Audit and Governance Committee - Wednesday 19 March 2025, 6:00pm - Folkestone & Hythe webcasting

Audit and Governance Committee
Wednesday, 19th March 2025 at 6:00pm 

Agenda

Slides

Transcript

Map

Resources

Forums

Speakers

Votes

 

Welcome to Folkestone and Hythe District Council's Webcast Player.

 

UPDATE - PLEASE NOTE, MEETINGS OF THE JOINT TRANSPORTATION BOARD AND FOLKESTONE AND HYTHE DISTRICT AND PARISH COUNCILS' JOINT COMMITTEE WILL BE STREAMED LIVE TO YOUTUBE AT: bit.ly/YouTubeMeetings


The webcast should start automatically for you, and you can jump to specific points of interest within the meeting by selecting the agenda point or the speaker that you are interested in, simply by clicking the tabs above this message. You can also view any presentations used in the meeting by clicking the presentations tab. We hope you find the webcast interesting and informative.

 

Please note, although officers can be heard when they are speaking at meetings, they will not be filmed.

 

At the conclusion of a meeting, the webcast can take time to 'archive'.  You will not be able to view the webcast until the archiving process is complete.  This is usually within 24 hours of the meeting.

Share this agenda point
  1. Cllr Liz McShane
Share this agenda point
  1. Microphone A
  2. Cllr Liz McShane
  3. Microphone A
  4. Cllr Liz McShane
Share this agenda point
  1. Cllr Liz McShane
  2. Cllr John Wing
  3. Cllr Liz McShane
  4. Cllr Liz McShane
Share this agenda point
  1. Cllr Liz McShane
  2. Cllr Liz McShane
  3. Cllr Liz McShane
Share this agenda point
  1. Folkestone & Hythe Officer
  2. Cllr Liz McShane
  3. Cllr Liz McShane
  4. Cllr David Godfrey
  5. Mr Ewan Green
  6. Cllr Liz McShane
  7. Mr Ewan Green
  8. Cllr Liz McShane
  9. Folkestone & Hythe Officer
  10. Cllr Liz McShane
  11. Cllr Liz McShane
  12. Cllr Liz McShane
  13. Cllr Adrian Lockwood
  14. Cllr Liz McShane
  15. Folkestone & Hythe Officer
  16. Cllr Liz McShane
Share this agenda point
  1. Folkestone & Hythe Officer
  2. Cllr Liz McShane
  3. Folkestone & Hythe Officer
  4. Cllr Liz McShane
  5. Cllr Tim Prater
  6. Folkestone & Hythe Officer
  7. Cllr Liz McShane
  8. Cllr Liz McShane
  9. Cllr Liz McShane
  10. Mr Jonathan Hicks
  11. Cllr Liz McShane
  12. Cllr Liz McShane
  13. Cllr David Godfrey
  14. Mr Ewan Green
  15. Cllr Liz McShane
  16. Cllr Liz McShane
  17. Cllr John Wing
  18. Mr Ewan Green
  19. Cllr John Wing
  20. Mr Jonathan Hicks
  21. Cllr Liz McShane
  22. Cllr Adrian Lockwood
  23. Mr Jonathan Hicks
  24. Cllr Adrian Lockwood
  25. Mr Ewan Green
  26. Cllr Liz McShane
  27. Mr Jonathan Hicks
  28. Cllr Liz McShane
  29. Cllr Liz McShane
  30. Mr Jonathan Hicks
  31. Mr Ewan Green
  32. Cllr Liz McShane
  33. Mr Jonathan Hicks
  34. Cllr Liz McShane
  35. Cllr Adrian Lockwood
  36. Cllr Liz McShane
  37. Cllr Liz McShane
  38. Cllr Tim Prater
  39. Mr Jonathan Hicks
  40. Cllr Tim Prater
  41. Mr Jonathan Hicks
  42. Cllr Liz McShane
  43. Cllr Liz McShane
  44. Mr Ewan Green
  45. Cllr Liz McShane
  46. Cllr David Godfrey
  47. Cllr Liz McShane
  48. Mr Ewan Green
  49. Cllr Liz McShane
  50. Mr Ewan Green
  51. Cllr Liz McShane
  52. Mr Ewan Green
  53. Cllr Liz McShane
  54. Cllr Liz McShane
  55. Mr Ewan Green
  56. Cllr Liz McShane
  57. Cllr Adrian Lockwood
  58. Cllr Liz McShane
  59. Mr Ewan Green
  60. Cllr Liz McShane
  61. Webcast Finished

Cllr Liz McShane - 0:00:00
the internet. For those who do not wish to be recorded or filmed, you will need to leave
the chamber. For members, officers and others speaking at the meeting, it is important that
the microphones are used so viewers on the webcast and others in the room may hear you.
Would anyone with a mobile phone please switch to silent mode as they can be distracting?
I would like to remind members that although we have all strong opinions on matters under
consideration, it is important to treat members, officers and public speakers with respect.
Thank you. So we've got 11 items on tonight's agenda, so we'll start with item one, apologies

1 Apologies for Absence

for absence. Thank you, chair. We've heard apologies from
Microphone A - 0:00:39
Councillor Butcher. And any apologies for elateness?
Cllr Liz McShane - 0:00:41
Microphone A - 0:00:43
No, no other apologies. Councillor Wimble? Nothing from Councillor
Cllr Liz McShane - 0:00:47
Wimble? Okay, thank you. Item number two, declarations of interest.

2 Declarations of Interest

Cllr Liz McShane - 0:00:53
Cllr John Wing - 0:00:55
Councillor Wing. Thank you, chair. Only as a director of opportuness.
Cllr Liz McShane - 0:00:59
Cllr Liz McShane - 0:01:03
Anyone else? No, brilliant. Item number three, the minutes from the last meeting, please.

3 Minutes

Cllr Liz McShane - 0:01:11
Are we okay to agree on the last meeting?
Cllr Liz McShane - 0:01:14
Mr Greed, everyone. Thank you.

4 Quarterly Internal Audit Update Report - East Kent Audit Partnership

Cllr Liz McShane - 0:01:25
So item number four, quarterly internal audit report, East Kent Audit Partnership.
Chris, it's Chris. Thank you. Over to you.
Folkestone & Hythe Officer - 0:01:37
The report before you on page 13 is the internal, the update report showing the work that's
been completed by internal audit since the last meeting of the committee.
On page 17 this shows a summary of reports that were completed in the period and you'll
see that there were six in total and all of these are substantial assurance so there's
no concerns to raise.
On page 22 this shows the follow -ups that have been completed in the period.
There being five of these and again the assurances have come out of being three substantial and
two reasonable so again no concerns to be raised there. On page 26 this just shows the
reports that have come to the committee at previous meetings that are either limited
or partially limited assurance and these are the ones that will be followed up in April.
I can mention that risk management has actually been followed up already but just didn't quite
make the cut for the committee report and that is now showing us a substantial reasonable
assurance, so that's good and that one has moved forward.
Then on page 27 this is the plan achievement. This was showing to the end of December so
at that time the plan completion was 69 % but just to bring members up to date in partially
through March, Folkestone is now just above 90 % so it's going to be moving towards mid
mid -90s, probably completion.
Those are the main points of the report.
I'll be pleased to take any questions you may have. Thank you.
Cllr Liz McShane - 0:03:32
Thank you, Chris. Any questions from the committee or comments?
Clarifications?
Councillor Godfrey.
Cllr Liz McShane - 0:03:41
Cllr David Godfrey - 0:03:45
Generally speaking, it's a report that most people will be welcome.
It seems to be substantial insurances everywhere, which is nice to know.
I just have one little question.
It's relating to page 21, 2 .5.
Let me find it.
It says the compliance officer has not been recruited,
although this role was considered.
I'm not suggesting there should be one,
because sometimes I don't think compliant officers help.
However, that's a personal opinion,
but is there any reason that that's not been considered,
that we decided it's not necessary?
Mr Ewan Green - 0:04:25
evening members. Thank you, Councillor Godfrey. I think as a corporate leadership team we're
very pleased of course with the substantial assurance. We did consider a compliance officer
role but given where we're at in terms of the council budgets and staffing allocations
and the progress we've made with our own staff in terms of training and monitoring procurement
through the CLT and corporate governance board, we felt that we'd embedded good practice across
the teams and therefore the role of a compliance officer wasn't required at this time, but
we will hold that in review if we ever feel we need to go that far and have a post.
Cllr Liz McShane - 0:05:11
I just got a couple. Page 20 is reference to the Levelling Up fund. Can you just confirm
how much FHDC are expected to receive?
Mr Ewan Green - 0:05:28
The overall project is £22 million and the grant from lettering up is £20 million.
Cllr Liz McShane - 0:05:35
And then on page 22, reference to the five follow -up reviews. It's just a language thing,
I think, more than anything else. They say they've been completed. Completed and closed,
because sometimes they're used interchangeably.
Is that the same?
When something's completed, is it the same as being closed?
Just for clarification?
Thank you, Chair.
Folkestone & Hythe Officer - 0:05:59
No, they're not the same thing.
In fact, we have a good example within the document this evening.
If I take your attention to page 25, Appendix 1.
So this is a matter where we are escalating to the committee.
So we are closing it on our system
as we have completed the progress report
and have completed the follow -up.
But at the time of follow -up, this matter
was still outstanding and was graded
as a high -priority action.
So we have included the latest action
for management in the third column there
with a revised completion date of the 31st of March.
so you can see there is progress.
The committee, it could be within your gift to ask,
at a subsequent meeting,
has that matter now been resolved?
And that's the purpose of us escalating it to the committee.
But also, members, be assured, at the next meeting,
you will receive my annual report,
and any matters escalated to you during the year,
I'll be seeking an update against those
in that annual report and reporting them back to you.
So at the next meeting,
and anything that's been raised during the year,
has it been closed down in completion
rather than just closed on our system?
So does that help show the difference?
Thank you.
Thanks for clarifying that.
Cllr Liz McShane - 0:07:18
Questions on this section?
Cllr Liz McShane - 0:07:21
Bob Wood.
Cllr Liz McShane - 0:07:22
Thank you, Chair.
Cllr Adrian Lockwood - 0:07:26
On page 22, that is now deemed as low risk,
but wasn't previously.
Why is that suddenly low risk?
what changed on 31 .3 .1b.
Cllr Liz McShane - 0:07:43
Thank you.
Folkestone & Hythe Officer - 0:07:47
So at the time of doing undertaking the original audit,
there was one low priority recommendation made in that report.
At the time of doing the follow -up,
that low priority recommendation was outstanding.
Our commitment to you that we will test and report
on the high and the critical priorities,
the medium and low priority recommendations
really are tolerated by management.
Without the report in front of me,
I can't tell you specifically what that recommendation is,
but if you'd like that information outside of the meeting,
I'm more than happy to provide that to you.
Thank you.
Cllr Liz McShane - 0:08:24
Any more questions on this agenda item?
No?
So we move on to agenda item five.
That's a draft internal audit plan,

5 Draft Internal Audit Plan 2025-26

And that's pages 33 to 48.
Folkestone & Hythe Officer - 0:08:40
Thank you, Chair.
Members, we're back to, believe it or not, the year's gone in a whiz, and we're back
to looking ahead at the next year's plan already, although we're in the last throes
of page four.
Page 34 of my report sets out the purpose of the report, and it details the process
that we've gone through so far to bring the plan to you this evening for your consideration.
So there's various stages that we go through.
To sum these up, we have met with all the heads of service and discussed risks.
So in looking at what's changing this year in your areas, new systems, new legislation,
experienced staff leaving, anything that we feel would potentially knock you off course,
any risks that we perceive.
We've also looked closely at the corporate risk register, so they're looking carefully
at the risk the council is already identifying and deciding what mitigating actions it will
be taking.
We have met with your corporate leadership team, and of course, this is the section 151
officer's responsibility to have an effective audit plan, and we have met and discussed
the plan with the section 151 officer.
We don't only just look inward at what the council is doing.
Of course, you know that we work across the other four sites, so any issues coming up
there, we will consider whether they would impact here as well.
And beyond that, the Institute of Internal Auditors produces annually a risk in focus
report.
This is a global report, and it's across all sectors.
It's not just local government.
So paragraphs one to five on page 35, consider the top five risks that have come out of the
and risk and focus report.
And they're obviously at that global level.
What we try to do is look at that
and overlay that to your plan and say,
well, what are we doing or proposing to do
in this next year that would cover off
some of these risks that are being identified at that level?
Moving through the report,
I have the duty of care to talk to members
and set in context the report,
which is the benchmarking section.
So we want to be in a position in July next year
to be able to look back and say,
members, have you had sufficient resources
in internal audit this year to be able to give you
an opinion on the system of internal controls
in governance and risk management in operation
to enable you to fulfill your responsibilities
to be able to sign off the annual government statement.
So you will see in paragraph five
that I am commending the plan to you.
I feel we will be in that position
with the resources available to us.
I will remind members that whilst we enclose in the annex,
the report shows the plan of a rolling cycle of four years.
We're only committing to the next 12 months this evening,
but the purpose of showing you the four years
is to show that within that reasonable strategic cycle
of audits, we can hopefully cover all the areas of risk
that we have identified.
And lastly, members, I just want to draw your attention
to the new internal audit standards.
You remember at a previous meeting we looked at the external quality assessment of internal
audit and we were compared against the public sector internal audit standards.
We are transitioning to the new global internal audit standards.
So I really wanted just to assure you members we will continue to comply with professional
standards as we transition.
and I really would, and there's a lot of training available
at the moment, I'd really commend you,
if you can't sleep or you find yourself
with a little bit of time, to click on the link
in the paragraph in 5 .2.
The CIPFA have produced specifically for members
of the object committee an update,
and it's not a long document,
but even if you just skimmed the index,
it's really there to help you as members
so that you know what your role,
and help develop your role of asking
challenging questions of us and the work that we do.
So that's there for you.
There are a couple of other links in the background papers
that point to as well.
So that's it from me in terms of presentation.
I'm happy to take any questions regarding
what we're planning to undertake next year
if members have any comments or concerns.
Thank you, Chair.
Thank you.
Cllr Liz McShane - 0:13:04
I've just realized I didn't get the recommendations
for agenda item four, but we'll do that
when we finish this agenda item.
Bad me.
Just one, given that cyber security is number one,
do we know how many attacks or potential attacks
have taken place or tried to take place
and how many have been mitigated by the controls we've got in place?
Okay, solid.
Folkestone & Hythe Officer - 0:13:33
Thank you, Chair. I think the answer is we're under constant attack.
There have been various local government specific attacks
and some authorities have suffered quite a lot of loss
as a result.
All I can update the committee is we are currently undertaking
a network security review.
It's pretty much coming to its conclusion.
We're yet to review the report that that will be at the July
meeting, so hopefully we'll be able to give you a bit of
assurance about what we've covered and what's going on in
terms of the controls.
Thank you.
Thank you. Any questions from the committee?
Cllr Liz McShane - 0:14:05
you want? Oh, Councillor Peter.
Thank you. Just looking for reassurance which I know you're about to give me,
Cllr Tim Prater - 0:14:40
obviously the next item on here is the corporate risk register which has updated the risks and the priority of those risks
and therefore this is the audit plan which is based on that risk register.
The fact that they appear this way round on our agenda and that we're agreeing an audit plan based on the risk agenda that we agree next
is only indicative that that's the way that they fell on the agenda and not the way,
and not if there was any discontinuity
between what we've identified as those updated risks
and that they've done in this register
and what we've actually done toward it.
I'm confident that I'm going to get the answer I'm expecting here,
but I thought it would be useful to make sure.
Thanks for that update.
Thank you, Chair. Yes, indeed.
Folkestone & Hythe Officer - 0:15:24
In fact, if we return to the plan itself,
the second column is the cross -reference
to the corporate risk register.
So hopefully that assures you members
that we are very aware of the things
that you have already identified
and looking at the steps that you're taking
to mitigate those risks.
Thank you.
Cllr Liz McShane - 0:15:46
Any comments, questions on this section?
No, good to go.
Sorry?
No, no.
Cllr Liz McShane - 0:16:10
So we're ready to note the recommendations. We'll do agenda item five first, then go back
to agenda item four. So for agenda item five, we're ready to receive a note report, and
then members approve the Council's internal audit plan for 25 -26. Is that yes? You're
I get this right, Councillor Lockwood, seconder. Right, ready? And do we agree that? Unagree.
That's unanimous. Lovely. Right, back to agenda item 4, which I should have done at the time,
of Apologies. What page was that? Page 13. So the recommendations for agenda item 4,
Cllr Liz McShane - 0:17:02
to receive and note the report, to note the results of the work carried out by the East
Kent Board of Partnership. Could I have a proposer please? Come forward. Councillor
Thank you.
So agenda item number six, which is on pages 49 to 74, and that's the corporate risk register.
Mr Jonathan Hicks - 0:17:30
Thank you, Chair.
Good evening, members.
This report provides the committee with an update to the corporate risk register, last
considered by audit and governance on the 4th of December, 2024.
It also presents the updated risk management policy and strategy for approval.
We'll be asking the committee to review the corporate risk register, which is provided
at Appendix 1, as well as noting and approving the risk management policy and strategy at
Appendix 2, which are being put forward to Cabinet and Council for adoption.
Under the Council's constitutional arrangements,
a review of the corporate risk register
and the policy and strategy needs to be undertaken annually
before it's being presented to Cabinet and Council.
This committee reviewed the policy and strategy
at its meeting in December in draft form
and is now being represented as final.
It has not changed in any substantive way
since it was last viewed by the committee,
but the details of those changes and recommendations
that we acted upon from the risk management audit
are set out in section three of the report in summary.
We've also given the corporate risk register
a top to bottom review with officers and managers
through the corporate governance board and corporate leadership team.
This is to look at the descriptions and the scoring, as well as to agree whether or not
each entry still needs to be considered as a corporate or strategic risk.
So we're asking the committee to review and consider the changes that we've made before
we present these to Cabinet next week.
Cabinet's role will be to approve the policy and strategy which sets out the responsibilities
and arrangements for effective risk management.
Part of that acknowledges this committee's function in ensuring that we are putting those
arrangements in place and having effective scrutiny and monitoring of those, as well
as given due consideration of the corporate risk register.
So the register will will go to cabinet,
but we were not asking cabinet to review it.
Because that consideration will be happening here.
I would like at this moment to thank
the committee for its role in reviewing
the work that we've done this year.
It's been instrumental in helping
shape it and forms a necessary
necessary part of the oversight.
I think it be useful if I take you
through the corporate risk register
some of those changes and additions.
I'm sure you have some questions about them.
If you turn to page 53 of the pack.
You'll see the corporate risk
register overview matrix.
And you'll see from that I think
this is useful to show to highlight
the scoring and how we've arrived
at the scoring based on what we set
out in the policy and strategy.
You'll note that we've got one extreme risk we're considering cyber threat, which does
link of course to the global threats that we discussed in the previous report.
We've got two new risks that have been added on there.
One is on devolution in local government reorganization and one on climate change.
This chart here is useful for me and it hopefully will be useful to members to know.
look at how we order these risks.
So we've reshaped the register so that the highest risk
priorities are listed at the top.
And you can see that in addition to the extreme risk,
we're considering eight risks as high risk.
If you go down to the next page, which is 54,
you can see the familiar overview dashboard.
And I will remind members of how we've laid this one out.
Many of these are the same as we've considered before,
but as I said, we've reordered and renumbered
according to level of risk,
and apologies to my audit colleagues
if that messes up any referencing
that you've already done.
We'll have to check that afterwards.
You'll note also that on the far left column,
I've put in a link to the yet -to -be -approved
new corporate plan, so we can see the link
to the strategic objectives in there.
And as usual, you'll see a brief description and a column
showing the previous score, which you would have seen
last time, and the current score, which has, in some cases,
been re -evaluated through discussion with officers,
as well as the mitigation scheme, which really just
tells you what we're doing with it.
In most cases, we are treating the risk.
but there are a few there which also show tolerate,
and that really indicates where the risk is so great
or that a certain element of it is beyond our control,
that we have to tolerate a high level of risk,
as well as treating it.
The target score is more for officers,
for us to be able to look at it and evaluate
whether or not we feel we should be working
to reduce the level of that risk.
And the indicator there,
the on off target will show which
ones we are where we feel that we
are on target or not. A good example
would be C3 sports and leisure provision.
And this this one is about us being
able to provide adequate facilities
in light of pressures.
We've scored that as a risk of nine,
when we're saying that's likely and significant.
But we've put a target score of six,
because we're planning to put things in place,
for example, developing a leisure strategy
which will have certain commitments
or things which will get agreed,
or not agreed,
but if those things are agreed
and their actions are put in place,
we would hope that the likelihood
of us not being able to provide adequate sports and measure provision would come down and
that risk level would come down.
So really what that shows you is that where it's red, it indicates something where we're
working to reduce the level of risk.
So in a nutshell, if it's red, we should be or are putting in place actions to reduce
the risk.
If it's got a green tick, it means that we're accepting that level of risk and any actions
we're putting in place are to maintain that level.
You'll note also on the following page down the bottom, we've removed some entries which
were previously on the register.
Some of these risks have been on the corporate risk register for quite a long time, and we've
taken a decision where we feel that we have sufficiently mitigated the risk to the extent
that no longer presents a corporate or strategic risk,
or it's no longer relevant, we've taken it off.
Organisational capacity, for example,
this is one that arose out of the financial climate.
We feel that those risks have been mitigated,
but we're still monitoring that as part of
our work on local government reorganisation and devolution.
So we're going to consider our workload capacity
as part of that risk.
There are a few on there which we've removed
because they are no longer relevant at all.
For example, the one right down the bottom is elections.
This was about being prepared for the Elections Act
and making all the parliamentary changes.
That's something that's already been done.
Prince's Parade, this was about the financial impact
which has been successfully mitigated
by financial provision, and so we no longer need to record that as a corporate risk.
And there are a few more on there which we're sort of relegating, if you like, to an operational
risk where we feel that they are managed effectively enough that we don't need to put them on the
corporate register.
For example, waste collection, deliverable affordable homes, and HRA business plan.
So they're still being monitored and just being removed from this corporate risk register.
That represents the fundamental changes that we've made, but I'm happy to take any questions
any members have, and I'll do my best to answer them.
Thank you.
Thank you for the update and introducing the report.
And once again, thanks for the dashboards.
We love dashboards.
Cllr Liz McShane - 0:27:00
More dashboards, please.
It just makes it easier to have a global view of everything and be able to benchmark and
see things in one go, especially if people are not, you know, it's a lot of dense information,
but it's really good to see them presented this way.
I'm sure the committee's got lots of questions on this agenda, so who wants to start?
Cllr Liz McShane - 0:27:22
I haven't got lots of questions.
Cllr David Godfrey - 0:27:27
The report's so clear and the tables are so clear, and everything we would expect to see
at risk in their cities.
I identify that I can think of how I could tell an auditor
that you haven't gone far enough.
I don't know because auditing an audit is quite challenging.
However, the only question I've got is,
and I'm not gonna have a debate with Councilor Prager,
I promise you that, is about the removal of Princess
Brave from the district.
The reason given for that I understand.
But isn't there still a risk there?
Because no matter what happens going forward,
I don't know what happens as a result of the consultation.
The leader was on a podcast this week
thinking about contamination risks.
Isn't there a risk that we're still going to have to spend some money
decontaminating whatever happens to it?
Shouldn't that be there somewhere?
Or have you hit in the scorching letter bit?
That's a get out for you.
I think just building on the previous response,
where the key risk was financial and then
Mr Ewan Green - 0:28:31
that's been mitigated within the accounts and provisions.
I think the issue of impincipatory
now is it's a managed site.
We're actively managing that, and you'll
know how we're doing that at the moment in terms of no access
to the public.
I think as we move through consideration
of what the future of that site is,
you may well see that from back in,
but at present, we feel that is an operational management risk
that we reflected at service level,
not in the corporate mis -register.
Cllr Liz McShane - 0:29:03
Cllr Liz McShane - 0:29:08
I have no other questions, though.
No other questions. Anyone?
Councillor Wing.
Thank you, Chair.
Cllr John Wing - 0:29:15
Can I just have some clarification for my own self?
You've removed C19 delivery of new and affordable homes.
Are we talking about Council -built new affordable homes?
I was pleased to see this afternoon an email arriving in my inbox
telling me there's new homes in HIVE.
We've partnered with another developer and I believe there's more at Shorncliffe as well.
Is this referring to Council -built, by theirself, affordable and new homes
without partnership with other builders?
Mr Ewan Green - 0:29:50
You're correct, it is about council delivery.
When the visits come off, as you've just highlighted there,
there's a pipeline of projects coming forward,
which means again that we feel it's no longer a corporate level,
but it's something that's actively managed within the housing service.
Cllr John Wing - 0:30:07
OK, and going back to our own favourite C1D corporate,
about the cyber threat,
when you say treat,
are we talking about training for staff, including councillors?
because I understand last week we had some emails coming through to test us, which is
quite rather, I've got no problem with that, is that the sort of thing we're thinking about?
And also perhaps some certification, I understand at last if you can get the staff to be, make
sure the cyber were...
Mr Jonathan Hicks - 0:30:40
I can, thank you, Councillor, I'll give you some updates that the IC team have provided
with me and I can maybe look into seeing specifically about the training as well.
What I understand is that the digital service and IC team have put in place quite a lot
of actions this year to reduce the impact of this risk or reduce the likelihood that
an attack which we know is consistent or is likely to reduce the weather or not has a
critical, it critically disrupts the services.
So security systems are currently continually monitored,
and the program of activity including testing,
and audits, and impact assessments,
and awareness raising is planned throughout 2025.
So there's a whole program of activity,
of different things they've put in place,
which are being constantly monitored.
So that it is the highest risk,
and that is being treated as such.
If there's anything you wanted to add to that?
Cllr Liz McShane - 0:31:45
Councillor Lockwood.
Thank you, Chair.
Cllr Adrian Lockwood - 0:31:51
Risk C13 change of governance is light green, so unlikely and moderate.
However, this council on the 29th of January voted to not move to a committee system on
the basis that moving to a committee system would be disruptive and risky for this council.
As a result of that motion, we have written to the Minister for Local Government to ask
them to cancel our decision to move to a committee system and remain with the cabinet system.
We've given a deadline on the 31st of March for a reply from the Minister.
If we don't hear from the Minister saying you should move to a committee system or fine,
you take your point, stick with the cabinet system, then fine.
But if in the next 13 days we get a letter from that minister saying,
no, you're moving to a committee system, this council will find itself in a
situation that this council felt was risky and disruptive.
So how is that not a significant risk?
Jonathan.
Thank you, Councillor Loughborough.
Mr Jonathan Hicks - 0:33:48
I think on this one, this is about our failure
to deliver an effective change in governance
and being prepared for that change.
I think a lot of work was put in place
to bring about that change.
So, whichever way the decision goes,
what we're saying here is that we are in a good place
to institute that change because all the arrangements
that would have been put in place prior to that decision
being made, that vote, still exist,
and so it'll just be about clinging in place.
So that's why it's a lower risk,
and why it's still on the register.
It may be that we end up taking that off
if it's not irrelevant.
Cllr Adrian Lockwood - 0:34:38
So why did this council vote for that being disruptive and risky, if it's not a risk?
Chair, with respect, I don't think that's a matter for an officer to
Mr Ewan Green - 0:34:47
consider tonight.
Cllr Liz McShane - 0:34:50
Thank you.
Can I ask a question?
Fraud and corruption. The CRR score, corporate risk register score, hasn't moved since the
last, at least the last report. Would it be interesting to know, sort of something in
the background, why or what's been done to make sure that that stays at its lowest risk?
Mr Jonathan Hicks - 0:35:18
Thank you, Chair. So can we phrase the question, you say what it hasn't moved or?
Any reasons why I'm in?
I think we've, my copy here has been reduced.
I think we've put all the mitigative practices in place to mitigate the fraud and corruption.
We don't feel that that is a high risk at the moment.
It may be that as we move nearer to local government reorganisation we might need to
escalate this, but in the meantime,
this is just one to monitor.
Unless there's anything else we need to add to that.
So sort of a follow up, cyber threat to extreme risk.
Fraud and corruption, is there any interrelation
between those two potentially?
Cllr Liz McShane - 0:36:09
Mr Jonathan Hicks - 0:36:11
Cllr Liz McShane - 0:36:11
Mr Ewan Green - 0:36:12
Well, I think there is potentially, obviously, yes,
in short.
But I think in terms of fraud and corruption,
what we're comfortable with is that the systems and processes
we have, which of course are checked from the internal audit and external audit, are
trying to be signed. Therefore, it's a significant risk because it's on the corporate risk register,
but in terms of managing that risk, it's lower down.
Cllr Liz McShane - 0:36:37
Any more questions on this one? No? Okay. So the recommendations are to receive and
note the report that the Audit and Governance Committee reviews the Corporate Risk Register
overview of Appendix 1 and makes any necessary recommendations regarding the Council's management
of risk. And third, that Audit and Governance Committee notes and approves the Risk Management
Policy and Strategy, Appendix 2, being put forward to Cabinet in full Council for adoption.
Who would like to propose this? It's only three of you tonight, sorry.
Councillor Goldfri, seconder? Councillor Wayne. Do we agree on the recommendations? So who's
agreeing to abstain? One abstain and two agree. Moving on to agenda item six. That's corporate
And pages 75 to 104.
Thank you, Chair.
Mr Jonathan Hicks - 0:37:47
This report presents a revised and updated
health and safety policy for consideration
by the committee, ahead of cabinet on 23rd of April.
We are asking the committee to read and approve
the changes that we've made to the policy
and recommend it to cabinet for adoption.
I think it's useful to note that we had a policy in place, but it required an update
to ensure that it is in line with best practice and guidance and reflects our current working
procedures.
The committee will be aware that we have reviewed health and safety activity throughout the
It's part of the program of work.
That's in a report later on.
And you've received updates halfway through the year,
and you will get an annual report from me
after the next meeting on the activity on health and safety.
So we will also note that we had an audit on health and safety,
which originally gave us limited assurance.
We have that follow -up audit coming in April.
One of the final pieces of work that we needed to do
on the recommendations is to review and revise the policy,
which is the overarching document that sits above
all the other operational work that we do.
In the cover report, it sets out the purposes of that policy.
Largely, we need to have one because it's a legal requirement,
but it also sets out what our responsibilities are
as a council for health and safety
and the role of the council, chief officers and employees.
What we have done is we've given you the policy
which was already published and shown as track changes
so you can see what changes we've made.
But the main substantive changes in summary
from the previous policy are really just clearer roles and responsibilities.
A section we've written in for contractors and third parties.
Specific requirements of the corporate health and safety officers role.
And some additional text outlining the function of the staff consultation forum which acts
as the council's health and safety committee.
Health and safety stats, anything that we need to report on developing new procedures
or reviewing risk assessments is reviewed by the Council's Health and Safety Committee,
which meets six weekly, and before that information is then presented to corporate leadership
The intention is that we'll formally report that every quarter to the corporate leadership
team and do a half yearly, an annual report here at this committee.
The specific amendments, as I've said, and deletions are shown as track changes in Appendix
2.
However, the committee will note that the whole policy has really been reshaped and
worded throughout just for the sake of clarity, readability and ease of reference.
I'm happy to take any questions on it, but it is being presented to you and we're asking
for your endorsement of that policy before Cabinet.
Thank you.
Thank you.
Cllr Liz McShane - 0:41:27
And yes, I think it's really helpful to have the track changes included in the report just
for reference.
That's really good.
Councillor Lockwood.
Thank you, Chair.
This is brilliant.
Cllr Adrian Lockwood - 0:41:39
I mean it's a really good piece of work and thank you.
I hope you support this.
And health and safety is incredibly important
and also sometimes a bit dull, but thank you.
Any more comments or questions?
Cllr Liz McShane - 0:41:56
No? Okay.
So if you go to the recommendations.
Sorry.
Cllr Liz McShane - 0:42:03
I was sitting here in my anonymous shirt.
Cllr Tim Prater - 0:42:08
I absolutely agree with Catherine Lockwood's comments
in terms of the policy itself and the update.
It's much clearer, it's much more focused.
I think Matt deals with that well.
Clearly, it was mentioned in the report though
that the limited assurance came from both the report itself
and also how that was communicated through induction
and I imagine also through ongoing training
and ongoing reinforcement of the different barriers
The policy aspect, as far as I'm concerned, has been very well addressed within this.
How has the use of that or the pushing of that into the induction process and in the
ongoing training, reinforcement, how does that follow through?
Where's the follow through on that in order to make sure that that's also addressed when
the Interlord have get back to it?
Thank you, Councillor Craitor.
Mr Jonathan Hicks - 0:43:07
Actually, the recommendation number one of the audit was to ensure that the health and
safety policy is included in the formal induction for staff.
So it has, and our health and safety officer has contributed to the formal induction process
for new employees.
But in terms of how this reflects on other members of staff, this in general is the high
level policy that sits above all the operational work.
Most of the things that staff will do sit in the operational procedures.
We've shown at the end of the policy as an appendix the list of current procedures that
we've got and you can see how many there are.
So that reflects all the different work areas and those have to be worked through with the
appropriate members of staff when using the Health and Safety Committee officers to approve
those along with sign off from the UN as the director.
And the purpose here is that the policy is that that sets the framework from which those
operational procedures follow out from.
But essentially they're being reviewed on a continual basis and the last time we caught
with the auditor, they were satisfied with our progress on that, but we will certainly
be able to give you a further report on that after we've had that follow -up.
Just to come back briefly on that, I fully accept that, but we've all been in that position
Cllr Tim Prater - 0:44:43
whereby you've gone through an induction process and you have been given all of the policies
and told to read them and tick that you have received them, and you have read them and
because you have been through 27.
There's a difference between including making sure it's in the induction
and making sure it's in the induction,
and as long as we're on the second one rather than the first one,
that's all I have a little reassurance on.
Thank you, Councillor Prater.
Mr Jonathan Hicks - 0:45:13
I think in clarification of that,
firstly there's the awareness that there was a policy,
but also I think mostly induction is around where you need to go for certain things.
So if you need to report an accident or incident, there's a form on the internet.
We've done specific training for fire warden and first aid, which we've recruited for.
So all staff will need an awareness of the policy,
but actually what's crucial is that they know where to go when they need to report something,
and that's all set out on a designated page on the internet, which we've been updating
as part of the recommendations in the audit.
Cllr Liz McShane - 0:45:54
Thank you. It just sounds like lots of good work has been done on this, so well done everyone.
Ready to move to recommendation? Councillor Lockwood.
Cllr Liz McShane - 0:46:04
Councillor Gough, would you like to second? Shall I read the recommendations out? Are
we ready? To receive a note of the report and the second one, the Ordinance Governance
Committee reads and approves the changes made to the attached health and safety policy and
recommends it to cabinet for adoption. Are we agreed?
That's unanimous. Thank you very much.
Item number eight, quarterly code of conduct complaints update report, pages 105 to 108.
And I'll switch to you, I think.
Mr Ewan Green - 0:46:36
Thank you, Chair. Standard report members that you'll see every quarter at the meeting.
It's really just an update on the period of October to December in terms of the number of points received.
When you received the report, there were two received, but neither of these were deemed
necessary to go to investigation or report.
Thank you, Chair.
Any comments or questions?
Councillor Godfrey?
Cllr Liz McShane - 0:46:59
What a nice bunch of councillors we are.
No members complaints against members.
Cllr David Godfrey - 0:47:04
Wonderful.
I'm quite happy to move this report.
Cllr Liz McShane - 0:47:11
Are we all happy to move the report?
No questions?
Okay.
who would like to propose?
Councillor Godfrey and seconder Councillor Lockwood.
Is it agreed?
Great, thank you.
That was quick.
Item number nine, local code of corporate governance,
pages of 109 to one.
Thank you, Chair.
And this is the annual report that committee
Mr Ewan Green - 0:47:32
receives just with an overview of the work of the committee
in the previous year.
The report itself gives you an overview
in terms of reference for the committee and we do cover also the complaints and
whistleblowing instance of which I'm pleased to say there were none.
And I think just interestingly for members what we've done this year is we've
added an appendix which is almost like an overview of the work plan that you've had
this year and I think it's quite helpful to show that because this shows the breadth
of work that you cover at these meetings and quite helpful aid memoir for you as a
committee and I'll see you in the morning actually, thank you.
Cllr Liz McShane - 0:48:13
Any comments, questions on this one? Move to recommendation. Proposer please. Councillor
Wing, thank you. And seconder? Councillor Godfrey. So we're happy to receive a note
of the report to adopt the local code of corporate governance appended. Are we agreed? Agreed.
That's unanimous. Thank you. OK.
Agenda item 10. Annual report to the Audit and Governance Committee.
Pages 113 onwards.
Mr Ewan Green - 0:48:53
I must apologise. I think I stepped onto the wrong report there.
But yes, I was just re -entering my previous comments. Thank you on that one.
But if I could just add on to the previous one.
And in relation to the code, there have been more changes to the code that was put before
you this evening, members, so I'm happy to ask that you receive that and agree as part
of your annual, it's an annual approval fund.
Cllr Liz McShane - 0:49:17
Okay, so we're back, that's agenda item nine.
So we've just moved, do we need to move that again or is that fine with?
We'll do it again, just for clarity, okay.
Who would like to propose? Councillor Wing, thank you.
To receive and note the report, agenda item number 9, local code of corporate governance.
Recommendations to receive and note the report and to adopt the local code of corporate governance
append it. So Councillor Wing, you're happy to propose it? Seconder, please? Councillor
annual report to the audit and governance committee, starting on page 113. Back to you.
Mr Ewan Green - 0:50:10
I'll reiterate my previous comments. I apologize, members, for that. But this is just giving you the
annual report to a committee that you now receive and just to reiterate that what we've done this
year is also through an appendix which shows you the breadth of the work you've covered throughout
a committee which I think is quite a substantial body of work and one which I think is helpful
to view as a made memoir for a committee and for a residence. Thank you, Chair.
Cllr Liz McShane - 0:50:34
Cllr Liz McShane - 0:50:38
We're all happy to move to the recommendations to receive a note report. Could I have a proposer,
Councillor Wing, thank you very much.
And the seconder?
I'm not looking at anyone in particular.
Councillor Godfrey, thank you.
Are we agreed?
Lovely.
That's unanimous.
And item number 11 is annual report maintaining ethical standards.
That's 129 to 132.
Thank you, Chair.
Mr Ewan Green - 0:51:16
I'm just broadly similar to the previous report that
was written in the quarterly outcomes,
but this is the annual report that you receive
in terms of academic standards where
we give you the stats on complaints, whistle blowing,
et cetera, et cetera.
And I have nothing to add to the report.
And again, just to reiterate, there
were no incidents of whistle blowing,
and therefore no investigations conducted as section 2 .3 of the report.
Cllr Liz McShane - 0:51:49
Thank you, that's good to know.
Any comments, questions on this item?
Councillor Lockwood.
Cllr Adrian Lockwood - 0:52:02
I need to say that it's good to be part of a cordial arrangement here.
We're all good to see no complaints between us at least.
Cllr Liz McShane - 0:52:15
Just one question that came up in our meeting early in the week.
Has the district council ever got involved with complaints from parish councils?
Somebody asked and I just thought I'd raise it here.
Mr Ewan Green - 0:52:26
We do receive complaints from time to time.
Whether these are valid or not is a different issue.
Generally, as a monitoring officer,
the role I've got is to investigate complaints
in relation to the code of conduct of counselors.
And anything further than that is generally
out with jurisdiction.
Thank you for clarifying.
Cllr Liz McShane - 0:52:50
So that's...
We go back to moving recommendations.
Page is 29. Sorry. Final item. So I need finally for tonight, I need a proposer, Councillor
Wing and a seconder, Councillor Lockwood. Thank you. So that's to receive and note the
report. Are we agreed? That's unanimous. And that's the end of tonight's meeting. Thank
you, everyone.
Thank you.