Agenda and minutes

None.

None.

Caroline Whitby declared a personal interest in relation to item 14, specifically risk item 19.

It was AGREED to confirm as a true record the Minutes of the Meeting of the Committee held on 27 September 2023 subject to a point of accuracy in item 10 which should note the numbering as iv. Instead of vi.

Matters arising

The Chair noted that in relation to item 10, he and the Vice-Chair had met the Chief Executive, and that it had been confirmed that the request for a report to the Governance and Audit Committee was not endorsed.  It was confirmed that any such matters should be considered by the relevant Overview and Scrutiny Committee for them to consider what actions should be taken. He noted that had this advice been given to the Committee at the time, that he would have been happy to accept this. 

Elin Prysor confirmed that this item has been referred to the Chair of the Learning Communities Overview and Scrutiny Committee for consideration at its meeting dated 9 May 2024, and is included in the action log.

Relevant Cabinet member to be informed

The Chair noted a reference on page 2 of the minutes to an agreement that the Governance and Audit Committee would be involved in the budget workshop, however this did not happen, and he would be looking to rectify this in the future.

Consideration was given to the Governance and Audit Committee Meeting Actions Log which provides details of progress on each action.  It was noted that 9 actions are complete, number 4 is included on the agenda, and that the item relating to the Museum is currently in progress.

Mr Alan Davies noted an error on the title of the document which refers to 2022-23 and should be 2023-2024.

It was AGREED to note the content as presented and to amend the title of the document.

Consideration was given to the Regulatory and Inspectorate Reports and Council Responses. 

Jason Blewitt from Audit Wales noted that Audit of the Council’s 2022-23 Statement of Accounts were now complete and due to be reported to the Governance and Audit Committee and to Council on 6 February 2024, and signed-off by the Auditor General on the 7^th February 2024.  The Annual Returns for the Ceredigion Harbour reports, Growing Mid Wales and Corporate Joint Committee are now also complete, and will be reported to various committees and signed off by the Auditor General on 7^th February 2024.  The Audit of the Council’s 2022-23 Grants and Returns are ongoing and they hope to complete this work by the end of February 2024.

The Chair asked whether Audit Wales resources issues have now been resolved, and Mr Jason Blewitt confirmed that they have now caught up with the work and that in accordance with the 3 year plan to 2024-25. Audit Wales aims to sign off the next Statement of Accounts by 30 November 2024, and by 30 September of the following year, reliant on the Council’s timetable.

Non Jenkins from Audit Wales noted that they would be providing an update soon upon the Performance Audit work, confirming that they have now finalised the Assurance and Risk Assessment work for 2022-23 and that they are working on 2023-24.  The final report will be presented at the next meeting.  In terms of the thematic review of Unscheduled Care, she noted that this is a major piece of work which is now nearing completion and apologised for the delay in delivering this work.  She noted that the reports relating to the thematic review of Digital and the Planning review follow up are included on today’s agenda, and that the Assurance and Risk Assessment, the Financial Sustainability and the Commissioning and Contract Management are in progress.

The Chair asked whether the recommendation from the review of the digital assurance would apply to all Councils.  It was confirmed that the audit is moderated across all 22 authorities, however the key findings will be published in a summary which will bring together the key findings, recommendations and bet practice.  Non Jenkins also noted that Audit Wales were pleased that the council’s responses to their comments are published together with the recommendations.

Elin Prysor provided an update on local risk work issued/published since the last Governance and Audit Committee meeting noting the following:

·       The cracks in Foundations report largely does not apply to Ceredigion;

·       The completion date for the Equality Impact Assessment is March 2024;

·       The completion date for Springing Forward was 6 December 2023 therefore the report will be presented to a future meeting;

·       That work is in progress in relation to the Setting of Wellbeing Objectives and Poverty in Wales and that it is aimed to bring these reports to Committee in September.

Mr Andrew Blackmore asked why target dates weren’t met.  Elin Prysor confirmed that this does not reflect the progress made by the  ...  view the full minutes text for item 6.

A verbal update was provided upon the Governance Framework noting that a new governance Framework will be presented to the Committee in March of this year for approval.  The review of the council’s governance arrangements is there to ensure that meeting outcomes are met based upon the CIPFA recommendations.  It was also noted that the governance framework will act as an overarching document and will replace he current Code of Local Governance. The draft versions have been shared with the Chair and Vice-Chair of the Governance and Audit Committee, and their input appreciated. 

Consideration was given to the updates to the Annual Governance Statement 2022-23 which included amendments to dates and the addition of the following text to pages 22, 28 and 29.

‘‘The Annual Report at year-end contains the results of the internal audit annual self-assessment of the service, based on CIPFA’s LG Application Note’s template. This was subject to an external peer review in May 2022, and an external assessment is planned to be repeated every five years, as required by the Public Sector Internal Audit Standards (PSIAS)’.

Councillor Bryan Davies noted that the updated Annual Governance and Audit Statement 2022-23 will be presented to the Governance and Audit Committee and to Council at their respective meetings dated 6 February 2024.

Additional text will be added (on page 22) in relation to the external assessment

It was AGREED to

i)               Note and consider its contents, and

ii)              Recommend that Council approves the Draft Annual governance Statement 2022-23

Consideration was given to the Annual Governance Statement 2023-24 progress update and Governance Framework Review 2023-24.

It was noted that a workshop was held on 6 December 2023 to consider progress on the actions set out in the 2023-24 Governance Framework Review, and that the Governance Framework Review 2023-24 will form the basis for the Annual Governance Statement 2023-24 which is due to be presented to Committee in draft form on 14 March 2024.

Elin Prysor noted that the document will reflect the updates seen in the 2022-23 document and ensure that references to policies and strategies are updated, even though they sit outside the reporting period due to subsequent and ongoing work.  References to historic actions will only remain on the document if they are needed to explain what has gone on subsequently.

It was AGREED to:

i)               Note the Annual Governance Statement 2023-24

ii)              Note the Governance Framework Review

Consideration was given to the Quarter 2 Internal Audit Progress Report. It was noted that for 2023-24, a risk assessment was undertaken in addition to information from the Council’s Corporate Risk Register, and that Internal Audit will assess its work regularly, considering the Council’s changing needs and priorities.

It was noted that there are 95 items on the plan, of which 82 were originally planned and an additional 13 reactive or new items added due to new, emerging or escalated reasons. 9 audits have been completed, with 1 remaining at a draft stage. At the end of this quarter Internal Audit will have covered 48.9% of its plan and are on target to provide opinions on all items before the end of the year.

It was noted that 4 audits were given substantial assurance. There were 5 significant actions issued in Internal Audit reports during the quarter, including Human Resources, one of which was due to the accuracy of information provided by other service areas.  This has now been addressed by means of introducing ‘Dodl’ for electronic submission, reducing errors associated with manual inputting of information.  It was also identified that one Honorarium had exceeded the 12 month maximum period due to a restructure that had been delayed by Covid. The Harbour review identified that a Mooring license has been issued despite failure to pay for the previous year, and that processes have been put in place to avoid a repetition of this.

Work has also been carried out in response to requests by Services for advice and support, such as the Members’ Declaration of Interest requested by the Monitoring Officer, and advice requested in relation to Housing Grants, governance and internal control. 

Alex Jenkins confirmed that Internal Audit staff attend regular webinars and that she has completed her Certified Internal Auditor qualification and that 2 other members of her team are nearing their final examination.

It was AGREED to note the work undertaken and current position of the Internal Audit Section.

Consideration was given to the Internal Audit Management Actions report which included details of current performance.  It was noted that this report is newly implemented following the External Quality Assessment and self-assessment undertaken by the Corporate Manager for Internal Audit during her first year in post. It was noted that there will be fewer graphs and charts as actions issued are implemented and deemed to have sufficiently addressed the issues, or that the risks have been accepted. It was noted that there are currently 18 outstanding items that have yet to be verified. This report is shared with Senior Management as Internal Audit currently do not have Audit Management software therefore Senior Management are unable to track their Internal Audit actions. It is hoped that this can be managed via Teifi or a similar system, which will provide Corporate Lead Officers and Corporate Managers with greater visibility of progress.  It was also noted that there is one outstanding action from 2020-21 relating to travelling which does not include information relating to whom it was assigned, and will need to be looked at further.

It was AGREED to note the work undertaken and current position of the Internal Audit Section.

Consideration was given to the review of the Internal Audit Charter which included the following updates for 2024-25:

·       The Governance Officer’s administrative reporting lines to the Corporate Manager – Internal Audit to maintain Internal Audit independence;

·       Internal Audit resourcing including professional qualifications;

·       New Global Internal Audit Standards; and

·       The Counter Fraud Risk Assessment & Fraud Risk Register

It was noted that there are significantly fewer updates compared to last year.

Mr Andrew Blackmore noted that he was satisfied with the structure and content of the report and asked whether there was anything that the Committee could do better in terms of their responsibilities to the Corporate Manager – Internal Audit. Alex Jenkins confirmed that the Committee’s questions are constructive and forward thinking, and that improvements have been made to pathways which has contributed to noticeable progress in terms of effectiveness and efficiencies resulting from these responses and thanked the Committee for their feedback.

It was AGREED to approve the report.

A verbal update was provided upon the Internal Audit National Fraud Initiative Self-Appraisal noting that the NFI exercise had been delayed this year due to changes in requirements for staff who undertake data matches in terms of DBS checks.  This is due to the NFI using DWP data.  It was noted that many of the Officers that undertake this work for Ceredigion County council don’t require DBS checks as it isn’t necessary for their roles. A decision has now been made to apply this check, however a delay in receiving responses from DBS are delaying the completion of the exercise further, therefore it is unlikely that the exercise will be complete by the 14 March meeting.

Mr Alan Davies confirmed that he is happy for the information to be brought to the meeting in June 2024.

Consideration was given to the Corporate Risk Register, noting that in Quarter 2, an additional risk was identified relating to the WCCIS System Software End of Life.  Councillor Bryan Davies confirmed that there has been good progress in terms of regulations and cyber security and that a new member of staff has now been appointed who has made good progress in relation to this.

A review of the latest risk status was also conducted by the Leadership Group at its meeting dated 13 December 2023.  It was noted that the aforementioned risk was escalated from service to corporate and included in the Corporate Risk Register and that none of the risks had been de-escalated from corporate to services, however the scores were amended for the following risks:

·       Medium Term Financial Plan, increasing from 20 to 25;

·       Information Management, decreasing to 16;

·       Phosphates, decreasing to 16.

Councillor Elizabeth Evans asked whether there were any capacity issues in terms of Information Management.  Alun Williams noted that when combined with cyber security, information management scored highly on the risk register, however these have now been separated as there is always a concern that one element may push up the overall score.  Separating cyber security is part of the reason why this has now come down and provides greater focus on the cyber security risk.

Councillor Maldwyn Lewis noted his concern that the lack of external funding in terms of the Medium-Term Financial Strategy is a big concern to Members.  Mr Alan Davies reiterated his disappointment that the Governance and Audit Committee has not been involved in the budgetary process, however he and the Vice-Chair had had a catch-up with the Corporate Lead Officer for Finance and Procurement a week ago, noting that there needs to be some serious thinking about the ‘so what’ implications, and that this Committee needs to be involved in the ‘so what’ conversations and the role which it has to play.

It was AGREED to note the updated Corporate Risk Register.

Consideration was given to the Council’s Risk Management Policy which is updated every 3 years. It was noted that the updated documents were considered by Leadership Group which resulted in further updates.  Consultation was also conducted with various stakeholders including members of the Governance and Audit Committee and Zurich Insurance. The main updates include:

·       Strengthening the monitoring of service risks – service risks scoring 15 or above will be assessed quarterly by Leadership Group for escalation to the Corporate Risk Register and vice versa.

·       Service risks will be added to the Teifi Performance Management System so that they can be updated and managed through the system.

·       Clarification that the threshold for risks to be considered by Leadership Group to be escalated / de-escalated is 15.

·       Clarification that Leadership Group are responsible for deciding if risks should be escalated or de-escalated.

·       Clarification the role of Internal Audit in the Policy and Framework, which is to assess and evaluate the effectiveness of actions in place to mitigate risk and provide objective assurance that risks are being managed appropriately. Additionally, Internal Audit will also provide objective assurance to Leadership Group, Governance & Audit Committee and Council on the robustness and effectiveness of the risk management procedures by including periodic reviews of the Corporate Risk Register, Service Risk Register and Corporate Risk Management procedures.

·       Clarification that “target risk” scores should be provided to accompany the mitigating actions for risk, i.e. what score should the risk be reduced to by delivering the mitigating actions identified.

The documents will now be taken through the Democratic process for decision, including any further feedback from the Governance and Audit Committee.

Alun Williams thanked Mr Andrew Blackmore for his responses which were both challenging and valuable, noting that the Council’s insurance provider, Zurich had also been involved in this process. He noted that the recommendation states that this report was to be noted, and that he had asked for this to be changed to ‘endorse’.

It was AGREED:

i)               To endorse the draft Risk Management Policy, Strategy and Framework

ii)              To note current progress and the next steps

Consideration was given to the Statutory and Non-Statutory guidance on democracy within principal councils relating to the Governance and Audit Committee, section 14.0 to 14.33.

Elin Prysor noted that this document was provided for information and consideration as to how the committee undertakes its work, and that this extract forms part of the statutory element to which Local Authorities must have regard. If the Council does not accept the guidance, it must provide reasons as to why. The extract deals with the overview, background, membership, meetings, proceedings and functions as well as a review of financial affairs, risk management and internal controls. She noted that the terms of reference are contained within the Council’s Constitution, which reflects this document.  

Elin Prysor noted that the Chair and Vice-Chair had provided feedback on this extract, and that a response is currently being prepared which will be shared with a number of Chief Officers. The guidance does not provide a definition of words, and each authority will need to interpret the guidelines to the best of their ability.

Mr Alan Davies noted that this document has raised a lot of questions and that the Committee will need to define exactly what it means.  He noted that the third bullet point refers to ‘review and scrutinise the authority’s financial affairs’, and that there needs to be clarity as to what the Welsh Government means and how this maps out with what is currently happening in the Scrutiny Committees. He noted that if this is what the Government expects of us, then we have a duty to work out what it means in practical terms and how we make it happen. Currently there are significant gaps, and we are a long way apart from this.

Councillor Wyn Evans asked where the Committee stands in terms of the democratic process.  He noted that the financial settlement is scrutinised by the democratic processes and asked what is the role of the Governance and Audit Committee. Mr Alan Davies noted that it is the democratic processes which should scrutinise, but this document suggests that the Governance and Audit Committee should be doing this.  He also reiterated his disappointment that the latest financial documents were in the public domain before it had been viewed by the Governance and Audit Committee.

Councillor Elizabeth Evans noted that the role of the Governance and Audit Committee is to gain assurances that scrutiny processes are in place, and that it is not the role of the Governance and Audit Committee to scrutinise the scrutineers, but rather to ensure that appropriate support is in place to do so.  Mr Alan Davies noted that he agreed, however the Committee needs to define, and have clear parameters.  Councillor Elizabeth Evans noted that Lowri Edwards would have information to hand on how to navigate our way through this document.

Mr Alan Davies asked that Members review the document and send their comments to Elin Prysor within 14 days in order to work out the  ...  view the full minutes text for item 16.

Consideration was given to Part 6 of the Local Government and Elections (Wales) Act 2021 which relates to the introduction of a new Self-Assessment based performance regime for Principal Councils.  Alun Williams noted that the report was brought to the Governance and Audit Committee, and that it has been through the democratic process, and finalised in line with the duties referred to in the paper.  It has been shared with Welsh Government Ministers, Estyn, CIW and the Auditor General for Wales and published on the Council’s website.  He also noted that Ceredigion will be one of the first authorities to undertake a Panel Performance Assessment, which has to take place once in every administration.

Mr Alan Davies asked if there are any anticipated costs to a Panel Performance Assessment.  Alun Williams confirmed that it is estimated to cost around £24,000, however this is a legal requirement, and hopefully it will be worth it.  Councillor Bryan Davies noted that this is an excellent tool which will be used to improve our services.

It was AGREED to note the Self-Assessment Report 2022-23 including the Annual Review of Performance and Well-being Objectives.

It was AGREED to note the content of the Forward Work Programme.

Since publishing, there have been 2 additions including:

-       Appointment of a new Governance and Audit Chair and Vice-Chair in March 2024

-       Annual Statement of Accounts in November 2024

Elin Prysor confirmed that an additional meeting of the Governance and Audit Committee will be scheduled for 11 June 2024 at 10:00am, and that all meetings will commence at 10.00am from the beginning of the 2024-25 Municipal Year.