Minutes of Meeting

Audit, Risk and Improvement Committee Meeting

 

Venue

Conference Room, Station Street, Mullumbimby

Date

Thursday, 18 May 2023

Time

11.30am

 

 

 

BYRON SHIRE COUNCIL

Audit, Risk and Improvement Committee Meeting Minutes    18 May 2023

Minutes of the Audit, Risk and Improvement Committee Meeting held on Thursday, 18 May 2023

File No: I2023/748

PRESENT: Cr A Hunter

 

Independent Members:       Patrick Grier (Chairperson)

Michael Georghiou

                                                Bernard Grinberg

 

Staff:  Mark Arnold (General Manager)

            Esmeralda Davis (Director Corporate and Community Services)

            Phil Holloway (Director Infrastructure Services)

            Heather Sills (Manager Corporate Services) [Virtual]

            James Brickley (Manager Finance)

            Colin Baker (Manager Business Systems and Technology)

            Amber Watt (Strategic Risk Coordinator)

            Mila Jones (Governance and Internal Audit Coordinator)

Ralph James (Legal Services) [Virtual]

            Amber Evans Crane (Minute Taker)

 

Other Attendees:                  Jarrod Lean (Grant Thornton) [Virtual]

                                                Adam Bradfield (Thomas Noble and Russell) [Virtual]

 

 

At the commencement of the meeting, Michael Georghiou resigned as Chair and Patrick Grier was elected as the new Chair of the Committee.

Patrick Grier (Chair) opened the meeting at 12:09PM and acknowledged that the meeting was being held on Bundjalung Country.

 

Attendance via AUDIO-VISUAL LINK:

Jarrod Lean (Grant Thornton), Adam Bradfield (Thomas Noble and Russell), Heather Sills (Manager Corporate Services) and Ralph James (Legal Services) attended the meeting virtually.

Apologies:

Cr M Swivel

Declarations of Interest – Pecuniary and Non-Pecuniary

Patrick Grier declared a pecuniary interest in Report 4.3. The nature of the interest being that he is the President/Chair of the Northern Rivers Rail Trail Association and with a possible conflict with the project listed as a proposal to use the corridor for a train service.

 

 

Adoption of Minutes from Previous Meetings

Report No. 3.1           Minutes of the Audit, Risk and Improvement Committee Meeting held 16 February 2023

File No:                       I2023/304

 

Committee Recommendation:

That the minutes of the Audit, Risk and Improvement Committee Meeting held on 16 February 2023 be confirmed.                                                                             (Hunter/Grier)

The recommendation was put to the vote and declared carried.

Note: The minutes of the meeting held on 16 February 2023 were noted, and the Committee Recommendations adopted by Council, at the Ordinary Meeting held on 23 March 2023.

Business Arising from Previous Minutes

There was no business arising from previous minutes.

 

 

 

Staff Reports - Corporate and Community Services

Report No. 4.1           Implementation of the OLG Guidelines for Risk Management and Internal Audit for Local Government in NSW

File No:                       I2023/387

 

Committee Recommendation:

1.      That the Audit, Risk and Improvement Committee notes the status of the implementation of the OLG Guidelines for Risk Management and Internal Audit Framework for Local Councils in NSW.

2.      That Council adopt the draft Internal Audit Charter (Attachment 1 E2022/127884).                                                                                                                          (Grier/Hunter)

The recommendation was put to the vote and declared carried.

 

 

Report No. 4.2           Performance Measurement - Outcomes Measurement Framework

File No:                       I2022/1899

 

Committee Recommendation:

That the Audit, Risk, and Improvement Committee notes the Outcomes Measurement Framework provided in Attachment 1 (E2022/126119).

                                                                                                                             (Hunter/Georghiou)

The recommendation was put to the vote and declared carried.

 

 

Report No. 4.3           Priority Projects

File No:                       I2023/700

 

Committee Recommendation:

That the Audit, Risk, and Improvement Committee notes the Report on ‘Priority Projects.’                                                                                                                               (Hunter/Grinberg)

The recommendation was put to the vote and declared carried.

 

 

 

Report No. 4.4           Fraud and Corruption Control Policy

File No:                       I2023/385

 

Committee Recommendation:

1.      That Council adopts the draft revised Fraud and Corruption Control Policy.

2.      That the Fraud and Corruption Framework Review be included in the draft FY2025 Internal Audit Program.                                                                           (Hunter/Grinberg)

The recommendation was put to the vote and declared carried.

 

 

Report No. 4.5           Draft Risk Management Policy and Risk Management Strategy

File No:                       I2023/591

 

Committee Recommendation:

1.      That Council adopt the draft revised Risk Management Policy (E2023/31169).

2.      That the Audit, Risk, and Improvement Committee endorses the draft Risk Management Strategy (E2023/31170).

          (Hunter/Georghiou)

The recommendation was put to the vote and declared carried.

   

PROCEDURAL MOTION

 

That the meeting move into confidential session for the following reasons:

 

Report No. 5.1            Confidential - Q2 & Q3 Risk Report - October 2022 to March 2023

 

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolves to move into Confidential Session to discuss the report Risk Report.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      matters affecting the security of the council, councillors, council staff or council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Risk Management  


 

Report No. 5.2            Confidential - Internal Audit Report Quarter 3 2022-2023 including Food Safety and Swimming Pools Review

 

1.      That pursuant to Section 10A(2)(d)i of the Local Government Act, 1993, the Committee moves into Confidential Session to discuss the report Internal Audit Report Quarter 3 2022-2023 including Food Safety and Swimming Pools Review.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      commercial information of a confidential nature that would, if disclosed prejudice the commercial position of the person who supplied it

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as the nature and content of internal audit reports is for operational purposes.   

Report No. 5.3            Confidential - 2022-2023 External Audit Engagement Plan

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolves to move into Confidential Session to discuss the report 2022-2023 External Audit Engagement Plan.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

The report contains details of systems and/or arrangements that have been implemented to protect Council, Councillors, Staff and Council property.

 

Report No. 5.4            Confidential - External Audit Actions Quarter 3 2022-2023 Update

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolves to move into Confidential Session to discuss the report External Audit Actions Quarter 3 2022-2023 Update.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:  

a)      matters affecting the security of the council, councillors, council staff or council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Nature and content of audit reports is for operational purposes and report details information about Council systems, controls and processes.   

 

Report No. 7.1            Confidential - Cyber Security and IT System Outages Quarterly Update

1.      That pursuant to Section 10A(2)(f) of the Local Government Act, 1993, Council resolves to move into Confidential Session to discuss the report Cyber Security and IT System Outages Quarterly Update.

2.      That the reasons for closing the meeting to the public to consider this item be that the report contains:

a)      details of systems and/or arrangements that have been implemented to protect council, councillors, staff and council property

3.      That on balance it is considered that receipt and discussion of the matter in open Council would be contrary to the public interest, as:

Exposes information security risks and vulnerabilities that could assist unauthorised threats to Council's information and systems.

 

 

Confidential Reports - Corporate and Community Services

Report No. 5.1           Confidential - Q2 & Q3 Risk Report - October 2022 to March 2023

File No:                       I2023/532

Committee Recommendation:

1.      That the Audit, Risk and Improvement Committee notes the attached Risk Report.

2.      That the next draft internal audit four year program include a review of Council’s Risk Management Framework.

3.      That the Strategic Risk Register SR6 Financial Sustainability include reference to upfront project cost benefit analysis.                                                 (Hunter/Grinberg)

 

The recommendation was put to the vote and declared carried.

 

 

 

 

Report No. 5.2           Confidential - Internal Audit Report Quarter 3 2022-2023 including Food Safety and Swimming Pools Review

File No:                       I2023/370

Committee Recommendation:

That Council notes:

1.      The Audit, Risk and Improvement Committee notes the Internal Auditors Summary of Internal Audit Recommendations for Quarter 3 2022-2023 at Attachment 1 (E2023/39723) and their Internal Audit Status Update May 2023 at Attachment 4 (E2023/39739).

2.      The Audit, Risk and Improvement Committee endorses the recommendations from the Executive Team to close off 16 internal audit recommendations from Quarter 3 2022-2023 as listed in Table 1 of this report (a summary from Attachment 2 E2023/34738).

3.      The Audit, Risk and Improvement Committee endorses that Management implement the recommendations made in the Internal Audit of Food Safety and Swimming Pools (March 2023) (Attachment 3 E202331211) subject to the administrative correction.

4.      The Internal and external auditors and management develop a scope for review of monitoring and control of caravan park revenue as an extra audit item for FY2024 and the review includes a comparison of industry benchmarks for return on investment.                                                                                                                    (Grinberg/Hunter)

The recommendation was put to the vote and declared carried.

 

 

Report No. 5.3           Confidential - 2022-2023 External Audit Engagement Plan

File No:                       I2023/399

Committee Recommendation:

That Council notes the External Audit Engagement Plan prepared by the Audit Office of New South Wales for the year ended 30 June 2023 as outlined in Confidential Attachment 1 (#E2023/21582).                                                                                                   (Grinberg/Hunter)

The recommendation was put to the vote and declared carried.

 

 

 

Report No. 5.4           Confidential - External Audit Actions Quarter 3 2022-2023 Update

File No:                       I2023/699

Committee Recommendation:

That the Audit, Risk and Improvement Committee notes the external audit activity update for the quarter ending 31 March 2023 as outlined in this report.

                                                                                                                                 (Grinberg/Hunter)

The recommendation was put to the vote and declared carried.

 

Adam Bradfield left the meeting at 1:36pm.

 

 

For Information Only

Report No. 7.1            Confidential - Cyber Security and IT System Outages Quarterly Update

File No:                        I2023/497

 

 

Jarrod Lean left the meeting at 1:42pm.

 

 

Report No. 7.2            Service Reviews: The "I" in ARIC

File No:                        I2023/587

 

 

Report No. 7.3            Fraud and Corruption Control Update

File No:                        I2023/586

 

 

Report No. 7.4            Draft Operational Plan 2023/24

File No:                        I2023/556

 

 

Report No. 7.5            Items for discussion as requested by ARIC members

File No:                        I2023/588

 

 

There being no further business the meeting concluded at 1:44pm.