BOROUGH OF POOLE
AUDIT COMMITTEE
22 SEPTEMBER 2009
ESCALATION PROCEDURE FOR NON-IMPLEMENTED INTERNAL AUDIT RECOMMENDATIONS
PART OF THE PUBLISHED FORWARD PLAN: NO
STATUS: SERVICE DELIVERY INFORMATION
1. PURPOSE
1.1 The purpose of this report is to inform Members about the proposed revised procedure for escalating non-implemented Internal Audit recommendations.
2. DECISION REQUIRED
2.1 The Audit Committee is asked to note and agree the proposed revised procedure for escalating non-implemented Internal Audit recommendations.
3. BACKGROUND
3.1 Currently, a monthly follow up review is carried out by Internal Audit to assess progress made by Service Units in implementing agreed audit recommendations. Details of this review are reported to the Chief Internal Auditor, the Chief Finance Officer and the Audit Committee (as part of the Internal Audit ‘Performance and Activity’ six monthly report).
3.2 The current escalation procedure for non-implemented Internal Audit recommendations was taken to the then Community Support and Education Scrutiny Committee on 29/6/04 (now defunct). Clearly we now need to revise the process following the establishment of the Audit Committee to support its role in providing independent assurance on the internal control environment by enabling it to review and challenge any non-compliance with audit recommendations.
4. PROPOSAL
4.1 All recommendations which are due to have been implemented will be followed up by Internal Audit on a monthly basis. Where no action has been taken by a Service Unit to address an agreed recommendation, the issue will be escalated in accordance with the process set out below:
Escalation Process for Non-Implemented Recommendations
1) Monthly follow up by Internal Audit carried out. A questionnaire will be issued to the Service Unit Head to confirm the ongoing relevance and implementation status of outstanding recommendations and two weeks will be given in which to respond. Further testing will be carried out, where necessary, to verify the responses.
2) If no response is provided or the response/testing identifies that an extant recommendation has not been addressed then the Service Unit Head will be given a further two week period to within which either (a) implement the recommendation or (b) agree a revised timescale for the action to be implemented – subject to the discretion of the Chief Internal Auditor as to whether any such request is acceptable based on reasonable business need/risk assessment.
3) If no acceptable response has been received from the Service Unit Head after the two week period the Chief Internal Auditor will escalate to the Chief Finance Officer who may refer to the relevant Strategic Director for resolution.
4) If not resolved during the given follow up reporting period, the matter will be
reported to the Audit Committee for remedial action as part of the six monthly reporting cycle for follow up of recommendations. The Audit Committee may require Service Unit Heads to attend the meeting to explain the reason for failing to take the agreed action and set out what action will be taken to remedy the matter.
5. FINANCIAL IMPLICATIONS
5.1 There are no financial implications from this report.
6. LEGAL IMPLICATIONS
6.1 There are no legal implications from this report.
7. RISK MANAGEMENT IMPLICATIONS
7.1 There are no risk management implications from this report.
8. EQUALITIES IMPLICATIONS
8.1 There are no equality implications from this report.
9. CONCLUSION
9.1 A revision to the escalation process for non-implemented Internal Audit Recommendations is proposed to enable Members of the Audit Committee to fulfil their role in providing independent assurance on the Council’s internal control environment and support robust follow up arrangements.
Responsible Officer: Liz Wilkinson, Head of Financial Services
Report Author: Simon Milne, Management Auditor
Background Papers: Nil
1