Audit, Standards and General Purposes Committee

Agenda Item 61[Insert]

       

Subject:                    Internal Audit Strategy and Annual Audit Plan 2026/27

 

Date of meeting:    21^st April 2026

 

Report of:                 Director of Property and Finance (S151)

 

Contact Officer:      Carolyn Sheehan (Audit Manager)

                                    Email: carolyn.sheehan@brighton-hove.gov.uk

                                   

                                    Mark Winton (Acting Chief Internal Auditor)

                                    Email: mark.winton@eastsussex.gov.uk

                                   

Ward(s) affected:   All

 

For general release

 

1.            Purpose of the report and policy context

 

1.1         The purpose of this report is to present the Internal Audit Strategy and Annual Internal Audit Plan for 2026/27 to the Committee.

 

1.2         Underpinning the work of the Internal Audit Service in delivering the Annual Internal Audit Plan are the key principles and objectives as set out in the Internal Audit Strategy and Charter. These are presented alongside the Annual Internal Audit Plan for 2026/27 as good practice dictates that these should be updated and reviewed on an annual basis.

 

2.            Recommendations

 

2.1         That Committee approves the Internal Audit Strategy and Internal Audit Plan and notes the Internal Audit Charter.

 

3.            Context and background information

 

3.1         The statutory basis for Internal Audit in local government is provided in the Accounts and Audit Regulations 2015, which require a local authority to “undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes”.

 

3.2         The Accounts and Audit Regulations contain the expectation that Internal Audit will take into account public sector internal audit standards or guidance. It is therefore important to note that, with effect from 1 April 2025, the Public Sector Internal Audit Standards (PSIAS) has been replaced by new Global Internal Audit Standards (GIAS).

 

3.3         The Internal Audit Strategy details the priorities for delivering an effective internal audit and counter fraud service together with details of the quality assurance and performance management arrangements for the coming year.

 

3.4         Through approving the Internal Audit Strategy alongside the Annual Internal Audit Plan for 2026/27, the link between the work of Internal Audit and the high-level strategic vision of the Council is apparent.

 

3.5         The Internal Audit Plan for 2026/27 is a risk-based programme of work, as set out at Appendix A. There are several core elements to the Plan that are likely to feature each year such as:

 

·                     Reviewing corporate governance arrangements to inform the Annual Governance Statement;

·                     Grant certification; and

·                     Counter fraud activity, including participation in the National Fraud Initiative (NFI)

 

3.6         Once these core elements of the Plan and follow up reviews are accounted for, the remaining audits shown in the proposed Plan have been included based on a risk priority which has been assessed following extensive consultation, along with consideration of risk registers and liaison with other local authority internal audit services.

 

3.7         The draft Strategy and Plan was also presented at a meeting of the nnual Governance Statement rall governance arrangements of the county council to support both Annual Governance Statement and XXXCorporate Leadership Team 24^th March 2026.

 

3.8         The Chief Internal Auditor is confident that the Internal Audit Plan provides sufficient coverage across the Council’s activities to enable him to form an overall opinion on the adequacy of the Council’s governance, risk management and internal control arrangements for the year.

 

3.9         Internal Audit and Counter Fraud have continued to plan for 1860 available days for 2026/27 which includes 450 days funded by the Housing Revenue Account (HRA) for investigation of tenancy fraud.

 

4.            Analysis and consideration of alternative options

 

4.1         In previous years the audit plan has been delivered in partnership with our colleagues from East Sussex County Council and Surrey County Council as part of Orbis Internal Audit. The service has been delivered predominantly by a sovereign team of staff based at Brighton & Hove City Council supplemented by two specialist teams (ICT and Corporate Fraud) who will undertake audit work across the Orbis partnership. There are also resources in place to allow for the delivery of external IT and other specialist audits if required.

 

4.2         The current review and proposal for the future Internal Audit Services may have an impact on available resources during 2026-27. We have made some provision for this in our planning and will update the Committee, through our quarterly reporting, if further changes to the audit plan are required.

 

5.            Community engagement and consultation

 

5.1         The process of compiling the Internal Audit plan has involved substantial consultations, including with members of the Corporate Leadership Team, heads of service and other senior management staff.

 

6.            Financial implications

 

6.1         It is expected that the 2026/27 Internal Audit plan will be delivered within the proposed budgetary resources.

 

6.2         The strategy, audit plan and actions that are taken in response to internal audit findings together support the robustness and resilience of the Council’s practices and procedures for the delivery of the Council’s overall objectives.

 

Name of finance officer consulted: Haley Woollard

Date consulted: (24/03/26)

 

7.            Legal implications

 

7.1    This report sets out the Council’s plan for complying with Regulation 5 of the Accounts and Audit Regulations 2015 which requires the Council to ‘undertake an effective internal audit to evaluate the effectiveness of its risk management, control and governance processes.’ It is within the delegated authority of the Council’s Audit, Standards  and General Purposes Committee to approve the Plan.

 

Name of lawyer consulted: Victoria Simpson Date consulted (25/03/26):

 

8.            Risk implications

 

8.1         The Internal Audit Strategy and Plan is based on a combination of management’s assessment of risk (including that set out within the departmental and strategic risk registers) and our own risk assessment of the Council’s major systems and other auditable areas. Issues arising from individual audit reports, will be summarised in quarterly progress reports to this Committee, and action plans will be formally agreed to mitigate risks. It is a management responsibility to establish and maintain internal control systems and to ensure that resources are properly applied, risks appropriately managed and outcomes achieved. 

 

9.            Equalities implications

 

9.1         There are no direct equalities implications.

 

10.         Sustainability implications

 

10.1      There are no sustainability implications.

 

11.         Other Implications

 

11.1      There are no other implications

 

 

12.         Conclusion

 

12.1      The Internal Audit Strategy and Internal Audit Plan, attached at Appendix 1, sets out proposals for maintaining an adequate and effective system of internal audit for 2026/27.

 

Supporting Documentation

 

Appendices

 

1.            Internal Audit Strategy and Internal Audit Plan 2026/27

2.            Detailed Annual Internal Audit Plan 2026/27

3.            Internal Audit Charter