Agenda item

To consider the proposed Internal Audit Plan for 2026-27 which reflected a comprehensive risk assessment process, consultation with Executive Directors and Service Directors to obtain their views of key risks and areas for audit coverage. The plan would remain flexible and be reviewed during the year to ensure it remained relevant

Consideration was given to the Internal Audit Plan for 2026-27 presented by Louise Ivens, Head of Internal Audit.  The report explained Internal Audit’s approach to the development of the Plan, as well as detailing the specific activities Internal Audit planned to review during the year. It reflected a comprehensive risk assessment process including discussions with Executive Directors and Service Directors to obtain their views of key risks and areas for audit coverage.

It was designed to enable the Head of Internal Audit to give their annual opinion at the end of the year on the adequacy and effectiveness of governance, risk management and the control framework.  The Plan would remain flexible and be reviewed during the year to ensure it remained relevant.

In line with auditing standards, the proposed audit plan had been devised adopting a risk based approach using:-

-      The Council’s risk management processes and the Strategic and Directorate risk registers

-      Reports by management to the Audit Committee on the management of risks and the outcomes of external inspection reports

-      The results of previous Internal Audit work and ongoing assessment of the auditable entities within the Authority

-      Planned work deferred from 2025-26

-      Council Plan and Year Ahead Delivery Plan

-      Knowledge of existing management and control environments

-      Professional judgement on the risk of fraud or error

-      Consultation with all Directorate Leadership Teams and the Strategic Leadership Team taking into account feedback from Executive Directors, Service Directors, the Monitoring Officer and the Chief Executive

-      Awareness of relevant local and national issues

-      Regular dialogue with authorities within South and West Yorkshire helped to ensure an awareness of emerging risks within the Authority so they could be considered during audit planning

The outputs from the planning process had been prioritised to produce a plan that balanced the requirement to give an objective and evidence based opinion on aspects of governance, risk management and internal control, the time required for anti-fraud and corruption activity, the requirement for Internal Audit to add value through improving controls, streamlining processes and supporting corporate priorities and the need to retain a contingency element to remain responsive to emerging risks.

As well as identifying all of the proposed pieces of work to be carried out during the year, the plan also explained the statutory requirements for Internal Audit, described the approach and methodology adopted in producing the plan, showed the level of resources available to deliver the plan and included a contingency for responsive work.

In line with auditing standards, the plan did not become fixed once it was approved; it remained flexible and would be revised to take into account any significant emerging risks facing the Authority.  It would be subject to half year review in consultation with Executive Directors and Service Directors.

The audit plan would be delivered by the in-house team with the exception of some specialised IT audits completed by Salford City Council Technical Audit and had been based on the current establishment structure of the Team. The Internal Audit Team comprised 6.93 FTE’s (7.52 2025/26). The number of days allocated in the plan for 1st April 2026 to 31st March 2027 was 1038 days and was based on a full establishment for the Team. The number of FTE’s at the start of the year had reduced from 2025/26 due to the retirement of one member of the Team who had not yet been replaced; it was anticipated that the vacancy would be recruited to during Quarter 1 and would be a full-time position rather than the previous part-time post.  The plan was considered sufficient to allow the Head of Internal Audit to give the annual opinion at the end of the year.

There was a contingency of 75 days allowing flexibility in the plan to respond to any new risks and priorities as they emerged.

The ”very high” priority rated audits were audits that needed to be done within the financial year.  The “high” rated audits were those that the Audit Team would like to do during the year.  All the audits rated as “medium” or “low” were included on a separate list and would be revisited at the 6 monthly period to ascertain if the risk had changed.  The audit planning process included reviewing areas that had not been audited for some time.

Discussion ensued with the following issues raised/clarified:-

·       Potential duplication between Internal Audit planned activities and the housing stock activities. It was clarified that IA and other activities considered different areas so there was no duplication.

·       Confidence of successful delivery of the 2026/27 plan.  It was confirmed that there was confidence of successful delivery assuming successful recruitment to vacant positions, with recruitment processes well progressed at the time of reporting.  Nonetheless, the plan maintained the ability to flex and respond to emerging need.

·       Capacity for training new recruits whilst delivering the plan. It was confirmed that capacity for that had been considered and accounted for in the plan.

·       The derivation of the waste transformation project. It was noted that this was based on queries from Cabinet, reports and risk registers with service involvement in relation to the scope.

Resolved:- 

That the Internal Audit Plan for 2026-27 be approved.