Internal Audit Dashboard July 2018

Transcription

1 Internal Audit Dashboard July 2018 Risk Category Area 2018/19 Financial Risk Risk of failing to manage finances in accordance with public sector accounting requirements and funding constraints. 70 Creditors Payments Main Accounting General Ledger Debtors, Debt 8

2 Area 2018/19 Treasury 12 Attainment of Value for Money. Procurement including Tendered Subsidised Bus Service Contracts. Payroll 12 Expenses & Allowances compliance with guidance 8 Legal Compliance Risk 30 Risks arising from noncompliance with legislative requirements. Improved Transparency Gifts & Hospitality Health & Safety including CDM. 8 4 In Progress

3 Area 2018/19 Information Governance 12 Governance Risk 51 Risk that losses or organisational performance is compromised as a result of unclear authorities, structures and accountabilities Effective Planning & Performance Risk Framework 15 Improved Transparency Code of Governance Declarations of Interest Attainment of Value for Money. Engagement and use of Consultants 8 In Progress

4 Area 2018/19 Recruitment Procedures & Temporary Employment Arrangements Annual Governance Statement 6 6 Operational/ Risk Risk of impaired service delivery resulting from inadequate or failed internal processes and systems, error and deficiencies in the performance of external suppliers and stakeholders. 51 Bus Services Provision Prepaid Tickets & Concessionary Fares 25 Bus Services Provision Tendered Subsidised Bus Services /Monitoring 8 Retail Services Metro Travel Centre Operations 18

5 Area 2018/19 Delivery Change Risk 55 Risk that programmes and projects are not delivered in time, within budget and do not deliver agreed benefits. Risk of fraud, misappropriation of funds Delivery of Projects & Programmes Attainment of Value for Money. PMO Feasibility and controls, due diligence/approval management, Programme Monitoring. Programmes/ Projects; reporting, risk management, cost control, compliance with conditions of funding, fraud prevention controls. Includes; Transport Fund, Enterprise Zones, Efficiency Fund, Housing & Regeneration, Skills Capital, Business, Sector Skills Initiative, Growth Programme. 55

6 Area 2018/19 Superfast Broadband, Growing Places Fund management of loans, Leeds Public Transport Investment Fund, Ultra-Low Emissions Vehicles ERDF and ESIF funding regimes. State Aid requirements. Use of third party service suppliers procurement, administration and project management services. Operation of PIMs, reporting Information and Communication Risks 16 Failing to provide sufficient, appropriate, consistent and timely information to key internal and external stakeholders.

7 Area 2018/19 Improved Transparency Transparency Code Compliance 8 4 In Progress Improved Transparency Freedom of Information Requests 8 Data Security/Data Protection Risks 35 Failure to adequately maintain and protect business critical data and appropriately, hold sensitive personal information Secure Systems Data Security/Data Protection - ICT systems and network controls, *15 Safeguarding children and vulnerable adults. (SEN Contracts, Concessionary Fares), GDPR compliance Secure Systems Cyber Attack/Systems *

8 Area 2018/19 Penetration testing Counter Fraud 26 Pro-active counter fraud, data matching tests Allowance/contingency to investigate any allegations of suspected fraud, bribery or corruption Value for Money 20 Attainment of Value for Money. Allowance for value for money reviews of functions and processes in operation. 20 Consultation 12 Secure Systems Allowance for the provision of advice in relation to the development and implementation of new or significant changes to systems and processes 12

9 Area 2018/19 Development of Risk 2 Certification 54 Access Innovation Fund 3 3 Controlled Growth Deal Fund 8 3 Growth Hub Grant 3 3 Efficiency Fund 8 3 Local Transport Fund 8 Controlled Controlled Controlled Interreg SHARE North 8 3 Controlled City Cycle Grant 2

10 Area 2018/19 L-CREATE, ERDF & ESIF 6 Strategic Business Growth Fund 8 3 Controlled Follow up 25 Allowance for the follow up of progress in implementing agreed actions to significant control weaknesses 25 General Contingency Contingency for the requirement for Internal Audit to perform unplanned work. 20 Flood Resilience Fund 4 Total

11 Work required to complete the 2018/ To be provided by; Internal Team 399 Contractor 25 (424)