Agenda item

Report by the Head of Corporate and Community Services.

The Committee considered the Audit Recommendation Tracker report by the Head of Corporate and Community Services in respect of actions taken to address internal and external audit recommendations (circulated previously).

The Committee noted the following updates:

·         Table C of the report detailed the outstanding Audit Recommendations where Heads of Service had requested a revision to the due date. He took the Committee through the each of the recommendations, which were as follows:

Ø  14 AGS 02 Annual Governance Statement – Requested extension to 31^st March 2020.

Ø  15 DR 05 Disaster Recovery - Requested extension to 31^st March 2020.

Ø  15 DR 06 Disaster Recovery - Requested extension to 31^st March 2020.

Ø  17 CS 02 Cyber Security – Network security - Requested extension to 31^st March 2020.

Ø  17 CS 04 Cyber Security – Policy Development and Awareness – Requested extension date until 31^st November 2019.

Ø  16 SP 01 Severance Packages – Early Retirement Policy - Requested extension date until 30^th September 2019.

Ø  15 AH 04 – Affordable Housing - Requested extension date until 28^th June 2019.

Ø  16 BCM 07 Business Continuity Management – Testing Strategy - Requested extension date until 30^th April 2020.

Ø  17 SRR 06 Security Review Report – Policies and Procedures - Requested extension date until 31^st July 2019.

Ø  17 SRR 08 Security Review Report – Information Sharing – Requested extension date until 31^st July 2019.

The Chairman explained that the percentage bar within the tables was introduced by the previous Committee as a visual aid for Members to provide assurance that a recommendation was progressing. He added that the Committee could invite Heads of Service to the meetings to explain the reasons for the requested extension times, which would allow the Committee to challenge and provide further reassurance that the actions were on track for completion.

The Head of Corporate and Community Services added that the Committee were welcome to invite any Head of Service to attend a meeting and not just the Heads of Service with outstanding actions.

In response to a number of questions, the Head of Corporate and Community Services and Head of Resources advised the following:

·         There were no resource issues with regards to the requested extension times.

·         The target dates that were set by the Heads of Service should be realistic and achievable in an effort to avoid the requirement for extension dates.

·         The disaster recovery recommendation was a continuous process and a significant amount of work had already been undertaken.

The Committee discussed the processes involved in meeting the specified deadlines and acknowledged that delays were expected following the departure of key officers who were working on specific areas of work. There were also questions raised in relation to refusing some of the requested extensions and whether that would be an appropriate action to take.

RESOLVED:

(a)   that that the extensions to time scales requested in the Audit

       Recommendation Tracker be approved; and

(b)   that the Audit Recommendation Tracker be noted.