Audit and Risk Committee
Open Minutes
|
Meeting Date: |
Thursday 6 December 2018 |
|
Time: |
1.00pm – 1.30pm |
|
Venue |
Ikatere Boardroom Level 2, Capeview Building 265 Marine Parade Napier |
|
Present |
John Palairet (In the Chair), Mayor Bill Dalton, Geoff Foster, Councillor Claire Hague, and Councillor Kirsten Wise |
|
In Attendance |
Stephen Lucy – Audit New Zealand Director Corporate Services, Director Infrastucture Services, Chief Financial Officer, Manager People and Capability [to 1.12pm], Manager Communications and Marketing [from 1.12pm], Strategic Finance Advisor, Accounting/ Risk Management Contractor [to 1.26pm] |
|
Administration |
Governance Team |
Apologies
Nil
Conflicts of interest
Nil
Public forum
Nil
Announcements by the Mayor
Nil
Announcements by the Chairperson
Nil
Announcements by the management
Nil
Confirmation of minutes
|
That the Minutes of the meeting held on 11 October 2018 were taken as a true and accurate record of the meeting.
|
Audit and Risk Committee - 06 December 2018 - Open Minutes
1. Audit New Zealand Management Letter
|
Type of Report: |
Information |
|
Legal Reference: |
Local Government Act 2002 |
|
Document ID: |
433397 |
|
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer |
1.1 Purpose of Report
To consider the Audit NZ management letter: Napier City Council Audit for the year ended 30 June 2018 (to be tabled at the meeting).
|
Mr Lucy spoke to the management letter, noting that some minor matters are being worked through with Council officers; many of the findings are already under action. The Annual Report was of good quality. It was noted that Council has a large number of big assets and a good process was in place to ensure that valuations are undertaken for these. The reporting mandated by Department of Internal Affairs was considered robust.
|
|
That the Audit and Risk Committee:
a. Receive the Audit New Zealand management letter: Napier City Council Audit for the year ended 30 June 2018.
|
2. Proposed Audit and Risk Committee 2019 Meeting Calendar
|
Type of Report: |
Operational |
|
Legal Reference: |
N/A |
|
Document ID: |
433409 |
|
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer |
2.1 Purpose of Report
To consider the proposed timetable of meetings for the Audit and Risk Committee in 2018, as detailed below.
|
The Chair advised that the March and June dates would need to be adjusted due to other commitments he holds. Proposed alternative dates will be circulated to the committee for consideration. The recommendation was left lying on the table.
|
|
a. That the Committee receive the proposed timetable of meetings for the Audit and Risk Committee for 2019.
|
|
Type of Report: |
Operational |
|
Legal Reference: |
N/A |
|
Document ID: |
433412 |
|
Reporting Officer/s & Unit: |
Sue Matkin, Manager People & Capability |
3.1 Purpose of Report
The purpose of the report is to provide the Audit and Risk Committee with an overview of the health and safety performance as at 31st October 2018.
|
The Manager People and Capability spoke to the report, noting that there have been no serious incidents in the reporting period since the previous meeting. There has been an increased focus on contractor auditing and ‘visible leadership’ in the Health and Safety space within the reporting period; 37 additional onsite visits were made by Corporate Manager Team members to discuss Health and Safety matters. November was ‘Men’s health awareness month’, and $2600 was raised for prostate cancer support. Testing has recently been completed of response times in relation to a new tool for use by independent onsite workers called “man-down devices”. If someone has an incident or accident while on their own and they are literally “down” the device triggers and contacts a company called Red Wolf. They will then call the person. If a response is not receive emergency services are immediately notified and directed to the location of the worker, identified via GPS tracking associated with the devices. Workloads have been very high in the lead into the summer holiday period and People and Capability are liaising with teams across Council to ensure that stress and fatigue levels are monitored and managed. In response to a question from the Committee it was advised that bullying and sexual harassment are identified as hazards under the Health and Safety in the Workplace Act. In May this year an anti-bullying campaign was run which identified what bullying and harassment looks like, provided tools for managers and staff, and advised on how to get help.
|
|
That the Audit and Risk Committee: a. Receive the Health and Safety report as at 31 October 2018.
|
The Manager People and Capability left the meeting at 1.12pm.
The Manager Communications and Marketing joined the meeting at 1.12pm.
|
Type of Report: |
Information |
|
Legal Reference: |
N/A |
|
Document ID: |
433414 |
|
Reporting Officer/s & Unit: |
Ross Franklin, Consultant |
4.1 Purpose of Report
To provide the Audit and Risk Committee (Committee) with an update on progress with risk management work and to report on the highest rated risks.
|
The Sycle projects module delivery date has been adjusted to March 2019 to ensure good delivery of the project. The business continuity management project is in the investigative phase. As most of the current risks in the risk register were entered in July 2018, they have now become due to review. The opportunity is being taken to review these in more detail, checking the risk description and rating remain accurate. The risk framework and policy will be brought to this Committee at its first meeting for the 2019 year. It was noted that the risk related to Pandora Pond has now been removed. The inflatables will not be placed in the pond this summer season as an outcome of the patterns identified through modelling by the Infrastructure team; fluctuations in the pond following rain events have been identified through this process. In response to question from the Committee it was advised that: · One of the important culture changes has been to consider risk management as part of everyday work. While the teams are doing as much as they can with the resource available, Council continues to consider options to ensure that it is able to continue moving forward in this space. · While dedicated resource, such as a risk management insurance role, could be put in place and may be considered at some point, it has been important to ensure that all managers and risk owners are brought along the change journey and clearly understand risk and what is required of them. This process may have been circumvented by a dedicated role being in place too early. · Consideration would need to be given to the level within the risk framework that any dedicated role operated at.
|
|
That the Committee: a. Note the risk management work being undertaken by the NCC Risk Committee. b. Receive the report titled: Highest rated risks report 24 September 2018. c. Receive the report titled; NCC Risk Maturity Roadmap: 5 Year Plan
|
The Accounting/ Risk Management Contractor left the meeting at 1.26pm.
5. Internal Audit Programme 2018/19
|
Type of Report: |
Operational |
|
Legal Reference: |
Local Government Act 2002 |
|
Document ID: |
671251 |
|
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer |
5.1 Purpose of Report
To table to the Committee the internal audit programme for 2017/18 and 2018/19 from Crowe Horwath. Recommendations, feedback and any other review priorities the Committee deems relevant, is sought.
|
The Chief Financial Officer spoke to the report, briefly reviewing the recent audits completed by Crowe Horwath and the intended schedule for the next year. It was noted that the contract with Crowe Horwath is flexible so it would be possible to incorporate a broader high level review into the schedule if desired. In response to a question from the Committee it was advised that the first fraud workshop was run with senior leadership and the second with cash handling positions, depot and front of house staff. It was recommended that a specialist in the area of fraud present to this Committee in 2019. It was noted that Crowe Horwath do not currently review cyber security but a separate review of our IT security measures is undertaken annually.
|
|
The Audit and Risk Committee: a. Resolve that the internal audit programme for 2017/18 and 2018/19 from Crowe Horwath is received.
|
Audit and Risk Committee - 06 December 2018 - Open Minutes
PUBLIC EXCLUDED ITEMS
|
That the public be excluded from the following parts of the proceedings of this meeting, namely: 1. Independent Audit Member Appointment
|
The general subject of each matter to be considered while the public was excluded, the reasons for passing this resolution in relation to each matter, and the specific grounds under Section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution were as follows:
|
General subject of each matter to be considered. |
Reason for passing this resolution in relation to each matter. |
Ground(s) under section 48(1) to the passing of this resolution. |
|
1. Independent Audit Member Appointment |
7(2)(a) Protect the privacy of natural persons, including that of a deceased person |
48(1)A That the public conduct
of the whole or the relevant part of the proceedings of the meeting would be
likely to result in the disclosure of information for which good reason for
withholding would exist: |
The meeting moved into committee at 1.30pm
|
Approved and adopted as a true and accurate record of the meeting.
Chairperson .............................................................................................................................
Date of approval ...................................................................................................................... |