Issue - meetings

External Auditors Report - Warwickshire County Council Risk Assessment 2022/23

Meeting: 25/05/2023 - Audit and Standards Committee (Item 4)

4 Warwickshire County Council - External Audit Risk Assessment 2022/23 pdf icon PDF 64 KB

To consider the Audit Risk Assessment for 2022/23 and to note that the Strategic Director for Resources will update this assessment if any further information becomes available prior to the draft 2022/23 Statement of Accounts being issued.

Additional documents:


Virginia Rennie introduced the report which detailed the Audit Risk Assessment for 2022/23.  She explained that this was an annual report which contributed towards the strong communication between the External Auditors and the Council.  She advised that there were no major changes and only a few minor updates detailing differences in numbers.  Members noted that this was a very detailed document and included information on external advisors used, as well as current figures on whistleblowing and fraud.


Avtar Sohal assured Members that the Council benefitted from good internal control measures and the responses in the report rarely changed. 


In response to a query from Councillor Gifford relating to the detection of fraud, Virginia Rennie advised that incidents of this kind were very low but would normally be picked up through system controls, monthly reconciliations and the monitoring of bank accounts. 


Paul Clarke supported the comments and explained that the overall control framework would identify anything that looked out of place.  He also highlighted the importance of initiatives such as Fraud Awareness Week which raised awareness of the issue amongst staff.


Councillor Hammersley felt that there was a high level of monitoring at the Council with policies being refreshed and revisited regularly. Councillors Feeney and Gifford agreed that the organisation was well run and noted that individuals from outside of the Council were also a potential fraud risk.


The Chair referred to the growing threat of cyber-attack which appeared to be becoming increasingly sophisticated.  Robert Zara highlighted the management response on page 109 of the pack which related to one instance of fraud being investigated.  Paul Clarke advised that the incident was below the External Auditor’s materiality scale.


Councillor Gifford highlighted the level of cost relating to SEND services as a risk and welcomed the provision made in the Medium-Term Financial Strategy to address this.


Rob Powell stressed how seriously the Council took the issue of fraud and reiterated that, despite the complex and multi-faceted make-up of the Council, officers were not complacent.  In relation to cyber security, he agreed that this was a growing risk and, as the responsibility for this sat at a senior level through the Senior Information Risk Owner (SIRO) role, systems and defences were revisited and updated frequently.  He assured the Committee that, despite the number of attempts made, neither senior officers nor Corporate Board were naïve about the risks, and he was confident that all involved were doing everything reasonably possible to mitigate them.


Having considered the report and having heard from the officers present, the Committee


Resolved that


1)    the Audit Risk Assessment for 2022/23, attached at Appendix A, is noted; and

2)    the Strategic Director for Resources will update this assessment if any further information becomes available between this Committee and the draft 2022/23 Statement of Accounts being issued, with any changes being reported to the next meeting of the Committee.