Agenda and minutes

Agenda and minutes

Speaking at a Council or Committee meeting

Venue: St Aldate's Room - Oxford Town Hall. View directions

Contact: Jennifer Thompson, Committee and Members Services Officer  email  democraticservices@oxford.gov.uk tel 01865 252275

Items
No. Item

15.

Declarations of Interest

Minutes:

There were no declarations.

16.

The risks, challenges, and actions being taken by the Council to ensure the best possible cyber security pdf icon PDF 959 KB

Report of: the Head of Business Improvement.

 

Purpose: to inform the Committee on matters relating to cyber security.

 

Recommendation: that the Committee notes the content of the report

Minutes:

The Committee considered the report of the Head of Business Improvement informing the Committee on matters relating to cyber security.

Helen Bishop, Head of Business Improvement, and Rocco Labellarte, Chief Technology and Information Officer, introduced the report and answered questions from the Committee.

 

In summary, the Committee noted and commented as below

 

1.    As a local authority the City Council had to comply with the requirements of the Public Services Network (PSN). Maintaining this required a high degree of security and vigilance.

2.    A small budget was set aside for regular security updates and regular testing showed known vulnerabilities were low. The server centre provided good security. However given ICT security is critical to the organisation, this needed to be adequately funded and prioritised in the budget.

3.    The plan to upgrade the council’s hardware and software was on track and should give significant benefits in both usability and security.

4.    While new cloud-computing based storage and processing systems were available and under evaluation, these could incur large recurring costs and did not necessarily meet the security standards.

5.    There were no significant issues around homeworking or off-site working.

6.    Staff needed to be vigilant about handling personal data on and off site (including their own). ICT planned to offer refresher training on data protection.

7.    New threats emerged all the time: it was not possible to predict, and it was not known which losses could or should be insured against.

 

The Committee noted the limited vulnerabilities and good cybersecurity, and thanked officers for attending.

 

 

17.

E&Y Annual Audit Letter for 31 March 2018 updated at October 2018 pdf icon PDF 3 MB

Report of: the external auditor Ernst & Young

 

Purpose of report: to inform the Committee of outcome of the audit of the accounts, providing an update at October 2018 to the information provided in the previous report to the July meeting.

 

Recommendation: to discuss and note the report.

 

Minutes:

The Committee considered the updated annual audit letter from the external auditor, Ernst and Young.

 

Paul King, external auditor, introduced the letter and he and Bill Lewis, Financial Accounting Manager, reported:

 

1.    New IFRS accounting standards applicable from 2018/19 and 2019/20 for specific areas would have implications for the way the council presented its accounts. The Head of Financial Services assured the Committee that the changes could be implemented smoothly.

2.    The final audit fee would be higher than estimated as there were more subsidiary bodies to audit.

3.    There were suitable processes in place for the valuations of land and buildings.

 

Laura Bessell, Benefits Manager, gave an update and answered questions about the forthcoming audit of the Housing Benefit subsidy claim.

In summary:

1.    Some claimants had moved to Universal Credit. This reduced the amount of housing benefit paid out. This had the eventual effect of increasing the value of errors relative to the total housing benefit bill and having a significant impact on the subsidy claim.

2.    Any errors found when transferring claimants to Universal Credit were attributed in full to the local authority, increasing the impact on error rates and subsidy loss.

3.    All overpayment error is accounted for in the year it is found: so one long-running but low-value error results in a loss of subsidy disproportionate to the annual amount of the overpayment.

4.    With the changes and improvements in processing claims, the overall error rate and loss of subsidy should decrease over the next few years but will take time to work through in the audits.

5.    Access to real-time data from HMRC allowed officers to take a more proactive approach to contacting claimants and making changes in claims.

6.    Administrative delays resulting in overpayments were a major issue, and arrangements were in place to send work to other benefits offices to manage increase in workload. This and proactive work by the team had reduced the processing time to 6 weeks. The aim was for a fast and error free turnaround, with proactive management and tracking of changes in claims.

7.    Overpayments could be reclaimed, and always were if they resulted from fraud.  If these were the result of error, there was discretion over the repayments to avoid creating more hardship where possible.

 

Paul King noted that there was no ‘materiality’ limit on housing benefit subsidy claims, and all errors found had to be extrapolated and accounted for across all similar claims: there was little leeway apart from increasing the sample size used for extrapolation.

 

The Committee noted the letter and the updates, and thanked the Financial Services team and Revenues and Benefits team for their work.

 

 

 

18.

Internal Audit: Progress Report to November 2018 pdf icon PDF 511 KB

Report of: the internal auditor BDO

 

Purpose of report: to inform the Committee on progress against the 2018-19 audit plan.

 

Recommendation: to discuss and note the report.

 

Minutes:

The Committee considered the report of the internal auditor BDO setting out progress made against the 2018/19 internal audit plan and the summaries of completed audits.

 

Gurpreet Dulay, internal auditor, presented the report and he and officers present answered questions on the audit summaries.

 

Car parking

·         The Committee noted that income would be considerably lower than forecast in their 2018/19 budget.  In case where payment machine faults were not rectified within two hours there was an alternative machine available so no loss of income should result.

 

Risk Management

·         The process was sound but there were inconsistencies in applying and evaluations risk ratings and there should be more emphasis on managing and mitigating risks.

·         Refresher training would be offered to encourage consistent application of the process and ratings across the council.

·         The risks around major capital projects were reviewed periodically by the relevant project board to ensure these were still relevant and appropriate mitigation was in place. The audit had looked at the processes and management around evaluation of risks on the project and on other areas of the council’s work.

·         Only risks with a very significant impact and which this council could mitigate were listed as corporate risks. Risks associated with the Oxfordshire Growth Deal did not currently meet the criteria and so were not included.

 

Members’ allowances and individual budgets

·         The Committee supported  having appropriate post –payment checks that awards from ward member budget and CIL were used as intended.

·         A recommendation to stop rolling over unused ward member budget and CIL into the following year had not been accepted, as councillors wanted to have the flexibility to save over several years for larger projects.

 

Income generation

·         The findings, recommendations and actions taken from this advisory work were noted.

 

Budget management

·         This reported on the budget preparation and monitoring processes.

·         Adding in the council’s companies greatly increased the complexity of the process.

·         Setting budgets earlier created as many risks as managing the more complex work within the current timetable.

·         No formal training was provided to budget holders and heads of service but advice and assistance was offered on budget setting and management.

  

 

The Committee noted the report, the presentation, and the answers to their questions.

 

Councillor Rush left the meeting before the end of this item.

19.

Internal Audit: Follow up of recommendations to September 2018 pdf icon PDF 200 KB

Report of: the internal auditor BDO

 

Purpose of report: to inform the Committee on progress on those recommendations raised by Internal Audit which are due for implementation.

 

Recommendation: to discuss and note the report.

 

 

Minutes:

The Committee considered the report of the internal auditor BDO setting out progress made on those recommendations raised by Internal Audit which are now completed.

 

The Committee noted the report without comment.

 

 

20.

Risk Management Quarterly Reporting as at 30 September 2018. pdf icon PDF 155 KB

Report of: the Head of Financial Services

 

Purpose of report:  to update the Committee on both corporate and service risks as at 30 September 2018

 

Recommendation: to discuss and note the report.

 

Additional documents:

Minutes:

The Committee considered the report of the Head of Financial Services giving an update on major corporate and service risks as at 31 May 2018.

 

Bill Lewis (Financial Accounting Manager) and Alison Nash (Finance Officer) in presenting the report and in answer to questions reported:

 

·         Key risks and the development of contingency plans were explained, in particular around a major ICT failure.

·         If the main building was unusable there were some contingencies in place. For a major ICT failure there was a 16hr recovery time in the service contract and contingency plans would include how best to redeploy staff and maintain essential services in addition to recovery plans.

·         The red risk relating to health and safety (buildings) referred to both council-owned public-use and rented commercial properties: health and safety issues for council housing and buildings used by staff were managed separately.

·         The risks associated with local government reorganisation were no longer included as the probability of this happening was significantly reduced.

·         Risks around failure to meet response times for complaints and freedom of information requests were not new, but were included to ensure these were not overlooked and appropriate management plans were in place.

 

The Committee noted the report and comments.

 

 

21.

Minutes of the previous meeting pdf icon PDF 121 KB

To approve as a true and accurate record the minutes of the meeting held on 25 July 2018.

Minutes:

The Committee agreed to approve the minutes of the meeting held on 25 July 2018 as a true and accurate record.

22.

Dates and times of meetings

The Committee is scheduled to meet at 6.00pm in the Town Hall on the following dates:

 

10 January 2019

11 March 2019

Minutes:

The Committee noted the dates and times of future meetings.