[PDF document] Appendices to Internal Audit report (Cabinet, 24May 2004, item 14)
7 Pages
English

[PDF document] Appendices to Internal Audit report (Cabinet, 24May 2004, item 14)

-

Downloading requires you to have access to the YouScribe library
Learn all about the services we offer

Description

Appendix 1 AUDIT WORK DELIVERED COMPARED WITH THE AUDIT PLAN Project description Planned Days days delivered SYSTEMS AUDIT Receipt, handling and banking of 20 20remittances, sundry debtors and Housing Act advances Accountancy services ** 35 30Housing Benefit & Council Tax Benefit ** 30g Improvement Grants & Loans ** 10 10House sales and right to buy 10 10 Corporate matters 20 20 Leisure – other services 10 10 Performance indicators 10 10Car park income 5 2.5 Supported housing 15 0 TOTAL SYSTEMS AUDIT 165 142.5 COMPUTER AUDIT 20 Financial management system – post 13implementation review ** Audit needs assessment 3TOTAL COMPUTER AUDIT 20 16 EXTRA WORK Key controls 10 Homelessness 15 TOTAL EXTRA WORK 25 ** Management summaries (abridged) are attached for information. Appendix 2 Internal Audit Report - Accountancy Services Management Summary (abridged) Audit Opinion Controls were generally operating satisfactorily within most areas. However, there were some concerns, which are detailed below under the respective headings. Treasury Management The review identified an example of a poor investment decision made by the external fund manager which resulted in the Council not obtaining approximately £50,000 of income which it could have reasonably expected to have earned. Although the investment was in government gilts, which was permitted under the terms of the Council’s Treasury Management Strategy, there is an ...

Subjects

Informations

Published by
Reads 18
Language English
Appendix 1
AUDIT WORK DELIVERED COMPARED WITH THE AUDIT PLAN
Project description
Planned
days
Days
delivered
SYSTEMS AUDIT
Receipt, handling and banking of
remittances, sundry debtors and Housing
Act advances
20
20
Accountancy services
**
35
30
Housing Benefit & Council Tax Benefit
**
30
30
Housing Improvement Grants & Loans
**
10
10
House sales and right to buy
10
10
Corporate matters
20
20
Leisure – other services
10
10
Performance indicators
10
10
Car park income
5
2.5
Supported housing
15
0
TOTAL SYSTEMS AUDIT
165
142.5
COMPUTER AUDIT
20
Financial management system – post
implementation review **
13
Audit needs assessment
3
TOTAL COMPUTER AUDIT
20
16
EXTRA WORK
Key controls
10
Homelessness
15
TOTAL EXTRA WORK
25
** Management summaries (abridged) are attached for information
.
Appendix 2
Internal Audit Report - Accountancy Services
Management Summary (abridged)
Audit Opinion
Controls were generally operating satisfactorily within most areas. However, there were
some concerns, which are detailed below under the respective headings.
Treasury Management
The review identified an example of a poor investment decision made by the external
fund manager which resulted in the Council not obtaining approximately £50,000 of
income which it could have reasonably expected to have earned. Although the
investment was in government gilts, which was permitted under the terms of the
Council’s Treasury Management Strategy, there is an associated risk with such
investments where market fluctuations can result in capital losses. The probable
completion of LSVT in the near future will result in a considerable sum being available
for investment and it was felt that the structure, content and formal distribution of
investment reporting needed re-evaluating.
Control Accounts
Although considerable progress had been made since the previous audit in reconciling
the major control accounts on a regular basis, this process is still not adequately
structured and monitored and there are few formal written procedures in place.
Banking
No formal written evidence could be provided during the audit of either the
Council’s current bank facilities or the agreement to the 2 year extension to the
banking contract.
Asset Register
The Asset Register was not currently being used to process monthly depreciation
charges and only one member of staff had received training in how to access and use
the system.
Main Accounting System
Controls over the administration of the main accounting system were generally found to
be adequate. There is a need however to substantiate the procedures for authorising
new codes.
Recommendations
Priority
rating
Number of
recommendations
High
4
Medium
8
Low
1
The recommendations rated as high priority are:
Treasury Management
The structure, content and formal circulation of investment reports
both internal and external need to be re-evaluated in anticipation of
LSVT.
The Council must ensure that a prudent approach to investments is
adopted and monitored. In particular, funds under external
management should focus on an appropriate spread of risk.
Control Accounts
The ‘Reconciliation Schedule’ currently in use must be completed on
a more formal structured basis. In particular, officers performing
reconciliations must ensure that the schedule is signed and dated
when the reconciliation is completed. The ‘Reconciliation Schedule’
should be signed by the officer responsible for the reconciliation
process and by the Principal Accountant.
Formal written procedures should be prepared describing what steps
need to be taken to carry out each control account reconciliation
including any documentation or reports required
.
Internal Audit Report – Housing Benefit and Council Tax Benefit
Management Summary (abridged)
Audit Opinion
Whilst controls were generally operating satisfactorily within most areas, particularly
over the assessment process and the fraud investigation service, there were some
concerns which require management attention.
The system of file checking had been allowed to lapse in 2003/4 and should be
reintroduced as a matter of priority.
There was a failure to promptly identify unpresented cheques, more than often waiting
until they became out of date and this is an issue which will acquire even more
importance when the review periods for claims are relaxed in 2004/5.
Although now being addressed, there is a need for improved controls over the recovery
and reporting of overpayment debts.
Although it is acknowledged that reconciliation procedures are in place between the
benefits system and the general ledger there is a need to formally document and
regularise this process, including the introduction of an independent check in order to
confirm its accuracy.
Recommendations
Priority
rating
Number of
recommendations
High
4
Medium
4
Low
1
The recommendations rated as high priority are:
A regular systematic checking of a sample of claims back to
supporting evidence should be introduced as soon as possible. This
checking process should aim to cover a minimum sample coverage
of 10%.
All cheques still unpresented after a maximum of 4 weeks must be
identified and the reasons for not having been cashed, fully
investigated. To help this process, the possibility of using a report
from the IBS system should be investigated.
The Council must ensure that adequate resources are made available
and appropriate action taken to improve recovery performance of
benefit overpayment debts.
The introduction of a formal monitoring
system must be adopted as soon as possible.
Formal documentation should be prepared to record the
reconciliation process between the housing benefits system and the
general ledger/council tax systems. This documentation should
include:
a) written procedures detailing the reconciliation process;
b) a formal review and signing off procedure involving another
officer;
c) standard documents to record the results of the
reconciliation.
Internal Audit Report – Housing Improvement Grants and Loans
Management Summary (abridged)
Audit opinion
Controls were generally operating satisfactorily with regards the processing of housing
improvement grants, under the previous legislation.
An approved Policy Document has been established and publicised in accordance with
statutory requirements, although there is a need to establish a clear protocol for dealing
with any potential breaches in the loan conditions. However, since no loans had actually
been processed, compliance with specified controls could not be tested.
Some unforeseen matters, particularly legal issues regarding the wording of the
application forms and offer letters, have delayed the implementation of the Policy. That
has created a situation where, 3 ½ months after the new policy came into effect, no
loans have been processed under the new guidelines. This has prevented potential
applicants from receiving the financial assistance to which they may have been entitled
and could result in a budget under spend
for the current financial year, although precise
details were unknown at the time of audit.
Other weaknesses identified related to the lack of timely reconciliations and
verification
thereof, between expenditure appearing on the FLARE system in Environmental Health
and the Financial Management system (Integra), the approval process for approving
additional costs for unforeseen works and the need to notify applicants that the Council
is not responsible for any shortcomings of any contractors it has suggested for carrying
out any works.
Recommendations
Priority
rating
Number of
recommendations
High
0
Medium
6
Low
1
Internal Audit Report – Financial Management system – post implementation
review
Management Summary (abridged)
Audit opinion
The main barriers preventing the success of the project are:
Staff resistance to change;
Not tailoring training needs to different levels of user; and
The need to review existing processes.
However, if these issues are resolved, the remaining modules and functionality
should be implemented.
The project set up to manage the implementation of the new Financial System
appeared initially to be well controlled. However, when the project was examined in
depth, it became clear that a number of project management areas had not been
carried out at all or had not been carried out during the early stages of the project
when they should have been, such as budget monitoring.
Internal Audit have been
informed that there was an issue regarding the initial Project Manager, who was
removed from the project when problems concerning the technical aspects of the
project emerged, and that this affected the level of monitoring carried out on the
Project documentation.
There were also three Heads of Financial Services during
the overall period of the project, two during the implementation stage, which affected
the constitution of the Project Board and caused uncertainty over project ownership.
Internal Audit were informed during the review that the new system had not been
well received by the users, key modules have not yet been implemented and that
the expected benefits had not been realised.
It is Internal Audit's opinion that the
tendering and selection process had been carried out as carefully as possible and
that the choice of supplier has not been responsible for the majority of the problems
experienced.
Although, there is a Project Management Standard, the standard was not always
followed and where it was followed, there are incidences where the documentation
was produced but not used to manage the project.
The risks identified in the
Business Case is an example of this.
In addition, although Internal Audit
understood that the project had been managed using PRINCE2, the review found
that the Project Management Standard formed the basis of the project methodology
used and that it does not fully conform to PRINCE2 principles.
Recommendations
Priority rating Number of
recommendations
High
18
Medium
8
Low
1
The recommendations rated as high priority are:
Risks identified during a project should be reviewed regularly to
ensure that the risk is being managed effectively.
A review of the benefits achieved should be carried out in order to
identify and enable communication of the positive achievements.
Communication to staff should be carried out regularly, using
different methods, to ensure that user buy-in is maintained.
Once the actual benefits have been identified, they should be
compared to the expected benefits and any gaps identified.
The benefits which have not been achieved should be examined in
order to identify areas where the most benefits are to be gained
The project plan and budget should be monitored by the Project
Manager throughout the project.
Internal Audit recognise that the Project Manager was changed
during the course of the project, which uncovered poor management
practices.
However, it is important that the Project Board are
satisfied that such monitoring is taking place in the first place.
The project target should be realistic and take account of the work
required or the resources available.
Exception reports should be used for any issue which significantly
impacts the project.
The report should contain the issue, the
reasons why, the impact on the project and options for the Project
Board to consider.
Acceptance criteria should be established at the beginning of the
project and agreed by the Project Board to ensure that the delivered
product meets the criteria before the product is accepted.
Before the system is accepted, the Project Manager should ensure
that sufficient testing has been undertaken to ensure that the system
meets with the agreed acceptance criteria.
Differences between the delivered system and that stated in the
acceptance criteria should be documented and reported to the
Project Board along with explanations and recommendations for
further action.
An issues log should be kept of all issues which arise during the
project.
The log should contain details of the issue, who raised it, its
severity or impact on the project and the action taken to resolve it.
System acceptance should be clearly signed off by the Project Board
or nominated individual.
A quality plan should be produced for every project to ensure that
the project receives the appropriate quality assurance.
In addition, a
communication plan helps to ensure that the necessary
communication takes place at the right time.
Lessons learnt should be communicated to future projects by the
Head of E-Government.
The work processes of the Finance team should be reviewed in order
to align them more closely to the Integra system.
Reports of critical or unusual transactions from the audit trail should
be obtained and monitored regularly, including System
Administrator events, to ensure that any unusual or fraudulent
events are identified.
The Council should consider whether the network password policy
should be amended in line with best practice, which is enforced
change every 30 days and preventing re-use of passwords.