6.1 Ms Hire presented the report, documenting progress against the current audit plan. She explained that she has been liaising with Mr Kelly regarding the follow up review that was presented at the July meeting. The risk maturity review is ongoing and the GDPR review is due to start on 7 November.
She further explained that the audit plans will continue to reflect TfNs risk profile. The Health & Safety framework review is being reconsidered due to the change in office working, as when the plan was initially being developed the majority of staff worked regularly from the office.
6.2 The Chair stated that the audit plan focuses on control and effectiveness; more can be done in terms of creating the linkage between risk themes and the audit plan. An area that could be looked at in terms of control, is project and programme level control.
Ms Hire said she and Mr Kelly will look at that area in terms of scoping for an audit review.
6.3 The Payroll Report reviewed key controls with regards to payroll, starters, terminations, and month end reviews and there are no actions from this audit. Data analytics was also included and there are no anomalies or concerns. The Chair stated that he was pleased to see that the testing covered leavers, as this process is often where errors can occur. The Chair thanked Ms Hire for the detailed level of testing that had been done. It supports our assurance that is subsequently passed on to Board.
That the Committee notes the Internal Audit reports.