Agenda item

Report of the Senior Auditor

The Senior Auditor presented the report to Members, drawing attention to the four final reports issued, the three audits that had been moved to the 2017/18 plan and the completed ICT Key Controls audit which would be brought to Committee once the final report had been issued.

In response to a question from Councillor F R D Fenning regarding the auditing of the shared revenues and benefits service, the Senior Auditor commented that the audits were completed by Hinckley and Bosworth Borough Council’s internal team and although she reviewed the audits, it was the responsibility of that team to follow up on the recommendations.  She added that the audit reports were also considered by the Revenue and Benefits Joint Committee.   

In response to a further question from Councillor F R D Fenning regarding the audit of the asset management system, the Senior Auditor clarified that there was testing of the system to ensure that all work had been recorded correctly as there had been a discrepancy between the database and the work records.  It was reported that the Senior Auditor would be following up on this to make sure it was an isolated occurrence and not a bug in the system.

Councillor S Sheahan asked for assurances on the stability of the Internal Audit Team as other local authorities had been disbanding this internal service.  The Senior Auditor was confident that the service was still required and stable as it was a shared service.  Also a new officer had recently been appointed to complete the team.

Councillor A C Saffell raised a concern that he was made aware at a training session of a sizeable breach of data protection that he believed had not been reported to the Committee.  The Head of Legal and Support Services  confirmed that there had been a data breach.  She explained that the council had decided to undertake a health check of its arrangements for information management and had engaged the services of Leicester City Council.  The health check had resulted in an improvement plan which had now been implemented as well as the creation of the Information Management Team.  The breach was self-reported to the Information Commissioner who was satisfied with what had been put in place to prevent another breach and therefore did not wish to take any further action.  The Senior Auditor informed Members that the details of the incident and improvement plan had been included in the quarterly report previously considered by the Committee without a detailed description.  Further discussion was had between Members regarding the importance of being made fully aware of important issues such as these, especially if it was reported in the local newspapers. The Head of Legal and Support Services reminded Members that they were informed of incidents as well as the recommendations put in place as a result, the issue was how much detail the Members were expecting to receive.  Councillor S Sheahan concluded the discussion by commenting that if the local newspapers felt it was important enough to print then Members should receive full details as they could be questioned by the public.

It was moved by Councillor R Ashman, seconded by Councillor G Hoult and

RESOLVED THAT:

The report be noted.