of facts in these circumstances should not be excessive. Records should be sufficient to give a reasonably easily understood picture of events to someone reading them for the first time and to assist others to explain the reasoning behind decisions.

44. Archive records

It is a legal requirement for commercial records to be retained for inspection by various Government organisations, including Customs and Excise (VAT). The retention period commences once the Tender, Purchase Order or Contract is closed; all “open” documents are retained indefinitely. The records to be retained, the retention period and which section retains them are detailed below:

Document Retained By Retention Period Tenders/Quotations Budget Holder 7 Years

Purchase Orders Finance Dept. 7 Years

Contracts Budget Holder 7 Years

Suppliers’ Invoices Finance Dept. 7 Years

The records should be kept in a format that facilitates accessibility for future use.

45. Review of Contract Standing Orders

The Council Contract Standing Orders will be reviewed at least once per year by the CMG/EMT to ensure that they stay at the forefront of good procurement practice.

of 348

26

APPENDIX A GLOSSARY OF TERMS

The following terms are used throughout these Contract Standing Orders:

1. Approved Supplier – a supplier who has been assessed, has a proven record and is listed as approved for future business.

2. Budget Holder ‐ the person, department or business unit that holds the financial

budget, and has the authority to raise requests for goods and services.

3. Commitment ‐ the act of confirming a contract with third party suppliers and should be made by a contract or purchase order.

4. Conditions of Purchase/Contract ‐ the specific conditions under which the Council will enter into a contract or purchase order with a supplier.

5. Confirmation Order ‐ an order which has been placed verbally, by facsimile transmission, or electronically communicated and subsequently confirmed by a formal purchase order marked “confirmation order”.

6. Contract ‐ a legal agreement between the Council and external suppliers for the supply of goods and services. For the purpose of these Standing Orders this does not include contracts of employment for staff.

7. Contractor ‐ an organisation that contracts with the Council to supply goods, services and works.

8. The Council ‐ refers to the full Great Yarmouth Borough Council. 9. Procurement ‐ the creation of legally binding agreements between the Council and

third party organisations for the supply of goods, services and works. 10. Procurement Code of Ethics ‐ the behaviour and conduct that governs the correct and

professional manner in which to conduct commercial business with third party suppliers as published by the Chartered Institute of Purchasing & Supply.

11. Procurement Plan ‐ the procurement plan is the record of the procurement strategy

development for a particular purchase and provides a clear audit trail of the decision making process.

12. Proprietary Product ‐ a product that has unique characteristics produced by one manufacturer. A proprietary product specification could exclude competitors from competing on equal terms. In consultancy the services of a named person or firm would be considered as a proprietary product.

of 348

27

13. Purchase Order ‐ a serial numbered document created by the Integra system, raised by the Buyer on a specific supplier for the supply of goods, services or works. This document is a formal legal agreement with specific conditions for the supply of goods.

14. Purchase Order Amendment ‐ a document communicating a change to the specified requirement, price or terms and conditions of the original Purchase Order. Like the original Purchase Order, this document is a formal legal agreement with specific conditions for the supply of goods.

15. Quotation ‐ a statement of price, delivery and specification against the specific enquiry

provided by a specific supplier.

16. Services ‐ include the provision of consultancy, legal, cleaning, maintenance, agency staff and similar non‐tangible requirements.

17. Specification ‐ a clear statement of requirement for goods and/or services, normally detailed as a generic specification to enable competition and the delivery of value for money.

18. Supplier ‐ an organisation that contracts with the Council to supply goods, services and works.

19. Tender ‐ a formal offer from a supplier to supply specified goods, services or works at a stated cost or rate.

20. Tenderer ‐ a supplier offering to buy or sell a product or service. This term applies prior to the formation of contract.

21. Value for money ‐ a combination of criteria that include competitive price on a whole life basis, quality, reliability and timeliness. This is not necessarily the lowest priced offer.

of 348

28

APPENDIX B PROCUREMENT AUTHORITY THRESHOLDS

The following provides an outline to the value thresholds and corresponding outline procedures for requirements within those value bands.

Total Value

of

Expenditure

Purchase Procedure Minimum Number of Responses

Decision Made By

< £5,000 At least 2 verbal quotations

required under £5000 and

noted by the Budget Holder.

Commitments must be

confirmed with a Purchase

Order raised by the Integra

system.

2 Budget Holder

£5,001‐

£15,000

At least 3 suppliers must be

invited to quote using the

Council standard Request for

Quotation Form and a

minimum of two written

responses are required.

Contract Period 1 year

maximum, automatic

renewal or extension of

contract is not permitted

without referral to the

Director of Resources,

Governance & Growth.

Negotiation should only be

utilised where appropriate.

Commitments must be

confirmed immediately with

a Purchase Order.

2 Budget Holder & Group Manager.

Refer to Director of Resources,

Governance & Growth for contracts

greater than 1 year duration, renewal

or extension of contract.

of 348

29

£15,001‐

£50,000

At least 3 suppliers must be

invited to quote and

respond using the Council

standard Request for

Quotation Form.

Maximum Contract Period 3

years using Standard Forms

of Contract.



Commitments must be

confirmed and Purchase

Order and / or Contract

raised.

3 Budget Holders with devolved

authority.

REFER to Group Manager and Director

of Resources, Governance & Growth

where restricted supply market exists,

contract terms need to be modified or

contract length is greater than 3

years.

£50,001‐

EU

Threshold

A formal Invitation to

Tender Process utilising

competitive suppliers

appropriate to market

conditions.



Commitments must be

confirmed with a Contract

and Purchase Orders raised

by the Integra system.

3 Group Manager with delegated

procurement authority and the

Budget Holder.

> EU

Threshold

EU Tender Process. Utilising

Clarification of final bids as

appropriate.

Commitments must be

confirmed with a Contract

and Purchase Orders raised

by the Integra system.

4 Group Manager with delegated

authority assisted by specialists from

IT, Legal, Finance and Human

Resources as appropriate to the

requirement.

of 348

30

APPENDIX C EXEMPTION / WAIVER FORM

Request for exemption from the requirements of Contract Standing Orders

Contract Name / Description:

Contract Sum:

£

Anticipated Date of Commencement of Contract:

Anticipated Date of Completion of Contract::

Contract Supervisor:

Brief Details of Contract:

Reason(s) for being exempt from the requirements of Contract Standing Orders (i.e. Details of

which paragraph(s) in Standing Order apply):

Approved:

Group Manager...........………………………………………………………………………..Date:

Approved:

Director of Resources, Governance & Growth…………………………………………..Date:

of 348

Subject: Code of Corporate Governance Report to: Audit and Risk Committee, 13th February 2014 Report by: Director of resources, Governance and Growth SUBJECT MATTER/RECOMMENDATIONS This report contains an update to the Council’s Code of Corporate Governance, in accordance with best practice. Recommendation to Council: That the updated Code of Corporate Governance is approved.

1. INTRODUCTION/BACKGROUND

1.1 The Code of Corporate Governance was approved by the Council on 31st

March 2010.

1.2 Best practice recommends that the Code of Corporate Governance is revisited and updated on an annual basis.

1.3 Attached to this report contains the updated Code of Corporate Governance, which shows that good progress has been made in further embedding the Code of Corporate Governance, with deadlines and responsible officers for future action during 2014/15 incorporated into the document.

FINANCIAL IMPLICATIONS: None LEGAL IMPLICATIONS: None EXECUTIVE BOARD OR DIRECTOR CONSULTATION: EMT consulted

of 348

RECOMMENDATIONS: That the updated Code of Corporate Governance is approved. Does this report raise any legal, financial, sustainability, equality, Crime and Disorder or Human Rights issues and, if so, have they been considered?

Issues Legal No Financial No Risk No Sustainability No Crime and Disorder No Human Rights No Every Child Matters No Equality No EqIA Form completed No

of 348

CODE OF CORPORATE GOVERNANCE

Author Director of Resources, Governance & Growth

Date February 2014

Document Status Final version

of 348

GREAT YARMOUTH BOROUGH COUNCIL

CODE OF CORPORATE GOVERNANCE

Contents Core Principle 1 Focussing on the purpose of the Council and outcomes for the community and creating and implementing a

vision for the local area Core Principle 2 Members and officers working together to achieve a common purpose with clearly defined functions and roles Core Principle 3 Promoting values for the authority and demonstrating the values of good governance through upholding high

standards of conduct and behaviour Core Principle 4 Taking informed and transparent decisions which are subject to effective scrutiny and managing risk Core Principle 5 Developing the capacity and capability of members and officers to be effective Core Principle 6 Engaging with local people and other stakeholders to ensure robust public accountability

of 348

INTRODUCTION “Governance is about how local government bodies ensure that they are doing the right things, in the right way for the right people, in a timely, inclusive, open, honest and accountable manner. It comprises the systems and processes, and cultures and values, by which local government bodies are directed and controlled and through which they account to, engage with and where appropriate, lead their communities” Delivering Good Governance in Local Authorities (CIPFA/SOLACE 2007) The CIPFA/SOLACE guidance “Delivering Good Governance in Local Authorities” identified six Core Principles against which local authorities should review their existing corporate governance arrangements and develop and maintain adopt a local code of governance. These principles are;

• Focussing on the purpose of the Council and outcomes for the community and creating and implementing a vision for the local area

• Members and officers working together to achieve a common purpose with clearly defined functions and roles

• Promoting values for the authority and demonstrating the values of good governance through upholding high standards of

conduct and behaviour

• Taking informed and transparent decisions which are subject to effective scrutiny and managing risk

• Developing the capacity and capability of members and officers to be effective

• Engaging with local people and other stakeholders to ensure robust public accountability

of 348

The Code of Governance has been prepared in accordance with the Guidance and will be reviewed by the Audit and Risk Committee on an annual basis. Additionally authorities are required to prepare and publish an annual governance statement in accordance with this framework under Regulation 4(2) of the Accounts and Audit (Amendment) (England) Regulations 2006. The Annual Governance Statement is a key corporate document. The Chief Executive Officer and the Leader of the Council have joint responsibility as signatories for its accuracy and completeness.

of 348

GREAT YARMOUTH BOROUGH COUNCIL: CODE OF CORPORATE GOVERNANCE Core Principle 1 - Focussing on the purpose of the Council and outcomes for the community and creating and implementing a vision for the local area Our aims in relation to focussing on the purpose of the Council and outcomes for the community and creating and implementing a vision for the local area are to; 1.1 Exercise strategic leadership by developing and clearly communicating the authority’s purpose, vision and its intended outcome for citizens and service

users 1.2 Ensure users receive a high quality service whether directly, or in partnership, or by commissioning 1.3 Ensure that the authority makes best use of resources and that tax payers and service users receive excellent value for money

In order to achieve our aims we will: Source documents Further work ongoing Responsible

Officer(s) Deadline

1.1.1 Develop and promote the Council’s purpose and vision

Corporate Plan Medium Term Financial Strategy

1.1.2 Review on a regular basis the Council’s vision for the local area and its impact on the authority’s governance arrangements

Corporate Plan Medium Term Financial Strategy Code of Corporate Governance Annual Governance Statement

1.1.3 Ensure that partnerships are underpinned by a common vision of their work that is understood and agreed by all parties

Constitution Each partnership will design its own terms of reference/legal framework/constitution as appropriate. It would be the responsibility of the GYBC officer attending to ensure that it fits in with the Council’s current corporate priorities/plans.

1.1.4 Publish an annual report on a timely basis to communicate the authority’s activities and achievements, its financial position and performance

Annual Financial Report Annual Performance Report

of 348

In order to achieve our aims we will: Source documents Further work ongoing Responsible Officer(s)

Deadline

1.2.1 Decide how the quality of service for users is to be measured and make sure that the information needed to review service quality effectively and regularly is available

Performance Management Framework Residents’ Surveys

Performance Management Framework under review

Director of Resources, Governance & Growth

30th September 2014

1.2.2 Put in place effective arrangements to identify and deal with failure in service delivery

Quarterly Performance Projects and Measures Report Performance Management Framework Complaints Procedure Monthly Financial Reports

Performance Management Framework under review


30th September 2014

1.3.1 Decide how value for money is to be measured and make sure that the authority or partnership has the information needed to review value for money and performance effectively. Measure the environmental impact of policies, plans and decisions

Procurement Strategy Report template (sustainability taken into account for Member decisions) Benchmarking reports

Equality Impact Assessments are occasional (but not required) carried out in relation to the Council’s policies and strategies

Group Manager: Governance/ Group Manager: Neighbourhood & Communities

30th September 2014

of 348

Core Principle 2 - Members and officers working together to achieve a common purpose with clearly defined functions and roles Our aims in relation to Members and officers working together to achieve a common purpose with clearly defined functions and roles are to; 2.1 Ensure effective leadership throughout the authority and being clear about executive and non-executive functions and of the roles and responsibilities of the scrutiny function 2.2 Ensure that a constructive working relationship exists between authority members and officers and the responsibilities of members and officers and carried out to a high standard 2.3 Ensure relationships between the authority, its partners and the public are clear so that each knows what to expect of the other In order to achieve our aims we will: Source documents Further work ongoing Responsible

Officer(s) Deadline

2.1.1 Set out a clear statement of the respective roles and responsibilities of the Cabinet and of the Cabinet’s members individually and the authority’s approach towards putting this into practice

Constitution (Cabinet terms of reference) Record of decisions and supporting materials Member/Officer Protocol

2.1.2 Set out a clear statement of the respective roles and responsibilities of other authority members, members generally and of senior officers

Constitution (Statutory Officer positions, Terms of Reference for Committees, Member roles) Scheme of delegation Conditions of employment

2.2.1 Determine a scheme of delegation and reserve powers within the constitution, including a formal schedule of those matters specifically reserved for collective decision of the authority taking account of relevant legislation and ensure that it is monitored and updated when required

Constitution (Scheme of delegation) Statutory provisions

of 348


Deadline

2.2.2 Make a chief executive or equivalent responsible and accountable to the authority for all aspects of operational management

Chief Executive Officer designated Head of paid Service Constitution (Head of Paid Service responsibilities) Conditions of employment Scheme of delegation Statutory provisions Job descriptions / specification Performance management system Signs Annual Governance Statement

2.2.3 Develop protocols to ensure that the leader and chief executive (or equivalent) negotiate their respective roles early in the relationship and that a shared understanding of roles and objectives is maintained

Constitution Member/Officer Protocol

2.2.4 Make a senior officer (usually the section 151 officer) responsible to the authority for ensuring that appropriate advice is given on all financial matters, for keeping proper financial records and accounts, and for maintaining an effective system of internal financial control

Director of Resources, Governance and Growth has been nominated as the Council’s Chief Financial Officer. Constitution (Statutory Officers) Job description / specification Report template ensures consultation is undertaken with CFO before report considered by Members

2.2.5 Make a senior officer (other than the responsible financial officer) responsible to the authority for ensuring that agreed procedures are followed and that all applicable statutes, regulations are complied with (usually the monitoring officer)

NPlaw Solicitor has been nominated as the Council’s Monitoring officer Constitution (Statutory Officers) Report template ensures consultation is undertaken with MO before report considered by Members

of 348


Deadline

2.3.1 Develop protocols to ensure effective communication between members and officers in their respective roles

Member / Officer protocol Outside Bodies advice given to Members Member/Officer Codes of Conduct

2.3.2 Set out the terms and conditions for remuneration of members and officers and an effective structure for managing the process including an effective remuneration panel (if applicable)

Pay and conditions policies and practices Independent Remuneration Panel Terms of Reference and Report Job evaluation

2.3.3 Ensure that effective mechanisms exist to monitor service delivery

Quarterly Performance Projects and Measures Report Complaints Procedure

2.3.4 Ensure that the organisation’s vision, strategic plans, priorities and targets are developed through robust mechanisms, and in consultation with the local community and other key stakeholders, and that they are clearly articulated and disseminated

Corporate Plan Medium Term Financial Strategy Quarterly Performance Projects and Measures Report Consultation Website

2.3.5 When working in partnership ensure that members are clear about their roles and responsibilities both individually and collectively in relation to the partnership and to the authority

Constitution (Standing Orders) Individual Partnership agreements Service Level Arrangements Advice given to members in relation to outside bodies – see role of Councillors in Constitution Procurement Strategy

of 348


Deadline

2.3.6 When working in partnership: - ensure that there is clarity about the legal status of the partnership - ensure that representatives or organisations both understand and make clear to all other partners the extent of their authority to bind their organisation to partner decisions.

Constitution Individual Partnership agreements if we are part of a partnership due to statutory responsibilities (ie responsible authorities etc) we would use the law to understand our commitment and responsibilities.) Service Level Arrangements Advice given to members in relation to outside bodies Procurement Strategy

of 348

Core Principle 3 - Promoting values for the authority and demonstrating the values of good governance through upholding high standards of conduct and behaviour Our aims in relation to promoting values for the authority and demonstrating the values of good governance through upholding high standards of conduct and behaviour are to; 3.1 Ensuring authority members and officers exercise leadership by behaving in ways that exemplify high standards of conduct and effective governance 3.2 Ensuring that organisational values are put into practice and are effective

In order to achieve our aims we will; Source documents Further work ongoing Responsible

Officer(s) Deadline

3.1.1 Ensure that the authority’s leadership sets a tone for the organisation by creating a climate of openness, support and respect

Constitution (Standing Orders) 1:1’s Standards Committee has an overall view of conduct issues established by their terms of reference Officer Code of Conduct Member Code of Conduct Member/Officer Protocol Whistle blowing Policy Anti Fraud and Corruption Policy Freedom of Information Policy statement and publication scheme Officer Register of gifts and hospitality Member and Parish Councillors Register of Interests

Performance (PDR) Review process to be reviewed Freedom of Information Policy statement and publication scheme to be reviewed in light of new legislation. Anti Money and Laundering Policy currently in draft

Group Manager: Resources/ Senior HR Manager Group Manager: Governance/ Information Manager Director of Resources, Governance & Growth

31st October 2014 31st December 2014 30th June 2014

of 348

In order to achieve our aims we will; Source documents Further work ongoing Responsible Officer(s)

Deadline

3.1.2 Ensure that standards of conduct and personal behaviour expected of members and staff, of work between members and staff and between the authority, its partners and the community are defined and communicated through codes of conduct and protocols

Members / officers code of conduct Performance management system Complaints procedures Antifraud and corruption policy Member / officer protocols Whistle blowing Policy ICT Security Policy

Performance (PDR) Review process to be reviewed ICT Security policy needs updating Anti Money and Laundering Policy currently in draft

Group Manager: Resources/ Senior HR Manager Director of Customer Services/ Group Manager: Customer Services Director of Resources, Governance & Growth

31st October 2014 30th September 2014 30th June 2014

3.1.3 Put in place arrangements to ensure that members and employees of the authority are not influenced by prejudice, bias or conflicts of interest in dealing with different stakeholders and put in place appropriate processes to ensure that they continue to operate in practice

Standing orders Member/Officer Codes of conduct Financial regulations Anti Fraud and Corruption Whistle blowing Register of Interests (officers and members) Officer induction and training (through ‘Induction Check List’ by Manager and E-Induction pack)

E-Induction pack drafted, to be uploaded and tested (Nov/Dec) before roll out

Group Manager: Resources/ Senior HR Manager

30th June 2014

3.2.1 Develop and maintain shared values including leadership values both for the organisation and staff reflecting public expectations and communicate these with members, staff, the community and partners

Codes of conduct Corporate Plan

of 348

In order to achieve our aims we will; Source documents Further work ongoing Responsible Officer(s)

Deadline

3.2.2 Put in place arrangements to ensure that procedures and operations are designed in conformity with appropriate ethical standards, and monitor their continuing effectiveness in practice

Codes of conduct Contract Procedure Rules Anti Fraud and Corruption Whistle blowing ICT Security Policy

ICT Security Policy requires updating

Director of Customer Services/ Group Manager: Customer Services

30th September 2014

3.2.3 Develop and maintain an effective standards committee

Agenda and minutes Terms of Reference Committee meets regularly Regular reporting to the authority

3.2.4 Use the organisations shared values to act as a guide for decision making and as a basis for developing positive and trusting relationships within the authority

Decision making practices Corporate Plan

3.2.5 In pursuing the vision of a partnership, agree a set of values against which decision making and actions can be judged. Such values must be demonstrated by partners’ behaviour both individually and collectively

Each partnership comes up with its own vision/values/action plan/decision-making system.

of 348

Core Principle 4 - Taking informed and transparent decisions which are subject to effective scrutiny and managing risk Our aims in relation to taking informed and transparent decisions which are subject to effective scrutiny and managing risk are to; 4.1 Being rigorous and transparent about how decisions are taken and listening and acting on the outcomes of constructive scrutiny 4.2 Having good-quality information, advice and support to ensure that services are delivered effectively and are what the community wants/needs 4.3 Ensuring that an effective risk management system is in place 4.4 Using their legal powers to the full benefit of the citizens and communities in their area In order to achieve our aims we will Source documents/Processes Further work ongoing Responsible

Officer(s) Deadline

4.1.1 Develop and maintain an effective scrutiny function which encourages constructive challenge and enhances the organisation’s performance overall and of any organisation for which it is responsible

Scrutiny is supported by robust evidence and data analysis Agenda and minutes Work programme Training

4.1.2 Develop and maintain open and effective mechanisms for documenting evidence for decisions and recording the criteria, rationale and considerations on which decisions are based

Record of decisions and supporting materials Report template Decision list published

4.1.3 Put in place arrangements to safeguard members and employees against conflicts of interest and put in place appropriate processes to ensure that they continue to operate in practice

Members Code of Conduct Officers Code of Conduct Officer/Member Register of Interests Declaration of Interests Code of Conduct Guidance to members/officers issued Standards Committee have responsibility for these issues

of 348

In order to achieve our aims we will Source documents/Processes Further work ongoing Responsible Officer(s)

Deadline

4.1.4 Develop and maintain an effective audit committee ( or equivalent ) which is independent or make other appropriate arrangements for the discharge the functions of such a committee

Audit and Risk Committee Training Audit and Risk Committee Terms of reference Agenda and minutes

4.1.5 Put in place effective transparent and accessible arrangements for dealing with complaints

Complaints procedure

4.2.1 Ensure that those making decisions whether for the authority or partnership are provided with information that is fit for the purpose – relevant, timely and gives clear explanations of technical issues and their implications

Members’ induction scheme Members Library Members Handbook Training Report templates

Individual members to be allocated a dedicated officer from Member Services to provide support.

Group Manager: Governance

31st May 2014

4.2.2 Ensure that professional advice on matters that have legal or financial implications is available and recorded well in advance of decision making and used appropriately

Report template requires that consultation is undertaken with MO/ s151 before report considered by Members Record of decision making and supporting materials

4.3.1 Ensure that risk management is embedded into the culture of the organisation , with members and managers at all levels recognising that risk management is part of their job

Risk Management Framework Financial standards and regulations Service Planning Risk Management Training Risk Management is an Agenda Item on all Directorate meetings

New Service Plan Template created and in use by departments – to monitor effectiveness Risk Management training to be provided

EMT Group Manager: Resources/ Corporate Risk Officer

31st July 2014 31st July 2014

of 348


Deadline

4.3.2 Ensure that arrangements are in place for whistle blowing to which staff and all those contracting with the authority have access

Whistle blowing policy Register of whistle blowing reports and actions taken Information for contractors Published on Internet

4.4.1 Actively recognise the limits of lawful activity placed on them by, for example the ultra vires doctrine but also strive to utilise powers to the full benefit of their communities

Constitution Statutory provision Report templates / positive sign-off - increased consultation at pre report stage will enable issues to be fully explored before report is put to members

4.4.2 Recognise the limits of lawful action and observe both the specific requirements of legislation and the general responsibilities placed on local authorities by public law

Training Availability of professional legal advice Report templates / positive sign-off - increased consultation at pre report stage will enable issues to be fully explored before report is put to members

4.4.3 Observe all specific legislative requirements placed upon them, as well as the requirements of general law, and in particular to integrate the key principles of good administrative law – rationality, legality and natural justice into their procedures and decision making processes

Standing Orders Report template Constitution Statutory provision

of 348

Core Principle 5 - Developing the capacity and capability of members and officers to be effective Our aims in relation to developing the capacity and capability of members and officers to be effective are; 5.1 Making sure that members and officers have the skills, knowledge, experience and resources they need to perform well in their roles 5.2 Developing the capability of people with governance responsibilities and evaluating their performance as an individual and as a group 5.3 Encouraging new talent for membership of the authority so that best use can be made of individuals’ skills and resources in balancing continuity and renewal In order to achieve our aims we will Source documents/Processes Further work ongoing Responsible

Officer(s) Deadline

5.1.1 Provide induction programmes tailored to individual needs and opportunities for members and officers to update their knowledge on a regular basis

Training Induction programme My Learning Tools – to identify training needs and preferred training method

E-Induction pack drafted, to be uploaded and tested before roll out (Nov/Dec) Workforce Development Plan

Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager

30th June 2014 31st March 2015

5.1.2 Ensure that the statutory officers have the skills, resources and support necessary to perform effectively in their roles and that these roles are properly understood throughout the organisation

Training Induction programme Staff handbook My Learning Tools – to identify training needs and preferred training method 1:1’s

Performance (PDR) Review process to be reviewed E-Induction pack drafted, to be uploaded and tested (Nov/Dec) before roll out

Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager

31st October 2014 30th June 2014

of 348


Deadline

5.2.1 Assess the skills required by members and officers and make a commitment to develop those skills to enable roles to be carried out effectively

Personal Development Plans Member Training My Learning Tools – to identify training needs and preferred training method

Performance (PDR) Review process to be reviewed E-Induction pack drafted, to be uploaded and tested (Nov/Dec) before roll out Workforce Development Plan

Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager

31st October 2014 30th June 2014 31st March 2015

5.2.2 Develop skills on a continuing basis to improve performance including the ability to scrutinise and challenge and to recognise when outside expert advice is needed

Personal Development Plans E-learning Package My Learning Tools – to identify training needs and preferred training method

Performance (PDR) Review process to be reviewed E-Induction pack drafted, to be uploaded and tested (Nov/Dec) before roll out Workforce Development Plan

Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager Group Manager: Resources/ Senior HR Manager

31st October 2014 30th June 2014 31st March 2015

5.2.3 Ensure that effective arrangements are in place for reviewing the performance of the authority as a whole and of individual members and agreeing an action plan which might for example aim to address any training or development needs

Performance Management Framework

Performance Management Framework to be reviewed


30th September 2014

of 348


Deadline

5.3.1 Ensure that effective arrangements designed to encourage individuals from all sections of the community to engage with, contribute to and participate in the work of the authority

Equality Impact Assessments on services and policies Area Committees Neighbourhood Boards / Forums Tenants Forum Networking Parish meetings

Equality Impact Assessments are occasional (but not required) carried out in relation to the Council’s policies and strategies

Group Manager: Governance/ Group Manager: Neighbourhood & Communities

30th September 2014

5.3.2 Ensure that career structures are in place for members and officers to encourage participation and development

Succession planning

of 348

Core principle 6 - Engaging with local people and other stakeholders to ensure robust public accountability Our aims in relation to engaging with local people and other stakeholders to ensure robust public accountability are to; 6.1 Exercise leadership through a robust scrutiny function which engages effectively with local people and all local institutional stakeholders, including partnerships, and develops constructive accountability relationships 6.2 Take an active and planned approach to dialogue with and accountability to the public ensure effective and appropriate service delivery whether directly, in partnership or by commissioning 6.3 Make best use of human resources by taking an active and planned approach to meet responsibility to staff In order to achieve our aims Scrutiny Committee will

Source documents/Processes Further work ongoing Responsible Officer(s)

Deadline

6.1.1 Make clear to themselves, all staff and the community, to whom they are accountable and for what

Constitution Stakeholder / local connector identification Satisfaction Surveys Open Forums Ward / Group / Club visit

6.1.2 Consider those institutional stakeholders to whom they are accountable and assess the effectiveness of the relationships and any changes required

Statutory provisions

6.1.3 Produce an annual report on scrutiny function activity

Annual report

of 348

In order to achieve our aims Scrutiny Committee will


Deadline

6.2.1 Ensure that clear channels of communication are in place with all sections of the community and other stakeholders including monitoring arrangements to ensure that they operate effectively

Leaflets / Publications Technology – facebook Networking Press Release Stakeholder / local connector identification Ward / Group / Club identification and visit Face to face

6.2.2 Hold meetings in public unless there are good reasons for confidentiality

Constitution Access to information rules

6.2.3 Ensure arrangements are in place to enable the authority to engage with all sections of the community effectively. These arrangements should recognise that different sections of the community have different priorities and establish explicit processes for dealing with these competing demands

Budget Consultation Meeting Corporate Plan

6.2.4 Establish a clear policy on the types of issues they will meaningfully consult on or engage with the public and service users including a feedback mechanism for those consultees to demonstrate what has changed as a result

Media and Publicity Protocols Budget Consultation meeting

of 348

In order to achieve our aims Scrutiny Committee will


Deadline

6.2.5 On an annual basis, publish a performance plan giving information on the authority’s vision, strategy, plans and financial statements as well as information about its outcomes, achievements and the satisfaction of service users in the previous period

Annual Performance Report Annual financial Report Corporate Plan

6.2.6 Ensure that the authority as a whole is open and accessible to the community, service users and its staff and ensure that it has made a commitment to openness and transparency in all its dealings, including partnerships subject only to the need to preserve confidentiality in those specific circumstances where it is proper and appropriate to do so

Constitution Customer service standards Freedom of Information Act/Publication Scheme Officer Code of Conduct Member Code of Conduct Training undertaken Whistle blowing Policy Anti Fraud and Corruption Policy Data Protections Policy ICT Security Policy

Customer Service Standards being updated Freedom of Information Act/Publication Scheme needs to be reviewed in light of new legislation. ICT Security Policy requires updating Anti Money and Laundering Policy in draft

Group Manager: Governance Group Manager: Governance/ Information Manager Director of Customer Services/ Group Manager: Customer Services Director of Resources, Governance & Growth

30th June 2014 31st December 2014 30th September 2014 30th June 2014

6.3.1 Develop and maintain a clear policy on how staff and their representatives are consulted and involved in decision making

Constitution

of 348

Audit and Risk - UK.COM

Documents

Transcript of Audit and Risk - UK.COM