None.

Recommendation: that the Committee approve the minutes of the meeting held on 23 July 2025 as a true and accurate record.

The Committee resolved to approve the minutes of the meeting held on 23 July 2025 as a true and accurate record.  

Public addresses relating to matters of business for this agenda, up to five minutes is available for each public address.

The request to speak accompanied by the full text of the address must be received by the Director of Law, Governance and Strategy by 5.00 pm on Wednesday 15 October 2025.

None. 

Councillor addresses relating to matters of business for this agenda, up to five minutes is available for each address.

The request should be received by the Director of Law, Governance and Strategy by 5.00 pm on Wednesday 15 October 2025.

None. 

Report of: The Group Finance Director

Purpose of the report: To update the Audit and Governance Committee on corporate and service risks as of 30 September 2025.

Recommendation(s): That the Committee resolves to:

1.    Review the risk management report and note its contents.

A report had been submitted to update the Audit and Governance Committee on the corporate and service risks as of 30 September 2025. 

Roger Martin, the Insurance, Risk Management and Business Continuity Officer, Nigel Kennedy, the Group Finance Director, and Rachel McKoy, the Interim Monitoring Officer, were present to respond to questions.  

The Insurance, Risk Management and Business Continuity Officer presented a comprehensive summary of the report and noted that the presentation of register data had been updated to ensure improved readability for the Committee. Members understood that the report before them was a quarterly update as of September 2025 and the process through which this had been compiled and approved. The Insurance, Risk Management and Business Continuity Officer summarised that the number of risks on the corporate risk register had remained unchanged and there had been some movement with scoring to produce six red and eight amber risks. Context relating to work ongoing in relation to the most notable risks was provided.  

The Chair invited questions from the Committee.  

Councillor Smith thanked the Insurance, Risk Management and Business Continuity Officer for a recent training session. 

The Insurance, Risk Management and Business Continuity Officer and Councillor Smith discussed the increase to the overall risk profile in the service risk register in comparison to the previous quarter. 

Councillor Smith queried why ‘quality of data and property knowledge’ had been classed as a red risk, to which the Insurance, Risk Management and Business Continuity Officer provided context in relation to current insurance information requirements and systems. The Committee heard that this risk is being handled by the department and the Council’s insurers are being updated on this.  

In relation to risk 96, Councillor Smith queried whether the rating had been caused by a lack of legal support and requested further explanation in relation to risk 126.  

In regard risk number 126, The Group Finance Director clarified that any related issues would be picked up in the next iteration of the Council budget. The Committee heard of his confidence that the position would be mitigated, and any adjustments required in response to savings would be made.  

In response to queries regarding lack of legal support, the Interim Monitoring Officer confirmed that a restructure is ongoing to assess capacity and expertise within the legal services team. Councillor Smith queried whether efforts are ongoing to employ in-house leal apprentices instead of more expensive locum options. The Interim Monitoring Officer outlined issues with legal services capacity across local authorities and supported the need for more in-house services to be organised.  

The Committee reviewed and noted the report. 

The Insurance, Risk Management and Business Continuity Officer left the meeting and did not return. 

Report of: The Internal Auditor, BDO

Purpose of report: To update the Audit and Governance Committee.

Recommendation(s): that the Committee notes and discusses the report.

This report will be provided as a supplement to the agenda.

The Chair welcomed the Gurpreet Dulay and Joe Taylor, Internal Auditors from BDO.  

Melissa Hope, Organisational Development Manager, and Sobia Afridi, the Diversity and Inclusion Specialist were also present to respond to questions.  

The Internal Auditor (GD) presented a comprehensive summary, outlining the reports that the Committee were required to consider and a summary of the progress made since the previous meeting. A detailed summary was provided on the Equality, Diversity and Inclusivity report, including the relevant legislation and guidance local authorities must follow, alongside an overview of the mostly positive progress being made by the Council. A brief summary of the Treasury Management report was also provided, for which The Internal Auditor (GD) noted that a substantial opinion had been determined and some small areas for improvement were noted as being in progress.  

The Chair thanked The Group Finance Director and the Financial Accounting Manager for their consistently high treasury management standards.  

The Chair invited questions from the Committee. 

In relation to the Equality, Diversity and Inclusivity report, the Chair noted that many implementation dates had been determined for 2026 and asked whether these are on track. The Organisational Development Manager explained that the report presented is new, and officers have already begun to pick up on the actions required, with one already being achieved. The audit results contained no surprises, and therefore the plans for implementation next year are on track.  

Councillor Smith queried whether there are any resourcing issues with the 18 areas yet to be picked up and prioritised, to which the Organisational Development Manager noted that the relevant team is small, however the implementation dates set have been agreed as realistic and reasonable given the spread and assessment of officer workloads. The Committee heard that the most challenging aspect would be the training, and a detailed account of the EDI training structure used by the council was outlined, including inclusive recruitment training for hiring managers and equity and intersectionality training for all staff. The staged approached taken to these training programmes was also explained.  

The Diversity and Inclusion Specialist outlined how the Council would be taking a more proactive approach by reaching out to directorates to organise training events.   

The Chair queried how much of the training is delivered on a hybrid basis, to which the Organisational Development Manager explained that a mixed approach is used to support inclusivity. The Committee heard that training is also delivered flexibly to the requirements of any directorates which have requested it. 

Councillor Regisford requested thoughts from the officers on how training around equality, diversity and inclusion can be translated into lived practice. This was specifically asked in relation to the 18 areas listed in the report for consideration. 

The Diversity and Inclusion Specialist noted that it is challenging, however efforts are made to ensure that a consistent and regular training offering is available to cater to the needs of the council. The Committee also heard that efforts are being made to access the staff community and talk to  ...  view the full minutes text for item 62.

Report of: The Internal Auditor, BDO

Purpose of report: To update the Audit and Governance Committee on work conducted to provide assurance around the use of purchase cards and expenditure.

Recommendation(s):

·       That the Committee notes and discusses the report.

The Internal Auditor (GD) provided a summary of the report, including a detailed outline of the payment card processes for the Committee’s benefit. The Committee understood that this audit report had concluded a limited opinion, however, were also informed of the ongoing work to improve the matter. The Internal Auditor (GD) informed the Committee of his confidence that the matter is being taken seriously and committed to providing a robust follow up report in the future to assess the progress made.  

Phil McGaskill, Revenues and Service Delivery Manager, and Kieran Edmunds, Rapid Rehousing Manager, were also present to respond to questions.  

The Revenues and Service Delivery Manager noted that the audit findings were expected, and improvements were already underway with all recommendations being acknowledged. The Committee were informed that an assessment to identify possible fraud had been undertaken and returned no evidence of any incidents; it was emphasised that all transactions investigated had been legitimate and are now recorded. The main issue identified was lack of management approval on transactions, for which the Committee heard the details of work ongoing to improve this. The Revenues and Service Delivery Manager also explained that a revised policy is now in place which outlines the responsibilities and consequences for non-compliance, and a full review of all credit cards has taken place. Furthermore, a reminder system is now in place for authorising officers. Since the changes have been implemented, the Committee understood that the outstanding value of unapproved spend has reduced considerably to £9000 and is continually declining. Any delays to this have resulted from technical difficulties with Barclay Card.  

The Group Finance Director recognised the concerns raised in the audit report and emphasised his confidence in the Revenues and Service Delivery Manager for handling the matter. The Committee heard that action has already been taken to suspend cards for users who do not comply with the requirements, and this will continue as required.  

The Chair invited questions from the Committee. 

Councillor Ottino queried whether the matter would translate into a performance management target for all officers who hold a card and asked what impacts the removal of a card has on council functions. The date of the next follow-up report was also requested.  

 
Councillor Smith queried whether there are any other sanctions apart from card removal, emphasising the risk of possible fraud.  

The Revenues and Service Delivery Manager clarified that to date, all checks made relating to fraud have returned no evidence of any examples; it was also explained that the issue relates more to a breakdown in process and how managers approve payments. In response to queries regarding the impact of card removal, it the Committee heard that most service areas have more than one card, therefore in the case of emergencies, a card should still be accessible. If a colleague with a card cannot be found within a service area, the register of all those holding payment cards can be utilised to track down an alternative.  

 
Councillor Jupp sought to clarify  ...  view the full minutes text for item 63.

Report of: The Internal Auditor, BDO

Purpose of report: To update the Audit and Governance Committee.

Recommendation(s): that the Committee notes and discusses the report.

This report will be provided as a supplement to the agenda.

The Internal Auditor (JT) provided a comprehensive summary of the report and explanation of the scoring process used to monitor the progress of recommendations. The Council’s progress towards its outstanding recommendations was summarised and those of concern were emphasised, with a description provided for any delayed deadlines.  

The Interim Monitoring Officer, the Rapid Rehousing Manager, the Organisational Development Manager, and the Diversity and Inclusion Specialist were also present to respond to questions.  

The Group Finance Director echoed the comments from the Internal Auditors and the improvements needed on some recommendations from within the Council. Specific mention was made to delays to several recommendations from the Law, Governance and Strategy directorate and the requirement for managers to comment and report back to the Committee was noted.  

The Interim Monitoring Officer relayed an update from the Law, Governance and Strategy directorate, noting that the permanent Monitoring Officer would be returning soon, at which time the delays would be addressed. Updates relating to BDO’s ability to access shared documents following the cyber-attack were noted as reason for some miscommunication on delayed recommendations. The Interim Monitoring Officer recognised the legitimate concerns of Members in relation to these delays and echoed that responses should be timely.  

The Chair recommended that the matters be brought to the Monitoring Officer’s attention on her return. The Internal Auditor (JT) supported this and welcomed a direct meeting to discuss the delayed recommendations.   

The Internal Auditor (GD) noted the verbal update of the Interim Monitoring Officer and recognised that sharing of information could have been limited by recent internal server issues. The Internal Auditor (GD) committed to following up with the Monitoring Officer through a direct meeting. 

The Chair requested that members be informed if there is a long-term technology issue.  

 
Councillor Smith expressed concerns around the delayed recommendation relating to income generation and asked if this could be a result of issues with new IT systems. 

The Group Finance Director provided an update on the procurement process relating to the IT system and explained that the delays resulted from the procurement failing to comply with new regulations. As a result, the procurement was pulled and the process restarted. The Committee heard that the tendering process was expected to be completed within the first three months of 2026.  

The Organisational Development Manager commented in relation to recruitment and retention and clarified that recommendation 1A is now in progress, with the final steps being taken to CLT for approval; it was confirmed that this was on track. In relation to recommendations 2A and 2B, it was explained that the recommendation cannot be achieved as the capability does not currently exist until the system is changed; it is on the re-procurement list. The Committee heard that the contract with the current IT provider has been extended until a new system could be purchased and implemented.  

The Chair noted the delayed recommendations 3A, 3B, and 3C relating to homelessness, to which Rapid Rehousing Manager explained that progress is on track. The Committee were  ...  view the full minutes text for item 64.

Report of: The Internal Auditor, BDO

Purpose of report: To update the Audit and Governance Committee.

Recommendation(s): that the Committee notes and discusses the report.

This report will be provided as a supplement to the agenda.

The Internal Auditor (GD) provided a comprehensive summary of the report which provided an overall assessment of the Council’s governance of risk and controls. The Committee were informed that a moderate opinion had been concluded which was consistent to the previous year.  

Councillor Regisford rejoined the meeting.  

The Group Finance Director echoed the consistency of this report across previous years.  

The Chair invited questions from the Committee. 

The Chair raised concern in relation to the outstanding matters linked to accounts payable and asked why this has consistently been flagged since 2022. 

The Group Finance Director noted repeated issues relating to the finance area across this duration, including the lack of a team manager. The Committee heard that the Revenues and Service Delivery Manager is now in post, and the Group Finance Director has confidence in his abilities to tackle the issues outstanding.  

The Revenues and Service Delivery Manager provided the Committee further assurance that the matter is in hand and provided detail relating to the tracking of KPIs and improvements to reporting. The Committee also heard of his plans for developing further solutions and automations in the future to support additional improvements.  

Councillor Smith noted concern regarding fire risk assessments and specialist advice which had not being adequately delivered. The Internal Auditor (GD) assured the Committee that a specialist will be reviewing this matter and providing an update in January. 

The Chair and Councillor Smith recommended that this matter be highlighted to the relevant Cabinet member.  

The Chair thanked the Internal Auditors for their attendance and reports. 

The Committee reviewed and noted the report. 

Report of: The External Auditors, Ernst & Young

Purpose: To update the Audit and Governance Committee on the progress of ongoing work.

Recommendation(s): that the Committee notes and discusses the verbal update.

The Chair welcomed the External Auditor.  

The External Auditor informed the Committee that the audit and accounts had been delayed due to the Council’s cyber incident earlier in the year. The Committee understood that work was ongoing to complete this and sign off is expected by the backstop date in February 2026. The External Auditor explained that cyber security specialists have been engaged to complete the necessary procedures, and work is ongoing to obtain an understanding of what occurred, and the arrangements the Council put in place following the cyber incident. The Committee understood that the key audit risks remain the same, and no further update was required at this stage. Ongoing audit topics were also summarised for the Committee’s benefit. 

The Chair asked whether property valuation for insurance purposes is included within the risk register, and whether this is an issue. The Financial Accounting Manager explained that property valuations for insurance purposes are being organised, and officers are in close contact with the insurers to track progress. The Committee heard that if there are delays in the programme, there may be issues with cover; whether this should be included on the register will continue to be considered. The Financial Accounting Manager explained that valuations for insurance purposes and those for the financial statements are different. In respect of the statements of accounts, the Council operates a 5-year rolling plan which is worked on with the external auditors to ensure their confidence in the balances.  

The Rapid Rehousing Manager left the meeting and did not return.  

Given the scope of the Council’s assets, the Chair queried whether other councils experience the same issue, to which the Financial Accounting Manager explained that the assets held by Oxford City Council are in excess of most other district councils and more comparable to that of a County Council. 

The Chair thanked the External Auditor for the update and noted his anticipation of the report next year. An update in January 2026 was requested.  

The Committee reviewed and noted the verbal update.  

The next meeting of the Committee is scheduled on 28 January 2026.

The Committee noted the dates of future meetings.