Meeting of the Finance Audit & Risk Sub-committee
Date: Thursday 11 February 2016
Time: 10.00am
Venue: |
Council Chamber Hawke's Bay Regional Council 159 Dalton Street NAPIER |
Agenda
Item Subject Page
1. Welcome/Notices/Apologies
2. Conflict of Interest Declarations
3. Confirmation of Minutes of the Finance Audit & Risk Sub-committee held on 9 November 2015
4. Matters Arising from Minutes of the Finance Audit & Risk Sub-committee held on 9 November 2015
5. Follow-ups from Previous Finance Audit & Risk Sub-committee meetings 3
6. Audit Management Letter Covering Annual Report Year Ending 30 June 2015 15
7. Charter for the Finance Audit & Risk Sub-committee 33
8. 2016 Work Programme Going Forward 39
Public Excluded Items
9. Internal Audit – Business Continuity & Disaster Recovery Plan 41
10. Cyber Security
11. Risk Assessment and Management 43
12. Confirmation of the Public Excluded Minutes of the Finance, Audit and Risk Sub-committee Meeting held 9 November 2015 45
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
SUBJECT: Follow-ups from Previous Finance Audit & Risk Sub-committee meetings
Reason for Report
1. In order to track items raised at previous meetings that require follow-up, a list of outstanding items is prepared for each meeting. All follow-up items indicate who is responsible for each, when it is expected to be completed and a brief status comment. Once the items have been completed and reported to the Committee they will be removed from the list.
Decision Making Process
2. Council is required to make every decision in accordance with the Local Government Act 2002 (the Act). Staff have assessed the in relation to this item and have concluded that as this report is for information only and no decision is required, the decision making procedures set out in the Act do not apply.
1. That the Finance, Audit and Risk Sub-committee receives and notes the report “Follow-ups from Previous Finance Audit and Risk Sub-committee Meetings”. |
Liz Lambert Chief Executive |
|
Follow-ups from Previous Finance, Audit & Risk Sub-committee Meetings |
|
|
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
Subject: Audit Management Letter Covering Annual Report Year Ending 30 June 2015
Reason for Report
1. To inform the Sub-committee of the results of the Audit for the 2014-15 financial year and of the issues arising out of this audit.
Comment
2. The audit of the Annual Report for year ending 30 June 2015 has now been completed by Audit New Zealand (Audit NZ) and the final management letter covering the issues that have arisen during this audit is appended as Attachment 1 to this paper.
3. In a number of areas Audit NZ has requested a comment from management and these management comments are included in the attached letter.
4. Stephen Lucy, Director, Audit NZ, will attend this meeting to present his letter to the Sub-committee.
Decision Making Process
5. The Sub-committee is required to make every decision in accordance with the Local Government Act 2002 (the Act). Staff have assessed the requirements in relation to this item and have concluded that, as this report is for information and receipt only and no decision is to be made, the decision making provisions of the Local Government Act 2002 do not apply.
1. That the Finance, Audit and Risk Sub-committee receives the Audit Management Letter from Audit New Zealand which covers the Annual Report for year ending 30 June 2015 report and notes Management comments. |
Paul Drury Group Manager |
Liz Lambert Chief Executive |
Audit NZ Letter re Audit for the Year Ended 30 June 2015 |
|
|
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
Subject: Charter for the Finance Audit & Risk Sub-committee
Reason for Report
1. The Finance, Audit and Risk sub-committee requested that the draft Charter it considered at the 9 November meeting be amended in light of suggestions offered at that meeting, and then brought back to the sub-committee for confirmation and to recommend adoption to the Corporate and Strategic Committee.
2. The amended Charter is attached for the sub-committee’s consideration.
Decision Making Process
3. Council is required to make every decision in accordance with the requirements of the Local Government Act 2002 (the Act). Staff have assessed the requirements in relation to this item and have concluded:
3.1. The decision does not significantly alter the service provision or affect a strategic asset.
3.2. The use of the special consultative procedure is not prescribed by legislation.
3.3. The decision does not fall within the definition of Council’s policy on significance.
3.4. The decision is not inconsistent with an existing policy or plan.
3.5. Given the nature and significance of the issue to be considered and decided, and also the persons likely to be affected by, or have an interest in the decisions made, Council can exercise its discretion and make a decision without consulting directly with the community or others having an interest in the decision.
1. That the Finance Audit & Risk Sub-committee receives and confirms the Charter. 2. The Finance Audit & Risk Sub-committee recommends that the Corporate & Strategic Committee 2.1. Agrees that the decisions to be made are not significant under the criteria contained in Council’s adopted Significance and Engagement Policy, and that Council can exercise its discretion and make decisions on this issue without conferring directly with the community. 2.2. Approves the HBRC Finance Audit & Risk Sub-committee Charter. |
Liz Lambert Chief Executive |
|
Finance, Audit & Risk Sub-committee Charter |
|
|
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
Subject: 2016 Work Programme Going Forward
Reason for Report
1. In order to ensure the sub-committee’s ability to effectively and efficiently fulfill its role and responsibilities, an overall suggested work programme is provided following.
Internal Audits |
· Processes, policies and procedures around stakeholder communications and relationship management (from risk register) · Fraud prevention and detection (from risk register) · Capturing and managing general and procurement related Conflicts of Interest (staff policy review under way) (Interests Register for Executive staff has been initiated) · Cyber security · Future proofing IT systems · IT general computer systems control · Rating system – processes involved in striking the rate · Health & Safety compliance with policies and procedures · Stakeholder relationship management and risks in relation to elected representatives, and how such an audit might be conducted · Add resilience and reduction to disaster recovery · Staff development and succession planning |
Risk Assessment & Management |
· Routine (6 monthly) reporting on risks to the FA&R Sub-committee · Review previous 6-month Risk Assessment to note changes / improvements / areas that require attention · Sub-committee carry out detailed review of individual Group’s Risk Management (as part of the programmed reviews of Groups) |
Insurance |
· Council’s proposed 2016-17 Insurance programme |
Annual Report |
· Adoption of Audit report 20 September for recommendation to Council |
Decision Making Process
2. As this report is for information only and no decision is to be made, the decision making provisions of the Local Government Act 2002 do not apply.
1. That the Finance, Audit and Risk Sub-committee receives and considers the “Work Programme Going Forward” report. |
Paul Drury Group Manager |
Liz Lambert Chief Executive |
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
SUBJECT: Internal Audit – Business Continuity & Disaster Recovery Plan
1. That the Sub-committee excludes the public from this section of the meeting, being Agenda Item 9 Internal Audit – Business Continuity & Disaster Recovery Plan with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:
GENERAL SUBJECT OF THE ITEM TO BE CONSIDERED |
REASON FOR PASSING THIS RESOLUTION |
GROUNDS UNDER SECTION 48(1) FOR THE PASSING OF THE RESOLUTION |
Internal Audit – Business Continuity & Disaster Recovery Plan |
7(2)(a) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to protect the privacy of natural persons. |
The Council is specified, in the First Schedule to this Act, as a body to which the Act applies. |
2. That Mr John Dixon and Ms Sophie Hay from Price Waterhouse Cooper attend for this item as the auditors who prepared the Audit Report.
SUBJECT: CYBER SECURITY
That the Sub-committee excludes the public from this section of the meeting, being Agenda Item 10 Cyber Security with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:
GENERAL SUBJECT OF THE ITEM TO BE CONSIDERED |
REASON FOR PASSING THIS RESOLUTION |
GROUNDS UNDER SECTION 48(1) FOR THE PASSING OF THE RESOLUTION |
Risk Assessment and Management |
7(2)(c)(ii) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of that information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide and would be likely otherwise to damage the public interest. 7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage. |
The Council is specified, in the First Schedule to this Act, as a body to which the Act applies. |
Paul Drury Group Manager |
|
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
Subject: Risk Assessment and Management
1. That the Sub-committee excludes the public from this section of the meeting, being Agenda Item 11 Risk Assessment and Management with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:
GENERAL SUBJECT OF THE ITEM TO BE CONSIDERED |
REASON FOR PASSING THIS RESOLUTION |
GROUNDS UNDER SECTION 48(1) FOR THE PASSING OF THE RESOLUTION |
Risk Assessment and Management |
7(2)(c)(ii) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of that information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide and would be likely otherwise to damage the public interest. 7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage. |
The Council is specified, in the First Schedule to this Act, as a body to which the Act applies. |
2. That Mr John Dixon from Price Waterhouse Cooper attend for this item to provide expert Audit opinion as requested.
Mike Adye Group Manager |
Paul Drury Group Manager |
Finance Audit & Risk Sub-committee
Thursday 11 February 2016
SUBJECT: CONFIRMATION OF PUBLIC EXCLUDED MINUTES OF THE FINANCE, AUDIT & RISK SUB-COMMITTEE MEETING HELD ON 9 NOVEMBER 2015
That the Sub-committee excludes the public from this section of the meeting being Agenda Item 12 Confirmation of Public Excluded Minutes of the Finance, Audit & Risk Sub-committee Meeting held on 9 November 2015 with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:
|
Liz Lambert Chief Executive |
|