FINAL IA Progress Report 24-09-2012 - Isle of Wight Committee/24-9-12/PAPER F...September 2012 Isle...

September 2012

Isle of Wight Council

FINAL Audit Committee Internal Audit ProgressReport

F - 4

APPENDIX A

ContentsSection Page

1) Introduction and Internal Audit Overview..............................................................................................................................................................................................3

2) Executive Summaries from Internal Audit Reports ...............................................................................................................................................................................5

Executive summary – Care Billing System......................................................................................................................................................................................................6

Executive summary – Commissioning Adult Individual Social Care Support & personal budgets............................................................................................................ 7

Executive summary – Big Society Aspects of Localism ..................................................................................................................................................................................8

Executive summary – Audit Committee..........................................................................................................................................................................................................9

Executive summary – Enterprise Content Management (ECM) Project .................................................................................................................................................... 10

Executive summary – Treasury Management and Bank Reconciliations ....................................................................................................................................................11

Executive summary – SAP ............................................................................................................................................................................................................................. 12

Classification on report findings .................................................................................................................................................................................................................... 13

Appendix 1 -Progress on the 2012/13 internal audit plan ............................................................................................................................................................................ 15

Appendix 2 - Internal audit performance against key performance indicators, as at 7th September 2012 ............................................................................................... 18

F - 5

3

Introduction

This report presents a summary of the activities of Internal Audit for the period March 2012 to September 2012. It provides theexecutive summaries of those internal audit reports issued since the last Audit Committee meeting and highlights progress to date onthe internal audit plan.

Internal Audit Overview

Summary of progress against Plan

Following the last Audit Committee meeting we have issued four quarter one reports as final, one as draft, with the remaining onecomplete, pending finalisation; four quarter two reports as final, one as draft, with the remaining three complete, pending finalisation.Scoping and scheduling for the majority of quarter three reviews has also been carried out. As at 7th September 2012 we havecompleted fieldwork for 38% of the 2012/13 reports, in line with our delivery plan.

Full details of progress against plan can be found in Appendix 1 within this report.

Summary of Classification

Seven reviews are covered in this report; one report issued as final, that of Children Services Monitoring and Risk ManagementArrangements, being delayed until December’s Committee meeting to enable the Director for Community Well-being and Social Careto attend. Three audits have been awarded a Medium Risk classification; three audits have been awarded a Low Risk classification.There are no High or Critical Risk reports. One review, of configured SAP permissions, was included in the 2012/13 Plan to providemore detail to the Council’s IT technical teams regarding high level issues, related to SAP permissions, identified during the fieldworkcarried out to inform our 2011/12 reviews. This report does not identify any new issues and is being used to inform remedial actionstemming from 2011/12; a follow-up review will be scheduled in quarter 1, 2013/14 to ensure that all issues have been satisfactorilyaddressed. More detail regarding this review and the status of remedial action is included in Section 2, for the purposes of reporting toAudit Committee this review has not been given a risk rating.

Full details of the findings from the reviews can be found in the executive summaries shown in Section 2.

1) Introduction and Internal Audit Overview

F - 6

4

Summary of performance against key performance indicators

We have met the key performance indicators which were within internal audit’s control in relation to providing a high quality internalaudit service to the Council.

Full details of performance against key performance indicators can be found in Appendix 2 within this report.

Additional Support

We have used various specialists to assist our auditors with their internal audit reviews.

F - 7

5

In this Section we provide the executive summaries from the seven internal audit reports that have been issued as final following thelast Audit Committee meeting. These summarise our internal control findings and conclusions. This is a change from previous practice,when only unsatisfactory opinions were considered by the Audit Committee but it brings the Council into line with the best practice atother Councils, allowing the Audit Committee to see the main findings on all internal audit reports.

2) Executive Summaries from Internal AuditReports

F - 8

6

Report classification

Medium Risk

Trend

This is the first year

in which this area

has been reviewed.

Total number of findingsCritical High Medium Low Advisory

Control design 0 0 3 0 0

Operating effectiveness 0 0 0 0 0

Total 0 0 3 0 0

Summary of findings:

The Care Billing System (CBS) was developed during 2010/11, to replace the previously used JBase Statement Billing System (SBS) and provide the functionalitynecessary to support the introduction of the new charging model for adult care services; the withdrawal of free homecare for the over 80s and charging for otherclients, based on the true cost of services and clients’ ability to pay, from April 2011. The decision to develop CBS in-house was taken for the following reasons:

Short timescales, the first iteration of the application was live within six months of development starting. The necessity of accommodating a scope which evolved during development, the decision to develop was taken in mid 2010 but Council policy regarding

charging for care services was not finalised until February 2011. The availability of in house development staff with both the knowledge and experience necessary to develop CBS.

Due to the evolving nature of the scope, management of CBS’s development was informal. However there was regular liaison between management within AdultSocial Care and development staff, with senior management being kept appraised of progress both through regular management meetings and specific CBSfocussed meetings. Elements of the application were tested on a separate test system by the intended end users of CBS, only being migrated to production once theywere signed off as functioning correctly; final adoption of the application was signed off by the Head of Adult Social Care.

Development of CBS is ongoing; specifically to ensure it adequately supports the move to personal budgets and the incorporation of enhancements as they areidentified by service areas. There are two areas where arrangements would benefit from being enhanced to ensure that CBS is appropriately controlled:

Formalising business and technical responsibilities, ensuring segregation of duties and cross skilling to minimise reliance on the skills and knowledge of singlemembers of staff. For example user management is currently carried out by operational staff and there are known to be a number of orphan privileges withinCBS. CBS should be brought into line with the approach taken with systems such as SAP, ICS and Swift. With these systems line managers request access,access is approved by process owners and effected by ICT technical staff. When staff leave the Council revocation of their access is triggered by completion ofleaver forms.

Formalising and documenting business continuity. Recovery of CBS would be covered as part of recovery of the intranet and, for the suppliers’ portal, publicfacing websites. However, due to the importance of CBS to service delivery, it should be explicitly identified and its current recovery priority re-evaluated;business continuity arrangements within teams using CBS also needs to be formalised and incorporated into team business continuity plans.

During our fieldwork we met with officers responsible for each of the areas of functionality within CBS as well as development staff and officers responsible formanaging the implementation of CBS. The application is well regarded and no significant issues stemming from missing functionality or errors within CBS wereidentified during our review. As noted above development of the application is ongoing; once structures such as business and technical ownership have beenimplemented consideration should be given to formalising change control around ongoing development, for example evidencing consideration of requested changesand their approval by the business.

Executive summary – Care Billing System

F - 9

7


Medium Risk

Trend Total number of findingsCritical High Medium Low Advisory



Total 0 0 5 0 0


The transition to care users having their own personal budgets, directly sourcing their own care is the key element of the government’s Think Local Act Personal(TLAP) initiative. Associated with personal budgets, a transformation in the way Adult Social Care is delivered is envisaged, with the Council’s role becomingprimarily to support care users, shaping the market in line with care users’ needs rather than direct service provision or commissioning. TLAP was reviewedtwice during 2011/12, fieldwork being carried out during June 2011 and February 2012. In summary the actions we agreed during 2012/13 were:

Refinement of risk and performance management arrangements, specifically to ensure that individual projects under the Customer Journey wereappropriately managed.

Finalisation of programme scope, as set out in the Customer Journey Paper and production of detailed planning to support individual projects.Since our February 2012 fieldwork progress has been made against these actions, most significantly the Customer Journey Paper, defining the Programme’s highlevel scope, was signed off by the Customer Journey Board at their 29th June 2012 meeting. An initial programme plan and a work plan template setting out theexpectations of planning at the project level, including risk management, have been produced, agreed by the Customer Journey Programme Board, althoughdetailed planning at the project level is still at an early stage in most areas. While work under the Customer Journey umbrella will continue beyond 2013, the keytarget in the next 12 months is to achieve 90% of eligible care users on personal budgets by the end of March 2013 (the terms of reference for this review identifyan 80% target, at the closing meeting we were informed that this has been raised to 90%). At the time of the fieldwork for this review, June 2012, 65% of careusers are on personal budgets, split between the preferred direct payment model and managed accounts. In order to maximise the likelihood of the 90% targetbeing met, preferably via direct payments, arrangements would benefit from attention with key potential enhancements identified as:

Finalisation of the programme plan and work plans for individual projects at the earliest opportunity. Once the scope has been finalised the critical path ofactivity up to March 2013 should be identified and carefully managed to help ensure this target is met. Considering the wider Customer Journey Programmea Programme Board is in place, its terms of reference identifying change control as its responsibility. This group will need to ensure that any change is wellmanaged, with the impact of proposed changes on the Programme’s benefits, cost, quality and timeliness being robustly managed. To maximise theproportion of care users on direct payments effort related to developing the personal budget broker’s role and budget management support should beprioritised.

Benefits defined in the Customer Journey Paper are qualitative, realisation being planned to be assessed primarily via outcome based surveys, for examplethe annual Personal Social Services Survey. Quantified metrics are in place for the Adult Social Care service, specifically in relation to the scope of thisreview, a quarterly profiled measure of the percentage of care users in receipt of a personal budget. Once the scope is finalised this area should be revisited,where possible with benefits being quantified, profiled, reported to and monitored by the Programme Board.

Statistics provided to inform this review identify that there has been limited growth in the number of care users on personal budgets during the precedingthree months; at the current rate of growth the forecast is for 69% of care users to be on personal budgets by March 2013. While Adult Social Care has beensubject to significant change, care managers being transitional in a large number of cases, performance management needs to be more robust if the 90% isgoing to be met. Specifically the detailed management information available needs to be used effectively to ensure the March 2013 target is met.

The work plan templates require project level risks to be identified and mitigated. Once these are finalised they should be managed via the Council’scorporate risk management system and managed by exception at the programme level by the Programme Board.

Executive summary – Commissioning Adult Individual Social Care Support

& personal budgets

F - 10

8


Medium Risk

Trend


in which this area

has been reviewed.




Total 0 0 5 0 0


Although the Localism Act received royal ascent on the 15th November 2011 its requirements will be introduced gradually, over the next 12 to 18 months. At this stage

much of the Act only sets out requirements at a high level, more detailed guidance being likely from central government as different elements of the Act become effective.

In summary the key elements of the Act, in scope for this review, are:

Opportunities and expectation that services will be provided differently, with the intent that this will lead to more efficient and cost effective service delivery and a

greater degree of local control.

The community right to challenge, any community group can express an interest in providing a service, if assessed as viable the Council then being required to launch

a procurement exercise.

Assets of community value, the Council will be required to maintain a register of assets of community value, along with associated processes necessary to manage the

assessment of proposed assets of community value, a challenge process, information provision and a specific timeline to be complied with if assets come onto the

market, to give community organisations every opportunity to raise the necessary funds and purchase an asset for community use.

Following the 2010 Comprehensive Spending Review and the Council’s response, as set out in the current Corporate Plan, the Council has been pursuing an agenda which

is broadly in line with the aspirations of the Localism Act, achieving a number of notable successes:

Shanklin Theatre, the Waterside Pool, Ventnor Botanic Gardens, a number of Island libraries and public conveniences are all now being run outside of the Council

with significant involvement from community groups, including town and parish councils.

A User Led Organisation (ULO) run by Age Concern is in place, compliant with requirements introduced by the Think Local Act Personal (TLAP) initiative. Direct care

provision is in the process of changing its delivery model and the Council is in the process of refining its arrangements to ensure that innovative opportunities for

delivery by, for example, the third sector are progressed wherever possible, facilitated by the prospectus approach to commissioning services.

The Council has actively engaged with Southampton City Council to identify and progress opportunities for partnership working, within both the Economy and

Environment Directorate and the education service.

Looking forward the Council needs to ensure that it develops all of its services in line with the aspirations of the localism agenda and complies with the statutory

requirements introduced by the Act. In summary, to facilitate fully realising opportunities and comply with statutory requirements, the Council needs to:

Take a more holistic approach to localism. As identified above there have been notable achievements over the last 18 months. However progress has been inconsistent,

with some areas operating in much the same way as they have historically. The first step should be put a senior officer in overall charge of leading the Council’s

response to localism. The initial piece of work should assess the impact of the Act on each of the services the Council provides and identifying how the Council should

best proceed, considering the different options available, for example social enterprises and staff led initiatives. As part of this workstream the Council should

continue to take a proactive approach to engaging with community organisations, both obvious groups, such as town and parish councils and groups which may have

specialist expertise which could improve the quality, efficiency and level of local service control, for example local business groupings.

Ensuring that arrangements are in place to comply with statutory requirements, specifically those stemming from the community right to challenge and assets of

community value elements of the Act. Officers at an appropriate level should be charged with leading the Council’s response to these statutory requirements. In the

short term the focus needs to be on understanding the requirements, particularly as more detailed guidance becomes available and managing people’s expectations.

During our fieldwork we were informed that a number of enquiries have already been received regarding assets of community value. The Council needs to clarify

responsibilities and get a process in place to manage enquires of this nature as soon as possible. During the course of our fieldwork central government have identified

that the community right to challenge will become effective at the end of June 2012, consequently implementing necessary arrangements for this area needs to be

given high priority.

Executive summary – Big Society Aspects of Localism

F - 11

9


Low Risk

Trend


in which this area

has been reviewed.




Total 0 0 0 4 0


The Audit Committee, by its own self assessment, is 85% compliant with guidance as set out in CIPFA’s ‘A Toolkit for Local Authority Audit Committees’publication. In overview:

The Committee has clear terms of reference and appropriate membership; meetings are well attended by Committee members, senior members and seniorofficers.

The Committee meets regularly, meetings are held in public, with agendas, supporting papers and minutes published in a timely manner. The Committee considers the work of internal and external auditors, risk, value for money, the annual governance statement and annual accounts.

While the Committee is substantively satisfying its remit our review has identified a number of enhancements which could potentially contribute to theCommittee further increasing its effectiveness. In overview:

Implementing measures to make the work of the Committee more proactive, for example approving rather than noting reports. Including the Committee more fully in the consultation undertaken to inform the annual Internal Audit Plan, helping to ensure that the coverage is

appropriate to the Authority’s risk profile. Providing more in depth training, specifically focussed on the purpose of the Audit Committee’s overseeing role, rather than on the function of particular

areas, for example risk management and value for money. Taking steps to source Committee members with specialist knowledge, to help ensure that the Committee has the skills necessary to best satisfy all areas

within its remit.

To help inform this review we met with the Head of Internal Audit, Committee Chair, Committee members, Scrutiny Chair and senior officers whose remitinvolves regular contact with the Committee.

Executive summary – Audit Committee

F - 12

10


Low Risk

Trend


in which this area

has been reviewed.




Total 0 0 1 2 1


The Enterprise Content Management (ECM) Project was developed in order to facilitate the transfer of electronic information management systems over to a moreproficient system that allows for effective electronic information storage whilst ensuring Local Authority compliance with legislative data managementrequirements. During this review, we assessed the Council’s approach to project management looking specifically at how management of the Enterprise ContentManagement project adheres to core project management principles such as effective work schedule, time and quality management, risk management, stakeholdermanagement, communications and reporting.

Project management principles applied by the in house Enterprise Content Management project team are thorough and appropriate. Project management is wellfacilitated by robust electronic project management tools which effectively enable the Project Lead to keep abreast of all deliverables at each stage of the project, tomanage the time allocated to deliverables and ensure that deliverables are signed off at critical stages of delivery. Maintaining project quality and managing costs issupported by a process of stagnated payments over each month of the year, with payment milestones linked to the completion of set project deliverables. Thisensures that payment for work is only made when the project deliverables have been met and allows an element of control over quality of delivery and budget.Project reporting is regular and detailed and supported by a process of challenge and scrutiny at both operational and strategy level. Evidence of regular progressreporting between contracted services and the in house project manager was provided during this review and supported by evidence of challenge wheredeliverables were not met on time or within expectations. Although the performance of external contractors was cited as an issue during this review, the in houseproject team have demonstrated a pro active approach to addressing performance concerns through regular challenge and scrutiny. The in house project teamhave also been able to retain an element of control over non performance with an agreed process of milestone related payment. A finding in relation to this issue isincluded within the body of this report but as an advisory point only.

Clear evidence of stakeholder consultation at various stages of the project was provided during this review, this was supported by evidence of ongoing progressreview with external stakeholders by way of weekly progress review meetings. These progress meetings are well supported by detailed issue logs wherein blockagesto delivery are addressed and concerns regarding project delivery raised. Change management processes were also deemed to be well managed within the contextof this project. Examples of change management requests and a process of requiring senior level authorisation prior to change of scope were also evidenced.

In summary, this review identifies four findings in relation to the effectiveness of ECM project management.

Finding 1: Although the ECM risk management process is detailed and continually reviewed, project risks are not always supported by up to date actions andtargets. Three risk actions were overdue at the time of this review. Ensuring targets are time related and overdue actions addressed would further enhance theeffectiveness of the risk management process.Finding 2: Business benefits as reported to the ICT project board do not reflect wider business benefits as defined in the original business case.Finding 3: The ICT Project Board and Electronic Services Board do not currently have up to date terms of reference. Although the purpose and focus of themeetings are understood by participants, formalising the process with terms of reference would ensure meeting agendas remain within an agreed scope.Finding 4: Conducting a project evaluation exercise with Mouchel at the end of their contract will provide an opportunity to identify lessons learnt and anyconcerns regarding the procurement of Mouchel for future projects

Executive summary – Enterprise Content Management (ECM) Project

F - 13

11


Low Risk

Trend Total number of findingsCritical High Medium Low Advisory



Total 0 0 1 5 0


The Finance Department are responsible for Treasury Management arrangements within the Council. The Treasury Management Policy is updated annually andapproved as part of the Council’s budget approval meeting. The policy sets out the Council’s annual strategy with regard to borrowing and the repayment ofexternal debt and takes account of banking, money and capital market conditions, interest rates, the CIPFA Code of Practice and prudential borrowingrequirements. The Strategy also sets out roles and responsibilities and segregation of duties. The Treasury Management Strategy was last approved by the AuditCommittee on the 21st February 2012 and Full Council on the 29th February 2012; an activity report is also presented to Audit Committee twice yearly. The Counciland Pension bank accounts are reconciled and reviewed on a monthly basis.

We found that there are adequate arrangements in place to review that the Treasury Management Strategy is achieved, for example bank, loan and investmentbalances are actively monitored. On a daily basis, the Treasury Management Assistant reviews market interest rates, forecasts the bank account and cashflowposition for the next three months through the aid of the Logotech treasury management software package. Decisions are then made regarding investing excessmoney for the short or long term. Decisions are also made to borrow money appropriately where shortfalls in liquidity are identified, to minimise the cost fromoverdrafts. We noted that Council funds are with approved counter party organisations and within defined limits.

As required by the Treasury Management Strategy, performance indicators relevant to the Treasury Management function are also reported to the FinancialServices Mini-Service Board. We also noted that there is a Treasury Management report submitted to the Audit Committee on an annual basis to highlightTreasury Management activity.

Of the two audit recommendations raised in 2011-12, one has been implemented and one is in progress with a revised target date set for implementation. Theoutstanding recommendation relates to the revision of documentation relating to the reconciliation between the Logotech Treasury Management software and SAPgeneral ledger.

From our audit fieldwork we identified the following improvements could be made to Treasury Management arrangements:

A concise set of procedure notes for each process of the Treasury Management function should be formalised, including the roles and responsibilities of staff interms of the segregation of duties;

Deal tickets for loans and advances made need to be checked to ensure that they are appropriately verified and authorised; The approval date and who the Treasury Management Strategy was approved by should be documented on the cover page of the Treasury Management

Strategy; During the next annual review of the Treasury Management Strategy, the Council should include a concise paragraph within the Treasury Management

Strategy stating that the Treasury Management function considers inflation when forecasting cashflow; Meeting minutes should be formalised for the monthly Treasury Management Group’s monthly meetings; During the next annual review of the Treasury Management Strategy, the Council will include the types of local authorities within the list of approved counter-

parties; Evidence of review should be documented for each of the bank reconciliations, including who the reviewer is and when the reconciliation has been reviewed.

Executive summary – Treasury Management and Bank Reconciliations

F - 14

12


This review provided additional detail regarding potential sensitive access and segregation of duties SAP issues, identified at a high level through a number of ourreviews undertaken during 2011/12; for example Accounts Payable, Accounts Receivable, Payroll and HR. To perform this review we used PwC’s (our co-sourceinternal audit partner) proprietary software tool, Automatic Controls Evaluator (ACE). In overview the most significant issues identified through or fieldworkwere:

A high number of users with access to a small number of sensitive transactions. A small number of users whose current access would constitute segregation of duties issues in most organisations.

In relation to the above it is important to note that how business functions are exercised will require further analysis, to identify instances where access asconfigured is a business requirement. Where this is the case appropriate compensating controls, for example regular audit trail review will need to be identifiedand implemented where this is not already the case. Our SAP specialists have already provided comprehensive verbal e feedback to IT technical staff, withsupporting outputs from ACE and high level feedback to senior management.

We were informed that subsequent to our original analysis, data provided for our review was extracted from SAP in May 2012, the Council has made the followingprogress towards enhancing the level of security within the SAP system:

The seven users that had unlimited access to all ‘Procure to Pay’ and ‘Order to Cash’ related SAP transactions have been reviewed and updated to accessonly the roles needed to carry out their task. This work is now completed.

Work is in hand to tighten a number of roles within Finance to provide only access to their appropriate roles. Work is also starting on reviewing and revising other roles within Finance, AP/AR and Shared Services to ensure it overcomes the role conflict issues

identified in the audit report.

A follow-up review will be carried out in quarter 1, 2013/14 to ensure that all issues have been successfully addressed.

Executive summary – SAP

F - 15

13

Finding rating Assessment rationale

Critical A finding that could have a:

Critical impact on operational performance; or

Critical monetary or financial statement impact (material); or

Critical breach in laws and regulations that could result in material fines or consequences; or

Critical impact on the reputation or brand of the organisation which could threaten its future viability.

High A finding that could have a:

Significant impact on operational performance or

Significant monetary or financial statement impact; or

Significant breach in laws and regulations resulting in significant fines and consequences; or

Significant impact on the reputation or brand of the organisation.

Medium A finding that could have a:

Moderate impact on operational performance; or

Moderate monetary or financial statement impact; or

Moderate breach in laws and regulations resulting in fines and consequences; or

Moderate impact on the reputation or brand of the organisation.

Low A finding that could have a:

Minor impact on the organisation’s operational performance; or

Minor monetary or financial statement impact; or

Minor breach in laws and regulations with limited consequences; or

Minor impact on the reputation of the organisation.

Advisory A finding that does not have a risk impact but has been raised to highlight areas of inefficiencies or good practice.

Classification on report findings

F - 16

Report classifications

Findings rating Points

Critical 40 points per finding

High 10 points per finding

Medium 3 points per finding

Low 1 point per finding


Low risk

Medium risk

High risk

Critical risk

14

Points

6 points or less

7– 15 points

16– 39 points

40 points and over

F - 17

15

Audit name Audit days in plan Audit dayscompleted at 7th

September 2012

Current Status Report classificationfor those auditscompleted

Benefit Payments 30 1 Planning

Care Billing System 25 25 Final Report Medium Risk

Cash and Bank 25 0 Planning

Children’s Services 30 1 Planning

Children’s Risk Management 30 30 Final Report Medium Risk

Personal budgets 35 35 Final Report Medium Risk

Audit Committee 25 25 Final Report Low Risk

Corporate PM Framework 30 1 Planning

Creditors (Accounts Payable) 25 0 Planning

Debtors (Accounts Receivable) 25 0 Planning

Enterprise Content Management 30 30 Final Report Medium Risk

General Ledger 30 0 Planning

Appendix 1 -Progress on the 2012/13 internal audit plan

F - 18

16


September 2012


HR Strategy / Workforce planning 35 35 Pending finalisation

ICT Application Support 25 0 Planning

ICT Service Levels, Performance 35 15 Pending finalisation

Insurance 25 25 Pending finalisation

IT Disaster Planning 25 3 Planning

Local Taxation (Council Tax/NNDR) 35 0 Planning

Localism Act 35 35 Final Report Medium Risk

PCI DSS 15 0 Planning

Payroll 30 0 Planning

Pensions Administration 25 1 Planning

Planning 25 25 Pending finalisation

Procurement cards 25 1 Planning

Property Assets 25 25 Draft Report

SAP Roles & Permissions 20 20 Final Report Not Applicable

F - 19

17


September 2012


Sickness absence 25 1 Planning

SWIFT Application ReplacementProject

25 0 Planning

Transfer of Fire Control 25 3 Planning

Treasury Management 35 35 Final Report Low Risk

VAT 20 20 Draft Report

Waste Management PM 25 0 Planning

Dover Park 6 0 Planning

Greenmount 6 0 Planning

Newport CE 6 0 Planning

The Bay 6 0 Planning

Gurnard 6 0 Planning

As of 7th September 2012 we have delivered 43% of planned audit days.

F - 20

18

Key performanceindicator

Be

ne

fit

Pa

ym

en

ts

Ca

re

Bil

lin

gS

ys

tem

Ca

sh

an

dB

an

k

Ch

ild

re

n’s

Se

rv

ice

s

Ch

ild

re

n’s

Ris

kM

an

ag

em

en

t

Pe

rs

on

al

bu

dg

ets

Au

dit

Co

mm

itte

e

Co

rp

or

ate

PM

Fr

am

ew

or

k

Cr

ed

ito

rs

(Ac

co

un

tsP

ay

ab

le)

De

bto

rs

(Ac

co

un

tsR

ec

eiv

ab

le)

En

ter

pr

ise

Co

nte

nt

Ma

na

ge

me

nt

Ge

ne

ra

lL

ed

ge

r

HR

Str

ate

gy

/W

or

kfo

rc

ep

lan

nin

g

ICT

Ap

pli

ca

tio

nS

up

po

rt

ICT

Se

rv

ice

Le

ve

ls,

Pe

rfo

rm

an

ce

Ins

ur

an

ce

ITD

isa

ste

rP

lan

nin

g

Lo

ca

lT

ax

ati

on

(Co

un

cil

Ta

x/N

ND

R)

Lo

ca

lis

mA

ct

PC

ID

SS

Pa

yr

oll

Pe

ns

ion

sA

dm

inis

tra

tio

n

Pla

nn

ing

Pr

oc

ur

em

en

tc

ar

ds

Pr

op

er

tyA

ss

ets

SA

PJ

ob

Ro

les

&P

er

mis

sio

ns

Scope agreed prior to fieldwork commencing? - Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y

Exit meeting held? - Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y

Draft report issued within 10 working days of

completion of exit meeting?

- Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y


receiving documentation from auditee?

- Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y

Management response received? - Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y

Final report issued within five working days of

agreement of management response?

- Y - - Y Y Y - - - Y - - - - - - - Y - - - - - - Y

Client satisfaction survey score (if received)? - 9.6 - - - - 9.6 - - - - - - - - - - - 10 - - - - - - -

Appendix 2 - Internal audit performance against key performance indicators, as at 7th

September 2012

F - 21

19

Key performanceindicator

Sic

kn

es

sa

bs

en

ce

SW

IFT

Re

pla

ce

me

nt

Pr

oje

ct

Tr

an

sfe

ro

fF

ire

Co

ntr

ol

Tr

ea

su

ry

Ma

na

ge

me

nt

VA

T

Wa

ste

Ma

na

ge

me

nt

PM

Do

ve

rP

ar

k

Gr

ee

nm

ou

nt

Ne

wp

or

tC

E

Th

eB

ay

Gu

rn

ar

d

Scope agreed prior to fieldwork commencing? - - - Y - - - - - - -

Exit meeting held? - - - Y - - - - - - -


completion of exit meeting?

- - - Y - - - - - - -


receiving documentation from auditee?

- - - Y - - - - - - -

Management response received? - - - Y - - - - - - -

Final report issued within five working days of

agreement of management response?

- - - Y - - - - - - -

Client satisfaction survey score (if received)? - - - 8.6 - - - - - - -

F - 22

Date post:	10-May-2018
Category:	Documents
Upload:	trankhanh
View:	213 times
Download:	0 times

FINAL IA Progress Report 24-09-2012 - Isle of Wight Committee/24-9-12/PAPER F...September 2012 Isle...

Documents