Abbreviated Management Summaries of Completed Audit Assignments Appendix B (1)
advertisement
Abbreviated Management Summaries of Completed Audit Assignments Appendix B (1) Report No. NN/12/06 – Final Report issued 22 November 2011 Audit Report on Car Parking and Markets Audit Opinion Limited Assurance given Rationale supporting award of opinion The audit work carried out by Internal Audit indicated that: • Weaknesses in the system of internal controls are such as to put the client’s objectives at risk. • The level of non-compliance puts the client’s objectives at risk. • Whilst it is noted that the Council has taken measures to improve controls over the operation of its car parks and markets with the introduction of new contracts and improved data systems, this opinion recognises that additional enhancements to working practices are still required, as evidenced by the seven medium and two low priority recommendations we have raised to resolve issues found. • The previous audit, the report for which was issued in November 2009, was awarded ‘Adequate Assurance’; hence, the direction of travel indicator shows deterioration since the last audit. Summary of Findings Car Parking – Shared Service Arrangement Monitoring A signed contract and accompanying service level agreement is in place over the shared service arrangements between North Norfolk District Council and Kings Lynn and West Norfolk Borough Council. The service level agreement was found not to outline performance expectations or monitoring procedures. Furthermore, procedures have not been put in place by North Norfolk District Council for monitoring the contract. Operating guidelines have been drafted by North Norfolk District Council which outline the procedures for the issuing of excess charge notices and operation of the enforcement service. These guidelines are still to be agreed by both North Norfolk District Council and Kings Lynn and West Norfolk Borough Council. Invoice payments were found to be accurate with no variations having occurred during the contract to date. Income is received for season tickets, permits, pay and display income and excess charge notice payments. Validation of income does not occur in respect pay and display income. Season tickets and permits are issued by Cashiers with a reconciliation undertaken to help to ensure that all income has been received and is correctly accounted for. The reconciliation had not been undertaken on a timely basis and issues identified from the reconciliation had not been investigated and or resolved. Although some pre-contract meetings were not minuted, quarterly meetings are held with Kings Lynn and West Norfolk Borough Council and are now formally minuted. Markets A Markets Traders are issued licences following completion of an application form and confirmation of public liability insurance. A signed licence was found not to be in place for one trader and there was no evidence that public liability insurance had been consistently checked. Supporting evidence indicated that up to date cover was not always in place. Issues were identified over the timeliness of payments for market rent being made one or two weeks after the permit being issued. In these cases, the permits were backdated. North Norfolk District Council staff undertake market inspections to ensure terms and conditions are being adhered too. Details of these checks or issues arising are not formally or consistently documented. Performance Information Performance expectations with regards the agreement with Kings Lynn and West Norfolk Borough Council have not been effectively documented as previously mentioned. However, North Norfolk District Council has undertaken a benchmarking exercise with the levels of income compared to the previous contract, which indicated a significant increase in the level of income received under the new arrangements to date. Risk Management Risks directly relating to car parking and/or markets have not been identified within the service or corporate risk registers. A risk assessment was included in the business case for the joint car parking arrangements with Kings Lynn and West Norfolk Borough Council which included a risk assessment. This identified three key risks with mitigation plans in place which are monitored accordingly. The review of Corporate Governance and Risk Management (NN1111) identified issues with risk management throughout North Norfolk District Council. An exercise on developing risk management is being undertaken by the Interim Accountancy Services Manager and progress with this is being monitored through Internal Audit’s follow up arrangements on progress with outstanding recommendations. The following number of recommendations has been raised: Adequacy and Effectiveness Assessments Total Area of Scope Adequacy of Controls Effectiveness of Controls Recommendations Raised High Medium Low Car Parking – Shared Service Agreement Monitoring Green Amber 0 4 0 Markets Green Amber 0 3 2 Performance Information **Amber **Amber 0 0 0 Risk management Green ***Amber 0 0 0 0 7 2 ** Issues raised within the area of ‘Car Parking – Shared Service Agreement Monitoring’ ***Issues previously raised within audit NN1111 Corporate Governance and Risk Management High Priority Recommendations No high priority recommendations have been raised as a result of this audit Management Responses Management have agreed all recommendations raised Appendix B (2) Report No. NN/12/08 – Final Report issued 21 December 2011 Audit Report on Sundry Debtors Audit Opinion Limited Assurance given Rationale supporting award of opinion The audit work carried out by Internal Audit indicated that: • Weaknesses in the system of internal controls are such as to put the client’s objectives at risk. • The level of non-compliance puts the client’s objectives at risk. • This opinion results from fact that we have raised six medium and four low priority recommendations. We have re-raised issues identified during the course of our previous audit. • The previous audit, the report for which was issued in November 2009, was awarded ‘Adequate Assurance’. • The position of the arrow indicates there has been a reduction in the level of assurance since the previous audit. Summary of Findings Policies and Procedures Policies and procedures have been documented although these require updating to reflect current practices, including changes resulting from the transfer of the Sundry Debtors function from Revenues to Financial Services and the transfer of responsibility for income collection for garden waste and bulky items to the new waste contractor. Guidance is available to appropriate staff via the shared drive. Raising of Sundry Debtors, Refunds and Transfers Whilst undertaking credit checks on significant debtors was agreed in principle during the previous audit, it was accepted that this needed to be included in written guidance for staff to consider when this was appropriate. However, this requirement has not been formally documented. Manual Invoice Request Forms are raised by services but are not date stamped upon receipt within the Sundry Debtors section. Where several days had elapsed between dates appearing on the request form and the date the invoice was actually raised on the system, it was not possible to establish the reason for this or where the delays had occurred. Invoices are subject to appropriate approvals with supporting documentation retained. There is no independent checking of the processing of refunds. New debtor accounts are not formally approved, although consideration is being given to centralising this process. Issues exist over the systems access rights of the Team Leader – Exchequer and Sundry Debtors. These are referred to in more detail below under the ‘Security’ section of the report. Reconciliations between the sales ledger and the general ledger have not been subject to independent review throughout the current financial year. Suspense Items The suspense account (‘bucket account’) is reviewed daily and unallocated items are promptly cleared with adequate supporting documentation retained. However, there is no evidence of independent spot checking in the transferring of items from the suspense account as agreed during the previous audit. Processing and Recovery of Outstanding Debts Whilst there is evidence of routine monitoring of the recovery process, there is a need for improved control over the monitoring of the aged debt process, including motoring of accounts on hold, debtors paying by instalments and those cases where recovery action is no longer subject to the automated recovery stages. Write off of Outstanding Debts Write offs are processed in line with the documented policy and are properly approved with supporting documentary evidence retained justifying the reason for writing off the debt(s). Only one of the four write off reconciliations to the general ledger undertaken since April 2011 showed evidence of independent check. Security Following the restructuring with effect from 1st July 2011 when the Sundry Debtors function transferred from Revenues to Financial Services, the Team Leader – Exchequer and Sundry Debtors now has system administrator access to amend data in e-financials for both the Sundry Debtor and Exchequer functions. The debtors system is heavily reliant on the work of this officer, who has detailed knowledge to process transactions in both systems, unlike the two other systems administrators based in Accountancy and IT. As noted above, mitigating controls, for example independent review processes, are not operating effectively. Access to other members of the Sundry Debtors Team is restricted to the sundry debtor functions only. Similarly, staff processing other exchequer transactions do not have access to amend sundry debtor data. Performance Information Information for monitoring the two local indicators, days debt recovery outstanding (target of 80 days for the recovery of the debt) and a cumulative percentage comparison of debtor arrears against the previous year, has not been kept up to date for the current financial year so could not be verified. Risk Management The review of Corporate Governance and Risk Management (NN1111) identified issues with risk management throughout North Norfolk District Council. An exercise in developing risk management is being undertaken by the Interim Accountancy Services Manager and progress is being monitored through Internal Audit’s follow up arrangements on progress in implementing outstanding recommendations. Outcomes of the review by the Interim Accountancy Services Manager are due to be reported to the Audit Committee at its December 2011 meeting. An audit of Corporate Governance and Risk Management (NN1210) is scheduled for January 2012. The following number of recommendations has been raised: Adequacy and Effectiveness Assessments Area of Scope Policies and Procedures Raising of Sundry Debtors, Refunds and Transfers Suspense Items Processing and Recovery of Outstanding Debts Write off of Outstanding Debts Security Adequacy of Controls Effectiveness of Controls Recommendations Raised High Medium Low Green Amber 0 0 1 Amber Amber 0 2 2 Amber Amber 0 1 0 Amber Amber 0 2 0 Green Green 0 0 0 Amber Amber 0 1 0 Performance Information Green Amber 0 0 1 Risk management Green **Amber 0 0 0 0 6 4 Total ** Issues previously raised within audit NN1111 Corporate Governance and Risk Management High Priority Recommendations We have not raised any high priority recommendations as a result of this audit Management Responses Management have agreed all recommendations raised Appendix B (3) Report No. NN/12/09 – Final Report issued 10 February 2012 Audit Report on Sports Halls / Centres Audit Opinion Adequate Assurance given Rationale Supporting Award of Opinion The audit work carried out by Internal Audit indicated that: • While there is a basically sound system of internal control, there are weaknesses, which put some of the client’s objectives at risk. • There is evidence that the level of non-compliance with some of the control processes may put some of the client’s objectives at risk. • The opinion is based on the fact that we have raised two medium and two low priority recommendations. • The assurance level has improved since the last audit visit. The position of the arrow indicates previous status. Summary of Findings Sports Halls / Centres Responsibilities of staff are defined within job descriptions and procedural guidance exists covering the core duties undertaken at each centre. There is segregation of duties in the receipt, handling and banking of remittances and in the raising and recovery of sundry debts. There are minor control weaknesses with regards to the purchase ordering / expenditure control processes and there is also scope for additional control with respect to stock control at each site. Controls exist to account for income collected, although good practices around the verification of booking income at North Walsham Sports Centre should be introduced at the other two sites. Salary costs incurred for work completed, including overtime, are properly authorised. Budget monitoring is undertaken on a monthly basis. Sports centre meetings are held on a monthly basis and are attended by all key personnel. These meetings are used as a basis for discussion around, inter alia, performance, risk and finances at each of the centres. No issues were identified with the physical security measures at the sports centres. Dual user agreements are in place with each of the three centres, although only the Cromer High School document provides detail with regards to the responsibility for the upkeep and replacement of equipment/facilities. All three agreements are in need of a review and the Leisure and Cultural Services Manager has undertaken a benchmarking review of similar arrangements at other local authorities with a view to updating the Council’s own agreements. Records are retained to ensure CRB checks and coaching qualifications are kept up to date for staff employed to work at the centres. Mobile Gym / Fit Together The current funding programme for the mobile gym expires at the end of 2011/12. The Leisure and Cultural Services Manager has applied for additional funding from the same source to cover the 2012/13 period. Evidence was obtained of other avenues that are being explored for funding for the continued use of the mobile gym, including partnership working with Active Norfolk, partnership working with Broadland District Council to increase participation in areas that border the two authorities, and utilisation of funding available from the Co-op’s ‘Healthy Living’ programme. Performance Information Performance information is collated from each centre based on monthly participation rates. Targets are set in respect of this measure, which aligns with service objectives. Performance is monitored through the monthly sport centre meetings with figures reported internally through the TEN performance management system. Performance information in respect of Leisure and Cultural Services is also included in quarterly Cabinet performance reports. Risk Management Risks relating to the scope of this audit have been identified and are documented and monitored through the TEN system and mitigating actions are documented for each risk. Risk assessment procedures are also in place for the sports centres and examples were provided of recent health and safety risk assessments having been undertaken across the sites. Monitoring of risk is also a standing agenda item at the monthly sports centre meetings. The following number of recommendations has been raised: Adequacy and Effectiveness Assessments Area of Scope Sports Halls/ Centres Mobile Gym Performance Information Risk Management Adequacy of Controls Effectiveness of Controls Green Amber High 0 Medium 2 Low 2 Green Green Green Green 0 0 0 0 0 0 Green Green 0 0 0 0 2 2 Total Recommendations Raised High Priority Recommendations We have not raised any high priority recommendations as a result of this audit Management Responses Management have agreed all recommendations raised Appendix B (4) Report No. NN/12/10 – Final Report issued 16 February 2012 Audit Report on Corporate Governance Audit Opinion Adequate Assurance given Rationale Supporting Award of Opinion The audit work carried out by Internal Audit indicated that: • While there is a basically sound system of internal control, there are weaknesses, which put some of the client’s objectives at risk. • There is evidence that the level of non-compliance with some of the control processes may put some of the client’s objectives at risk. Summary of Findings Committee Terms of Reference Roles and responsibilities of each committee are defined in the terms of reference (ToR) included within the Constitution. They were last subject to review during November and December 2010 prior to formal approval of the revised Constitution by Full Council on 6th April 2011, in keeping with the annual review requirements. However, there is a need to commence the formal review process in preparation for the annual approval by Full Council at its meeting scheduled on 18th April 2012. This will include changes to the ToR for both the Audit Committee which came to light as a consequence of the CIPFA Self Assessment and to those for the Employment Committee to make it clearer that one of the three members present must include a member of Cabinet. Going forward further in to 2012, there will also be a need to revisit the Constitution sooner than the normal 12 months given that other changes may be required arising from the outcomes of the Localism Act. There is a clear flow of information between committees which accord to their respective Terms of Reference. The Chairman of each committee has the casting vote in order that decisions may be reached. The current version of the Constitution lacks clarity with regard which statutory powers Chief Officers (and Service Managers) have been delegated to discharge their duties, when making decisions under the various statutory frameworks. Adequate representation of members was confirmed to be in place where decisions are taken by committees or Cabinet. Committee Reporting Reporting/decision making is aligned to the respective committee’s ToR. The format of reports to committees is inconsistent at present due to the trialling of a new reporting template which has yet to be fully rolled out across the Council, with the existing version still appearing on the Council’s intranet. Enhancements to the revised version include specific reference to Section 17 of the Crime and Disorder Act, which is missing from the current version and improved clarity over exactly which committees the reports are required to be presented to. Committee reports receive adequate input from senior management prior to presentation to ensure all information and options are presented. Member Training/Development The Council produced a draft Learning and Development Policy prior to the local elections in May 2011. During its drafting it was considered sensible to have one integrated policy that supported wider requirements of both officers and members, as well as the approach that will be required by the Localism agenda. The draft policy sets out the general policy relating to learning and development, including the responsibilities of both Cabinet and the Member Training and Development Support Group (MTDSG), as well as confirming that the Council supports the appropriate development of members and staff. Once the content has been agreed and any changes made where necessary, in particular as a consequence of the new Corporate Plan, it will go out to consultation with UNISON. Although no definite date has been set, according to the Organisational Development Manager, this is likely to be within the next six months. As such, no recommendation has been deemed necessary. A Member Induction Programme was produced in May 2011 following the appointment of the new member administration. The programme was prepared and progress monitored by the MTDSG which comprises both member and officer representation. The MTDSG discussed attaining the Members Development Charter, a quality charter mark; this is being considered by the Council and is to a degree dependent on having an approved Learning and Development Policy in place that covers members. The MTDSG has also liaised with other local authorities to establish ways of improving member training and development. Progress is being made towards identifying and preparing a new training programme for 2012/13. The Council has a budget of £7k for member training which has primarily been spent on the Member Induction Programme and is subject to close monitoring. Appropriate officer support with member development is provided as and when required. Review of Previous Recommendations We established that progress had been made on the one outstanding recommendation relating to Corporate Governance, although this status had not been updated on TEN. The issue related to the Council’s Corporate Governance action plan needing to be updated to reflect the current progress and predicted end dates for actions, which remain outstanding. It focused particularly on one item where it had been marked as ‘some problems: ‘LGC 2009 09 – Review protocol for member nomination and representation on outside committees’ with a predicted end date for this action of 30th September 2009. We were informed by the Interim Accountancy Manager that the Council has revamped the outside bodies’ appointment process and that this is now subject to annual review to update records and to confirm they still have or require an elected member, with the results reported to Full Council annually after the review. As a consequence of the above, this recommendation will be revisited in April 2012 as part of the year-end arrangements for confirming the status with all outstanding recommendations. Adequacy and Effectiveness Assessments Area of Scope Committee Terms of Reference Committee Reporting Member Training Adequacy of Controls Effectiveness of Controls Green Amber High 0 Medium 1 Low 1 Green Amber 0 0 1 Green Green 0 0 0 0 1 2 Total Recommendations Raised High Priority Recommendations We have not raised any high priority recommendations as a result of this audit Management Responses Management have agreed all recommendations raised Appendix B (5) Report No. NN/12/15 – Final Report issued 23 January 2012 Audit Report on Data Consistency Audit Opinion Adequate Assurance given Rationale Supporting Award of Opinion The audit work carried out by Internal Audit indicated that: While there is a basically sound system of internal control, there are weaknesses, which put some of the Council’s objectives at risk. Although four Medium Priority recommendations have been raised, a number of controls were found to be in place and operating effectively. Recommendations have been raised to help strengthen these controls to a good/leading practice and help mitigate against risks where the controls were seen to be weak. As there have been no significant control weaknesses identified within each area of the audit, we have been able to provide an adequate level of assurance. This system has not previously been audited, so there is no comparison possible with previous findings. Hence no direction of travel indicator can be given. Summary of Findings Strategy The Council has both an ICT and Information Management Strategy. Both were found to be due for review within the last few months, however, the review was still to take place. There has been a recent review of the Council’s Business Plan which now gives management the opportunity to conduct an immediate review and take the updated Business Plan into account. A recommendation on this has been raised. Identification of Data Types There are two primary data types – People and Property. There is also good evidence to suggest that all data entry systems have been identified, the primary source of this evidence being the ICT Strategy document. There is some duplication of data entry as every application is service specific, with each service area having variations on required customer data, depending on that customer’s interaction with that service. There are possible opportunities to improve the distribution of customer communications beyond those already in place and recommendations on these have been raised to address this. Point of Contact There is good evidence that demonstrates robust point of contact processes for property data. People data cannot be managed in the same way as each department has a varying requirement for such data and thus no central point of contact is considered feasible. Communication and Notification There are some existing processes in place for the communication and notification of customer changes, although management across the sample of key services consulted for the audit agree that there are potential opportunities to improve these processes beyond those where specific business need has been identified. A recommendation on this has been raised within “Identification of Data Types” above. Monitoring Property data is centrally managed by mapping and LLPG staff who provide weekly update files for other services to incorporate property data changes into their respective applications. Of the key services consulted for the audit, only the Environmental Services department were actively using the update files. Revenues & Benefits and Electoral Services are aware of the availability of the file although they both have other issues to consider before they can implement the updates into their own business processes. A recommendation to complete that work has been raised. The following number of recommendations has been raised: Adequacy and Effectiveness Assessments Area of Scope Adequacy of Controls Effectiveness of Controls Strategy Identification of Data Types Point of Contact Communication and Notification Monitoring Amber Amber Amber Amber High 0 0 Medium 1 1 Low 0 1 Green Amber Green Amber 0 0 0 1 0 0 Amber Amber 0 0 1 4 0 1 Total Recommendations Raised High Priority Recommendations We have not raised any high priority recommendations as a result of this audit Management Responses Management have accepted all recommendations raised Appendix B (6) Report No. NN/12/17 – Final Report issued 9 January 2012 Audit Report on the NorthgateArinso Resource Link Payroll and HR Application Audit Opinion Adequate assurance given Rationale supporting award of opinion The audit work carried out by Internal Audit indicated that: While there is a basically sound system of internal control, there are weaknesses, which put some of the Council’s objectives at risk. Although two Medium Priority recommendations and two Low priority recommendations have been raised, a number of controls were found to be in place and operating effectively. Recommendations have been raised to help strengthen these controls to a good/leading practice and help mitigate against risks where the controls were seen to be weak. As there have been no significant control weaknesses identified within each area of the audit, we have been able to provide an adequate level of assurance. This system has not previously been audited, so there is no comparison possible with previous findings. Hence no direction of travel indicator can be given. Summary of Findings Access Controls The Payroll Officer acts as the system administrator for the application, such duties having been noted within the role’s job description. The audit also noted good controls with regard to setting users up, changing their permissions and removing them when they no longer require access. Although the administrator was unable to locate the required screens for full parameter verification, testing identified that the controls which could be actively tested were adequate. This gap in administrator knowledge of Application maintenance should be remedied. There are a large number of access profiles available for allocation, however, the majority of these are not used and have now been made obsolete. Data Input The audit noted that the Payroll Officer receives all documentation regarding changes to personnel data and inputs all changes herself. Testing of the documentation suggested that good controls are in place to ensure that all relevant documentation has been suitably authorised before entry into the application. There are good security controls in place in terms of the storage of the documentation, once processed, and in terms of the location of the department, being in the corner of the open plan office space, which helps to minimise the risk of sensitive data being viewed by unauthorised personnel. Data Processing The function has one major processing job, which is the payroll run. The process includes a large number of steps to complete, all of which are tracked by a checklist, which the Payroll Officer signs off as each step is completed. Supporting documentation is also filed with the checklist. Sample testing of the documentation noted evidence of review, which also includes secondary review in the form of a one in ten sample check as a minimum standard. This was particularly evident where payroll values were reported within variance and other reports. Data Output As noted above, there was clear evidence of review within the sample payroll reporting reviewed for the audit. There is an element of report distribution, although this is minimal and tends to be ad hoc in nature, with the exception of the monthly mileage and quarterly establishment reports. Interfaces The application interfaces with BACS, Finance and Reprographics, where the payroll slips are printed. The audit noted good controls to ensure that all data transfers to BACS are reconciled adequately. The Payroll costings file is sent to Finance and is acknowledged by email and the responsibility for reconciling the interfaced data rests with the Finance team. Payslips are generated using a text file sent to Reprographics, who print the payslips. Management Trails There is an audit trail function built into the application, and activity logs are generated on a daily basis. These off-line copies are stored on the network for ease of reference. Backup There are good controls in this area. The data is backed up to disc and tape on a daily basis, with tapes being stored offsite. In addition, there are a number of regular database housekeeping jobs that help to ensure the continued integrity of the database. A Business Continuity Plan was drafted in 2009, although it has not been reviewed since and is not formally supported by a current Disaster Recovery Plan. A recommendation on this has been raised. Support and Maintenance The support contract has been extended until 2013. Change control processes are adequate in that key processes were evidenced as being tested, along with other application areas as applicable to the particular release. The processes would, however, benefit from the inclusion of a formal User Acceptance communication between the user department and IT as currently the instruction to promote changes to the Live environment is through verbal request. A recommendation on this has been raised. The following number of recommendations has been raised: Adequacy and Effectiveness Assessments Area of Scope Access Controls Data Input Data Processing Data Output Interfaces Management Trails Backup Support and Maintenance Total Adequacy of Controls Effectiveness of Controls Recommendations Raised Amber Amber High 0 Medium 1 Low 1 Green Green Green Green 0 0 0 0 0 0 Green Green Green Green Green Green 0 0 0 0 0 0 0 0 0 Amber Amber Amber Amber 0 0 1 0 0 1 0 2 2 High Priority Recommendations No high priority recommendations have been raised as a result of this audit Management Responses One of the recommendations raised has been disagreed: Recommendation 1: System Administrator Development and Awareness (Medium Priority) Consideration should be given to the provision of formal system administrator training for the ResourceLink system administrator. Rationale Supporting Recommendation 1: Training will help to ensure that the system administrator has robust knowledge of the system administration functionality available within the application. The system administrator is the payroll officer, who has demonstrated some knowledge around core relevant functionality of the application, although there are certain weaknesses in that knowledge, where formal training may be of benefit. There is an increased risk that the functionality of the application is not effectively utilised where full capabilities of the application are not known. Management Response: Not agreed. As the future of the application has not been determined, we do not see the value of undertaking system admin training at this time. Currently, system admin issues can be resolved by Northgate on request. The system administrator implements the majority of the changes that are required to be made to the system. However, if there is an area they are not familiar with they are able to contact the NorthgateArinso helpdesk for advice on how to apply the change to the system. The change is always made by the system administrator unless there is a fault within the system that needs to be fixed. The Payroll Officer did attend a two days Systems Administration course which covered some of the many areas of system administration. The knowledge gained on these two days has been put into practice. Some areas covered were for people who were in the process of setting up the system for the first time. Many of the current practices were implemented when the system was originally built and the current administrator has had to use them e.g. user profiles. Additional training would not currently be of any benefit. If and when a new system is purchased the post holder would be provided with all training necessary to fulfil that role, in the intervening period the Council is willing to accept the risks associated with non implementation of the recommendation. Audit comment: The system administrator account on ResourceLink provides it’s user with the ability to not only manage the application and ensure it is smooth running, but also cause considerable damage if the functionality is misused either intentionally or by accident. It is recognised that there are regular backups of the system and during testing the administrator was cautious about delving into un-known parts of the system (Such as searching for password parameters) which helps manage the risk but nonetheless by having this level of access configured the risk is still there, even with Northgate support as a backup.
