Agenda and minutes

Members were provided with an updated version of the Register of Regulators Reports and Recommendations.

It was highlighted that on12 January 2023, the Governance and Audit Committee received a report regarding the Register of Regulators Reports and Recommendations; during that meeting Officers stated that they would provide the Committee with feedback relating to the five national reports and one local letter. It was noted that this feedback was contained within Section A of the circulated report.

Officers mentioned that since January 2023, one national report and one local letter had been published; these were contained within Section B of the circulated report, and had since been added to the register.

The Council’s Strategic Risk Register was presented to the Committee, which sought to provide assurances that the Council was complying with its risk management policy. It was mentioned that Cabinet recently considered and noted this report at one of their recent meetings.

A discussion took place in regards to the future presentation of the risk register, and the way in which the formatting could be improved to provide for easier reading. 

The Internal Audit Progress report provided details of the internal audit work undertaken since the last Governance and Audit Committee meeting on 12 January 2023.

Members were informed that since the last meeting of the Governance and Audit Committee in January, a total of 10 reports had been issued; the conclusions of these reports could be found in Appendix 1 of the circulated report. It was mentioned that all 10 reports either had a substantial or reasonable assurance rating.

Reference was made to the report relating to Children’s Services, Emergency Payments. Officers were asked to provide information as to why the assurance rating was set as reasonable, as opposed to substantial. It was explained that the assurance ratings, which were provided following an audit, were formulated by the number of recommendations made, the likelihood that the failure to action the recommendations within six months would lead to a significant system failure, and the impact of any system failure; this information would then be put into a formula and a category rating of 1-4 would be produced, all of which linked to the assurance ratings. It was highlighted that internal audit provided a number of recommendations following the audit, in particular in relation to  several petty cash accounts which hadn’t been used in a considerable amount of time; auditors recommended that these accounts needed to be formally closed down. It was added that there were also a few reimbursements which had been long outstanding. The Committee were informed that although in general the controls were noted to be of good standard, auditors made recommendations to further enhance the controls that were in place; hence the reasonable rating, instead of the substantial rating.

Queries were made in regards to Brynamlwg Complex Health Service. Officers highlighted that Brynamlwg was a day service, operated by colleagues in Social Services, for service users with very complex health needs.

A discussion took place in regards to the report relating to Fleet – Vehicle Fuel. The circulated report stated that there was a longstanding problem whereby the Fleet Service were not consistently being notified of relevant staffing changes and where driver tags were not being returned. It was noted that internal audit provided a recommendation to the Fleet Service, in which they should undertake an exercise to cancel all of the outstanding driver tags using the information provided by Internal Audit, and update the records accordingly; it was confirmed that this recommendation was in progress. In addition, it was explained that internal audit recommended that the Fleet Service liaise with colleagues in Payroll and IT with a view to creating a report from the Council’s iTrent system, which could be generated periodically to show all staff who were in possession of a driver tag and which staff had left the Authority. It was noted that the current process was that the Accountable Manager would notify the Fleet Service when a member of staff left the Authority; however, this wasn’t always occurring.  Officers mentioned that internal audit also  ...  view the full minutes text for item 8.

Members were provided with details of the draft Internal Audit Strategy and Risk Based Plan for the period 1 April 2023 to 31 March 2024, along with the revised Internal Charter.

Because of the need to deal now with this matter contained in Minute No. 11 below, the Chairperson agreed that this could be raised at today’s meeting as an urgent item pursuant to Section 100A(4) and (5) of the Local Government Act 1972.

Reason

Due to timescale.

The Chief Digital Officer presented the Committee with the Neath Port Talbot Cyber Security Strategy.

Reference was made to the Audit Wales report ‘Learning from Cyber-Attacks’ and the recommendations Audit Wales had made. Officers provided assurances that they had reviewed the current cyber security provision and the cyber security action plan, taking into consideration the key findings and lessons learned from the Audit Wales report; they had ensured those findings were incorporated into the Councils action plan and appropriately prioritised going forward.

That pursuant to Section 100A(4) and (5) of the Local Government Act 1972, the public be excluded for the following items of business which involved the likely disclosure of exempt information as defined in Paragraph 12 and 15 of Part 4 of Schedule 12A of the above Act.

Officers provided an update on all special investigations reports issued since the last meeting; including details of all current special investigations.

RESOLVED: That the report be noted.