AUDIT COMMITTEE MEETING 21 AUGUST, 2018 For the calendar year to 1 August 2018, Internal Audit has completed 9 or 45%

On 20 April 2018 the Audit Office published their ‘Report on Local Government 2017’ which provides guidance, and includes recommendations to councils and

the Office of Local Government, aimed at strengthening financial reporting, asset management and governance and internal controls.

Link:

https://www.audit.nsw.gov.au/publications/latest-reports/report-on-local- government-2017

Overall the observations of the AO were:

‘The quality and timeliness of financial reporting in the local government sector needs to improve,’ the Auditor-General said.

Qualified audit opinions were issued on the 2016−17 financial statements of three councils and a further 22 councils required material adjustments to correct errors in previous audited financial statements. Most of these matters related to the way councils value and account for assets.

Forty of the 140 councils required lodgement extensions past the 31 October 2017 statutory reporting deadline with one council yet to present their 2016−17 financial statements for audit’.

THSC’s 2016/17 financial statements were qualified because of matters relating to the way the council valued and accounted for its assets. It is expected that the 2017/18 financial statements will be unqualified.

Reports relevant to Local Government, issued by the AO during the period, are available at the following link. These include AO’s performance reports on Council Reporting On Service Delivery (issued February 2018), Shared Services in Local Government (issued 21 June 2018) and Fraud Controls in Local Councils (June 2018).

Link:

https://www.audit.nsw.gov.au/publications/performance-audit reports/2018-reports

AUDIT COMMITTEE MEETING 21 AUGUST, 2018

5. Regulatory Bodies

Office of Local Government (OLG)

During the period a number of OLG publications have been circulated concerning governance. These are detailed at: http://www.olg.nsw.gov.au/publications Currently a consultation draft of the Model Code of Conduct has been released (Circular 17-30). It is expected that the Code will be finalised by the end of 2018.

The OLG is also in the process of revising its 2010 guidelines concerning Internal Audit to support the implementation of s428A of the Act. It is expected that a discussion paper will be released by the OLG by the end of 2018.

Current OLG Investigations

For the information of the Committee, on 27 June 2018 the Minister for Local Government, the Hon. Gabrielle Upton MP announced a

formal Public Inquiry into Blue Mountains City Council to investigate serious allegations relating to

asbestos management and organisational governance.

The public inquiry will examine:



The track record of both the council and the councillors in dealing with asbestos management issues since 2012 including funding and co- operation with State Government agencies;



The council’s processes surrounding the employment of certain staff and contractors including those engaged to conduct independent investigations into asbestos management and employment issues;



Whether the council and councillors are facilitating a consultative and supportive working environment;



The council’s compliance with its statutory responsibilities under the Local Government Act; and



The council’s organisational structure and allocation of resources.

Once these documents and investigations are finalised they will be forwarded to the Audit Committee for their information.

Independent Commission against Corruption (ICAC)

During the period the following investigation relating to Local Government was commenced. Once the investigation is finalised the resulting report will be referred to the Audit Committee.

Link: http://www.icac.nsw.gov.au/investigations/current-investigations

Canterbury City Council - allegations concerning former councillors and other public officials (Operation Dasha)

The public inquiry in this matter will continue from Monday 6 August 2018 at the Law Enforcement Conduct Commission hearing room, Level 3, 111 Elizabeth Street, Sydney.

The ICAC is investigating allegations concerning the former Canterbury City

Council, including whether, between 2013 and 2016, public officials including

former councillors Michael Hawatt and Pierre Azzi, the former general manager,

AUDIT COMMITTEE MEETING 21 AUGUST, 2018

Jim Montague, and the former Director City Planning, Spiro Stavis, dishonestly and/or partially exercised their official functions in relation to planning proposals and/or applications under the Environmental Planning and Assessment Act 1979 concerning properties in the Canterbury City Council local area.

The ICAC is also investigating the circumstances surrounding the appointment of Mr Stavis to the role of Director City Planning, including whether, between November 2014 and January 2015, Mr Montague exercised his official functions dishonestly or partially in relation to the appointment of Mr Stavis to that role.

Further, the Commission is examining whether, between November 2014 and January 2015, councillors Hawatt and Azzi engaged in conduct that, or could have, adversely affected, either directly or indirectly, the honest or impartial exercise of Mr Montague’s official functions by expressly or impliedly threatening to cause the termination of Mr Montague’s employment unless he appointed Mr Stavis as Director City Planning.

In February 2018 the ICAC also released its guidance material

Strengthening Employment Screening Practices in the NSW Public Sector

which reinforces that recruitment remains one the highest corruption risks to Councils. This guidance is available at the following link and is currently being reviewed by the Councils HR area.

Link:

http://www.icac.nsw.gov.au/documents/preventing-corruption/cp- publications-guidelines/5050-strengthening-employment-screening-practices-in- the-nsw-public-sector/file

AUDIT COMMITTEE MEETING 21 AUGUST, 2018

Part B Summary of the Internal Audit Activity in the 2018 period

B1. Part B summarises the internal audit activity undertaken in 2018 to the date of this report.

Table 1: Outlines Year 2 (2018) of the 2017-2020 adopted Strategic Internal Audit Plan (adopted by the Audit Committee on 12/12/2016) which is the current year internal audit program:

2018 Audit Program Risk

Planned Timing (quarter

ending)

Status of the Planned Audit

at 1 August 2018

1

Governance

Aim: Undertake the annual Governance Health Check to ensure that Councils governance practices meet acceptable standards and comply with recommendations resulting from ICAC/OLG and NSW Ombudsman and other regulatory bodies. The overall rating that results from this review is reported as a quality of life indicator in the annual community report. This review has been

undertaken annually since 2005. H March 2018

2

Risk Management

Aim: Time has been allocated to allow the independent review of the key controls identified by Management in the Risk Management Module. The key controls to be

tested are those identified by Management as effective

and are therefore ‘relied upon’ to mitigate identified risk.

Testing undertaken is aimed at ensuring that the Councils reliance on the control and its assessment by

management is valid (i.e. control is effective). H Ongoing

3

Key Governance Structures i.e. Policies/

Procedures/ GIPA/ Resolutions/ Delegations/

classifications (reporting)/ complaints handling/other.

Aim: Review Councils key governance structures to ensure that they are current, implemented, are effective

and meets legislative requirements. H September

4

KPI’s (including Enterprise Agreement (EA) implementation)

Aims: Ensure that the KPI’s reported to the Community periodically are accurate and based on verifiable data.

Ensure that the Council is able to take prompt and effective action in light of changes to its environment or variation from its planned activity. Annually time will also be allocated to the review of KPI’s outlined in the Councils Enterprise Agreement to ensure that calculations are

complete, accurate and valid H September

5

Financial Statement Review

Aim: Review of the Councils Draft Financial Statements –

referred to the Audit Committee. H September

6

Special Projects/Assignments

Aim: This time is provided to ensure that Internal audit can provide a comprehensive and proactive service to the Council. The use of time is dependent on the issues that may be faced by Council or activities requested by the

General Manager/Audit Committee. H June

AUDIT COMMITTEE MEETING 21 AUGUST, 2018

7

Investigations

Aim: This time is provided to undertake any investigations

that may be required by Councils regulatory bodies etc. H June

8

Information Technology/Systems

Aim: Implementation of the Councils 4 year ITprogram.

Auditable areas identified in the plan:

Information Security; Business Continuity Management;

Mobile computing technology; cloud technology; IT Risk

Management; Program Risk; Software/IT asset

management; Social media risk management; segregation of duties/identity and access management; data loss

prevention and privacy. H Ongoing Refer B2.

9

Contract Management

Ensure contracts are appropriately managed and

legislatively compliant. H September Refer B2.

10

System Audits

Aim: To ensure that the Council activities are legislatively compliant through the implementation of robust systems/

key controls and reconciliations are in place/ segregation of duties in place.

2018: Payroll

Systems

Audit June

11

Revenue Activities (implementation of adopted fees and charges document)

Aim: To ensure that the Council activities are legislatively compliant by ensuring that the Councils adopted fees and charges document is complete and appropriately authorised, reflected in Councils systems, and is the basis of Councils revenue activities. Review to be undertaken

following the financial year end. M September

12

Payroll

Aim: to ensure monies are paid to valid employees, are accurate and reflects the Councils EA/award and employment conditions. Will include the review of

allowances, higher grade and overtime payments. H June

13

Credit Cards/Procurement Cards/ Reimbursement of expenses incurred by staff/ Petty Cash

Aim: To ensure that the Councils general procurement activities satisfy the Councils purchasing guidelines and its legislative requirements. Inclusion- high risk identified in

numerous reports by the ICAC H September

14

Recruitment and Terminations

Aim: to ensure that Councils recruitment and termination practices are efficient and meet Councils legislative requirements and reflect best practice. Identified as a

high risk by the ICAC. H June

15

Leave Management

Ensure that key governance structures are in place, are

effective and reflect better practice. H September

16 RMS

Aim: Audit Councils use of the RMS Drives System. This

audit is an annual requirement of the RMS agreement

which allows the Council to have access to the RMS Drives System required in undertaking Councils regulatory

functions. H June

17

Ordinance and enforcement/Inspections Aim: to ensure the integrity of Councils regulatory

functions. The power of regulators to grant significant H September

AUDIT COMMITTEE MEETING 21 AUGUST, 2018

benefits to, or impose restrictions or penalties on, members of the public can increase the risk that they will be exposed to corruption.

18

Use of Discretion/DAU

Ensure that the use of discretion by Councils officers is appropriate and in accordance with their delegated authority. This review will also look at the use of discretion with respect to rezoning or

development applications H September

19

Development Applications/Development assessment and Monitoring/Subdivisions

Ensure legislative compliance and that the

processes are efficiently and effectively managed H September

20

Management of the SDRO/Pins system/ Compliance Ensure legislative compliance and that the processes are

efficiently and effectively managed H September

Other

Training and Development

Audit Committee

Annual Planning and Reporting

Liaison

Reports previously issued.

Legend to the Table 1.

Status of the Audit Activity

In progress

Completed

Not yet commenced