Audit and Risk Committee
Open Agenda
Meeting Date: |
Friday 29 September 2023 |
Time: |
9.30am |
Venue: |
Council Chamber |
Committee Members |
Chair: Bruce Robertson Members: Mayor Kirsten Wise, David Pearson, Councillor Sally Crown (Deputy Chair), Councillor Greg Mawson and Councillor Hayley Browne Ngā Mānukanuka o te Iwi representative - Joe Tareha |
Officer Responsible |
Deputy Chief Executive / Executive Director Corporate Services |
Administration |
Governance Team |
|
Next Audit and Risk Committee Meeting Friday 17 November 2023 |
Audit and Risk Committee - 29 September 2023 - Open Agenda
2022 TERMS OF REFERENCE - AUDIT AND RISK
Reports to: |
Council |
Chairperson |
Bruce Robertson (External Independent) |
Deputy Chairperson |
Councillor Crown |
Membership |
The Mayor Deputy Chair of Sustainable Napier Committee Chair of Prosperous Napier Committee External independent appointee Ngā Mānukanuka o te Iwi (Māori Committee) (1) Note: The Chief Executive and External Auditor are required to attend all meetings but are not members and have no voting rights. |
Quorum |
3 - One of which is an external appointee |
Meeting frequency |
At least quarterly and further as required |
Officer Responsible |
Deputy Chief Executive / Executive Director Corporate Services |
Role
The role and scope, as well as any delegations of the Audit and Risk Committee are defined in the Audit Charter IDoc Id 325090).
Delegations
The role and scope, as well as any delegations of the Audit and Risk Committee are defined in the Audit Charter.
The Committee can make recommendations to Council or the Chief Executive as appropriate.
Audit and Risk Committee - 29 September 2023 - Open Agenda
ORDER OF BUSINESS
Karakia
Apologies
Nil
Conflicts of interest
Public forum
Nil
Announcements by the Mayor
Announcements by the Chairperson including notification of minor matters not on the agenda
Note: re minor matters only - refer LGOIMA s46A(7A) and Standing Orders s9.13
A meeting may discuss an item that is not on the agenda only if it is a minor matter relating to the general business of the meeting and the Chairperson explains at the beginning of the public part of the meeting that the item will be discussed. However, the meeting may not make a resolution, decision or recommendation about the item, except to refer it to a subsequent meeting for further discussion.
Announcements by the management
Confirmation of minutes
That the Minutes of the Audit and Risk Committee meeting held on Friday, 23 June 2023 be taken as a true and accurate record of the meeting..................................................... 53
Agenda items
1 Health and Safety Report (April-August 2023)............................................................. 4
2 Sensitive Expenditure - Mayor and Chief Executive.................................................. 27
3 Update Report - Audit New Zealand.......................................................................... 30
4 External Audit actions status update......................................................................... 31
5 Internal Audit Status Update..................................................................................... 36
6 Integrity Policies....................................................................................................... 47
Minor matters not on the agenda – discussion (if any)
Recommendation to Exclude the Public............................................................. 51
Audit and Risk Committee - 29 September 2023 - Open Agenda Item 1
1. Health and Safety Report (April-August 2023)
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1695932 |
Reporting Officer/s & Unit: |
Adam McDonald, Health, Safety and Wellbeing Lead Anna Nottage, Chief People Officer |
1.1 Purpose of Report
The purpose of this report is to provide the Audit & Risk Committee (ARC) an overview of Health & Safety & Wellbeing (HSW) activity, inform on the progress of initiatives underway to improve health, safety, and wellbeing, as well as key performance indicators covering the period April 2023 to August 2023.
|
Officer’s Recommendation The Audit and Risk Committee: a) Receive the April – August 2023 Health and Safety report. |
Napier City Council is committed to pursuing a high performing health and safety culture through the implementation of policies, standards and procedures to eliminate hazards and manage health, safety, and wellbeing risks.
The Audit and Risk Committee (ARC) report provides commentary and a range of indicators on the performance of the health and safety management system. The report enables the ARC to provide assurance to Council for the capability and functioning of Council’s health, safety and wellbeing hazard and risk management system and associated programmes.
Correction of ARC report lag
The June 2023 report to the ARC included information on health and safety reporting activity for the months of January through March 2023, but omitted the most recent activity for the months of April and May.
To eliminate the lag, the September report takes into account Council's health and safety management system's current performance throughout a five-month period from April to August 2023.
The ARC paper will return to a three-month reporting cycle in December 2023 for the months of September, October, and November 2023.
1.3 Discussion
Risk Management
Table 1: Overview of strategic and operational HSW risks
1.4 Additional Comments
· Lack of accountability, poor Sycle risk management software implementation, and a lack of training are all cited for the lack of maintenance (housekeeping) for operational health and safety risks.
· Napier City Council's risk register includes duplication across operational health, safety, and wellbeing risks. OR183, 265, 267, 271, and 277, for instance, share commonalities.
Recommendations
· Consolidate health, safety and wellbeing risks to remove duplication. Therefore, Establish SR14 as the single health and safety strategic risk, OR183 as the single parent health and safety operational risk and OR267 as the single parent operational wellbeing risk. All remaining risks to transfer to ‘child’ operational risks. Example, OR207 becomes a child operational risk to OR183.
· Develop a Health and Safety risk management plan and update ARC with quarterly progress reports.
1.5 Emerging Hazards and Risks
Throughout the Q3 reporting period, there have been more reports of workplace stress and public aggression.
Workplace stress and poor mental health
The significant use of employee assistance services and other signs of increased stress and mental health challenges in the workplace have been noted.
· Control measure: Comprehensive work plan to address the factors that affect wellbeing, such as organisational and environmental factors, psychosocial risks, and the effects of the recent cyclone on the mental health of NCC employees.
Human behaviour
The safety of personnel, the reputation of council services and facilities, the ability to recruit and retain workers, business continuity, and the financial viability of council owned facilities have all been significantly impacted by reports of customer aggression and threatening behaviour that have risen during Q3. The prevalence of "gang violence" throughout the Napier aquatic network is especially concerning.
· Control measure: Senior management, the risk and assurance lead, and the health, safety, and wellness team continue to monitor the situation and are developing risk management strategies in response to the incidents. Many of the suggested activities were implemented in Q3 or are scheduled for implementation in Q4 2023.
1.6 Continuous Improvement
Health and Safety Management System Audit and Review
The Council's health and safety management system underwent an audit and review which consisted of a review of relevant documentation, conversations with key personnel at specific locations where medium- to high-risk work is being performed.
The audit procedure, significant findings, and recommendations are now included in the audit and review report (see Attachment 1), concluding phase one.
Phase two of the project includes a work schedule for implementing audit recommendations, enhancing Napier City Council's Health and Safety Management System, and ensuring legal compliance. Phase two should lead to improved health and safety risk management as well as a reduction of OR183 to a level that Council will accept.
1.7 Officer Due Diligence
Directors have a responsibility of care under section 44 of the Health and Safety at Work Act of 2015 (HSWA 2015). To enhance governance capabilities, the Executive leadership team recently completed the Institute of Directors' online training program in health and safety governance. In order to fulfil their obligation to exercise due diligence, the lead H&S committee has decided that directors must attend both the meetings of their individual directorate committees and the lead health and safety committee.
1.8 Health and Safety Performance indicators
Lead and lag indicators
Council continues to place a high priority on health and safety, and ensure all reasonable practical measures are taken to eliminate hazards and reduce the likelihood of injury and illness.
Attachment 2 has a complete list of performance metrics, including lead and lag reporting, health monitoring and surveillance, and training.
1.9 Wellbeing
The Council continues to provide psychological services to assist workers and their families. (Attachment 3) provides an overview for the utilisation of Employee assistance provider services in Q3. A summary of employee assistance providers is included in Attachment 1.
Council has engaged Umbrella a team of organisational psychologists to deliver a series of wellbeing workshops with the goal of improving Councils aptitude and capacity to respond to mental health challenges in the workplace. Umbrella is expected to complete a current state evaluation of wellbeing, and assist in the development and execution of a comprehensive wellbeing programme of work.
1 Health & Safety Audit and Review Report (Doc Id 1696994)
Audit and Risk Committee - 29 September 2023 - Open Agenda Item 2
2. Sensitive Expenditure - Mayor and Chief Executive
Type of Report: |
Procedural |
Legal Reference: |
N/A |
Document ID: |
1674189 |
Reporting Officer/s & Unit: |
Talia Foster, Accounting Manager |
2.1 Purpose of Report
To provide the information required for the Committee to review Sensitive Expenditure of the Mayor and Chief Executive for compliance with Council’s Sensitive Expenditure Policy.
The Audit and Risk Committee: a. Receive the 30 June 2023 quarterly report of Sensitive Expenditure for the Mayor and Chief Executive and review for compliance with the Sensitive Expenditure Policy. |
The Sensitive Expenditure Policy approved by the Chief Executive on 17 March 2023 and endorsed by Council requires a report of all sensitive expenditure by the Chief Executive and by the Mayor to Audit and Risk Committee meetings (clauses 6.3 and 6.4). The policy also states that the expenditure items will be reviewed by the Chairperson or the Deputy Chairperson of the Audit and Risk Committee for compliance with this policy.
2.3 Issues
No issues
2.4 Significance and Engagement
N/A
2.5 Implications
Financial
N/A
Social & Policy
All sensitive expenditure transactions for the quarter ended 30 June 2023 are compliant with Council’s Sensitive Expenditure Policy.
Risk
N/A
Audit and Risk Committee - 29 September 2023 - Open Agenda Item 3
3. Update Report - Audit New Zealand
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1697447 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer |
The purpose of this report is to provide time for the Committee to receive a verbal update from Karen Young, Audit New Zealand on the following: · Interim Audit Results · Annual Report · 3Waters
|
|
Officer’s Recommendation That the Audit and Risk Committee notes the verbal report from Karen Young, Audit New Zealand of 29 September 2023.
|
Audit and Risk Committee - 29 September 2023 - Open Agenda Item 4
4. External Audit actions status update
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1691539 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer Talia Foster, Accounting Manager |
4.1 Purpose of Report
The purpose of this paper is to summarise the actions taken by management from recommendations made via our external audit process to provide assurance to the Audit and Risk Committee that these have been addressed.
|
Officer’s Recommendation The Audit and Risk Committee: a. Receive the external audit status update report dated 29 September 2023.
|
Napier City Council are audited by Audit New Zealand annually for our Annual Report process, as legislated by the Local Government Act 2002. For each audit, we receive a report detailing issues found and recommendations made.
The agreed management actions are now being followed up with the relevant Council staff management and progress on actions to date is being tracked and reported.
4.3 Issues
To date, 48% of the recommendations have been completed and await confirmation by Audit NZ that the actions are satisfactory. Audit NZ will review these actions in the 2022/23 year end audit. Audit NZ have indicated that two of these matters are considered closed.
Please refer to the attached report for a detailed list of the recommendations and commentary on the current progress.
4.4 Significance and Engagement
N/A
4.5 Implications
Financial
N/A
Social & Policy
N/A
Risk
Along with the internal audit programme, our external audit monitors and significantly reduces risk across the organisation. By monitoring the recommendations to ensure they are implemented we are further reducing risk. Any outstanding actions do pose a risk to the organisation.
4.6 Development of Preferred Option
That the committee receive the external audit status update report.
5. Internal Audit Status Update
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1695213 |
Reporting Officer/s & Unit: |
Talia Foster, Accounting Manager Raewyn Fowler, Business Analyst |
5.1 Purpose of Report
The purpose of this paper is to summarise the actions taken by management of each audit undertaken over the last two years to provide assurance to the Audit & Risk Committee that these have been addressed.
|
Officer’s Recommendation The Audit and Risk Committee: a. Receive the internal audit status update report.
|
Napier City Council contract to Crowe to provide internal audit services, and recently were re-appointed on 1 July 2022 for a further three years to 30 June 2025. The internal audits performed by Crowe include a written report on issues found with recommendations, and agreed management actions to be taken by Council staff to address the issues raised. The agreed management actions are now being followed up by the relevant Council management and progress on actions to date is being tracked and reported (refer attachment).
5.3 Issues
Table 1 below lists the internal audits completed by Crowe during the 2020/21 and 2021/22 years and percentage of recommendations completed to date (August 2023):
Year |
Audit scope |
Percentage Completed (Dec 2022) |
Percentage Completed (June 2023) |
Percentage Completed (Aug 2023) |
20/21 |
Data Analytics |
100% |
100% |
100% |
20/21 |
Records Management |
6% |
18% |
18% |
21/22 |
Building & |
23% |
43% |
43% |
21/22 |
Fraud Policy Review & Awareness Training |
0% |
100% |
100% |
21/22 |
Sensitive Expenditure Review |
0% |
13% |
63% |
Please refer to the report attached for detail on the progress of each audit with commentary.
Note:
As the Data Analytics and Fraud Policy Review & Awareness Training internal audit recommendations were fully completed by the June 2023 report, the recommendations have not been included in this report.
The Asset Management internal audit report is no longer included in the above. This is due to the recommendation presented to the Audit & Risk Committee on 23 June 2023 by Asset Strategy Manager (Kate Ichicheva). The Asset Management internal audit is now superseded by a Targeted Improvement Action Plan. This will include a regular audit and review of asset management practices and performance going forward using the improvement actions outlined. This will be separately reported to Audit & Risk by the Asset Strategy Manager.
5.4 Significance and Engagement
N/A
5.5 Implications
Financial
N/A
Social & Policy
N/A
Risk
The internal audit programme monitors and significantly reduces risk across the organisation. By monitoring the recommendations to ensure they are implemented we are further reducing risk. Any outstanding actions do pose a risk to the organisation.
5.6 Options
The options available to the committee are as follows:
a. Receive the internal audit status update report
5.7 Development of Preferred Option
Recommend the committee receive the internal audit status update report.
1 2023-09 AR Internal Audit recommendations report (Doc Id 1695337)
Audit and Risk Committee - 29 September 2023 - Open Agenda Item 6
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1692577 |
Reporting Officer/s & Unit: |
Talia Foster, Accounting Manager |
6.1 Purpose of Report
This report outlines the importance of integrity policies in accordance with the New Zealand Office of the Auditor General's integrity framework. It explains the concept of integrity policies, their significance, our company's existing integrity policies, the controls in place to uphold them, and recommendations for the Audit and Risk Committee's consideration.
The New Zealand Office of the Auditor General's integrity framework underscores the critical role that integrity policies play in maintaining transparency, ethical behaviour, and accountability within organisations. Integrity policies encompass a set of guidelines, principles, and procedures that guide employees and stakeholders to act ethically, transparently, and responsibly in their roles. These policies are designed to prevent conflicts of interest, fraud, and unethical behaviour, thereby promoting public trust and organisational credibility
Integrity policies are of paramount importance as they:
· Foster a culture of ethical conduct and responsible decision-making.
· Mitigate risks associated with fraud, corruption, and non-compliance.
· Enhance stakeholder trust and confidence in the organisation.
· Demonstrate commitment to good governance practices.
· Align with legal and regulatory requirements.
At Council, we recognize the significance of integrity policies and have developed a comprehensive set of policies that outline the standards of behaviour expected from employees, contractors, and stakeholders. The policies we have identified as making up the group of integrity policies are:
Policy Name |
Next Review Due |
Policy Type |
Review Period (Years) |
Code of Conduct for Employees Policy |
18/05/2023 |
Internal |
2 |
Confidentiality Policy |
8/06/2023 |
Internal |
2 |
Conflict of Interest Policy |
19/05/2023 |
Internal |
3 |
Credit Card Policy |
30/10/2020 |
Internal |
2 |
Financial Delegation Policy |
8/12/2023 |
Internal |
2 |
Fraud Policy |
18/04/2026 |
Internal |
3 |
Information Management Policy |
22/06/2023 |
Internal |
2 |
Information Services Acceptable Use - Employee Policy |
9/04/2020 |
Internal |
1 |
Information Services Acceptable Use (Elected Members) Policy |
22/06/2023 |
Internal |
2 |
Information Services Acceptable Use Policy - Appointed Members |
18/11/2023 |
Internal |
1 |
Privacy Policy |
20/01/2023 |
Internal |
2 |
Procurement Policy |
5/08/2024 |
Public |
3 |
Protected Disclosures Policy |
18/04/2026 |
Internal |
3 |
Sensitive Expenditure Policy |
17/03/2025 |
Internal |
2 |
Gifts and Gratuities Policy |
17/09/2021 |
Internal |
2 |
Petty Cash Policy |
19/01/2022 |
Internal |
2 |
We acknowledge that several of these policies are overdue for review. This is an issue that has come up before and is due to issues with the policy review system and process. This process is currently being revised. Once the process has been updated, the policy reviews will be able to be actioned quickly as many are in a draft state awaiting approval.
6.3 Controls
Robust controls have been implemented to ensure the effectiveness of Council’s integrity policies:
· Regular Training: Endeavour is made to provide regular training on policies, ensuring awareness and understanding, especially when issues arise or updates are made.
Finance run quarterly training sessions which cover hot topics, updated policies, or general reminders. Induction training covers the Fraud Policy, Protected Disclosures Policy and Sensitive Expenditure Policy, and touches on other policies and where they can be found.
All policies are available on the internal intranet for staff to access at any time.
· Reporting Mechanisms: Confidential reporting mechanisms for whistle blowers to raise concerns without fear of retaliation have been established.
This policy is reviewed regularly and training is completed for staff in inductions for new starters and regularly training as mentioned above.
· Compliance Monitoring: Regular compliance audits and assessments are conducted to identify and address any policy breaches. These include internal checks of transactions, internal audits and external audits.
Credit card and expense claim transactions are approved through usual one-up procedures, and then reviewed for compliance with policies by the finance team. Regular spot checks are also conducted on transactions through the usual account payable processes, particularly for transactions picked up for FBT purposes quarterly. The weekly payment run checks include random invoice sampling which looks for compliance with policies and potential fraudulent activity.
Internal audits have been completed recently on Sensitive Expenditure and Fraud, along with other topics and these are on a regular cycle to ensure consistent reviews.
External audit always has a focus on Sensitive Expenditure, high risk areas, and policies and processes to look for weaknesses.
6.4 Implications
Financial
Not applicable
Social & Policy
Not Applicable
Risk
Addressing integrity policies is paramount due to its significant risk implications. Failure to uphold robust integrity policies could expose the organization to a range of risks, including reputational damage, legal and regulatory non-compliance, financial loss, and erosion of stakeholder trust.
Inadequate controls around conflicts of interest, bribery, and unethical behaviour could result in legal actions, penalties, and compromised business relationships. Additionally, a lack of adherence to data privacy and protection policies could lead to data breaches, compromising sensitive information and violating privacy regulations.
By prioritizing the implementation and enforcement of integrity policies, officers proactively mitigate these risks and strengthen the organization's resilience in an ever-evolving business landscape.
6.5 Options
The options available to Council are as follows:
a. Receive this paper, and request annual reports to the Audit and Risk Committee to identify any changes to the group of integrity policies or issues with the policies themselves.
b. Make recommendations to improve our integrity policies.
6.6 Development of Preferred Option
Officers believe we have a strong compliment of integrity policies at the moment. We are working on improving processes for review of these policies, and all other Council policies.
Audit and Risk Committee - 29 September 2023 - Open Agenda
Recommendation to Exclude the public
That the public be excluded from the following parts of the proceedings of this meeting, namely:
AGENDA ITEMS
1. Investigation Report - Napier Aquatic Centre
2. Verbal Update Chief Executive
The general subject of each matter to be considered while the public was excluded, the reasons for passing this resolution in relation to each matter, and the specific grounds under Section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution were as follows:
General subject of each matter to be considered.
|
Reason for passing this resolution in relation to each matter.
|
Ground(s) under section 48(1) to the passing of this resolution.
|
1. Investigation Report - Napier Aquatic Centre |
7(2)(a) Protect the privacy of natural persons, including that of a deceased person |
48(1)(a) That
the public conduct of the whole or the relevant part of the proceedings of
the meeting would be likely to result in the disclosure of information for
which good reason for withholding would exist: |
2. Verbal Update Chief Executive |
7(2)(h) Enable the local authority to carry out, without prejudice or disadvantage, commercial activities |
48(1)(a) That
the public conduct of the whole or the relevant part of the proceedings of
the meeting would be likely to result in the disclosure of information for
which good reason for withholding would exist: |
Audit and Risk Committee - 29 September 2023 - Open Agenda
Audit and Risk Committee
Open Minutes
Meeting Date: |
Friday 23 June 2023 |
Time: |
9.30am – 11.00am (Open) 11.01am – 11.40am (Public Excluded)
|
Venue |
Small Exhibition Hall |
Present |
Chair: Bruce Robertson Members: Councillor Greg Mawson and Councillor Hayley Browne Ngā Mānukanuka o te Iwi representative - Joe Tareha [via Teams Link) |
In Attendance |
Chief Executive (Louise Miller) [via Teams Link] Deputy Chief Executive / Executive Director Corporate Services (Jessica Ellerm) Chief People Officer (Anna Nottage) – Item 1 Health, Safety and Wellbeing Lead (Adam McDonald) – Item 1 Manager Asset Strategy (Kate Ivicheva) – Item 2 Chief Financial Officer (Caroline Thomson) Accounting Manager (Talia Foster) – Items 4,5 and 6 Risk and Assurance Lead (Dave Jordison) – Item 3 Programme Manager – Long Term Planning (Stephanie Murphy) |
Administration |
Governance Advisor (Carolyn Hunt) |
Karakia
The meeting opened with the Council karakia.
Apologies
Bruce Robertson / Councillor Mawson That the apologies from Mayor Wise, Councillor Crown and David Pearson be accepted. Carried |
Conflicts of interest
Nil
Public forum
Nil
Announcements by the Mayor
N/A
Announcements by the Chairperson
The Chair welcomed Joe Tareha as the appointed Ngā Mānukanuka o te Iwi representative to the Audit and Risk Committee as resolved at the Council meeting on 8 June 2023.
Announcements by the management
Nil
Confirmation of minutes
Councillor Browne / Bruce Robertson That the Minutes of the meeting held on 31 March 2023 were taken as a true and accurate record of the meeting.
Carried |
Agenda Items
1. Health and Safety Report - January/February/March 2023
Type of Report: |
Enter Significance of Report |
Legal Reference: |
Enter Legal Reference |
Document ID: |
1667348 |
Reporting Officer/s & Unit: |
Anna Nottage, Chief People Officer |
1.1 Purpose of Report
The purpose of this report is to provide the Audit & Risk Committee an overview of Health & Safety activity, inform on the progress of initiatives underway to improve health, safety, and wellbeing, as well as current key performance indicators covering the period January 2023 to March 2023.
At the meeting The Health, Safety and Wellbeing Lead, Mr McDonald advised that the format of the Health and Safety report had changed in comparison to what had been presented previously and now aligned to the Charter. Mr McDonald spoke to the report providing a brief summary and overview of Health and Safety activity, progress of initiatives underway to improve health, safety, and wellbeing, as well as current key performance indicators covering the period January 2023 to March 2023. In response to questions it was clarified: · The Institute of Directors (IOD) have been engaged to provide some training for Directors and officers to understand their obligations under section 44 of the Health and Safety at Work Act 2015. · Commentary was given around the appropriateness of elected members attending the Institute of Directors (IOD) course. It was commented that while the Chief Executive is open to prosecution and elected members were not, there is still value in attending and elected members were encouraged to undertake the training for better understanding of the roles and responsibilities. · Wellbeing was becoming increasingly important and since January there has been a good commitment to Health and Safety · EAP is a service offered to employees and there has been an increase in utilisation. Staff are accessing when unwell. In comparison to the last five years, this year has seen a 300% increase in use, however there needs to be more proactive measures put in place. · More resource will need to be available for Health, Safety and Wellbeing and this is actively being addressed. · In relation to the internal audit finding that no exit screening was received for workers, this alluded to workers who were exposed to certain risks in the work place and would require lung/blood tests etc. On leaving the organisation they are required to do another test to exposure but it is difficult to get them to do this when they have left. · During the cyclone it took a while for a Health and Safety team to be set up and the risk function was omitted in the response. A review process is being undertaken and will be reported on. · The Mysafety software was implemented in 2018 but due to a lack of upgrades has caused problems with reporting. The existing system will be upgraded to solve this issue, it does not require replacement. The analysis of the bow tie and the new format of the report was well received by the Committee. The Committee looked forward to seeing the results of the internal audit and proposed response as there will be a need for some action in terms of Health and Safety responsibilities. |
|
Committee resolution
|
Bruce Robertson / Councillor Browne The Audit and Risk Committee: a. Receive the Quarter 1 (January/February/March 2023) Health and Safety Report.
Carried |
2. Review and Improvement Recommendations for Asset Management Maturity: A Comparative Analysis of 2019 and 2021 Reports
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1666253 |
Reporting Officer/s & Unit: |
Kate Ivicheva, Manager Asset Strategy |
2.1 Purpose of Report
This report aims to review the asset management maturity assessments from 2019 and 2021, drawing attention to the deficiencies observed in the latter.
The report also articulates a refined set of recommendations for future audits and maturity assessments, ensuring a thorough and accurate comprehension of our asset portfolio. This will underpin informed, strategic decision-making within asset management.
Crucially, the report justifies the decision not to adhere to the recommendations of the 2021 audit report, instead proposing distinct improvement actions by network. These recommendations, grounded in the International Infrastructure Management Manual (IIMM) and the ISO 55000 series standards, are designed to foster growth in the maturity of our asset management practices, thus paving the way towards more effective and efficient operations.
At the meeting The Manager Asset Strategy, Ms Ivicheva provided a summary of the report. Ms Ivicheva concluded that Asset Management is not a one-off activity or a project with a defined start and end. It is an ongoing process requiring constant practice, evaluation, and refinement.
Good asset management requires continuous attention and improvement. It necessitates regular monitoring of asset conditions, timely maintenance, systematic data collection, accurate forecasting, and informed decision-making. Above all, it involves an organisational commitment to continuous improvement in these areas. By treating asset management as a continuous process, Napier City Council could ensure its assets are managed effectively, its risks are mitigated, and its services are delivered efficiently to the community, creating a sustainable and prosperous society. In response to questions it was clarified: · The Chief Executive confirmed that the organisation was taking this issue seriously and that these concerns had been raised as part of CouncilMark. The Executive Leadership Team were considering where additional resources and more focus should be made. · It was recognised that while we want to improve Council are at the core level generally with those systems, which is important going into the Long Term Plan. · Analysis is great and putting into an implementable improvement plan will be required and the steps forward. · Good reason to implement these steps. The Infrastructure Strategy places significant financial demands on the community and it needs to be the right one based on good data.
|
|
Committee resolution
|
Bruce Robertson / Councillor Browne The Audit and Risk Committee: a. Receive the report titled “Review and Improvement recommendations for Asset Management Maturity: A Comparative Analysis of 2019 and 2021 Reports” dated 23 June 2023. Carried |
3. Risk Management Report
Type of Report: |
Operational |
Legal Reference: |
N/A |
Document ID: |
1660154 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer Dave Jordison, Risk and Assurance Lead |
3.1 Purpose of Report
To inform the Audit and Risk Committee (Committee) on the status of Council’s strategic and operational risk profile and any emerging risks.
At the meeting The Chief Financial Officer, Ms Thomson advised that PwC facilitated a workshop with elected members to review Council’s strategic risks following Cyclone Gabrielle. A number of strategic and managed risks were identified. Further work will be required to align the risk with strategic objectives set by Council. A second workshop is to be held on 6 July 2023 to confirm the identified risks and present a proposal to merge some risks that sound similar and that could potentially share the same causes/triggers, consequences and controls. The Risk and Assurance Lead, Mr Jordison advised that there was no change to the current profiles and the analysis had not yet been completed. The impact of Cyclone Gabrielle will continue to have implications for risk assessment. In response to questions it was clarified: · The bowtie mapping was a really helpful tool in regard risk and mitigation. · Questions highlighted for the future - how to make risk management framework live within the organisation and how does this get translated into the day-to-day work of the organisation?. · There was value with the significant Health and Safety risks in terms of the bowtie being done, but it was necessary to look at the quantum of where the bowtie is being undertaken. · The overall risk profile at this stage was that Council is probably trending slightly upwards in terms of the emerging risks with competing priorities. · It was a challenging time for Council and higher risk perhaps than last year pre-cyclone with the financial capacity for the organisation is possibly an emerging risk, given some of those challenges. · Risk is a standing item on the Executive Leadership Team (ELT) agenda and Mr Jordison presents at ELT every month. The Chief Executive advised that she was happy to discuss what was planned for the ELT. |
|
Committee resolution
|
Bruce Robertson / Councillor Mawson The Audit and Risk Committee: a) Receive the Risk Management Report. Carried |
The meeting adjourned at 10.36am and reconvened at 10.40am
4. Sensitive Expenditure - Mayor and Chief Executive
Type of Report: |
Procedural |
Legal Reference: |
N/A |
Document ID: |
1660156 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer Talia Foster, Accounting Manager |
4.1 Purpose of Report
To provide the information required for the Committee to review Sensitive Expenditure of the Mayor and Chief Executive for compliance with Council’s Sensitive Expenditure Policy.
At the meeting The Accounting Manager, Ms Foster spoke to the report and confirmed that all items identified in the report for the quarter ending 31 March 2023 were compliant with Council’s Sensitive Expenditure Policy. |
|
Committee resolution
|
Bruce Robertson / Councillor Browne The Audit and Risk Committee: a. Receive the 31 March 2023 quarterly report of Sensitive Expenditure for the Mayor and Chief Executive and review for compliance with the Sensitive Expenditure Policy.
Carried |
5. Internal Audit status update
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1660914 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer Talia Foster, Accounting Manager |
5.1 Purpose of Report
The purpose of this paper is to summarise the actions taken by management of each audit undertaken over the last two years to provide assurance to the Audit & Risk Committee that these have been addressed.
At the meeting The Accounting Manager, Ms Foster spoke to the report which also covered the December period. Some progress had been made on the action points as a result of the audit papers. In response to questions it was clarified: · Areas of particular concern were the policies that have not got through the system yet, and had been raised again through the external audit. Unfortunately this is due to a system failure. · Audit New Zealand is concerned with the outstanding transactional, credit card and gifts policies and generally looking across Council’s integrity framework. · Approximately 18 months ago policies were put into alive system and records so that a notification would be sent out automatically when reviews were due. Most reviews have been completed, however some have been held up in workflows when going for approval. Currently work is being undertaken to remedy this. · There is a complicated review process around policies and some resource has been dedicated to look how at the process could be simplified and who is responsible for reviewing and signing off each policy. · The Committee should review integrity policies. · A policy that has not been reviewed before its expiry date does not mean it is inappropriate.
|
|
Committee resolution
|
Councillor Mawson / Bruce Robertson The Audit and Risk Committee: a. Receive the internal audit status update report.
Carried |
6. External Audit actions status update
Type of Report: |
Information |
Legal Reference: |
N/A |
Document ID: |
1660915 |
Reporting Officer/s & Unit: |
Caroline Thomson, Chief Financial Officer Talia Foster, Accounting Manager |
6.1 Purpose of Report
The purpose of this paper is to summarise the actions taken by management from recommendations made via our external audit process to provide assurance to the Audit and Risk Committee that these have been addressed.
At the meeting The Accounting Manager, Ms Foster advised this was the first time the report had come to the Committee and general reasonable progress had been made on the actions. In response to questions it was clarified that: · In regard to the recommendations on reporting flood events, conversations have been held with Audit New Zealand in regard to the technical reporting and Council has a lot more data this time round. In 2020, it was the first time Council had dealt with a weather event and it was overwhelmed. Experiencing a significant event provides further insight into the intention behind the measures when it is an emergency. · In general Audit New Zealand are making very good progress in the first week on site. They will be at Council next week and currently are 70% through items with no issues found at this point. · In regard to asset revaluation, a valuer has been engaged and will begin revaluation on assets in June/July 2023. The inner harbour land and buildings have been separated out and so have the right technical aspects. The restricted assets are not being valued
|
|
Committee resolution
|
Bruce Robertson / Councillor Browne The Audit and Risk Committee: a. Receive the external audit status update report.
Carried |
PUBLIC EXCLUDED ITEMS
Bruce Robertson / Councillor Mawson That the public be excluded from the following parts of the proceedings of this meeting, namely: 1. Verbal Update Chief Executive 2. Long Term Plan - Update 3. Severance Pay Process Scope
Carried |
The general subject of each matter to be considered while the public was excluded, the reasons for passing this resolution in relation to each matter, and the specific grounds under Section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution were as follows:
General subject of each matter to be considered. |
Reason for passing this resolution in relation to each matter. |
Ground(s) under section 48(1) to the passing of this resolution. |
1. Verbal Update Chief Executive |
7(2)(h) Enable the local authority to carry out, without prejudice or disadvantage, commercial activities |
48(1)(a) That the public
conduct of the whole or the relevant part of the proceedings of the meeting
would be likely to result in the disclosure of information for which good
reason for withholding would exist: |
2. Long Term Plan - Update |
7(2)(c)(i) Protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely to prejudice the supply of similar information or information from the same source and it is in the public interest that such information should continue to be supplied |
48(1)(a) That the public
conduct of the whole or the relevant part of the proceedings of the meeting
would be likely to result in the disclosure of information for which good
reason for withholding would exist: |
3. Severance Pay Process Scope |
7(2)(c)(i) Protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely to prejudice the supply of similar information or information from the same source and it is in the public interest that such information should continue to be supplied |
48(1)(a)That the public
conduct of the whole or the relevant part of the proceedings of the meeting
would be likely to result in the disclosure of information for which good
reason for withholding would exist: |
The meeting adjourned at 11.00am and reconvened in
Public Excluded session at 11.01am
The meeting closed with a karakia at 11.40am
Approved and adopted as a true and accurate record of the meeting.
Chairperson .........................................................................................................................
Date of approval .................................................................................................................. |