We're now part of the York & North Yorkshire Combined Authority

2012 24 October


Minutes of the meeting held on 24 October 2012



 Notes of the meeting held at NYPA Offices, BarkerBusinessPark, Melmerby on 24 October 2012.


 In the Chair:                   Erica Taylor, JP (ET)

Members:                     Bill Baugh (BB), Tony Hargreaves (TH) and Ian Whitaker (IW)

Officers:                       NYPA Treasurer Judith Heeley (JH); Chief Officer of Resources, Joanna Carter (JC); Neil Rickwood, Internal Audit, NYPA Chief Exec Jeremy Holderness (JNH)


Apologies were received from T/Chief Constable Tim Madgwick.


These were accepted as a true record.


There were none.


Focus – provides the basis of the Policing Plan and outlines the key services to be delivered.

Functions & roles – ensures that the functions and roles of individuals are clearly understood by all.

Ethics & standards – promotes and values good standards.  Allows the PCC to be clear on the standards that she expects from staff/officers when delivering her requirements.  Identifies the need for a matrix of behavioural governance in line with the Nolan Principles.

Informed/transparent decision making – ensures that good decision making/judgement is applied         throughout the organisation.  Highlights the importance of scrutiny and performance monitoring of    activities.  Also highlights the fact that risk management has a key role to play in this principle.

Developing capacity and good capability – presents major risk to PCC in initial stages.

Engage local people – highlights the need to build direct accountability into framework for the PCC.


JH explained that this was an annual requirement and that best practice recommends that the review of internal audit includes the effectiveness of the Audit Committee itself.


  1. that the same terms of reference for the External Audit Process be added to the terms of reference for Internal Audit Process;
  2. that the Audit Committee prepare an annual report at the same time as self assessment, ie June;
  3. that following this meeting the Committee will be known as the Joint Audit Committee for the Police & Crime Commissioner (PCC) and the Chief Constable (CC).


The meeting agreed the importance that authors of future reports clearly and succinctly highlight the implications of their reports to the Audit Committee and noted that there may be more direct links to operational functions.


That the proposed report form template be used in the first instance and then be adjusted/amended to suit the Committee’s exact needs as required.



  1. That the office of the PCC will provide administrative support to the work of the Committee in terms of arranging meetings, agenda and minute preparation and processing allowance claims and other Member support;
  2.  That staff of the PCC’s Chief Finance Officers, in association with the Chief Constable’s Chief Finance Officer, will provide technical and professional support and advice to the Committee;
  3. That the Audit Committee recommend to the PCC that the day rates and mileage rates, based on those payable to members of the former Standards Committee, be accepted.


Members queried the decision making process, in particular determining what specific areas will be scrutinised by the Committee over a year, and agreed that there was a certain degree of allowing the Committee’s work to develop and be adjusted as the purposes of the audit function are made clearer.


That the Chairman of the Audit Committee obtains clear guidelines from the Police & Crime Commissioner on future Committee activity at their meeting scheduled for 26 November 2012.


To be held at 1000 on Thursday 06 December 2012 at the OPCC, Melmerby.

Formal agreement of Statement of Purpose and Terms of Reference




To set out for formal agreement the Statement of Purpose and Terms of Reference for the joint Independent Audit Committee.


The Home Office Financial Management Code of Practice for the Police Service of England and Wales states

“The PCC and the Chief Constable should establish an independent Audit Committee.  It is recommended that this be a combined body which will consider the internal and external audit reports of both the PCC and the Chief Constable.  The committee will advise the PCC and the Chief Constable according to good governance principles and to adopt appropriate risk management arrangements in accordance with proper practices.  In setting up the Audit Committee, the PCC and Chief Constable should have regard to the Chartered Institute of Public Finance and Accountancy (CIPFA) Guidance on Audit Committees.

Membership: the Audit Committee should comprise between three and five members who are independent of the PCC and the force.

Terms of Reference: the Audit Committee should establish formal terms of reference, covering its core functions, which should be formally adopted and reviewed on an annual basis.  Best practice principles should be adopted in determining the activities of the Audit Committee.

PCC and Chief Constable representation: the executive of the PCC and the Force Command Team should be represented at meetings of the Audit Committee”.

The CIPFA guidance on local authority audit committees identifies the following key benefits to be gained from operating an effective audit committee.

  • Raising greater awareness of the need for internal control and the implementation of audit recommendations
  • Increasing public confidence in the objectivity and fairness of financial and other reporting
  • Reinforcing the importance and independence of internal and external audit and any other similar review process (for example providing a view on the Annual Governance Statement)
  • Providing additional assurance through a process of independent and objective review.

The guidance outlines that audit committees are central to the provision of effective corporate governance, which depends, in part, on a systematic strategy, a framework and processes for managing risk.  Governance is also about increasing public confidence in the objectivity and fairness of financial and other reporting as well as helping to deliver improved services.  This, in turn, depends upon assurance that issues raised in preparing and auditing annual accounts and other reports have been properly dealt with.  It is important that local authorities have independent assurance about the mechanisms underpinning these aspects of governance, specifically:

  • Independent assurance of the adequacy of the risk management framework and the associated control environment within the authority
  • Independent review of the authority’s financial and non-financial performance to the extent that it affects the authority’s exposure to risk and weakens the control environment
  • Assurance that any issues arising from the process of drawing up, auditing and certifying the authority’s annual accounts are properly dealt with and that appropriate accounting policies have been applied.

All of these issues seem appropriate to the new governance arrangements effective from November when the Police and Crime Commissioners take up post and both the Commissioner and the Chief Constable become responsible for ensuring adequate and effective financial management and a sound system of internal control which facilitates the effective exercise of their functions including arrangements for the management of risk (Accounts and Audit Regulations 2011), and for undertaking an adequate and effective internal audit of accounting records and system of internal control.

The key difference is that the committee, in accordance with the Home Office Financial Management Code of Practice, is a joint committee with responsibilities in respect of both the Commissioner and the Chief Constable.

The CIPFA Position Statement on Audit Committees includes the following as a description of the Core Functions of an Audit Committee:

  • Consider the effectiveness of the authority’s risk management arrangements, the control environment and associated anti-fraud and anti corruption arrangements.
  • Seek assurances that action is being taken in risk related issues identified by auditors and inspectors.
  • Be satisfied that the authority’s assurance statements, including the Statement of Internal Control, properly reflect the risk environment and any actions required to improve it.
  • Approve (but not direct) internal audit’s strategy and plan, and monitor performance.
  • Review summary internal audit reports and the main issues arising, and seek assurance that action has been taken where necessary.
  • Receive the annual report of the head of internal audit.
  • Consider the reports of external audit and inspection agencies.
  • Ensure that there are effective relationships between external and internal audit, inspection agencies and other relevant bodies, and that the value of the audit process is actively promoted.
  • Review the financial statements, external auditor’s opinion and reports to members, and monitor management action in response to the issues raised by external audit.

The draft Statement of Purpose and Terms of Reference for the Committee, based on the CIPFA Statement, are set out at Appendix A.  From this it can be seen that the role of the Committee is essentially advisory, providing an independent assurance mechanism to both the PCC and the Chief Constable, and where appropriate making recommendations to them.


The Committee is asked to formally adopt the Statement of Purpose and Terms of Reference as set out below at Appendix A.

Judith Heeley

Chief Finance Officer




STATEMENT OF PURPOSETo provide independent assurance on the adequacy of the corporate governance and risk management arrangements in place and the associated control environment, advising according to good governance principles and proper practices.
Corporate Governance and Regulatory FrameworkTo support the PCC, Chief Constable and statutory officers in ensuring that effective governance are in place and functioning efficiently and effectively, and making any recommendations for improvement.
To review any issue referred to it by the statutory officers of the PCC and Chief Constable and make recommendations as appropriate
To monitor the effective development and operation of risk management and make recommendations as appropriate
To make recommendations for any improvements to the arrangements and policies in place in relation to “Raising concerns at work”, anti fraud and corruption strategies and complaints processes, in light of its experience.
To review its own effectiveness on an annual basis
Internal and External Audit
To consider the internal audit strategy and annual plan, and make recommendations as appropriate.
To consider the head of internal audit’s annual report and opinion, and a summary of internal audit activity (actual and proposed) and the level of assurance it can give over corporate governance arrangements, and make recommendations as appropriate
To consider summaries of internal audit reports, and make recommendations as appropriate.
To consider reports dealing with the management and performance of the providers of internal audit services, and make recommendations as appropriate.
To consider a report from internal audit on agreed recommendations not implemented within a reasonable timescale and make recommendations as appropriate.
To consider the external auditor’s annual plan, annual audit letter and relevant specific reports as agreed with the external auditor, and make recommendations as appropriate.
To scrutinise the draft statements of accounts and annual governance statements prior to publication, considering whether appropriate accounting policies have been followed and making any recommendations as appropriate.


Formal agreement of calendar of meetings and forward workplan




 To agree a draft calendar of meetings and the Committee’s forward workplan.


A previous item on this agenda considered the role and purpose of the Committee and its terms of reference.  The Chartered Institute of Public Finance and Accountancy guidance suggests that the Committee should meet at least quarterly, with additional meetings as necessary.

A draft workplan based on quarterly meetings is attached at Appendix A for discussion.  This will be kept under review in the light of experience and any further requirements identified by the Committee, which may call for specific reports on any matters relevant to its statement of purpose and terms of reference.

A draft calendar is presented at Appendix B, based on meetings normally held on the final Monday of the quarterly meetings in March, June, September and December.  These are provisional and subject to further confirmation.


Members are requested to approve the draft workplan and calendar of meetings, and keep both under review in the light of experience.

Judith Heeley

Chief Finance Officer



SPRINGReview of Accounting PoliciesInternal Audit StrategyInternal Audit PlanExternal Audit PlanProgress on audit recommendations SUMMERInternal Audit Annual Report and OpinionAnnual Governance StatementsReview of Internal Audit


Progress on Internal Audit and summary reports

Specific External Audit Reports as required

Specific reports of the statutory officers

AUTUMNAnnual AccountsExternal Audit Annual Governance ReportProgress on audit recommendationsEqualities Framework WINTERCommittee Self AssessmentReview of committee terms of referenceRaising concerns at work, anti fraud and anti corruption strategiesRisk management report



26 November 2012 10.00am Audit Committee pre meeting
6 December 2012 10.00am Audit Committee
18 March 2013 10.00am Audit Committee pre meeting
25 March 2013 10.00am Audit Committee
10 June 2013 10.00am Audit Committee pre meeting
24 June 2013 10.00am Audit Committee
9 September 2013 10.00am Audit Committee pre meeting
23 September 2013 10.00am Audit Committee


Internal Audit Service Provision



To inform members of the Committee of the intention to seek a decision from the Commissioner in respect of the extension of the collaboration agreement for the provision of internal audit services.


Following a business case presented to the Joint Police Authorities Committee in February 2007, North and West Yorkshire Police Authorities entered into a Shared Services Agreement for the provision of Internal Audit Services.  Humberside Police Authority joined the arrangement with effect from 2010/11.  The Internal Audit Team based at West Yorkshire has since then provided services to all three authorities and to the regional team.

After discussions and with the approval of the three individual authorities, the provision was extended to 31 March 2013, and was formalised into a section 22A Collaboration Agreement.  The arrangements for service provision remained unchanged, but with the ongoing development of collaboration agreements it was felt that this provided a better legal framework to underpin the joint working which is now very well established.

Transitional planning identified a need to consider the options for Internal Audit provision once the Commissioners took up post, as the Accounts and Audit Regulations 2011 place a responsibility on both the Commissioner and the Chief Constable to maintain an effective internal audit of their affairs.  The Home Office Financial Management Code of Practice recommends that Commissioners and Chief Constables have a shared internal audit service to cover both bodies, in order to minimise duplication and bureaucracy and maximise value for money.

Decision papers will be presented to the Commissioners in North Yorkshire, Humberside and West Yorkshire to extend the existing collaboration agreement until 31 March 2014.  Internal Audit planning for the forthcoming financial year is about to begin and the extension will provide continuity and the opportunity for Commissioners to review the service provision in consultation with their Chief Finance Officers.

Members of the Audit Committee have experience of the operation of the shared internal audit service and the Committee will have a role in providing assurance to the Commissioner and the Chief Constable about the management and performance of the providers of internal audit services.


Members may wish to comment on the proposal to extend the collaboration agreement until 31 March 2014 based upon their experience of the service.

Judith Heeley

Chief Finance Officer

Internal Audit Legacy Report



With the change in governance arrangements this report is intended to provide an interim view of internal control, based on the work undertaken to date in 2012/13 for the North Yorkshire Police Authority.  This opinion is for the benefit of the Police and Crime Commissioner and the Joint Independent Audit Committee.


Previous Control Weaknesses

The 2012/13 Internal Audit Plan was designed to provide assurance over the internal controls in a number of key areas, which have previously been identified as problematic.

These areas were:

  • Property Other Than Found;
  • Use of Force training; and
  • Compliance with standing orders in procurement.

Audits have been undertaken of these areas as well as of areas of current risk.  Full details of the audit plan and progress in completing it is provided in the Internal Audit Progress Report.

The Force’s acknowledged weaknesses in the three areas listed, are important elements of internal control that must be addressed as part of business as usual.

Property Other Than Found

The handling of seized property (evidence) by officers is an important element supporting the investigation of crime.  It is a process involving most operational officers and may be carried out around the clock.  Property must be secured, recorded, stored safely, removed for examination or return and then eventually be disposed of to prevent storage space being rapidly exceeded.  It is a process that can easily be mismanaged and it requires continual vigilance and pro-activity to ensure property is fully accounted for and continuity of evidence is maintained.

The Force has undertaken extensive work of its own following identification of problems in this area.  Internal Audit have also looked in detail at Harrogate Property Store as well as at how sensitive items of property are dealt with.

Internal Audit considers that the performance of the Force in this area now provides a reasonable level of assurance that the risks inherent in property handling are managed.  Recent extensive audit work has highlighted a range of issues, of a generally minor nature.  Security remains the chief concern with sometimes relatively open access to stored property.  Firearms, cash and illegal drugs are sometimes held in relatively insecure temporary storage for too long a period. Management action is still required to achieve what is, in effect, a tightening in the application of existing procedures.

Use of Force training

Previous audit work highlighted that police officers had not undertaken required Use of Force training.  Use of Force training is undertaken twice each year teaching and refreshing officer’s technique for dealing with violent and confrontational situations, as well as how to apply necessary force to arrest or restrain a person.  The training should not only help the Force to manage the risk of unlawfully injuring someone and protect officers from injuring themselves; it is also an important part of demonstrating that the Force has exercised its duty of care.  Any difficulties in evidencing a complete attendance record at mandatory Use of Force training, is likely to weaken their legal position.

A recent update was undertaken in this area and found that an active approach is taken by the Training team, and together with strong support from management, it has resulted in a high level of compliance with the Force’s training policy.  Training was still outstanding for some police staff and special constables, but within the context of the whole Force it was considered that this represented a modest level of risk.


Over a number of years, Internal Audit have highlighted a range of weaknesses in the Force’s approach to procurement.  The Force has reacted to the risks of inappropriate expenditure and an inability to demonstrate value for money, by concerted management action and a change in its approach to procurement from a facilitative to a more directive approach.

Internal Audit consider that this change in approach has been effective.  A review of evidence of compliance with North Yorkshire Police Contract Regulations, identified that all the transactions reviewed complied with requirements to: obtain quotations, tenders or to use an existing contract that had already been through this process.  The move to a Regional Procurement function represents a major change in the internal control environment and will be kept under review both regionally and within North Yorkshire Police.

Internal Audit has also noted that the Force has improved its performance in terms of implementing agreed recommendations.  It is an important part of internal control that promised remedial action is consistently implemented providing assurance that recognised issues are being addressed.

Audits Completed 2012/13








Reasonable Assurance and Good Practice

Reasonable Assurance

Limited Assurance

Inadequate Assurance

No Opinion

Follow Up Exercise One


Pension Scheme Transfer


Commissioning by the PCC


Property Compliance


Use of Force Training Update 


Contract Standing Orders Compliance Update


Credit Card Use


Petty Cash


n – Assessment in the Audit Report,  p – Assessment made for Legacy Report

The above table indicates the audit ratings given to date, it indicates that all audits rated this year have been given a rating of reasonable assurance or better.


That the Committee assure themselves that reasonable assurance can be provided, that the Internal Control environment of North Yorkshire Police is operating satisfactorily.

Progress on Internal Audit and summary reports



The report sets out the progress made to date in achieving the Audit Plan.


This Progress Report monitors delivery of shared Internal Audit services.  The service is shared with West Yorkshire Police and Commissioner’s Office and Humberside Police and Commissioner’s Office.

The 2012/13 Audit Plan is set out in Appendix A.  Table 1 shows the progress against the plan.

Table 1: Summary of Progress 

STATUS OF AUDITS     November 2012

2012/13 Plan

Final Reports with Response Received


Final Reports – Response awaited


Draft Reports Issued


Audits in Progress




The audits in progress are: Unsocial Hours, Asset Management, Diversity Update and Internal Assurance Bodies.  The Pension Scheme Transfer, Commissioning by the PCC, and Property Compliance Reports have been finalised and four reports have been responded to since the previous Committee: Petty Cash, Contract Standing Orders Compliance Update, Use of Force Training Update and Follow Up Audit.

Three audits remain to be commenced.  It is planned that two more will be commenced later in this quarter and the remaining work finished in Quarter Four.  As such it is considered that satisfactory progress is being made to deliver the audit plan to schedule.

Audit Reports are reported in summary and appendix B has summaries of the following reports: Petty Cash, Contract Standing Orders Compliance Update, Use of Force Training Update and Follow Up Audit.  Full copies of reports are available to members of the Audit Committee, on request.

Commissioning by the PCC

Internal Audit were asked to advise the Office of the Police and Crime Commissioner on potential controls appropriate to the commissioning of activity.  The Final report containing our advice is included in Appendix C, for the Committee’s information.  As well as suggestion controls for relevant risks, some broader recommendations were made that it was considered advisable to take forward.  These recommendations will be responded to in due course.

Audit Plan Change

It is proposed that the audit of Service Delivery Options – Front and Back Office, is removed from the audit plan as the Force has undertaken a senior management review of this area and the service requirements review will come forward from the next stage of this work in the new year.  Internal Audit will look at the issue again at that stage for possible inclusion in future plans.  In addition the work on changes to the shift system will be pushed into next years audit plan following the completion of the Force’s own review.  Audits have been added to look at Petty Cash holdings around the Force and also how Unsocial Hours payments will be made to officers, following the Winsor Report.  The Property Compliance Audit has taken considerably longer than anticipated, but these changes will allow the Internal Audit plan to be completed to budget.


That members monitor the progress made and note the change in the Audit Plan.

NEIL RICKWOOD, Head of Audit and Risk

Appendix A: Internal Audit Plan

Audit Status Coverage 
Follow Up Exercise One Final Report with Response Received To provide assurance that recommendations have been implemented.
Pension Scheme Transfer Final Report To provide support regarding the transfer of data of the police pension schemes to a new provider.  In particular information relating to pensioners and existing employees, underpinning the liabilities of the Authority.
Commissioning by the PCC. Final Report The objective of the review is to advise the NYPA on commissioning frameworks that would give assurance that the process is likely to produce value for money and demonstrate probity.
Property Compliance Final Report To undertake a compliance programme of audits of connected property stores across North Yorkshire, to provide assurance over the revised policy and resourcing of the property function.
Use of Force Training Update  Final Report with Response Received To assess compliance with Force policy in respect of use of force training, whether the training has been recorded and to review accuracy with the officers who are recorded as being trained.
Diversity Update  In Progress To assess the implementation of changes to the Force’s structures for dealing with equality and diversity.
Contract Standing Orders Compliance Update Final Report with Response Received To assess compliance with the Authority’s Contract Standing Orders in respect of Force procurement activity.
Credit Card Use Final Report with Response Received To audit the use of corporate and covert credit cards.
Asset Management In Progress To review the processes the Force has set up: from prioritisation and establishing of need, asset recording and allocation, maintenance and replacement.  Depending on outcome of 2011/12 Corporate Budget Audit, it is suggested that the focus may shift more onto asset & physical security, insurance etc.
Follow Up Exercise Two To provide assurance that recommendations have been followed up.
Contingency: Complaints Handling Dip Testing A provision in the audit plan, to continue the dip sampling of complaints currently undertaken by Members, for the benefit of the NY PCC and to help fulfil their responsibilities to oversee the handling of complaints.
Service Delivery Options – Front and Back Office To be removed from the audit plan. To support the evaluation of options for future service delivery by NYP.  The exact nature of the work will be specified with the Force as the project proceeds.
Contingency: NY PCC Audit Options   To allow the NY PCC to have immediate input to the 2012/13 audit plan.
Internal Assurance Bodies In Progress To review the bodies within the Force charged with providing an assurance function to the Force, eg the Delivery Unit and Information Management.  The purpose being to see what reliance can be placed on their work which includes benefits realisation of the change programme and data quality audits, as well as how their work does/can fit together with Internal Audit to provide assurance.
Benefits Realisation: Shift System To be removed from the audit plan. To see whether there is evidence of the shift system continuing to cover demand, whilst maintaining/improving performance as resources are reduced.
Unsocial Hours Added to the audit plan. In Progress. To provide assurance over the proposed arrangements to commence paying an allowance to police officers for unsocial hours.
Petty Cash Final Report with Response Received The objective of the audit is to undertake a risk based, systems audit of the Authority and Force’s use of credit cards, both covert and non-covert.

Appendix B: Summary Audit Reports

Petty Cash Checks

Petty cash is held at a number of locations throughout the Force, in order to enable low value items of less than £50 to be purchased as required. Petty cash is also available in case of short notice operational need, where prior approval is obtained from the District Account Manager or Head of Department.

Petty cash holdings were examined at 6 locations across the Force, namely Harrogate, York Fulford Road, Knaresborough, Northallerton, Scarborough and Eastfield.

Visits to stations were carried out on an unannounced basis and the following was undertaken at each of the locations:

  • Ascertained where and how the cash was held, i.e. in a locked tin within a safe and determined who had access to the petty cash.
  • Totalled all cash held and vouchers to ensure that the total amount reconciled to the petty cash amount held.
  • Reviewed recent vouchers in order to ascertain the types of purchases that were being made with petty cash and that these were appropriate, as outlined in the DRM.
  • Examined some recent monthly returns that have been submitted to Finance, to ensure that they are completed and that there is a segregation of duties between those compiling and authorising the returns.
Harrogate & Craven  
All of the Organisational Support Officers (OSOs) have access to this safe and therefore access to the cash held. A £100 petty cash loss was identified at Harrogate at the 2011/12 year end, which subsequent to an investigation has been written off. However, given this cash loss and the relatively high amount held (£680), it would be prudent to ensure that cash holdings at Harrogate are restricted to the District Account Manager (DAM), with a small imprest issued to the Organisational Support Officers, if necessary. At the time of the cash reconciliation the petty cash was materially correct, but there was some confusion with regards to an advance and the general processing of petty cash. As a result, it may be appropriate for staff to be provided with some further training.
Scarborough & Ryedale  
The cash held was accounted for at the time of the review. Other procedures were satisfactory.
Hambleton & Richmondshire  
The cash held was accounted for at the time of the review. Other procedures were satisfactory.
York & Selby  
At the time of the reconciliation, the petty cash was approximately £78.17 in deficit. At the time of the audit the DAM was in consultation with Finance to identify the reasons for the shortfall. After investigation by the Functional Delivery Manager, it was identified that there was a shortfall of £33.07 that could be explained by two receipts, which had not been entered onto the monthly return. However, a deficit of £44.85 was still present and it is believed that this is due to a lost fuel receipt. Management action is ongoing in relation to this




Effectiveness of Risk Management Approach

Notwithstanding York, where £44.85 cannot be accounted for, petty cash holdings were reconciled and accounted for at all other selected locations. In all cases petty cash had been used appropriately and was held securely, although the petty cash at Harrogate could be further restricted. The monthly returns submitted to finance were adequate and there was a segregation of duties between those compiling and authorising returns.

Efficiency of Risk Management Approach

Monthly returns are submitted to Finance by each of the DAMs to support petty cash expenses, including the use of sub-floats. An electronic form is utilised for this purpose.

Assurance Level

2 – Reasonable Assurance

Overall Risk


Contract Standing Orders Compliance Update

The Force requires those engaged in purchasing to comply with the Contract Regulations as set out in the North Yorkshire Police Devolved Resource Manual (DRM). The audit evaluated compliance with these over the financial year 2011/12.

The audit was undertaken acknowledging the risks which had been highlighted in previous audit reports. It was also considered timely to undertake a review into the compliance of Contract Standing Orders with the election of the Police & Crime Commissioner in November 2012 so that assurances could be provided that appropriate arrangements are in place.

The audit used a sample of transactions to check the compliance with the contract regulations in the financial brackets of High (£50k +), Medium (£20k – £50k) and Low (£5k – £20k). The findings were as follows:


A sample of 30 High value transactions was looked at and it was found that:

  • All 30 had gone through the relevant tendering process or had adopted another public body’s contract. Where they have been adopted from other organisations, the original tendering process has not been confirmed;
  • Where a supplier was engaged through a wider contract (20), all the contracts were valid when they were used; and
  • 15 contracts were of a value over £100k and had been signed by the Chief Executive as per the Contract Regulations.


A sample of 10 transactions in the Medium bracket was looked at and it was found that:

  • All of the sample had at least 3 quotes as per the Contract Regulations or had undergone a tendering process. 3 of the contracts were noted as being adopted from other organisations (West Yorkshire Police and NPIA) and these original tendering processes have not been confirmed ;
  • All 10 had a written record of the contract; and
  • All 10 had been reviewed by a senior member of procurement.


A sample of 10 transactions within the Low value bracket was looked at and it was found that:

  • 7 out of the 10 had at least 3 quotes. 2 were items which came under a national NPIA agreement  and 1 was for a service where there was only one provider (ANPR). These were found to be acceptable and adhere to the DRM.
  • All 10 had been returned all had written records kept
  • All 10 that had been returned had written agreements of service
  • All had been approved by a relevant Head of Department.

The audit also found elements of good practice, specifically the creation of a central contracts register and the use of the BLPD system to log and track contracts. All contracts as part of the audit (of a value £20K +) were found to be on this system and it was up to date and was being utilised by both Procurement and Force employees. This was seen as a useful tool to help the Force track and undertake procurement of varying services and goods.



Effectiveness of Risk Management Approach

In the sample reviewed, NYP contract regulations, as per the DRM, were being adhered to, and that there were elements of good practice found within the Procurement department, specifically the maintenance of an accurate central contracts register and utilisation of BLPD.

Efficiency of Risk Management Approach

It was found that the process set out in the DRM was being routinely followed. No inefficiencies were highlighted in the audit

Assurance Level

1 Reasonable Assurance with Good Practice

Overall Risk


Use of Force Training Update

The Force requires police officers up to and including the rank of chief inspector and also special constables to undertake a programme of officer safety training over two courses a year. The course is designed to maintain their abilities to reduce the risk of injury to themselves and also how to use force legitimately in the course of duty.

The refresher training is delivered in the first half of each year and is then followed up with a requalification session.  Attendance at both is mandatory unless the officer is unsuitable to attend.

Police and Community Support Officers, must also attend a twice yearly course and other qualifying police staff must attend a once yearly training session.  Special constables attend the same course as regular police officers.

The information held by the Training Department was audited and found to be accurate. It was supported by evidence of attendance or valid reasons for non-attendance.  Based on that information it can be reported that at the time of the audit:

Regular Police officers

  • 1447 Officers
  • 22 validly excluded by rank
  • 50 validly excluded by role – trainers (who do the training in any case), non operational chief inspector, those on career breaks, federation representatives.
  • 158 not trained 122 of those were not currently fit – 101 have had no training for 12 months, 89 of them were currently unsuitable.

Special Constables

  • 154 Specials
  • 51 trained
  • 103 not trained – 33 have had no training in past 12 months.


  • 178 PCSOs
  • 18 not trained – 5 have had no training in past 12 months – 2 of them were unsuitable

Detention Officers

  • 34 Detention Officers
  • 21 not trained for 12 months – 2 of them were unsuitable

Case builder Investigator

  • 25 Case builder/Investigators
  • 25 not trained for 12 months – 1 of them was unsuitable

At the time of the previous audit in August 2010, 350 officers were confirmed to have had no Officers Safety Training over a 12 month period.  There are currently 12 police officers who are available for training, who have not been trained over a 12 month period. There are also 3 PCSOs who have not been trained.  The Force has concentrated its efforts where the risk exposure was most significant and has achieved a significant improvement, giving assurance that officers on duty (some of whom were deployed for the Olympics) and PCSOs have received appropriate training.

Given the concentrated focus to ensure all available police officers are trained, the training of special constables and other police staff has not been delivered as completely.  They are required to attend personal safety training and whilst their lack of training does not expose the Force to the same level of risk it represents a failure to comply with an important requirement of policy.

Overall, Internal Audit concludes that the current level of attendance of safety training for police officers and PCSOs is such that reasonable assurance can be offered that the attendant risks are being managed effectively.

In addition to assessing compliance with the Force’s Officer Safety Training Policy Internal Audit were asked to consider whether the geographic location of the training sites was appropriate.  The four sites give comprehensive coverage over North Yorkshire and there should be few situations where it would take longer than an hour to reach the training site from the officer’s station.  An hour is allowed from the training day to reach the site therefore current arrangements appear satisfactory.

We were also asked to consider equipment checking arrangements.  Whilst this is not currently undertaken as part of the OST, the Force needs to consider how the continued serviceability of officers stab proof vests is checked and whether it is necessary for Response and Reassurance officers to attend training ready to deploy should the need arise, with their full equipment.



Effectiveness of Risk Management Approach Officer safety training has been delivered to almost all police officers and PCSOs.  Improvement is required in the levels of training achieved by special constables and other police staff.

Efficiency of Risk Management Approach

The current approach is operated by standalone spreadsheets derived from the HR system.  Details of training are then manually recorded on the spreadsheets which are then updated themselves as the underpinning data is changed.

Assurance Level

2 – Reasonable Assurance

Overall Risk


Follow Up Audit 2012/13, First Six Month Review

No. of Recs. Managers’ assessment of the Implementation Rate Progress on other Rec. IA assessment of the Implementation Rate Further Rec. Raised
Local Ordering Procedure
5 3  Further action required 2 1
Overtime Process
1 1 n/a 1 None
Voluntary Redundancy
3 3 n/a 2 1
Flexible Working
4 1  Ongoing progress being made 0 None

As shown in the table above, Internal Audit in the main agrees with the implementation of the recommendations raised as reported by the Delivery Unit. However, it was noted by Internal Audit that the implementation rate of recommendations made within the Flexible Working audit, where actions that had been agreed to be completed by set dates, had not occurred.

Local Ordering Procedure

The Audit raised issues relating to the ongoing change in NYP towards centralised corporate budgeting specifically with the number and volume of transactions that the District Account Managers (DAM) were approving. It was reported that several steps had been implemented to reduce the time spent approving orders but through data requested from the P2P department it was evident that the numbers of transaction approved by DAMs had not reduced (3363 for July to Dec 2011 compared with 3418 between Jan to June 2012). A further recommendation is made within this report to address the continued high number of transactions having to be approved by the DAMs.

Overtime Process

The original audit recommended that a calculation of the proportion of external income that derives from overtime worked should be undertaken and applied to income received in order to illustrate how much overtime was being externally funded. This calculation and breakdown of overtime is now in place as part of the monthly and quarterly monitoring process and is compiled by the Finance department from both Payroll and Duties systems and is now recorded on a spreadsheet showing month to month and year to date figures.

Voluntary Redundancy

The original audit highlighted that potential errors had occurred in calculations related to payments due to be made to individuals who had volunteered for redundancy. These were investigated by Human Resources and it was decided that although errors had indeed occurred, it was not deemed appropriate to reclaim the overpayments.

Recommendations were made as the means of calculating the redundancy payments, which has been implemented.  Action has yet to be taken on compiling procedural guidance covering the redundancy payment process.

Flexible Working

During the last audit it was reported that the Force should review flexible working and its impact upon smaller operational teams HR are to investigate this further and it would be part of the Shift Evaluation project, therefore the recommendation was still considered open.

Changes had been made to the documentation used as part of the flexible working consideration process, as recommended.

Internal Audit Follow up report



To present to the Joint Independent Audit Committee the update on internal audit recommendations conducted by West Yorkshire Police Authority (WYPA).


WYPA Internal Auditors produce an annual plan of audits for North Yorkshire Police, which was reported by WYPA to the Ethics and Standards Board at the beginning of the financial year.

Since the last reporting of audits at the Ethics and Standards Board on 10 February 2012 there have been 13 new audits with 15 audits remaining live/open and four audits closed.  The table at Appendix A illustrates the status of recommendations.

The Chief Constable’s Delivery Unit input report recommendations onto the Force Risk Register and monitor compliance and progress with action owners.  Any non-compliance with audit recommendations is reported to the relevant Chief Officer Team portfolio lead.  This report assists members in carrying out their assurance role for the Police and Crime Commissioner, Chief Constable and the Public.

Progress has been made on many of the actions, however in terms of the additional allowances recommendation 3 and 5 these actions still require to be addressed by the action owner.  The action of the Establishment Planning Group is undertaken until this is addressed and although this provides oversight this is not an overall solution.  The action owner has been asked to provide a timeline for completion.

Property other than Found remains a key area of activity and scrutiny within the Force.  A whole scale approach with a range of actions has been undertaken and will continue during 2013.


Request an update on the progress on Property other that Found from the Force operational lead at the next meeting.

Take the opportunity to reassess how information is reported back on follow up activity and audit closure and whether the current reporting provides the information required of the Committee.

Members are requested to note the update on internal audit recommendations conducted by WYPA.

Raising concerns at work, anti fraud and anti corruption strategies



To provide members with an opportunity to input into the refresh of the anti fraud and anti corruption strategy, in light of the change in governance arrangements.


The Committee’s terms of reference include a requirement to make recommendations for any improvements to the arrangements and policies in place in relation to “Raising concerns at work”, anti fraud and anti corruption strategies and complaints processes, in light of its experience.

The existing strategy is attached at Appendix A, and members are asked to review this in light of their experience and suggest any areas for consideration as part of a refresh.


Members are asked for any comments on the existing strategy in light of their experience.

Judith Heeley, Chief Finance Officer

Risk management arrangements



An inaugural report setting out the arrangements for the management of risk in respect of the force and the local policing body, pursuant to the Committee’s remit to monitor and make recommendations about risk management.


The Committee’s Terms of Reference include a requirement to “…monitor the effective development and operation of risk management and make recommendations as appropriate.”

Pursuant to that requirement, this report promotes for the Committee’s deliberation the following

  • The legal and regulatory background in respect of risk management
  • A summary of the development and embedding of risk management within the organisation
  • A description of the technical and procedural systems in place for managing risk
  • An explanation of the manner in which risk management services are provided at the present time

The report seeks approval of the approach taken to risk management, with a view to a revised Risk Management Strategy – jointly owned by the Police & Crime Commissioner and the Chief Constable – being completed and presented in early course to the Committee.

Legal & Regulatory Background

Risk Management became a formal legal requirement in 2003 – but had, by that time, become an expected feature of strong organisational corporate governance in any event.

The up-to-date legal requirement is set out at Regulation 4(1) Accounts and Audit (England) Regulations 2011 which provides that public bodies including Police Forces and Police & Crime Commissioners must have

“…..a sound system of internal control which facilitates the effective exercise of that body’s functions and which includes arrangements for the management of risk.”

A similarly-worded requirement has appeared in the applicable regulations since their introduction in 2003.

Since that time both the Chief Constable and the PCC’s statutory predecessor North Yorkshire Police Authority (NYPA) have worked jointly to introduce, refine and embed a highly effective infrastructure for risk management.

Summary – Development and Embedding of Risk Management

Risk Management services in NYP and NYPA have been developed and provided as part of the services provided by the Legal & Compliance Services Directorate.  Development activity was, until recently, monitored and directed through the Risk Management Group (RMG).  RMG was a joint Force and Police Authority working group chaired by the Chief Constable.  In addition to the Chief Constable its membership included the Chief Executive NYPA, two members of the Authority, the Chief Officer of Resources, the Director of Legal & Compliance Services, the Head of Risk Management and relevant members of his team along with the Internal Auditor.

One of the functions of RMG was to oversee the development of core risk management documentation.  As with RMG, Force and Authority jointly owned the risk management strategy.  Revision of the latest version is in hand to recognise the changes in police governance arrangements.  Subject to the Committee’s approval of the overall approach promoted in this report, an up to date Risk Management Strategy can therefore be presented to the Committee at its next convenient sitting.

The aim of the Risk Management Strategy is to reduce the cost of risk and engender risk consciousness as opposed to risk aversion in decision making.  This is achieved by enabling the identification, analysis and proportionate management of uncertainty with a focus, where appropriate, on hard legal risk.

RMG last met in full session in February 2012   At that time the Group considered that it had fully discharged its Terms of Reference and could be wound up at an appropriate point.  There was collective comfort with the maturity of the organisation’s risk management.  It was agreed that the specific governance arrangements be kept under review and considered further in light of the changes in governance arrangements pursuant to the Police Reform and Social Responsibility Act 2011.

At the time of the final RMG meeting, there had just been some Internal Audit work undertaken in relation to risk management.  The audit findings concluded an overall finding of “Reasonable Assurance” in relation to risk management.  There were six recommendations arising from the audit activity, the Committee will to receive update.  One of these recommendations included a review of the RMG Terms of Reference as outlined previously taking cognisance of the development of other Force-side governance arrangements such as the Internal Control Risk & Compliance Working Group (ICRCWG).

The ICRCWG meets regularly throughout the year.  It has, in practical terms, taken over the detailed deliberation remit from the RMG in respect of the management of hard risk, legal risk and ethics and standards matters, coupled closely with continuous review of the internal control environment. Chaired by Chief Officer of Resources, attendees include the Directors of Legal & Compliance Services, Professional Standards and Human Resources along with the Head of Risk & Assurance.  The Group’s standard agenda is included at appendix A.  At the most recent session (23 November 2012) the Group acknowledged the benefits of the meeting as an assurance mechanism and reached the decision that its membership be extended to include other heads of function with responsibilities for the issues under consideration in the Group.

Technical and Procedural Systems

The delivery of risk management is supported by a software solution, “Active Risk Manager” (ARM).  ARM is utilised to maintain risk registers for each Directorate and Business Area.  These reflect the areas of uncertainty that present themselves in the delivery of the relevant departmental objectives.  ARM facilitates the allocation of risk ownership as well as ownership of risk management responses (actions and controls).  The Corporate Risk Register is populated with Strategic matters as they arise and may be linked (where appropriate) to the entries in Directorate registers which are agreed as suitable for elevation to the Corporate Register. An example risk register entry is at appendix B.

As well as containing risk registers owned by functions themselves, ARM is utilised to link matters captured in risk registers to the outcomes of Internal Audit reports.  The Chief Constable’s Delivery Unit utilise ARM to input audit findings and recommendations as well as to track progress in relation to agreed management activity that arises from Audit activity.  As a regular feature of its business, the Committee can, therefore, expect to receive reports from ARM when audit progress comes before the Committee for consideration. The Committee in fact have some such material to consider as part of the report on audit recommendations on the agenda for the current meeting.

Risk Management Services

Within the Legal & Compliance Services Directorate the Risk & Assurance team provides services to NYP in the following areas.

Risk Management

  • Development of and embedding of risk management bespoke to organisational need but in line with industry developments and best practice
  • Identification of learning points and legal risk from within Legal Services casework and promotion through appropriate means such as the Organisational Learning Bulletin
  • Maintenance and development of ARM including refinements to structure to reflect business change
  • Provision of proactive and reactive advice and support to COT, register and risk owners in the maintenance and development of registers to meet business need

Insurance & Litigation Management

  • Maintenance of the litigation caseload record ensuring financial exposures are captured and suitably treated and reported
  • Maintenance and review of the NYP and PCC insurance programme ensuring that market and self funded solutions match organisational need
  • Claims management services in respect of defendant litigation and loss recovery arising from NYP vehicles

Business Continuity Management

  • Development of the Business Continuity infrastructure for NYP in line with industry developments and best practice
  • Ensuring NYP can continue to deliver its critical functions
  • Development and execution of bespoke exercises to test existing business continuity arrangements

Information Security

  • Development of organisational capacity to ensure the security of information systems to satisfy national accreditors
  • Maintenance and development of asset security measures
  • Development of organisational capacity in line with the Information Assurance Model.

Equality & Human Rights Compliance

  • Provision of proactive Equalities and Human Rights Compliance advice in order to proactively manage associated legal risks


That the Committee

  1. Notes the content of this report in respect of the background to organisational risk management, its implementation and the embedding of the discipline of risk management within organisational business.
  2. Make such recommendations as the Committee shall think fit in respect of those matters and the overall approach to the discipline of risk management in so far as both NYP and the PCC are concerned
  3. Approves the settling of the terms of a revised joint Risk Management Strategy for the Force and the Commissioner, taking into account the overall risk management environment described in this report and the Committee’s recommendations arising from it

Report Authors

Simon Dennis          Director of Legal & Compliance Services

Donald Stone           Head of Risk & Assurance

Corporate Governance Framework



To present to the Committee the joint guidance document on corporate governance principles, in preparation for its review of the annual governance statement which will accompany the statement of accounts.


The joint independent audit committee exists to provide independent assurance to both the Police and Crime Commissioner and the Chief Constable on the adequacy of the corporate governance and risk management arrangements in place, advising according to good governance principles.

The joint guidance attached at Appendix A aims to assist Commissioners and Chief Constables in the preparation of corporate governance documentation in the context of the provisions of the Police Reform and Social Responsibility Act 2011 and the creation of two corporations sole.

Key elements of an integrated scheme of governance will be a scheme of delegation, financial regulations and standing orders relating to contracts.  These documents were developed jointly and agreed in draft form by the NYP Transition Board for consideration by the incoming Commissioner.

The documents (and updated property procedure rules) have now been agreed and are published on the Commissioner’s website.

These will be kept under review and there will be a continued requirement to publish an annual governance statement alongside the statement of accounts, which must include the outcome of the review of the effectiveness of the governance framework in place.  The draft statement will be presented to the Audit Committee in due course.


Members are requested to review the scheme of governance in place in light of the guidance presented at Appendix A, and recommend any areas of improvement.


External Audit – Verbal report of external auditor 

Committee Self Assessment



 To present an initial assessment of the effectiveness of the Audit Committee in order to identify any necessary actions.


The Accounts and Audit (England) Regulations 2011 require a local policing body/Chief Constable to carry out, at least once a year, a review of the effectiveness of internal audit.  Best practice recommends that this includes the effectiveness of the Audit Committee itself. This review is normally carried out around the end of the financial year in order to inform the annual governance statement which must be published alongside the statement of accounts.

Chartered Institute of Public Finance and Accountancy (CIPFA) guidance is available in the form of a self assessment checklist.

An initial assessment has been carried out and is attached at Appendix A.

While the complete assessment can only be carried out formally once the Committee has been in operation for a time, the only areas where action is currently needed is in respect of potential induction training and development, which will be addressed as part of the work ongoing to recruit additional members of the Committee.


Members are requested to consider the initial assessment of the effectiveness of the Audit Committee and make any recommendations for improvement.

Judith Heeley, Chief Finance Officer 


CIPFA Self-assessment Checklist

Measuring the Effectiveness of the Audit Committee






Terms of Reference
Have the committee’s terms of reference been approved?  


Discussed by the Committee in shadow form and formally adopted 6/12/12
Do the terms of reference follow the CIPFA model?


See the agenda for 6/12/12
Internal Audit Process
Does the committee approve the strategic audit approach and the annual programme? 


This is included in the terms of reference, scheduled for the March meeting
Is the work of internal audit reviewed regularly?


This is included in the terms of reference
Are summaries of quality questionnaires from managers reviewed?


The responses are summarised in the annual internal audit report.
Is the annual report, from the head of audit, presented to the committee?


This is scheduled for the June meeting of the Committee
External Audit Process
Are reports on the work of external audit and other inspection agencies presented to the committee? 


This is included in the terms of reference
Does the committee input into the external audit programme?


This is included in the terms of reference
Does the committee ensure that officers are acting on and monitoring action taken to implement recommendations?


This is included in the terms of reference and scheduled six monthly







Does the committee take a role in overseeing:risk management strategiesinternal control statements

  • anti-fraud arrangements
  • confidential reporting       strategies?





This is included in the terms of reference
Has the membership of the committee been formally agreed and a quorum set?


Membership of between three and five and a quorum of three
Is the chair free of executive or scrutiny functions?


Are members sufficiently independent of the PCC and Chief Constable?


Have all members’ skills and experiences been assessed and training given for identified gaps?


This is a piece of work which will be undertaken in preparation for the recruitment of new members of the Audit Committee
Can the committee access the information it requires to carry out its role effectively?



This will need to be kept under close review by the Chair of the Committee
Does the committee meet regularly?


Meetings are scheduled quarterly but this will be kept under review
Are separate, private meetings held with the external auditor and the internal auditor?   There is provision to do so in the Chair’s agreed ways of working
Are meetings free and open without political influences being displayed?


Are decisions reached promptly







Are agenda papers circulated in advance of meetings to allow adequate preparation by members?


The Committee has adopted a policy of papers being available five days in advance
Does the committee have the benefit of attendance of appropriate officers at its meetings?


This is included in agreed ways of working
Is induction training provided to members? 



This is a piece of work which will be undertaken in preparation for the recruitment of new members of the Audit Committee
Is more advanced training available as required?   This is a piece of work which will be undertaken in preparation for the recruitment of new members of the Audit Committee
Do the PCC’s and Chief Constable’s s151 officer or deputy attend all meetings? 



This is included in agreed ways of working
Are the key officers available to support the committee?



This is included in agreed ways of working