Notice of Meeting
Audit, Risk and Improvement Committee Meeting
An Audit, Risk and Improvement Committee Meeting of Byron Shire Council will be held as follows:
Venue |
Conference Room, Station Street, Mullumbimby |
Date |
Thursday, 12 November 2020 |
Time |
11.30am |
Vanessa Adams
Director Corporate and Community Services I2020/1749
Distributed 05/11/20
CONFLICT OF INTERESTS
What is a “Conflict of Interests” - A conflict of interests can be of two types:
Pecuniary - an interest that a person has in a matter because of a reasonable likelihood or expectation of appreciable financial gain or loss to the person or another person with whom the person is associated.
Non-pecuniary – a private or personal interest that a Council official has that does not amount to a pecuniary interest as defined in the Code of Conduct for Councillors (eg. A friendship, membership of an association, society or trade union or involvement or interest in an activity and may include an interest of a financial nature).
Remoteness – a person does not have a pecuniary interest in a matter if the interest is so remote or insignificant that it could not reasonably be regarded as likely to influence any decision the person might make in relation to a matter or if the interest is of a kind specified in the Code of Conduct for Councillors.
Who has a Pecuniary Interest? - a person has a pecuniary interest in a matter if the pecuniary interest is the interest of the person, or another person with whom the person is associated (see below).
Relatives, Partners - a person is taken to have a pecuniary interest in a matter if:
§ The person’s spouse or de facto partner or a relative of the person has a pecuniary interest in the matter, or
§ The person, or a nominee, partners or employer of the person, is a member of a company or other body that has a pecuniary interest in the matter.
N.B. “Relative”, in relation to a person means any of the following:
(a) the parent, grandparent, brother, sister, uncle, aunt, nephew, niece, lineal descends or adopted child of the person or of the person’s spouse;
(b) the spouse or de facto partners of the person or of a person referred to in paragraph (a)
No Interest in the Matter - however, a person is not taken to have a pecuniary interest in a matter:
§ If the person is unaware of the relevant pecuniary interest of the spouse, de facto partner, relative or company or other body, or
§ Just because the person is a member of, or is employed by, the Council.
§ Just because the person is a member of, or a delegate of the Council to, a company or other body that has a pecuniary interest in the matter provided that the person has no beneficial interest in any shares of the company or body.
Disclosure and participation in meetings
§ A Councillor or a member of a Council Committee who has a pecuniary interest in any matter with which the Council is concerned and who is present at a meeting of the Council or Committee at which the matter is being considered must disclose the nature of the interest to the meeting as soon as practicable.
§ The Councillor or member must not be present at, or in sight of, the meeting of the Council or Committee:
(a) at any time during which the matter is being considered or discussed by the Council or Committee, or
(b) at any time during which the Council or Committee is voting on any question in relation to the matter.
No Knowledge - a person does not breach this Clause if the person did not know and could not reasonably be expected to have known that the matter under consideration at the meeting was a matter in which he or she had a pecuniary interest.
Non-pecuniary Interests - Must be disclosed in meetings.
There are a broad range of options available for managing conflicts & the option chosen will depend on an assessment of the circumstances of the matter, the nature of the interest and the significance of the issue being dealt with. Non-pecuniary conflicts of interests must be dealt with in at least one of the following ways:
§ It may be appropriate that no action be taken where the potential for conflict is minimal. However, Councillors should consider providing an explanation of why they consider a conflict does not exist.
§ Limit involvement if practical (eg. Participate in discussion but not in decision making or vice-versa). Care needs to be taken when exercising this option.
§ Remove the source of the conflict (eg. Relinquishing or divesting the personal interest that creates the conflict)
§ Have no involvement by absenting yourself from and not taking part in any debate or voting on the issue as of the provisions in the Code of Conduct (particularly if you have a significant non-pecuniary interest)
RECORDING OF VOTING ON PLANNING MATTERS
Clause 375A of the Local Government Act 1993 – Recording of voting on planning matters
(1) In this section, planning decision means a decision made in the exercise of a function of a council under the Environmental Planning and Assessment Act 1979:
(a) including a decision relating to a development application, an environmental planning instrument, a development control plan or a development contribution plan under that Act, but
(b) not including the making of an order under that Act.
(2) The general manager is required to keep a register containing, for each planning decision made at a meeting of the council or a council committee, the names of the councillors who supported the decision and the names of any councillors who opposed (or are taken to have opposed) the decision.
(3) For the purpose of maintaining the register, a division is required to be called whenever a motion for a planning decision is put at a meeting of the council or a council committee.
(4) Each decision recorded in the register is to be described in the register or identified in a manner that enables the description to be obtained from another publicly available document, and is to include the information required by the regulations.
(5) This section extends to a meeting that is closed to the public.
BYRON SHIRE COUNCIL
Audit, Risk and Improvement Committee Meeting
2. Declarations of Interest – Pecuniary and Non-Pecuniary
3. Adoption of Minutes from Previous Meetings
3.1 Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 20 August 4
4. Staff Reports
Corporate and Community Services
4.1 Status of Council Policies 2019 - 2020........................................................................... 23
4.2 Update on delegations in place 2019 - 2020................................................................... 39
4.3 Operational Plan 2020/21 - First Quarter Report - Q1 - 1 July to 30 September 2020.. 79
5. Confidential Reports
Corporate and Community Services
5.1 Confidential - Risk Management - Update........................................................... 181
5.2 Confidential - Audit Status Report - November 2020........................................... 182
5.3 Confidential - Cyber Security and System Outages Quarterly Update............... 183
5.4 Confidential - External Audit Actions Quarter 1 2020-2021 Update..................... 184
The Draft 2019/2020 Financial Statements have been completed but are still undergoing audit review especially in regards to the asset revaluations for roads, bridges, footpaths, stormwater drainage and community land. With this in mind they are not ready to be distributed with the agenda. It may be possible to provide a late report to the Audit, Risk and Improvement Committee before the 12 November 2020 Meeting but if not still finalised at that point, a verbal update will be provided.
BYRON SHIRE COUNCIL
Adoption of Minutes from Previous Meetings 3.1
Adoption of Minutes from Previous Meetings
Report No. 3.1 Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 20 August
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2020/1737
RECOMMENDATION: That the minutes of the Audit, Risk and Improvement Committee Meeting held on 20 August 2020 be confirmed.
|
1 Minutes
20/08/2020 Audit, Risk and Improvement Committee, I2020/1200 , page 6⇩
2 Audit Risk
and Improvement Committee Constitution (Adopted 22 10 20 Res 20-577), E2020/87552 , page 14⇩
Report
The attachment to this report provides the minutes of the Audit, Risk and Improvement Committee Meeting of 20 August 2020 .
Report to Council
The minutes were reported to Council on 22 October 2020.
Comments
In accordance with the Committee Recommendations, the Audit, Risk and Improvement Committee Constitution was adopted by Council on 22 October 2020 (Resolution 20-577) (attached).
Staff Reports - Corporate and Community Services 4.1
Staff Reports - Corporate and Community Services
Report No. 4.1 Status of Council Policies 2019 - 2020
Directorate: Corporate and Community Services
Report Author: Mila Jones, Governance Coordinator
File No: I2020/1056
Summary:
This report is submitted to the Audit, Risk and Improvement Committee to assist the Committee in fulfilling its obligations under its Constitution and the Local Government Act 1993.
An important component of public sector governance is establishing key policies and ensuring they are available, regularly updated and monitored for compliance.
An annual review of Council’s policies is conducted by the Governance Coordinator and coordinated with relevant document development officers. This is the first report to ARIC on the status of Council’s policies, and is proposed to be submitted annually in accordance with the draft Annual Agenda Schedule currently being considered.
RECOMMENDATION: 1. That the Audit, Risk and Improvement Committee notes the status of Council’s policies as provided in this report.
2. That the Audit Risk and Improvement Committee receive an annual report on Delegations as a standing item at their November meetings. |
1 Status of
Policies as at 30/06/2020, E2020/85743
, page 27⇩
2 Interim
Status of Policy Review 2020-2021 (showing status as at 30/10/2020 for
comparison), E2020/85745 , page 33⇩
REPORT
This report is submitted to assist the Audit, Risk and Improvement Committee in fulfilling its obligations under its Constitution and the Local Government Act 1993.
The Constitution provides at part 4 the Committee’s duties and responsibilities which include:
4.1 Compliance
a) Review whether management has in place relevant policies and procedures, and these are periodically reviewed and updated.
In response to a previous internal audit recommendation (2017 Internal Audit of Corporate Compliance and Policy Management), Council has improved its commitment to and resourcing of, the coordination, review and maintenance of Council’s policies, to support ongoing improvement.
Policy status as at 30 June 2020
As at 30 June 2020 Council had 103 adopted Council policies which are also published on Council’s website.
The status of the 103 policies was:
Status as at 30/06/20 |
Number |
Percentage |
Current |
41 |
39.8% |
Submitted to Council |
2 |
1.9% |
Review Initiated |
10 |
9.7% |
Overdue for Review |
50 |
48.5% |
It was also determined in 2019/20, that a further 23 policies (not included in the table above) were redundant and these were endorsed for repeal by Council.
Although the figures above suggest a low review rate, this is a snapshot in time of a continuous improvement journey. At 30 June 2019 for example, only 27.4% of policies were current. As at 30 October 2020, 50% of policies are current and 29.8% overdue, indicating a continuing positive trend.
Next steps – Review 2020-2021
Staff continue to review Council policies, with the Governance team providing the processes and framework to support currency across the organisation.
A rolling four year policy review timetable has been developed to assist the review process. It has been included in this report at Attachment 1. This timetable is subject to change where updates to legislation may require certain policies to be reviewed sooner than anticipated.
The policy review for 2020 -2021 has commenced strongly, and it is worth noting that 16 policies have already been reviewed in the period 1 July to 30 October 2020 with a number of them ready for reporting to Council on 26 November 2020. Further details are included in Attachment 2.
Improved policy template for accessibility
Further work is also being undertaken in this review period to convert all policies to a new template that provides improved online accessibility, including better formatting for assistive technology such as screen readers. Font sizes and spacing have also been increased to improve general readability.
STRATEGIC CONSIDERATIONS
Community Strategic Plan and Operational Plan
|
CSP Objective |
L2 |
CSP Strategy |
L3 |
DP Action |
L4 |
OP Activity |
|
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.3 |
Provide access to publicly available corporate registers |
5.2.3.2 |
Review, update and publish Council policies online and report on the status of Council’s policy register |
|
|
Community Objective 5: We have community led decision making which is open and inclusive |
5.6 |
Manage Council’s resources sustainably |
5.6.7 |
Develop and embed a proactive risk management culture |
5.6.7.4 |
Implement Internal Audit and External Audit recommendations as appropriate |
|
|
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.1 |
Provide timely, accessible and accurate information to the community |
5.2.1.6 |
Review and update Council business templates for consistency and accessibility |
|
|
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.1 |
Provide timely, accessible and accurate information to the community |
5.2.1.7 |
Ensure all
content, including documents, published to the website complies with DDA and
WCAG Level AA standards. |
|
|
Legal/Statutory/Policy Considerations
Councils have a number of statutory policies that it must adopt, the others are optional. These optional policies are useful to:
· reflect a council’s key issues and responsibilities
· guide staff and ensure consistency
· clearly inform the public of a council’s commitments
Not keeping abreast of the most recent developments in legislative requirements, and the community’s and Council’s position on certain matters, undermines confidence in Council’s decision making process. This in turn, may have an adverse impact on Council’s reputation.
Additionally, the risk of maintaining outdated policy positions is that persons may form the incorrect view that certain activities are still acceptable or legal.
Financial Considerations
There are no financial implications.
Consultation and Engagement
Acting Manager Corporate Services
Governance Coordinator
Managers
Document Development Officers
Executive Team
Council
Public via exhibition periods
Note: All Council Policies are available on Council’s website at https://www.byron.nsw.gov.au/Council/Your-right-to-Council-information/Policies
Staff Reports - Corporate and Community Services 4.2
Report No. 4.2 Update on delegations in place 2019 - 2020
Directorate: Corporate and Community Services
Report Author: Mila Jones, Governance Coordinator
File No: I2020/1627
Summary:
This report is submitted to the Audit, Risk and Improvement Committee (ARIC) to assist the Committee in fulfilling its obligations under its Constitution and the Local Government Act 1993.
A review of Council’s delegations register is conducted by the Governance Coordinator on an on-going basis and reported to the Executive Team every six months. This is the first report to the ARIC meeting and is proposed to be submitted annually in accordance with the draft Annual Agenda Schedule.
RECOMMENDATION: 1. That the Audit, Risk and Improvement Committee notes this report.
2. That the Audit Risk and Improvement Committee receive an annual report on the Policy Register as a standing item at their November meetings. |
1 Delegations
by Category as at 30/10/2020, E2020/85898
, page 44⇩
REPORT
This report is submitted to assist the Audit, Risk and Improvement Committee in fulfilling its obligations under its Constitution and the Local Government Act 1993.
The Constitution provides at part 4 the Committee’s duties and responsibilities which include:
4.5 Governance
a) Review whether appropriate processes and systems are in place for the management and exercise of delegations.
The full list of functions and authorities that have been delegated to Council staff and the Mayor is provided at Attachment 1. This register is reviewed and updated six monthly, and may be amended due to legislative changes, policy changes, resolution or otherwise. There is a total of 229 active functions and authorities in Council’s Delegations Register, with the relevant delegations assigned to approximately 300 staff members and the Mayor.
The following reviews of Council’s delegations were undertaken for the period 2019 to 2020.
Review to 31 December 2019
The following delegations were reviewed and updated for the reasons and recommendations outlined in the table below:
Delegation |
Reason for change |
Staff recommendation |
|
DEG003 |
Authorise payment of salaries and wages Authorise the payment of
salaries and wages subject to two signatories for
each authorisation.
|
Less prescriptive, not relevant for all councils |
* Minor change * Update as suggested
(currently assigned to Manager Finance, Financial Operations Accountant, Management/Asset Accountant) |
DEG078 |
Issue or Carry on Proceedings (including prosecutions), and to Act and Negotiate on behalf of Council on Legal Issues
|
Gives clarity |
* Update as suggested
(currently assigned to Manager People and Culture) |
DEG080 |
|
Delete as it overlaps with delegation DEG078 |
* Delete as suggested * Move staff (noted below) currently delegated with this function to DEG078 (limiting them to parts a) and b))
(currently assigned to all enforcement officers) |
DEG085 |
Issue prevention notices, clean up notices or prohibition
notices |
Amended wording to better suit the roles under the Act |
* Update as suggested
(currently assigned to Gateway Planner, Animal and Enforcement Officer, Team Leader Community Enforcement) |
DEG086 |
Issue notices of
intention |
Amended wording to better suit the roles under the Act |
* Update as suggested
(currently assigned to Animal and Enforcement Support Officer, Community Enforcement Officer, Team Leader Community Enforcement) |
DEG087 |
Issue |
Amended wording to better suit the roles under the Act |
* Update as suggested
(currently assigned to Building Services Supervisor Gateway Planner, Local Approvals Officer, Building Certifier, Animal and Enforcement Support Officer, Community Enforcement Officer, Team Leader Community Enforcement, Compliance Planner) |
DEG108 |
Operate and maintain the Council Airport in accordance with all applicable legislative requirements and Council’s applicable operation manual |
Recognises that a council may have an operations manual |
* Update as suggested in order to take into account any current or future adoption of an operation manual
(currently assigned to Open Space Facilities Coordinator) |
DEG151 |
Issue general infringement/penalty notices relating to Environmental Planning and Assessment Act 1979 Issue infringement notices
under the Self Enforcing Infringement Notice Scheme relating to the
Environmental Planning and Assessment Act 1979 |
Removes unnecessary wording |
* Update as suggested to make function more general
(currently assigned to Environmental Health Officer, Animal and Enforcement Support Officer, Community Enforcement Officer, Parking Enforcement Officer, Parking Enforcement Supervisor, Team Leader Community Enforcement, Compliance Planner, Environmental Health Coordinator |
DEG179 |
|
Delete as it overlaps with DEG083 and DEG084 |
* Delete as suggested * Move staff (noted below) currently delegated with this function to DEG083
(currently assigned to Team Leader Community Enforcement, Compliance Planner) |
Review to 30 June 2020
During this review period, the amended legislation listed below was noted to have had no effect on Council’s register of delegations:
1. Biodiversity Conservation Act 2016
2. Building Professionals Act 2005
3. Children (Education and Care Services National Law Application) Act 2010
4. Community Land Management Act 1989
5. Crown Land Management Act 2016
6. Environmental Planning and Assessment Act 1979
7. Government Information (Public Access) Act 2009
8. Liquor Act 2007
9. Local Government Act 1993
10. Privacy and Personal Information Protections Act 1998
11. Protection of the Environment Operations Act 1997
12. Public Health Act 2010
13. Public Interest Disclosures Act 1994
14. Unclaimed Money Act 1995;
15. Water Management Act 2000
16. Work Health and Safety Act 2011
There was, however, an additional delegation that was incorporated into our register based on the recommendation outlined in the table below:
Proposed Delegation |
Compliance |
Staff recommendation |
|
DEG262 |
Administer the provisions and functions of the Strata Schemes Management Act 2015 and Strata Schemes Management Regulation 2016
|
Compliance with the Strata Schemes Management Act 2015 (ss235, 236 provide councils with powers under this Act)
|
It is rare, if ever, that Council will exercise the power under this legislation. However, consideration could be given to including the delegation in our Register and would then fall under the general delegations of the Director Sustainable Environment and Economy and the Manager Sustainable Development. The Manager Sustainable Development supports the inclusion of this delegation for both the Director and Manager. |
Issues
The delegations assigned to the Mayor and staff are based on the position they hold in Council and the tasks they are required to perform in that position. Staff are at risk of undertaking their roles illegally or not in accordance with Council’s resolutions or policies, when acting outside their delegations or by having incorrect delegations assigned to them.
To increase understanding and acceptance of delegations, the Mayor and staff are required to acknowledge each function and authority either electronically within the Delegations Register or in writing. This done upon commencement of their role or when delegations change.
STRATEGIC CONSIDERATIONS
Community Strategic Plan and Operational Plan
|
CSP Objective |
L2 |
CSP Strategy |
L3 |
DP Action |
L4 |
OP Activity |
|
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.3 |
Provide access to publicly available corporate registers |
5.2.3.1 |
Maintain, publish and report on relevant registers including delegations, Councillors and designated staff Disclosures of Interest, Councillor and staff Gifts and Benefits, and staff secondary employment |
||
Strategic Risk Register
Delegations are listed as a control measure in Council’s Strategic Risk Register with regard to corporate compliance risk:
Risk Title |
Risk Description |
Causes |
Existing Controls |
|
Corporate Compliance |
Council does not implement adequate processes and controls to ensure corporate compliance across the organisation and prevent fraud and corruption leading to significant illegal, fraudulent or corrupt activity and/or breach of legislative or regulatory, requirements resulting in penalties/sanctions, legal disputes or litigation and financial loss |
Inadequate process and
controls, |
Legislative Compliance
Framework, |
Legal/Statutory/Policy Considerations
As identified in the two tables within this report.
Financial Considerations
There are no financial considerations.
Consultation and Engagement
Consultation is held with relevant managers and the Executive Team prior to making any amendments to Council’s Delegations Register.
Staff Reports - Corporate and Community Services 4.3
Report No. 4.3 Operational Plan 2020/21 - First Quarter Report - Q1 - 1 July to 30 September 2020
Directorate: Corporate and Community Services
Report Author: Heather Sills, Corporate Planning and Improvement Coordinator
File No: I2020/1723
Summary:
Council’s Operational Plan outlines its projects and activities to achieve the commitments in its four-year Delivery Program. In accordance with the Local Government Act 1993 progress reports must be provided at least every six months.
The proposed amendments to the Local Government Act suggest increased involvement of ARIC in the oversight of Council’s Integrated Planning and Reporting practices. In preparation for this requirement and as good practice, a regular quarterly report will be provided to future ARIC meetings for information, summarising Council’s progress towards achieving the annual activities contained in the 2020/21 Operational Plan.
This report is the first quarterly progress report for the period 1 July to 30 September 2020.
RECOMMENDATION: 1. That the Audit, Risk, and Improvement Committee notes the Quarter 1 Report on the 2020/21 Operational Plan for the period ending 30 September 2020 (Attachment 1 #E2020/81520).
2. That the Audit Risk and Improvement Committee receive a Quarterly Report on the Operational Plan as a standing item at their November, February, May, and August meetings.
|
1 Operational
Plan Quarterly Report - Q1 - July to September 2020, E2020/81520 , page 82⇩
REPORT
Background
The Delivery Program and Operational Plan are two key corporate documents that establish Council’s goals and priorities for the term of the Council and the current financial year. The Delivery Program is supported by the annual Operational Plan, which identifies the individual projects and activities that will be undertaken for the year to achieve the commitments made in the Delivery Program.
The General Manager is required to provide six monthly progress reports to the Council on the progress toward the Delivery Program, in accordance with the Local Government Act 1993 s404 which states:
“The general manager must ensure that regular progress reports are provided to the council reporting as to its progress with respect to the principal activities detailed in its delivery program. Progress reports must be provided at least every 6 months”
While the requirement is six monthly reporting, in Byron Shire the Council is provided with a quarterly report on the activities in the Operational Plan, to promote effective and efficient reporting and decision making. This report will be provided to Council at its Ordinary Meeting on 22 November 2020.
The proposed amendments to the Local Government Act relating to Audit, Risk, and Improvement Committees (ARIC) suggest that a future mandated role of the ARIC will be “…to continuously review and provide independent advice to the general manager and the governing body of the council about…the achievement of the goals set out in the council’s community strategic plan, delivery program, operational plan, and other strategies.”
In preparation for this requirement and as good practice, a regular quarterly report on the will be provided to future ARIC meetings for information.
Quarter 1 report
The quarterly report details Council’s progress towards achieving the activities in the 2020/21 Operational Plan. It includes a status update on progress and notes any highlights or exceptions where actions may be delayed or reprioritised.
The report (Attachment 1 #E2020/81520) is structured by the five ‘Our Byron, Our Future’ Community Strategic Plan 2028 objectives:
· Community Objective 1: We have infrastructure, transport and services which meet our expectations
· Community Objective 2: We cultivate and celebrate our diverse cultures, lifestyle and sense of community
· Community Objective 3: We protect and enhance our natural environment
· Community Objective 4: We manage growth and change responsibly
· Community Objective 5: We have community led decision making which is open and inclusive
Each section notes the progress against the activities including:
· Activity
· Responsible directorate
· Measure
· Timeframe
· Comments
· Status
o On track – Indicates that an activity is currently on track, taking into account the timeframe, measures, and budget
o Needs attention – Indicates that the scope of the activity may need to be reviewed in line with constraints such as timeframe/budget
o Not commenced – The activity is not due to have commenced or has not commenced
o Completed – The activity has been completed in accordance with the prescribed measures
STRATEGIC CONSIDERATIONS
Community Strategic Plan and Operational Plan
CSP Objective |
L2 |
CSP Strategy |
L3 |
DP Action |
L4 |
OP Activity |
|||||
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.1 |
Provide timely, accessible and accurate information to the community |
5.2.1.2 |
Continuous improvement of corporate planning and reporting process |
|||||
Legal/Statutory/Policy Considerations
The General Manager is required under Section 404 (5) of the Local Government Act 1993 to provide regular progress reports as to the Council’s progress with respect to the principal activities detailed in the Delivery Program/Operational Plan. Progress reports must be provided at least every six months.
Financial issues
Council’s financial performance for the reporting period is addressed in the Quarterly Budget Review, which is subject to a separate report included in this business paper.
Consultation and Engagement
The development of the Delivery Program was informed by extensive engagement around the Community Strategic Plan and specifically a Community Solutions Panel on infrastructure priorities.
The progress reports on the Operational Plan and Delivery Program will be published on Council’s website as a way of ensuring transparency around how Council is progressing activities and actions.
Confidential Reports - Corporate and Community Services 5.1
Confidential Reports - Corporate and Community Services
Report No. 5.1 Confidential - Risk Management - Update
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2020/1604
Summary:
This report presents an update on Council’s risk registers for the quarter ending 30 September 2020.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Risk Management- Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Risk Management
1 Confidential - Risk Reports (Quarter 1 2020-21), E2020/80564
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.2
Report No. 5.2 Confidential - Audit Status Report - November 2020
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2020/1607
Summary:
This report presents the Internal Audit Status Report – November 2020 prepared by Council and the Internal Auditor, O’Connor Marsden and Associates (OCM).
The status report contains the remaining recommendations from each audit review conducted by Council’s previous internal audit provider as well as recommendations from recently completed audit reviews conducted by OCM.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(d)i of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Audit Status Report - November 2020.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) commercial information of a confidential nature that would, if disclosed prejudice the commercial position of the person who supplied it
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
nature and content of audit report is for operational purposes
1 Confidential - Internal Audit Status Report - November 2020, E2020/87675
2 Confidential - Updated Internal Audit Plan October 2020, E2020/82245
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.3
Report No. 5.3 Confidential - Cyber Security and System Outages Quarterly Update
Directorate: Corporate and Community Services
Report Author: Colin Baker, Business Systems and Technology Coordinator
File No: I2020/1611
Summary:
This report provides a summary of cyber security incidents and IT service outages.
No significant cyber incidents or extended IT service outages have been reported during the period of 1 July 2020 to 30 September 2020.
Council has now implemented a cyber intrusion detection feature to the corporate firewall. A large number of cyber intrusion attempts were identified and blocked by this function.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Cyber Security and System Outages Quarterly Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Exposes security risk and vulnerabilities that could assist unauthorised threats to Council's data and systems
1 ARIC Security Intrusion Detection Report 2020 Q3, E2020/83056
2 ARIC Security Incident Report 2020 Q3, E2020/83057
3 ARIC Incident Outage Report 2020 Q3, E2020/83055
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.4
Report No. 5.4 Confidential - External Audit Actions Quarter 1 2020-2021 Update
Directorate: Corporate and Community Services
Report Author: James Brickley, Manager Finance
File No: I2020/1746
Summary:
This report provides and update on the audit matters raised in the 2019 External Audit Year End Management Letter and the 2020 External Audit Interim Management Letter for the quarter ending 30 September 2020.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report External Audit Actions Quarter 1 2021 Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Nature and content of audit reports is for operational purposes and report details information about Council's systems, controls and processes.
1 Confidential - External Audit Actions Update Quarter 1 2020-2021 Update, E2020/88467