Agenda and minutes

Governance and Audit Committee - Wednesday, 27th September, 2023 9.30 am

Venue: Hybrid - Neuadd Cyngor Ceredigion, Penmorfa, Aberaeron / remotely via video conference

Contact: Dana Jones 

Items
No. Item

1.

Apologies

Minutes:

None.

2.

Personal Matters

Minutes:

None.

3.

Disclosures of Personal / Prejudicial interest

Minutes:

Councillor Keith Henson declared a personal and prejudicial interest in item 15 on the agenda.

 

 

4.

To confirm the Minutes of the Governance and Audit Committee held on 21 June 2023 and to consider any matters arising from those Minutes pdf icon PDF 97 KB

Minutes:

It was AGREED to confirm as a true record the Minutes of the Meeting of the Committee held 21 June 2023.

 

Matters Arising

None.

 

5.

Governance and Audit Committee Meetings Actions Log pdf icon PDF 145 KB

Minutes:

Consideration was given to the Governance and Audit Committee Meeting Actions Log.

 

It was AGREED to note the content as presented.

 

Add to Action Log 27/9/23:

 

1)AGS/Local Code/ Governance Framework

  • Further work on these documents would be addressed following discussion with the Chair;
  • an overarching document would be presented to consider both the Framework and Statement for 2023-2024 accordingly.
  • Owner: Elin Prysor
  • Target date-31/1/24

 

2)Lay members wished to receive an invite to the Members 24/25 budget-setting  workshops

 

 

 

6.

Regulator & Inspectorate Reports and Updates pdf icon PDF 3 MB

Minutes:

Consideration was given to the Regulator & Inspectorate Reports and Updates which has 3 parts:

 

a) Audit Wales quarterly update to Governance and Audit Committee

b) Any local risk work issued/published since the last Governance and Audit Committee meeting

c) Audit Wales National Reports

 

 

Current Position

a) Audit Wales quarterly update to Governance and Audit Committee

·       Audit Wales – 23-24 Q1 Workplan and Timetable – Ceredigion County Council

 

b) Any local risk work issued/published since the last Governance and Audit Committee meeting

·       Care Inspectorate Wales – Performance Evaluation Inspection of Ceredigion County Council

·       Care Inspectorate Wales - CIW Inspection Action Plan final

·       Audit Wales – Setting of Well-being Objectives – Ceredigion County Council

·       Audit Wales – Planning Service Follow-up review – Ceredigion County Council

 

c) Audit Wales National Reports

 

·       Audit Wales – Cracks in the Foundations – Building Safety in Wales

·       Audit Wales – Consultation on Fee Scales 2024-25

·       Audit Wales –Springing Forward -  Lessons from our work on workforce and assets in local government

 

 

Following the presentation by Audit Wales and questions from the floor, it was AGREED:-

(i) to note the reports for information; and

(ii) that the Council response report to each of the Regulator & Inspectorate Reports on future agendas would be inserted after each report; in order for ease of Members to consider both combined reports

 

 

7.

Council Responses to Regulator & Inspectorate Reports pdf icon PDF 340 KB

Minutes:

The Report sets out the Council’s responses regarding Regulator and Inspectorate Reports and progress made regarding proposals and recommendations.

 

This Report had 2 parts:

a) Council tracker of Regulator/Inspectorate proposals for improvement and recommendations; and

b) Other Council related matters.

 

 

Current Position

 

a) Council tracker of Regulator/Inspectorate proposals for improvement and recommendations

 

o   Council Management Response Forms 2020-2021 & 2021-2022 Update:

·       Audit Wales – Equality Impact Assessments: More than a tick box exercise?

·       Audit Wales – Springing Forward – Review of Strategic Workforce Management

·       Audit Wales – ‘Raising our Game’ Tackling Fraud in Wales – update due 2024

 

o   Council Management Response Forms 2022-23:

·       Audit Wales – Cracks in the Foundations – Building Safety in Wales

·       Audit Wales - Planning Service follow up review

·       Setting of Well-being Objectives

 

b) Other Council related matters

 

 

It was AGREED :

(i) to note the reports for information; and

(ii) future Management Response Forms would be presented alongside the corresponding Regulator & Inspectorate Reports (item 6 above)

 

8.

Annual Governance Statement Update pdf icon PDF 1 MB

Minutes:

A report on the Governance Framework Document and Annual Governance Statement 2022-23 was presented to the Governance and Audit Committee on the 17th of January 2023  and on the 9th of March 2023.

 

The Draft Governance Framework Document 2022-23 had been updated following the previous 9th of March 2023 report to ensure it remains up to date and all the changes were highlighted accordingly in the report in detail.

 

The Draft Annual Governance Statement 2022-23 had been prepared in accordance with the framework. It includes:

                An acknowledgement of responsibility for ensuring good governance;

                Reference to the assessment;

                An opinion on the level of assurance that the governance arrangements can provide;

                A progress report on how issues identified last year have been resolved;

                An agreed action plan to deal with governance issues over the next year; and

                A conclusion.

 

On the 9th of March 2023 the Committee agreed to recommend that Council endorses the Draft Annual Governance Statement 2022-23, subject to including the following sentence in the executive summary:

‘The review confirmed that the Council’s governance arrangements are effective and fit for purpose’. This sentence had now been included

 

On the 20th of April 2023 Council agreed to approve the Draft Annual Governance Statement 2022-23. The Draft Annual Governance Statement 2022-23 had also been updated following the previous 9th of March 2023 report to ensure it remains up to date. The changes were outlined in detail in the report.

 

The Committee was requested to recommend that Council endorses the updated Draft Annual Governance Statement 2022-23.

 

Governance Framework 2023-24 and Current Year Action Plan

A workshop would be held on the 06 of December 2023 for relevant Officers and Committee Members to consider progress on the actions set out in the 2022-23 Annual Governance Statement.

 

During this workshop, the Governance Framework Document would be updated to reflect progress made towards completing these actions. The draft Governance Framework Document 2023-24, updated document would then be presented to the Committee at its 24 January 2024 meeting.

 

          It was AGREED:

(i)note the contents of this report;

(ii) note the Draft Governance Framework Document 2022-23 and

(iii)recommend that Council endorses the Draft Annual Governance Statement 2022-23; and

(iii) that further work on these documents would be addressed in the near future following discussion with the Chair; and that an overarching document would be presented to consider both the Framework and Statement for 2023-2024 accordingly.

 

 

9.

Self-Assessment of good practice and evaluating effectiveness of Governance and Audit Committee pdf icon PDF 619 KB

Minutes:

Consideration was given to the Self-Assessment of good practice and evaluating effectiveness of Governance and Audit Committee.

Following the circulation of a survey and workshop, on 10 March 2022 a draft Self-assessment and Evaluation of Effectiveness Review was considered by the Governance and Audit Committee. It was agreed that the document would be reconsidered in order that a final review document could be presented at the next Committee meeting.

 

At the Committee’s 08 June 2022 meeting, it was confirmed that the draft Self-assessment and Evaluation of Effectiveness Review had been added to the Forward Work Programme under September’s 2022’s scheduled meeting as it was hoped that a Workshop would be scheduled for the new Committee in advance of this meeting in order to reconsider the document and discuss the skills of the new Committee. It was agreed that a workshop be held prior to the September meeting in order to collate skills of Committee Members.

A workshop was held in November 2022.

 

A further workshop was held on 13 June 2023 for the Committee to consider the draft Self-assessment and Evaluation of Effectiveness Review. The ‘Self-assessment of good practice’ document, as completed was presented.

 

The Committee did not complete the CIPFA tool ‘Evaluating the impact and effectiveness of the audit committee’) tool. Currently, the Committee were needed to consider whether

                the self-assessment exercise for 2022-23 was complete

                going forward it wishes to use CIPFA’s ‘Self-assessment of good practice’ and ‘Evaluating the impact and effectiveness of the audit committee’ tools, or use an alternative method of self-assessment. 

 

It was AGREED to

(i) note the contents of the draft ‘Self-assessment of good practice’ document

(ii) that the self-assessment exercise for 2022-23 was complete, however, further work was required for Question 28 on the document; and

(iii)that a revised self-assessment procedure for the 2023-2024 self- assessment process would need to include governance assurance

 

 

10.

Internal Audit Progress Report Q1 2023/24 pdf icon PDF 731 KB

Minutes:

Consideration was given to the report of the Corporate Manager-Internal Audit on The Internal Audit Progress Report Quarter 1. It was reported that the Committee considered the annual Internal Audit Strategy 2023/24 at its meeting in March 2023 which also identified the main areas of work for the 2023/24 operational audit plan. The Plan included reviews carried forward from the previous year’s audit plan, routine audits eg grant certifications and work prioritised dependant on risk, on which the Internal Audit Section could form its assurance opinion.

 

For 2023/24, a risk assessment was undertaken in addition to information from the Council’s Corporate Risk Register as new risks to the Council continue to emerge, which were constantly changing. IA would therefore assess its work on an on-going basis, considering the Council’s changing needs and priorities regularly. Any reactive work added to the Operational Plan was reported within this report.

This progress report notes the steps made to date toward delivery of the audit strategy, by providing a summary of the work undertaken. It also documents the current resource position, and the Section’s improvement plan.

 

It was AGREED:-

(i) to note the work undertaken and current position of the

Internal Audit Service;

(ii) that the relevant Cabinet Members be aware of any issues raised in Internal Audit reports;

(iii) to note that a follow up meeting with the CLO and Corporate Manager for the Museum service had been undertaken  and that a further Internal Audit of Financial Management & Income was due to be undertaken in October  to ensure sufficient controls being addressed by management; and

(vi) to request that the relevant CLO responsible for the Museum shop be present at a future meeting to address the issues raised in the document

 

 

11.

Internal Audit Self-Assessment 2022/23 pdf icon PDF 627 KB

Minutes:

It was reported that the PSIAS and CIPFA’s Local Government Application Note supersede the 2006 Code for Internal Audit and came into force from April 2013. The PSIAS and Application Note must be complied with in order to ensure proper internal audit practices were applied.

The Application Note contained a checklist which had been developed to satisfy the requirements set out in PSIAS 1311 and 1312 for periodic self-assessments as part of the Quality Assurance and Improvement Program (QAIP). It incorporates the requirements of the PSIAS as well as the Application Note in order to give comprehensive coverage of both documents.

 

The completed self-assessment was attached in full to consider, along with resulting improvement plan.To highlight the key areas of change within the Self-Assessment for 2022-23, the areas identified for improvement reported to you in the 2021-22 Self-Assessment had been addressed and marked as ‘conforms’. The remaining area is Std 1210:

5.3.1 Does the CAE hold a professional qualification, such as CMIIA/CCAB or equivalent?

As was regularly reported to GAC, the CMIA was currently studying for the IIA’s Certificate in Internal Audit.

 

It was AGREED to note the content of the report.

 

12.

Annual compliments, Complaints and Freedom of Information Report pdf icon PDF 2 MB

Minutes:

Introduction

This report provides information relating to the Council’s Compliments, Complaints and FOI activity between 1st April 2022 and 31st March 2023.  The report itself included specific information on the number and type of compliments received, the different complaints stages, performance and outcomes relating to these and information on compliance with FOI and EIR legislation. 

 

A report detailing the compliments and complaints activity in relation to Social Services was also presented, and information about the Lessons Learned as a consequence of (corporate) complaints was also provided.  The main report consists of a section about the contact received from the Public Services Ombudsman for Wales (“the Ombudsman”) during the reporting period.  The Ombudsman’s Annual Letter to the Council was also presented and provided further details about all Ombudsman activity for Ceredigion, as well as for other Council’s across Wales.

 

This was the fourth consecutive report where there had been no Ombudsman investigations commenced or formal reports issued in relation to complaints made against the Council.  Whilst there were fewer Ombudsman referrals during this reporting year, the Council had a consistently high rate of Early Resolution/Voluntary Settlements. 

It was therefore acknowledged that challenges remain in relation to the complexity of complaints received, a general increase in activity surrounding complaints, FOI, Ombudsman referrals and referrals to the Information Commissioner’s Office (ICO), as well as the challenges associated with the delivery of the Complaints and FOI Team itself.  These challenges had inevitably had an impact on the Council’s ability to meet its performance objectives in relation to prescribed timescales.

 

In brief it was reported, that:

465 Compliments were received

403 Enquiries were processed by the Complaints & FOI Service

144 Complaints were received: Stage 1 = 96 Stage 2 = 48

  35 ‘Contacts’ received via the Public Services Ombudsman for Wales

882 FOI & EIR requests processed by the Complaints & FOI Service

 

In summary, it was reported that:-

•There were significantly more Compliments received during this reporting period.  Improving the way that compliments were captured remains a piece of work that the Complaints and FOI Team needs to undertake, but that was being delayed due to capacity constraints.

 

•The service received a greater number of enquiries – many of which were either allocated back to the service areas to resolve pro-actively, or formal responses were required in order to explain why such matters could not be dealt with under the complaints procedures.  

 

•It was worth noting that the number of complaints received by the Council was the third lowest in Wales.

 

•A great deal of work was needed to prevent Stage 1 complaints from escalating to Stage 2 unnecessarily on account that it had not been possible to respond within the prescribed timescale of ten-working-days. 

•Compliance with timescales under Stage 2 also requires attention, as do the shortcomings in complaints handling that were referred to the Ombudsman.  The Complaints and FOI Team continues to face challenges in meeting the demands of rises in the numbers of compliments, complaints, and FOI activity. 

 

•there were fewer Ombudsman  ...  view the full minutes text for item 12.

13.

Ceredigion County Council Draft Self-Assessment pdf icon PDF 8 MB

Minutes:

Part 6 of the Local Government and Elections (Wales) Act 2021 introduced a new Self-Assessment based performance regime for Principal Councils.

 

The new performance regime was intended to build and support a culture in which councils continuously seek to improve and do better in everything they do, regardless of how well they were performing already. It was the expectation of the Act that councils would always be striving to achieve more and seek to ensure best outcomes for local people and communities. One way of doing this was to continuously challenge the status quo and ask questions about how they were operating.

 

There were 5 specific duties for Councils introduced by the Act:

 

•Duty to keep performance under review

•Duty to consult on performance

•Duty to report on performance

•Duty to arrange a Panel Performance Assessment

•Duty to respond to a Panel Performance Assessment

 

The Act sets also out the integral role that the Governance and Audit Committee play in the Self-Assessment Process. This role involves the Committee:

 

•Receiving the Council’s draft Self-Assessment Report

 

•Reviewing the draft Self-Assessment Report and making recommendations on the conclusions or actions the Council intends to take

 

•Receiving the final Self-Assessment report when it was published, including commentary on why its recommendations are accepted or not accepted. 

 

Currently, the Draft Self-Assessment Report had now been produced and was presented to the Committee for consideration.

 

The Report had been developed by assessing a wide variety of evidence including internal reports and reviews, external regulatory and inspection reports and crucially engagement and consultation activities. The Council adopted a set of key questions or “Key Lines of Enquiry” to ensure the process was focused on outcomes, the organisation-wide view of performance and was evidence-based. Workshops were run during April and May with Members and Officers of the Council to evaluate current performance, the opportunities that exist for improvement and the specific actions we intend to take. The findings were recorded in the Self-Assessment Matrix document which was used to help produce the Self-Assessment Report and Action plan, and was available on request.

 

Although the Self-Assessment Report was the key output from the process the work on improving outcomes was an ongoing year-round activity. Throughout the year we conduct consultation in support of self-assessment, we collate evidence to inform the workshops, deliver the actions in the Self-Assessment action plan and  monitor the progress towards completion.

 

It is important to note that the Report discharges the requirements of both:

•The Local Government and Elections (Wales) Act 2021 – the duty to report on performance

•The Well-being of Future Generations (Wales) Act 2015 – to set and review progress against our Corporate Well-being Objectives

 

 

Part of the new Self-Assessment Performance Regime was the duty to undertake a Panel Performance Assessment once in every election cycle.

Panel Assessments were intended to provide an independent and external perspective of the extent to which the Council was meeting the performance requirements of the Local Government and Elections (Wales) Act 2021. The aim was to  ...  view the full minutes text for item 13.

14.

Corporate Risk Register pdf icon PDF 4 MB

Minutes:

Regular reports were provided to the Governance and Audit Committee regarding the Council’s Corporate Risk Register to provide on-going information and assurance that risks identified by senior managers were managed appropriately. This reinforces the Governance and Audit Committee role of providing independent assurance to Council of the appropriate management of the Corporate Risk Register.

 

A review of the latest risk status was conducted at the LG meeting of 30 August 2023 where candidates for promotion / demotion to the Corporate Risk Register were discussed and agreed. The risk register had now been amended to include details of when and which committee last reviewed the risk, as requested at the previous Governance and Audit Committee meeting (21/06/2023).

 

De-escalated from corporate to service

R006: Through Age Well-being Programme. The risk score has decreased to 12 as the Through Age Well-being model was now more developed and consolidated. Staff, service-users and the community had a greater understanding and accept the model. The recent CIW inspection supports the model. The model had been reviewed and some revision made to enhance the effectiveness around Quality Assurance and Mental Wellbeing. The risks had been mitigated and the level of perceived risk has abated. Leadership Group agreed to de-escalate the risk to service level.

 

R017: Safeguarding. The risk score has decreased to 12 as the mitigating actions had been completed, and a corporate safeguarding group has been re-established. The service participates fully in all regional and appropriate national meetings and boards in the safeguarding arena. The safeguarding service was fully staffed following the appointment of the agency recruited Innovate team, this has resulted in a more responsive service with capacity to cope with demand. Safeguarding procedures were better embedded and have made the service more responsive. Overall, there were less

concerns about the safeguarding risks as risks were being managed appropriately. Leadership Group agreed to de-escalate the risk to service level.

 

Escalated from service to corporate

None

 

The risk score for R006: Through Age Well-being Programme, had decreased to 12.

 

The risk score for R017: Safeguarding had decreased to 12.

All other risks had been reviewed and included the revised RAG status of mitigating actions and updated commentary.

 

It was noted that Ceredigion was one of the leading Local Authorities in Wales on this issue, with an Officer from Ceredigion being a chair of the All Wales Cyber group organised by Welsh Government.

 

 

 

It was AGREED:

(i) to note the updated register as presented; and

(ii) in relation to R009: Information Management & Cyber Security Resilience the Committee requested that they would be considered as two separate risks due to the severity of Cyber-attack, this recommendation would be presented to Leadership Group for consideration;

 

15.

Draft Corporate Risk Management Policy, Strategy and Framework pdf icon PDF 2 MB

Minutes:

The Council’s Risk Management Policy, Strategy and Framework were reviewed every three years to ensure they remain up to date and fit for purpose. The latest review was conducted between December 2022 to January 2023.

 

The findings from the review had already been considered by Leadership Group and resulted in a number of updates to the Draft Risk Management Policy, Strategy and Framework. 

 

Currently, the Risk Management Policy, Strategy and Framework had been updated to reflect the findings of the review and current trends in best practice. The main updates were listed in the report as follows:-

 

                Strengthening the monitoring of service risks – service risks scoring 15 or above would be assessed quarterly by Leadership Group for escalation to the Corporate Risk Register and vice versa.

 

                Service risks would be added to the Teifi Performance Management System so that they could be updated and managed through the system.

 

                Clarified that the threshold for risks to be considered by Leadership Group to be escalated / de-escalated is 15.

 

                Clarified that Leadership Group were responsible for deciding if risks should be escalated or de-escalated

 

                Clarified the role of Internal Audit in the Policy and Framework, which was to assess and evaluate the effectiveness of actions in place to mitigate risk and provide objective assurance that risks were being managed appropriately. Additionally, Internal Audit would also provide objective assurance to Leadership Group, Governance & Audit Committee and Council on the robustness and effectiveness of the risk management procedures by including periodic reviews of the Corporate Risk Register, Service Risk Register and Corporate Risk Management procedures.

 

                Clarify that “target risk” scores should be provided to accompany the mitigating actions for risk, i.e. what score should the risk be reduced to by delivering the mitigating actions identified.

 

Following approval of the draft Risk Management document, Leadership Group decided that a consultation exercise limited to key stakeholders would take place to include members of the Governance and Audit Committee (GAC) and Zurich Insurance. Following the consultation, the final documents would be taken through the democratic process for final approval.

 

A consultation letter was sent to all members of the Governance and Audit Committee on the 30th of June, inviting written comments by the 25th August.  A detailed and useful response has been received from the Deputy Chair of GAC and was currently being considered. Zurich`s response had also been received and they offer no changes to the draft.

 

Following consideration of response/s, the risk management documents would be amended to include any required changes. The updated risk management documents would be shared with GAC at its next meeting and would then be taken through the Democratic process for approval. Any further feedback from GAC on the risk Management Policy, Strategy and Framework at that stage would be included in subsequent reports

 

Following discussion, Leadership Group do not consider that a workshop for GAC on this topic was necessary, as all members of GAC have had the opportunity to engage with  ...  view the full minutes text for item 15.

16.

Forward Work Programme pdf icon PDF 80 KB

Minutes:

It was AGREED to note the content of the Forward Work Programme subject to noting that the new Governance Officer would not be in post until the beginning of November, which could impact on the reports presented at the January 2024 meeting.

 

All Members thanked Ms Hannah Rees for her work during her time as a Governance Officer and wished her well for the future.