Councillor Derek Carnell (Vice-Chair) took the chair for this meeting and would be referred to as ‘Chair’ for the remainder of these minutes.

The Chair outlined the emergency evacuation procedure.

Councillors should not act or take decisions in order to gain financial or other material benefits for themselves, their families or friends.

The Chair will ask Members if they have any disclosable pecuniary interests (DPIs) or disclosable non-pecuniary interests (DNPIs) to declare in respect of items on the agenda. Members with a DPI in an item must leave the room for that item and may not participate in the debate or vote. 

Aside from disclosable interests, where a fair-minded and informed observer would think there was a real possibility that a Member might be biased or predetermined on an item, the Member should declare this and leave the room while that item is considered.

Members who are in any doubt about interests, bias or predetermination should contact the monitoring officer for advice prior to the meeting.

No interests were declared.

To approve the Minutes of the meeting held on 24 January 2024 (Minute Nos. 566 – 573) and the Minutes of the Extraordinary meeting held on 19 February 2024 (Minute Nos. 647 – 649) as correct records.

The Minutes of the meeting held on 24 January 2024 (Minute Nos. 566 – 573) and the Minutes of the Extraordinary meeting held on 19 February 2024 (Minute Nos. 647 – 649) were taken as read, approved and signed by the Chair as correct records.

The Head of Audit Partnership introduced the report as set out in the agenda papers.

The Chair invited Members to ask questions and make comments, and these included:

·         Concerned with the threat of cyber-attacks on Local Government and reassurance was needed that Swale Borough Council (SBC) was more secure than other Local Government organisations who had experienced these attacks;

·         concerned with the security of direct debit payments as this had been a problem with large commercial companies and worried that SBC could also be impacted as many of the payments to the Council were via direct debits;

·         there were some typos on page 14 of the report; and

·         cyber-attacks were an issue during elections.

In response, the Head of Audit Partnership acknowledged that cyber-security was a major issue and was evolving on a daily basis.  The IT team at SBC had employed a new member of staff to help deal with the situation.  She said there were reviews and action plans in place and this was one of the Council’s largest risks.  The Head of Audit Partnership noted the typos on page 14 of the report and said that the text should read as below:

·         Elections Management (then, new line)

·         Disabled Facilities Grants

·         Rev and Bens (no ‘t’).

She was aware of the cyber threat to elections and said the elections systems and processes were sound and all efforts were being made to mitigate and minimise any potential cyber-attack issues.

In terms of threats in relation to direct debits, the Director of Resources said that lessons were being learnt from other Local Authorities who had been affected by cyber-attacks.  There were always lessons to be learnt and it was not possible to be completely protected from the attacks taking place.

Resolved:

(1)      That the Internal Audit & Assurance Plan for 2024/25 be approved, delegating authority to the Head of Audit Partnership to keep the plan current as set out in the appendix to the report.

(2)      That the Head of Audit Partnership’s view that the Partnership currently had sufficient resource to deliver the Plan and a robust Head of Audit Opinion be noted.

(3)      That the Head of Audit Partnership’s assurance that the Plan was compiled independently and without inappropriate influence from management be noted.

Updated Risk Management cover report added 02.04.2024

The Head of Audit Partnership introduced the report as set out in the agenda papers.

The Chair invited Members to ask questions and make comments, and these included:

·         Clarification sought on mitigating the risks set out on pages 24 and 25 of the report;

·         the report was very well laid out with a lot of visuals;

·         suggested that more labelling on the diagrams could be beneficial; and

·         it was important that all Members looked at the information within the report, especially those parts relevant to the Committees they sat on.

In response, the Head of Audit Partnership explained that the diagrams on page 26 of the report indicated how the risks were being mitigated and the progress being made.  She acknowledged that the information could be overwhelming and drew Members’ attention to Appendix 2 in the report which gave a breakdown of what the numbers on the diagrams meant.

The Director of Resources said that risk management monitoring was within the remit of the Policy and Resources Committee as well as some of the other service committees.  She said that risk management training had been held at the beginning of the municipal year and more sessions would be held for all Members.  The Director of Resources suggested Members fed through, via their representative, to the Member Development Working Group with their training needs.  She reminded Members that there were also bite-size training sessions held prior to each Audit Committee meeting.

Resolved:

(1)      That the Committee considered the operation of the risk management framework and that their comments on the operation of the risk management framework be noted.

Matt Dean (Grant Thornton) introduced the report as set out in the agenda papers.

The Chair invited Members to ask questions and make comments, and these included:

·         Not happy with the layout of the report;

·         concerned with the implications to the Council, including costs and missed deadlines, as the audit was later than previous years;

·         clarification sought on the Council’s assets and their true value;

·         did not see the value of including information on Grant Thornton’s staff within the report and considered this deflected what the report was really about;

·         the way the information was set out needed to be changed, and did not consider the use of turquoise bullet points (page 52) was necessary;

·         the report looked like a business plan, there needed to be more facts and figures;

·         in response, considered it was beneficial to see the faces ‘behind the organisation’;

·         this process cost the Council a lot of money, but concerned that the Council was not getting value-for-money; and

·         were the auditors audited?

In response, the Director of Resources explained that the audit process was very long and there had been concerns over how long the process was ‘hanging over’ staff.  She was comfortable with the October/December 2024 deadline.  The Director of Resources said there was a scarcity of auditors who did this type of work, and the Council was now tied contractually to the company that was being used.  She clarified that the assets valuation on the balance sheet was not necessarily the sale value of the assets, and so these numbers were not realistic for sale value, and a separate valuation process was carried out when assets were held for sale.  She considered the inclusion of information on external audit staff members within the document was important and she reminded Members that some external audit staff did sometimes attend the Audit Committee.  The Director of Resources explained that the use of the bullet points within the report did not indicate any grading, and the report was set out as a plan for the year and when information would be reported back to the Committee.  She confirmed that the external auditors were audited.

Mr Dean noted the comments about the style of the report and confirmed that all audit companies were reviewed annually.

Resolved:

(1)      That the External Audit Plan 2023/24 be noted.