Agenda item

Internal Audit Update Report

Report of the Chamberlain


The Sub-Committee received a report of the Chamberlain that provided Members with an update on the work of Internal Audit that has been undertaken for the City of London Police since the last report in September 2017.


The Head of Audit & Risk Management explained that all audits from 2016-17 had now been completed except for Budget Monitoring and Income Streams & Income Generation, which were both at final report stage.  He explained that Audit were now in discussion with the Commissioner regarding issues for 2017-18 audits.  He also explained that there was a further exercise to identify outstanding actions and bring back in January/February 2018.


A Member requested a clarification of the concerns referenced in paragraphs 20 and 21 of the report, regarding Police Project Management.  The Chairman explained that a major area of concern was the communication difficulties between secure and insecure environments, particularly causing difficulties between the CoLP and the City Surveyor’s department.  The Member asked whether these concerns were limited to internal communication, and asked for reassurance that there were no external risks.  The Head of Audit & Risk Management confirmed that these were just internal issues, and that they were currently being addressed.  The Deputy Chamberlain explained that, as the CoLP used a separate IT system to other departments, there was a challenge in overcoming the firewall to communicate effectively, and that this was a well-known issue.


A Member confirmed that this issue was also raised at the Audit & Risk Management Committee, where it was asked why there appeared to be a communication breakdown between the CoLP and the City Surveyors.  The Assistant Commissioner explained that the issues were not simply due to IT systems themselves, but also difficulties in determining which recipients have security clearance to receive information.  The Chairman noted that this vetting issue had been raised previously, regarding the transmission of critical information.  He requested reassurance that this was being resolved as an imperative. (3)


A Member asked for an explanation of the RED status marked on “Police Seized Goods” within the report.  The Chairman agreed that this was needed, and he also explained that there was no clear action plan illustrated within the report.  The Commissioner explained that these processes were now being handled in-house through the newly implemented NICHE system, rather than through Audit.  This has enabled issues to be addressed locally.  He explained that although they were able to action procedural changes, the resource to implement many of the recommended changes was not available.  The Assistant Commissioner explained that they had increased from monthly audit meetings to bi-monthly, from which they feedback to Audit department.  He confirmed that if they had been unable to action resolutions to any risks, then this would appear in the update that is submitted to this Sub-Committee.


A Member conceded that resource was an issue, but stated that this was not a valid excuse for elements not being checked, fed-back, tracked or audited sufficiently.


The Assistant Commissioner explained that in some cases, the CoLP were awaiting feedback on why elements were still being marked as risks.  The Head of Audit & Risk Management explained that a meeting was planned in the week commencing 4 December to confirm these.


The Head of Audit & Risk Management explained that there was a quarterly review of the recommendations and an upgrade of the audit software which enabled “auto-checking”.  This allowed live access to recommendations with the ability to upload information detailing why recommendations have been raised, and to respond with requests to approve sign off from Audit.


The Chairman asked for a list schedule to be included for recommendations to be checked off. (4)  The Assistant Commissioner explained that in cases where ratings don’t match up, sometimes discussion is required prior to its submission to this Sub-Committee.


The Chairman requested an explanation as to the issues highlighted in paragraph 5 surrounding budgetary performance monitoring.  The Deputy Chamberlain stated that there was a need to improve forecasting significantly.  The Assistant Commissioner explained that it was also necessary to recognise that Police work was inherently unpredictable, and that this would present unique budget forecasting challenges.


It was agreed that there would be a future meeting involving the Chairman, Police Authority, CoLP Chief Officers, Chamberlain and Deputy Chamberlain to discuss future scrutiny direction of this Sub-Committee in parallel to the Grand Committee.  The Deputy Chamberlain explained that this scrutiny could then feed into the Medium Term Financial Plan to ensure that funding was more predictable. (5)


The Chairman enquired as to whether areas with multiple risks marked as “AMBER” should be considered “RED” automatically.  The Head of Audit & Risk Management explained that it was very difficult to draw this conclusion by looking at the numbers.  He explained that the overall risk was determined by a holistic analysis of each area, and this ensured “RED” status was always appropriately issued.


The Chairman enquired as to how the overpayment of salaries had occurred, and requested reassurance that CoLP were confident that these types of errors were not still occurring.  The Assistant Commissioner explained that the old system on which the errors had occurred was very rigid, and assured Members that the new system was far more fluid so as to avoid these types of errors.  A Member stated that they were fairly surprised by these basic errors, and the Chairman agreed.  The Member clarified that the assurance Members sought was related not just to software capabilities, but rather to cultural approaches and procedures.  The Assistant Commissioner explained that the error referenced within the report was due to a mistake made by a new member of staff which was then not followed up in that instance.  The Deputy Chamberlain noted that budget monitoring improvements would be able to identify these errors, so it should remain something perceived to be a process issue.  The Assistant Commissioner explained that the error was in fact highlighted, so the CoLP were aware of it, but it was simply not followed up.  He suggested that it was a behavioural error, rather than a procedural issue.


The Chairman enquired as to the status of the Programme Management report, and asked if this report could be recirculated to ensure that all Members received it.  The Assistant Commissioner explained that it was not yet finalised.  The Town Clerk illustrated their confusion at the report being submitted to Audit & Risk Management Committee if it was not final.  The Head of Audit & Risk Management explained that since being submitted to the Audit & Risk Management Committee they were looking at incorporating comments and amendments before it would be considered a true final draft.  It could then be submitted to the next meeting of the sub-committee on 1 February. (6) 


The Assistant Commissioner asked if it would be beneficial to ensure that a representative of the Programme Office attended the next meeting of this Sub-Committee on 1 February 2018 to give an overview of the current programmes and projects underway. Members all agreed. (7) 


A Member noted that the report highlighted the communications issue between the CoLP and the City Surveyors.  The Assistant Commissioner explained that the issues arising from the project gateway process, meeting schedule and governance procedure not interacting effectively on Police projects was now widely recognised.  The Assistant Commissioner explained that this would be addressed at the next meeting of Policy & Resources Committee, as it had been argued that Police Accommodation and similar projects require alternative structure and governance.  He also noted that there had been difficulty in providing information to Members on important project developments via Member briefings.  The Town Clerk questioned whether the Project Management report should be perceived as an “AMBER” risk, as it was stated within the report.  The Head of Audit & Risk Management explained that although some of the risks were considered “RED”, the majority were “AMBER” and overall it was still considered “AMBER”.


RESOLVED – That the report be received.


Supporting documents: