Audit, Risk & Improvement Service Plan 2015/16 Audit, Risk & Improvement 2015-16 Service Plan Supporting the Corporate Services’ Vision: “Delivering Professional Solutions Together” Page 1 of 28 Audit, Risk & Improvement Service Plan 2015/16 Contents Introduction ......................................................................................................................................................... 3 Directorate Vision ............................................................................................................................................... 4 Drivers for Change.............................................................................................................................................. 4 About Us .............................................................................................................................................................. 4 Who We Are .....................................................................................................................................................................................5 Organisational Chart ......................................................................................................................................................................6 Locations .........................................................................................................................................................................................6 Governance .....................................................................................................................................................................................6 Regulation and Compliance ...........................................................................................................................................................7 What We Do .....................................................................................................................................................................................8 Our Customers ................................................................................................................................................................................9 Projected Costs and Income for 15/16 ........................................................................................................................................10 Funding and resources ................................................................................................................................................................10 Aims and Objectives......................................................................................................................................... 11 Detailed Actions/Plan for Change.................................................................................................................... 12 Previous Actions/Projects Completed in 2014/15 ......................................................................................................................12 Ongoing Actions/Projects Started prior to April 2015 ...............................................................................................................13 Page 2 of 28 Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 ................................................................................................ 18 Risks to Delivery/Risk Register ....................................................................................................................... 23 Performance Indicators .................................................................................................................................... 25 Performance Indicators from Council Wide Performance Measures .......................................................................................25 Key Service Indicators .................................................................................................................................................................26 Service Performance Indicators from the Local Government Benchmarking Framework .....................................................28 Other Performance indicators ........................................................................................................... Error! Bookmark not defined. Contact Details.................................................................................................................................................. 28 Introduction Every year, each Service within the Council is required to produce a Service Plan for the following year. This Service Plan provides an overview of the Audit, Risk & Improvement Service Plan for the financial year 2015/16 The Audit, Risk & Improvement Service is in the Corporate Services Directorate within the Council. This plan contains information on the Service’s major activities, aims, objectives, actions, targets, performance indicators and risks. Service plans are approved and “signed off” at Director Level as part of the Executive Manager’s Review and Development meeting in March Each year. Page 3 of 28 Audit, Risk & Improvement Service Plan 2015/16 Directorate Vision The Audit Risk & Improvement Service is committed to supporting the Corporate Services Directorate’s Vision of “Delivering Professional Solutions Together”. Drivers for Change Embedding reorganisation / creation of ARI Risk Management Review Public Performance Reporting “bar raised” More reliance on Covalent e.g .Quarterly Performance reports, Directorate Plans, Service Plans and tracking of Committee Actions Health &Social Care Integration Change to Audit staff FTE from previous years. LGBF family pilot project finished in 2014 and set up the permanent family group approach. CMT requirement for self-assessment. The increased expectation that Councils conduct their own Best Value checks. Council “era” (approaching election) The increased need to consult with our customers and public. Reduction in number of investigations undertaken by Internal Audit due to ARI Reduction in experienced staff within Internal Audit About Us The Service was created as part of a re-organisation in 2014. Prior to 2014 Internal Audit & Performance & Improvement were managed by separate Executive Managers and Risk Management was part of the Safety & Risk section within Governance & Law. The reorganisation merged these areas under one Executive Manager. Page 4 of 28 Audit, Risk & Improvement Service Plan 2015/16 The Service has 3 teams: Internal Audit, Risk Management and Performance & Improvement. These teams provide Corporate Support throughout the Council. Internal Audit Internal Audit is an independent, objective assurance and consulting activity designed to add value and improve on the Council’s operations. It helps the Council accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. We prepare, maintain, implement and deliver a six year risk based Strategic Audit Plan. In addition, Internal Audit conduct audit investigations as directed by the Chief Executive or as requested by the Executive Manager – Human Resources. Risk Management Risk Management is a core corporate function that supports, promotes and protects efficient and effective service delivery by implementing and monitoring the systems and procedures that expedite, facilitate and ensure the systematic identification, control and management of professional, environmental, social, technological, legal, economic, political and community risk. Performance & Improvement Performance & Improvement provides support to Services throughout the Council in relation to performance reporting, performance management and improvement activities. It develops and supports frameworks for the consistent production of Corporate, Directorate and Service plans. It also supports the Audit Committee with its responsibilities in relation to performance monitoring and Best Value. Who We Are The Audit, Risk & Improvement Service is lead by the Executive Manager (Crawford McIntyre), it sits within the Corporate Service Department which is lead by the Director of Corporate Services (Christine Ferguson). Page 5 of 28 Audit, Risk & Improvement Service Plan 2015/16 Organisational Chart Chief Executive Mark Boden Director of Corporate Services Christine Ferguson Finance Human Resources Audit, Risk & Improvement Crawford McIntyre 8.15 FTE Internal Audit 3.4 FTE Risk Management 1.75 FTE Capital Programme Performance & Improvement 2FTE Locations The Service is located at the Council’s Headquarters at 8 North Ness, Lerwick. Governance The Audit, Risk and Improvement Service reports to the Audit* Committee. Extract from “Scheme of Administration and Delegations – Audit & Standards Committee”: Page 6 of 28 Governance & Law Information and Communciaction Technology Audit, Risk & Improvement Service Plan 2015/16 “To agree the internal audit strategic plan....To consider the performance of Internal and External Audit” “To monitor the effective development and operation of risk management” “To promote good performance management practice within the Council” * The “Audit & Standards Committee” was renamed the “Audit Committee” in 2014. The Council’s “Scheme of Administration and Delegations” still refers to the “Audit & Standards Committee”) Regulation and Compliance Internal Audit The Relevant Internal Audit Standard Setters (RIASS) adopted a common set of Public Sector Internal Audit Standards (PSIAS) in April 2013. The PSIAS encompass the mandatory elements of the Institute of Internal Auditors (IIA) International Professional Practices Framework. Internal Audit conform to the Code of Ethics as set out by the IIA and the basic principles set out in PSIAS. http://www.cipfa.org//media/Files/Publications/Standards/Public%20Sector%20Internal%20Audit%20Standards.pdf The Local Authority Accounts (Scotland) Regulations 2014state that a local authority must operate a professional and objective internal auditing service in accordance with recognised standards and practices in relation to internal auditing. http://www.legislation.gov.uk/ssi/2014/200/contents/made Risk Management The duty of Best Value (BV) applies to all public bodies in Scotland and is a statutory duty in local government. Audit Scotland has identified Risk Management as one of the key areas that contribute to ensuring that best value is achieved throughout the organisation. http://www.scotland.gov.uk/Topics/Government/local-government/delperf/localgoverment/796 Performance & Improvement Audit Scotland – Annual “Direction” on Statutory Performance Information: http://www.audit-scotland.gov.uk/performance/direction.php – Best Value toolkit “Performance Management”: http://www.audit-scotland.gov.uk/work/toolkits/index.php – Best Value & Scrutiny Improvement: http://www.audit-scotland.gov.uk/work/bestvalue_home.php Page 7 of 28 Audit, Risk & Improvement Service Plan 2015/16 Improvement Service – Local Government Benchmarking Framework : http://www.improvementservice.org.uk/benchmarking/ Scottish Government – National Performance Framework: http://www.scotland.gov.uk/Resource/Doc/933/0124202.pdf What We Do The Audit team is responsible for ensuring financial and other probity of all Council activities by: Maintaining the Council’s audit ‘universe’ and the Council’s 6 year Strategic Internal Audit Plan Scoping out audits and audit test programmes Managing the audit process Undertaking operational and financial audit work within Council Services Undertaking audits of Council contracts to ensure Standing Orders and Financial Regulations have been observed. Writing audit reports Undertaking special investigations Identifying value for money issues with a view to improving the economy, efficiency and effectiveness of Council activities, systems, contracts, processes and procedures Interrogation of information on Integra, and other systems using a specialist audit tool (IDEA) and preparing and analysing reports thereof Interviewing, substantiating information, feeding back on and explaining audit outcomes to Council Managers. Advising on future courses of action that should be implemented to ensure compliance Ensuring the application and adherence to regulations and standards specifically on IT audit issues. Development of an Internal Audit IT Audit Strategy Review the Council’s information systems and the Shetland public sector network (SpsNet) covering physical access, logical access, environmental controls and mobile / home working. Attendance on various ICT Board initiatives contributing on areas such as ICT Information Security and Network Security and involvement in the long term planning of the Council’s IT Resources to meet service requirements. Designing and developing computer audit programmes, undertaking testing, working with management to improve service delivery and the IT control environment Page 8 of 28 Audit, Risk & Improvement Service Plan 2015/16 The role of Risk Management is to: monitor, manage, review, update and advise upon, the Risk Management Strategy, Policy and supporting documentation; provide information, guidance, advice and instruction across all areas of the organisation in relation to the identification, analysis, evaluation, control, recording, reporting and management of risks, including in relation to projects and PRINCE2 documentation; co-ordinate CMT role as the Risk Management Board; plan, co-ordinate and ensure the delivery of the prioritised Risk Check programme; identify and review options for risk control measures and monitoring the ongoing effectiveness of these controls; Report periodically to various boards and committees as appropriate. The Performance & Improvement team is responsible for: Developing and supporting a framework for the creation and maintenance of the Council’s Corporate Plan Advising Directors, Managers and key strategic groups on developing, integrating and monitoring of service and other strategic plans Planning service review programmes and assisting services where required to review priorities, delivery, change and improvement Identifying potential partner service providers, promoting development and understanding of common goals Develop, implement and monitor community, corporate and service performance reporting of performance information Reporting Performance Information and Best Value information to Audit and other Committees Developing the Council’s Performance Management Systems, including “Covalent” Establishing systems and supporting staff to comply with the Council’s “Complaints Handling Procedure” Our Customers Internal Audit provides an assurance service to all areas of the Council, the Chief Executive, Executive Manager – Finance (as Section 95 Officer statutorily responsible for ensuring proper financial administration) and to elected Members through the Audit Committee. Risk Management drives, supports, guides and monitors the identification, analysis, control and monitoring of risk at strategic, corporate, directorate, departmental and operational levels, and manages the systems and strategy that support those activities. Risk Management provides risk training and risk register system user training to staff, and operates a risk-based rolling programme of risk checks across all business units within the organisation. Page 9 of 28 Audit, Risk & Improvement Service Plan 2015/16 Performance & Improvement provides support for Directors, Executive Managers and Team Leaders to help ensure that the Council delivers Best Value and Continuous Improvement in all its activities. The Team reports performance information and evidence to Members, the public and national bodies to demonstrate that the Council is securing Best Value and that Continuous Improvement is being achieved. Specific request for information from Individuals, and the media, is also supplied by the Team. During 2015/16 we will seek feedback on our performance from our customers. Projected Costs and Income for 15/16 The Service has 8.15 full time equivalent staff and annual revenue expenditure of £436,739 . As detailed below: Service Number of Staff (FTE) Gross Expenditure Income Net Budget Capital Budget Management 1 82,410 100 82,310 Nil Internal Audit 3.4 158,073 7,500 150,573 Nil Risk Management 1.75 83,362 Nil 83,362 Nil Performance & Improvement 2 120,494 Nil 120,494 Nil Audit, Risk & Improvement Total 8.15 444,339 7,600 436,739 Nil Funding and resources Overall revenue budgets for the provision of Audit, Risk & Improvement services are reduced from previous levels as a result of restructure within Corporate Services. Page 10 of 28 Audit, Risk & Improvement Service Plan 2015/16 The Service budgetary costs are primarily staffing costs however budgets are regularly monitored to ensure all expenditure provides best value for the Council. Aims and Objectives This section is about how Corporate and Directorate Aims are supported by Service Plan Objectives. Our “Aims” are what we want to achieve, our “Objectives” are what we will do to achieve those aims. Directorate/Corporate Plan Aims Action Corporate Plan (2014 update): “This year we will ensure Strategic and Departmental Risk Registers are up to date, and kept up to date” Corporate Plan – “A properly led and well managed Council” Write a new, comprehensive Performance Management Strategy Deliver the 2015/16 Internal Audit Plan Directorate Plan - Make tangible improvements to the Council’s internet and intranet sites Develop website to comply with Public Performance Reporting requirements Directorate Plan - Continue to develop and improve the Council’s Corporate Governance arrangements Develop Covalent to monitor and report on actions required of officers as a result of council meetings Service Aims/Priorities Objectives/Actions (Details below) A professional, independent and objective Internal Audit Service Maintain the Council’s audit universe and six year strategic Internal Audit Plan, conduct investigations as required, undertake reviews and continuing staff development. Page 11 of 28 Audit, Risk & Improvement Service Plan 2015/16 Service Aims/Priorities Efficient and effective Risk Management culture embedded throughout the Council Objectives/Actions (Details below) Implementation of external review recommendations of the Council’s Risk Management arrangements Relaunch refreshed Risk Check programme Develop Covalent Browser for Executive Managers Write a Performance Management Strategy and continue to develop PPR arrangements Consistent and professional approach to Performance Management and Reporting throughout the Council Fully utilise Covalent Complaints Module Detailed Actions/Plan for Change Previous Actions/Projects Completed in 2014/15 Description Delivered Early/ on-time/late Achieved original intention? Amalgamation of Audit, Risk and improvement under one Executive Manager On time Yes Deliver Internal Audit Plan On time Yes (90 % target delivered) Restructure of Internal Audit On time Yes with overall FTE reduction and cost savings Page 12 of 28 Audit, Risk & Improvement Service Plan 2015/16 Corporate Risk Register developed and formally approved. On time for 14/15 request Yes Risk Management Review undertaken On time Yes baseline now established. Introduction of single system to record complaints On time System is able to be used but some of the more advanced features were not developed prior to launch 3 months late Yes, clear direction on establishing a business case for each vehicle and the way it’s used. All services using new policy. New “Use of Council Vehicles Policy” Ongoing Actions/Projects Started prior to April 2015 Title/Heading Team Start End Output Expected Outcome/ Supported Aim (above) 14/15 Internal Audit Plan IA April 14 Mar 15 Completion of annual plan Maintain Audit Universe and 6 year Audit Strategy Prepare for external review in 15/16 to confirm adherence to PSIAS IA April 14 Aug 15 Self assessment prior to formal review A professional, independent and objective Internal Audit Service Page 13 of 28 Audit, Risk & Improvement Service Plan 2015/16 Ongoing Actions/Projects Started prior to April 2015 Title/Heading Re-establish regular meetings of the Risk Management Board or equivalent An external review of the Council’s Risk Management arrangements Report results of 2014 Risk Management review. Page 14 of 28 Team Risk EM EM Start Dec 14 Aug 14 Dec 14 End Output Mar 15 A Risk Management Board (or equivalent) will be reestablished, remit will be agreed and future meeting schedule determined. Dec 14 Feb 15 External assessor will report recommendations to Service. Establishing an agreed action plan for Risk Management. Expected Outcome/ Supported Aim (above) Higher profile and structured approach to Risk Management within the Council Efficient and effective Risk Management culture embedded throughout the Council Long-term plan for Risk Management arrangements. Efficient and effective Risk Management culture embedded throughout the Council Long-term plan for Risk Management arrangements. More efficient and effective management of risk across the organisation. Audit, Risk & Improvement Service Plan 2015/16 Ongoing Actions/Projects Started prior to April 2015 Title/Heading Implement risk report action points Recruit to vacant Risk Management post Refresh and relaunch the risk check programme. Develop “best practice” Public Performance Reporting arrangements Page 15 of 28 Team Risk EM Risk P&I Start Dec 14 Nov 14 Mar 15 Jul 14 End Output March 15 Strand 1 of action plan delivered - strategy, policy, Risk Board Terms of Reference, appetite statement, and updated terms of reference for governance groups Jan 15 New, full-time, member of staff appointed. Training in place to ensure progression through career grade if required. March 16 A risk-based, weighted programme of risk checks Mar 15 Website, report, leaflets and posters reporting the Council’s 13/14 performance Expected Outcome/ Supported Aim (above) Suite of approved governing documents to support the management of risk, Clarity re specific RM responsibilities of each group within RM governance structure Comprehensive understanding of risk management across the organisation Greater capacity to deliver Risk Management services Efficient and effective Risk Management culture embedded throughout the Council More coordinated, effective and efficient identification, analysis, control and monitoring of risk Improved reputation and national recognition of Council’s PPR Accurate assessment of Council’s PPR activity Audit, Risk & Improvement Service Plan 2015/16 Ongoing Actions/Projects Started prior to April 2015 Title/Heading All Performance Indicators and Actions from 15/16 Directorate and Service Plans on Covalent Develop website to comply with Public Performance Reporting requirements Page 16 of 28 Team P&I P&I Start Nov 14 Sep 14 End May 15 Feb 15 Output Full set of PIs and Actions on Covalent, ready for Services to adopt and keep up to date. Full set of reports set up for Quarterly and Annual performance reports. Fully completed website covering all aspects of the Statutory Direction 2012 Expected Outcome/ Supported Aim (above) Covalent used as “the norm” when reporting Performance and/or progress Efficient production of Performance reports and automatic updating of Service’s websites. Consistent and professional approach to Performance Management and Reporting throughout the Council Substantially better assessment of the Council’s Public Performance Reporting arrangements and content by Audit Scotland. Consistent and professional approach to Performance Management and Reporting throughout the Council Audit, Risk & Improvement Service Plan 2015/16 Ongoing Actions/Projects Started prior to April 2015 Title/Heading Team Start End Output Expected Outcome/ Supported Aim (above) Full compliance with the Council’s Complaints Handling Procedure Fully develop Covalent as a council-wide complaints and feedback system Develop Covalent Browser interface for all Executive Managers Page 17 of 28 P&I P&I Jun 14 Nov 14 Aug 15 May 15 Covalent modules fully developed to record feedback and generate correspondence and reports. Covalent browser page set up for each Executive Manager. Training EMs and/or Covalent Service/Department “rep” in the use of Browser Significant increase in the number of complaints recorded properly, leading to better management information and future improvements in customer service. Covalent used as “the norm” when considering Performance Management. Services developing their own PIs and Actions without any P&I involvement Consistent and professional approach to Performance Management and Reporting throughout the Council Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 Description m Tea Start End Output Expected Outcome/ Supported Aim (above) Deliver the 2015/16 Internal Audit Plan IA Apr 15 Mar 16 Completion of annual plan Contribute to the six year audit strategy Train 15/16 Auditees on the Covalent Internal Audit module IA Apr 15 Mar 16 Auditee responses recorded on covalent enabling final reports to be produced Formal acceptance and actions resulting from audit recommendations Mar 16 Contribute to the effectiveness of the audit and risk management process . Ongoing working relationship between Internal Audit and Risk Management. Confirmation that SIC Internal Audit is PSIAS compliant A professional, independent and objective Internal Audit Service Enhanced financial knowledge contributing further competencies to the Audit Team Provide a professional Internal Audit Service Fully qualified Certified Information Systems Auditor Provide a professional Information Systems Audit service Develop a plan to facilitate work reliance between Internal Audit & Risk Management Complete external verification of IA function and report findings to Audit Committee. Achieve required 1st year progression CIPFA qualification for 1 employee (4 exams) Achieve CISA Certification and completion of Career Grade Page 18 of 28 Risk & IA IA Apr 15 Aug 15 IA Sep 14 IA Ongoin g Nov15 Jan 16 June 15 Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 Description m Implement risk report action plan Tea Risk Start April 15 End Output 2017 From Action Plan Committee agreement (4, 9) plus Strand B, Strand C started, Strand D, 20, 21 of Strand E. Expected Outcome/ Supported Aim (above) Suite of guidance, methodologies, tools, techniques and resources to support the Risk management Strategy; Specified and agreed appetite thresholds for individual and cumulative risk for each category of risk; JCAD RiskWEB will be reviewed and revised to suit; Appropriate management Information on risk is provided to each directorate. Page 19 of 28 Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 Description m Refresh and relaunch the risk check programme Tea Risk Start End Output Mar 16 Clear weighted programme of risk check visits; Agreement with colleagues regarding sharing of different elements of risk check programme; April 15 List of topics and activities that are reviewed during each risk check. April 17 Quality Check risk registers Quarterly attendance at Directorate Management Teams Page 20 of 28 Risk Risk Feb 16 April 15 March 16 Expected Outcome/ Supported Aim (above) More effective delivery of service; Clearer recognition of resources required to deliver risk check programme; More accurate identification and management of risks across the organisation; More effective monitoring of recommendations and actions following risk check reporting. Planned and delivered levelling exercises (22) on risks within each directorate. Risks are recorded consistently, accurately and are complete with appropriate owners identified; RMO attends each management teams four times per year. Management Teams and RM are more engaged, risk is managed more effectively. Duplicate risks are identified and escalated or removed as appropriate. Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 Description m Deliver Risk/JCAD training to 100 employees. Write a new, comprehensive Performance Management Strategy. Research and thereafter consult on the introduction of a Service review programme reviewing Service’s priorities, delivery, change opportunities and Performance. Support of the Improvement Service’s “family group” approach to sharing best practice and service improvement. Page 21 of 28 Tea Risk P&I P&I P&I Start April 15 May 2015 May 15 Apr 15 End Mar 16 Output Expected Outcome/ Supported Aim (above) 100 employees trained on JCAD Risk system (23) 100 more staff can use JCAD Risk register system effectively Agreed and approved longterm strategy on performance measurement, appraisal, benchmarking, reporting and target setting Consistent and professional approach to Performance Management and Reporting throughout the Council Dec 15 Targeted plan of Service Reviews, agreed methodology and remit CMT approval, endorsement and support of P&I as key facilitators in future Service reviews. Greater sharing of Best Practice information within the Family Group (8 Local Authorities) Mar 16 In-depth knowledge of Best Practices used elsewhere that have a track record of improving performance in: Street Cleaning, Equalities, and HR. Aug 2015 Greater involvement will mean greater influence in choosing the next Services to benefit from the national initiative Audit, Risk & Improvement Service Plan 2015/16 New Planned Actions Due to Start in 2015/16 Description m Develop Covalent to monitor and report on actions required of officers as a result of council meetings. Tea P& I Start End Output Expected Outcome/ Supported Aim (above) Aug 15 Fully implemented system to track actions required out of Committee meetings Properly led and well managed Council May 15 Investigate SIC participation in “How Good is our Council” and / or Public Sector Improvement Framework. P& I Sept 15 Develop and Implement a Customer Focus Strategy. P&I May 15 Develop ways of obtaining feedback from our customers ARI April 15 Jan 16 Report to CMT / Council Decision whether a framework is to be adopted. March 16 Customer Focus Strategy for SIC Approved and Implemented Customer Focus Strategy for SIC Oct 15 Feedback received from our customers. Improvement of Service to meet customer requirements. The Directorate level actions or most strategically significant operational actions to be delivered are set out in the Directorate Plan and will be monitored each quarter by the Directorate Management Team and Committee Members as part of the quarterly reviews. The key actions for this service are set out in this operational Service plans. Page 22 of 28 Audit, Risk & Improvement Service Plan 2015/16 Risks to Delivery/Risk Register Residual Target Risk & Details Frequency Category Operational Corporate Plan 08. A properly led and well-managed council XFI0015 - Key staff - loss of - Staff leave retirement, resignation, other Possible Severity 3 Significant Risk Profile 3 Medium Residual and Planned Control Measures 9 • Consideration to be givent o succession planning, cross-skilling, ERD, training review XFI0005 - Staff number/skills shortage - Recruiting extra staff is not an option when faced with an increase in workload, due to the MTFP cut-backs. Training for existing staff is similarly restricted by very limited financial resources. Staff leave retirement, resignation, other Likely 4 Minor 2 Medium 8 • Staff training and development, recruitment, ERD XFI0006 - Assault - ARI staff visit may not be welcomed, agressive or angry colleague may subject ARI staff to agression/ threats/ violence, particularly when involved in contentious work such as investigations Rare 1 Minor 2 Low 2 • CM to share updated Risk Assessment with team Page 23 of 28 Severity Frequency Risk Profile Assigned To Minor 2 Possible 3 Medium 6 Crawford McIntyre Minor 2 Possible 3 Medium 6 Crawford McIntyre Insignificant 1 Rare 1 Low 1 Crawford McIntyre Audit, Risk & Improvement Service Plan 2015/16 XFI0008 - Deadlines - failure to meet - ARI have various deadlines placed upon the services and also self-established deadlines Unlikely 2 Minor 2 Low XFI0016 - Stress - ARI has three distinct disciplines with eight staff who all work across the corporate body. Organisation and strategic environment is changing, ARI staff need to meet new challenges that come from those changes and from demands from outside bodies. Unlikely 2 Significant 3 Medium 4 • Regular review of deadlines, team meetings, communications Minor 2 Rare 1 Low 2 Crawford McIntyre 6 • Training and recruitment planned Significant 3 Rare 1 Low 3 Crawford McIntyre Minor 2 Rare 1 Low 2 Crawford McIntyre • Risk register currently being reviewed in conjunction with team. Once updated, will be shared fully & regularly with team. XFI0027 - After Hours/ Lone working - Staff may work alone or remotely, either away from the office or in the council headquarters. Unlikely 2 Significant 3 Medium 6 XIA0001 - Professional - Other - Risk: Failure to deliver Audit Plan as per Corporate/ Service plans and as required by Audit Scotland Unlikely 2 Significant 3 Medium 6 • Reviewed and monitored regularly • RM Review and workshop to CMT in Dec, action plan being prepared, XLSRM0004 - Professional - Other - RM within the Council is currently being reviewed and refreshed. Possible 3 Minor 2 Medium 6 XOP0001 - Staff number/skills shortage - P&I has small number of posts, the organisation is facing an unprecedented level of cut-backs, reviews and redesign. P&I staff have a key role to play in all of those activities and plans. If more work was to be required, it would compound already over stretched resources Unlikely 2 Significant 3 Medium 6 XOP0002 - Professional - Other - P & I are required to ensure that the appropriate policies are in place, suitable and sufficient, and implemented to ensure that the Council can demonstrate Best Value in all it's activities Possible 3 Major 4 High 12 Page 24 of 28 • Monitor Service Plan and Improvement Plan progress Monthly Crawford McIntyre Minor 2 Rare 1 Low 2 Crawford McIntyre Minor 2 Unlikely 2 Low 4 Jim Macleod Major 4 Unlikely 2 Medium 8 Jim Macleod Audit, Risk & Improvement Service Plan 2015/16 XOP0003 - Stress - P & I has a significant workload, community-wide expectations and many conflicting, unmoveable deadlines, which are often set by external agencies to which the SIC or P & I report Possible 3 Significant 3 Medium 9 Jim Macleod Performance Indicators Performance Indicators from Council Wide Performance Measures Council Corporate Directorate Audit, Risk & Improvement Service Indicators / Measure Sickness Absence Rates Employee Review and Development Meetings held in Policy Period (MarMay) Employee Review and Development Meetings held in the previous 12 months (as at Jan 2015) Page 25 of 28 2014/15 (Projected) 2015/16 Target 2014/15 (Projected) 2015/16 Target 2014/15 (Projected) 2015/16 Target 3.9% TBC 2.2% TBC 0.2% 2.5% 26% 100% 51% 100% 44% 100% 57% 100% 81% 100% 86% 100% Performance Statement Improvement Statement Sickness rates within ARI are below the Council average. These could be skewed at any time due to the small number of staff in ARI. Return to work interviews will be undertaken in all cases within policy requirements. Audit, Risk & Improvement Service Plan 2015/16 Return to Work Interviews n/a 100% 65.4% 100% 100% 100% All RTWs have been undertaken All RTWs will continue to be undertaken Key Service Indicators Performance Measure Performance 2012/13 Performance 2013/14 Percentage of Public Performance Reporting assessment categories assessed as “full compliance” Not assessed Page 26 of 28 0% Performance 2014/15 Awaiting assessment Target 2015/16 Performance Statement Improvement Statement 100% Our 0% rating for 13/14 was partly due to a poor submission to Audit Scotland. ARI will work with officers to improve their rating. This will require mutual cooperation if the target is to be achieved Substantial work has been done throughout 2014/15 to ensure that our rating for 2014/15 is much better, although it is unlikely we will obtain more than 50%. Audit, Risk & Improvement Service Plan 2015/16 Performance Measure “ALARM” (The Public Risk Management Association) national performance model for risk management rating Page 27 of 28 Performance 2012/13 Level 2 Performance 2013/14 Level 2 Performance 2014/15 Level 1 Target 2015/16 Performance Statement Improvement Statement Level 2 The recent review of risk management throughout the Council identified that the current documentation and governance framework was inadequate. An action plan has been approved at CMT based on consultants’ recommendations. (see above actions) Audit, Risk & Improvement Service Plan 2015/16 Service Performance Indicators from the Local Government Benchmarking Framework Scotland 2013/14 Shetland Indicator Min Avg Max Year CORP1 Support services as a % of Total Gross expenditure 2.23 5.15 8.40 Value Rank 11/12 7.84 32 12/13 2.08 1 13/14 4.53 13 Target Performance Statement Improvement Statement The new ARI section comprises a small percentage of these costs, and costs have remained similar in previous years. The reorganisation of the Service in 2014 produced a substantial saving in staff costs, this will help to drive down costs in the Directorate. Contact Details Internal Audit Council HQ 8 North Ness Lerwick ZE1 0LZ audit@shetland.gov.uk Anona Michael 01595 74 4545 Emma Cripps 01595 74 4543 Ryan McNeillie 01595 74 4637 Alison Anderson 01595 74 4512 Risk Management Council HQ 8 North Ness Lerwick ZE1 0LZ risk@shetland.gov.uk Joanne Jamieson 01595 74 4558 Catherine Christie 01595 74 4821 Crawford McIntyre – Executive Manager 01595 74 4546 Page 28 of 28 Performance & Improvement Council HQ 8 North Ness Lerwick ZE1 0LZ performance@shetland.gov.uk Jim MacLeod 01595 74 4672 Melissa Mullay 01595 74 4598