Minutes of Proceedings
Date: 08 October 2015
1.1 Apologies were received from Louise Mason.
2 DECLARATION OF INTERESTS
2.1 There were no declarations of interests.
3 MINUTES OF THE PREVIOUS MEETINGS
3.1 The minutes of the SARC meeting held on 19 June 2015 were approved without amendment.
4 MATTERS ARISING
4.1 SARC members noted that two action points were complete and one was ongoing. In relation to the Excess Vote resulting from Members' pension liabilities, the Accounting Officer advised SARC members that all avenues had been explored with DFP and NIAO. There is no other realistic way of dealing with the matter, other than significantly over-estimating requirements to cover fluctuations, which is not acceptable practice. Wording on the very technical nature of the issue has been communicated to the NIAO and will be included in the Comptroller and Auditor General's general report to the Public Accounts Committee. SARC members were content for the item to be removed from the action point schedule.
5 INTERNAL AUDIT ACTIVITY / ASSURANCE
5.1 Brian Moreland reported that four Internal Audit reports have been issued in final form since the SARC meeting on 19 June 2015:
• Review of Members' Expenses – Substantial
• Review of Social Media – Satisfactory
• Review of Post Contract Benefit Realisation – Satisfactory
• Review of Accounts Payable – Satisfactory
5.2 In addition, the follow-up audit in respect of the Official Report has been completed and the report issued. The assurance level remained substantial.
5.3 The final report on Members' Expenses was issued on 24 July 2015, with two recommendations, both at risk rating 3. Internal Audit arrived at a substantial level of assurance. The recommendations made related to the update of the Members' Handbook, and the publication of Members' expenses on the Assembly website.
5.4 The SARC Chair emphasised, given the BBC Spotlight programmes, the significance of the assurance level of this report and also the fact that NIAO's audit of the Assembly Accounts had focussed on some 45 MLA transactions without raising issues of concern.
5.5 SARC members also considered the Secretariat's use of trend analysis relating to MLAs' mobile phone, travel and subsistence, and utilities expenditure claims.
5.6 The final report on Social media was issued on 14 August 2015. Nine recommendations have been made; four at risk rating 2 and five at risk rating 3. Recommendations have been made in respect of staff training, monitoring of compliance, and guidance for the use of social media. The level of assurance for this assignment is satisfactory.
5.7 The final report for the Post Contract Benefits Realisation was issued on 28 August 2015, with three recommendations; two at risk rating 1 and one at rating 3. Recommendations were made in respect of certificates of performance, contract closure forms and post-contract project reports.
The assurance rating for this audit is satisfactory.
5.8 The final report in respect of the Accounts Payable audit was issued on 8 September 2015, and a total of 9 recommendations were made. Of these, one was risk rating 1, six were rated 2 and one was rated 3. Recommendations related to the supplier set up form, prompt payment targets and the printing and issue of cheque payments. The assurance rating for this audit is satisfactory.
5.9 Brian Moreland informed SARC that Internal Audits are currently in progress in respect of payroll and HR (iTrent). Terms of reference for an audit of Corporate Governance have been agreed with management, and the audit exercise has just commenced.
5.10 As reported, work in respect of the Audit plan agreed by SARC in March is progressing to schedule. The Head of Internal Audit has started initial planning for the Internal Audit Strategy and programmes for 2016-2017 onwards. This has included meetings with all Directors to confirm structures and key risks, etc. Meetings with Heads of Business will begin in September and are likely to continue well into October. As before, this planning exercise will include a Secretariat-wide risk analysis using factors from the Corporate and Directorate Risk Registers, as well as results from previous Internal and External Audits. In addition to standard considerations, such as finance, I.T., vulnerability to fraud, etc., this exercise will include an assessment of the impact on control and risk management arising from SP15+ and the Voluntary Exit Scheme.
5.11 This planning exercise will also be used to identify stand-alone audits which may usefully be included in the programme. Consideration will be given to other issues that may impact on Internal Audit resource, such as the recent consultation paper from the Independent Financial Review Panel, which, if adopted, would potentially impact on both the programme and the nature of the assurance provided. It is intended to provide SARC with a first draft of the Strategy and programme by the December meeting.
5.12 The Accounting Officer outlined his concerns in relation to the IFRP's constituency office expenditure proposals, and SARC members felt that would be appropriate for them to meet with the Panel. In light of this planned meeting, the Accounting Officer undertook to share with SARC his correspondence to the Panel on the matter.
ACTION: MEETING WITH IFRP - TONY LOGUE
ACTION: CORRESPONDENCE - TREVOR REANEY
5.13 The overall level of assurance for the period 1 April 2015 to 30 September 2015 is satisfactory and all audits have been completed in accordance with the Public Sector Internal Audit Standards (PSIAS). This assessment is based on the levels of assurance arising from individual Internal Audit assignments, the action taken by management to implement recommendations and the results of follow-up audits. Each of the audits completed to date for the 2015/16 plan has resulted in either substantial (29%) or satisfactory (71%) assurance.
5.14 The next meeting of the Inter-Parliamentary Head of Internal Audit Group is due to be held in Edinburgh in the New Year. The June meeting included discussion around physical and cyber security, and risks associated with austerity. It was agreed that Internal Audit programmes would have to take account of an environment of increased risk in certain areas combined with reduced levels of control.
5.15 Given the growth in cloud–based activities, SARC members were content for the Head of Internal Audit to explore with his colleagues in other legislatures the possibility of economies of scale through a joint procurement of cyber security audits.
ACTION: BRIAN MORELAND
5.16 No whistleblowing cases have been reported to Internal Audit to date this year.
5.17 Brian Moreland advised SARC members that updates had been sought in advance of the meeting from each of the PSNI teams with which work has been undertaken. The Head of Internal Audit had spoken with the Detective Inspector leading the investigation into travel claims and was informed that, in the absence of any evidence of criminality, no further action would be taken. The second case is still under consideration by the Prosecution Service. A decision on this case is expected around December. No further information has been made available in respect of the most recent case.
5.18 All members of the Internal Audit unit have identified relevant generic and specialist training for the year ahead.
6 "IN PROGRESS" AUDIT RECOMMENDATIONS SCHEDULE
6.1 SARC members noted the continuing high level of implementation of accepted Internal Audit recommendations, with 10 recommendations currently "in progress". They were content for recommendations 6 and 8 to be removed from the monitoring schedule.
7 RTTCWG 2013 AUDIT RECOMMENDATIONS SCHEDULE
7.1 SARC members noted that all but one of the 17 recommendations in the Report to those charged with Governance 2013 have now been fully implemented. Members were content that no further action could be taken in relation to recommendation 3, and it will be removed from future monitoring schedules.
8 OUTSTANDING AUDIT RECOMMENDATIONS SCHEDULE
8.1 SARC members noted the nil return.
9 NIAO REPORT TO THOSE CHARGED WITH GOVERNANCE
9.1 Christine Burns gave SARC members an overview of the Report to those charged with Governance 2015. The Accounts had been certified on 29 June 2015 and management responses had subsequently been received in relation to the recommendations, which covered the Excess Vote, already discussed at SARC, Procurement compliance, and the quality of the Accounts.
10 CORPORATE RISK REGISTER
10.1 SARC members noted the changes made to the contents of the Corporate Risk Register since the June 2015 SARC meeting. It was agreed that the Independent member would be provided with details of the Public Contract Regulations 2015.
ACTION: RICHARD STEWART
11 SARC TERMS OF REFERENCE (ANNUAL REVIEW)
11.1 SARC members reviewed the current wording. In the Background section, it was agreed to add a reference to the Audit and Risk Assurance Committee Handbook (NI) 2014. The Terms of Reference will then be emailed to SARC members for information.
ACTION: DAVID JOHNSTON
12 MANAGEMENT ACCOUNTS
12.1 SARC members noted the levels of expenditure to end-August 2015, including the current underspend in Secretariat General Admin Expenditure.
13.1 There was no other business. SARC members thanked Hugh Widdis for his contribution to the work of SARC and wished him well in his new role in the Department Solicitor's Office.
14 DATE OF NEXT MEETING
14.1 It was agreed that the next meeting of SARC would take place at 2.00 pm on Wednesday 16 December 2015.