NORTH YORKSHIRE COUNCIL
AUDIT COMMITTEE
23 September 2024
INTERNAL AUDIT AND COUNTER FRAUD PROGRESS REPORT
1.0 PURPOSE OF THE REPORT
|
2.0 BACKGROUND
2.1 The work of internal audit is governed by the Accounts and Audit Regulations 2015 and the Public Sector Internal Audit Standards (PSIAS). The Council has formalised its arrangements for internal audit within an Audit Charter, which was approved by the Audit Committee in March 2023. In accordance with these standards and the Audit Charter, the Head of Internal Audit is required to report to the Council on the programme of internal audit work and to highlight any emerging significant risks and/or control issues.
3.0 PROGRESS
Internal Audit
3.1 The 2024/25 internal audit work programme was approved by this Committee at its meeting on 23 June 2024.
3.2 Annex 1 to this report provides an update on the progress made in the period to 31 August 2024, to complete the work programme. This annex includes a summary of completed audits and work in progress.
3.3 Five audits have been finalised since our last report to the Committee, and a further three audits are at the draft report stage. Twelve audits are in progress with half of these nearing the final stages of fieldwork at the time of writing this report. A further sixteen audits are at the planning stage and due to be undertaken in the next quarter along with some other assurance work.
Counter Fraud
3.5 To date, 164 cases of suspected fraud have been reported to the counter fraud team. Seventy-five investigations have been completed and savings achieved by the Council as a result of the team’s work have been over £178.9k.
3.6 The Public Sector Fraud Authority (PSFA) has invited Veritau to join a new “Community of Practice”. The fraud team will represent the Council in this forum which aims to share best practice on preventing and detecting fraud across central and local government.
Information Governance
3.7 Veritau’s Information Governance Team (IGT) continues to handle a significant number of information requests received in accordance with the Freedom of Information Act 2000 (FOI) and Data Protection Act 2018 (DPA). The number of FOI requests received in the 5 months to 31 August 2024 was 822 compared with 766 received during the corresponding period in 2023/24 (a 7.3% increase). The number of requests received in 2024/25 and answered within 20 working days is currently 85% (2023/24 – 76%). The IGT also coordinates the Council’s subject access requests (SARs) and has received 192 such requests between 1 April 2024 and 31 August 2024 compared to 139 requests received during the corresponding period in 2023/24 (a 38% increase).
3.8 Veritau acts as the Council’s Data Protection Officer and provides advice and support to the Council on all aspect of data protection. The IGT also reviews compliance with the legislation and liaises with the regulator, the Information Commissioner’s Office (ICO). Other work includes reviewing data protection impact assessments, preparing data sharing agreements, recording data security incidents and investigating serious data security incidents. Further details about the work of the IGT will be included in the annual information governance report.
4.0 IMPLICATIONS
4.1 This report is for information only. There are no local member, financial, human resources, legal, equalities or climate change implications.
5.0 RECOMMENDATIONS
5.1 Members are asked to note the progress made in delivering the 2024/25 Internal Audit programme of work and the other assurance related services provided by Veritau. |
MAX THOMAS
Head of Internal Audit
Report prepared and presented by Max Thomas, Head of Internal Audit
Veritau - Assurance Services for the Public Sector
County Hall
Northallerton
31 August 2024