Notice of Meeting
Audit, Risk and Improvement Committee Meeting
An Audit, Risk and Improvement Committee Meeting of Byron Shire Council will be held as follows:
Venue |
Conference Room, Station Street, Mullumbimby |
Date |
Thursday, 20 May 2021 |
Time |
11.30am |
Vanessa Adams
Director Corporate and Community Services
I2021/789
Distributed 13/05/21
CONFLICT OF INTERESTS
What is a “Conflict of Interests” - A conflict of interests can be of two types:
Pecuniary - an interest that a person has in a matter because of a reasonable likelihood or expectation of appreciable financial gain or loss to the person or another person with whom the person is associated.
Non-pecuniary – a private or personal interest that a Council official has that does not amount to a pecuniary interest as defined in the Code of Conduct for Councillors (eg. A friendship, membership of an association, society or trade union or involvement or interest in an activity and may include an interest of a financial nature).
Remoteness – a person does not have a pecuniary interest in a matter if the interest is so remote or insignificant that it could not reasonably be regarded as likely to influence any decision the person might make in relation to a matter or if the interest is of a kind specified in the Code of Conduct for Councillors.
Who has a Pecuniary Interest? - a person has a pecuniary interest in a matter if the pecuniary interest is the interest of the person, or another person with whom the person is associated (see below).
Relatives, Partners - a person is taken to have a pecuniary interest in a matter if:
· The person’s spouse or de facto partner or a relative of the person has a pecuniary interest in the matter, or
· The person, or a nominee, partners or employer of the person, is a member of a company or other body that has a pecuniary interest in the matter.
N.B. “Relative”, in relation to a person means any of the following:
(a) the parent, grandparent, brother, sister, uncle, aunt, nephew, niece, lineal descends or adopted child of the person or of the person’s spouse;
(b) the spouse or de facto partners of the person or of a person referred to in paragraph (a)
No Interest in the Matter - however, a person is not taken to have a pecuniary interest in a matter:
· If the person is unaware of the relevant pecuniary interest of the spouse, de facto partner, relative or company or other body, or
· Just because the person is a member of, or is employed by, the Council.
· Just because the person is a member of, or a delegate of the Council to, a company or other body that has a pecuniary interest in the matter provided that the person has no beneficial interest in any shares of the company or body.
Disclosure and participation in meetings
· A Councillor or a member of a Council Committee who has a pecuniary interest in any matter with which the Council is concerned and who is present at a meeting of the Council or Committee at which the matter is being considered must disclose the nature of the interest to the meeting as soon as practicable.
· The Councillor or member must not be present at, or in sight of, the meeting of the Council or Committee:
(a) at any time during which the matter is being considered or discussed by the Council or Committee, or
(b) at any time during which the Council or Committee is voting on any question in relation to the matter.
No Knowledge - a person does not breach this Clause if the person did not know and could not reasonably be expected to have known that the matter under consideration at the meeting was a matter in which he or she had a pecuniary interest.
Non-pecuniary Interests - Must be disclosed in meetings.
There are a broad range of options available for managing conflicts & the option chosen will depend on an assessment of the circumstances of the matter, the nature of the interest and the significance of the issue being dealt with. Non-pecuniary conflicts of interests must be dealt with in at least one of the following ways:
· It may be appropriate that no action be taken where the potential for conflict is minimal. However, Councillors should consider providing an explanation of why they consider a conflict does not exist.
· Limit involvement if practical (eg. Participate in discussion but not in decision making or vice-versa). Care needs to be taken when exercising this option.
· Remove the source of the conflict (eg. Relinquishing or divesting the personal interest that creates the conflict)
· Have no involvement by absenting yourself from and not taking part in any debate or voting on the issue as of the provisions in the Code of Conduct (particularly if you have a significant non-pecuniary interest)
RECORDING OF VOTING ON PLANNING MATTERS
Clause 375A of the Local Government Act 1993 – Recording of voting on planning matters
(1) In this section, planning decision means a decision made in the exercise of a function of a council under the Environmental Planning and Assessment Act 1979:
(a) including a decision relating to a development application, an environmental planning instrument, a development control plan or a development contribution plan under that Act, but
(b) not including the making of an order under that Act.
(2) The general manager is required to keep a register containing, for each planning decision made at a meeting of the council or a council committee, the names of the councillors who supported the decision and the names of any councillors who opposed (or are taken to have opposed) the decision.
(3) For the purpose of maintaining the register, a division is required to be called whenever a motion for a planning decision is put at a meeting of the council or a council committee.
(4) Each decision recorded in the register is to be described in the register or identified in a manner that enables the description to be obtained from another publicly available document, and is to include the information required by the regulations.
(5) This section extends to a meeting that is closed to the public.
BYRON SHIRE COUNCIL
2. Declarations of Interest – Pecuniary and Non-Pecuniary
3. Adoption of Minutes from Previous Meetings
3.1 Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 18 February 2021................................................................................................................. 5
4. Staff Reports
Corporate and Community Services
4.1 2020/21 Operational Plan Report - Q3 - March 2021.............................................. 7
5. Confidential Reports
Corporate and Community Services
5.1 Confidential - Internal Audit Report - May 2021............................................. 11
5.2 Confidential - Risk Management Update......................................................... 13
5.3 Confidential - Business Continuity Plan Review 2021................................... 14
5.4 Confidential - Cyber Security and System Outages Quarterly Update....... 16
5.5 Confidential - External Audit Actions Quarter 3 2020-2021 Update............ 17
BYRON SHIRE COUNCIL
Adoption of Minutes from Previous Meetings 3.1
Adoption of Minutes from Previous Meetings
Report No. 3.1 Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 18 February 2021
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2021/593
RECOMMENDATION:
That the minutes of the Audit, Risk and Improvement Committee Meeting held on 18 February 2021 be confirmed.
1 Minutes 18/02/2021 Audit, Risk and Improvement Committee, I2021/243
Report
The attachment to this report provides the minutes of the Audit, Risk and Improvement Committee Meeting of 18 February 2021 .
Report to Council
The minutes were reported to Council on 25 March 2021.Comments
In accordance with the Committee Recommendations, Council resolved the following:
Staff Reports - Corporate and Community Services 4.1
Staff Reports - Corporate and Community Services
Report No. 4.1 2020/21 Operational Plan Report - Q3 - March 2021
Directorate: Corporate and Community Services
Report Author: Heather Sills, Corporate Planning and Improvement Coordinator
File No: I2021/746
Summary:
Council’s Operational Plan outlines its projects and activities to achieve the commitments in its four-year Delivery Program. In accordance with the Local Government Act 1993 progress reports must be provided at least every six months.
The proposed amendments to the Local Government Act suggest increased involvement of ARIC in the oversight of Council’s Integrated Planning and Reporting practices. In preparation for this requirement and as good practice, ARIC requested a regular quarterly report be provided to ARIC meetings for information, summarising Council’s progress towards achieving the annual activities contained in the 2020/21 Operational Plan.
This report is the third quarterly progress report for the period 1 January to 31 March 2021.
RECOMMENDATION:
That the Audit, Risk, and Improvement Committee notes the 2020/21 Operational Plan Quarter 3 Report and proposed amendments being reported to Council at the 27 May Ordinary Meeting.
1 Operational Plan Quarterly Report - Q3 - March 2021, E2021/63408
2 Quarter 3 Report - Proposed Amendments to Operational Plan 2020/21, E2021/51099
Report
The Delivery Program and Operational Plan are two key corporate documents that establish Council’s goals and priorities for the term of the Council and the current financial year. The Delivery Program is supported by the annual Operational Plan, which identifies the individual projects and activities that will be undertaken for the year to achieve the commitments made in the Delivery Program.
The General Manager is required to provide six monthly progress reports to the Council on the progress toward the delivery program, in accordance with the Local Government Act 1993 s404 which states:
“The general manager must ensure that regular progress reports are provided to the council reporting as to its progress with respect to the principal activities detailed in its delivery program. Progress reports must be provided at least every 6 months”
While the requirement is six monthly reporting, the Council is provided with a Quarterly Report on the activities in the Operational Plan, to promote effective and efficient reporting and decision making.
Strategic Objectives
The report (#E2021/4352) is structured by the five ‘Our Byron, Our Future’ Community Strategic Plan 2028 objectives:
· Community Objective 1: We have infrastructure, transport and services which meet our expectations
· Community Objective 2: We cultivate and celebrate our diverse cultures, lifestyle and sense of community
· Community Objective 3: We protect and enhance our natural environment
· Community Objective 4: We manage growth and change responsibly
· Community Objective 5: We have community led decision making which is open and inclusive
Report Details
The report details Council’s progress towards achieving the activities in the 2020/21 Operational Plan. It includes a status update on progress and notes any highlights or exceptions where actions may be delayed or reprioritised.
Each section notes the progress against the activities including:
· Activity
· Responsible directorate
· Measure
· Timeframe
· Comments
· Status
o On track – indicates that an activity is currently on track, taking into account the timeframe, measures, and budget
o Delayed – indicates that an activity is progressing, but not currently on track with the timeframe, measures, or budget
o Needs attention – indicates that the scope of the activity may need to be reviewed in line with constraints such as timeframe/budget
o Not commenced – the activity is not due to have commenced or has not commenced
o Completed – the activity has been completed in accordance with the prescribed measures
Summary of Activities
The chart below provides a summary of the status of the Operational Plan activities as at 31 March 2021.
Strategic Considerations
Community Strategic Plan and Operational Plan
CSP Objective |
L2 |
CSP Strategy |
L3 |
DP Action |
L4 |
OP Activity |
||||||
Community Objective 5: We have community led decision making which is open and inclusive |
5.2 |
Create a culture of trust with the community by being open, genuine and transparent |
5.2.1 |
Provide timely, accessible and accurate information to the community |
5.2.1.2 |
Continuous improvement of corporate planning and reporting process |
||||||
Legal/Statutory/Policy Considerations
The General Manager is required under Section 404 (5) of the Local Government Act 1993 to provide regular progress reports as to the Council’s progress with respect to the principal activities detailed in the Delivery Program/Operational Plan. Progress reports must be provided at least every six months.
Financial Considerations
Council’s financial performance for the reporting period is addressed in the Quarterly Budget Review, which is subject to a separate report included in this business paper.
Consultation and Engagement
The development of the Delivery Program was informed by extensive engagement around the Community Strategic Plan and specifically a Community Solutions Panel on infrastructure priorities.
The progress reports on the Operational Plan and Delivery Program are published on Council’s website as a way of ensuring transparency around how Council is progressing activities and actions.
Confidential Reports - Corporate and Community Services 5.1
Confidential Reports - Corporate and Community Services
Report No. 5.1 Confidential - Internal Audit Report - May 2021
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2021/594
Summary:
This report presents the Internal Audit Status Report – May 2021 prepared by Council and the Internal Auditor, O’Connor Marsden and Associates (OCM). The report is at Confidential Attachment 1 (E2021/63051).
This status report contains the remaining recommendations from each audit review conducted by Council’s previous internal audit provider as well as recommendations from recently completed audit reviews conducted by OCM.
This report also presents the Internal Audit of Stores (Inventory Management) – April 2021 completed by OCM. The report is at Confidential Attachment 2 (E2021/59676).
This audit received a review rating of 3 - Weak and it identified one high, three medium and one minor rated issue. Agreed recommendations and actions are included in Confidential Attachment 2 (E2021/59676).
RECOMMENDATION:
1. That pursuant to Section 10A(2)(d)i of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Internal Audit Report - May 2021.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) commercial information of a confidential nature that would, if disclosed prejudice the commercial position of the person who supplied it
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
nature and content of internal audit report is for operational purposes
Attachments:
1 Internal Audit Status Report - May 2021, E2021/63051
2 Internal Audit Review - Inventory Management - April 2021 (final), E2021/59676
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.2
Report No. 5.2 Confidential - Risk Management Update
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2021/595
Summary:
This report presents an update on Council’s risk registers for the quarter ending 31 March 2021.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Risk Management Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Risk Management
Attachments:
1 Confidential - Risk Reports (Quarter 3 2020-21), E2021/53312
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.3
Report No. 5.3 Confidential - Business Continuity Plan Review 2021
Directorate: Corporate and Community Services
Report Author: Emma Fountain, Strategic Risk & Business Continuity Coordinator
File No: I2021/625
Summary:
This report presents the revised Business Continuity Plan (BCP) documentation comprising:
· BCP Part 1 – Manual
· BCP Part 2 – Procedure
· BCP – Contacts List and Business Continuity Coordination Centre Locations
· Directorate Business Continuity Plans (containing Critical Function Sub Plans):
o General Manager’s Office
o Corporate & Community Services
o Infrastructure Services
o Sustainable Environment & Economy
(Refer Confidential Attachment E2021/56241)
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Business Continuity Plan Review 2021.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Risk Management
Attachments:
1 Confidential - Business Continuity Plan (V2 - Endorsed by ET 21 April 2021), E2021/56241
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.4
Report No. 5.4 Confidential - Cyber Security and System Outages Quarterly Update
Directorate: Corporate and Community Services
Report Author: Colin Baker, Manager Business Systems and Technology
File No: I2021/656
Summary:
This report provides a summary of cyber security incidents and IT service outages during the period of 1 January 2021 to 31 March 2021.
A cyber security incident occurred with Council’s email system. No data was compromised or lost in this incident.
There were no extended IT service outages during the reporting period.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Cyber Security and System Outages Quarterly Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Exposes security risk and vulnerabilities that could assist unauthorised threats to Council's data and systems.
1 ARIC Security Incident Report 2021 Q1, E2021/58590
2 ARIC Incident Outage Report 2021 Q1, E2021/58589
3 ARIC Security Intrusion Detection Report 2021 Q1, E2021/58587
BYRON SHIRE COUNCIL
Confidential Reports - Corporate and Community Services 5.5
Report No. 5.5 Confidential - External Audit Actions Quarter 3 2020-2021 Update
Directorate: Corporate and Community Services
Report Author: James Brickley, Manager Finance
File No: I2021/767
Summary:
This report provides an update on the audit matters raised in the 2020 External Audit Year End Management Letter, the 2020 External Audit Interim Management Letter and the 2019 External Audit Year End Management Letter for the quarter ending 31 March 2021.
RECOMMENDATION:
1. That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report External Audit Actions Quarter 3 2020-2021 Update.
2. That the reasons for closing the meeting to the public to consider this item be that the report contains:
a) details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property
3. That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:
Nature and content of audit reports is for operational purposes and report details information about Council systems, controls and processes.
1 Confidential - External Audit Actions Update Quarter 3 2020-2021, E2021/66065