I hereby give notice that a Risk and Audit Committee Meeting will be held on:
Date: |
Thursday, 15 August 2019 |
Time: |
at the conclusion of the Finance and Planning Meeting |
Location: |
Council Chamber 28-32 Ruataniwha Street Waipawa |
AGENDA
Risk and Audit Committee Meeting
15 August 2019
Our vision for Central Hawke’s Bay is a proud and prosperous district made up of strong communities and connected people who respect and protect our environment and celebrate our beautiful part of New Zealand.
Monique Davidson
Chief Executive
Risk and Audit Committee Meeting Agenda 15 August 2019
2 Declarations of Conflicts of Interest
5.2 Drinking Water Compliance Report
2 Declarations of Conflicts of Interest
RECOMMENDATION THAT the following standing orders are suspended for the duration of the meeting: · 20.2 Time limits on speakers · 20.5 Members may speak only once · 20.6 Limits on number of speakers And that Option C under section 21 General procedures for speaking and moving motions be used for the meeting. Standing orders are recommended to be suspended to enable members to engage in discussion in a free and frank manner. |
Risk and Audit Committee Meeting - 28 March 2019
Risk and Audit Committee Meeting Agenda 15 August 2019
MINUTES OF Central HAwkes Bay
District Council
Risk and Audit Committee Meeting
HELD AT THE Council Chamber, 28-32
Ruataniwha Street, Waipawa
ON Thursday, 28 March 2019 AT the conclusion of the Finance and Planning
meeting
PRESENT: Cr Tim Aitken
Mayor Alex Walker
Cr Gerard Minehan
Cr Brent Muggeridge
Cr David Tennent
Cr Roger Maaka
IN ATTENDANCE: Joshua Lloyd (Group Manager, Community Infrastructure and Development)
Monique Davidson (CEO)
Bronda Smith (Group Manager, Corporate Support and Services)
Doug Tate (Group Manager, Customer and Community Partnerships)
Nicola Bousfield (People and Capability Manager)
Lisa Harrison (Organisation Transformation Lead)
Leigh Collecutt (Governance and Support Officer)
1 Apologies
None
2 Declarations of Conflicts of Interest
None
3 Standing Orders
Committee Resolution Moved: Mayor Alex Walker Seconded: Cr Gerard Minehan THAT the following standing orders are suspended for the duration of the meeting: · 20.2 Time limits on speakers · 20.5 Members may speak only once · 20.6 Limits on number of speakers And that Option C under section 21 General procedures for speaking and moving motions be used for the meeting. Standing orders are recommended to be suspended to enable members to engage in discussion in a free and frank manner. Carried |
4 Confirmation of Minutes
Committee Resolution Moved: Cr Gerard Minehan Seconded: Cr Brent Muggeridge That the minutes of the Risk and Audit Committee Meeting held on 14 February 2019 as circulated, be confirmed as true and correct.
Carried |
5 Report Section
5.1 Risk and Audit Update |
PURPOSE The purpose of this report is to update the Committee of Risk and Audit activities for monitoring and review purposes.
|
Committee Resolution Moved: Cr Gerard Minehan Seconded: Mayor Alex Walker That, having considered all matters raised in the report, the report be noted.
Carried |
5.2 Adoption of the Governance Risk Register and Risk Reporting |
PURPOSE The purpose of this report is to consider and adopt the Corporate Risk Register and Risk Reporting to the Risk and Audit Committee
|
Committee Resolution Moved: Cr Tim Aitken Seconded: Cr Gerard Minehan That having considered all matters raised in the report: a) The Governance Risk Register and Risk Reporting be adopted. Carried |
· Cr Tennent asked whether consideration needed to be given to include potential building defects in the Governance Risk Register. It was confirmed that there would be other mechanisms in place to operationally manage this risk outside of this register, including using producer statements for Building Consents
· Cr Minehan highlighted that this register was a good way for risks to be proactively identified at an early stage.
5.3 Safety & Wellbeing Update |
|
PURPOSE The purpose of this report is to update the Risk & Audit Committee on Council’s Safety and Wellbeing activities, as well as the reported incidents and near misses for Council employees and strategic contracted partners.
|
|
|
6 Date of Next Meeting
Committee Resolution Moved: Cr Gerard Minehan Seconded: Cr Tim Aitken THAT the next meeting of the Risk and Audit Committee be held on 15 August 2019. Carried |
7 Time of Closure
The Meeting closed at 11.00am.
The minutes of this meeting were confirmed at the Risk and Audit Committee Meeting held on 15 August 2019.
...................................................
CHAIRPERSON
Risk and Audit Committee Meeting Agenda 15 August 2019
File Number: COU1-1408
Author: Bronda Smith, Group Manager, Corporate Support and Services
Authoriser: Monique Davidson, Chief Executive
Attachments: 1. Audit Action List Update 15-08-2019 ⇩
2. Valuation Benchmark Report ⇩
PURPOSE
The purpose of this report is to update the Committee of Risk and Audit activities for monitoring and review purposes.
That, having considered all matters raised in the report, the report be noted.
|
significance and engagement
This report is provided for information purposes only and has been assessed as being of some importance.
DISCUSSION
The Risk and Audit Committee has responsibility for the following:
Internal Control Framework and Audit
· Review whether management’s approach to maintaining an internal the internal control framework is current, sound and effective.
· Consider whether management has taken steps to embed a culture that is committed to probity and ethical behaviour.
· Review whether there are appropriate processes or systems in place to capture and effectively investigate fraud or material litigation should it be required.
· Approve the internal audit coverage and annual work plans, ensuring these plans are based on the Council's risk profile.
· Review the adequacy of management's implementation of internal audit recommendations.
· Review the internal audit charter to ensure appropriate organisational structures, authority, access, independence, resourcing and reporting arrangements are in place.
Internal Reporting
· Consider the processes for ensuring the completeness and quality of financial and operational information being provided to Council.
· Seek advice periodically from internal and external auditors regarding the completeness and quality of financial and operational information that is provided to the Council.
Risk Management
· Review whether management has in place a current and comprehensive risk management framework and associated procedures for effective identification and management of the Council's significant risks.
· Review the risk appetite established by management, ensuring the risk appetite aligns with Council’s strategy, plans and commitments to the public.
· Consider whether appropriate action is being taken by management to mitigate Council's significant risks.
· Ensure that management is kept appraised of the Council's governance body's views on uncontrolled risk.
External Reporting and Accountability
· Consider the appropriateness of the Council's existing accounting policies and principles and any proposed changes.
· Enquire of external auditors for any information that affects the quality and clarity of the Council's financial statements, and assess whether appropriate action has been taken by management.
· Satisfy itself that the financial statements are supported by appropriate management signoff on the statements and on the adequacy of the systems of internal control (i.e. letters of representation), and recommend signing of the financial statements by the Chief Executive/Mayor and adoption by Council.
· Confirm that processes are in place to ensure that financial information included in the entity's annual report is consistent with the signed financial statements.
· Satisfy itself that the Statement of Service Performance is supported by appropriate management signoff on the statement and on the adequacy of the systems of internal management and control.
· Receive and consider the Summary Financial Statements for consistency with the Annual Report.
· Confirm the terms of the appointment and engagement, including the nature and scope of the audit, timetable and fees, with the external auditor
· Receive the external audit report(s) and review action to be taken by management on significant issues and audit recommendations raised within.
Compliance with Legislation, Standards and Best Practice Guidelines
· Review the effectiveness of the system for monitoring the Council's compliance with laws (including governance legislation, regulations and associated government policies), Council's own standards, and Best Practice Guidelines.
· Receive the six monthly legal compliance report from management and review any proposed actions to address any non-compliance matters.
Long Term Plan
· Confirm the terms of appointment and engagement, including the nature and scope of the audit, timetable, and fees with the External Auditor.
· Receive and consider the contents of the LTP and the Auditors report pursuant to section 94 of the LGA 2002.
Risk Management Framework and Risk Registers
With the adoption of the Framework by Council, work commenced on the development of the Governance Level Risk Register where the governance level risks of the overall Council are considered and reported to the Risk and Audit Committee.
The Governance Risk Register and Reporting was adopted as part of the 28 March Risk and Audit Committee meeting and the first reporting of the risk activities is included as part of this Committee Meeting.
Work has commenced on the Group Operational Risk Registers and the Corporate Support and Service/CE Group Risk Register has been completed. The remaining Group Risk Registers are due for completion by 31 October 2019.
Audit Action List Update
The Audit Action List has been updated and is attached.
Civic Financial Services – Sale of Civic Assurance House
In September 2017, Civic Financial Services board had decided to sell Civic Assurance House following seismic strengthening work. This work was completed and in May 2019 the building was taken to market and has now been sold. The board has resolved to distribute the net result of $9,418,480 as a special dividend. Central Hawke’s Bay District Council will receive $23,928.40 following the deduction of imputation credits in August 2019. This income will be used to offset the Riskpool Call due on 1 July 2019.
Insurance Programme
As part of the Risk and Audit Committee work programme, a review of the insurance programme was planned to be conducted in the first 6 months of 2019. Following the changes to the committee meetings and the report being provided by AON as part of the insurance valuations and programs, this was delayed.
The placement for the “Above Ground” insurance with JLT was completed in June 2019.
Following the placement of the “Underground” insurance last year, the underwriters have indicated that in the hardening insurance market they are reviewing their existing portfolio and are requiring more detail in the data provided, to understand the risk.
An initiative by Manawatu Wanganui LASS, which will include HBLASS Councils, is developing a consistent approach across our councils in determining asset valuations for our insurance purposes and then benchmarking each Council against the approach. The review and benchmarking was undertaken by AON and the results are included as part of this report. (Note – pages with other Council individual findings and rate information has been removed.)
It has been agreed by the Councils to complete the renewal in November 2019 and review the quality of the data supplied by the Councils. Following this the long term solution will be considered.
The information for the November 2019 renewal is currently being collated and will be submitted to AON mid August.
Financial and Resourcing Implications
Any financial and resourcing implications resulting from risk mitigation measures that are outside staff delegations will be reported and require approval from the Council before being incurred. No such implications have been identified to date.
Implications ASSESSMENT
This report confirms that the matter concerned has no particular implications and has been dealt with in accordance with the Local Government Act 2002. Specifically:
· Council staff have delegated authority for any decisions made;
· Council staff have identified and assessed all reasonably practicable options for addressing the matter and considered the views and preferences of any interested or affected persons (including Māori), in proportion to the significance of the matter;
· Any decisions made will help meet the current and future needs of communities for good-quality local infrastructure, local public services, and performance of regulatory functions in a way that is most cost-effective for households and businesses;
· Unless stated above, any decisions made can be addressed through current funding under the Long-Term Plan and Annual Plan;
· Any decisions made are consistent with the Council's plans and policies; and
· No decisions have been made that would alter significantly the intended level of service provision for any significant activity undertaken by or on behalf of the Council, or would transfer the ownership or control of a strategic asset to or from the Council.
Recommendation That, having considered all matters raised in the report, the report be noted.
|
File Number: COU1-1408
Author: Josh Lloyd, Group Manager - Community Infrastructure and Development
Authoriser: Monique Davidson, Chief Executive
PURPOSE
The purpose of this report is to provide an update to the Risk and Audit Committee (the Committee) on Council’s adherence to the New Zealand Drinking Water Standards and to highlight key completed work and work in progress.
Recommendation That, having considered all matters raised in the report, the report be noted. |
significance and engagement
This report is provided for information purposes only and has been assessed as being of some importance.
DISCUSSION
Drinking Water represents one of Councils greatest risks and is prioritised accordingly in the organisation through the focus of dedicated Council and Contracting staff and through Councils investment in people, process and infrastructure.
Below is the current update to the Risk and Audit Committee as part of the overall Governance Risk Register Reporting.
The report is structured to provide an update on completed and in-progress actions and to provide an overall snapshot of Councils approach to managing the identified risks in more detail. Future reports will become more tabular providing an overview of the Council compliance work programme taken directly from Council’s own internal management systems.
Work Completed in the Period
Significant progress has been during the reporting period which for this report is considered to be the 2019 calendar year until the date of this report. For future reports it will be the period between the current and most recent prior report.
Progress in the period has been driven largely by external drivers, most notably the District Health Board appointed Drinking Water Assessors audit regime as well as the end of the compliance reporting year (30 June).
During the period the Waipawa and Waipukurau Water Safety Plans were audited by the Drinking Water Assessors. The assessors made note of the significant advancements that Council has made in it’s on the ground management of the plants through the appointment of Veolia, and also made mention of the improvement in rigor and control of Council processes and documentation. The audits made several recommendations that are all stored and monitored within the Water Safety Plans improvement registers. This makes the plans become living documents. The audits required a full re-write of both Water Safety Plans as well as the completion of over 50 improvement tasks prior to the audits taking place.
Publishing and communicating key documents has been a priority with critical processes displayed on walls in the treatment plants at the recommendation of the Drinking Water Assessors. The image below shows a ‘Critical Control Point” displayed in one of the treatment plants.
Beyond the Water Safety Plan targeted improvements, in May and June Officers and Veolia staff completed a holistic review of Council’s SCADA and telemetry systems. The intent of the review was to ensure that coded logic built into control processes is appropriate and to streamline processes and reporting. The review found several anomalies and resulted in several improvements to systems and reporting that have ensured the accuracy of processes going forward. Drinking Water Assessors were informed throughout this work.
New equipment including a provision for critical spares has been purchased to provide resilience in core systems. Back-up analytical and monitoring equipment have been purchased including chlorine analysers and telemetry hardware. New testing/sampling kits have also been purchased (shown below with new turbidity meters installed).
Year-end reports were prepared in the period and have been provided in draft to the Drinking Water Assessors. Early feedback from the assessors suggests that data anomalies will cost Council compliance for Waipawa and Waipukurau and that Bacterial (but not protozoal) compliance will be achieved for Takapau and Porangahau. A copy of the final report from the Drinking Water Assessors will be made available with the next version of this report.
Work in Progress
To add further control and efficiency to data management and reporting, work has been commissioned to fully automate all compliance reporting. This work is scheduled to be complete in October 2019. Further continuing the advances in control and confidence, Veolia will complete Operational Manuals for all treatment plants in November. A number of improvements remain in progress as tracked within the individual Water Safety Plans with most of these focussed on the development of further documentation, manuals, procedures and protocols. A key part of this work is the creation of a transgression/emergency response manual that sets out Councils approach to dealing with transgressions in the network.
Efficiencies are being sought through a review of network sampling points and frequencies and further training is booked for operators in August and September. An example of one of the newly built dedicated sampling points is shown below.
Officers are working through a process with Drinking Water Assessors to formally register the Kairakau supply that to date is not listed as registered on DHB systems (despite it being operated, maintained and reported on as a registered system for some years).
Officers and Veolia have begun work early on the development of new Water Safety Plans for the new plants at Takapau and Porangahau. Officers initially considered that these could be developed once the plants were commissioned successfully and the intricacies of running each plant better understood by engineers and operators. In July Drinking Water Assessors advised that both plants could not be commissioned until the Water Safety Plans had been created, reviewed and approved. The work to create the plans is now underway and, with considerable effort, will be completed prior to plant commissioning.
Financial and Resourcing Implications
This report is for information purposes only and has no specific financial or resourcing implications. The financial and resource costs of maintaining drinking water compliance against the compliance regime are significant and increasing.
Implications ASSESSMENT
This report confirms that the matter concerned has no particular implications and has been dealt with in accordance with the Local Government Act 2002. Specifically:
· Council staff have delegated authority for any decisions made;
· Council staff have identified and assessed all reasonably practicable options for addressing the matter and considered the views and preferences of any interested or affected persons (including Māori), in proportion to the significance of the matter;
· Any decisions made will help meet the current and future needs of communities for good-quality local infrastructure, local public services, and performance of regulatory functions in a way that is most cost-effective for households and businesses;
· Unless stated above, any decisions made can be addressed through current funding under the Long-Term Plan and Annual Plan;
· Any decisions made are consistent with the Council's plans and policies; and
· No decisions have been made that would alter significantly the intended level of service provision for any significant activity undertaken by or on behalf of the Council, or would transfer the ownership or control of a strategic asset to or from the Council.
Next Steps
Officers plan to further refine this report at the request and endorsement of the Risk and Audit Committee.
That, having considered all matters raised in the report, the report be noted. |
File Number: COUI-1408
Author: Nicola Bousfield, People and Capability Manager
Authoriser: Monique Davidson, Chief Executive
PURPOSE
The purpose of this report is to provide the Risk & Audit Committee a summary of the 2018/2019 activities in the Safety & Wellbeing space and to provide an overview of the upcoming 2019/2020 plan.
Recommendation That, having considered all matters raised in the report, the report be noted. |
significance and engagement
This report is provided for information purposes only and has been assessed as being of some importance.
DISCUSSION
HIGHLIGHTS OF SAFETY & WELLBEING 2018/2019
2018/2019 saw significant progress in the Safety & Wellbeing space, and as we look ahead to the new year, we will continue to look for opportunities to make improvements.
Safety & Wellbeing Reporting
Contractor Audits
Last year saw the decentralisation of contractor auditing which had traditionally sat as the sole responsibility of the people & safety officer. council has made purposeful steps to change the approach to safety and wellbeing, particularly in the contract management space, where employees are now are accountable for taking a collaborative approach to the safety and risk management of their contractors and it is the responsibility of all employees, not that of a single individual.
The scope of auditing has been widened to include both contractors undertaking work and audits of work sites such as the transfer stations. To increase the ease of the auditing process, an app based tool i-Auditor was introduced and rolled out for employees to complete audits in the field.
Contractor Safety Pre-Qualification
All current contractors are pre-qualified, with larger contractors subscribed through the Site Safe pre-qualification process and the smaller contractors obtaining the pre-qualification through our internal Council process.
Safety & Wellbeing Committee Refresh
The Safety & Wellbeing Committee has gone through a period of change this year, widening the scope to take a more collaborative approach and include our strategic contracting partners (Recreational Services/Veolia, Smart Environmental, Downer and Higgins) to report from their businesses and give insight and learnings.
Developing the Safety & Wellbeing Committee
We continue to look for ways to develop the Safety & wellbeing Committee members in their roles within the organisation, last year this included the Committee attending the Enhancing Mental Wellbeing Workshop “The Five Ways to Wellbeing At Work” and undertaking Health & Safety Representative Training to introduce foundational training for committee members, to increase their skills and knowledge and to understand their responsibilities as a representative.
Introduction of Community Service Leave
In hearing a common theme from employees suggesting Council could support them to volunteer their time to our community organisations, the Safety & Wellbeing Committee proposed the introduction of Community Service Leave. This leave allows employees to take up to ½ a week per annum to give their time to the community during work hours, whether it be collecting donations for the Pink Ribbon Street Appeal, or volunteering at their child’s sports day.
Introduction of the Sick Leave Bank
The Sick Leave Bank Policy was adopted last year and introduced a support framework for employees in times of extenuating circumstances, where an Employee (or their dependant) is diagnosed with an illness/serious injury that requires extensive treatment, an extended period of sick leave and has insufficient leave to cover that time off. The purpose of this policy is to provide Central Hawke’s Bay District Council Employees with a clear framework to donate and apply for additional sick leave from the Sick Leave Bank. Council is committed to supporting our greatest asset – our people, creating an inclusive culture where Employees support each other in #WhanauMatters by donating as much or as little as they can, to support each other in times of need.
Wellbeing Workshops
EAP Services (Council’s counselling service and Employee Assistance Program provider) delivered a popular series of Wellbeing Workshops throughout the year. The workshops included topics such as ‘Fatigue and Sleep,’ ‘Emotional Intelligence’ which has been linked to better health, productivity, relationships and communication and ‘Work-Life Balance’ to assist employees in implementing strategies to manage the demands of multiple commitments.
Welcoming our new People & Safety Officer
Keryn Barkle joined Council at the end of April as our new People & Safety Officer. Keryn is proving to quickly become a great asset to the team and brings a wealth of H&S experience.
Pink Shirt Day 2019
Council employees turned the office into a sea of pink to show their support on Pink Shirt Day in 17 May, to Kōrero Mai, Kōrero Atu, Mauri Tū, Mauri Ora – Speak Up, Stand Together, Stop Bullying!
Celebrated annually around the globe, in Aotearoa, Pink Shirt Day aims to create schools, workplaces and communities where all people feel safe, valued and respected.
Asbestos Liaison Protocol Hawke’s Bay
2019 saw the introduction of the Asbestos Liaison Protocol Hawke’s Bay which was developed in collaboration with the five Hawke’s Bay councils, WorkSafe and the Hawke’s Bay District Health Board.
The purpose of the Protocol is to increase public confidence in asbestos incident management by setting out processes for effective liaison between government agencies in response to asbestos-related enquiries and incidents in the Hawkes Bay area.
LOOKING AHEAD TO 2019/2020
Last year saw progress made in the Safety & Wellbeing space and as we look ahead, we recognise that we still have a lot of improvement work ahead of us. To assist in planning the priorities for the year ahead, we have partnered with IMPAC who are a leading provider of safety and risk management solutions, to complete a Gap Analysis of Council’s the health and safety risk management arrangements. This Gap Analysis will be aligned with the recently adopted Risk Framework.
Safety & Wellbeing Gap Analysis
Purpose
To complete a gap analysis of the health and safety risk management arrangements at Council. The IMPAC Gap Analysis is designed to give our organisation a quick, operationally focussed overview of strengths and opportunities for improvement related to managing health and safety risk, and the supporting organisational arrangements.
Scope
This project will focus on the health and safety related legislative duties and good practice opportunities for Council while recognising there are significant overlaps with other strategic partners.
Deliverables
The Gap Analysis will result in an operational report document to determine where Council needs to invest time, energy and resource. It will includes concise commentary, scoring and prioritised recommendations for the following key areas:
1. Policy, planning, resourcing and responsibilities
2. Leadership and worker participation
3. Governance
4. Hazard and risk management
5. Information, training and supervision
6. Worker and contractor activity management
7. Incident management
8. Health and wellness
9. Emergency management
10. Audit and review
11. Management of critical risks (includes key standards for up to 26 critical risks)
Benefits
The Gap Analysis provides the following benefits:
• An independent, specialist perspective on whether there are major gaps in our knowledge of, and ability to manage the health and safety risks in our Council
• A high-level health and safety risk profile for our Council
• An expert insight into the suitability and effectiveness of governance and management arrangements, and
• A series of prioritised recommendations setting out how to close any gaps.
Financial and Resourcing Implications
There are no financial or resourcing implications from this report.
Implications ASSESSMENT
This report confirms that the matter concerned has no particular implications and has been dealt with in accordance with the Local Government Act 2002. Specifically:
· Council staff have delegated authority for any decisions made;
· Council staff have identified and assessed all reasonably practicable options for addressing the matter and considered the views and preferences of any interested or affected persons (including Māori), in proportion to the significance of the matter;
· Any decisions made will help meet the current and future needs of communities for good-quality local infrastructure, local public services, and performance of regulatory functions in a way that is most cost-effective for households and businesses;
· Unless stated above, any decisions made can be addressed through current funding under the Long-Term Plan and Annual Plan;
· Any decisions made are consistent with the Council's plans and policies; and
· No decisions have been made that would alter significantly the intended level of service provision for any significant activity undertaken by or on behalf of the Council, or would transfer the ownership or control of a strategic asset to or from the Council.
Recommendation That, having considered all matters raised in the report, the report be noted. |
File Number: COU1-1408
Author: Bronda Smith, Group Manager, Corporate Support and Services
Authoriser: Monique Davidson, Chief Executive
Attachments: 1. Governance Risk Register Update ⇩
PURPOSE
This report is to update the Risk and Audit Committee on the progress of actions included in the Governance Risk Register.
Recommendation That, having considered all matters raised in the report, the report be noted. |
significance and engagement
This report is provided for information purposes only and has been assessed as being of some importance.
DISCUSSION
Background
Central Hawke’s Bay District Council (CHBDC) has adopted a Risk Management Framework to guide risk management activities at Council.
The Risk Management Framework (RMF) sets out Council’s Risk appetite and outlines the various roles and responsibilities within the organisation. The role of the Risk and Audit Committee is to:-
· Review whether management has in place a current, comprehensive and effective risk management framework for effective identification and management of Council’s significant risks.
· Consider whether appropriate action is being taken by Management to mitigate Council’s high and extreme risks.
· Provide guidance and governance to support significant and/or high profile elements of the risk management spectrum.
· Advise Council on matters of risk and provide objective advice and recommendations for consideration.
· To receive, on a quarterly basis, a report on the Risk Management Register of CHBDC.
· To determine, on an annual basis or more regularly depending on legislation and market forces, the risk appetite of CHBDC and to promulgate this to Council for Ratification.
CHBDC is in the early stages of a journey to embed risk management practices into the organisation. The Risk Management Framework outlines what is to be expected, in terms of the various roles and responsibilities on the basis of risk management being at a greater level of maturity, as such not every specific requirement in the policy (in particular relating to some specific reporting by some roles such as the risk lead) will be adhered to while the effort of Council and Management is to build the risk management capability within the organisation.
The reporting and the main efforts by management at this stage will focus on the initial significant risks recorded in the risk register.
The schedule of key risks identified by the Committee and Officers is included in Attachment 1. This includes the current status of the risks and commentary on any actions underway to mitigate the risks.
Attachment 2 is a extract from the Risk Framework for Reference.
Financial and Resourcing Implications
Any financial and resourcing implications resulting from risk mitigation measures that are outside staff delegations will be reported and require approval from the Council before being incurred. No such implications have been identified to date.
Implications ASSESSMENT
This report confirms that the matter concerned has no particular implications and has been dealt with in accordance with the Local Government Act 2002. Specifically:
· Council staff have delegated authority for any decisions made;
· Council staff have identified and assessed all reasonably practicable options for addressing the matter and considered the views and preferences of any interested or affected persons (including Māori), in proportion to the significance of the matter;
· Any decisions made will help meet the current and future needs of communities for good-quality local infrastructure, local public services, and performance of regulatory functions in a way that is most cost-effective for households and businesses;
· Unless stated above, any decisions made can be addressed through current funding under the Long-Term Plan and Annual Plan;
· Any decisions made are consistent with the Council's plans and policies; and
· No decisions have been made that would alter significantly the intended level of service provision for any significant activity undertaken by or on behalf of the Council, or would transfer the ownership or control of a strategic asset to or from the Council.
Recommendation That, having considered all matters raised in the report, the report be noted. |
File Number: COU1-1408
Author: Bronda Smith, Group Manager, Corporate Support and Services
Authoriser: Monique Davidson, Chief Executive
Attachments: 1. 3 Year Internal Audit Program ⇩
PURPOSE
The purpose of this report is to update the Committee on the agreed 3 Year Internal Audit Program following the completion of the previous plan
Recommendation That, having considered all matters raised in the report, the report be noted. |
significance and engagement
This report is provided for information purposes only and has been assessed as being of some importance.
DISCUSSION
The first part of delivering the Internal Audit services is the development of an Internal Audit Plan.
The Strategic Internal Audit Plan would include areas of high residual risk that may expose the Council‘s reputation and image, operational, and/or financial perspective. In addition, the Internal Audit Plan would also focus on risks that are high regardless of controls already in place, and on risks that were high before considering the control environment.
The final plan may not be solely linked to risk but may need to recognise current ‘pot-boiling’ issues. Both the rolling Strategic Audit Plan and the accompanying Annual Internal Audit Program would be presented to the Risk & Audit Committee for approval
The Risk and Audit Committee met on 1 August to discuss the recommendation from Crowe and to give feedback on the high priority areas for the following 3 years of the program.
Attached is the Internal Audit Plan based on the feedback from the workshop.
The first Internal Audit will be the review of Procurement and Purchasing. The objective of this audit will be to assess the current procurement procedures and strategies in place at Central Hawke’s Bay District Council and to identify potential improvements to the efficiency and effectiveness of procurement activities.
The second Internal Audit will be Data Analytics. The audit will perform a data analysis review that involves analysis of master file data and transaction data for payroll and vendor payments to look for any anomalies and for the detection of possible fraud.
The third Internal Audit will be Business Continuity Planning. The objective of this review will be to measure the maturity of business continuity planning at the Central Hawke’s Bay District Council in ensuring that appropriate recovery strategies are in place to mitigate risks to the continuity of core Council services and infrastructure. Although this is considered a priority by the Committee, it has been agreed that an audit would be more effective following the establishment and testing of the plan and this has been agreed by Crowe. The establishment of the Business Continuity Plan is part of the work programme for the Corporate Support and Services Group in 2019/20.
Financial and Resourcing Implications
Any financial and resourcing implications resulting from risk mitigation measures that are outside staff delegations will be reported and require approval from the Council before being incurred. No such implications have been identified to date.
Implications ASSESSMENT
This report confirms that the matter concerned has no particular implications and has been dealt with in accordance with the Local Government Act 2002. Specifically:
· Council staff have delegated authority for any decisions made;
· Council staff have identified and assessed all reasonably practicable options for addressing the matter and considered the views and preferences of any interested or affected persons (including Māori), in proportion to the significance of the matter;
· Any decisions made will help meet the current and future needs of communities for good-quality local infrastructure, local public services, and performance of regulatory functions in a way that is most cost-effective for households and businesses;
· Unless stated above, any decisions made can be addressed through current funding under the Long-Term Plan and Annual Plan;
· Any decisions made are consistent with the Council's plans and policies; and
· No decisions have been made that would alter significantly the intended level of service provision for any significant activity undertaken by or on behalf of the Council, or would transfer the ownership or control of a strategic asset to or from the Council.
Next Steps
Following this report to the Committee, the planning for the 2019/20 audit will begin.
Recommendation That, having considered all matters raised in the report, the report be noted. |
Recommendation THAT the next meeting of the Risk and Audit Committee be held on 19 September 2019. |