Central Coast Council is working on more than 270 unaddressed recommendations and management actions arising from reviews by the NSW Audit Office, external consultant reviews and Council’s own internal auditor and its internal ombudsman.
The internal auditor is suggesting that instead of continuing to conduct business assurance audits which would simply layer up more management actions to fix broken controls, the internal audit should change emphasis.
The change includes deciding on a top five “quick wins” and getting the Executive Leadership Team and unit managers moving on them quickly.
One of the Top Five options is a policy for staff expenses.
Others are a cash management framework and a process for reporting contracts below $150,000.
Another focus will be deciding on another top five high risk issues and to concentrate on fixing them.
These issues include performance management, workforce planning, and systems and process frameworks.
This year’s Roads Maintenance (Pothole Management) audit has been moved to next year along with the Property Rates audit.
The internal auditor has also cancelled a COVID-19 remote working control environment audit.
Instead, the auditor will facilitate training for directors and managers on controls and how to effectively manage remote working environments.
The internal audit said its role would include. assisting with research; engaging with key stakeholders through workshops, insights, advice and support; identifying best practice and learnings from other organisations’ documentation; and ensuring risks are identified and managed.
An audit report said that from the 2019/20 program of seven audits and an associated 116 recommendations, the root cause of the identified control weaknesses could be attributed to one or more of the following: lack of or weak policy/strategic framework; poor workforce planning/management; weak systems/processes unclear or weak conduct of roles/responsibilities; lack of or weak management information/reporting; lack of or weak performance management/monitoring; poor decision making/record keeping; non-compliance; skills/capabilities shortfall; breakdown/failure of delegations; and lack of or weak asset planning/management.