An internal audit report has highlighted areas for improvement within the Council's internal audit function, while also noting positive progress in other areas. The 2025/26 Internal Quality Assessment (IQA) of the internal audit function indicated that while efforts are being made to conform with Global Internal Audit Standards (GIAS), some major objectives are not being fully met.
The report, conducted by the Head of Audit, identified specific shortcomings across several domains of the GIAS. These include opportunities for improvement in 'Ethics and Professionalism' (Domain II), where a professional development plan for staff is to be developed and implemented by August 2026. In 'Governing the Internal Audit Function' (Domain III), the function needs to prepare a plan for an external quality assessment (EQA) by December 2026.
Further areas for development are noted in 'Managing the Internal Audit Function' (Domain IV), with improvement actions including a comprehensive review and update of the audit universe and the development of an assurance map by April 2026. Key performance indicators (KPIs) are also to be revised to align with GIAS-compliant performance measurement guidance by the same date. In 'Performing Internal Audit Services' (Domain V), the assessment found that the function is not fully conforming with GIAS objectives, which could significantly impact its effectiveness and ability to add value. Improvement actions here include developing and rolling out comprehensive internal audit methodologies by June 2026, and ensuring the use of audit-specific IT software.
The Global Internal Audit Standards (GIAS) are a set of principles and standards that guide the internal audit function, with the Council aiming to conform with their mandatory elements. These standards cover five domains: Purpose of Internal Auditing, Ethics and Professionalism, Governing the Internal Audit Function, Managing the Internal Audit Function, and Performing Internal Audit Services. The methodology for assessing conformance involves ongoing monitoring, periodic self-assessments, and external quality assessments. The CIPFA Application Note – Global Internal Audit Standards in the UK Public Sector, effective from April 2025, is also relevant.
The Head of Audit, who conducted the assessment, operates with independence and authority as outlined in the Internal Audit Charter. This positioning ensures that the internal audit function can perform its responsibilities without management interference, reporting functionally to the Audit & Risk Management Panel and administratively to the Director of Finance.
While the specific major objectives not being fully met are not detailed, the assessment notes that these deficiencies will usually represent significant opportunities for improvement in effectively applying the elements of the Global Internal Audit Standards 2024 i.e. the Principles and Standards (Requirements) and achieving their objectives.
The upcoming external quality assessment is intended to evaluate the function's conformance with GIAS and identify further areas for enhancement. These external assessments are mandated to occur at least once every five years.
