VISION OF COUNCIL
"A thriving and friendly community that recognises our history and embraces cultural diversity and economic opportunity, whilst nurturing our unique natural and built environment."
AGENDA
FOR THE
Audit and Risk Committee Meeting
13 February 2018
OUR VISION
"A thriving and friendly community that recognises our history and embraces cultural diversity and economic opportunity, whilst nurturing our unique natural and built environment."
OUR MISSION
“To deliver affordable and quality Local Government services.”
CORE VALUES OF THE SHIRE
The core values that underpin the achievement of the
mission will be based on a strong customer service
focus and a positive attitude:
Communication
Integrity
Respect
Innovation
Transparency
Courtesy
DISCLAIMER
The purpose of Council Meetings is to discuss, and where possible, make resolutions about items appearing on the agenda. Whilst Council has the power to resolve such items and may in fact, appear to have done so at the meeting, no person should rely on or act on the basis of such decision or on any advice or information provided by a Member or Officer, or on the content of any discussion occurring, during the course of the meeting.
Persons should be aware that the provisions of the Local Government Act 1995 (Section 5.25 (e)) establish procedures for revocation or rescission of a Council decision. No person should rely on the decisions made by Council until formal advice of the Council decision is received by that person. The Shire of Broome expressly disclaims liability for any loss or damage suffered by any person as a result of relying on or acting on the basis of any resolution of Council, or any advice or information provided by a Member or Officer, or the content of any discussion occurring, during the course of the Council meeting.
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 3 of 71
SHIRE OF BROOME
Audit and Risk Committee Meeting
Tuesday 13 February 2018
INDEX – Agenda
3. Declarations Of Financial Interest / Impartiality
5.1 COMPLIANCE AUDIT RETURN 2017
5.2 AUDIT REGULATION 17 IMPROVEMENT PLAN BIANNUAL PROGRESS REPORT
5.3 2nd QUARTER FINANCE AND COSTING REVIEW 2017-18
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 4 of 71
NOTICE OF MEETING
Dear Committee Member,
The next Audit and Risk Committee of the Shire of Broome will be held on Tuesday, 13 February 2018 in the Council Chambers, Corner Weld and Haas Streets, Broome, commencing at 3.30pm.
Regards
S MASTROLEMBO
Chief Executive Officer
08/02/2018
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 5 of 71
That the Minutes of the Audit and Risk Committee held on 6 December 2017, as published and circulated, be confirmed as a true and accurate record of that meeting.
|
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 11 of 71
SUMMARY: The purpose of this report is to present to the Audit and Risk Committee the 2017 Compliance Audit Return for review, and for a recommendation to Council to adopt the 2017 Compliance Audit Return for submission to the Department of Local Government, Sport and Cultural Industries (DLGSC) by 31 March 2018. |
BACKGROUND
Previous Considerations
OMC 23 March 2004 Item 9.1.3
OMC 22 March 2005 Item 9.1.2
OMC 11 April 2006 Item 9.1.4
OMC 15 March 2007 Item 10.4
OMC 13 March 2008 Item 10.1
OMC 24 March 2009 Item 10.3
OMC 18 March 2010 Item 10.1
OMC 17 March 2011 Item 10.2
OMC 15 March 2012 Item 9.4.2
OMC 21 March 2013 Item 10.2
OMC 27 February 2014 Item 10.4
OMC 26 February 2015 Item 10.1
OMC 25 February 2016 Item 10.3
OMC 23 February 2017 Item 10.3
Section 7.13(1)(i) of the Local Government Act 1995 requires that each local government carry out a compliance audit for the period 1 January to 31 December each year. The Compliance Audit is an in-house self audit that is undertaken by staff.
In accordance with Regulation 14 of the Local Government (Audit) Regulations 1996 the Audit and Risk Committee is to review the Compliance Audit Return (CAR), and is to report to Council the results of that review. The CAR is to be:
1. presented to an Ordinary Meeting of Council
2. adopted by Council; and
3. recorded in the minutes of the meeting at which it is adopted.
Following the adoption by Council of the CAR, a certified copy of the return, along with the relevant section of the minutes and any additional information detailing the contents of the return are to be submitted to the DLGSC by 31 March 2018.
The return requires the Shire President and the Chief Executive Officer to certify that the statutory obligations of the Shire of Broome have been complied with.
COMMENT
The Compliance Audit Return for the period 1 January to 31 December 2017 continues in a reduced format introduced in 2011 with questions focused on high risk areas of compliance and statutory reporting as prescribed in Regulation 13 of the Local Government (Audit) Regulations 1996. This year the CAR has been extended to include 7 additional questions relating to Integrated Planning and Reporting. These questions are optional.
The 2017 CAR includes a total of 94 questions and focuses on the following areas of compliance:
· Commercial Enterprises by Local Governments
· Delegation of Power/Duty
· Disclosure of Interest
· Disposal of Property
· Elections
· Finance
· Integrated Planning and Reporting (optional)
· Local Government Employees
· Official Conduct
· Tenders for Providing Goods and Services.
The 2017 CAR has been completed in consultation with officers responsible for the various areas contained in the return, and reviewed by the Executive Management Group and the Chief Executive Officer.
The 2017 Compliance Audit reveals a compliance rating of 100%. This compares to:
2016 Compliance Audit – 1 area of non-compliance of the 87 areas audited (98.8%)
2015 Compliance Audit – 0 areas of non-compliance of the 87 areas audited (100%)
2014 Compliance Audit – 1 area of non-compliance of the 78 areas audited (98.7%)
2013 Compliance Audit – 0 areas of non-compliance of the 78 areas audited (100%)
2012 Compliance Audit – 8 areas of non-compliance of 78 areas audited (89.7%)
2011 Compliance Audit – 1 area of non-compliance of 78 areas audited (98.7%)
2010 Compliance Audit – 1 area of non-compliance of 283 areas audited (99.6%)
2009 Compliance Audit – 4 areas of non-compliance of 347 areas audited (98.8%)
2008 Compliance Audit – 2 areas of non-compliance of 311 areas audited (99.4%
2007 Compliance Audit – 13 areas of non-compliance of 271 areas audited (96.1%)
2006 Compliance Audit – 21 areas of non-compliance of 271 areas audited (92.3%)
2005 Compliance Audit – 23 areas of non-compliance of 306 areas audited (92.5%)
2004 Audit – 18 areas of non-compliance and 147 areas audited (87.8%).
CONSULTATION
Nil
STATUTORY ENVIRONMENT
Local Government Act 1995
7.13 Regulations as to audits
(1) Regulations may make provision –
(i) requiring local governments to carry out, in the prescribed manner and in a form approved by the Minister, an audit of compliance with such statutory requirements as are prescribed whether those requirements are –
(i) of a financial nature or not; or
(ii) under this Act or another written law.
Local Government (Audit) Regulations 1996
13. Prescribed statutory requirements for which compliance audit needed (Act s. 7.13(1)(i))
For the purposes of section 7.13(1)(i) the statutory requirements set forth in the Table to this regulation are prescribed.
Table
Local Government Act 1995 |
||
s. 3.57 |
s. 3.58(3) and (4) |
s. 3.59(2), (4) and (5) |
s. 5.16 |
s. 5.17 |
s. 5.18 |
s. 5.36(4) |
s. 5.37(2) and (3) |
s. 5.42 |
s. 5.43 |
s. 5.44(2) |
s. 5.45(1)(b) |
s. 5.46 |
s. 5.67 |
s. 5.68(2) |
s. 5.70 |
s. 5.73 |
s. 5.75 |
s. 5.76 |
s. 5.77 |
s. 5.88 |
s. 5.103 |
s. 5.120 |
s. 5.121 |
s. 7.1A |
s. 7.1B |
s. 7.3 |
s. 7.6(3) |
s. 7.9(1) |
s. 7.12A |
Local Government (Administration) Regulations 1996 |
||
r. 18A |
r. 18C |
r. 18E |
r. 18F |
r. 18G |
r. 19 |
r. 22 |
r. 23 |
r. 28 |
r. 34B |
r. 34C |
|
Local Government (Audit) Regulations 1996 |
||
r. 7 |
r. 10 |
|
Local Government (Elections) Regulations 1997 |
||
r. 30G |
|
|
Local Government (Functions and General) Regulations 1996 |
||
r. 7 |
r. 9 |
r. 10 |
r. 11A |
r. 11 |
r. 12 |
r. 14(1), (3) and (5) |
r. 15 |
r. 16 |
r. 17 |
r. 18(1) and (4) |
r. 19 |
r. 21 |
r. 22 |
r. 23 |
r. 24 |
r. 24AD(2), (4) and (6) |
r. 24AE |
r. 24AF |
r. 24AG |
r. 24AH(1) and (3) |
r. 24AI |
r. 24E |
r. 24F |
Local Government (Rules of Conduct) Regulations 2007 |
||
r. 11 |
|
|
[Regulation 13 inserted in Gazette 23 Apr 1999 p. 1722‑4; amended in Gazette 1 Jun 2004 p. 1917; 31 Mar 2005 p. 1042‑3; 30 Sep 2005 p. 4418-20; 21 Dec 2010 p. 6758-61; 30 Dec 2011 p. 5579-80; 18 Sep 2015 p. 3813.
14. Compliance audits by local governments
(1) A local government is to carry out a compliance audit for the period 1 January to 31 December in each year.
(2) After carrying out a compliance audit the local government is to prepare a compliance audit return in a form approved by the Minister.
(3A) The local government’s audit committee is to review the compliance audit return and is to report to the council the results of that review.
(3) After the audit committee has reported to the council under subregulation (3A), the compliance audit return is to be —
(a) presented to the council at a meeting of the council; and
(b) adopted by the council; and
(c) recorded in the minutes of the meeting at which it is adopted.
[Regulation 14 inserted in Gazette 23 Apr 1999 p. 1724‑5; amended in Gazette 30 Dec 2011 p. 5580-1.]
15. Compliance audit return, certified copy of etc. to be given to Executive Director
(1) After the compliance audit return has been presented to the council in accordance with regulation 14(3) a certified copy of the return together with —
(a) a copy of the relevant section of the minutes referred to in regulation 14(3)(c); and
(b) any additional information explaining or qualifying the compliance audit,
is to be submitted to the Executive Director by 31 March next following the period to which the return relates.
(2) In this regulation —
certified in relation to a compliance audit return means signed by —
(a) the mayor or president; and
(b) the CEO.
[Regulation 15 inserted in Gazette 23 Apr 1999 p. 1725.]
POLICY IMPLICATIONS
Nil
FINANCIAL IMPLICATIONS
Nil
RISK
The Local Government Act 1995 requires that each local government carry out a compliance audit for the period 1 January to 31 December each year. The Compliance Audit is an in-house self audit that is undertaken by staff and is to be submitted to the DLGSCI by 31 March each year.
The risk is Extreme if this date is not met as it results in non-compliance with the legislative requirements of the Local Government Act 1995 and Local Government (Audit) Regulations 1996, and loss of reputation with the DLGSCI. The likelihood of this occurring is rare as the Compliance Audit Return has been prepared well in advance for presentation to Council on the 22 February 2018.
STRATEGIC IMPLICATIONS
Our Organisation Goal – Continually enhance the Shire’s organisational capacity to service the needs of a growing community:
Improved systems, processes and compliance
VOTING REQUIREMENTS
Simple Majority
That the Audit and Risk Committee recommends Council: 1. Adopts the attached 2017 Compliance Audit Return as the official return for the Shire of Broome; and 2. Following certification of this document by the Shire President and Chief Executive Officer, forwards the return and a copy of the minutes relative to this report to the Department of Local Government, Sport and Cultural Industries prior to 31 March 2018. |
Compliance Audit Return 2017 |
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 30 of 71
5.2 AUDIT REGULATION 17 IMPROVEMENT PLAN BIANNUAL PROGRESS REPORT LOCATION/ADDRESS: Nil APPLICANT: Nil FILE: COA01 AUTHOR: Manager Governance CONTRIBUTOR/S: Nil RESPONSIBLE OFFICER: Director Corporate Services DISCLOSURE OF INTEREST: Nil DATE OF REPORT: 1 February 2018 |
SUMMARY: The Audit and Risk Committee is presented with a report for review on the progress of the Audit Regulation 17 Improvement Plan (Improvement Plan), which was adopted by Council at the Ordinary Meeting of Council held 23 February 2017. The Improvement Plan contains a list of items identified by the auditors as requiring action to improve the appropriateness and effectiveness of the Shire of Broome’s systems and processes in regard to risk management, internal control and legislative compliance. The Audit and Risk Committee is required to review the attached updated Risk Management Improvement Plan prepared by the Audit Regulation 17 Technical Advisory Group, then report to Council on the result of the Audit and Risk Committee’s review. |
BACKGROUND
Previous Considerations
SMC 27 June 2014 Item 9.4.6
OMC 28 August 2014 Item 10.2
OMC 27 November 2014 Item 10.3
OMC 2 June 2015 Item 10.1
OMC 26 May 2016 Item 10.3
OMC 23 February 2017 Item 10.3
OMC 25 May 2017 Item 10.1
The Local Government Audit Regulations 1996 (the Regulations) include reviewing the appropriateness and effectiveness of a local government's Risk management systems and procedures. Specifically, Audit Regulation 17 (Audit Reg. 17) requires the Chief Executive Officer (CEO) to conduct a review and report the results to the Audit and Risk Committee on the effectiveness of risk management, internal control and legislative compliance. The Department of Local Government and Communities Audit in Local Government Guideline No. 9 advises that the review can be undertaken either on an internal or external audit basis.
Initially the Shire of Broome appointed an external auditor to conduct a third party review of organisational practices in accordance with updated legislation contained within Audit Reg. 17. The Audit Reg. 17 Review Audit produced a comprehensive Improvement Plan separated into the three main compliance areas; Risk Management (RM), Legislative Compliance (LC) and Internal Controls (IC).
The Shire’s Technical Advisory Group (TAG) effect the framework components identified in the Improvement Plan. The TAG enables the Shire to fulfil its responsibilities in relation to reporting on risk management, internal control, and legislative compliance. The Improvement Plan action items contained within the Regulation 17 Review are allocated to members within the TAG and prioritised in accordance with organisational need and capacity. The TAG meets monthly to review and update specific actions contained in the Improvement Plan and report to the Executive Management Group (EMG) and Council.
The biannual report is to identify actioned items as detailed in the Improvement Plan. All actions are reported to the Audit and Risk Committee in May and November each year, after endorsement by EMG. Due to the Ordinary Local Government election being held in October 2017 and appointments to Committees not being considered until the November OMC the presentation of the biannual report to the Audit and Risk Committee was delayed.
IMPROVEMENT PLAN
There are a number of actions that are completed or in progress with full details contained in the attached Improvement Plan.
The following action items have been completed in accordance with the Improvement Plan:
No |
Framework Component Improvements |
RM 1.1 |
Agenda template for Council agenda |
RM 1.2 |
Adopted policy work safety health |
RM 2.1 |
Risk matrix amended in accordance with ISO 31000 (international best practice standards) |
RM 2.1 |
Risk management strategy and procedure |
RM 2.1 |
Risk management strategy and procedure adopted by Council |
RM 2.1 |
Risk management strategy and procedure uploaded to corporate Intranet |
RM 2.3 |
Staff Housing Policy – Staff Housing Bonds procedures updated |
RM 3.1 |
Risk management working group (Audit Reg 17 TAG) has been established and monthly meetings initiated |
RM 3.1 |
Risk agenda topic included on fortnightly EMG agenda |
RM 3.3 |
Records of inductions maintained on personnel files |
RM 3.3 |
Completed organisational training and development in risk management principles |
RM 3.4 |
OSH committee risk based assessment business operating procedure |
RM 3.5 |
Draft Crisis Management and Business Continuity Response Plan |
RM 3.6 |
Adopted local emergency management plan |
RM 3.7 |
Adopted local recovery plan |
RM 3.8 |
Completed records disaster management plan |
RM 3.9 |
Hazard and accident reporting business operating procedure updated |
RM 3.10 |
Draft contractor management system includes business operating Procedure, Toolkit and corporate Induction. |
RM 3.10 |
Completed risk management strategy and procedure endorsed by Council |
RM 3.11 |
Project Specific Risk Assessments endorsed by Council |
RM 3.12 |
Developing Civic Centre Emergency Response and Evacuation Plan |
RM 3.12 |
Reviewing BRAC Emergency Response and Evacuation Plan |
RM 3.13 |
Asset Management Risk Assessment incorporated into Infrastructure Asset Management Plans |
RM 3.14 |
Events risk assessment undertaken in risk management plan for large scale events |
RM 3.14 |
Events Toolkit being reviewed by Local Government Insurance Services and developing online applications |
RM 3.15 |
Volunteer inductions completed |
RM 3.16 |
Workforce plan version 2.0 redeveloped to include Risk Management |
RM 4.1 |
Audit and Risk Committee Risk Profiles developed and have replaced Improvement Plan. Next biannual report will utilise Risk Profiles |
RM 4.3 |
Occupational Safety and Health Register captured in SynergySoft |
RM 4.5 |
Minutes of Executive Management Group Meetings recorded to the Synergy Central Records system |
RM 5.2 |
Media Training completed for Senior Staff. Councillor training scheduled. |
LC 1.1 |
Completed legislative compliance policy |
LC 1.2 |
Completed Council policy for records management |
LC 2.1 |
Framework developed comprising Policy 1.1.11 – Legislative Compliance (Action LC1.1), the Legislative Compliance Register (Action LC5.1) and the Monitoring and Reporting Procedures for Legislative Compliance BOP (Action LC5.4) |
LC 2.1 |
WALGA advice supports suitability of current Purchasing policy |
LC 2.2 |
Procurement via Panels of Pre-Qualified Suppliers Policy developed |
LC 2.4 |
Legislative compliance working group (Audit Reg 17 TAG) has been established and monthly meetings initiated |
LC 4.1 |
Experienced Staff completed through review of procedure and management directive requirements |
LC 5.1 |
Developed Legislative Compliance register to record known breaches |
LC 5.1 |
Increased prominence of credit card payments in List of Payments |
LC 5.4 |
Developed draft BOP ‘Monitoring and Reporting Procedures for Legislative Compliance’ |
IC 1.1 |
Adopted policy internal control |
IC 1.6 |
Council policy materiality in financial reporting adopted |
IC 1.7 |
Council policy for Investment of surplus funds adopted |
IC 2.1 |
Rate Exemption Charitable Use BOP developed |
IC 2.1 |
Signatories Bank Transaction Processing BOP developed |
IC 2.2 |
Internal controls working group (Audit Reg 17 TAG) has been established and monthly meetings initiated |
IC 3.4 |
High risk Journals require approval and monitoring |
IC 3.5 |
Trust Transfer procedures updated |
IC 3.7 |
Links Training for BRAC and Civic Centre |
IC 3.10 |
Completed review and update of End of Month checklist |
IC 3.11 |
Debtors Reconciliation processes performed as part of end of month checklist |
IC 6.1 |
BRAC receipting procedures documented |
IC 6.2 |
Civic centre receipting included in staff manual for stock take |
IC 6.2 |
Draft Cash Handling Business Operating Procedure |
IC 6.3 |
Waste Facility banking procedures |
IC 6.3 |
Developed Cash Handling BOP |
IC 6.4 |
Developed BOP to control the authorised receipting points and establish processes to ensure appropriate controls at new, or ad hoc, points. |
IC 6.5 |
Waste Facility debtor invoice captured in system |
IC 6.6 |
Developed Bank Signatories BOP |
IC 6.7 |
Separation of duties of debtors and creditors |
Other |
Reviewed the Technical Advisory Group Audit Regulation 17 Terms of Reference |
The following items have been actioned from May 2017 to January 2018 in accordance with the Improvement Plan:
No. |
Framework Components |
RM1.1 |
Bi-Annual Risk Reporting Officer Comment: Bi-annual reports to EMG and Council are provided through the Audit and Risk Committee as per Risk Management Policy 2.1.4 |
RM3.3 |
Business Continuity Plan Officer Comment: Draft document requires final review and amendments to ensure suitability and effectiveness. To be presented to the Audit and Risk Committee in May 2018. |
RM3.6 |
Local Emergency Management Plan 2014 Draft Officers Comment: Following training provided on Managing Recovery Activities the Local Emergency Management Plan is being reviewed and will be tested once finalised. |
RM3.8 |
Workforce Plan Officer Comment: The Workforce Plan is under review. Please note organisational risks have been identified in the external analysis section 2.1.1-2.1.15 and internal analysis section 3.3.1-3.3.14 and again in Workforce Planning 4.1.1 page 47. In order to satisfy the auditors, the risk section will itemise the known risks under 4.5.9 organisational risk management. An organisational survey was completed in late 2017 and will be used to form the basis of the review. Revised completion date of November 2018. |
RM3.9 |
Infrastructure Asset Management Plans Officer Comments: Plans prepared in 2017 and received by Council at the December 2017 OMC. |
RM3.12 |
Emergency Response Procedures Shire Buildings Officer Comment: Organisational responsibility for this action currently being reviewed. Procedures have been drafted for the Administration Building however require a review following the refurbishment. |
RM3.15 |
Volunteer and Contractor Inductions Officer Comment: Volunteer inductions provided. Contractor Induction documentation has been reviewed by LGIS. Existing contractors required to attend induction in February 2018. |
RM4.1 |
Audit and Risk Committee Officer Comment: Risk Profiles implemented. External Risk Audit to be undertaken by external auditor in December 2018. |
RM4.2 |
Monitoring Compliance Officer Comment: This has been amended to an ongoing action. |
RM4.4 |
Risk Register Officer Comment: Risk Profiles have been developed and implemented. Electronic systems are being investigated to further streamline the process and provide improved visibility and management of identified risks. |
RM4.5 |
EMG Minutes Officer Comment: Process in place to ensure that EMG Minutes are recorded to Synergy Central Records System. All 2017 meeting minutes have been recorded to Synergy. EMG minutes will continue to be recorded to Synergy. |
RM5.2 |
Training Officer Comment: Risk Management Training funds assigned through annual budget process for 17/18. |
LC1.1 |
Code of Conduct Officer Comment: Revised Code of Conduct is being drafted and will include volunteers and contractors. To be presented to Council in April. |
LC 5.2 |
EMG Minutes Officer Comment: Process in place to ensure that EMG Minutes are recorded to Synergy Central Records System. All 2017 meeting minutes have been recorded to Synergy. EMG minutes will continue to be recorded to Synergy |
LC5.3 |
Employee Complaints/Grievance Handling Officer Comment: Employee complaints are addressed by the Manager of HR. This action will be reviewed as a priority on commencement of the Manager People and Culture. |
IC2.1 |
Management Policy – Internal Controls Officers Comment: Internal Control Framework developed and in operation however leaving open until process is firmly established and embedded in across the organisation. |
IC2.2 |
Private and Community Works Policy Officer Comment: The Finance Department have developed an internal finance procedure to ensure private works are only undertaken after an appropriate written agreement (signed letter or purchase order) has been received. |
IC2.3 |
Internal Audit Officers Comment: The Senior Procurement, Risk and Governance Officer will coordinate an internal audit. |
IC3.2 |
Staff Training Officers Comment: Inductions and specific on the job training for internal control areas i.e. cash handling, stock control as required. Training programmes to be developed for specific areas e.g. BRAC, Civic Centre and others as identified. Financial Services developed an induction pack that includes relevant information for each function in Finance. Governance, Records and IT inductions are undertaken with designated employees on their commencement. Other inductions are undertaken as requested. Information sessions on local government and the Local Government Act were held with internal and external staff in November 2017. |
IC3.3 |
Documented Procedures Officers Comment: Standard operating procedures exist for selected, but not all, financial procedures. Procedure documentation is being developed by officers where it does not currently exist. |
IC3.7 |
Credit Card Procedures Officer Comment: Only members of the BEST team may utilise the credit cards and the details of the card are not to be shared with others. |
IC3.8 |
Checklists Officer Comment: Checklists exist and are in use by staff as part of endorsed procedures. |
IC4.1 |
Monitoring Officers Comment: December 2016 review completed by external consultant. While internal review is recommended current staff resources do not permit the development of an internal audit function. An external consultant will provide a biennial review as per the Audit Reg 17 regulations with ongoing risk management functions monitored by the Risk TAG. Next external audit review December 2018. |
IC5.1 |
Ongoing Improvement Plan Officers Comment: This improvement plan forms the basis of an all inclusive continual improvement process for all three areas. |
Other |
Lone Worker Risk Management Officer Comment: Lone Worker Risk Management consultation paper finalised. Procedure to follow. CCTV Officer Comment: BRAC and Depot CCTV systems implemented to eliminate identified staff safety risks |
This report recommends the Audit and Risk Committee receive the updated Improvement Plan, and adopts the reviewed actions, timelines and responsible officers contained within the document.
CONSULTATION
Nil
STATUTORY ENVIRONMENT
Local Government (Audit) Regulations 1996
16. Audit committee, functions of
An audit committee —
(a) is to provide guidance and assistance to the local government —
(i) as to the carrying out of its functions in relation to audits carried out under Part 7 of the Act; and
(ii) as to the development of a process to be used to select and appoint a person to be an auditor;
and
(b) may provide guidance and assistance to the local government as to —
(i) matters to be audited; and
(ii) the scope of audits; and
(iii) its functions under Part 6 of the Act; and
(iv) the carrying out of its functions relating to other audits and other matters related to financial management; and
(c) is to review a report given to it by the CEO under regulation 17(3) (the CEO’s report) and is to —
(i) report to the council the results of that review; and
(ii) give a copy of the CEO’s report to the council.
17. CEO to review certain systems and procedures
(1) The CEO is to review the appropriateness and effectiveness of a local government’s systems and procedures in relation to —
(a) risk management; and
(b) internal control; and
(c) legislative compliance.
(2) The review may relate to any or all of the matters referred to in subregulation (1)(a), (b) and (c), but each of those matters is to be the subject of a review at least once every 2 calendar years.
(3) The CEO is to report to the audit committee the results of that review.
POLICY IMPLICATIONS
Nil
FINANCIAL IMPLICATIONS
The Shire has received membership funds from the Local Government Insurance Scheme (LGIS) which has been allocated as a genuine rollover to fund organisational Risk Initiatives.
The financial implications of actioning individual items contained in the Improvement Plan in Attachment 1 will be implemented using existing, internal resources. If any additional resources are required they will be progressed via the quarterly Finance and Costing Review or presented to Council for consideration.
STRATEGIC IMPLICATIONS
STRATEGIC IMPLICATIONS
Our People Goal – Foster a community environment that is accessible, affordable, inclusive, healthy and safe:
Effective communication
Affordable services and initiatives to satisfy community needs
Accessible and safe community spaces
A healthy and safe environment
Our Prosperity Goal – Create the means to enable local jobs creation and lifestyle affordability for the current and future population:
Affordable and equitable services and infrastructure
Our Organisation Goal – Continually enhance the Shire’s organisational capacity to service the needs of a growing community:
An organisational culture that strives for service excellence
Sustainable and integrated strategic and operational plans
Responsible resource allocation
Effective community engagement
Improved systems, processes and compliance
VOTING REQUIREMENTS
Simple Majority
That the Audit and Risk Committee recommends that Council: 1. Receives the updated Audit Regulation 17 Improvement Plan; and 2. Adopts the reviewed actions, timelines and responsible officers as detailed in the Audit Regulation 17 Improvement Plan. |
Improvement Plan January 2018 |
Item 5.2 - AUDIT REGULATION 17 IMPROVEMENT PLAN BIANNUAL PROGRESS REPORT |
Shire of Broome 2016 Audit Regulation 17 Review
RISK MANAGEMENT IMPROVEMENT PLAN
**Note shaded rows indicate that an item has been carried forward from the previous iteration of the Improvement Plan.
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
RM 1.0 MANDATE AND COMMITTMENT |
||||||||
RM1.1 |
Council
Policy Risk
Management |
To create an environment where Council, management and staff apply risk management, techniques through consistent and effective risk management practices. |
That the Audit and Risk Committee be provided with a risk report bi-annually. |
Director Corporate Services |
April and November Annually |
Report to be presented |
|
|
|
|
Policy to document the commitment and objectives regarding managing uncertainty that may impact the Shire’s strategies, goals or objectives.
|
Risk recording and reporting be undertaken in accordance with the Risk Management Policy.
|
Director Corporate Services |
Ongoing |
Bi-annual reports to EMG and Council are provided through the Audit and Risk Committee as per Risk Management Policy 2.1.4. |
|
|
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
RM 2.0 FRAMEWORK DESIGN |
||||||||
RM2.1 |
Enterprise-wide Risk Management Strategy and Framework |
Defines and details the various practices to support Risk Management and establishes the risk management strategy and framework to be followed by all Shire staff. |
That the Enterprise-wide Risk Management Strategy and Framework be made available to users of the Intranet. |
Director Corporate Services |
Complete |
Complete |
38 |
Extreme |
RM2.2 |
Insurance Strategy or Policy |
A policy to provide guidance to Officers as to the management of risk through insurance. |
That an Insurance Strategy and Policy be developed to provide clarity on issues such as the level of self-insurance, the adequacy of cover and the basis of the valuation of the insured assets. |
Manager Governance |
November 2018 |
Draft
document to be developed for presentation to the Audit and Risk Committee November
|
16 |
Medium |
RM2.3 |
Policy
|
Policy to provide direction on the provision of staff housing.
|
To help prevent damage to Shire properties we suggest housing bonds be paid in full prior to occupation of the house and lodged with the Bond Administrator. |
Director Corporate Services |
This is not complete – April 2018 |
Policy requires rework and will be reviewed and presented to MCG, EMG and Council at the April OMC. BOP has been reviewed and issues surrounding Staff Housing Bonds have been addressed. |
6 |
High
|
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
|
RM 3.0 IMPLEMENTING RISK MANAGEMENT |
|||||||||
RM 3.1 |
Executive Management Group |
An effective Executive Management Group charged with implementation of Council policies. |
That risks are regularly documented and monitored by the EMG in line with the RM Strategy and Framework and risk treatments are identified for events classified as high risk. |
EMG |
Ongoing |
Risk
is a discussion on the |
Ongoing |
Medium |
|
RM 3.2 |
Insurance Strategy or Policy |
A policy to provide guidance to Officers as to the management of risk through insurance. |
That an Insurance Strategy and Policy be developed to provide clarity on issues such as the level of self-insurance, the adequacy of cover and the basis of the valuation of the insured assets. |
Manager Governance |
November
2018 |
Draft
document to be developed for presentation to the Audit and Risk Committee November
|
16 |
Medium |
|
RM 3.3 |
Shire of Broome Business Continuity Plan |
To plan for the prevention, response and recovery from events that may threaten the capacity of the Shire of Broome to continue to provide services and good governance to the District. |
That, as high priority, an effective documented Business Continuity Plan be developed including relevant disaster recovery plans. |
Director Corporate Services |
April
|
Draft
document still requires final review and amendment to ensure suitability and
effectiveness. Presented to Audit and Risk Committee
May
|
76 |
High |
|
That, once adopted, the Plan’s effectiveness be tested |
Director Corporate Services |
November
|
Mock Exercise undertaken 16 June 2016. Further procedures required to ensure detailed operational testing is undertaken annually by responsible departments i.e. ICT, Health etc. |
16 |
High |
||||
RM3.6 |
Local Emergency Management Plan 2014 Draft |
A plan is prepared in accordance with the requirements of Emergency Management Act 2005 [s.41(4)] and State Emergency Management Policy 2.5 |
That the draft plan be finalised and once adopted, its effectiveness be tested in accordance with PART 5 of the plan. |
Manager Environmental Health, Emergency and Rangers
|
November
|
Following training provided on Managing Recovery Activities the Local Emergency Management Plan is being reviewed and will be tested once finalised. The current plan is compliant with the legislation. It is however considered inadequate by officers. Grant funding requests have been made to obtain a fixed term officer to assist in this project. |
76 |
Extreme |
|
RM3.8 |
Workforce Plan |
A plan to make sure the Shire has the right people, in the right place, at the right time, to meet the objectives set out in the Strategic Community Plan. |
Future reviews of the Workforce Plan contain an assessment and treatment plan for key identified risks in relation to the workforce. |
Manager People and Culture |
November
|
The Workforce Plan is under review and will incorporate feedback. Please note organisational risks have been identified in the external analysis section 2.1.1-2.1.15 and internal analysis section 3.3.1 -3.3.14 and again in Workforce Planning 4.1.1 page 47. In order to satisfy the auditors, the risk section will itemise the known risks under 4.5.9 organisational risk management. CBP adopted December 2017; Organisational survey completed and will be used to form the basis of the next review. |
76 |
High
|
|
Asset Management Plan |
Plan prepared to assist the Shire to improve the way it delivers services from its infrastructure assets such as roads, drainage, footpaths, public open space and buildings.
|
Asset Management Plans be updated/ developed for all classes of assets and adopted by Council. Recording of risks identified within the plans in an appropriate risk register should help ensure follow up assessments of treated risks are undertaken. |
Director Infrastructure |
June
Complete |
Building and Transport Asset Management Plans were prepared in
201
|
152 |
High |
||
RM3.10 |
Risk Management Framework
|
A management framework to implement a risk management system throughout the Shire.
|
The development of consequence rating criteria based on the context of the risk assessment and inclusion of the criteria within the Risk Management Strategy and Procedures. This should assist in avoiding any need to redefine the risk assessment framework for each level of risk assessment. |
Director Corporate Services |
Complete |
A Risk Management Strategy and Procedures was Consequence of
risks (Risk Matrix) identified on Pages 14-16 |
38 |
Extreme
|
|
RM3.11 |
Project Specific Risk Assessments
|
A risk assessment undertaken as part of a major project.
|
Future assessments be undertaken in accordance with an entity wide Risk Management Framework (to be developed).
|
Director Corporate Services |
Complete |
This framework has been endorsed and the relevant risk assessments have been incorporated within Council reports, policy and project plan templates. |
76 |
High |
|
RM3.12 |
Emergency Response Procedures – Shire Buildings |
To ensure uniformity in the handling of building related emergency situations. |
That emergency response procedures for all Shire buildings be developed and implemented. |
|
|
Update
required for procedures at the Admin Centre, Depot and
Waste Management Facility. Civic Centre – emergency response and evacuation plan in existence – to be updated to reflect cyclone procedures. |
3
5 |
High
High |
|
Asset Management Risk Assessment |
Inclusion of a risk assessment undertaken as part of development and maintenance of the Shire of Broome Asset Management Plans (AMP) |
That treatment plans be monitored to ensure risks are reduced to a medium level. |
Asset Coordinator |
Complete |
A
risk assessment has been incorporated into the
Infrastructure Asset Management Plan. |
76 |
Medium |
||
RM3.14 |
Information Systems Plans
|
Plans to ensure the secure provision of information systems in the event of a disaster.
|
IT Disaster Recovery Plan and IT Security Plan be developed and tested on a regular basis to gauge their effectiveness.
|
Manager Information Services |
November 2018 |
No IT Disaster Recovery Plan or IT Security Plan are in place. Interim protection by relocating a replica of our current system to the civic centre. The backup is then copied offsite on a continuous basis. The replica is working and we also now have a GenSet to maintain power. This has been tested and passed |
76 |
High |
|
RM3.15 |
Volunteer and Contractor Inductions
|
Inductions of contractors and volunteers, to ensure they have an understanding of their roles and responsibilities when undertaking works on Shire property. |
All contractors and volunteers undertake a basic induction of their roles and responsibilities prior to commencing work.
|
Manager People and Culture |
|
Volunteer inductions provided. Contractor Induction documentation has been reviewed by LGIS. Existing contractors required to attend induction in February 2018. |
38 |
High |
|
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
|||||
RM 4.0 monitoring and review |
|||||||||||||
RM4.1 |
Audit and Risk Committee |
An Audit Committee is required by the Local Government (Audit) Regulations 1996, and its composition and role is prescribed. |
That the Committee receive bi-annual reports containing information on extreme and high risk ratings in accordance with the Enterprise-wide Risk Management Strategy and Framework. |
Director Corporate Services |
April/November Annually |
Risk Profiles implemented. |
6 |
High |
|||||
RM4.2 |
Monitoring Compliance |
To ensure policies relating to risk management are adhered to by the organisation and their effectiveness is monitored. |
That recording and reporting mechanisms to monitor risks be implemented in accordance with policy. |
Director Corporate Services |
Ongoing |
Ongoing |
|
|
|||||
RM4.3 |
Occupational Safety and Health (OSH) Register |
To maintain a hazard based register of OSH matters. |
That the current outstanding OSH list be augmented by an OSH register capable of provide regular reports and identifying OSH trends. |
Manager People and Culture |
Ongoing |
OSH Register remains a concern having been raised at the previous 2 OSH meetings. Apparent that Synergy solution is not working in its current form. |
|
|
|||||
RM4.4 |
Risk Register |
Provide for the ongoing monitoring and treatment of identified risks. |
Identified risks documented within Council Meeting Minutes and other risk assessments are recorded within the risk register. As a central register of identified risks, we suggest the risk register be available for all senior staff to update and review. |
Manager People and Culture |
Ongoing |
Risk Profiles have been developed and implemented. Electronic systems are being investigated to further streamline the process and provide improved visibility and management of identified risks. |
|
|
|||||
RM4.5 |
Minutes of Executive Management Group Meetings |
To formally document identified risks, internal control and legislative compliance weaknesses raised by the Executive Management Group. |
Minutes of the Executive Management Group meetings be maintained with risks, internal control and legislative compliance weaknesses identified in the minutes. |
|
|
Process in place to ensure that EMG Minutes are recorded to Synergy Central Records System. All 2017 meeting minutes have been recorded to Synergy. EMG minutes will continue to be recorded to Synergy.
|
6 |
High |
|||||
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
|||
RM 5.0 CONTINUAL IMPROVEMENT OF THe FRAMEWORK |
|||||||||||
RM5.1 |
Ongoing Improvement Program |
A program developed to plan and implement improvements in risk management practices and to guide the process of implementation. |
That a risk management improvement plan be maintained into the future to support the process of continual improvement. |
Audit Reg 17 TAG |
Ongoing |
This improvement plan forms the basis of an all inclusive continual improvement process for all three areas. |
|
|
|||
RM5.2 |
Training |
Structured risk management training be available for elected members and senior staff. |
That risk management training be available to elected members and all senior staff undergo relevant risk management training. |
Director Corporate Services |
November – Annually
|
Risk Management Training funds assigned through annual budget process for 17/18 however may be deferred due to vacancies in HR department. |
38 |
High |
|||
LEGISLATIVE COMPLIANCE IMPROVEMENT PLAN
**Note shaded rows indicate an item has been carried forward from the previous iteration of the Improvement Plan.
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
LC1.0 MANDATE AND commitment LEGISLATIVE COMPLIANCE |
||||||||
LC1.1 |
Code of Conduct
|
To provide a documented expectation for the behaviour of elected members, staff, contractors and volunteers when performing their duties.
|
An expansion of the scope of the Code of Conduct to include actions by volunteers and contractors. Alternatively, a separate Code of Conduct be developed for volunteers and contractors. |
Director Corporate Services |
April |
Volunteers and contractors are not bound by a Code of Conduct when performing functions on behalf of the Shire. Revised Code of Conduct is being drafted and will include volunteers and contractors. To be presented to Council by April. |
36 |
High |
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
LC2.0 FRAMEWORK DESIGN FOR LEGISLATIVE COMPLIANCE |
||||||||
LC2.1 |
|
Policy required by legislation to provide guidelines for a consistent approach for obtaining quotations and tenders for the provision of materials, services and consultants. |
We suggest the Policy be amended to require each purchasing event to be considered independently when determining the thresholds, legislation prohibits the splitting of any contract for the purpose of avoiding the relevant purchasing threshold. |
Manager Governance |
Complete |
No action required based on WALGA email advice dated 2 May 2017, however policy under review in line with release of revised WALGA Purchasing Policy Template. |
6 |
High |
LC2.2 |
|
A Policy required by legislation to make provision in respect of the matters set out in paragraph 24AC (2) of the Local Government (Functions and General) Regulations 1996.
|
The existing Panel of Suppliers should be cancelled and tenders called to establish a new compliant Panel of Suppliers. Pending appointment of a Panel of Suppliers standard contracts should be awarded in accordance with the Procurement Policy. |
Manager Governance |
Complete |
A Pre-Qualified Supplier Policy was adopted in December 2016, following the change in the regulations in September 2015. Contracts with a Panel of Suppliers established prior to the change in the Regulations were extended subsequent to the introduction of the requirement to have a Policy in place when utilising a Panel of Suppliers. Previous Panel contracts have expired. No further action required. |
38 |
High |
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
|||
LC3.0 SENIOR MANAGEMENT commitment TO LEGISLATIVE COMPLIANCE |
|||||||||||
LC3.1 |
Communications |
To ensure staff, contractors and regular volunteers are aware of their obligation to report breaches of legislation to the appropriate Officer. |
That the obligation to report compliance breaches be communicated to contractors and volunteers. |
Manager People and Culture |
May 2017 |
The Shires current process is undertaken through OSH reporting and the onsite induction process. Further works to be Included in the Shires corporate contractor induction process pending finalisation. |
16 |
High |
|||
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
LC4.0 STAFF EXPERIENCE AND TRAINING |
||||||||
LC4.1 |
Experienced Staff |
To ensure staff engaged at a senior level and on technical roles have an understanding of the legislative requirements relevant to their role. |
Experienced senior staff are expected to have a sound understanding of the requirements of their roles. Given the level of staff turnover, it is important new senior and technical staff possess the required experience or quickly acquire a sound understanding of their role. |
CEO/ |
|
HR practices include a merit based recruitment process based on experience, skills and qualification relevant to the position. This has been formalised through a review of the Recruitment BOP and HR Directive.
|
|
|
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
LC5.0 MONITORING AND REVIEW OF LEGISLATIVE COMPLIANCE |
||||||||
LC5.1 |
List of Payments |
List of payments presented to Council monthly. |
To ensure transparency of payments made all payments made utilising credit cards are presented to Council along with the list of payments. |
Manager Financ |
Complete |
Details of credit card payments have always been presented together with direct debit transactions on the Monthly Payment Listing presented to the Council. Credit card payment details will be given increased prominence in the report. |
6 |
High |
LC5.2 |
Minutes of Executive Management Group Meetings |
To formally document identified risks, internal control and legislative compliance weaknesses raised by the Executive Management Group. |
Minutes of the Executive Management Group meetings be maintained with risks, internal control and legislative compliance weaknesses identified in the minutes. |
|
April
2017 – |
**Refer RM4.5 & IC4.3 Process in place to ensure that EMG Minutes are recorded to Synergy Central Records system. All 2017 meeting minutes have been recorded to Synergy. EMG minutes will continue to be recorded to Synergy.
|
6 |
High |
LC5.3 |
Employee Complaints/Grievance Handling
|
Procedures for the handling of employee complaints and grievances. |
Staff Complaints Register to be established and maintained. |
Manager People and Culture |
|
Employee complaints are addressed by the Manager of HR. A Staff
Complaints Register was not available for review
|
6 |
High |
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
LC6.0 CONTINUAL IMPROVEMENT OF LEGISLATIVE COMPLIANCE |
||||||||
LC6.1 |
Ongoing Improvement Program |
A program developed to plan and implement improvements in legislative compliance practices and to guide implementation. |
That the improvement program contained within this report be used as an initial improvement program. |
Audit Reg 17 TAG |
Ongoing |
This improvement plan forms the basis of an all inclusive continual improvement process for all three areas. |
|
|
INTERNAL CONTROLS IMPROVEMENT PLAN
**Note shaded rows indicate an item has been carried forward from the previous iteration of the Improvement Plan.
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
IC1.0 MANDATE AND COMMITTMENT |
||||||||
IC1.1 |
Policy |
Policy to clarify the Council’s view on the tolerable threshold of material variances and to limit the volume of variance reporting to significant information.
|
To avoid confusion all risks be rated using one context based risk level matrix and assessment criteria.
|
Manager Financ |
Complete |
The Policy contains risk ratings for material variances which differ from those contained within the Risk Matrix attached as an Appendix to the Policy.
The Risk Rating for Material Variances as per policy
|
6 |
High |
IC2.0 INTERNAL CONTROL FRAMEWORK DESIGN |
||||||||
IC2.1 |
Management Policy - Internal Controls |
To establish a risk based Internal Control Framework, Systems and practices to support the internal control environment. |
That an internal control framework be developed reflecting a risk based approach to internal controls and providing the monitoring and reporting systems. |
TAG |
November 2018
|
Internal Control Framework developed and in operation however leaving open until process is firmly established and embedded in across organisation. |
10 |
Medium |
Policy |
Policy to set out the requirements for undertaking private works.
|
To ensure appropriate control and minimise potential liability, we suggest private works only be undertaken after an appropriate written agreement has been signed with the landowner. |
Manager Infrastructure |
|
|
6 |
High |
|
IC2.3 |
Internal Audit
|
Internal audit monitors the level of compliance with internal procedures and process along with assessing the appropriateness of these procedures.
|
As the level of documented procedures increases, an expanded internal audit function to confirm adherence to documented policies and procedures may be required.
|
Director Corporate Services |
|
Currently, no internal auditors have been appointed, and limited internal audit functions have been undertaken. The Senior Procurement, Risk and Governance Officer will coordinate an internal audit. |
76 |
High |
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
IC3.0 IMPLEMENTATION OF INTERNAL CONTROLs |
||||||||
IC3.1 |
Experienced Staff |
To ensure all senior staff have an understanding of the inherent risks internal controls are addressing associated with, and relevant to, their role. |
Refer to LC4.1 |
Manager Financial Services |
|
Implemented as part of the Internal Control Policy & BOP through all employees. In addition to Internal Control Policy and BOPs, we take advantage of relevant training activities available. |
7 |
High |
IC3.2 |
Staff Training |
To ensure the staff have access to ongoing training in internal controls and attend appropriate training sessions. |
Refer to LC 5.2 |
Manager Governance/Manager Financial Services |
Ongoing |
Inductions and specific on the job training for internal control areas ie cash handling, stock control as required. Training programmes to be developed for specific areas eg BRAC, Civic Centre and others as identified.
Financial Services developed an induction pack that includes relevant information for each function in Finance. Governance, Records and IT inductions are undertaken with designated employees on their commencement. Other inductions are undertaken as requested. Information sessions on the local government and the Local Government Act were held with internal and external staff in November 2017. |
22 |
High |
IC3.3 |
Documented Procedures
|
Use of documented procedures by officers helps establish a standard methodology and identifies key controls for processes undertaken by officers. |
Opportunity exists to improve and document standard operating procedures with key controls clearly identified. Once these procedures are developed and implemented, they require constant monitoring for adherence and efficiency. |
Director Corporate Services |
November 2017 - Ongoing |
Standard operating procedures exist for selected, but not all, financial procedures. Procedure documentation is being developed by officers where it does not currently exist.
|
152 |
High |
IC3.4 |
Journals
|
Controls around the passing of journals between accounts. |
Given the high level of risk associated with journals we suggest documented controls be developed to ensure the monitoring and approval of journals processed within the accounting system.
|
Manager
Financ |
Complete |
It would be impracticable to document the authorisation and
approval of all journals processed within the accounting system. |
6 |
Medium |
IC3.5 |
Trust Transfers
|
Controls in relation to the transfer of funds between the Municipal and Trust Funds.
|
Unidentified deposits in the Municipal Fund remain within the Fund and are listed on the debtors’ reconciliation until such time as they are identified and allocated to the appropriate debtor.
|
Manager
Financ |
Complete |
Controls implemented to prevent unidentified funds from being deposited in the Municipal Fund |
6 |
Medium |
IC3.6 |
Payroll System
|
A system for the recording and processing of employee timesheets and effecting payments to employees. |
Processing of payroll should be undertaken in accordance with documented procedures and controls with system errors/issues reported. Systems or documented procedures should be in place for the pre-authorisation of all staff absentee time. In the circumstances where staff are not able to obtain pre-authorisation (sick leave) documented procedures should be developed to ensure staff acknowledge their absence as soon as practicable. |
Manager
Financ |
|
|
76 |
High |
IC3.7 |
BOP
|
To outline the approval process to be undertaken for use of the Corporate Credit Card and to ensure the appropriate handling and application of the card details
|
As credit cards are issued in the name of the signatory, we suggest credit cards purchases are only utilised by the Officers to whom they are issued.
|
Manager
Financ |
|
BOP |
6 |
High |
IC3.8 |
Checklists
|
Checklists document the completion of multiple steps within an overall process. |
Creation of standard checklists may assist in evidencing key points of control. |
Director Corporate Services |
Complete |
Checklists exist and are in use by staff as part of endorsed procedures. |
152 |
High |
IC3.9 |
Workflow Diagrams
|
Workflow diagrams create a visual representation of a process, clearly identifying key points of control and responsibility.
|
In conjunction with the development of documented procedures and checklists, development of workflow process diagrams may assist in clearly identifying controls and processes to be followed. |
Director Corporate Services |
April 2019 |
Workflow diagrams have not been compiled.
|
228 |
High |
IC3.10 |
Procedures for the preparation of Monthly Reports |
Documented procedures and checks for the preparation of the Monthly Statement of Financial Activity for presentation to Council. |
All primary reconciliations be completed signed and reviewed prior to finalisation of the Monthly Statement of Financial Activity for presentation to Council. |
Manager
Financ |
Complete |
We developed an End of Month Checklist setting out the activities to be completed to achieve fully reconciled Balance Sheet GL accounts and cut-off procedures for Income Statement GL accounts. This checklist is continually developed for any new steps introduced or modified. This checklist and any resulting reconciliations is reviewed and approved by the Manager Financial Services prior to preparation of the Monthly Financial Reports. |
|
|
IC3.11 |
Debtors Reconciliation
|
Reconciliation of outstanding debtors listing to the debtors’ ledger.
|
Credit amounts should be fully investigated and resolved to help ensure individual debtor balances are accurately reflected.
|
Manager
Financ |
Complete |
As part of the End of Month Checklist, reconciliations of general ledger with the subsidiary ledgers, identification and investigation of unusual balances such as credit balances in debtors are now performed on a regular basis. |
76 |
High |
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
IC4.0 MONITORING AND REVIEW OF INTERNAL CONTROLS |
||||||||
IC4.1 |
Monitoring |
To ensure policies and other controls relating to internal controls are adhered to within the organisation and their effectiveness is monitored. |
That an internal audit function be developed to monitor the appropriateness and effectiveness of financial and non-financial internal controls. |
Audit Reg 17 TAG |
November
- Biennially |
December 2016 review completed by external consultant. While internal review is recommended current staff resources do not permit the development of an internal audit function. An external consultant will provide a biennial review as per the Audit Reg 17 regulations with ongoing risk management functions monitored by the Risk TAG. Next external audit review December 2018. |
|
|
IC4.2 |
Breach monitoring |
To ensure a process exists to track breaches of internal controls and effectiveness of changes to internal controls. |
That a process to track control breaches be developed as part of the wider risk management process. |
Audit Reg 17 TAG |
Ongoing |
Monitoring processes to be developed. |
|
|
IC4.3 |
Minutes of Executive Management Group Meetings |
To formally document identified risks, internal control and legislative compliance weaknesses raised by the Executive Management Group. |
Minutes of the Executive Management Group meetings be maintained with risks, internal control and legislative compliance weaknesses identified in the minutes. |
|
|
**Refer RM4.5 & LC5.2 Process in place to ensure that EMG Minutes are recorded to Synergy Central Records system. All 2017 meeting minutes have been recorded to Synergy. EMG minutes will continue to be recorded to Synergy.
|
|
High |
IC5.0 CONTINUAL IMPROVEMENT OF INTERNAL CONTROLS |
||||||||
IC5.1 |
Ongoing Improvement Program |
A program developed to plan and implement improvements in internal controls practices and to guide the process of implementation. |
That a documented program to implement improvements to internal controls be established as part of the wider risk management process. |
Audit Reg 17 TAG |
Ongoing |
This improvement plan forms the basis of an all inclusive continual improvement process for all three areas. |
|
|
No. |
FRAMEWORK COMPONENTS |
PURPOSE/GOAL |
IMPROVEMENTS |
Officer |
Timing |
Comments |
Est. Hours |
Priority |
IC6.0 INTERNAL CONTROLS IMPROVEMENT PLAN |
||||||||
IC6.1 |
BRAC Receipting |
To ensure that all funds received at the BRAC are receipted to the correct account in a timely manner. |
That documented control procedures be developed and compliance with these procedures monitored. |
Manager Financial Services/
Manager Sport and Recreation, BRAC |
Complete
|
Procedures documented and monitored by BRAC Manager.
BOP accepted in July 2016. Financial Services working with BRAC regarding continuing receipting and balancing issues.
The Revenue Officer monitors BRAC activities after each month-end closing activities in order ensure completeness of revenue. |
22 |
High |
IC6.2 |
Accounting Control Procedures |
To ensure all financial transactions are appropriately recorded/ reported and the risk of fraud or error is minimised. |
That the accounting procedures be expanded to more fully describe the task and its associated consequences and lines of authority. |
Financial Services Team |
|
Detailed
tasks lists have been developed which identify activities that are performed
on a daily, weekly, fortnightly, monthly, quarterly and annual basis. Related
procedures are being developed.
|
|
|
APPENDIX 1: RISK MATRIX
Shire of Broome Measures of Consequence |
|||||||
Rating |
Health |
Financial Impact |
Service Interruption |
Compliance |
Reputational |
Property |
Environment |
Insignificant |
Near miss / minor injuries |
Less than $10,000 |
No material service interruption |
Minor regulatory or statutory impact |
Unsubstantiated, localised low impact on community / stakeholder trust, low profile or no media item |
Inconsequential damage |
Contained, reversible impact managed by on site response |
Minor |
First aid injuries/ |
$10,001 - $250,000 |
Short term temporary interruption – backlog cleared < 1 day |
Some temporary non compliances |
Substantiated, localised impact on community / stakeholder trust or low media item |
Localised damage rectified by routine internal procedures |
Contained, reversible impact managed by internal response |
Moderate |
Medical type injuries/ |
$250,001 - $2,000,000 |
Medium term temporary interruption – backlog cleared by additional resources < 1 week |
Short term non-compliance but with significant regulatory requirements imposed |
Substantiated, public embarrassment, moderate impact on community/stakeholder trust or moderate media profile |
Localised damage requiring external resources to rectify |
Contained, reversible impact managed by external agencies |
Major |
Long-term disability / multiple injuries |
$2,000,001 - $4,000,000 |
Prolonged interruption of services – additional resources; performance affected< 1 month |
Non-compliance results in termination of services or imposed penalties |
Substantiated, public embarrassment, widespread high impact on community / stakeholder trust, high media profile, third party actions |
Significant damage requiring internal & external resources to rectify |
Uncontained, reversible impact managed by a coordinated response from external agencies |
Extreme |
Fatality, permanent disability |
More than $4,000,000 |
Indeterminate prolonged interruption of services – non-performance> 1 month |
Non-compliance results in litigation, criminal charges or significant damages or penalties |
Substantiated, public embarrassment, widespread loss of community/stakeholder trust, high widespread multiple media profile, third party actions |
Extensive damage requiring prolonged period of restitution |
Uncontained, irreversible impact |
Measures of Likelihood |
|||
Rating |
Definition |
Frequency |
Chance of Occurrence |
Almost Certain (5) |
The event is expected to occur in most circumstances |
More than once per year |
> 90% chance of occurring |
Likely (4) |
The event will probably occur in most circumstances |
At least once per year |
60% - 90% chance of occurring |
Possible (3) |
The event should occur at some time |
At least once in 5 years |
40% - 60% chance of occurring |
Unlikely (2) |
The event could occur at some time |
At least once in 10 years |
10% - 40% chance of occurring |
Rare (1) |
The event may only occur in exceptional circumstances |
Less than once in 15 years |
< 10% chance of occurring |
Risk Matrix |
||||||
Consequence
Likelihood |
Insignificant |
Minor |
Moderate |
Major |
Extreme |
|
1 |
2 |
3 |
4 |
5 |
||
Almost Certain |
5 |
Moderate (5) |
High (10) |
High (15) |
Extreme (20) |
Extreme (25) |
Likely |
4 |
Low (4) |
Moderate (8) |
High (12) |
High (16) |
Extreme (20) |
Possible |
3 |
Low (3) |
Moderate (6) |
Moderate (9) |
High (12) |
High (15) |
Unlikely |
2 |
Low (2) |
Low (4) |
Moderate (6) |
Moderate (8) |
High (10) |
Rare |
1 |
Low (1) |
Low (2) |
Low (3) |
Low (4) |
Moderate (5) |
Agenda – Audit and Risk Committee Meeting 13 February 2018 Page 60 of 71
5.3 2nd
QUARTER FINANCE AND COSTING REVIEW 2017-18 LOCATION/ADDRESS: Nil APPLICANT: Nil FILE: FRE02 AUTHOR: Manager Financial Services CONTRIBUTOR/S: Senior Finance Officer RESPONSIBLE OFFICER: Director Corporate Services DISCLOSURE OF INTEREST: Nil DATE OF REPORT: 29 January 2018 |
SUMMARY: The Audit Committee is requested to consider results of the 2nd Quarter Finance and Costing Review (FACR) of the Shire’s budget for the period ended 31 December 2017, including forecast estimates and budget recommendations to 30 June 2018. |
BACKGROUND
Previous Considerations
OMC 29 June 2017 Item 9.4.4
OMC 19 Oct 2017 Item 9.4.3
Quarter 2 Finance and Costing Review
The Shire of Broome has carried out its 2nd Quarter Finance and Costing Review (FACR) for the 2017/18 Financial Year. This Review of the 2017-2018 Annual Budget is based on actuals and commitments for the first three months of the year from 1 July 2017 to 31 December 2017, and forecasts for the remainder of the financial year.
This process aims to highlight over and under expenditure of funds for the benefit of Executive and Responsible Officers to ensure good fiscal management of their projects and programs.
Once this process is completed, a report is compiled identifying budgets requiring amendments to be adopted by Council. Additionally, a summary provides the financial impact of all proposed budget amendments to the Shire of Broome’s adopted end-of-year forecast, in order to assist Council to make an informed decision.
It should be noted that the 2017/2018 annual budget was adopted at the Ordinary Meeting of Council on 29 June 2017 as a balanced budget. There have been further amendments adopted by Council as part of the Annual Financial Statements for the use of additional carried forward surplus and as part of 1st Quarter FACR. The result of all amendments prior to the 2nd Quarter FACR is $43,601 deficit upon the Shire of Broome’s forecast end of year position.
COMMENT
The 2nd Quarter FACR commenced on 24 January 2018. The FACR process has identified a deficit of $70,296 and net organisational savings of $nil.
The results from this process indicate a deficit forecast financial position to 30 June 2018 of $113,897 should Council approve the proposed budget amendments. This deficit is predominantly associated with the aforementioned drainage works estimated to cost $400,000.
It is recommended that any surplus funds identified throughout the FACR process be quarantined to reserve which is $nil for the quarter ended December 2017. This will carry a deficit of $113,897 forward to the next FACR meetings to be held in April 2018.
It should also be noted that this figure represents a budget forecast should all expenditure and income occur as expected. It does not represent the actual end-of-year position which can only be determined as part of the normal Annual Financial processes at the end of the financial year.
A comprehensive list of accounts (refer to Attachment 1) has been included for perusal by the committee and summarised by Directorate.
A summary of the results follows:
BUDGET IMPACT |
||||||||
2017/18
Adopted Budget |
FACR Q2 |
FACR Q2 |
FACR Q2 |
YTD
Adopted Budget Amendments |
YTD
Impact |
|||
Executive - Total |
0 |
50,000 |
0 |
50,000 |
0 |
0 |
||
Corporate Services - Total |
0 |
(109,825) |
(95,000) |
(14,825) |
0 |
(14,825) |
||
Development & Community - Total |
0 |
(71,748) |
(34,000) |
(37,748) |
43,601 |
5,853 |
||
Infrastructure Services - Total |
0 |
201,869 |
129,000 |
72,869 |
0 |
122,869 |
||
|
|
|
0,000* |
70,296 |
0 |
70,296 |
43,601† |
113,897 |
CONSULTATION
All amendments have been proposed after consultation with Executive and Responsible Officers at the Shire.
STATUTORY ENVIRONMENT
Local Government (Financial Management) Regulation 1996
r33A. Review of Budget
(1) Between 1 January and 31 March in each financial year a local government is to carry out a review of its annual budget for that year.
(2A) The review of an annual budget for a financial year must —
(a) consider the local government’s financial performance in the period beginning on 1 July and ending no earlier than 31 December in that financial year; and
(b) consider the local government’s financial position as at the date of the review; and
(c) review the outcomes for the end of that financial year that are forecast in the budget.
(2) Within 30 days after a review of the annual budget of a local government is carried out it is to be submitted to the council.
(3) A council is to consider a review submitted to it and is to determine* whether or not to adopt the review, any parts of the review or any recommendations made in the review.
*Absolute majority required.
(4) Within 30 days after a council has made a determination, a copy of the review and determination is to be provided to the Department.
Local Government Act 1995
6.8. Expenditure from municipal fund not included in annual budget
1) A local government is not to incur expenditure from its municipal fund for an additional purpose except where the expenditure —
(a) is incurred in a financial year before the adoption of the annual budget by the local government;
(b) is authorised in advance by resolution*; or
(c) is authorised in advance by the mayor or president in an emergency.
(1a) In subsection (1) —
“additional purpose” means a purpose for which no expenditure estimate is included in the local government’s annual budget.
POLICY IMPLICATIONS
2.1.1 Materiality in Financial Reporting
It should be noted that according to the materiality threshold set in Policy 2.1.1 Materiality in Financial Reporting, should a deficit achieve 1% of Shire’s operating revenue ($376,296) the Shire must formulate an action plan to remedy the over expenditure.
FINANCIAL IMPLICATIONS
The net result of the 2nd Quarter FACR estimates is a budget deficit position of $113,897 to 30 June 2018 with organisational savings of $nil.
RISK
The Finance and Costing Review (FACR) seeks to provide a best estimate of the end-of-year position for the Shire of Broome at 30 June 2018. Contained within the report are recommendations of amendments to budgets which have financial implications on the estimate of the end-of-year position.
The review does not, however, seek to make amendments below the materiality threshold unless strictly necessary. The materiality thresholds are set at $10,000 for operating budgets and $20,000 for capital budgets. Should a number of accounts exceed their budget within these thresholds, it poses a risk that the predicted final end-of-year position may be understated.
In order to mitigate this risk, the CEO enacted the FACRs to run quarterly and executive examine each job and account to ensure compliance. In addition, the monthly report provides variance reporting highlighting any discrepancies against budget.
It should also be noted that should Council decide not to adopt the recommendations, it could lead to some initiatives being delayed or cancelled in order to offset the additional expenditure associated with running the Shire’s operations.
STRATEGIC IMPLICATIONS
Our People Goal – Foster a community environment that is accessible, affordable, inclusive, healthy and safe:
Effective communication
Affordable services and initiatives to satisfy community need
Our Prosperity Goal – Create the means to enable local jobs creation and lifestyle affordability for the current and future population:
Affordable and equitable services and infrastructure
Key economic development strategies for the Shire which are aligned to regional outcomes working through recognised planning and development groups/committees
Our Organisation Goal – Continually enhance the Shire’s organisational capacity to service the needs of a growing community:
An organisational culture that strives for service excellence
Sustainable and integrated strategic and operational plans
Responsible resource allocation
Improved systems, processes and compliance
VOTING REQUIREMENTS
Absolute Majority
QUARTER 2 FINANCE AND COSTINGS REVIEW REPORT 2017-18 |