Agenda of Audit and Risk Subcommittee

N-logotype-black-wide Audit and Risk Subcommittee

18 February 2020

Page No.

1. Apologies

Nil

2. Confirmation of Order of Business

3. Interests

3.1 Updates to the Interests Register

3.2 Identify any conflicts of interest in the agenda

4. Public Forum

5. Chairperson's Report

6. Internal Audit Quarterly Progress Report to 31 December 2019 7 - 10

Document number R13707

Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Internal Audit Quarterly Progress Report to 31 December 2019 (R13707) and its attachment (A2278558).

7. New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits - 31 December 2019 11 - 16

Document number R13708

Recommendation

That the Audit and Risk Subcommittee

1. Receives the report New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits - 31 December 2019 (R13708) and its attachment (A2316401).

8. Key Organisational Risks Report - 01 July to 31 December 2019 17 - 44

Document number R13718

Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Key Organisational Risks Report - 01 July to 31 December 2019 (R13718) and its attachment (A2332487).

9. Health, Safety and Wellbeing Report, July to December 2019 45 - 58

Document number R13724

Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Health, Safety and Wellbeing Report, July to December 2019 (R13724) and its attachment (A2323649).

10. Letter from Audit NZ on Annual Report for year ending 30 June 2019 59 - 95

Document number R13731

Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Letter from Audit NZ on Annual Report for year ending 30 June 2019 and its attachment (A2320712); and

2. Notes Audit New Zealand’s responses on the Annual Report for year ending 30 June 2019.

CONFIDENTIAL Business

11. Exclusion of the Public

Recommendation

That the Audit and Risk Subcommittee

1. Excludes the public from the following parts of the proceedings of this meeting.

2. The general subject of each matter to be considered while the public is excluded, the reason for passing this resolution in relation to each matter and the specific grounds under section 48(1) of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are as follows:

Item	General subject of each matter to be considered	Reason for passing this resolution in relation to each matter	Particular interests protected (where applicable)
1	Quarterly Update On Debts - 31 December 2019	Section 48(1)(a) The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7	The withholding of the information is necessary: · Section 7(2)(a) To protect the privacy of natural persons, including that of a deceased person · Section 7(2)(g) To maintain legal professional privilege
2	Quarterly Update on Legal Proceedings	Section 48(1)(a) The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7	The withholding of the information is necessary: · Section 7(2)(g) To maintain legal professional privilege
3	Internal Audit - Investigation into the Calculation of Reserves Contributions	Section 48(1)(a) The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7	The withholding of the information is necessary: · Section 7(2)(a) To protect the privacy of natural persons, including that of a deceased person · Section 7(2)(g) To maintain legal professional privilege

Item

General subject of each matter to be considered

Reason for passing this resolution in relation to each matter

Particular interests protected (where applicable)

Quarterly Update On Debts - 31 December 2019

Section 48(1)(a)

The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7

The withholding of the information is necessary:

· Section 7(2)(a)

To protect the privacy of natural persons, including that of a deceased person

· Section 7(2)(g)

To maintain legal professional privilege

Quarterly Update on Legal Proceedings

Section 48(1)(a)

The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7

The withholding of the information is necessary:

· Section 7(2)(g)

To maintain legal professional privilege

Internal Audit - Investigation into the Calculation of Reserves Contributions

Section 48(1)(a)

The public conduct of this matter would be likely to result in disclosure of information for which good reason exists under section 7

The withholding of the information is necessary:

· Section 7(2)(a)

To protect the privacy of natural persons, including that of a deceased person

· Section 7(2)(g)

To maintain legal professional privilege

Item 6: Internal Audit Quarterly Progress Report to 31 December 2019

Audit and Risk Subcommittee

18 February 2020

REPORT R13707

Internal Audit Quarterly Progress Report to 31 December 2019

1. Purpose of Report

1.1 To update the Audit and Risk Subcommittee on the internal audit activity for the quarter to 31 December 2019.

2. Summary

2.1 While the first half of the financial year has been dominated by business improvement initiatives, a number of internal audits in the Plan are currently underway. The focus for the second half of the year will be on these and the other audits included in the Plan. At the time of this report, officers expect the Plan to be on target by year end.

Current activity includes one investigation which, due to legal advice and privacy grounds, is briefly outlined under Public Excluded.

3. Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Internal Audit Quarterly Progress Report to 31 December 2019 (R13707) and its attachment (A2278558).

4. Background

4.1 Under Council’s Internal Audit Charter approved by Council on 15 November 2018, the Audit and Risk Subcommittee requires a periodic update on the progress of internal audit activities relative to any current Internal Audit Plan approved by Council.

4.2 The current Internal Audit Plan (the Plan) for the year to 30 June 2020 was approved by Council on 8 August 2019. The Plan provides for two planned audits, with an allowance for a further two unplanned audits. As well, it provides for a contribution towards business improvement work programmes.

4.3 The Audit and Risk Subcommittee indicated at their meeting of 25 June 2019 that the unplanned audit topics should be decided by the end of the calendar year.

5. Discussion

5.1 The review of the performance management system from the 2018-2019 Plan was finalised and presented to the Senior Leadership Team during this reporting period. A number of areas for improvement were identified with risk ratings assessed as medium or low.

5.2 While the two planned audits in the Plan are yet to be completed half way through the financial year, more of the internal audit resource effort will be directed towards audits for the second half of the year.

5.3 Of the two unplanned audits in this year’s Plan, one has been allocated at the request of management and with the support of the Chair, Audit and Risk Subcommittee. This is well underway.

5.4 The final unplanned audit is an adjunct to the planned formal fraud risk assessment audit. This piece of work will use the findings from the fraud risk assessment to help identify and evaluate which of these areas would benefit from the use of data analytics, particularly with respect to fraud detection. The primary purpose of the work is to inform the decision as to whether to proceed with a suitable cost-effective procurement of a data analytics product, and thus improve the ability to identify fraudulent activity and reduce risk across the organisation.

5.5 Progress relating to the business improvement programme of work included in the Plan has, to some extent, been impacted by staffing changes during the reporting period. That said, there have been some real gains made and staff resourcing needs are expected to be met in the first half of 2020.

Author: Lynn Anderson, Internal Audit Analyst

Attachments

Attachment 1: A2278558 - Report on Progress of Internal Audits - 31 December 2019 ⇩

Item 7: New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits - 31 December 2019

Audit and Risk Subcommittee

18 February 2020

REPORT R13708

New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits - 31 December 2019

1. Purpose of Report

1.1 To update the Subcommittee on new or outstanding risk exposures following internal audits included in the Internal Audit Plan to 30 June 2020.

2. Recommendation

That the Audit and Risk Subcommittee

1. Receives the report New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits - 31 December 2019 (R13708) and its attachment (A2316401).

2. Background

2.1 Under section 9.1 of the Internal Audit Charter, the Audit and Risk Subcommittee and the Governance Committee are to be informed of internal audit results where appropriate.

2.2 Under section 9.4, the Audit and Risk Subcommittee requires a periodic update of any significant risk exposures and control issues identified from internal audits completed.

2.3 At its 8 August 2019 meeting, Council approved that the Internal Audit Plan to 30 June 2020 should include a strong focus on business improvement. As a result, during the six months to 31 December 2019 only one internal audit was finalised, from which no new significant risks were identified.

2.4 The attachment (A2316401), New and Outstanding Significant Risk Exposures and Control Issues Identified from Internal Audits, shows five high risks outstanding from the previous report presented to the Audit, Risk and Finance Subcommittee meeting of 27 August 2019. Of these, two are about to reduce to a medium risk. Details of progress in Quarter 1 & 2 are shown in red for each action included in the 27 August 2019 report.

3. Conclusion

3.1 There are five ongoing high risks identified from internal audits, two which are soon to reduce to medium. Good progress has been made with the remaining three high risks to achieve the improvements necessary but it will take time to reduce the level of risk for each of these. As the Business Improvement Team have these on their work programme as a matter of priority, it is considered that the organisation is attending to the risks prudently.

Author: Lynn Anderson, Internal Audit Analyst

Attachments

Attachment 1: A2316401 - Summary of New or Outstanding Significant Risk Exposures and Control Issues - 31 December 2019 ⇩

Item 8: Key Organisational Risks Report - 01 July to 31 December 2019

Audit and Risk Subcommittee

18 February 2020

REPORT R13718

Key Organisational Risks Report - 01 July to 31 December 2019

1. Purpose of Report

1.1 To provide information to the Audit and Risk Subcommittee on the key organisational risks through to end of quarter two 2019-20. This report covers risk management progress through both quarter one and quarter two 2019-20. Future reports to the Subcommittee will be on a quarterly basis, covering the preceding quarter.

2. Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Key Organisational Risks Report - 01 July to 31 December 2019 (R13718) and its attachment (A2332487).

3. Background

3.1 This report includes information on risks to achieving Council’s priorities for the Long Term Plan 2018-28 (section 5), and the key organisational risks that could impact Council’s wider ability to deliver core functions and services (section 6). Risks related to specific assets, activities, or projects, are reported on a quarterly basis to the relevant Committee, and are summarised at section 7 of this report. In addition, section 7 provides a brief summary from each Group Manager on emerging risks for their areas of responsibility.

3.2 The attachment to this report describes each risk in more detail, including the existing controls and planned risk treatments.

4. Risk Management Practice

4.1 Risk management improvement activities for the remainder of 2019-20 include:

· A trial of a risk management software tool is planned to begin in late February. The intent of using this software is to enable consolidation of risk recording, to provide more effective risk ownership and visibility, and to provide more efficient reporting on risk. A decision will be made by the end of March to proceed, or not, with full implementation.

· Test the feasibility of a revised risk management structure and related processes. An outline structure has been drafted with the aim of ensuring risk management activity has a priority focus on Council’s core service delivery objectives.

4.2 A risk maturity benchmarking exercise was previously anticipated for completion during 2019-20. This is rescheduled for next financial year, as more value will be gained by benchmarking after completing the planned improvement activities noted at section 4.1.

5. Risks to Achieving Council Long Term Plan Top Priorities

5.1 Updated information to end of quarter two is summarised below, with further detail on the risk areas, their controls and treatments set out in attachment one.

5.2 Priority area Infrastructure (Risk 1). There have been no reported exceptions to the risk controls. The next review dates for the planned treatments have been set, though it should be noted that the planned treatments are for delivery over the medium to long term. The risk rating remains at High, with no risk movement during quarters one and two 2019-20.

5.3 Priority area Environment (Risk 2). The risk profile was reviewed as planned, with no changes to the risk profile. The risk rating remains at High, with no risk movement during quarters one and two 2019-20.

5.4 Priority area CBD Development (Risk 3). Some risk treatments were established and/or completed during quarter two. The risk profile was reviewed and as the assessment of likelihood has reduced in two consequence areas, the overall risk rating has moved from High to Medium.

5.5 Priority area Lifting Council Performance (Risk 4). The recent review of this risk identified a need to reflect Council’s performance goals, such as key performance indicators for the capital expenditure programme, staff survey results, and staff turnover. These areas will be incorporated into the risk controls, and planned risk treatments, during quarter three 2019-20. Whilst the wider Civic House refurbishment project is on hold, some localised improvements in physical working environment have been completed, including renewal of older office furniture, refreshing office layouts, and the relocation of some teams to better suit their working needs. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

6. Key Organisational risks

6.1 At end of quarter two, the known key risk areas for the four Long Term Plan top priorities, and the eight key organisational risks, are as summarised in the heat map, and table below. Brief updates are provided for the eight key organisational risk areas, with further detail in attachment one.

ID	Risk Area	Rating	Owner
1	Council priority area: Infrastructure	High	Group Manager Infrastructure
2	Council priority area: Environment	High	Group Manager Environmental Management
3	Council priority area: CBD Development	Medium	Chief Executive
4	Council priority area: Lift Council Performance	Medium	Chief Executive
5	Lifeline service failure from natural hazards and similar events	High	Group Manager Infrastructure
6	Illness, injury or stress from higher hazard work situations	Medium	Group Manager Corporate Services
7	Loss of service performance from ineffective contracts and contract management	Medium	Chief Executive
8	Compromise of Council service delivery from information technology failures	Low	Group Manager Corporate Services
9	Compromised decision making and public information from incomplete and difficult to access records	Medium	Group Manager Strategy and Communications
10	Council work compromised by loss of and difficulties in replacing skilled staff	Medium	Manager People and Capability
11	Legal liability and reputation loss from inadequate consideration of the law in decision making	Medium	Group Manager Strategy and Communications
12	Loss of public trust in the organisation	Medium	Group Manager Strategy and Communications

6.2 Lifeline service failure from natural hazards and similar events (Risk 5). The risk profile for this area will be reviewed following the update of the Maitai Emergency Action Plan. Risk treatments related to the organisation’s major disruption response capability have been completed. The first of the table top business continuity exercises was held in October 2019, and was effective in providing experience of initial response action planning and decision making, as well as identifying improvements to increase the organisation’s ability to continue business operations. The risk rating remains at High, with no risk movement during quarters one and two 2019-20.

6.3 Illness, injury or stress from higher hazard work situations (Risk 6). Previously, the residual risk rating in this area was revised to High after taking into consideration public spaces and events provided by Council, in light of the attacks in Christchurch. Since then, officers have completed the majority of the planned risk treatments, and as such the residual risk rating has been reviewed and is now considered to be Medium. Council has invested (and continues to invest) in safety training for officers. “Crowded places” processes have been incorporated into Council practice, and have been used as needed for risk assessments related to large gatherings, Bay Dreams 2020 and the Santa Parade being the most recent examples. The health and safety management system was replaced during quarter two, with positive results. The risk movement during quarters one and two 2019-20 is from High to Medium.

6.4 Loss of service performance from ineffective contracts and contract management (Risk 7). Risk treatments are underway, with progress being made on the development of a contracts database. Revisions to the template set for civil engineering construction contracts have been completed. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

6.5 Compromise of Council service delivery from information technology failures (Risk 8). A number of planned treatments were completed over quarters one and two, with the remainder either well underway or almost complete. Risk controls have been reviewed and are considered to remain effective. The overall residual risk is now assessed as Low. An additional treatment was implemented during quarter two, to protect against spoofing attacks on Council email addresses. The risk movement during quarters one and two 2019-20 is from Medium to Low.

6.6 Compromised decision making and public information from incomplete and difficult to access records (Risk 9). The risk profile was reviewed during quarter two as planned, there are no changes to report. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

6.7 Council work compromised by loss of and difficulties in replacing skilled staff (Risk 10). The implementation of risk treatments continues. Controls have been reviewed and are considered to remain effective. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

6.8 Legal liability and reputation loss from inadequate consideration of the law in decision making (Risk 11). The effect of previously completed treatments was reviewed during quarter two. The planned treatments are now largely completed and in place as controls. It is expected that all planned treatments will be concluded by the end of June 2020. It is unlikely that the overall risk rating can be reduced further in a cost effective manner, however the risk owner is satisfied that, taking into account the controls that are in place, the risk is at a tolerable level. The risk will next be formally reviewed at the end of June 2020, to confirm if controls remain effective, or if further treatments are required. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

6.9 Loss of public trust in the organisation (Risk 12). Progress on risk treatments continues, and the residual risk rating has been reviewed. Whilst it is unlikely that further reduction in the residual risk rating can be achieved, the risk owner is satisfied that the risk is at a tolerable level, considering the level of effective controls that are in place. The risk rating remains at Medium, with no risk movement during quarters one and two 2019-20.

7. Risk Areas for Each Group

7.1 Infrastructure Group: The key risks being reported to the Infrastructure Committee relate to delivery of the capital programme. The key areas that most impact delivery are projects that require land negotiations and resource consents. Unknown market fluctuations during tendering, and the potential inability to attract tenderers, could result in increased costs, and re-phasing of projects where construction is unable to start at the expected time.

7.2 Community Services Group: The use of Council reserves could be impacted as Council seeks to mitigate the impact from the elevated fire risks over the summer period. Other emerging risks and issues include the staff departures in the Events team (impact is being assessed), and the impact for Council of homelessness.

7.3 Environmental Management Group: Staff resources in critical areas are the main concern, and the ability to recruit for vacant positions in a competitive and constrained skills market. The likely impacts of this are: delays to timeframes for the Nelson Plan; the potential for budgetary overspend as a result of increased use of consultants; impact on ability to complete remediation of general non-compliances advised by the last IANZ assessment (Building Consent Authority). Processing timeframes for building consents are less likely to be impacted.

7.4 Strategy and Communications Group: No new emerging risks to report at this time.

7.5 Corporate Services Group: No new emerging risks to report at this time.

Author: Arlene Akhlaq, Manager Business Improvement

Attachments

Attachment 1: Key organisational risks report quarters 1 and 2 - July to December 2019 (A2332487) ⇩

Item 9: Health, Safety and Wellbeing Report, July to December 2019

Audit and Risk Subcommittee

18 February 2020

REPORT R13724

Health, Safety and Wellbeing Report, July to December 2019

1. Purpose of Report

1.1 To provide the subcommittee with a report of health, safety and wellbeing data collected over the period July to December 2019.

1.2 To update the subcommittee on key health and safety risks, including controls and treatments.

2. Summary

2.1 Notable incidents for this period were a library customer dying as a result of a serious medical event while in Stoke Library and a boat owner’s contractor receiving spinal injuries after falling 2.2m from a vessel on the Marina hardstand.

2.2 Security incidents reported for this period include a high number of incidents at Elma Turner Library (ETL).

2.3 Council’s key risk ‘Customer aggression threatening the health & safety of those who work for and with Council’ was previously assessed as high and is now assessed as medium.

3. Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Health, Safety and Wellbeing Report, July to December 2019 (R13724) and its attachment (A2323649).

3. Background

3.1 Elected members, as ‘Officers’ under the Health and Safety at Work Act 2015 (HSWA), are expected to undertake due diligence on health and safety matters. Council’s Health and Safety Governance Charter states that Council will receive quarterly reports regarding the implementation of health and safety. Council has delegated the responsibility for health and safety to the Audit and Risk Subcommittee.

3.2 This report covers two quarters as no report was provided to the subcommittee following the July to September 2019 quarter.

3.3 Health, safety and wellbeing performance data reports provide an overview based on key lead and lag indicators. Where a concerning trend is identified more detail is provided in order to better understand issues and implement appropriate controls.

3.4 Reporting on key health and safety risks provides further depth and detail to the health and safety risks reported in the organisational risk report.

4. Discussion

4.1 Data Reports

4.1.1 35 Security incidents were reported at libraries for this period, the majority of these at ETL. Following a significant increase in these incidents during July a security contractor was engaged for 30 hours per week as an interim control. The incidents primarily related to the behaviour of intoxicated customers or those with mental health issues.

4.1.2 Having a security guard on the premises resulted in library staff needing to deal with difficult and potentially dangerous customers on a far less frequent basis. The security contractor has now been replaced by an employee (safety officer) on a six month fixed term trial. The safety officer is better able to take an approach more suited to a public library than the contracted security guards. An upcoming review of security at Libraries will provide advice on the ongoing need for the safety officer.

4.1.3 There are still frequent security incidents occurring however they are far more effectively managed than previously. It is also believed that levels of reporting have improved in regard to security incidents at libraries. The PSA has acknowledged the proactive approach taken by Council in regard to the safety of staff at ETL.

4.1.4 The number of over-speed events for the period as recorded by the ERoad in vehicle monitoring system has continued to trend downwards. The low rate of over speed events (0.4 per 100km travelled) is a good indicator of improved driver safety. Some of the continuing improvement in this rate can be attributed to the recently upgraded in-vehicle hardware that now provides real time information to drivers.

4.2 Incidents of note

4.2.1 There was a fatality at Stoke Library in early July as a result of a customer medical event. Staff actions in responding to this incident were commendable. Support for staff involved was provided following the incident and library staff have since received refresher training in resuscitation including AED use.

4.2.2 A significant near miss occurred when an elevated levels of hazardous landfill gas was detected at a manhole in Founders Heritage Park during routine maintenance work. Temporary fencing has been erected around the manhole while options for a more permanent solution such as venting are considered. Improvements have been made to procedures for routine monitoring and action in the event of detecting landfill gas.

4.2.3 A boat owner’s contractor received spinal injuries after falling 2.2m from a vessel on the Marina hardstand while descending an access ladder. Increased monitoring of safe ladder use has been implemented and safer height access equipment is to be purchased. This incident was not a result of Council work however it did occur at a Council controlled workplace and overlapping duties under HSWA apply to Council and the marina management contractor (NELMAC). The incident is currently being investigated by WorkSafe.

4.3 Proactive Safety

4.3.1 Previous quarterly reports showed data for proactive safety or assurance activities as totals for all event types. These reports indicated an ongoing decline in totals reported but did not provide meaningful insight onto safety culture due to changes in the way activities were recorded over time.

4.3.2 The report data provided in this report identifies some of the most important proactive staff safety activities and by showing performance against clear targets we can focus on driving improvement in these key areas.

4.4 Contractor Health and Safety

4.4.1 Due to variations in contractor activity and the health and safety risks involved in the work is not practicable at present to establish meaningful targets for contractor health and safety management activities.

4.4.2 The Pie chart provided shows that contractor monitoring activity is occurring in key areas. As contract management systems are further improved contracted work where health and safety oversight is not adequate will be more readily identified.

4.5 Due Diligence Activities

4.5.1 SLT members reported completing nine safe work observations during this period.

4.5.2 Councillor Skinner participated in a safe work observations at the Riverside Pool and Waahi Taakaro Golf Course.

4.5.3 A Safe work observation completed by Roger Ball at Founders Heritage Park was commended by Council’s Health and Safety Committee not only for the quality of the safe work observation in following up on previously identified hazards, but also for the innovative way heritage team staff had effectively managed the risks.

4.6 Key Health and Safety Risk Update

4.6.1 Council’s key risk ‘Customer aggression threatening the health & safety of those who work for and with Council’ was previously assessed as high and is now assessed as medium.

4.6.2 This risk was assessed as high when the National terrorism threat level was raised to high following the Christchurch Mosque shootings in March 2019. Council’s overall security risk level was assessed as remaining high when the National threat level was lowered to medium. Staff now have an improved understanding of terrorism threat assessments and security incidents at libraries are better controlled, this results in this risk now being assessed as medium.

4.6.3 All other key health and safety risks are assessed to remain as medium risks.

4.6.4 Where new treatments have been planned or have been implemented as controls since the last report this is indicated by red text in the attachment.

4.6.5 Where possible timeframes are indicated for treatments.

Author: Malcolm Hughes, Health and Safety Adviser

Attachments

Attachment 1: Health Safety and Wellbeing Report, July to December 2019 (A2323649) ⇩

Item 10: Letter from Audit NZ on Annual Report for year ending 30 June 2019

Audit and Risk Subcommittee

18 February 2020

REPORT R13731

Letter from Audit NZ on Annual Report for year ending 30 June 2019

1. Purpose of Report

1.1 To provide the letter to the Council on the audit for the year ending 30 June 2019 from Audit NZ.

2. Recommendation

That the Audit and Risk Subcommittee

1. Receives the report Letter from Audit NZ on Annual Report for year ending 30 June 2019 and its attachment (A2320712); and

2. Notes Audit New Zealand’s responses on the Annual Report for year ending 30 June 2019.

2. Discussion

2.1 Audit New Zealand (Audit NZ) issued an unmodified audit opinion on 31 October 2019 for the financial year ending 30 June 2019. This means that it was satisfied that the financial statements fairly reflected Council's activities for the year and its financial position at the end of the financial year.

2.2 After the audit is completed, Audit NZ issues a management letter to Council outlining the findings of the audit.

2.3 In the letter to Council received on 6 January 2020 (Attachment 1) Audit NZ comment on the matters raised in the Audit Plan letter including:

· Valuation of infrastructure assets

· Procurement, contract and project management

· The risk of management override of internal controls.

2.4 Other matters arising from the audit include:

· Reporting on the City Council Activities (Service performance)

· Findings from the NZ Transport Agency Investment Audit report

· Carrying value and useful lives of property, plant and equipment – non infrastructural assets

2.5 Officers accept the comments raised by Audit NZ and will work towards addressing these matters prior to the 2019/20 Annual Report.

Author: Nikki Harrison, Group Manager Corporate Services

Attachments