APPENDIX 1
Internal Audit and Counter Fraud
Quarter 1 Progress Report 2025/26
CONTENTS
1. Summary of Completed Audits
2. Counter Fraud and Investigation Activities
3. Action Tracking
4. Amendments to the Audit Plan
5. Internal Audit Performance
1. Summary of Completed Audits
Microsoft Teams Governance
1.1 Microsoft Teams (MS Teams) is a part of the Microsoft 365 series of products and is used for chat, video conferencing and collaboration, with file storage and sharing capabilities within individual Teams sites. This software was quickly introduced as a solution for the Council during the pandemic to provide staff with the means to work and collaborate with their colleagues and clients from any location with the assistance of a Council-owned device.
1.2 This audit was included in the 2024-25 audit plan and was in progress at year end.
1.3 Our audit confirmed that the expected controls were in place and operating effectively, and that the control environment was therefore suitably robust, with a comprehensive Microsoft Teams Governance Plan and policies in place, along with established governance arrangements and controls over evaluated permissions. For this reason, we were able to provide an opinion of Substantial Assurance.
1.4 The purpose of the audit was to provide assurance that controls were in place to meet the following objectives:
· MS Teams was set up according to documented Council policies and service objectives, with a clear definition of its intended purpose;
· There are established processes to review system configurations and actively monitor activity and new functionality within MS Teams to ensure compliance with relevant policies and regulations;
· Measures are in place to protect sensitive and confidential information within MS Teams;
· There is an effective training program and communication channel for staff regarding the use, security, and update of MS Teams; and
· Governance arrangements exist for individual Team’s creation, access, and permissions to protect data and ensure a swift response to cyber incidents.
1.5 We identified one low risk area for improvement related to ensuring that all new owners have completed the mandatory training to protect the Council from data breaches. An action was agreed to minimise the risk associated with this finding.
IT&D Project Management
1.6 IT project management is used to help ensure that the Council can deliver technology solutions via defined projects or programmes, which support business change and ensure technology is appropriately managed and governed to support business as usual activity and maintain a stable IT architecture.
1.7 This audit was included in the 2024-25 audit plan and was in progress at year end. Its aim was to provide assurance around the mechanisms in place to ensure the overall delivery of major IT&D projects across the Council.
1.8 Overall, we were able to provide an opinion of Substantial Assurance in this area. We found that good governance measures are in place. There is appropriate approval and oversight, with lessons learnt exercises and training on offer. All projects follow a similar path and are reported in a way which provides a consistent approach.
1.9 The purpose of the audit was to provide assurance that controls were in place to meet the following objectives:
· IT project management practices align with the overall strategy and objectives of the Council, to help ensure that resources are utilised effectively, and opportunities are maximised;
· There is a clear and effective governance structure over IT project management,
ensuring that there is adequate oversight and accountability for IT projects;
· Clear and consistent practice is used across all IT projects, ensuring uniformity in their application, leading to consistent project outcomes; and
· Resources are appropriately allocated to IT projects with robust project management practices to help ensure projects are delivered timely and within budget.
1.10 Only one minor area for improvement was identified relating to the need to ensure a central record of project management associated training is maintained. Appropriate action was agreed with management to mitigate the risk.
Mobile Phone Application Management
1.11 Mobile Phone Application Management is the systematic process of requesting, reviewing, approving, and issuing of an organisation’s mobile applications. This process is crucial for the Council to ensure the security of mobile devices and safeguard the Council’s data from accidental or malicious use.
1.12 The Council’s mobile phones are all maintained through Microsoft Intune, an endpoint management system. This allows for the authentication and security management over Council issued iOS and Android devices to be maintained by the Council remotely. It is through the Intune Company Portal app on the individual devices that staff can download and install pre-approved mobile applications.
1.13 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.14 The scope of this audit was confined to Council owned managed devices and covered the following objectives:
· Governance arrangements over mobile applications are documented;
· Controls are in place to assess the security and business requirements of mobile applications prior to approval; and
· Applications available on Intune are subject to regular review and applications requiring licences have download limitations.
1.15 In completing this review, we were able to provide an opinion of Reasonable Assurance. We found that:
· The approvals process is based around business need, immediate financial impact (cost of the app), and information security controls;
· The documented risk review for an app clearly defines what the security expectations are for the Council. This helps mitigate the risk of the Council being financially impacted by data breaches with fines for noncompliance;
· There is a specific set of privileged users that can obtain application licences, deploy applications, and change security groups; and
· There is a low volume of applications being requested, approximately 20 in the past year, and there is an increasing number of applications that are becoming web-based, which will result in fewer requests.
1.16 We identified two areas for improvement:
· There is a need to review the apps available to staff to ensure they remain safe to use and remove those no longer in use to help mitigate the risks and lessen the resource impact of managing available apps; and
· A comprehensive list of apps that have been rejected by the Council is not maintained; such a list would minimise time spent reassessing or re-applying for new apps.
1.17 Actions to address these outstanding areas were agreed with management within a formal management action plan.
Inclusion Support Service
1.18 Brighton & Hove Inclusion Support Service (BHISS) works with nurseries, playgroups and childminders registered with Ofsted, as well as schools and colleges, to support children and young people with special educational needs and disabilities (SEND), and their families. The service includes educational psychologists, specialist teachers and practitioners in learning and communication and social, emotional, and mental health. There are nine distinct teams, including Early Years, Literacy and Visual Impairment and Deafness
1.19 A partial buy-back service is in place with schools, in addition to the statutory and core service delivery across the city. The budget for 2024/25 was £3.1m.
1.20 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.21 The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:
· Traded services are competitively priced and effectively promoted to help ensure their financial viability;
· Plans are in place to retain skilled staff to ensure sufficient resources and reduce the risk of service failure;
· Clear policies, procedures, and documentation are in place to support compliance with statutory requirements;
· Effective processes are in place to ensure that performance is accurately measured and reported to senior management; and
· Budgets are properly monitored and reported.
1.22 Based on the work undertaken, we were able to provide an opinion of Reasonable Assurance, as services are subject to appropriate budget monitoring, quality assurance processes are in place and the service is competitively priced, resulting in strong take-up levels.
1.23 However, we identified some opportunities to further strengthen the control environment, and actions have been agreed with management to:
· Explore mechanisms to address capacity issues and manage growing demand; and
· Enhance performance monitoring and reporting, facilitated by a case management system.
Public Health Locally Commissioned Services
1.24 Locally Commissioned Services (LCSs) are a set of public health services that are commissioned and funded using the Public Health grant and other Public Health funding streams. They are purchased via local General Practices and local Community Pharmacies. These include services relating to contraception, smoking cessation and sexual health.
1.25 The budget for the contracted Locally Commissioned General Practice services is approximately £717,000 pa and for Locally Commissioned Pharmacy Services £179,000 pa. The current three-year contract runs from 2023-2026.
1.26 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.27 The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:
· Suitable priorities and desired outcomes have been identified. These align with Council priorities and statutory responsibilities, any requirements of related grants, and client needs;
· Effective contract monitoring and reporting arrangements, including corporate oversight, are in place to ensure delivery in accordance with the contract and grant requirements;
· Financial controls are in place to ensure delivery in accordance with the agreed budget and contract amount;
· Effective risk management arrangements are in place for the ongoing management of the contract;
· The contractor is financially viable, properly insured and has effective business continuity planning; and
· Any variations or changes to the originally agreed specification are in accordance with (procurement and) Contract Standing Orders.
1.28 We were able to provide an opinion of Reasonable Assurance as detailed specifications are in place for the service, and regular management of contracts takes place via meetings both between commissioners and with providers. Financial controls and budget monitoring activities were found to be in place.
1.29 However, we identified some opportunities to further strengthen the control environment, and actions have been agreed with management, including to:
· Verify claims data and strengthen identification of anomalies;
· Develop enhanced key performance indicators for when specifications are updated; and
· Adopt and embed key elements of the Council’s corporate Contract Management Framework.
Home Purchase Scheme
1.30 The Home Purchase Scheme allows the Council to buy properties to add to housing stock. Homes purchased under this scheme are subsequently let to households on the Council’s housing register as permanent social housing or as temporary accommodation.
1.31 This includes properties previously sold under the right to buy scheme. Under housing legislation, the council is offered first refusal if the former tenants decide to sell the property within 10 years of the original purchase. The Scheme also considers buying other properties, where the right of first refusal does not apply.
1.32 Since the Home Purchase Policy was set up in 2017, figures to December 2024 show that there have been 745 applications, with 383 proceeding to purchase. Of these, 45 had been completed at the conclusion of the audit, against a target of 70 for 2024/25.
1.33 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.34 The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:
· Policies, procedures and guidance are in place and periodically reviewed to ensure there is an efficient, consistent and a customer focused approach to administering the scheme;
· The available budget and costs of purchase and refurbishment are managed robustly enabling the Council to buy properties at a fair value under the Home Purchase Scheme; and
· Properties are purchased in accordance with Council criteria, meeting the needs of residents, and all statutory deadlines are met.
1.35 We were only able to provide an opinion of Partial Assurance over the controls operating within the area under review because we found an increased risk of non-compliance with procedures and regulations. We also found that delays and some additional costs had not always been factored into deciding whether to purchase a property.
1.36 Actions have been agreed with management to address identified risks from the review and improve the control environment, as follows:
· Ensure that purchases are communicated promptly to the Insurance Team so that insurance details can be updated and timely and appropriate cover is in place;
· Viability calculations are updated to take account of any delays and changes to costs;
· Periodic monitoring takes place to review estimated costs with the actual cost of acquiring a property;
· Monitor and ensure deadlines are not missed for Regulated Buyback cases (where the Council has Right of First Refusal);
· Develop a procedure for major work costs to be included in the viability calculation;
· Review the Council’s Empty Homes Lettable Standard (2021) to ensure it aligns with the Governments Decent Homes Standard;
· Update the Temporary Accommodation and Private Sector Leased Lettable Standards and communicate to staff how this will be applied;
· Ensure stamp duty payments to HMRC are paid within 14 days of completion; and
· Introduce consistent approach to case reviews.
1.37 This audit will be subject to a follow up review to assess whether actions agreed with management have been implemented and are working effectively to mitigate risk.
Attendance Management
1.38 Sickness absence reporting was brought in-house in April 2024. Previously employees were instructed to inform a third party of any sickness absence, who updated records on behalf of management. Employees are now instructed to contact their line manager to report sickness absence, and line managers are required to record absence details and return to work conversations directly onto the HR Management System (PIER).
1.39 The Council’s year-end performance report for 2023/24 shows that the average number of working days/shifts lost per Full Time Equivalent (FTE) due to sickness absence (not including schools) was 11.56, up from 11.33 the previous year. For key performance indicators the target is set at 10.9 days for 2024/25 and at Q3, the data showed actual performance was at 11.69 days.
1.40 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.41 The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:
· Effective up-to-date policies and procedures are in place to support compliance with legal and corporate requirements. Appropriate training and guidance are provided to ensure that staff and managers are aware of their roles and responsibilities around absence reporting and management;
· All members of staff are subject to appropriate management and supervision in respect of sickness absence;
· Return to Work and other review meetings are recorded on the PIER system and adequate records are retained by the line manager; and
· Compliance with corporate policies is effectively monitored and managed.
1.42 We have only been able to provide an opinion of Partial Assurance over the controls operating within the area under review because we found inadequate level of compliance with the policy. We also found that ineffective monitoring and analysis of data is likely to have been a barrier in identifying root causes of absence and to reducing high rates of absence across the Council.
1.43 Actions have been agreed with management to address identified risks from the review and improve the control environment, as follows:
· Communicate and embed attendance management expectations, learning, and skills across the Council;
· Develop new absence management reporting, to sit alongside other performance management arrangements, so that oversight is improved and issues can be identified early;
· Improve recording of closing absences and return to work conversations;
· Improve oversight and management of staff who have reached an attendance concern level;
· Review and benchmark sickness absence targets for Key Performance Indicators; and
· Review the Attendance Management policy.
1.44 Due to the Partial Assurance opinion, we will complete a follow-up review to assess the extent to which these actions have been implemented.
Brighton Centre – Cultural Compliance
1.45 The Brighton Centre is an events space located in the city centre and holds a range of events, including live music, conferences, and exhibitions.
1.46 This audit was included in the 2024/25 audit plan and was in progress at year end.
1.47 The objective of this review was to provide assurance over compliance with Council policies and procedures at the Brighton Centre, to meet the following objectives:
· All employees are compliant with the Council’s policies and procedures and perform these as part of their duties; and
· Financial management is robust and compliant with financial regulations.
1.48 In completing this work, we found that Council policies and procedures are not always being adhered to, including in relation to recording and transparency of financial arrangements, the appropriate use of purchasing cards, timely raising of purchase orders, completion of mandatory training, processing of staff expense and overtime claims and the management of absences. As a result, we were only able to provide an opinion of Partial Assurance.
1.49 A robust action plan was agreed with management to ensure that:
· The financial position is clear and managed effectively through; the inclusion of detailed explanation for variances in the budget, clearer allocations of funds within the budget, review of suppliers to ensure compliance with contract standing orders, and introduction of guidance around income streams for consistent application;
· Employees are aware of, and adhere to, corporate policies and procedures in relation to mandatory training, purchasing, expense claims, performance management, and declarations of interests, gifts, and hospitality;
· Sickness absence management procedures are followed where triggers are met;
· Annual leave entitlement for staff is appropriately reviewed to ensure it aligns with corporate policy; and
· Procedures and guidance are in place and circulated to employees for all processes specific to the Brighton Centre, for example, rota management and health and safety for managing the events and space.
1.50 Due to the Partial Assurance opinion, we will complete a follow-up review to assess the extent to which the agreed improvement actions have been implemented.
Temporary Accommodation – Block Booked and Spot Purchase Payments
1.51 The Council has a statutory duty under the Housing Act 1996 (as amended by the Homelessness Act 2002) and the Homelessness Reduction Act 2017 to take action to prevent homelessness and assist people who are made homeless or threatened with eviction. Anyone can be placed in temporary accommodation by the Council providing the Council has reason to believe they are in priority need and eligible for assistance.
1.52 Interim placements (emergency accommodation placements) are made under Section 188 of the Housing Act 1996, Longer-term temporary accommodation placements for households accepted as homeless are made under Section 193 of the Housing Act 1996. Placements under both duties are referred to as temporary accommodation placements.
1.53 Interim accommodation takes the form of bed and breakfast accommodation, hotels and hostels which are charged at a daily rate. In 2023/24, the cost of interim accommodation for the Council was approximately £9.8m.
1.54 This audit was agreed as an addition to the 2024-25 audit plan and was in progress at year end. It was added following concerns being raised relating to payment controls in this area. The purpose of the audit was to provide assurance that controls are in place to meet the following objectives:
· Supplier payments are monitored and reported to senior management on a regular basis;
· Suppliers are paid in adherence with their contractual payment terms and arrangements;
· Payments to suppliers are reconciled against actual occupancy data;
· Voids are managed effectively, and periods of non-occupancy are identified and recorded to minimise the volume of overpayments. Properties are promptly reallocated to people in priority need; and
· Robust procedures are in place to clawback supplier overpayments.
1.55 We have only been able to provide an opinion of Partial Assurance over the controls operating within the area under review because current processes are insufficient to effectively control costs. Too much reliance is placed on Finance staff to identify errors and anomalies post-payment for rectification, rather than by the service.
1.56 Actions have been agreed with management to address identified risks from the review and improve the control environment, as follows:
· A robust automated payment reconciliation process is developed, to check and confirm the accuracy of the payments to suppliers of Spot Purchase and Block Booked interim accommodation, conducted at service level;
· Pending implementation of the above, establish a basic pre-payment validation and checking process;
· Improve contract management processes, particularly where complex supplier relationships exist, to ensure they are operating effectively;
· A robust void clawback process is developed for periods of non-occupation and communicated to suppliers;
· Service resilience is reviewed to address any single points of failure;
· Key performance indicators are established for payment processes and where payment terms are standardised;
· Proactive supplier risk management arrangements are formalised and embedded;
· A comprehensive set of procedure documentation is developed to ensure compliance with service requirements and principles; and
· A mechanism for recording and monitoring supplier overpayments is developed and embedded.
1.57 Due to the partial assurance opinion, we will complete a follow-up review to assess the extent to which the agreed improvement actions have been implemented.
Schools
1.57 We have a standard audit programme in place for all school audits, with the scope of our work designed to provide assurance over key controls operating within schools. The objectives of our work are to ensure that:
· Governance structures are in place and operate to ensure there is independent oversight and challenge by the Governing Body;
· Decision making is transparent, well documented, and free from bias;
· The school is able to operate within its budget through effective financial planning;
· Unauthorised or inappropriate people do not have access to pupils, systems, or the site;
· Staff are paid in accordance with the schools pay policy;
· Expenditure is controlled and funds used for an educational purpose;
· The school ensures value for money on contracts and larger purchases; and,
· All voluntary funds are held securely and used in accordance with the agreed purpose.
1.58 One school and one nursey audit were finalised in quarter 1. The table below shows details of the audits, together with the final level of assurance reported to them.
|
Name of School |
Audit Opinion |
|
St Andrews Primary School |
Partial Assurance Areas requiring improvement included: · Ensuring declarations of interest are updated annually with appropriate controls in place for any positive declarations and governors' declarations are published on the school website; · Annually updating the pupil premium report and publishing on the school’s website; · Ensuring robust expenditure controls and oversight of expenditure is in place; · Procurement practices are compliant, and a competitive process takes place where alternative quotes are sought; and · Ensuring contractors have the correct level of public liability insurance and employment status (IR35) checks are completed where appropriate. |
|
Tarnerland Nursery School |
Partial Assurance Areas requiring improvement included: · Ensuring declarations of interest are updated annually with appropriate controls in place for any positive declarations and governors' declarations are published on the school website; · Ensuring robust expenditure controls and oversight of expenditure is in place; · Review and approval of key documents; · Procurement practices are compliant, and a competitive process takes place where alternative quotes are sought; and · Ensuring contractors have the correct level of public liability insurance and employment status (IR35) checks are completed where appropriate. |
1.53 We aim to undertake follow-up audits at all schools with Minimal Assurance opinions. For Partial Assurance opinions we will undertake a follow up review or alternatively write to the Chair of Governors to obtain confirmation that recommendations have been implemented.
1.54 The core financial role of the LA is to set and monitor a local framework, including provision of budgetary information, provision of a financial oversight and intervening where schools are causing financial concerns. Schools (the governing body and the Headteacher) are required to manage their delegated budget effectively ensuring the school meets all its statutory obligations, and through the Headteacher, comply with the LA’s Financial Regulations and Standing Orders.
Grant Certifications and Non-Opinion Work
Transition of the Coast to Capital Local Enterprise Partnership (LEP)
1.55 From April 2024, Central Government ceased providing funding to LEPs, with the functions previously held transferring to Upper Tier Local Authorities. The Council is a member of, and the accountable body for, the Coast to Capital (C2C) LEP, and therefore had a key role in securing the transfer of remaining funds from C2C to local authorities.
1.56 The objective of this review was to assess controls and practice in place regarding the transition of the C2C LEP and identify where any improvement could be made in future endeavours.
1.57 We were able to provide assurance that:
· Appropriate officers had been allocated to lead on this work, with representation across key service areas;
· Regular meetings were taking place with representatives from each group to discuss transition activities;
· Legal and settlement agreements had been drafted for the transition of funds; and
· The future of economic development activities had been considered and actioned in line with government guidance.
1.58 We identified areas where controls could be strengthened for future partnership working arrangements across the Council, which were shared with management, these included:
· Clear definitions of roles and responsibilities of all parties in a partnership arrangement, at the earliest opportunity, and documented approval of this;
· Record and retain detailed minutes of meetings, including circulating agendas and actions, and the formal approval of meeting terms of references;
· Develop clear plans and timelines, with assigned accountable individuals to these;
· Ensuring sufficient resources are in place and available to progress work; and
· Regular reporting to senior management of progress and updates.
1.59 This review did not contain an assurance opinion, as this was a bespoke piece of work that came out of the cessation of LEPs nationally.
Multiply Grant
1.60 The Multiply Grant is funding provided by the Department of Education towards improving functional numeracy skills for adults through personal tutoring, digital training, and flexible courses. Brighton and Hove City Council received funds of £917,932 between 2022 and 2025.
1.61 Internal Audit conducted a review of a random sample of 10 transactions for 2024/2025 to offer assurance that expenditure was claimed appropriately and in accordance with the grant conditions.
1.62 No issues were identified in the grant certification.
Supporting Families Programme
1.63 The Department for Education require Internal Audit to verify a proportion (5-10%) of outcome submissions made by the Local Authority for Supporting Families Programme, using the updated national Outcomes Framework (October 2023 – March 2025). This is the final award under this grant.
1.64 We reviewed 27 of the 266 submissions in quarter 4 of 2024/25 (January to March 2025) and confirmed that these have been subject to appropriate quality assurance checks.
1.65 All of the families selected in our sample have firstly met the criteria to be eligible for the programme. Required outcomes were also found to have been sustained for at least six months from case closure in all but one of the cases; the regression check for one case was made earlier due to human error.
1.66 In all significant respects, we found the conditions attached to the grant determination for 2024/25 have been complied with.
2 Proactive Counter Fraud Work
2.1. The team continue to monitor intel alerts and share information with relevant services when appropriate.
2.2. In addition, the team are continuing to review matches released as part of the National Fraud Initiative. High risk matches will be prioritised for investigation and support provided to services reviewing the reports.
Summary of Completed Investigations
2.3 Internal Audit made initial enquiries following receipt of an external referral alleging misuse of a government grant. Enquiries found the grant conditions had been complied with and there was no case to answer.
Lease Arrangements
2.4 Following receipt of whistleblowing allegations that Council officers had unfairly changed conditions of a lease and failed to provide information, we undertook initial enquiries. Internal Audit found that external legal advice had been sought on the treatment of the lease, and this had been followed. We found no evidence that officers had acted inappropriately, and no further action was required.
Illegal Eviction
2.5 The team provided support to the successful prosecution of a landlord who illegally evicted a tenant. The landlord received a 12-month conditional discharge and was ordered to pay compensation of £3,016 to the victim.
Housing Tenancy Fraud
2.6 The Tenancy Fraud Team continue to investigate allegations of potential sublet. They work closely with Housing Managers and other officers for a joined-up approach to allegations of abandonment, with an increasing emphasis on visits and communication with tenants to increase awareness and reiterate a tenant’s responsibility under their tenancy agreements.
Council Tax Fraud
2.7 The Team continues to investigate allegations of false claims for Single Person Discount (SPD) and Council Tax Reduction Support (CTRS).
2.8 The table below shows the estimated financial value saved through the work of the Tenancy Fraud Team.
|
Fraud Area |
(£) Year to Date |
(£) 2024/25 |
(£) 2023/24 |
(£) 2022/23 |
|
Properties Recovered |
78,300 |
930,000 |
558,000 |
186,000 |
|
Housing Application Withdrawn |
21,415 |
359,772 |
- |
- |
|
Homeless Application Withdrawn |
|
|
- |
- |
|
Right-To-Buy Withdrawn |
|
102,400 |
- |
- |
|
SPD Removed |
3,354 |
5,559 |
8,625 |
511 |
|
Revenues Exemption Removed |
1,910 |
2,947 |
|
|
|
CTRS |
|
4,659 |
440 |
406 |
|
Housing Benefit |
|
|
3,853 |
3,658 |
|
Business Rates |
|
|
- |
- |
|
Total |
104,979 |
1,405,337 |
570,918 |
190,575 |
3 Action Tracking
3.2 It is notable that seven of the eight high priority actions outstanding related to agreed improvements in the control environment following an allegation of financial irregularity. All of these actions have since been confirmed as implemented.
3.3 The eight high priority actions which were overdue at the end of quarter 1 are summarised below.
|
Details of Audit Issue |
Due date |
Revised date |
Agreed Action |
|
Payroll Irregularity – Protocols for Reporting Fraudulent Activity |
30/09/24 |
31/12/24 |
A guidance document for managing and reporting payroll fraud will be created and circulated to schools and the Payroll Team.
This action is now confirmed as implemented.
|
|
Off Payroll Payments (IR35) |
01/01/25 |
11/04/25 |
A system solution will be explored through the Corporate Systems Improvement Programme to improve reporting and oversight through Civica and Pier systems. Action repeated in follow up review to be reported in Q2. |
|
Failure to Work Contractual Hours
|
09/04/25 |
|
Staff will be reminded of their contractual obligations, and work attendance will be monitored by management to ensure there is compliance. This action is now confirmed as implemented. |
|
Breach of the Code of Conduct and Anti-Fraud and Corruption Strategy |
09/05/25 |
|
Management will send an email with a copy of the Council’s Code of Conduct attached to all staff within the Parking Department reminding them of the expected behaviour of staff as outlined in the policy. This action is now confirmed as implemented. |
|
Misuse of Council Car Park Passes |
09/05/25 |
|
Management will remind staff in Parking Services that, as per the Code of Conduct, staff should only use Council facilities (including car park passes) provided by the Council for use in their duties to carry out those duties and for no other purpose. This action is now confirmed as implemented. |
|
Breach of Purchase Card Terms and Conditions |
09/05/25 |
|
Management will email all Purchase Card Holders and Approving Managers in Parking reminding them of the terms and conditions associated with holding a Purchase Card and requesting that they refresh their corporate training. This action is now confirmed as implemented. |
|
Breach of Contract Standing Orders. |
28/05/25 |
|
Management will ensure staff involved in the procurement of contracts understand the procurement process and the importance of maintaining accurate records to ensure there is a clear audit trail of the decision-making process. This action is now confirmed as implemented. |
|
Breach of Contract Standing Orders. |
28/05/25 |
|
Management will ensure staff involved in the procurement of contracts understand the procurement process and the importance of maintaining accurate records to ensure there is a clear audit trail of the decision-making process. This action is now confirmed as implemented. |
3.3 A follow up review of Off Payroll Payments was in progress during Q1, where we will seek to assess the level of progress made against the actions agreed.
3.4 A number of high priority actions have had their implementation deadlines extended, in agreement with management. Where the revised deadlines are not met, these will be reported to the next meeting of the Audit, Standards and General Purposes Committee.
4 Amendments to the Audit Plan
4.1 In accordance with proper professional practice, the Internal Audit plan for the year has been kept under regular review to ensure that the service continues to focus its resources in the highest priority areas based on an assessment of risk. Through discussions with management the following audits have been added to the audit plan this quarter:
|
Planned Audit |
Rationale for Addition |
|
Madeira Terraces Programme Assurance |
To provide assurance that the programme to refurbish and repair Madeira Terraces is operating as expected to deliver the project objectives. Review requested by Corporate Director, City Operations. |
|
Brighton Marina to River Adur Flood and Coastal Erosion Programme Assurance |
To provide assurance that the programme is operating as expected to deliver coastal defences alongside the Environment Agency and the Council’s role as accountable body is effective. Review requested by Corporate Director, City Operations. |
|
Fleet Procurement Compliance |
To review procurement compliance within the management of the Council’s fleet of vehicles and equipment. Review requested by Corporate Director, City Operations. |
|
Petty Cash Controls |
A number of concerns have been raised in recent years regarding the control of petty cash across the Council. Although use of cash across the Council has significantly reduced, there are still some services that still heavily rely on petty cash systems to deliver support to clients. |
4.2 In order to allow these additional audits to take place, contingency available for emerging risks has been used. In addition, the following audits have been removed or deferred from the audit plan and where appropriate, will be considered for inclusion in future audit plans as part of the overall risk assessment completed during the annual audit planning process. These changes have been made on the basis of risk prioritisation and/or as a result of developments within the service areas, that may require a reschedule of audit assignments.
|
Planned Audit |
Rationale for Removal |
|
Environmental Services Project Management |
Removed from the plan for 2025/26 to accommodate other requested audits in City Operations. Will be considered as part of a wider review of commissioning for future audit plans. |
|
Mobile Phone Application Audit Follow Up |
Follow up review not required as final report opinion has changed from Partial to Reasonable Assurance. |
5 Internal Audit Performance
5.1 In addition to the annual assessment of internal audit effectiveness against Global Internal Audit Standards (GIAS), the performance of the service is monitored on an ongoing basis against a set of agreed key performance indicators as set out in the following table:
|
Aspect of Service |
Orbis IA Performance Indicator |
Target |
RAG Score |
Actual Performance |
|
|
Quality
|
Annual Audit Plan agreed by Audit Committee |
By end April |
G |
2025/26 Internal Audit Strategy and Annual Audit Plan formally approved by Audit, Standards & General Purposes Committee - Tuesday, 22nd April 2025. |
|
|
Annual Audit Report and Opinion
|
By end July |
G |
2024/25 Annual Report and Opinion presented to Audit, Standards & General Purposes Committee 24th June 2025. |
|
|
|
Customer Satisfaction Levels |
90% satisfied. |
G |
100% |
|
|
|
Productivity and Process Efficiency |
Audit Plan – completion to draft report stage |
22.5% |
G |
22.9% |
|
|
|
Percentage of audit plan days delivered |
22.5% |
G |
22.6% |
|
|
Compliance with Professional Standards |
Global Internal Audit Standards |
Conforms |
G
|
April 2025 - Self Assessment against the recently introduced Global Internal Audit Standards (GIAS) completed. No major areas of non-conformance identified. Some areas to ensure full compliance have been identified including the update of the Audit Charter. |
|
|
|
Relevant legislation such as the Police and Criminal Evidence Act, Criminal Procedures, and Investigations Act |
Conforms |
G
|
No evidence of non-compliance identified |
|
|
Outcome and degree of influence |
Implementation of management actions agreed in response to audit findings |
95% for high priority agreed actions |
A |
76.5% for high priority agreed actions (see above) |
|
|
Our staff |
Professionally Qualified/Accredited (Includes part-qualified staff and those undertaking professional training) |
80% |
G |
82% |
|
Audit Opinions and Definitions
|
Opinion |
Definition |
|
Substantial Assurance |
Controls are in place and are operating as expected to manage key risks to the achievement of system or service objectives. |
|
Reasonable Assurance |
Most controls are in place and are operating as expected to manage key risks to the achievement of system or service objectives. |
|
Partial Assurance |
There are weaknesses in the system of control and/or the level of non-compliance is such as to put the achievement of the system or service objectives at risk. |
|
Minimal Assurance |
Controls are generally weak or non-existent, leaving the system open to the risk of significant error or fraud. There is a high risk to the ability of the system/service to meet its objectives. |