Notice of Meeting

bsc_logo_150dpi_rgb

Audit, Risk and Improvement Committee Meeting

An Audit, Risk and Improvement Committee Meeting of Byron Shire Council will be held as follows:

Venue

Conference Room, Station Street, Mullumbimby

Date

Thursday, 20 May 2021

Time

11.30am

 

 

 

 

 

Vanessa Adams

Director Corporate and Community Services

I2021/789

                                                                                                                             Distributed 13/05/21

 

 


CONFLICT OF INTERESTS

What is a “Conflict of Interests” - A conflict of interests can be of two types:

Pecuniary - an interest that a person has in a matter because of a reasonable likelihood or expectation of appreciable financial gain or loss to the person or another person with whom the person is associated.

Non-pecuniary – a private or personal interest that a Council official has that does not amount to a pecuniary interest as defined in the Code of Conduct for Councillors (eg. A friendship, membership of an association, society or trade union or involvement or interest in an activity and may include an interest of a financial nature).

Remoteness – a person does not have a pecuniary interest in a matter if the interest is so remote or insignificant that it could not reasonably be regarded as likely to influence any decision the person might make in relation to a matter or if the interest is of a kind specified in the Code of Conduct for Councillors.

Who has a Pecuniary Interest? - a person has a pecuniary interest in a matter if the pecuniary interest is the interest of the person, or another person with whom the person is associated (see below).

Relatives, Partners - a person is taken to have a pecuniary interest in a matter if:

·                The person’s spouse or de facto partner or a relative of the person has a pecuniary interest in the matter, or

·                The person, or a nominee, partners or employer of the person, is a member of a company or other body that has a pecuniary interest in the matter.

N.B. “Relative”, in relation to a person means any of the following:

(a)  the parent, grandparent, brother, sister, uncle, aunt, nephew, niece, lineal descends or adopted child of the person or of the person’s spouse;

(b)  the spouse or de facto partners of the person or of a person referred to in paragraph (a)

No Interest in the Matter - however, a person is not taken to have a pecuniary interest in a matter:

·                If the person is unaware of the relevant pecuniary interest of the spouse, de facto partner, relative or company or other body, or

·                Just because the person is a member of, or is employed by, the Council.

·                Just because the person is a member of, or a delegate of the Council to, a company or other body that has a pecuniary interest in the matter provided that the person has no beneficial interest in any shares of the company or body.

Disclosure and participation in meetings

·                A Councillor or a member of a Council Committee who has a pecuniary interest in any matter with which the Council is concerned and who is present at a meeting of the Council or Committee at which the matter is being considered must disclose the nature of the interest to the meeting as soon as practicable.

·                The Councillor or member must not be present at, or in sight of, the meeting of the Council or Committee:

(a)     at any time during which the matter is being considered or discussed by the Council or Committee, or

(b)     at any time during which the Council or Committee is voting on any question in relation to  the matter.

No Knowledge - a person does not breach this Clause if the person did not know and could not reasonably be expected to have known that the matter under consideration at the meeting was a matter in which he or she had a pecuniary interest.

Non-pecuniary Interests - Must be disclosed in meetings.

There are a broad range of options available for managing conflicts & the option chosen will depend on an assessment of the circumstances of the matter, the nature of the interest and the significance of the issue being dealt with.  Non-pecuniary conflicts of interests must be dealt with in at least one of the following ways:

·                It may be appropriate that no action be taken where the potential for conflict is minimal.  However, Councillors should consider providing an explanation of why they consider a conflict does not exist.

·                Limit involvement if practical (eg. Participate in discussion but not in decision making or vice-versa).  Care needs to be taken when exercising this option.

·                Remove the source of the conflict (eg. Relinquishing or divesting the personal interest that creates the conflict)

·                Have no involvement by absenting yourself from and not taking part in any debate or voting on the issue as of the provisions in the Code of Conduct (particularly if you have a significant non-pecuniary interest)

RECORDING OF VOTING ON PLANNING MATTERS

Clause 375A of the Local Government Act 1993 – Recording of voting on planning matters

(1)  In this section, planning decision means a decision made in the exercise of a function of a council under the Environmental Planning and Assessment Act 1979:

(a)  including a decision relating to a development application, an environmental planning instrument, a development control plan or a development contribution plan under that Act, but

(b)  not including the making of an order under that Act.

(2)  The general manager is required to keep a register containing, for each planning decision made at a meeting of the council or a council committee, the names of the councillors who supported the decision and the names of any councillors who opposed (or are taken to have opposed) the decision.

(3)  For the purpose of maintaining the register, a division is required to be called whenever a motion for a planning decision is put at a meeting of the council or a council committee.

(4)  Each decision recorded in the register is to be described in the register or identified in a manner that enables the description to be obtained from another publicly available document, and is to include the information required by the regulations.

(5)  This section extends to a meeting that is closed to the public.


BYRON SHIRE COUNCIL

BUSINESS OF MEETING

 

1.    Apologies

2.    Declarations of Interest – Pecuniary and Non-Pecuniary

3.    Adoption of Minutes from Previous Meetings

3.1       Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 18 February 2021................................................................................................................. 5

 

4.    Staff Reports

Corporate and Community Services

4.1       2020/21 Operational Plan Report - Q3 - March 2021.............................................. 7     

5.    Confidential Reports

Corporate and Community Services

5.1       Confidential - Internal Audit Report - May 2021............................................. 11

5.2       Confidential - Risk Management Update......................................................... 13

5.3       Confidential - Business Continuity Plan Review 2021................................... 14

5.4       Confidential - Cyber Security and System Outages Quarterly Update....... 16

5.5       Confidential - External Audit Actions Quarter 3 2020-2021 Update............ 17

 

 


BYRON SHIRE COUNCIL

Adoption of Minutes from Previous Meetings                                                   3.1

Adoption of Minutes from Previous Meetings

 

Report No. 3.1       Adoption of Minutes from Audit, Risk and Improvement Committee Meeting 18 February 2021 

Directorate:                         Corporate and Community Services

Report Author:                   Emma Fountain, Strategic Risk & Business Continuity Coordinator

File No:                                 I2021/593

 

  

 

RECOMMENDATION:

That the minutes of the Audit, Risk and Improvement Committee Meeting held on 18 February 2021 be confirmed.

 

 

Attachments:

 

1        Minutes 18/02/2021 Audit, Risk and Improvement Committee, I2021/243  

 


 

Report

The attachment to this report provides the minutes of the Audit, Risk and Improvement Committee Meeting of 18 February 2021 . 

Report to Council

The minutes were reported to Council on 25 March 2021.Comments

In accordance with the Committee Recommendations, Council resolved the following:

21-080

Resolved that Council adopts the following Committee Recommendation:

Report No. 5.4 2020 Year End Audit Management Letter

File No: I2021/205

Committee Recommendation 5.4.1

That the comments provided by Management in response to issues raised in the 2020 Year End Audit Management Letter (#E2021/30330) be noted by Council and the Audit, Risk and Improvement Committee.)

 

21-081

Resolved that Council adopts the following Committee Recommendation:

Report No. 5.5 2020-2021 External Audit Engagement Plan

File No: I2021/206

Committee Recommendation 5.5.1

That Council notes the External Audit Engagement Plan prepared by the Audit Office of New South Wales for the year ended 30 June 2021 as outlined in Confidential Attachment 1 (#E2021/31603).


BYRON SHIRE COUNCIL

Staff Reports - Corporate and Community Services                                    4.1

Staff Reports - Corporate and Community Services

 

Report No. 4.1       2020/21 Operational Plan Report - Q3 - March 2021

Directorate:                         Corporate and Community Services

Report Author:                   Heather Sills, Corporate Planning and Improvement Coordinator

File No:                                 I2021/746

Summary:

Council’s Operational Plan outlines its projects and activities to achieve the commitments in its four-year Delivery Program. In accordance with the Local Government Act 1993 progress reports must be provided at least every six months.

The proposed amendments to the Local Government Act suggest increased involvement of ARIC in the oversight of Council’s Integrated Planning and Reporting practices. In preparation for this requirement and as good practice, ARIC requested  a regular quarterly report  be provided to ARIC meetings for information, summarising Council’s progress towards achieving the annual activities contained in the 2020/21 Operational Plan.

This report is the third quarterly progress report for the period 1 January to 31 March 2021. 

  

 

 

RECOMMENDATION:

That the Audit, Risk, and Improvement Committee notes the 2020/21 Operational Plan Quarter 3 Report and proposed amendments being reported to Council at the 27 May Ordinary Meeting.

Attachments:

 

1        Operational Plan Quarterly Report - Q3 - March 2021, E2021/63408  

2        Quarter 3 Report - Proposed Amendments to Operational Plan 2020/21, E2021/51099  

 


 

Report

The Delivery Program and Operational Plan are two key corporate documents that establish Council’s goals and priorities for the term of the Council and the current financial year. The Delivery Program is supported by the annual Operational Plan, which identifies the individual projects and activities that will be undertaken for the year to achieve the commitments made in the Delivery Program.

The General Manager is required to provide six monthly progress reports to the Council on the progress toward the delivery program, in accordance with the Local Government Act 1993 s404 which states:

“The general manager must ensure that regular progress reports are provided to the council reporting as to its progress with respect to the principal activities detailed in its delivery program. Progress reports must be provided at least every 6 months

While the requirement is six monthly reporting, the Council is provided with a Quarterly Report on the activities in the Operational Plan, to promote effective and efficient reporting and decision making.

Strategic Objectives

The report (#E2021/4352) is structured by the five ‘Our Byron, Our Future’ Community Strategic Plan 2028 objectives:

·        Community Objective 1:     We have infrastructure, transport and services which meet our expectations

·        Community Objective 2:     We cultivate and celebrate our diverse cultures, lifestyle and sense of community

·        Community Objective 3:     We protect and enhance our natural environment

·        Community Objective 4:     We manage growth and change responsibly

·        Community Objective 5:     We have community led decision making which is open and inclusive

Report Details

The report details Council’s progress towards achieving the activities in the 2020/21 Operational Plan. It includes a status update on progress and notes any highlights or exceptions where actions may be delayed or reprioritised. 

Each section notes the progress against the activities including:

·        Activity

·        Responsible directorate

·        Measure

·        Timeframe

·        Comments

·        Status

o   On track – indicates that an activity is currently on track, taking into account the timeframe, measures, and budget

o   Delayed – indicates that an activity is progressing, but not currently on track with the timeframe, measures, or budget

o   Needs attention – indicates that the scope of the activity may need to be reviewed in line with constraints such as timeframe/budget

o   Not commenced – the activity is not due to have commenced or has not commenced

o   Completed – the activity has been completed in accordance with the prescribed measures

Summary of Activities

The chart below provides a summary of the status of the Operational Plan activities as at 31 March 2021.

Strategic Considerations

Community Strategic Plan and Operational Plan

CSP Objective

L2

CSP Strategy

L3

DP Action

L4

OP Activity

Community Objective 5:  We have community led decision making which is open and inclusive

5.2

Create a culture of trust with the community by being open, genuine and transparent

5.2.1

Provide timely, accessible and accurate information to the community

5.2.1.2

Continuous improvement of corporate planning and reporting process

Legal/Statutory/Policy Considerations

The General Manager is required under Section 404 (5) of the Local Government Act 1993 to provide regular progress reports as to the Council’s progress with respect to the principal activities detailed in the Delivery Program/Operational Plan.  Progress reports must be provided at least every six months.

Financial Considerations

Council’s financial performance for the reporting period is addressed in the Quarterly Budget Review, which is subject to a separate report included in this business paper.

Consultation and Engagement

The development of the Delivery Program was informed by extensive engagement around the Community Strategic Plan and specifically a Community Solutions Panel on infrastructure priorities.

The progress reports on the Operational Plan and Delivery Program are published on Council’s website as a way of ensuring transparency around how Council is progressing activities and actions.


BYRON SHIRE COUNCIL

Confidential Reports - Corporate and Community Services                    5.1

Confidential Reports - Corporate and Community Services

 

Report No. 5.1       Confidential - Internal Audit Report - May 2021

Directorate:                         Corporate and Community Services

Report Author:                   Emma Fountain, Strategic Risk & Business Continuity Coordinator

File No:                                 I2021/594

Summary:

This report presents the Internal Audit Status Report – May 2021 prepared by Council and the Internal Auditor, O’Connor Marsden and Associates (OCM). The report is at Confidential Attachment 1 (E2021/63051).

This status report contains the remaining recommendations from each audit review conducted by Council’s previous internal audit provider as well as recommendations from recently completed audit reviews conducted by OCM.

This report also presents the Internal Audit of Stores (Inventory Management) – April 2021 completed by OCM. The report is at Confidential Attachment 2 (E2021/59676).

This audit received a review rating of 3 - Weak and it identified one high, three medium and one minor rated issue. Agreed recommendations and actions are included in Confidential Attachment 2 (E2021/59676).

 

RECOMMENDATION:

1.      That pursuant to Section 10A(2)(d)i of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Internal Audit Report - May 2021.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      commercial information of a confidential nature that would, if disclosed prejudice the commercial position of the person who supplied it

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

nature and content of internal audit report is for operational purposes   

Attachments:

 

1        Internal Audit Status Report - May  2021, E2021/63051  

2        Internal Audit Review - Inventory Management - April 2021 (final), E2021/59676  

 

 


BYRON SHIRE COUNCIL

Confidential Reports - Corporate and Community Services                    5.2

Report No. 5.2       Confidential - Risk Management Update

Directorate:                         Corporate and Community Services

Report Author:                   Emma Fountain, Strategic Risk & Business Continuity Coordinator

File No:                                 I2021/595

Summary:

This report presents an update on Council’s risk registers for the quarter ending 31 March 2021.

 

RECOMMENDATION:

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Risk Management Update.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Risk Management  

Attachments:

 

1        Confidential - Risk Reports (Quarter 3 2020-21), E2021/53312  

 

 


BYRON SHIRE COUNCIL

Confidential Reports - Corporate and Community Services                    5.3

Report No. 5.3       Confidential - Business Continuity Plan Review 2021

Directorate:                         Corporate and Community Services

Report Author:                   Emma Fountain, Strategic Risk & Business Continuity Coordinator

File No:                                 I2021/625

Summary:

This report presents the revised Business Continuity Plan (BCP) documentation comprising:

·    BCP Part 1 – Manual

·    BCP Part 2 – Procedure

·    BCP – Contacts List and Business Continuity Coordination Centre Locations

·    Directorate Business Continuity Plans (containing Critical Function Sub Plans):

o General Manager’s Office

o Corporate & Community Services

o Infrastructure Services

o Sustainable Environment & Economy

(Refer Confidential Attachment E2021/56241)

 

RECOMMENDATION:

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Business Continuity Plan Review 2021.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Risk Management  

Attachments:

 

1        Confidential - Business Continuity Plan (V2 - Endorsed by ET 21 April 2021), E2021/56241  

 

 


BYRON SHIRE COUNCIL

Confidential Reports - Corporate and Community Services                    5.4

Report No. 5.4       Confidential - Cyber Security and System Outages Quarterly Update

Directorate:                         Corporate and Community Services

Report Author:                   Colin Baker, Manager Business Systems and Technology

File No:                                 I2021/656

Summary:

This report provides a summary of cyber security incidents and IT service outages during the period of 1 January 2021 to 31 March 2021.

A cyber security incident occurred with Council’s email system. No data was compromised or lost in this incident.

There were no extended IT service outages during the reporting period.

 

RECOMMENDATION:

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report Cyber Security and System Outages Quarterly Update.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Exposes security risk and vulnerabilities that could assist unauthorised threats to Council's data and systems.  

Attachments:

 

1        ARIC Security Incident Report 2021 Q1, E2021/58590  

2        ARIC Incident Outage Report 2021 Q1, E2021/58589  

3        ARIC Security Intrusion Detection Report 2021 Q1, E2021/58587  

 

 


BYRON SHIRE COUNCIL

Confidential Reports - Corporate and Community Services                    5.5

Report No. 5.5       Confidential - External Audit Actions Quarter 3 2020-2021 Update

Directorate:                         Corporate and Community Services

Report Author:                   James Brickley, Manager Finance

File No:                                 I2021/767

Summary:

This report provides an update on the audit matters raised in the 2020 External Audit Year End Management Letter, the 2020 External Audit Interim Management Letter and the 2019 External Audit Year End Management Letter for the quarter ending 31 March 2021.

 

RECOMMENDATION:

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolve to move into Confidential Session to discuss the report External Audit Actions Quarter 3 2020-2021 Update.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and Council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Nature and content of audit reports is for operational purposes and report details information about Council systems, controls and processes.  

Attachments:

 

1        Confidential - External Audit Actions Update Quarter 3 2020-2021, E2021/66065