Agenda and draft minutes

To receive any apologies for absence.

There were no apologies for absence.

To receive any questions from members of the public and replies thereto.

The following questions were received from members of the public:

Mr Barry Warren

My questions relate to Items 4, 8 and 9 on the agenda.

Agenda Item 4 records the minutes of the previous meeting of the Audit Committee.  Minute 4 records my questions but not the responses which were subsequently sent to me after that meeting and filed with the papers of the previous meeting.

Question 1    

Why were the answers to the questions not reported to this meeting as required by the MDDC Constitution although I note now that they have been added to the website today?

In relation to agenda items 8 and 9 I have forwarded a briefing document and appendix to each member of the committee which I had earlier forwarded to Devon Assurance Partnership (DAP) and Bishop Fleming.  Bishop Fleming extended me the courtesy of acknowledging my email but I had heard nothing from DAP until yesterday after my questions were submitted, so my question no. 2, that you will have had, is no longer relevant.

Question 2    

This question was no longer relevant.

Question 3    

Do Devon Assurance Partnership act on information from the public or do they only work to Terms of Reference given them by MDDC Officers?

The Devon Assurance Partnership report contains reference to Home Office guidance on the new criminal offence of “Failure to Prevent Fraud”.  My briefing document has drawn attention to the authorisation for payment of invoices, for 6 figure sums, by a Senior Officer. Freedom of Information (FOI) responses (confirmed on review on Friday) show that the Council does not hold any evidence to show that such authorisation was justified.

Question 4    

Doesn’t allowing such authorisation without records of evidence for future reference (which must be a Red Flag for Auditors and Audit Committee) increase the possibility of external fraud?

The External Auditors are only providing a verbal update and therefore members of the public have no opportunity to avail themselves of the information to be provided to enable them to consider whether or not to raise any issues which may benefit or clarify matters for the Council Tax Payers of Mid Devon.

Question 5    

Are the External Auditors looking into the invoices, payments and value for money in relation to dealings of the ‘partnership’ between the Council and the suppliers of the modular homes?

Question 6    

If they are looking into the issue is there any feedback as to findings or action to date? 

The Chair responded by saying:

Thank you for your questions Mr Warren.

I note from your own words that these questions were submitted outside of our constitutional time requirement to receive a formal response during today’s meeting.

On initial review of your questions I would like to make a few observations:

a)    Apart from your Question 1 – which I will ask the Clerk to respond to – the other questions that you have raised have no direct relevance to anything on today’s agenda – so can you ensure that future  ...  view the full minutes text for item 15.

To record any interests on agenda matters.

No interests were declared under this item.

To consider whether to approve the minutes as a correct record of the meeting held on 24^th June 2025. 

The minutes of the meeting held on 24 June 2025 were confirmed as a true and accurate record and SIGNED by the Chair.

To receive any announcements that the Chairman may wish to make.

The Chair had no announcements to make.

To receive a report from the Corporate Performance & Improvement Manager and the Head of People, Performance & Waste providing Members with a quarterly update on the Corporate Risk Register.

The Committee had before it, and NOTED, a report * from the Corporate Performance and Improvement Manager and the Head of People, Performance & Waste providing Members with a quarterly update on the Corporate Risk Register.

The following was highlighted within the report:

·         The report presented the Council's current corporate risks with an updated position following the most recent review period. These were the risks which were most likely to impact the Council in trying to meet its objectives. This report was produced quarterly and presented to this committee for Member’s scrutiny, comment and feedback.

·         Paragraph 2.1 of the report presented a summary table of the 17 corporate risks that the Council was currently managing.

·         A risk matrix was presented at Appendix 1 showing the relative position of a corporate risk.

·         Appendix 2 of the report provided further details for each risk in a standard template.

·         Any significant changes to the Corporate Risk Register since it was last reported to committee were listed in the covering report at paragraph 2.3.

Discussion took place regarding:

·         The Council’s approach to enforcement, not only in the Planning area but also in regard to safeguarding and anti-social behaviour. This came up again and again as an issue for residents. It was explained that enforcement was a discretionary service and there needed to be proportionate measures in place to deal with compliance and income protection. More resource was now available within the Planning Enforcement team which it was hoped would alleviate some of the concerns in this area moving forwards. It was the officer’s view that at the moment enforcement was being effectively managed but the Corporate Risk Register was ‘owned’ by Members so if they felt the risk needed to be rated differently then it was within their gift to amend. It was confirmed that the next Corporate Risk review cycle consideration would be given by officers to ensuring enforcement was appropriately considered on the Corporate Risk Register.

·         Staffing levels within the Building Control area and whether the risk needed to have a higher rating?

·         The rating of risks should be considered in relation to the other risks on the Corporate Risk Register, such as Cyber Security.

·         Some people had been on the Devon Home Choice Band C or D for many years. Could more be done to help with this and move people up the banding? Officers agreed it would be a useful discussion to be held by Homes PDG.  The Council was being proactive in building more social housing. There are many components to the housing crisis, if the Committee wanted the Risk Register to have more information streams within it regarding this issue then it could request this.

·         It was agreed that the risk description against the ‘cost of living crisis’ needed to be updated from the 2022/2023 description to include reference to increases in relation to rising costs for such things as water, Council Tax and utilities.

·         More context was provided around the rating for ‘Financial Sustainability’ in terms of  ...  view the full minutes text for item 19.

To receive a report from the Head of Digital Transformation & Customer Engagement providing a high-level updateon Cyber and Information Security activities over the last 12 months. The report aims to assure the Audit Committee of ongoing vigilance and remediation work around Cyber and Information Security risks.

The Committee had before it, and NOTED, a report * from the Head of Digital Transformation & Customer Engagement providing a high-level update on Cyber and Information Security activities over the last 12 months. The report aimed to assure the Audit Committee of ongoing vigilance and remediation work around Cyber and Information Security risks.

The following was highlighted with the report:

·       It was confirmed that this was the biggest risk facing the Council. Much of the risk was outside of the Council’s control.

·       The risks were global and much was in the news headlines at the moment.

·       A lot of work had been undertaken by officers in the last 12 months to proactively mitigate this risk.

·       A large piece of work had been undertaken by CAF (Cyber Assessment Framework) which had been funded by the Ministry of Housing, Communities and Local Government (MHCLG). This had involved officers from Government coming down and taking the Council through a self-assessment process and then helping to pull together an implementation plan. The initial assessment from them had been that the Council’s arrangements were in a good place but they could always be improved.

·       An executive summary had been provided listing the ongoing activities although much of the detail remained necessarily confidential.

·       It was also explained that there was an IT and Information Governance (ITIG) board in place which was chaired by the Deputy Chief Executive (S151) and had the relevant Cabinet Member on it to oversee activity in this area.

Consideration was given to:

·       The need for an all Member Briefing on Cyber Security so more assurance could be provided.

·       A request would be made for Members to submit questions in advance before a Briefing took place.

·       It was confirmed that there were policies and procedures in place for officers to notify the relevant people should they themselves identify areas of vulnerability. There were also weekly updates in the staff newsletter providing guidance.

·       The IT team had completed an operational assessment of Artificial Intelligence (AI).

Note: * Report previously circulated.

To receive a progress report from the Devon Assurance Partnership (DAP) on the Internal Audits completed to date.

The Committee had before it, and NOTED, a report * from the Devon Assurance Partnership (DAP) providing a summary of the performance against the Internal Audit plan for the 2025/26 financial year to date, highlighting the key areas of work undertaken and summarising its main findings and recommendations aimed at improving controls.

The following was highlighted within the report:

·       This was the first progress update report for 2025/2026.

·       An ‘assurance’ picture would build up as the year progressed.

·       The overall ‘Assurance Opinion’ for 2024/2025 had been ‘Reasonable’.

·       6 reports had been issued so far this year and summaries were provided in the report.

·       Appendix 2 listed the audit recommendations for the Council and how long they have been outstanding for. Currently there were 2 medium risk recommendations outstanding and 6 low risk.

Discussion took place regarding:

·       DAP were content with the approach the Council was taking with regard to the Housing Rents Error issue. Regular meetings were being held with the Regulator and the only repayments that were outstanding were those with some sort of benefit attached to them.

·       Procurement processes were sound, there were no significant issues of concerns. Any issues that had been raised in relation to waivers, the Council had now addressed.

·       The approach within the Housing Repairs and Maintenance Team was very much more preventative now rather than reactive. There had been a real culture shift.

·       A new process was in place to review cumulative supplier spend on a monthly basis.

Note: * Report previously circulated.

To receive a verbal update on the interim position from the external auditors, Bishop Fleming.

A verbal update was provided by Bishop Fleming as to where they were with the external audit of the 2024/2025 accounts. This included the following information:

·       The external audit of the 2024/2025 financial accounts was now well progressed but had not been completed as they were still waiting for the Pension Fund Assurance from Devon County Council and Grant Thornton. The intention was to complete the audit during November and bring a findings report to the next meeting of this Committee.

·       At the moment there were no significant areas of concern.

·       Some questions had been asked and additional information sought in relation to the ‘Value for Money’ audit but there was nothing currently to bring to the Committees’ attention.

·       Bishop Fleming were reviewing ongoing progress with the Housing Rents Error issue and were satisfied the approach was sound.

·       They would be bringing two reports to the next meeting, the Audit Completion Report on the Financial Statements and the Auditors Annual Report on the Council’s arrangements for ‘Value for Money’ (VFM). The VFM report would focus on the Council’s financial resilience, governance and efforts to improve efficiency, economy and effectiveness. A commentary on each of these areas would be provided.

Members are asked to note that the following items are already identified in the work programme for the next meeting:

·         Corporate Risk Report

·         Final accounts 2024/2025

·         Annual Governance Statement for 2024/2025

·         Bishop Fleming – Audit Findings Report

·         Devon Assurance Partnership (DAP) Progress Report

Note: This item is limited to 10 minutes. There should be no discussion on the items raised.

The items already listed in the Work Programme for the next meeting were NOTED.

In addition it was requested that the following be added to the agenda for the next meeting:

·       The External Auditors Annual Report on the Council’s arrangements to ensure ‘Value for Money’.