Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
SHIRE OF AUGUSTA MARGARET RIVER AUDIT AND RISK MANAGEMENT COMMITTEE 24 JUNE 2020
6.0 Attachments to Reports ITEM NO SUBJECT PAGE 6.1 INTERIM AND END OF FINANCIAL YEAR AUDIT 1
6.2 REPORT ON INTERNAL AUDIT REVIEW 6
SHIRE OF AUGUSTA MARGARET RIVER AUDIT AND RISK MANAGEMENT COMMITTEE 24 JUNE 2020
6.0 REPORTS 6.1 INTERIM AND END OF FINANCIAL YEAR AUDIT
Attachment 1 – Letter from Officer of the Auditor General – Interim Audit Results for the Year Ending June 2020
1
OAG Office of the Auditor General S e r v i n g t h e P u b l i c Interest
Our Ref: 8655
President Shire of Augusta Margaret River PO Box 61 MARGARET RIVER WA 6285
Dear President
ANNUAL FINANCIAL REPORT INTERIM AUDIT RESULTS FOR THE YEAR ENDING 30 JUNE 2020
7th Floor, Albert Facey House 469 Wellington Street, Perth
Mail to: Perth BC PO Box 8489
PERTH W A 6849
Tel: 08 6557 7500 Fax: 08 6557 7600
Email: [email protected]
We have completed the interim audit for the year ending 30 June 2020. We performed this phase of the audit in accordance with our audit plan. The focus of our interim audit was to evaluate the overall control environment, but not for the purpose of expressing an opinion on the effectiveness of internal control, and to obtain an understanding of the key business processes, risks and internal controls relevant to our audit of the annual financial report.
Management Control Issues I would like to draw your attention to the attached listing of deficiencies in internal control and other matters that were identified during the course of the interim audit. These matters have been discussed with management and their comments have been included on the attachment. The matters reported are limited to those deficiencies that were identified during the interim audit that we have concluded are of sufficient importance to merit being reported to management. Some of the matters may be included in our auditor's report in accordance with section 7.9(2) of the Local Government Act 1995 or regulation 10(3)(a) and (b) of the Local Government (Audit) Regulations 1996. If so, we will inform you before we finalise the report.
This letter has been provided for the purposes of your local government and may not be suitable for other purposes.
We have forwarded a copy of this letter to the CEO. A copy will also be forwarded to the Minister for Local Government when we forward our auditor's report on the annual financial report to the Minister on completion of the audit.
Feel free to contact me on 6557 7609 if you would like to discuss these matters further.
Yours faithfully
,,Yeh
JORDAN LANGFORD-SMITH ACTING ASSISTANT AUDITOR GENERAL INFORMATION SYSTEMS AND PERFORMANCE AUDIT 30 APRIL 2020
Attach 111111111111111111111111111111111111111111111 Doc No: 1375110 File: FIN/7 Date: 04 MAY 2020
I375110I375110
2
Attachment
SHIRE OF AUGUSTA MARGARET RIVER PERIOD OF AUDIT: YEAR ENDED 30 JUNE 2020 FINDINGS IDENTIFIED DURING THE INTERIM AUDIT
INDEX OF FINDINGS RATING
Significant Moderate Minor 1. Revenue has not been recognised in accordance
with AASB 15 or AASB 1058. v
2. Purchase orders are raised after service performed or good received.
v
KEY TO RATINGS The ratings in this management letter are based on the audit team's assessment of risks and concerns with respect to the probability and/or consequence of adverse outcomes if action is not taken. We give consideration to these potential adverse outcomes in the context of both quantitative impact (for example financial loss) and qualitative impact (for example inefficiency, non-compliance, poor service to the public or loss of public confidence).
Significant - Those findings where there is potentially a significant risk to the entity should the finding not be addressed by the entity promptly.
Moderate - Those findings which are of sufficient concern to warrant action being taken by the entity as soon as practicable.
Minor - Those findings that are not of primary concern but still warrant action being taken.
Page 1 of 3 3
Attachment
SHIRE OF AUGUSTA MARGARET RIVER
PERIOD OF AUDIT: YEAR ENDED 30 JUNE 2020
FINDINGS IDENTIFIED DURING THE INTERIM AUDIT
FINDINGS
1. Revenue has not been recognised in accordance with AASB 15 or AASB 1058
Finding Our sample testing of revenue transactions (rates, grants and fees and charges) noted some revenue has not been recognised in accordance with the new accounting standards for revenue, AASB 15: 'Revenue from Contracts with Customers' and AASB 1058: 'Income of Not- for-Profit Entities'.
Rating: Significant Implication As these standards result in delayed income recognition, the Shire's revenue may be overstated for the 2019-20 financial year. In addition, monthly financial information may not be accurate and financial decision making may be ill-informed.
Recommendation The Shire should complete a detailed revenue recognition assessment of all revenue streams against the requirements of the new standards. This should conclude if a particular revenue stream or transaction arises from an enforceable contract with a customer and has sufficiently specific performance obligations. This assessment will trigger the revenue recognition requirements under AASB 15, or if it falls outside this scope, under AASB 1058, so that revenue is not misstated for the 2019-20 financial year.
Management comment The finding is accepted and it is advised the process of revenue recognition assessment and will be completed during 2019-20.
Responsible person: Completion date:
Manager Corporate Services 30 June 2020
Page 2 of 3 4
Attachment
SHIRE OF AUGUSTA MARGARET RIVER
PERIOD OF AUDIT: YEAR ENDED 30 JUNE 2020
FINDINGS IDENTIFIED DURING THE INTERIM AUDIT
2. Expenditure was not always supported by a purchase order
Finding Our sample testing of payment transactions noted 1 instance out of a total of 12 transactions tested (8%) where purchase orders were raised after the invoice was received.
Rating: Moderate Implication Purchases made without authorised purchase orders increases the risk of unauthorised expenditure occurring and going undetected.
Recommendation The Shire should ensure that authorised officers raise purchase orders prior to authorising works/services or ordering goods. This will help to ensure works/services or goods are valid, authorized appropriately and that expenditure is consistent with approved budgets.
Management comment The finding is accepted. Although the sample size is small, it does seem to be reflective of the current situation despite continued user education and reinforcement efforts. The process of user education will continue and audits will recommence once resources allow.
Responsible person: Manager Corporate Services Completion date: Ongoing
Page 3 of 3 5
SHIRE OF AUGUSTA MARGARET RIVER AUDIT AND RISK MANAGEMENT COMMITTEE 24 JUNE 2020
6.0 REPORTS 6.2 REPORT ON INTERNAL AUDIT REVIEW
Attachment 1 – Internal Audit Review 2020 prepared by AMD Chartered Accountants Attachment 2 – Extract from Strategic Audit Plan
6
Internal Audit Review
2020
7
23 March2020
Mrs S. Addison-Brown
Chief Executive Officer
Shire of Augusta – Margaret River
PO Box 65
MARGARET RIVER WA 6285
Dear Stephanie
2020 INTERNAL AUDIT REVIEW
We are pleased to present the findings and recommendations resulting from our Shire of Augusta - Margaret
River (“the Shire”) Internal Audit Review.
The primary objective of our Internal Audit Review was to assess the adequacy and effectiveness of systems
and controls in place within the Shire; in accordance with Section 5 of the Shire’s Strategic Internal Audit Plan
and related terms of reference.
This report relates only to procedures and items specified within the 2018 to 2022 five year Strategic Internal
Audit Plan and does not extend to any financial report of the Shire.
We note that on an overall basis, we consider there to be relatively few findings to report based on Council’s
size and the nature of activities undertaken by Council.
We would like to thank Andrew, Lynne and the staff at the Shire for their co-operation and assistance whilst
conducting our review.
Should there be matters outlined in our report requiring clarification or any other matters relating to our
review, please do not hesitate to contact me.
Yours sincerely
AMD Chartered Accountants
TIM PARTRIDGE FCA
Director
8
2020 Internal Audit Review Report Page 3 of 23
Table of Contents 1. Executive Summary ........................................................................................................................................ 5
1.1. Approach and Objectives............................................................................................................................ 5
1.2. Summary of Findings .................................................................................................................................. 5
2. Collection of money ........................................................................................................................................ 8
2.1. Scope and approach ................................................................................................................................... 8
2.2. Detailed findings and recommendations ................................................................................................... 8
2.2.1. Library Receipting and Banking Process ................................................................................................. 8
2.2.2. Aged Sundry Debtor Follow Up .............................................................................................................. 9
3. Custody and security of money ....................................................................................................................10
3.1. Scope and approach .................................................................................................................................10
3.2. Detailed findings and recommendations .................................................................................................10
4. Maintenance and security of the financial records ......................................................................................11
4.1. Scope and approach .................................................................................................................................11
4.2. Detailed findings and recommendations .................................................................................................11
4.2.1. ICT Disaster Recovery Plan Testing .......................................................................................................11
5. Accounting for municipal or trust transactions ............................................................................................13
5.1. Scope and approach .................................................................................................................................13
5.2. Detailed findings and recommendations .................................................................................................13
5.2.1. Trust Balances .......................................................................................................................................13
5.2.2. Waste Facility Rehabilitation Provision ................................................................................................14
6. Authorisation for incurring liabilities and making payments .......................................................................15
6.1. Scope and approach .................................................................................................................................15
6.2. Detailed findings and recommendations ......................................................................................................15
6.2.1. Purchase Orders ...................................................................................................................................15
7. Maintenance of payroll, stock control and costing records .........................................................................16
7.1. Scope and approach .................................................................................................................................16
7.2. Detailed findings and recommendations ......................................................................................................16
7.2.1. Excessive Leave .....................................................................................................................................16
8. Preparation of budgets, budget reviews, accounts and reports required by the Act or the Regulations ...18
8.1. Scope and approach .................................................................................................................................18
8.2. Detailed findings and recommendations .................................................................................................18
9. Property, including vested land management, property and lease management ......................................19
9.1. Scope and approach .................................................................................................................................19
9.2. Detailed findings and recommendations ......................................................................................................20
9.2.1. Lease Register and Leases Requires Update ........................................................................................20
9.2.2. Playground Inspections ........................................................................................................................20
9.2.3 Register of Heritage Buildings ..............................................................................................................21
10. Guidance on Risk Assessment ........................................................................................................................22
9
2020 Internal Audit Review Report Page 4 of 23
Inherent limitations
Due to the inherent limitations of any internal control structure, it is possible that fraud, error or non-compliance with laws and regulations may occur
and not be detected. Further, the internal control structure, within which the control procedures that have been subject to review, has not been
reviewed in its entirety and, therefore, no opinion or view is expressed as to its effectiveness of the greater internal control structure. This review is not
designed to detect all weaknesses in control procedures as it is not performed continuously throughout the period and the tests performed on the
control procedures are on a sample basis. Any projection of the evaluation of control procedures to future periods is subject to the risk that the
procedures may become inadequate because of changes in conditions, or that the degree of compliance with them may deteriorate.
We believe that the statements made in this report are accurate, but no warranty of completeness, accuracy or reliability is given in relation to the
statements and representations made by, and the information and documentation provided by, the Shire of Augusta- Margaret River management and
personnel. We have indicated within this report the sources of the information provided. We have not sought to independently verify those sources
unless otherwise noted with the report. We are under no obligation in any circumstance to update this report, in either oral or written form, for events
occurring after the report has been issued in final form unless specifically agreed with Shire of Augusta- Margaret River. The review findings expressed in
this report have been formed on the above basis.
Third party reliance
This report was prepared solely for the purpose set out in this report and for the internal use of the management of Shire of Augusta- Margaret River.
This report is solely for the purpose set out in the ‘Scope and Approach’ of this report and for Shire of Augusta- Margaret River’s information, and is not
to be used for any other purpose or distributed to any other party without AMD's prior written consent. This review report has been prepared at the
request of the Shire of Augusta- Margaret River Chief Executive Officer or its delegate in connection with our engagement to perform the review as
specified within the 2018 to 2020 five year Strategic Internal Audit Plan. Other than our responsibility to the Council and management of Shire of
Augusta- Margaret River, neither AMD nor any member or employee of AMD undertakes responsibility arising in any way from reliance placed by a third
party, including but not limited to the Shire of Augusta- Margaret River’s external auditor, on this report. Any reliance placed is that party's sole
responsibility.
10
2020 Internal Audit Review Report Page 5 of 23
1. Executive Summary
1.1. Approach and Objectives The primary objective of our internal audit review, which included a Financial Management System
Review (“FMSR”), was to assess the adequacy and effectiveness of systems and controls in place within
the Shire; in accordance with Section 5 of the Shire’s Strategic Internal Audit Plan and related terms of
reference.
The responsibility of determining the adequacy of the procedures undertaken by us is that of the Chief
Executive Officer (“CEO”) and Audit and Risk Management Committee. The procedures were performed
to assist the CEO in satisfying her duty under Section 6.10 of the Local Government Act 1995 and
Regulation 5(1) of the Local Government (Financial Management) Regulations 1996.
Our findings included within this report are based on the site-work completed by us during the week
ending 14th February 2020. Findings are based on information provided and available to us following our
requests during this site visit.
1.2. Summary of Findings The procedures performed and our findings on each of the focus areas are detailed in the following
sections of the report:
• Section 2 - Collection of money;
• Section 3 - Custody and security of money;
• Section 4 - Maintenance and security of the financial records;
• Section 5 - Accounting for municipal or trust transactions;
• Section 6 - Authorisation for incurring liabilities and making payments;
• Section 7 - Maintenance of payroll, stock control and costing records;
• Section 8 - Preparation of budgets, budget reviews, accounts and reports required by the Act or the
regulations; and
• Section 9 – Property, including vested land management, property and lease management.
In addition to the review of processes, procedures and testing completed at the Shire of Augusta-
Margaret River office, our internal audit review included a visit to each of the following sites:
• Davis Road Recycling and Waste Management Facility;
• Turner Caravan Park;
• Flinders Bay Caravan Park;
• Augusta Shire Office;
• Margaret River Heart;
• Margaret River Depot;
• Margaret River Library; and
• Margaret River Recreation Centre.
Following the completion of our review and subject to the recommendations outlined within sections 2
to 9, we are pleased to report that in context of the Shire’s overall internal control environment, policies,
procedures and processes in place are appropriate, and have been operating effectively at the time of
our review.
On an overall basis, we consider there to be relatively few findings to report based on Council’s size and
the nature of activities undertaken by Council.
11
2020 Internal Audit Review Report Page 6 of 23
Findings reported by us are on an exceptions basis, and do not take into account the many focus areas
tested during our review where policies, procedures and processes were deemed to be appropriate and
in accordance with best practice.
The following tables provide a summary of the findings raised in this report:
Compliance Breach High Risk Moderate Risk Low Risk
Number of issues reported 1 2 2 7
For details on the review rating criteria, please refer to Section 10.
12
2020 Internal Audit Review Report Page 7 of 23
Ref Issue Risk Rating
2. Collection of money
2.2.1
Library Receipting
• Banking and reconciliation of library receipts is only completed fortnightly; and
• Instances identified where EFT was receipted as cash at the library. Instances whereby cash was
received but not receipted into the accounting system.
Low
2.2.2 Aged Sundry Debtors
Various long outstanding sundry debtors identified. Low
3. Custody and security of money
We are pleased to note we have no findings to raise in respect to the custody and security of money.
4. Maintenance and security of financial records
4.2.1. Disaster Recovery Plan Testing
There is no formal process for testing the Shire’s ICT Disaster Recovery Plan. Moderate
4.2.2.
Key security and listing
Depot Key Cabinet workshop is unlocked with the office unattended at times during the day. There is no
register to record the daily use of plant and machinery, including check in and check out of keys.
Low
5. Accounting for municipal or trust transactions
5.2.1.
Trust balances
Review of trust balances required as some monies are being held in trust may no longer be considered
trust funds.
High
5.2.2.
Waste Facility Rehabilitation Provision
No assessment and/or provision has been calculated and recorded in relation to the Waste Facility
rehabilitation and closure costs.
High
6. Authorisation for incurring liabilities and making payments
6.2.1. Purchase Orders
Instances identified whereby purchase orders were dated after the invoice. Low
7. Maintenance of payroll, stock control and costing records
7.2.1. Excessive leave
Numerous employees with annual leave entitlements in excess of 6 weeks identified. Low
8. Preparation of budgets, budget reviews, accounts and reports required by the Act or the Regulations
8.2.1.
Monthly Financials to Council
August 2019 monthly financials were not presented to Council within two months after month end as
required by the Local Government (Financial Management) Regulations 1996.
Breach
9. Property, including vested land management, property and lease management
9.2.1. Lease Register and Lease Agreement Details
Various updates are required to Council’s published Lease Register. Moderate
9.2.2.
Playground inspections
There is currently no formal register outlining the timeline/requirements for playground inspections
within the Shire.
Low
9.2.3. Heritage Listing Register
The listing of heritage buildings owned by the Shire requires updating (last updated 2012). Low
13
2020 Internal Audit Review Report Page 8 of 23
2. Collection of money
2.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Documented financial systems detailing controls, procedures and reconciliations in relation to all
sources of income;
• Reviewed the controls and procedures over the collection, receipting, recording and banking of cash
collected at the following cash collection sites:
o Margaret River Civic Administration Centre;
o David Road Recycling and Waste Management Facility;
o Turner Caravan Park;
o Flinders Bay Caravan Park;
o Augusta Shire Office;
o Margaret River Heart;
o Margaret River Library; and
o Margaret River Recreation Centre.
• Counted petty cash and float on hand at the above mentioned sites ensuring the correct balance
held;
• Tested collection, receipting, invoicing and posting procedures over cash receipts on a sample basis;
• Reviewed credit control procedures in respect to sundry debtors and rates debtors;
• Reviewed fees and charges schedule to ensure adequate internal controls in place over receipting;
• Tested collection, receipting, invoicing and posting procedures over cash receipts on a sample basis;
and
• Reviewed credit control procedures in respect to sundry debtors and rates debtors.
2.2. Detailed findings and recommendations
2.2.1. Library Receipting and Banking Process
Finding Rating: Low
During our review and observation of the library banking process we noted the following:
• Banking and reconciliation of library receipts is only completed fortnightly which often results in the
accumulation of $1,000 to $1,500 of cash proceeds on a fortnightly basis; and
• Instances identified whereby monies were collected via EFT however monies were incorrectly
receipted as cash; and
• Instances identified where cash received was not receipted into the accounting system.
Implication / Risks
Untimely banking of Council’s cash takings and receipting errors resulting in an increased risk of
error or fraud.
Recommendation
We recommend:
• Banking is performed for library takings on a more regular basis; and
• Processes and controls are implemented put into place to ensure cash and EFT receipts are recorded
and reconciled correctly.
14
2020 Internal Audit Review Report Page 9 of 23
Management Comment
Recommendation is accepted and has been discussed with Manager Library Services.
2.2.2. Aged Sundry Debtor Follow Up
Finding Rating: Low
Although immaterial, we identified various individual debtors which have been outstanding for a
significant period of time (e.g. up to 600 days).
Implication / Risks
Sundry debtors continue to be recorded which may not be collectable.
Recommendation
Should Council deem individual sundry debtors may not be collected, they should be written off to
ensure debtors are not overstated. We also recommend remaining overdue debtors are followed up
on a timely basis with appropriate action taken accordingly.
Management Comment
Recommendation accepted. The value of outstanding debtors is low compared to debts that are
raised and outstanding debtors are regularly reviewed in consultation with the Shire’s contracted
debt collection agency Ampac WA Pty Ltd, and written off if deemed uncollectable.
15
2020 Internal Audit Review Report Page 10 of 23
3. Custody and security of money
3.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Completed site visits to cash collection points and reviewed the controls and procedures over the
collection, receipting, recording and banking of cash collected offsite;
• Reviewed the security of cash and banking procedures to ensure appropriate controls and
procedures are in place; and
• Reviewed compliance with investment policy.
Please note – Testing completed and procedures performed in respect to custody and security of money
should be reviewed in conjunction with “Section 2 – Collection of Money”.
3.2. Detailed findings and recommendations
Our review indicated key underlying policies, procedures and processes in relation to the custody and
security of money held by the Shire are appropriate, in line with best practice and were found to be
operating effectively.
Accordingly, we have no recommendations to raise in respect to the custody and security of money held
by the Shire.
16
2020 Internal Audit Review Report Page 11 of 23
4. Maintenance and security of the financial records
4.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Reviewed information technology systems to assess critical matters including physical security,
access security, data backups, contingency plans, compliance and systems development; and
• Reviewed registers maintained (including key register, tender register etc) and review of Council
minutes.
4.2. Detailed findings and recommendations
4.2.1. ICT Disaster Recovery Plan Testing
Finding Rating: Moderate
Our inquiries with management indicated that the Shire currently has no formal process or
predetermined schedule for testing the existing ICT Disaster Recovery Plan. Disaster recovery testing
was scheduled to take place in 2015-16, however this did not occur and has not occurred since.
Implication / Risks
Risk of significant delays in business interruption in the event of unforeseen circumstances.
Recommendation
We recommend the Shire implement a process to test and evaluate the ICT Disaster Recovery Plan
to ensure it is current, adequate, and will effectively mitigate disruption in the event of unforeseen
circumstances.
Management Comment
Recommendation accepted. IT Business Continuity has been included as a theme in the Information
Communications and Technology Strategic Plan 2019-20 to 2023-24 that is currently being reviewed
and amended. This theme includes a number of strategies and actions that will provide improved
structure for this process.
17
2020 Internal Audit Review Report Page 12 of 23
4.2.2. Depot Key Security and Register
Finding Rating: Low
We noted the following in respect to the key register and security of keys;
• There is no formal sign in / out key register maintained to record the daily usage of Shire
plant and machinery at the depot; and
• The depot key cabinet remains unlocked at all times.
Implication / Risks
Increased risk of theft and misuse of shire equipment.
Recommendation
We recommend:
• A key register be developed for the recording of daily usage activity of plant and machinery
at the depot; and
• The key cabinet be locked when access is not required.
Management Comment
Recommendation accepted and has been provided to the acting Director Infrastructure Services and
acting Manager Works to action and it is understood the task has been allocated.
18
2020 Internal Audit Review Report Page 13 of 23
5. Accounting for municipal or trust transactions
5.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Reviewed all monthly reconciliations including bank, sundry debtors, sundry creditors, fixed assets,
rates debtors and rateable value reconciliations ensuring correctly reconciled and independently
reviewed;
• Reviewed and tested most recent municipal and trust bank reconciliations prepared;
• Reviewed processes in respect to BAS, FBT Return and other statutory returns preparation;
• Reviewed use of reserve funds and determined whether changes in reserve purposes had been
budgeted or public notice provided;
• Reviewed self-supporting loan transactions ensuring debtor invoices raised in accordance with
payment schedule;
• Reviewed trust ledger balances; and
• Reviewed policies and procedures in respect to insurance, recording claims and insuring newly
acquired assets.
5.2. Detailed findings and recommendations
5.2.1. Trust Balances
Finding Rating: High
Our review of the detailed trust ledger balances listing as at 30 November 2019 and trust funds held
in Council’s trust bank account indicate there are a number of balances which should no longer be
classified as trust, based on the Office of Auditor General’s (OAG) Position Paper 1 “Accounting for
Work Bonds, Building Bonds and Hire Bonds” issued 1 July 2019; and should instead be transferred
to Council’s Municipal account.
Implications / Risks
Risk the Shire incorrectly continues to hold monies in trust which should no longer be classified as
trust funds.
Recommendation
We recommend a detailed review of the trust ledger balances listing be completed as per OAG’s
position paper, with transfers made to the Municipal account accordingly.
Management Comment
Recommendation accepted. Monies which should no longer be held in trust in accordance with the
Office of the Auditor General’s directions will be moved to the municipal account in 2019-20. This
approach has been confirmed with the Shire’s external auditors.
19
2020 Internal Audit Review Report Page 14 of 23
5.2.2. Waste Facility Rehabilitation Provision
Finding Rating: High
Our inquiries with management indicated there has been no assessment completed regarding anticipated
rehabilitation and closure costs in relation to the Davis Road and Wallis Road waste facilities and
therefore no rehabilitation provision or future cost contingency had been provided for as a liability within
Council’s Statement of Financial Position.
Implication
Risk of provision for rehabilitation costs being understated in Council’s Statement of Financial Position.
Recommendation
We recommend an assessment be completed in relation to the Davis Road and Wallis Road waste
facilities, including consideration whether a provision is required should present obligation for
rehabilitation costs exist.
Management Comment
Recommendation is noted and has been discussed with the Manager Waste and Health.
20
2020 Internal Audit Review Report Page 15 of 23
6. Authorisation for incurring liabilities and making payments
6.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Reviewed controls and procedures over the authorisation of purchase orders and making of
payments;
• Tested a sample of payments to ensure compliance with stated procedures;
• Reviewed tender procedures and ensured compliance with stated procedures;
• Reviewed credit card processes and procedures, and tested transactions on a sample basis;
• Reviewed petty cash processes and procedures, and tested transactions on a sample basis;
• Completed sample tests in respect to asset additions and asset disposals;
• Reviewed asset capitalisation and depreciation policies and ensured compliance with stated policies;
and
• Reviewed new loans ensuring budgeted for or public notice provided.
6.2. Detailed findings and recommendations
6.2.1. Purchase Orders
Finding Rating: Low
Based on our sample testing, we identified the following instances whereby purchase orders were
dated after the invoice:
o Purchase Order 124136 (Climatic Services) dated 8 August 2019 with corresponding Invoice
dated 22 July 2019; and
o Purchase Order 126589 (Paperscout) dated 19 December 2019 with corresponding Invoice
dated 28 November 2019.
Implications / Risks
Risk of unauthorised purchases.
Recommendation
We recommend purchase orders are raised and approved prior to expenditure being incurred in
accordance with Council’s Procurement Guide.
Management Comment
Recommendation accepted. Staff training, education and reinforcement of purchasing procedures is
an ongoing process.
21
2020 Internal Audit Review Report Page 16 of 23
7. Maintenance of payroll, stock control and costing records
7.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Completed a Site visit to the Margaret River depot to review security over stocks and materials held
and allocation / costings of stocks used (including fuel and inventory stocks);
• Completed detailed analysis and testing to review the allocation of overheads and administration
costs;
• Reviewed payroll controls and procedures to ensure effective controls are in place, and complete
tests on a sample basis to ensure controls were operating effectively;
• Reviewed annual leave balances and identified employees with excessive annual leave balances;
• Reviewed existing HR procedures manual;
• Reviewed process for identification and review of relevant legislative and internally imposed
requirements relating to human resources including Local Government Act and Regulations, Awards,
EBA, OSH requirements, internal contracts, code of conduct (Councillor and employee), budgetary
salary position matrix, staff incident and complaint reporting mechanisms etc;
• Reviewed recruitment procedures including setting up of new employees;
• Reviewed processes for setting pay rates, staff performance and pay reviews;
• Reviewed payroll recording and payment procedures, including timesheet authorisation, timesheet
data entry; payroll processing and payment authorisation procedures;
• Reviewed disciplinary and termination procedures;
• Reviewed management of leave entitlements, including use of leave forms, authorisation of leave
forms, processing and reconciliation of employee provisions on a regular basis;
• Reviewed payroll deductions, including employee authorisation and documentation;
• Reviewed superannuation and group tax deduction payments; and
• Tested a sample of termination payments, including review and authorisation prior to payment.
7.2. Detailed findings and recommendations
7.2.1. Excessive Leave
Finding Rating: Low
Our review of employee leave as at 30 November 2019 identified numerous employees whom have
an annual leave balance in excess of six weeks with some of these employees also having a present
entitlement to Long Service Leave.
Implications / Risks
1. The cost to Council is greater if annual leave is not paid out on a regular basis due to the
cumulative effect of salary increases over a period of time.
2. Recreational leave enhances employee performance.
3. It is a fundamental principle of good internal control that all employees take regular
holidays.
Recommendation
We recommend leave balances continue to be managed to reduce the number of employees with
excessive leave entitlements due.
22
2020 Internal Audit Review Report Page 17 of 23
Management Comment
Recommendation accepted. An excessive leave procedure is in place and reinforced with staff on a
regular basis. Reports of excessive leave balances by employee are provided to the executive
leadership team on a quarterly basis for review as part of this process.
23
2020 Internal Audit Review Report Page 18 of 23
8. Preparation of budgets, budget reviews, accounts and reports required by the
Act or the Regulations
8.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Reviewed policy and procedure manuals;
• Reviewed the procedures for preparation of monthly accounts and general ledger account
reconciliations;
• Reviewed the procedures for preparation of the annual Financial Statements and annual Budget,
including assessment of accounting policy, notes and applicable reporting requirements and
efficiency of the process;
• Reviewed monthly financial statements ensuring presented to Council within two months and
information contained within monthly financial statements in accordance with Regulation 34 of
Local Government (Financial Management) Regulations 1996;
• Reviewed the mid-year budget review to ensure compliance with Regulation 33A of the Local
Government (Financial Management) Regulations 1996 and assessment of budgetary expenditure
controls in place; and
• Ensured prior year audit report and management letter have been presented to audit committee
and Council.
8.2. Detailed findings and recommendations
8.2.1. Monthly Financials to Council
Finding Rating: Breach
We noted the August 2019 monthly financial activity report was not presented to Council in a timely
manner in accordance with Regulation 34 of the Local Government (Financial Management)
Regulations 1996 (subsequently presented on 13 November 2019).
Implications / Risks
Breach of statutory requirement.
Recommendation
We recommend all monthly financial activity reports are presented to Council within two months of
month end as required by Regulation 34 of the Local Government (Financial Management)
Regulations 1996.
Management Comment
Recommendation noted. Our objective is to always provide the monthly financial report to Council
within 2 months of the end of the month in accordance with legislative requirements. In our view
there were extenuating circumstance that did not allow this to occur for the August 2019 monthly
financial report. Specifically, Council had earlier agreed that no meetings would be held during
school holidays which resulted in one meeting be scheduled for October. This meeting then became
a Special Meeting with the sole purpose of swearing in Councillors after the October 2019 election.
The August 2019 financial report had been prepared and was able to be provided to Council in
October but changed circumstances did not allow this to occur.
24
2020 Internal Audit Review Report Page 19 of 23
9. Property, including vested land management, property and lease management
9.1. Scope and approach
In accordance with the scope set out in our Strategic Internal Audit Plan, our review focused on the
following:
• Reviewed freehold and vested land registers ensuring up to date;
• Reviewed title deeds for a sample of freehold properties;
• Assessed whether vested land is utilised for the correct purposes;
• Reviewed property lease register, ensuring up to date;
• Selected a sample of leased properties from the lease register and:
o Reviewed leases for leased properties ensuring properly authorised and executed;
o Reviewed lease management procedures ensuring leases are regularly followed up with rent
adjustments made on a timely basis, lessee insurance requirements met and other specific
obligations as outlined within the lease agreement are complied with;
o Enquired in respect to property utility and use charges ensuring on-charging compliant with
lease agreements;
o Considered rates of return received on investments compared to arm’s length market rates,
including a review of discounted / peppercorn lease arrangements;
• Enquired in respect to vacant properties (if any) and the reason for the vacancy;
• Assessed adequacy of land inspection frequency and checklists;
• Assessed land and building maintenance plans, ensuring up to date;
• Ensured a recent capital upgrade in respect to a building has complied with procurement
procedures;
• Assessed land and building insurance requirements, ensuring up to date and adequately insured;
• Assessed environmental considerations and compliance with any specific laws or regulations; and
• Assessed heritage listed properties (if any) to ensure managed in accordance with statutory
requirements.
25
2020 Internal Audit Review Report Page 20 of 23
9.2. Detailed findings and recommendations
9.2.1. Lease Register and Leases Requires Update
Finding Rating: Moderate
Review of the lease register maintained on the Shire’s intranet identified the following details were
not up to date;
• A lease term was incorrectly stated in a lease agreement – as “10 years starting 1 July
2013 to 30 June 2013”;
• Lease expiry dates noted for various properties had expired;
• Public Liability insurance details initially obtained from The Lessee had expired (dating
back to 2016); and
• Several instances where Public Liability insurance had not been obtained from the
Lessee with no additional comments included within the register.
Examples of the above can be provided upon request.
Implications / Risks
Risk the lease register does not reflect current conditions of lease arrangements.
Recommendation
We recommend the lease register be updated periodically to ensure all details are current to ensure
Lessee’s hold appropriate insurance coverage as required by the Lease Agreement.
Management Comment
Recommendation noted. Although the lease register is updated regularly this matter will be brought
to the attention of the Manager Legal and Governance Services.
9.2.2. Playground Inspections
Finding Rating: Low
Our observations, enquiries and discussions with Depot staff, identified there is no formal process in
place regarding the inspection of Shire owned playgrounds.
Implications / Risks
Risk that required maintenance is not identified and completed in a timely manner.
Recommendation
We recommend a formal process be developed to ensure all Shire owned playgrounds are regularly
inspected and assessed for any required maintenance.
We further recommend the process is documented and a checklist developed to ensure all
requirements are considered during inspections.
Management Comment
Recommendation noted and has been discussed with the acting Manager Works. It has been
advised inspections are undertaken quarterly with the June inspection undertaken by an
independent contractor. However, it is recognised the process can be improved.
26
2020 Internal Audit Review Report Page 21 of 23
9.2.3 Register of Heritage Buildings
Finding Rating: Low
We note the register for heritage listed buildings is not up to date (last updated 2012).
Implication / Risks
Risk of incomplete Heritage building records.
Recommendation
We recommend the heritage listed buildings register be updated to ensure current and complete.
Management Comment
Recommendation noted. A review of the Municipal Heritage Inventory is scheduled to commence in
2019-20.
27
2020 Internal Audit Review Report Page 22 of 23
10. Guidance on Risk Assessment Risk is uncertainty about an outcome. It is the threat that an event, action or non-action could affect an
organisation’s ability to achieve its business objectives and execute its strategies successfully. Risk is an
inherent component of all service activities and includes positive as well as negative impacts. As a result not
pursuing an opportunity can also be risky. Risk types take many forms − business, economic, regulatory,
investment, market, and social, just to name a few.
Risk management involves the identification, assessment, treatment and ongoing monitoring of the risks and
controls impacting the organisation. The purpose of risk management is not to avoid or eliminate all risks. It
is about making informed decisions regarding risks and having processes in place to effectively manage and
respond to risks in pursuit of an organisation’s objectives by maximising opportunities and minimising
adverse effects.
The risk guidelines stated within the Shire of Augusta Margaret River’s Risk Management Framework.
Measure of Likelihood of Risk
Likelihood is the chance that the event may occur given knowledge of the organisation and its environment.
The following table provides broad descriptions to support the likelihood rating:
*Above Extracted from the Shire’s Risk Management Framework.
28
2020 Internal Audit Review Report Page 23 of 23
Measure of Consequence of Risk
Consequence is the severity of the impact that would result if the event were to occur. The following table
provides broad descriptions to support the consequence rating:
*Above Extracted from the Shire’s Risk Management Framework.
Risk Acceptance Criteria
Finding Rating for each audit issue was based on the following table:
*Above Extracted from the Shire’s Risk Management Framework.
29
30
31
32
33
34
35