►
From YouTube: Leeds CC - Consultative Meeting: Members of Corporate Governance & Audit Committee: 17 December 2021
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
B
B
In
the
interest
of
transparency
and
openness,
the
meeting
has
been
publicized
in
the
usual
way
with
the
agenda
and
report
pack
available
online
and
the
meeting
is
being
live
streamed
on
the
city
council's
website,
so
that
the
public
can
observe
the
meeting
without
needing
to
be
present
as
a
remote
meeting.
The
meeting
will
be
consultative
only
and
it
and
it
and
is
not
legally
able
to
take
any
formal
decisions.
B
C
J
B
D
B
J
B
J
Thank
you
chair
as
you'd,
be
aware:
we've
had
a
recent
external
assessment
by
our
lovely
colleagues
from
from
glasgow
and
they've
very
kindly
accepted
our
invitation
to
present
the
report
to
you
all
today
and
I'd
really
like
to
thank
the
colleagues
from
from
glasgow.
It's
been
a
very
interesting
and
informative
experience,
and
also
to
the
colleagues
and
members
of
the
committee
that
also
participated
in
the
exercise.
Thank
you
very
much.
It's
over
to
you
duncan.
L
L
So
just
briefly,
then,
in
terms
of
background,
the
the
public
sector,
internal
audit
standards
require
internal
audit
service
to
be
reviewed
each
year
via
a
self-assessment
and
every
five
years
in
an
external
quality
assessment,
an
eqa.
So
we
conducted
your
eqa
between
roughly
september
and
november
this
year
and
the
approach
taken
was
the
same
as
the
last
time
you
had
an
eqa
five
years
ago
and
that
was
via
the
core
cities
network.
L
So
in
terms
of
our
findings
in
the
report,
and
so
the
main
conclusion
is
that
your
internal
audit
service
and
leads
conforms
with
the
public
sector
audit
standards.
So
that's
the
main
message.
I
need
to
tell
you
today
and
all
the
technical
points
that
we're
looking
for
in
terms
of
audit
planning,
field,
work
and
reporting,
etc.
L
All
look
absolutely
fine
to
us,
but
more
than
that,
we've
noted
in
our
opinion,
that
the
function
is
highly
regarded
and
well
positioned
within
the
organization
and
one
of
the
more
important
aspects
of
the
reviews
to
get
a
sense
of
how
old
it
is
positioned.
How
it's
viewed
by
senior
management
and
elected
members
isn't
valued
as
a
professional,
independent
function
that
can
be
trusted
to
get
involved
in
assessing
risk
and
investigating
issues
and
and
supporting
the
business
and
based
on
our
work
we
can
confirm
this
is
this
is
definitely
the
case.
L
So
so
it's
a
very
positive
report.
Yeah,
I
suppose,
as
you
may
be
aware,
auditors
tend
to
give
a
nosebleed
differential
report
with
no
recommendations.
We've
made.
We've
made
three
minor
recommendations
to
your
internal
audit
team
and
that
set
out
an
action
plan.
I
won't
go
through
them.
I
hope
they're
self-explanatory
and
but
but
they
are,
they
are
minor
recommendations.
L
So
so
it's
overall
a
very
positive
reflection
on
the
internal
audit
service
that
you
received
here,
and
I
hope
you
find
the
paper
useful
and
over
the
next
few
years,
as
as
you
receive
work
from
the
team
and
then
finally,
I
would
like
to
to
thank
louise
and
her
team
and
all
the
people
who
spoke
to
it's
been
a
it's
been
a
very
easy
process
and
and
a
joy
to
do.
Thank
you.
B
E
L
I'm
not
sure
if
we
have
that
to
hand
you
and
I'm
not
sure
if
we
do,
but
in
terms
of
how
that
affects
our
opinion
and
and
as
I
said
in
introduction,
the
key
part
is
the
technical
compliance
of
the
standards
and
and-
and
that
was
really
through
our
validation
of
the
self-assessment
and
the
supporting
evidence.
That
was
provided.
L
That's
probably
the
most
important
thing,
the
the
kind
of
softer
aspect,
if
I
couldn't,
if
I
can
call
it
that-
is
getting
feedback
from
stakeholders
and
others
to
make
sure
that
and
we're
not
missing
anything
through
that
pure
self-assessment
process.
That
kind
of
technical
review,
and
so
I
I
I'm
happy
that
the
return
rate
of
50
isn't
impacting
on
that.
Overall
conclusion,
obviously
we'd
like
to
have
been
higher.
I
know
that
we
did
chase
people
once
or
twice
to
try
and
make
that
happen.
L
But
if
we
had
to
draw
a
line
somewhere
and
write
our
report
up,
I
think
the
other
thing
I'd
say
is
that
those
questionnaires?
It's
not
really
a
sampling
approach.
It's
not
a
statistical
analysis
of
returns.
It's
really
just
to
get
some
qualitative
feedback
from
people
and
I
suppose
the
assumption
is
if
there
was
any
burning
issues
that
somebody
had,
they
would
have
taken
the
opportunity
to
to
to
complete
that
that
question
there.
B
E
I
mean
it
would
be
good
because
I
mean
the
the
10
people
that
received
the
questionnaires
were
all
senior
members
of
the
council.
I'm
quite
astonished
actually
that
five
of
them
felt
that
they
didn't
need
to
reply,
but
we
got
some
recourse
on
that
to
challenge
the
five
that
didn't
complete
the
questionnaire.
L
I
mean,
I
suppose,
it's
really
up
for
officers
in
the
council
to
take
that
up
and
to
feed
that
back
like
this.
Was
that
disappointment
back
to
the
relevant
people.
What
we'll
do
is,
and
and
chilean
myself
we'll
we'll
feed
that
back
through
louise
booth
just
to
to
give
her
the
details
of
who
who
did
and
didn't
reply,
and
maybe
that
message
could
be
communicated
back
to
those
officers
that
this
committee
has
given.
Thank
you.
J
I
Yes,
thank
you
chair
and
before
asking
my
question,
I
would
just
like
to
support
what
council
of
foster
said.
It
has
been
a
continual
refrain
of
this
committee
that
we
should
get
a
full
return
of
responses
to
requests
from
audit,
and
that's
for
internal
audit
reports,
of
course,
but
it
would
only
be
consistent
that
we
should
apply
that
to
this
to
this
external
audi
that
we've
undertaken.
I
Now,
as
the
response
rightly
says,
we
do
receive
audit
reports
and
we
do
as
a
committee
make
observations
and
ask
for
further
information.
But
could
I
ask
you,
in
terms
of
this
recommendation,
what
specifically
triggered
it?
What
what's
shortcoming,
albeit
minor
in
the
current
way
we
operate,
led
to
you
making
this
recommendation.
L
Thanks
and
chair
and
the
honest
answer
is
this
came
to
light
as
part
of
our
own
eqa
five
years
ago,
when
manchester
came
to
viewers
and
they
pointed
out
that
it
is
benefit.
I
can't
remember
it's
part
of
the
standards
themselves
chilling.
No,
they
are
you,
so
that
is
part
of
the
standards,
but
also,
I
think
just
it
makes
sense
to
be
clear
when
internal
audit
is
reporting
on
something
that
is
it's
done
in
accordance
with
the
public
sector
standards.
L
I
think
that
it
also
and
sometimes
into
the
monsters,
can
be
asked
to
do
work
out
with
their
core
duty
as
internal
audit,
and
they
may
occasionally
find
themselves
reporting
on
things
that
aren't
done
within
the
realm
of
public
sector
audit
standards
and
therefore,
by
explicitly
saying
that
work
you're
reading
is
done
in
that
in
that
in
that
way,
and
it's
just
being
clear
about
what
isn't
what
isn't
within
that
scope.
Hope
that
makes
sense.
G
Yeah,
that's
right.
I've
just
been
clicking
on
right.
I
think
yeah.
Yes,
I
I
share
mike
foster's
concerns
about
this,
but
I'm
also
curious
to
know:
what's
happened
to
the
appendices
in
this
report
because
I
don't
have
them,
and
I
now
realize
that
they're
quite
important
documents
and
I'm
a
bit
baffled
by
that-
actually
I
was
hoping
you
could
enlighten
me.
D
G
Well,
I
I've
mis-missed
out
on
this
information,
so
I've
been
trying
to
make
sense
of
the
document
without
the
appendix
which
doesn't
really
make
much
sense
at
all
to
me,
but
I
understand
what's
happened
and
I
and
that
and
I'm
I
accept
that
it
must
be
a
large
part
to
blame
for
the
situation,
but
it
is
not
satisfactory
to
be
reading
papers
and
then
discover
that
there
are
bits
missing
from
them
and
it
rather
impedes
the
questioning
that
I
was
hoping
to
to.
To
put.
G
G
F
It
is
thank
you.
I
eventually
worked
out
how
to
raise
my
hand.
I
do
apologize.
I
was
waving
because
I
couldn't
find
the
the
digital
hand.
Thank
you.
First
of
all,
I
think
it's
a
great
report
and
it's
all
you
know
as
being
being
a
head
of
internal
audit
myself.
It's
really
pleasing
to
receive
such
a
positive
report.
So
well
done
to
the
internal
audit
team
from
me
and-
and
I
I
think,
it's
great-
that
you
know
the
actions
are
so
relatively
minor
in
the
grand
scheme
of
things.
So
so
that's
great.
F
J
J
So,
rather
than
just
doing
the
traditional
follow-up
that
we've
been
doing
on
limited,
limited
assurances
we're
actually
setting
up
a
new
system
where
we
and
process
where
we
send
out
questionnaires
and
we
started
to
sample,
check
and
actually
identifying
any
areas
that
that
that
are
not
necessarily
do
doing
the
implementation
within
the
appropriate
time
frames.
So
it's
very
much
a
work
in
progress.
Obviously,
some
some
areas
are
not
as
effective
as
others,
but
we
are
working
with
the
directorates
at
the
minute.
J
F
J
G
No
okay!
Well
I
mean
I
am,
as
you
say,
slightly
concerned
by
by
not
having
the
appendix,
and
it
just
makes
it
more
difficult.
But
but
I
do
have
great
concerns
about
thinking
outside
the
box
that
it
seems
to
me
that
when
we
audit
things
in
leads,
we
do
a
very
conventional
audit
and
we
know
exactly
where
the
money's
gone
and
that
aspect
of
auditing
works
really
well.
But
I
think
not
completely
satisfied
is
the
issue
is
raised.
G
I
think
recently
by
zipfer
as
to
whether
there
are
other
questions
that
auditors
should
ask
out
with
the
normal
range
of
questioning
and
whether
that
would
result
in
better
administration-
and
I
must
say
I'm
some
sympathy
with
this
point
of
view-
that
there
may
be
scope
for
improving
the
audit
function
by
doing
more
of
it.
Basically
and
looking
at.
G
Differing
from
the
path
that
we've
followed,
well,
that's
a
really
summary
of
what
I
I
think.
I
think
that
it's
not
anybody's
fault,
I'd
hate
anybody
to
think
I
was
blaming
them
for
this,
but
I'm
looking
at
standing
back
from
it.
I
I
feel
that
there
are
the
audit
is
kind
of
good
but
incomplete,
and
that
we
will
benefit
from
that
from
addressing
that.
B
D
Up,
thank
you.
I
just
like
I
just
like
to
come
back
on
that
and
I
would
say
that
we've
got
a
very
modern
internal
audit
function
led
by
louise
booth
and
we've
got
a
different
way
of
working
at
leeds,
so
we
now
get
involved
in
all
the
transformation
work.
That's
been
undertaken
by
the
council
and
the
team
are
involved
right
at
the
beginning
and
their
comments,
making
sure
that
we're
doing
things
in
the
right
way,
governance,
etc.
Internal
controls.
D
Everything
is
in
place
at
the
beginning,
so
that
they
don't
come
and
audit
after
we've
already
implemented
the
systems,
which
is
a
completely
different
way
to
how
a
previous
internal
audit
function
would
have
done.
I
would
also
say
that
they
are
really
proactive
in
in
the
work
and
how
it's
undertaken,
so
it
isn't
a
traditional
audit
function.
They
do
obviously
have
to
do
the
audit
plan
and
do
the
audit
coverage
etc.
D
But
I
think
I
can
give
the
assurance
to
the
committee
that
they
do
ask
those
challenging
questions.
They
don't
just
follow
an
order.
You
know
a
set
audit
set
of
questions.
They
make
sure
that
they
cover
everything
in
the
order,
but
they
are
very
challenging,
and
I
think
if
you,
if
you
see
the
number
of
different
different
bodies,
there
are
and
all
the
different
boards
that
they're
on
you'll
realize
that
they're
in
at
the
beginning-
and
they
are
part
of
that
and
as
the
council
starts,
to
transform
and
changes.
D
J
Thank
you
chair
and
thank
you
victoria
for
that,
but
but
also
I'd
like
to
say
as
well.
But
you
know
you
will
have
noticed
that
the
update
reports
that
we
are
bringing
have
changed
recently
and
to
back
up
what
victoria
said
we're
actually
bringing
some
of
that
information
through
to
you
in
these
new
update
reports.
So
once
we
have
the
traditional
assurance
opinion
references
within
the
update
reports,
we've
now
created
a
new
section
around
the
other
audit
work,
which
are
all
these
bodies
of
boards
that
we're
actually
providing
this
added
value.
J
Work,
counselor
illingworth,
so
so
that
that
is
where
it's,
the
the
messaging
and
the
outcomes
and
the
activity
is,
is
being
highlighted
to
you
as
members.
So
if
you
want
to
give
us
any
feedback
on
on
how
that's
coming
through
in
the
update
reports,
I'm
more
than
happy
to
take
that
away
if
that's
not
not
as
clear
as
as
you'd
like,
but
that
is
where
all
the
challenging
questions
are
being
asked
and
the
outcomes
recorded.
L
Yeah,
just
briefly,
I
actually
think
it's
a
really
valid
question,
and
probably
one
of
the
most
important
questions
to
ask
which
is
obviously
are
you
auditing
the
right
things
you
know
and
and
effectively
you
know.
How
are
you
building
your
audit
plan
and
are
you
missing
anything
and
just
to
confirm?
We
had
no
concerns
at
all
over
the
way
that
all
the
plans
developed.
So
I
could
reassure
you
on
that.
L
Of
course,
a
key
part
of
the
other
planning
process
is
the
risk
assessment
side
of
things
and
and
where
does
the
key
risk
lies
for
an
organization
and
often
that
will
be
in
the
same
area
year
to
year,
but
you're
absolutely
right.
You
know
it
needs
to
be
dynamic.
It
needs
to
be
mindful
of
changing
environments
and
and
uris
as
they
emerge,
and,
and
we
can
see
that
happening
and
both
in
terms
of
annual
planning
but
also
in
year,
changes
the
other
plan
as
well.
L
B
B
Does
the
committee
agree,
the
recommendations
are
set
out
on
page
five
of
the
agenda
pack,
which
is
to
receive
the
receive
the
lead
city,
council,
public
sector,
internal
audit
standards,
external
quality
assessment
undertaken
by
glasgow
city
council?
Note
the
contents
of
the
report
and
the
confirmation
that
leads
city
council,
internal
audit
service
conforms
with
the
requirements
of
the
psias.
H
Thanks
tim
and
thank
you
chair
good
afternoon
everybody,
so
this
is
the
annual
risk
assurance
report
which
covers
the
council's
risk
management
arrangements,
and
whilst
these
are
broadly
the
same
as
we've
reported
in
previous
years,
there
are
a
few
key
points
to
note
so
I'll
just
go
through
those.
First
of
all,
the
risk
management
policy
and
strategy
were
reviewed
this
year
and
the
updated
version
was
endorsed
by
exec
board
on
the
21st
of
july,
prior
to
being
publicized
through
insight,
and
the
risk
management
toolkit
on
insight
has
also
been
updated.
H
As
part
of
this
work,
changes
have
included
some
updated
terminology,
some
key
areas
that
were
not
fully
reflected
in
the
old
version,
such
as
democratic
oversight
and
in
reviewing
this
report.
It
also
allowed
us
to
take
a
comparison
between
the
policies
and
strategies
used
by
other
core
cities
and
then
looking
at
those
we
found
some
very
short,
some
are
very
long.
What
we're
aiming
to
do
with
ours
is
to
strike
a
balance
there.
H
H
The
corona
virus
risk
is
remaining
on
the
register
and
the
details
continue
to
be
incorporated
into
the
response
and
recovery
plan,
which
is
a
reported
executive
board
now,
prior
to
the
coronavirus
outbreak,
the
risk
of
pandemic
was
part
of
the
major
incident
in
the
city
risk
and
currently,
a
specific
risk
on
infectious
disease
is
being
worked
with
public
health
point.
27
notes
of
the
partnership,
governance
and
risk
checklist
has
been
developed
before
use
by
council
services
and
that's
to
help
ensure
the
potential
risks
are
covered.
H
I
Yes,
thank
you,
chair,
I'm
slightly
thrown
by
the
reference
to
the
change
from
best
council
plan
to
the
best
city
ambition,
but
I
think
that
comes
up
later
as
well.
Don't
it
but
the
two
questions.
I've
got
on
this
actual
report
and
I'll
give
the
paragraph
numbers,
because
obviously
the
page
numbers
I
think,
have
changed
slightly
so
page
31.
I
I
I
must
say
I
saw
that
with
some
surprise,
because
I
would
have
thought
that
this
is
a
key
area
where
we
would
perhaps
legitimately
have
expected
that
to
already
have
been
a
risk
register,
or
is
it
because
the
assumption
is
that
the
risk
in
terms
of
procurement
rests
with
the
actual
procuring
department,
the
the
one
that
negotiates
the
contract
and
my
second
question.
My
second
point
relates
to
paragraph
64.
I
And
I
just
wonder
if
that's
an
indication
of
some
issues,
because
obviously
children
and
families
is
an
area
where
there
are
a
great
many
risks
and
one
would
hope
that
staff
working
there,
especially
at
senior
management
level,
are
more
than
aware
of
them,
and
even
those
working
at
the
shopping
are
able
to
identify
them
and
feed
them
up
if
necessary.
So
that
kind
of
runs
some
alarm
bells
in
my
head,
but
maybe
I'm
just
overreacting.
K
In
fact,
two
of
their
risks
have
made
it
onto
the
direct
risk
register,
one
of
which
is
failing
to
follow
proper
procedures
when
you're
curing
goods
and
services
and
they've
done
is
contract
management
and
major
supplier
failure.
So
those
risks
go
to
an
appropriate
level,
but
underneath
them
there's
a
whole
load
of
more
granular
risks
and
that's
what
what
that
work
relates
to.
So
I'm
I'm
working
with
a
procurement
unit
to
help
them
flesh
out
those
risks
and
get
an
update
service
level
risk
register,
but
rest
assured
councillor
trusts.
K
Moving
on
to
point
64
about
the
bar
charts
and
the
survey
of
internal
control,
I
fully
appreciate
the
comments
around
them.
Children
and
families
and
obviously
they've
got
three
risks
on
the
corporate
register,
one
of
which
is
safeguarding
children,
which
gets
reviewed
every
quarter
and
a
detailed
assurance
report
goes
to
executive
board
every
year
as
part
of
the
annual
corporate
risk
report.
K
K
They
went
to
children
and
families
and
it
really
sort
of
took
the
risk
out
of
the
performance
report
and
sort
of
gave
it
the
prominence
that
perhaps
it
didn't
get,
and
that
report
was
met
really
really
well.
Children
and
families.
Leadership
team
have
asked
us
to
come
in
and
do
two
sessions
with
them
early
next
year.
I
Yeah,
could
I
just
come
back
on
that
tim?
Are
there
any
other
parts
of
the
council
on
this?
This
is
in
reference
to
my
first
question
regarding
procurement:
are
there
any
other
departments
where,
as
members
we
might
have
anticipated,
they
already
had
the
the
risk
register
that
you're
aware
of,
and
that
maybe
needs
further
action
on
your
part
or
on
the
part
of
management,
and
my
second
question
relates
back
to
children
and
families.
K
Good
questions
there
so
an
answer
to
the
first
one
character:
trustwell.
There
are
there's
something
like
90,
odd
services
in
the
council
and
we
we
sort
of
prioritize
or
we
pick
out
key
services
to
do
a
bit
more
work
with.
So,
for
example,
we
go
to
to
hr
every
quarter
with
their
service
risk
registers.
K
We've
recently
started
going
to
financial
management,
as
victoria
will
testify,
with
their
service
register.
If
we
were
to
try
and
do
all
90,
we
simply
don't
have
the
resources
for
that.
But
what
we
do
try
and
do
is
work
out.
The
ones
where,
where,
where
needed-
and
obviously
the
procurement
service
registered,
so
we
do
offer
to
do
workshops
on
different
areas
of
the
council
and
key
for
us-
is
actually
promoting
the
the
ability
to
do
those
workshops,
but
we
also
do
horizon
scanning.
K
K
What
we
could
do
in
the
interim
is
when
we
do
the
the
two
review
sessions
with
children
and
families
leadership
team.
We
could
do
a
a
post
review
survey
to
get
the
feedback
as
to
how
well
the
sessions
have
got
and
that
could
provide
some
sort
of
proxy
results
until
the
next
survey.
Internal
control
is
done,
and
in
fact,
when
we,
when
we
do
the
training
with
the
audit
committee,
we'll
be
letting
you
test
our
brand
new
feedback
form.
K
D
Can't
I
can't
find
my
hand
I'll
have
to
get
listens
from
linda
in
a
in
a
short
while
in
terms
of
the
survey
internal
control,
that's
the
the
whole
big
survey
that
that
we
did
to
help
underpin
the
annual
governance
statement,
the
assurances
that
we
got
around
that
last
year.
We
ran
it
for
the
first
time
last
year
and
on
the
basis
of
that,
we're
changing
and
tweaking
the
approach
it's
going
to
have
to
be
streamlined
in
order
to
improve
the
route,
the
response
rate
or
to
maintain
the
response
rate
that
we
got.
D
But
the
plan
is
to
do
it
slightly
earlier
in
the
year
so
that
we're
able
to
get
the
results
back
from
the
survey
of
internal
control
and
then
send
those
results
on
with
a
questionnaire
to
those
liked
him
who've
got
specialist
oversight
to
be
able
to
say:
do
these
results,
chime
with
what
you
know
of
the
control
environment
within
the
council
and
what
you're
going
to
do
about
it,
if
not
or
if
they
do
chime,
and
there
are
concerns.
What
are
you
going
to
do?
What's
the
next
steps?
How
do
we
continuously
improve?
D
I
F
Thank
you,
chad,
just
a
quick
question
from
me,
tim
and
emma,
if
you
don't
mind
on
page
32,
on
page
32
and
start
again,
linda
paragraph
27,
page
32
and
paragraph
67,
page
41
both
refer
to
the
partnership,
governance
and
risk
checklist
that
you
mentioned
earlier.
Unfortunately,
for
me,
I
don't
have
access
to
the
insight
site.
So
I
can't
see
that
my
question
is
a
simple
one,
really
that
you
hopefully
can
answer
in
in
within
that
chat
list
and
within
the
questions
and
cons
considerations
that
you
have
around
partnership
arrangements.
F
F
K
I'm
happy
to
send
you
a
copy
of
the
checklist
linda
in
terms
of
looking
at
it
from
the
the
partner
side.
Actually,
the
checklist
was
more
of
a
focus
from
from
our
side.
How
do
we?
How
do
we
know
the
partner
is
who
they
say
they
are
in
terms
of
how
do
we
get
assurance
from
their
side
not
entirely
sure,
without
without
doing
an
audit
on
the
partnership?
K
So
that's,
maybe
an
area
that
we
could
perhaps
look
at,
particularly
as
we're
going
to
do
more
partnership
working
as
part
of
the
the
best
city
ambition
work,
so
that
will
give
us
an
opportunity
not
only
to
continue
promoting
the
checklist,
but
also
to
make
any
any
updates
that
we
need
to
so
I'll
make
a
note
of
that,
but,
in
the
meantime,
linda
I'll,
send
you
a
copy
of
the
checklist.
Thank
you,
kate.
I
don't
know
if
you've
got
anything
that
you
want
to
add
on
onto
that,
because,
from
a
governance
point
of
view.
G
Yeah
yeah,
yes,
sir
just
reasons
are
important.
Curiously,
paragraph
four
on
page
22.
about
external
facing
risks
and
it
lists
a
number
of
events
like
major
flooding.
I
must
say
without
having
read
paragraph
4.
I'd
have
made
that
list
as
myself
as
areas
which
might
benefit
from
a
closer
look
where
the
assessment
wasn't
as
as
good
as
I
would
have
liked
to
have
seen
and
where
I
think
there
might
be
scope
for
significant
cost
savings
and
or
improve
performance.
G
K
That's
right,
those
are
our
resilience,
risks,
counselor
and
and
those
risks
face
all
local
authorities,
so
we're
talking
here
around
like
say
the
cyber
attacks,
adverse
weather,
high
profile
safeguarding
and
the
mere
the
fact
that
we're
a
local
authority
means
that
we've
got
responsibility
for
dealing
with
those
risks
and,
like
I
say,
the
risks
are
reviewed
and
updated
by
the
respective
directorates
every
quarter
and
then,
when
it
comes
to
the
annual
risk
report,
we
do
a
more
detailed
assurance
report
saying
this
is
what
the
risks
are.
This
is
what
we're
doing
about
them.
K
This
is
what
what
what
more
we
need
to
do,
and
obviously
some
of
the
risks
are
ones
that
will
always
face
us,
particularly
things
around
climate
change
at
the
moment.
So
appreciate
your
concern
there,
but
the
main
thing
is:
is
that
we
flank
these
risks
up
we've
compared
two
of
the
uk
core
cities,
as
part
of
the
review
that
we
did
earlier
this
year
and
similar
risks
are
on
their
registers
too.
That's
that's
it
and
it's
it's.
K
E
Yeah,
just
a
quick
one
tim
and,
I
think,
did
touch
on
it,
but
they
didn't
quite
catch
it
all
seeing
the
report,
you
talk
about
the
quarterly
reviews
for
the
areas
of
risk,
but
you
also
then
mentioned
a
little
bit
about
horizon
scanning.
Looking
for
new
problems
coming
our
way,
so
I
just
wanted
to
touch
base
with
you.
Do
you
feel
you
have
the
resources
with
all
the
day-to-day
tasks
that
you
have
you've
got
sufficient
resource
for
somebody
to
be
stood
on
the
bridge
with
the
binoculars.
Looking
for
the
iceberg.
K
K
The
horizon
scanning
that
we
do
is
a
mix
of
of
talking
to
people.
Looking
through
the
news
reports
see
things
have
happened
elsewhere
and
asking
could
they
happen
to
us,
but
also
I'm
a
member
of
professional
bodies
that
do
this
sort
of
thing
as
well,
but
there's
always
that
risk
the
as
donald
rumsfeld
call
it
the
no
no.
No.
K
Very
famous,
very
famous
report,
so
generally,
I
feel
we've
got
a
good,
a
good
set
of
binoculars,
but
you
can
never
say
never
because
there's
always
things
that
we've
seen
elsewhere
catch
people
out
and
as
I
mentioned
in
the
report,
the
central
team
has
been
subject
to
some
reductions
this
year.
What's
that,
what's
that
meant
is
smarter,
working
working
in
collaboration
with
colleagues
across
the
council
not
doing
everything
ourselves,
but
we
do
ask
the
question:
when
we
go
to
each
directorate
management
team
every
quarter.
K
Is
there
anything
you
want
to
raise
that
you're
concerned
about
that?
Isn't
already
picked
up
on
this
on
the
risk
register,
and
I'm
quite
happy
for
councillors
to
do
that
as
well
and
in
the
report
we
mentioned
it's
one
of
the
things
that
we
ask
when
we
go
to
executive
board
as
well
and
and
any
counselor
on
this
meeting
is
more
than
welcome.
As
council
illinois
has
just
done
to
raise
any
potential
new
risks
with
us.
B
Does
the
committee
agree
the
recommendations
set
out
on
page
23
of
the
agenda
pack,
which
is
to
receive
the
annual
report
on
the
council's
corporate
risk
management
arrangements
and
note
the
assurances
in
support
of
their
next
annual
gov
governance
statement
we'll
go
to
item
five?
It's
the
annual
assurance
report
on
business
continuity
management
and
it's
tim
again.
Thank
you.
Tim.
K
Thank
you
councillor,
so
so.
Business
continuity
management
is
a
similar
discipline
to
risk,
and
a
year
ago,
when
my
one
of
my
predecessors
left
the
council
on
the
early
levers
scheme,
I
I
was
given
responsibility
for
business
continuity
management
and
it
made
sense
because
it's
it's
very
closely
linked
to
risk
management.
In
fact,
many
of
the
textbooks
on
risk
cover
business
continuity
management.
K
K
Earlier
in
the
year
we
were
posed
a
question
by
a
chief
executive.
The
business
continuity
plans
of
which
we
had
around
80.
Are
those
plans,
academic
or
are
they
agile?
In
other
words,
do
they
say
all
the
right
things
have
all
the
right
boxes
ticked,
but
actually
are
they
not
very
usable
in
the
event
of
a
business
continuity
incident
and
having
looked
through
all
80
yard
plans
I
have
to
accept.
K
Well,
actually
a
business
continuity
plan
should
be
intuitive
to
use.
So
what
I
did
was,
I
moved
the
instructions
into
a
separate
standalone
document
that
makes
these
the
business
continuity
plans
a
bit
more
focused
to
use,
and
the
advantage
of
that
is,
if
any
any
guidance
changes
on
how
to
produce
a
business
continuity
plan.
I
only
have
to
update
the
central
instructions
document
and
not
82
plans.
K
Other
notable
things
to
point
out
from
the
report
is
that
we
we've
been
reviewing
the
criticality
of
the
business
continuity
plans.
I
think
the
pandemic
has
made
us
realize
that
some
of
the
things
we
thought
were
critical,
aren't
really,
and
so
also
the
joke
of
some
of
the
plans
has
needed
to
change
so,
for
example,
some
of
the
ones
in
finance
we've
realized
that
the
scope
needed
to
be
expanded
to
cover
things
like
the
revenue
collection,
which
is
really
important
as
well
as
this.
K
We
also
monitor
how
up-to-date
the
plans
are
and
each
each
business
continuity
plan
has
to
be
reviewed
and
updated
every
single
year
and
it's
a
constantly
moving
feast.
As
you
can
imagine,
and
every
time
I
go
to
a
direct
management
team
or
a
service
management
team.
Somebody
comes
up
with
a
suggestion
for
a
new
plan
or
a
revision
to
an
existing
plan.
K
But
we
also
have
to
be
aware
that
these
plans
relate
to
critical
services
and
there's
a
lot
of
pressure
on
staff
to
deliver
those
frontline
services,
and
this
is
an
administrative
piece
of
work
that
adds
extra
pressure
onto
them.
So
again,
there's
been
a
couple
of
times
this
year
when
I've
contacted
people
to
update
their
plans,
and
you
can
tell
from
their
response
that
they're
under
a
lot
of
pressure,
so
we
have
to
balance
out.
K
By
no
means
where
we
want
to
be
with
some
of
these
areas,
so
we've
got
the
rest
of
the
the
new
templates
to
roll
out.
There's
a
lot
more
work
to
do
on
cyber
one
of
the
things
that
we
need
to
do
is
test
these
new
plans,
because
until
a
plan
has
been
properly
tested,
you
might
never
know
whether
it
would
work
or
not.
So
if
I
thought
2021
was
busy,
that's
the
company
is
going
to
be
like.
G
G
Inevitably,
looking
at
this,
the
structure
for
microsoft,
365,
for
example,
it
would
feel
fill
me
full
of
horror
to
think
of
its
scope
for
subversion
malfunction
not
at
all
convinced
by
the
philosophy,
that's
gone
into
that
and
it
seems
to
have
built
in
its
synchronization
tendencies,
a
fine
way
to
propagate
malware
through
across
the
authority,
and
you
know.
Well
I
just
don't
envy
you
it's
it's
not
an
easy,
not
an
easy
job
at
all,
and
we've
seen
what
disruption
relatively
minor
virus
infection
can
cause.
K
What
would
each
of
these
business
continuity
plans
do
if,
if
the
system
the
council
system
became
unavailable,
but
at
the
same
time
we
also
recognize
that
we
are
heavily
reliant
like
a
lot
of
local
authorities
are
on
on
our
systems,
and
so
the
the
emphasis
here
is
on
prevention
rather
than
cure.
So
part
of
this
work
will
be
communications
to
council
staff.
K
Things
like
not
clicking
on
suspicious
emails,
etc,
and
also
colleagues
in
ids
have
started
to
produce
something
called
cyber
sentinel,
which
is
a
newsletter
that
goes
out
to
senior
staff
and
we're
talking
about
perhaps
expanding
the
comms
around
that
to
to
cover
all
staff,
not
just
those
at
a
senior
level.
So
it's
a
constantly
evolving
threat
and
you
know
we
really
need
to
be
on
top
of
this
you're
quite
right.
F
Most
are
first,
if
you
like
it
linked
linked
to
that
is,
is
the
what
what
I
always
call
the
hill
risks.
The
high
impacts
low
likelihood
risks
those
risks
that
that
come
and
biters
on
the
bum
very,
very
rarely
like
a
pandemic,
for
example,
and
I
can
see
that
you
say
you
know,
you've
learned
some
lessons
or
there's
been
a
lessons
learned
exercise
taken
place
on
the
back
of
that
in
your
consideration
of
the
critical
areas
and
and
reviews
of
bcp
business
continuity
plans
across
the
council.
F
K
That's
a
good
question
linda
when,
when
the
criticality
of
the
plans
was
determined
a
number
of
years
ago,
something
called
the
business
impact
analysis
was
done
and
that
was
where
information
was
fed
in
and
the
criticality
of
the
plan
was
was
determined.
The
focus
this
year
has
been
has
been
like
say
on.
You
know,
reviewing
this:
what
are
the
critical
services
but
you're?
Quite
right.
K
F
And
I
think
links
to
that
tim
is
the
those
risks
that
might
not
be
low
high
impact
low
likelihood.
You
know
there
might
be
fairly
common
risks
that
occur
often,
but
it's
when
they
occur
fast.
You
know
when
they
come
in
sweep
us
up.
You
know
very
quickly.
We
need
to
be
in
a
position
to
respond
to
those
in
a
much
faster
way.
F
K
Yes,
that's
that's
a
good
point
and
a
good
example
of
that
linda
was
this
time.
Last
year
we
lost
125
staff
on
eli
at
very,
very
short
notice,
and
even
though
the
business
continuity
plans
had
a
staffing
shortage
in
them,
I
don't
think
anybody
could
have
predicted
that
that
high
level
of
senior
staff
leaving
at
that
point
point
in
time,
and
so
one
of
the
things
that
I
did
this
time
was
as
part
of
the
new
template
was
actually
specifically
said.
I
Yeah,
thank
you
chair.
I
had
two
questions.
The
first
has
been
largely
covered
by
linda's
question
and
subsequent
responses.
My
second
one
really
just
reprises
an
observation
that
I
made
in
respect
of
the
previous
report
and
the
survey
returns,
but
on
this
occasion
it
seems
to
be
city
development,
who
are
the
I'm
trying
to
think
of
a
term.
That's
not
pejorative
the
the
lowest
score
is
on
on
the
doors,
and
I
just
wondered
to
him
whether
there's
any
overall
theme
or
picture
behind
that
and
anything
that
you've
picked
up.
K
And
again
that
that's
a
good
question
and
I'm
quite
surprised
at
the
the
city
dev
responses,
because
their
direct
resilience
group
has
met
frequently
at
least
a
quarter,
if
not,
if
not
more
frequent
during
the
past
year,
that
I've
been
part
of
business
continuity.
Having
go
go
to
those
meetings.
I
know
that
they're
thoroughly,
all
over
business
continuity
and
risk
management
as
well.
K
But,
as
I've
mentioned
in
all
three
reports,
these
results
have
come
in
prior
to
us
doing
an
awful
lot
of
work
on
the
business
continuity
or
the
risk
arrangements,
and
so
I'm
hoping
more
than
hoping
that
the
results
will
increase
in
that
area
next
year
and
if,
if
they
don't
I'd,
be
quite
surprised.
Why
not?
But
it's
something
that
I'll
flag
up
with
the
next
director
of
brazilians
group
counselor.
I
Yeah,
thank
thanks
tim.
It
did
come
as
a
surprise
to
me
because
I
endorse
what
you've
said
and
we've
had
regular
reports
over
the
course
of
the
last
nearly
two
years
around
this
sort
of
resilience,
so
it
it
is
a
slight
worry,
but
if
the
plans-
and
if
that
senior
level
aren't
being
cascaded
down
to
the
sharp
end
of
services,
then
that
would
be
a
worry.
But
maybe
that's
something
you
could
possibly
get
back
to
me
informally,
about
yeah.
We'll
do.
E
K
That's
right,
so
the
these
plans
tend
to
be
the
key
contacts
of
the
plans
tend
to
be
operational
staff
who
deal
with
the
day-to-day
admin
of
the
business
continuity
plan,
and
each
plan
has
an
owner,
which
is
usually
somebody
at
a
senior
level,
and
this
year
as
I've
been
reviewing
the
plans.
I've
noticed
a
little
bit
of
inconsistency
between
who
owns
the
plans
in
some
directorates
or
services.
It's
somebody
senior
like
ahead
of
service
or
chief
in
other
plans.
It's
been,
the
administrative
person
is
the
owner
as
well
as
a
key
contact.
K
We
mentioned
in
the
previous
conversation
on
the
risk
report
about
feedback
surveys
and
that's
something
I'm
quite
keen
to
build
into
the
test,
because
you
need
to
know
what
works
well.
What
people
think
of
the
scenario
testing
that
looking
to
adopt
as
part
of
that
testing
next
year,
council
of
foster.
E
Yeah
thanks
for
that
I
mean
I
I've
seen
it
myself
in
the
past,
but
so
you
know
when
the
emergency
process
says
you
know
start
up
the
standby
generator
and
the
standby
generator
hasn't
been
serviced
for
five
years
and
there's
no
diesel
in
it.
But
it's
just
like
you
know.
If
marion
house
burnt
down
on
on
sunday
night,
would
you
have
a
few
hundred
people
stood
out
the
front
wondering
what
to
do,
or
you
know
how
many
of
those
people
would
know
what
the
process
was.
K
But,
like
you
say
what
what,
if
there's
the
the
generator
that
doesn't
work
anymore
so
like
like
we
know,
the
best
thing
to
do
is
to
test
these
plans
properly
and
part
of
the
work
I'll
be
doing
next
year
is
prioritizing
them
for
testing.
In
fact,
a
number
of
plan
owners
have
come
back
and
we've
started
to
schedule
some
of
those
tests
in
early
next
year.
B
No
do
does
the
committee
agree
the
recommendations
set
out
on
page
43
of
the
agenda
pack,
which
request
the
committee
to
consider
this
report
and
the
assurances
provided
within
it
and
the
attached
appendix
one
accepting
that
the
business
continuity
arrangements
are
fit
for
purpose.
Up-To-Date
are
routinely
com
complied
with,
have
been
effectively
communicated
and
are
monitored.
B
K
K
Arrangements
have
been
largely
unchanged
over
the
past
year.
We
we
still
have
the
best
council
plan,
which
is
supported
by
80
key
performance
indicators
that
show
how
on
track,
we
are
achieving
our
best
council
plan
priorities,
as
we
mentioned
last
year,
some
of
those
key
performance
indicators
we've
just
not
been
able
to
to
get
results
from
particularly
some
of
those
in
the
education
sector,
because
they're
simply
not
available
because
of
the
impact
of
the
pandemic.
K
K
That's
it
and
the
good
thing
about
that
is
that
the
the
officers
responsible
for
the
performance
indicators
in
the
directorates
front
those
indicators
in
the
report
at
the
at
the
respective
scooting
board
meeting,
so
they're
quite
clearly
held
to
accounts
when,
when
the
indicators
are
discussed
at
the
respective
management
and
leadership
team,
I
think
there's
an
air
of
constructivity
around
this.
There
isn't
really
a
blame
culture
from
what
I've
seen
for
the
meetings
that
I've
attended.
K
We
do
our
annual
report
on
the
performance
indicators
to
executive
board
and
that
went
back
in
july.
As
I
mentioned
in
the
report.
The
main
focus
is
that
we're
moving
next
year
to
a
best
city,
ambition,
which
is
that
more
external
facing
ambition,
and
that
that's
going
to
mean
not
only
we're
going
to
have
to
re-look
at
all
our
risks,
but
also
the
key
performance
indicators
too,
because
we
want
to
make
sure
that
we're
going
to
be
measuring
the
right
things,
and
so
there's
work
underway
on
what
we're
going
to
report.
K
There's
a
lot
of
consultation
going
going
on
this
at
the
moment,
and
so
that
really
is
the
big
focus
over
the
next
few
months
is
how
we're
going
to
adapt
the
performance
around
this.
This
new,
this
new
plan.
So
again,
I'm
going
to
pause
there
a
moment
and
I'm
quite
happy
to
answer
questions
reports.
I
Thanks
chair,
it
probably
is
too
early
in
the
process
for
you
to
be
able
to
answer
this
question
definitively
tim,
but
how
great
a
change
to
kpis.
Do
you
anticipate
given
the
fact
that
we're
going
to
be
measuring
things
that
aren't
just
issues
well
at
the
moment?
Not
all
kpis
relate
purely
to
issues
within
the
council's
remit
and
control,
but
how
fundamental
is
that
likely
to
be-
and
my
second
question
is:
is
there
a
consultation
process
about
this?
I
K
Right
so,
in
answer
to
the
first
question,
council
trusts
well
be
pleased
to
know
that
we'll
be
keeping
those
internal
facing
performance
indicators
that
are
really
important
to
show
how
well
the
council
itself
is
doing.
There
may
be
one
or
two
changes
each
time
that
we
look
at
this.
There
are
some
that
we
know
work
well
that
we'll
never
get
rid
of.
K
Are
they
better
placed
in
a
sort
of
a
best
city
report,
along
with
some
wider
indicators
from
partner
organizations?
So
it's
still
at
a
very,
very
early
stage
in
terms
of
the
consultation,
I
know
we've
been
doing
the
internal
consultation
and
I
will
find
out
from
colleagues
who
are
leading
on
this.
What
the
plans
are
for
audit
committee
and
scrutiny
so
I'll
I'll
email
them
this
afternoon
about
that
trust.
Well,.
D
E
K
But
what
we
do
know
is
that
there's
the
ability
to
update
and
amend
kpis
each
year
if
we
think
that
some
of
the
existing
ones
don't
work
or
if
there's
ones
that
we
feel
we
should
be
reporting
on,
but
we're
not.
So
just
because
the
the
city
ambition
might
get
approved,
it
doesn't
mean
to
say
that
the
kpis
are
locked
down
at
that
point.
There
is
a
flexibility
around
that,
but
again
I'll,
find
out
and
come
back
to
you
on
that.
If
that's
all
right.
E
Yeah,
no
that's
great.
I
mean
I
I'm
I'm
really
focused
in
this
inclusive
growth
agenda
that
lead
city
council,
keep
telling
us
which
I
believe
is
still
a
big
part
of
the
best
city
ambition
and
obviously,
if
I'm
asked
to
vote
on
it
only
to
be
happy
that
inclusive
growth
is
a
working
element
of
that
plan.
So
you
could
see
me
voting
for
anything
that
couldn't
convince
me
that
that
was
the
case.
K
K
The
kpis
could
be
adapted
afterwards
as
well.
So
it's
about
how
we,
how
we
try
and
get
everything
done
in
the
right
order.
So
we
want
to
lock
down
ourselves
on
a
series
of
kpis
that
become
out
of
date
and
that
we
do
draw
on
these
main
strategies,
including
growth,
health
and
well-being,
carbon,
when
we
do
produce
the
key
performance
indicators
as
well
as
other
strategies
of
which
there's
numerous
but
I'll,
find
out
about
that.
If
I
can
counsel
it.
B
Thank
you
any
further
questions
from
members.
I
can't
see
any
hands.
No
okay.
Does
the
committee
agree
the
recommendations
set
out
on
page
61
of
the
agenda
pack,
which
are
to
receive
this
report
on
the
attached
appendix
one
as
together
providing
key
forms
of
assurance
on
the
robustness
of
the
authorities,
corporate
performance
management
arrangements?
B
A
Thank
you
chair
so
good
afternoon,
everybody.
So
this
report
provides
an
update
on
the
work
that
we've
completed
between
august
and
november
this
year,
as
we've
discussed
at
previous
meetings
and
as
we
actually
mentioned
in
the
glasgow
report
earlier,
the
content
of
our
update
reports
continues
to
evolve
so
that
we
can
produce
valuable
information
for
yourselves
and,
in
many
cases,
address
the
issues
that
I
know
that
you've
asked
for,
so
that
you
maintain
the
oversight
of
our
work.
A
So
the
first
section
I'd
like
to
draw
your
attention
to
here
is
3.1.
So
that's
a
new
section
that
we've
got
in
here,
so
this
shows
significant
additions
and
deletions
that
reflect
our
need
to.
I
guess,
be
responsive
to
the
risks
and
priorities
that
change
over
the
year
and
also
demonstrate,
in
many
cases
our
own
efforts
to
work
smarter.
A
A
So
we
see
this
as
a
key
piece
of
proactive
fraud
work,
so
it
gives
assurance
that
the
council's
embedded
a
culture
of
integrity
and
its
decision
making
and
that
we're
aligned
with
the
nolan
principles,
which
is
so
important
in
the
anti-fraud
culture,
but
we're
also
using
the
time
as
well
as
the
particular
time
we're
also
using
the
time
that
we've
allocated
towards
hr
policies
and
some
time
for
emerging
procurement
risks.
So
this
is
a
really
broad
audit
and
the
range
of
assurances
that
we
we
can
deliver
from
that
adds
some
real
value.
A
So
it
shows
that
we're
working
smart,
smartly
there
in
kind
of
merging
areas
of
our
plan
and
delivering
an
audit
very
effectively,
rather
than
say
three
separate
reports,
which
would
be
more
time
consuming
the
next
section
to
draw
your
attention
to-
and
I
guess
this
is
the
more
familiar
section
for
yourselves
to
the
table
of
reports
issued
issues
as
you'll
see.
We've
issued
20
reports
during
this
period.
A
You'll
see
as
well
in
the
table,
we've
now
started
to
include
the
assurance
streams
within
the
update
report.
You'll
be
familiar
with
that
from
the
annual
report
and
the
plan.
So
it's
a
good
way
really
of
showing
the
diverse
range
of
assurances
that
each
audit
provides.
So
it's
not
just
one
area.
It
shows
that
each
audit
we
do
provides
a
range
of
assurances
across
so
many
different
areas
and
building
on
that
as
well,
you'll
see
sections
six
and
seven.
A
They
include
the
details
of
the
other
audit
work
and
that's
what
louise
was
mentioning
earlier
on
during
the
glasgow
report.
So
it
shows
that
we
aren't
just
reliant
on
on
the
reports
that
we
issue
we
get
involved
in
so
much
different
stuff.
That
contributes
to
the
assurances
and
I
think
it
reflects
on
again
the
forward-thinking
nature
of
the
team
and
all
the
the
range
of
things
that
we're
involved
in
that
build
up
that
opinion
over
the
course
of
the
year.
A
So,
under
the
table
of
reports
issued,
you
will
see
there
are
details
of
the
limited
opinions
that
we've
given,
as
well
as
our
follow-up
work
and
other
areas
of
particular
significance.
So
that
you
have
the
information
around
that
another
area,
that's
new
to
this
particular
update,
is
the
graph
that
we've
included.
A
I
think
that's
in
section
nine,
so
you'll
see
that
shows
productivity
against
the
audit
plan
there.
So
it
shows
the
total
number
of
days
that
we
planned
to
spend
in
each
area
over
the
year.
The
total
number
that
we
expected
to
spend
by
this
stage
and
then
the
actual
number
of
days
that
we've
spent.
So
hopefully
this
begins
to
offer
members
some
reassurance
that
we're
broadly
unplanned
when
it
comes
to
delivering
assurances
in
the
areas
that
we
agreed
back
in
march
this
year.
A
So
we
do
always
investigate
where
we've
received
a
score
of
two
or
below,
and
in
this
particular
instance,
I
can
offer
some
reassurance
to
members
that
that
score
was
attributed
for
reasons
that
were
largely
beyond
our
control
really,
but
that
we
fully
appreciate
at
the
same
time.
So
so
it
was
a
school
audit,
this
one
related
to
and
in
undertaking
the
audit
remotely.
A
But
the
score
wasn't
a
reflection
on
the
performance
of
the
auditor
or
the
value
that
we
added
and
in
fact
they
actually
commended
the
auditor
in
the
survey
that
they'd
returned,
but
we
do
offer
to
carry
out
to
this
school
it's
in
every
audit
in
in
person.
Obviously,
things
may
change
a
little
bit
with
the
rules
changing
at
the
moment,
but
we
always
try
our
very
best
to
minimize
disruption
and
in
this
instance,
it
just
shows,
unfortunately,
that
the
client
did
feel
that
it
did
disrupt
in
it
in
a
way.
A
But
it
also,
I
feel,
reinforces
the
integrity
and
objectivity
of
the
feedback
process,
which
I
know
was
something
we
talked
about
at
one
of
the
last
meetings.
So
it
does
show
that
auditees
are
comfortable
in
returning
honest
feedback,
even
where
it's
not
favorable,
and
that
is
really
crucial
to
us
in
helping
to
identify
areas
for
us
to
improve
so
on
the
satisfaction
questionnaires.
Just
staying
on
that
issue
for
the
time
being,
you'll
see
in
the
update
report
that
we've
also
included
a
graph
that
shows
the
return
rate
by
directorate.
A
So
I'd
like
to
actually
thank
members
for
asking
for
this,
as
the
benefit
of
that,
it
showed
a
light
on
the
fact
that
the
return
rate
is
particularly
lower
in
schools.
So
it's
prompted
us
to
look
into
that
and
there
are
a
few
reasons
for
it.
So,
firstly,
getting
feedback
from
schools
tends
to
be
a
challenging
area
for
audit
teams
nationally,
and
we've
talked
about
that
with
some
of
our
peers.
A
Secondly,
many
of
the
school
audits
are
regular
audits
that
they
pay
for
and
that
we
complete
on
quite
a
frequent
basis
for
them.
So
they
may
feel
that
they've
already
filled
in
feedback
at
another
point
recently.
Well,
the
fact
that
they
come
back
to
us
repeatedly
shows
that
they
are
satisfied
with
us
by
default.
A
A
So
in
response,
we've
now
tailored
a
specific
form
to
issue
on
the
voluntary
fund
audits,
so
that'll
enable
us
to
gather
consistent
and
valuable
feedback
that
aligns
with
the
feedback
that
we
produce
to
members
regularly
and
also,
I
guess
it's
less
imposing
for
the
schools
to
complete
turning
focuses
specifically
on
the
areas
that
relate
to
those
audits,
and
we
haven't
actually
already
received
a
positive
return
on
this.
Since
this
report
was
written.
A
A
Really
so,
finally,
you'll
see
in
the
quality
assurance
sections
that
we've
included
a
reference
to
the
recent
inspections,
so
our
iso
assessments
and
also
the
glasgow
assessment
that
you
received
the
report
on
earlier
and
we've
now
provided
our
quality
assurance
improvement
program.
That
I
think
previously
was
only
tended
to
include
this
during
the
annual
report
and
opinion.
A
But
now
I
feel
it
is
beneficial
for
us
to
show
this
to
you
in
each
of
the
quarterly
updates,
so
that
you
can
see
the
progress
that
we
make
on
our
service
and
procedural
improvement
tasks,
and
I
think
this
reflects
really
well
actually
on
the
initiative
and
commitment
of
the
whole
team.
So
it
shows
all
of
the
things
that
we
get
involved
in
to
improve
the
way
that
we
do
things,
and
it
also
does
pick
up
the
issues
that
were
that
were
raised
in
the
glasgow
report
that
you
received
earlier.
A
A
C
Yes,
thank
you
chair.
Sorry,
if
I've
got
a
dodgy
connection
here,
just
a
quick
one.
First
of
all,
thank
you.
Jonathan
for
the
the
presentation
and
letting
us
know
directly
to
directorate
in
terms
of
customer
satisfaction
questionnaire.
Would
I
be
right
in
saying
in
terms
of
getting
the
response
back
from
the
external
auditors,
is
that
was
that
an
outstanding
sort
of
response
that
we
received
on
top
of
the
two
requested
or
or
why
is
it
be
out
of
two?
And
secondly,
in
terms
of
the
cross?
C
A
No
problem
at
all
counter
armor,
so
the
three
that
we've
received
against
two
that
were
issued
that
reflects
the
time
lag
here,
so
we
obviously
send
out
our
requests
for
feedback
after
every
audit
that's
been
completed
and
then
they
can
come
through
at
different
times.
So
one
came
through
relating
to
the
previous
period
that
we'd
asked
for
previously.
A
So
that's
why
we
report
three
that
we've
got
during
the
period,
but
we
actually
only
asked
for
for
two
that
relate
toward
it's
completed
during
this
period
and
there'll
always
be
a
bit
of
a
time
lag
there.
So
again,
sometimes
where
you
see
that
we've
got
no
response,
it
doesn't
mean
that
we
definitely
won't
get
a
response.
It
may
be
that
that
response
comes
later,
so
it
just
reflects
the
balance
of
time
there
and,
secondly,
the
cross-cutting
one
and
sorry
for
that
terminology.
I
realized
you
wouldn't
necessarily
be
familiar
with
that.
A
That
relates
to
grant
work
that
we've
done
where
you
don't
really
align
or
we
haven't
aligned
that
to
a
specific
directorate.
So
it
relates
to,
I
guess,
work
that
spans
across
a
few
areas
of
the
council,
and
we
do
do
some
audits
as
well,
where
it
isn't
necessarily
direct
specific.
So
we've
classified
it
a
bit
differently
there,
because
we,
because
it
hasn't
been
aligned
to
a
specific
service
area.
If
that
makes
sense.
C
Chair,
may
I
just
ask
a
follow-up
please,
and
just
while
we're
on
that
graph,
I
mean
obviously
the
the
past
year
and
a
half
or
two
years
have
been
exceptional
years.
How
do
we
compare
with
regards
to
school
sort
of
feedback
on
questionnaires,
customer
service
services,
sorry
customer
satisfaction,
questionnaires
and
other
feedback
with
regards
to
families
and
children
and
schools?
C
A
I
Yeah
thanks
chair
councillor,
almas
has
really
asked
my
question
it.
It
was
to
confirm
that
if
we
were
to
go
back
over
a
longer
period
in
terms
of
non-returns,
whether
it
would
still
be
the
schools
we
were
largely
responsible
for
for
the
concerns
that
I
think
we've
expressed.
So
I
think
it's
just
seeking
that
reassurance
that
that
this
snapshot
is
representative
rather
than
just
a
one-up.
A
After
the
meeting
I
will
have
a
look
back
at
the
annual
report
actually
because
that
does
provide
some
more
data
from
the
previous
year.
So
I
will
respond
to
that
one,
but
we
may
already
have
the
data
from
the
annual
reports
and
then
we'll
confirm
that
with
you.
Well,
the
school's
thing
like
I
say
it
has
shown
a
bit
of
a
light
on
it
that
there's
more
that
we
can
do
in
one
area
to
try
and
encourage
that
feedback.
So
I
feel
very
positive
that
we've
got
on
the
front
foot
on
that
one
straight
away.
F
Thank
you
chair.
I've
just
got
two
quick
questions.
If
I
may,
on
page
89
paragraph
5.2.1,
it's
about
the
report
on
the
no
recourse
to
public
funds,
there's
a
there's,
a
line
in
there
that
says
the
audit
provided
limited
assurance
for
compliance
with
the
control
environment
as
a
result
of
issues
identified
with
the
accuracy
of
some
payments,
so
again
not
wanting
to
dive
into
the
detail,
but
was
that
systemic
or
were
they
one-off
payments?
F
And
I
guess
my
follow-on
question
to
that.
If
I
may
is,
if
you
know
what
what
what,
if
it's
systemic,
what
what's
been?
What's
being
done
about
that
and
then
my
second
question
is
around
the
new
table
that
you've
put
in
at
section
six,
and
I
think
it's
helpful
to
see
all
the
additional
work
that
internal
audits
doing
and
and
commendable
that
you
are
doing
that
additional
stuff.
F
I
guess
for
me
from
from
a
receiver
of
assurance,
I'm
keen
to
know.
I
know
it's
not
assurance
a
lot
of
it's
advisory,
but
some
of
it's
providing
a
check.
A
tick
against
grant
claims,
for
example.
Is
there
anything
I
noticed
on
the
first
item
in
that
box?
Tells
us
how
it
contributes
to
assurance,
but
also
says
whether
it's
satisfactory
or
not,
but
the
rest
of
them.
Don't
they
just
tell
us
how
it
contributes
to
a
particular
area
of
assurance.
F
Is
there
any
scope
possibility
to
just
say
whether
it's
a
good,
bad
or
indifferent
conclusion
that
you've
come
to
from
the
work
that
you've
done,
because
I
just
can't
see
that
I
can
see
that
you've
done
something
I
don't
know.
I
don't
know
what
it's
telling
me
and
I
don't
mean
that
to
sound
hurried.
But
if
you
know
what
I
mean
they
were
my
two
areas:
if
that's
okay.
A
A
So
we
are
looking
at
ways
of
trying
to
automate
that
within
the
system,
which
would
have
obviously
eradicate
that
scope
for
for
human
error
at
times
there-
and
I
know
our
lead
in
that
area
up
into
the
audit
manager-
sits
on
the
project
board
in
the
children's
and
families
section
looking
at
how
they
can
increase
automation
with
the
system.
So
it
is
something
that
we
are
working
with
them
on
and
they
were
relatively
small
monetary
value,
but
enough
to
say
that
there's
something
more
that
can
be
done
there
and
we
are.
A
We
are
taking
that
forward
on
the
second
point
around
the
other
restaurants,
where
I
think
you
raise
a
very
good
point
there
and
we
have
discussed,
I
think,
separately
around
the
data
analytics
work,
for
example,
that
we
plan
to
do
around
treasury.
That
will
report
it
through
that
area
and
I
think,
giving
an
indication
of
the
outcomes
and
some
reassurance
to
yourselves
that
the
work
was,
for
example,
broadly
satisfactory.
A
It
is
something
that
we
can
build
into
that
section,
and
these
are
the
areas
where
we
do
really
welcome
this
sort
of
feedback,
because
it
highlights
it's
a
new
section
for
us,
but
the
more
information
that
we
can
provide.
That's
useful
to
you
and
it's
value,
adding
to
you
the
better,
really
so
definitely
come.
The
next
update.
We
will
look
at
providing
some
more
information
around
that
sort
of
thing.