3.1 Gareth Watts provided an update in relation to the 2014-15 programme of work. 2013-14 work was detailed in his annual report.
3.2 Since April 2014, he explained that he had continued to work with Dave Tosh and Alison Rutherford on the Information Governance review. In response to a recent staff survey, he was performing a Recruitment Procedures audit and aimed to produce a report before the summer recess. TIAA were currently scoping the Risk Management Framework audit.
3.3 He also informed the Committee that he had completed follow up work on the Scheme of Financial Delegation and the National Assembly for Wales shop. He would be reporting to the Assembly Commission on 18 June following a review of their effectiveness.
3.4 Following a brief discussion on Business Continuity, the Committee urged officials to accelerate this area of work and provide an update by November 2014.
3.5 Dave Tosh explained that a mock plenary was held over the Easter recess which specifically tested the manual voting procedures. Service areas have drafted plans, but they were yet to be tested and refined. Work may also be delayed over the summer recess with many of the service areas taking their annual leave during this period.
3.6 Gareth Watts introduced his annual report of work during the 2013-14 financial year. The programme of work was successfully delivered, despite the changes to internal audit in year, which included both a new Head of Internal Audit and a new external contractor.
3.7 Committee members questioned the definition of the opinion ‘Reasonable’. Gareth explained that this was a moderate rating and that given the scope of the audits, was the highest achievable score.
3.8 He confirmed that he intended to carry out more full scope audits this year which, potentially, could give a higher level of assurance.
3.9 Dave Tosh mentioned the Information Governance area as an example of vast improvement in the last 2-3 years. From the 12 original recommendations, 4 remain outstanding in 2013-14. Tighter controls, clear policies and structures were now in place. He was hopeful that this improved position would be reflected in the update in November.
3.10 Committee members also questioned how the specific internal audit reviews were selected. Officials confirmed that by their very nature, internal audit chose areas of weakness in order for improvements to be identified. Gareth’s work would continue to focus on these areas.
3.11 The Chair agreed that this was a constructive approach and that the Management Board was taking the recommendations seriously and was acting in a positive way to improve the functions within the organisation.
3.12 The Annual report on Fraud was finalised mid-May and at the time of writing provided a fair reflection of the position.
3.13 Lots of positive work had taken place since this area was audited in November 2011, especially access to policies and training by the Head of Procurement and from the Chartered Institute of Purchasing and Supply.
3.14 Gareth was considering Fraud Response plans across the public sector and would be working with Nicola to update the Assembly’s approach. Both agreed that a revised plan needed to be in place by September 2014.
3.15 The Committee were aware of stringent procurement checks on new suppliers and questioned if any of these checks could be applied to existing suppliers to further improve Financial Services processes. Nicola would discuss this with Jan Koziel, Head of Procurement.
- Dave Tosh to aim to accelerate the Business Continuity work and provide an update to the Committee at the November meeting.
- Gareth and Nicola to produce a revised Fraud Response Plan by September 2014.
- Nicola to discuss processes with Procurement to explore which of the financial checks they perform on new contracts could be used by Finance for existing suppliers.