|
Outline Objective |
|
|
Key Financial Systems |
|
|
To review processes and key controls within the accounts payable system, including controls in place for ordering, the creation and maintenance of supplier details, goods receipting and the payment of invoices. |
|
|
Payroll |
To review processes and key controls in the staff payment system, including those relating to payroll deductions, starters, leavers, temporary and permanent payments, and variations of pay. |
|
Business Rates (Non-Domestic Rates) |
To provide assurance that controls over business rate revaluation and collection are effective including billing, collection, recovery and reliefs. |
|
Council Tax |
To provide assurance that controls over council tax collection are effective, including billing, collection, recovery and the award of discounts. |
|
Budgetary Control |
A review of the Council’s budget management arrangements, to include an assessment of the extent to which planned savings are being delivered and the effectiveness of expenditure controls.
|
|
Support for Strategic Projects and Programmes |
|
|
Changes to procurement regulations will bring more stringent transparency requirements to the Council. These will need to be reflected in the Council’s own regulations, including Procurement and Contract Standing Orders. This review will focus on the effectiveness with which the new regulations have been implemented and embedded within Council rules and procedures, and how they are being complied with and monitored across the organisation. |
|
|
Local Government Reorganisation & Devolution |
To provide support, advice and assurance to the Council on matters of risk, governance and control as the changing local government landscape under Local Government Reorganisation and Devolution starts to become clearer. |
|
Risk Management |
To assess the adequacy and effectiveness of arrangements in place to identify, assess and mitigate risk across the Council. |
|
Corporate Governance |
To review the adequacy of corporate governance arrangements within the Council, including assessing the extent to which previously identified governance improvement actions have been implemented.
|
|
IT and Information Governance Audits |
|
|
Information Governance – General Data Protection Regulation (GDPR) |
This audit will review the controls in place to manage the risks of data breaches and ensure that roles and responsibilities are clear and are widely communicated to staff. |
|
Artificial Intelligence Tools
|
In order to maximise efficient ways of working, the Council is exploring Artificial Intelligence and other similar tools, including Co-Pilot. This audit will ensure that controls are in place to manage the risks associated with the use of these tools, including that key decisions could be made based on information that is incorrect or inaccurate. |
|
Add Your Own Device |
Councils are encouraging officers to use their personal devices to support their work, particularly mobile phones, in order to support the Council’s savings targets. This audit will review the arrangements in place to ensure that risks from this approach, which could include an increase in data breaches, customers and clients contacting officers who have left the Council, and the hygiene factors associated with officers being contactable at all times are appropriately managed. |
|
Online Safety Act 2023 Compliance |
The Online Safety Act 2023 is a new set of laws that protects children and adults online. It puts a range of new duties on social media companies and search services, making them more responsible for their users’ safety on their platforms. Whilst the act primarily targets online platforms and services, it also has implications for local government in the UK. This audit will ensure controls are in place to ensure the Council complies with the relevant element of the Act. |
|
Microsoft Tools Data Governance (including Power BI) |
The Council use a number of powerful tools to manage, manipulate and report on data from systems, with these tools also used to support the transfer of data from one system to another. This audit will review the arrangements in place to ensure that risks associated with data protection and accuracy are appropriately mitigated. |
|
Shadow IT – Governance Arrangements |
Shadow IT services cover all computer systems and applications used by the Council which are outside the direct control of IT & Digital (IT&D). Where these services and applications are hosted outside of the Council's network infrastructure, and where IT&D provide limited or no technical support, the risks to the security and availability of the data held is greatly increased. This audit will evaluate the effectiveness of the internal control framework to ensure that key risks, including access control, data management (retention and deletion), system ownership, updates and business continuity arrangements are considered at the point of procurement. |
|
IT Training |
With councils more reliant on information technology and data than ever before, it is important that the workforce understands the risks associated with these. This audit will consider the IT training available to staff to ensure it is fit for purpose for a modern workforce, focusing particularly on the suitability of training to raise awareness of cyber and information governance related risks. |
|
Other Focus Areas |
|
|
Housing Repairs |
This audit will aim to provide assurance over the end-to-end process and controls in place for managing housing repairs. This will include the reporting, prioritisation and allocation of jobs, management of supply chain and financial management. |
|
Environmental Services Project Management |
This audit will aim to provide assurance over the adequacy of project management arrangements within Environmental Services to deliver an improved service. |
|
To provide assurance that the overall programme of work within property maintenance is effectively managed, including the planning, prioritisation, and allocation of resources and how performance and delivery is monitored. |
|
|
To review the arrangements in place to ensure that all supplier contracts are effectively managed, including costs being controlled and services are delivered in accordance with specifications and service expectations. |
|
|
Transition of Young People into Adult Social Care |
This audit will examine the adequacy of joint working arrangements across the Council to ensure the smooth transition of clients between services and compliance with statutory duties. We will also assess governance and financial monitoring arrangements. |
|
Public Health Grant – Governance Arrangements |
To provide assurance that the governance arrangements for the public health grant, including financial management and reporting are robust. |
|
Appointee and Deputyship Arrangements |
To review the arrangements in place to manage Appointee and Deputyships which allow the Council to assume responsibility for an individual’s financial affairs where the individual no longer has the mental capacity to do so themselves, and there are no available family, friends or associates who could undertake this role on their behalf. |
|
Cultural Compliance |
These audits will aim to provide assurance on how service areas are complying with key corporate policies, such as pay, expenses, code of conduct, performance development and financial management to ensure the Council works as one with a shared culture and values. |
|
Direct Payments – Children’s Services |
To review the control arrangements in place in relation to the administration, payment and monitoring of direct payments within Children’s services. |
|
Children’s Social Care Prevention Grant |
This grant is new for 2025-26 and is for children’s social care prevention investment to implement Family Help and Child Protection reforms. We aim to provide some assurance on the arrangements around planned expenditure of this grant, in accordance with the grant conditions. |
|
Property Disposals |
As part of the BHCC corporate property strategy and to support the Council’s financial strategy the Council is planning to dispose of surplus property assets. This audit will review the governance arrangements in place to ensure that the programme of disposals aligns to corporate objectives, are appropriately approved and maximise the value of the assets. |
|
We will continue our audit coverage in schools which will involve a range of assurance work, including key controls testing in individual schools and follow-ups of previous audit work where appropriate. We will also work with our Orbis partners to provide information bulletins and guidance for schools on risk, governance, and internal control matters. |
|
|
Follow Up Reviews |
|
|
Direct Payments |
To follow-up previous audit work completed in 2024/25 where the final opinion given was of Partial or Minimal Assurance. The work will ensure that agreed actions have been implemented as expected for each of the identified follow-up audits in order that the control environment is strengthened within the area under review. |
|
Fleet Management |
|
|
Off Payroll Payments |
|
|
Housing Planned & Major Works |
|
|
Temporary Accommodation – Block Booked and Spot Purchase Payments |
|
|
Housing Client Property Asset Collection Controls |
|
|
Prepayment Vouchers -Huggg |
|
|
Mobile Phone Application Audit |
|
|
Contract Management Compliance (Facilities & Building Services) |
|
|
Grant Certification |
|
|
Local Transport Capital Block Funding |
To check and certify various capital grants for road maintenance and pothole repair, including Network North funding in accordance with the requirements of the Department for Transport. |
|
Bus Subsidy Grant |
To check and certify the grants in accordance with the requirements of the Department for Transport. |
|
Supporting Families Programme |
Final certification of this grant claim on behalf the Ministry of Housing, Communities and Local Government (MHCLG) before the certification requirement ceases in 2025. |
|
Childcare Expansion Capital Grant |
To check and certify the grants in accordance with the requirements of the Department for Education. |
|
Multiply Grant |
To provide assurance over the accounting arrangements for disbursement of this grant money, and to review the governance arrangements in place to ensure providers we fund for this scheme (improving numeracy in adults) are compliant with eligibility criteria per the requirements of the DfE. |
|
Contingencies |
|
|
Anti-Fraud and Corruption |
To cover the investigation of potential fraud and irregularity allegations as well as proactive counter fraud activities, including the National Fraud Initiative (NFI) data matching exercise. |
|
Housing Tenancy Fraud |
To deliver investigations into housing tenancy fraud and illegal subletting to help ensure that housing is provided to those most in need. The CIPFA Fraud and Corruption Tracker places housing fraud as the largest threat to local authorities. |
|
Emerging Risks |
A contingency budget to allow work to be undertaken on new risks and issues identified by Orbis IA and/or referred by management during the year. |
|
General Contingency |
A contingency budget to allow for effective management of the annual programme of work as the year progresses. |
|
Internal Audit Service Management and Delivery |
|
|
Action Tracking |
Ongoing action tracking and reporting of agreed, high risk actions. |
|
Internal Audit & Fraud Management |
Overall management of all audit and counter fraud activity, including work allocation, work scheduling and Orbis Audit Manager meetings. |
|
Audit Committee Reporting, Attendance and Other Member Support |
Production of periodic reports to management and Audit Standards and General Purposes Committee covering results of all audit and anti-fraud activity. |
|
Client Service Liaison |
Liaison with clients and departmental management teams throughout the year. |
|
Client Support and Advice |
Ad hoc advice, guidance and support on risk, internal control and governance matters provided to clients and services throughout the year. |
|
Impact of Local Government Reorganisation on Internal Audit |
Capacity for the service to consider and manage the potential implications of Local Government Reorganisation on internal audit and counter fraud services, in order to ensure these remain effective and fit for purpose. |
|
Orbis Internal Audit Developments |
Internal Audit and counter fraud service developments, including quality improvement and ensuring compliance with Global Internal Audit Standards. |
|
Organisational Management Support |
Attendance and ongoing support to organisational management meetings, e.g. Governance Panel, etc. |
|
System Development & Administration |
Development and administration of audit and fraud management systems. |
|
Other Auditable Areas Identified During the Audit Planning Process |
|
|
CQC Assessment Outcomes |
These are potential audits that could be drawn into the 2025/26 annual programme of work on a risk-basis should other audits be postponed or deferred or should available contingency time allow for it. In the event that any of these reviews are not completed in 2025/26, they will be considered for inclusion in future year’s audit plans. |
|
Purchasing Card |
|
|
Procurement Forward Plan |
|
|
Housing Mechanical & Engineering - Contract Management |
|
|
Emergency Accommodation |
|
|
Housing Allocations |
|
|
Leasehold Service Charges |
|
|
Hospital Discharges |
|
|
Adult Social Care Reviews & Assessment |
|
|
Deprivation of Liberty Safeguards |
|
|
Transport Surveillance Cameras |
|
|
Waste PFI – Contract Management |
|
|
Events Management |
|
|
Integrated Community Equipment -Contract Management |
|
|
Household Support Funding |
|
|
Educational Disadvantage |
|
|
Children’s Commissioning |
|
|
NECH Application Audit |
|