Minutes of a meeting of the Risk & Audit Sub-committee

 

Date:                                    10 May 2023

Time:                                    9.00am

Venue:

Council Chamber

Hawke's Bay Regional Council

159 Dalton Street

NAPIER

 

Present:                              Cr N Kirton – Chair

Cr X Harding – Deputy Chair

Cr T Hokianga (online)

Cr J Mackintosh

S Maloy – Independent member (online)

 

In Attendance:                 B Bayfield – Interim Chief Executive

S Young – Group Manager Corporate Services

C Comber – Chief Financial Officer

L Hooper – Team Leader Governance

J Bennett – Senior Manager - Finance Recovery

H Marsden – Risk & Corporate Compliance Manager

O Giraud-Burrell – Quality & Assurance Advisor

A Siddles – Chief Information Officer

D Borrie and A Sofe – Ernst Young (online)

C Spencer – Senior Group Accountant

 

 

 


1.         Welcome/Karakia /Apologies

The Chair welcomed everyone to the meeting.

 

2.         Conflict of interest declarations

There were no conflicts of interest declared.

 

3.

Confirmation of the Risk & Audit Sub-committee Terms of Reference

 

Susie Young spoke to the item, advising that the key change to the Terms of Reference from the previous triennium was to clarify that financial reporting is to the Corporate and Strategic Committee and the focus for RAS is audit and risk.

Councillor Jock Mackintosh arrived at 9.10am

Councillor Thompson Hokianga arrived at 9.15am

Amendments agreed through discussions included that the purpose of RAS covers both financial and non-financial risk, RAS to report directly to Council, meetings are to be quarterly to feed into Council in a timely fashion, and that the Chair of RAS is independent in line with the advice of the Auditor General.

RAS13/23

Resolutions

That the Risk and Audit Sub-committee:

1.      Receives and considers the Confirmation of the Risk & Audit Sub-committee Terms of Reference staff report.

2.      Recommends that Hawke’s Bay Regional Council reviews the Terms of Reference for the Sub-committee in accordance with amendments agreed today, by 28 June 2023.

Kirton/Harding

CARRIED

 

4.

2022-2023 Enterprise Internal Audit Plan update and proposed 2023-2024 plan

 

Helen Marsden, Risk & Corporate Compliance Manager, and Olivia Giraud-Burrell, Quality & Assurance Advisor, introduced the item, which was taken as read. Queries and discussions traversed:

·    The Health & Safety team has carried out an internal review and gap analysis and is now mapping out the necessary systems and processes to meet ISO 45001 (replaces ACC workplace management standard  – current until end of July) requirements, which will then be independently audited in October 2023 and any further mitigations implemented. Required as a priority, for reporting to June Council meeting.

Councillor Hinewai Ormsby joined the meeting at 9.30am

·    The review of the HB CDEM Group response to Cyclone Gabrielle will be shared with all councils as members of the Group.

·    Reviews arising from Cyclone Gabrielle have been added to the schedule of audits/reviews being undertaken to insure visibility on the Council’s Audit Universe

·     Important to grow internal audit capacity, using external auditors to learn from.

·    Suggest start by identifying areas for audits to be carried out, then work out whether to use internal or external auditor, then check whether it meets s17a hurdle and scope accordingly.

·    Additional detail to be included in future reports to include the purpose of the review, Terms of Reference and Scope for the review if available, whether conducted by independent or internal resource and specifying where it is s17a review.

RAS2/23

Resolutions

That the Risk and Audit Sub-committee:

1.      Receives and considers the 2022-2023 Enterprise Internal Audit Plan update and proposed 2023-2024 plan staff report.

2.      Confirms the internal audit plan for the 2022-2023 financial year includes:

2.1.       data analytics (as resolved 4 May 2022)

2.2.       Organisational change consolidation and prioritisation (as resolved 4 May 2022).

3.      Confirms the proposed Enterprise Internal Audit Plan for the 2023-2024 financial year includes:

3.1.       Data Analytics Internal Audit (for 2023-2024 financial year)

3.2.       Independent review of HBRC Flood Protection and Drainage Schemes’ performance during Cyclone Gabrielle

3.3.       Heretaunga Plains Flood Control Scheme review

3.4.       Cyclone Gabrielle Flood Report

3.5.       HBRC Internal Review – Timeline of Events

3.6.       Telemetry Resilience Review

3.7.       Hydrometric Review

3.8.      HB CDEM Group Cyclone Gabrielle Response Review.

Harding/Mackintosh

CARRIED

 

5.

Treasury Compliance Report for the period 1 January - 31 March 2023

 

Jess Bennett introduced the item, which was taken as read, and provided an overview of what is assessed for the report. Highlights included:

·    Short-term borrowing has been drawn down to fund the emergency response to Cyclone Gabrielle, some of which will be recovered from insurers, and is closer to the debt forecast in the LTP.

·    One flag is that Council is slightly under-hedged at the moment, outside of the policy threshold.

·    Treasury and associated policies are reviewed regularly, aligned to Long Term Plan cycles.

RAS3/23

Resolution

That the Risk and Audit Sub-committee receives and notes the Treasury Compliance Report for the period 1 January – 31 March 2023.

Mackintosh/Harding

CARRIED

The meeting adjourned at 10.14am and reconvened at 10.30am

6.

Organisational change consolidation and prioritisation Internal Audit findings

 

Helen Marsden introduced the item, which presented a draft report to provide RAS with visibility of the audit having been undertaken and completed. Once the findings have been through the Executive Leadership Team and actions agreed, the final report will come to RAS.

RAS4/23

Resolution

That the Risk and Audit Sub-committee receives and notes the Organisational Change Consolidation and Prioritisation Internal Audit findings staff report.

Harding/Mackintosh

CARRIED

 

7.

Audit Plan for the 2022-2023 Annual Report

 

Chris Comber introduced the item, advising that the timeframes proposed by Ernst Young for the audit of the 2022-23 annual report. Notable changes for this year’s audit include:

·    Cyclone Gabrielle impacts on infrastructure assets, with this year having been signalled as a valuation year and it may not be practical for the valuation to be undertaken this year

·    Cyclone Gabrielle impacts on funds flowing into Council, including proceeds from insurers and timing, taking account of Council’s funds and funds being managed for others

·    Appropriate processes for procurement heightened for recovery and ensuring proper controls are exercised and processes followed.

·    Intention is to have the Audit completed do enable Council to adopt within the statutory deadline, however potential delays will be clarified through the interim audit and any change advised to Council.

RAS5/23

Resolution

That the Risk and Audit Sub-Committee receives and notes the Audit Plan for the 2022-2023 Annual Report.

Kirton/Harding

CARRIED

 

 

8.

Enterprise Risk Report

RAS6/23

Resolution

That the Risk and Audit Sub-committee excludes the public from this section of the meeting, being Agenda Item  8 Enterprise Risk Report with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Enterprise Risk Report

s7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment.

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Harding/Mackintosh

CARRIED

 

9.

Internal Assurance corrective actions update

RAS7/23

Resolution

That the Risk and Audit Sub-committee excludes the public from this section of the meeting, being Agenda Item 9 Internal Assurance corrective actions update with the general subject of the item to be considered while the public is excluded; the reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution being:

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Internal Assurance corrective actions update

7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment.

s7(2)(e) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to avoid prejudice to measures that prevent or mitigate loss to members of the public.

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Harding/Mackintosh

CARRIED

 

10.

Privacy event

RAS8/23

Resolution

That the Risk and Audit Sub-committee excludes the public from this section of the meeting, being Agenda Item 10 Privacy event with the general subject of the item to be considered while the public is excluded. The reasons for passing the resolution and the specific grounds under Section 48 (1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are:

General subject of the item to be considered

Reason for passing this resolution

Grounds under section 48(1) for the passing of the resolution

Privacy event

7(2)(f)(ii) The withholding of the information is necessary to maintain the effective conduct of public affairs through the protection of such members, officers, employees, and persons from improper pressure or harassment.

s7(2)(e) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to avoid prejudice to measures that prevent or mitigate loss to members of the public.

s7(2)(j) That the public conduct of this agenda item would be likely to result in the disclosure of information where the withholding of the information is necessary to prevent the disclosure or use of official information for improper gain or improper advantage.

The Council is specified, in the First Schedule to this Act, as a body to which the Act applies.

Harding/Mackintosh

CARRIED

 

The meeting went into public excluded session at 10.58am and out of public excluded session at 12.26pm

 

 

Closure:

There being no further business the Chair declared the meeting closed at 12.26pm on Wednesday, 10 May 2023.

Signed as a true and correct record.

Date: by Risk & Audit Committee resolution 18 October 2023     Chair:  Stephanie Maloy