Internal Audit Service

1.1. This report supports Audit Committee's responsibility under its terms of reference to consider performance reports from internal audit on progress with delivery of the 2022/23 audit plan, agreed at the March 2022 Committee meeting.

1.2. We are grateful for the assistance that has been provided to us in the course of our work.

2. Summary of progress against the 2022/23 audit plan

2.1. Work carried out during the period 1 April 2022 to 5 March 2023 was in accordance with the agreed audit plan. To date, 50.5 days have been spent this financial year on completion of the 2022/23 plan, equating to 72% of the total planned audit activity of 70 days. The table below shows the current status of all audit work.

No areas of concern have come to our attention in conducting our assurance work to date that requires bringing to the attention of committee members.

Audit review	Audit days			Status	Assurance Opinion
Audit review	Planned	Actual	Variation	Status	Assurance Opinion
Governance and business effectiveness
Overall governance, risk management and control arrangements	3	2	1	Progressing	N/A
Service delivery and support
Recruitment	12	9	3	Completed	˜ Substantial
Carbon Management Arrangements	12	3	9	Progressing	N/A
Business processes
Accounts payable	8	5	3	Completed	˜ Substantial
Accounts receivable	5	3	2	Completed	˜ Substantial
General ledger	5	3	2	Completed	˜ Substantial
HR/ Payroll	9	8	1	Completed	˜ Substantial
Pensions administration	1	0	1	Not started	N/A
Treasury management	4	5	-1	Completed	˜ Substantial
Follow up audit activity
Training, Learning and Development	1	5	-4	Completed	Six actions have been implemented and one superseded.
Management of On Call provision	1	2	-1	Progressing	N/A
Other components of the audit plan
Management activity	8	5.5	2.5	N/A
National Fraud Initiative	1	0	1	N/A

3. Extracts from Audit Reports

3.1. Extracts of assurance summaries are shown below

Key Financial Systems (KFS)

Overall assurance rating – Accounts Payable	Audit findings requiring action
˜	Extreme	High	Medium	Low
Substantial	0	0	0	1
See Appendix 1 for Rating Definitions There are no findings to report that would have a significant impact on the achievement of service objectives and a strong control environment continues to be maintained by the Finance Team in relation to Accounts Payables.
Financial Regulations and relevant policies are in place and accessible for all staff to view. Expenditure with suppliers is monitored by the Procurement Officer and overlooked by the Head of Service to ensure that tendering arrangements and contracts are in place for supplies or services exceeding the Contract Standing Order threshold.

Overall assurance rating – Accounts Receivable	Audit findings requiring action
˜	Extreme	High	Medium	Low
Substantial	0	0	0	0
See Appendix 1 for Rating Definitions
There are no findings to report that would have a significant impact on the achievement of service objectives and a strong control environment continues to be maintained by the Finance Team in relation to Accounts Receivables. A Debt Management Policy is in place and readily available to staff, and appropriate separation of duties is maintained between the invoice requester and the individual who raises the invoices, banks the cheques and any cancellation of invoices. All invoices raised were supported by an invoice request form correctly and accurately raised according to the request form and any debts outside of the standard reminder period are being monitored and chased on a regular basis. The access to the accounts receivable system is appropriately limited to the relevant staff and an aged debt analysis report is produced monthly which shows all outstanding debt and the age of the debt.

Overall assurance rating – General Ledger	Audit findings requiring action
˜	Extreme	High	Medium	Low
Substantial	0	0	0	1
See Appendix 1 for Rating Definitions
There are no findings to report that would have a significant impact on the achievement of service objectives and a strong control environment continues to be maintained by the Finance Team in relation to the General Ledger. There is an SLA in place, which sets out the respective roles and responsibilities of LCC and LFRS, the SLA was signed by LCC (Director of Finance) on 21 March 2022 and signed by LFRS (Director of Corporate Services) on the 15 March 2022. We can confirm that all the staff who have General Ledger responsibilities are current LFRS staff, additionally the virements and feeder files we sampled were all appropriate with necessary approval documentations. We were unable to test the error correction process due to the migration from Oracle R12 to Oracle Fusion as the error correction function was not live at the time of the review. Additionally, the control accounts reconciliations were not up to date due to short staffing and the service being unable to populate reports effectively from Fusion. However, they are currently working towards all the reconciliations and will most likely sign them all off as part of the year-end processes. The 2022/23 budget was approved by the Lancashire Combined Fire Authority Committee and budget monitoring takes place corporately and departmental wise. A Financial Monitoring Report which sets out the current budget position is produced for the Executive Board and the Resources Committee, additionally a Quarterly Measuring Progress Performance Report is also populated for the Senior Management Team and the Performance Committee.

Recruitment- Positive Action

Overall assurance rating	Audit findings requiring action
˜	Extreme	High	Medium	Low
Substantial	0	0	0	0
See Appendix 1 for Rating Definitions
We can confirm that the current recruitment activity processes adopt an efficient and effective Positive Action approach in ensuring the right person is recruited to each individual role. A strong control environment exists, and various processes and plans are in place to ensure that the service continues to promote the Lancashire Fire and Rescue Service (LFRS) as an employer of choice. This includes recruiting a workforce which is diverse and meets the needs of the people of Lancashire and the communities it serves. LFRS have established a strong network with various community groups to help them to promote a positive and inclusive culture within the workplace. The majority of the workforce have completed the Equality, Diversity and Inclusion course and all the staff who undertook the recent recruitment exercise have undertaken some additional form of training, which included aspects of Positive Action. Diversity information is collected as part of the recruitment process to better understand the workforce composition and the application of Positive Action principles is published prior to specific recruitment exercises. Consent to pass on contact details to HR is requested from failed applicants from recruitment exercises, in order that they can be targeted further in future recruitment opportunities. Additional work is undertaken to identify barriers to joining Fire Services and this is used to inform Positive Action. All applicants are scored against pre-determined criteria at both application and interview stage and recruitment panels are appropriately constituted. Appropriate records are kept and are used to identify all applicants who have received Positive Action support and senior management and relevant boards receive regular reports regarding application of the Positive Action approach.

Training, Learning and Development- Follow up

Audit assurance levels and classification of residual risk

Note that our assurance may address the adequacy of the control framework's design, the effectiveness of the controls in operation, or both. The wording below addresses all of these options and we will refer in our reports to the assurance applicable to the scope of the work we have undertaken.

˜ Substantial assurance: the framework of control is adequately designed and/ or effectively operated overall.

˜ Moderate assurance: the framework of control is adequately designed and/ or effectively operated overall, but some action is required to enhance aspects of it and/ or ensure that it is effectively operated throughout.

˜ Limited assurance: there are some significant weaknesses in the design and/ or operation of the framework of control that put the achievement of its objectives at risk.

˜ No assurance: there are some fundamental weaknesses in the design and/ or operation of the framework of control that could result in failure to achieve its objectives.

Classification of residual risks requiring management action

All actions agreed with management are stated in terms of the residual risk they are designed to mitigate.

Extreme residual risk: critical and urgent in that failure to address the risk could lead to one or more of the following: catastrophic loss of the LRFS services, loss of life, significant environmental damage or significant financial loss, with related national press coverage and substantial damage to the LRFS reputation. Remedial action must be taken immediately.

High residual risk: critical in that failure to address the issue or progress the work would lead to one or more of the following: failure to achieve organisational objectives, significant disruption to the LRFS business or to users of its services, significant financial loss, inefficient use of resources, failure to comply with law or regulations, or damage to the LRFS reputation. Remedial action must be taken urgently.

Medium residual risk: failure to address the issue or progress the work could impact on operational objectives and should be of concern to senior management. Prompt specific action should be taken.

Low residual risk: matters that individually have no major impact on achieving the service's objectives, but when combined with others could give cause for concern. Specific remedial action is desirable.

Status of agreed actions

Original audit assurance rating

˜

Moderate

See Appendix 1 for Rating Definitions

Number of actions

Implemented

Superseded

A follow-up audit has been conducted to determine the progress made by Lancashire Fire and Rescue Service to implement the agreed actions in the internal audit report; Training, Learning and Development, issued in August 2021. It provided moderate assurance over adequacy and effectiveness of the controls in place to ensure that operational personnel can demonstrate ongoing compliance with the competencies required for their role. Whilst the provision of training and internal assurance arrangements are appropriately structured to support firefighters in maintaining the competencies required for their role, some actions to improve the overall monitoring and reporting arrangements were agreed to obtain greater assurance that training is being undertaken appropriately and learning is embedded.

Four medium risk and three low risk actions were agreed with the Service Training Manager and Head of Improvement and Innovation. Based on the information and evidence provided to us, we are satisfied that good progress has been made in implementing the agreed actions. There is now a Training Plan in place, management are aware of and monitor the training needs to ensure completion and monitoring is also in place for actions from station visits.