Governance & Audit Committee - Thursday 2 July 2026, 10:00am - West Yorkshire Combined Authority Webcasting
Governance & Audit Committee
Thursday, 2nd July 2026 at 10:00am
Speaking:
Agenda item :
Start of webcast
Share this agenda point
-
Debbie Simpson, Chair (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
1 Apologies for Absence
Share this agenda point
Agenda item :
2 Declarations of Disclosable Pecuniary Interests
Share this agenda point
Agenda item :
3 Exempt Information - Possible Exclusion of the Press and Public
Share this agenda point
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Saeema Hawaldar, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
David Merrett (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
4 Minutes of the Meeting of the Governance and Audit Committee held on 19 February 2026
Share this agenda point
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
David Merrett (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
5 Governance Arrangements Report and Terms of Reference
Share this agenda point
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr John Taylor CA Member
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Cllr John Taylor CA Member
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Robin Cumming CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
6 Draft Annual Governance Statement
Share this agenda point
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
David Merrett (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Cllr Robin Cumming CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr Robin Cumming CA Member
-
Cllr John Taylor CA Member
-
Cllr Robin Cumming CA Member
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Cllr Robin Cumming CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Robin Cumming CA Member
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Christiana Mirosanu CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Cllr John Taylor CA Member
-
Cllr John Hardie CA Member
-
Cllr David Jenkins CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Cllr John Taylor CA Member
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
7 Head of Internal Audit Annual Opinion
Share this agenda point
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Bob Felstead Chair - Scrutiny Committee
Agenda item :
8 Draft Internal Audit Plan 26/27
Share this agenda point
-
David Merrett (Independent Member)
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Christiana Mirosanu CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
David Merrett (Independent Member)
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Robin Cumming CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Robin Cumming CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr David Jenkins CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
9 Audit Recommendation Follow Up Report
Share this agenda point
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Christiana Mirosanu CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Cllr Christiana Mirosanu CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Christiana Mirosanu CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Cllr Alex Greenwood CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Cllr Robin Cumming CA Member
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Bronwyn Baker, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr Bob Felstead Chair - Scrutiny Committee
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
10 External Audit Update
Share this agenda point
-
Alastair Newall (Auditor) Mazars
-
Debbie Simpson, Chair (Independent Member)
-
Alastair Newall (Auditor) Mazars
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Robin Cumming CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
11 Statement of Accounts 2025/26 Updates (Including Accounts Improvement Process)
Share this agenda point
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Cllr Alex Greenwood CA Member
-
Kate Taylor, Director West Yorkshire Combined Authority
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
12 Data Protection Officer Report
Share this agenda point
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Saeema Hawaldar, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
-
Cllr John Taylor CA Member
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
12 Data Protection Officer Report
Share this agenda point
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Ismail Mayat, Officer (West Yorkshire Combined Authority)
Agenda item :
13 Risk Management
Share this agenda point
-
Debbie Simpson, Chair (Independent Member)
-
Ismail Mayat, Officer (West Yorkshire Combined Authority)
Agenda item :
13 Risk Management
Share this agenda point
-
Ismail Mayat, Officer (West Yorkshire Combined Authority)
-
Debbie Simpson, Chair (Independent Member)
Agenda item :
14 Date of Next Meeting
Share this agenda point
-
Ismail Mayat, Officer (West Yorkshire Combined Authority)
-
Nikki Deol Assistant Director Legal, Governance & Compliance
-
Debbie Simpson, Chair (Independent Member)
-
Webcast Finished
Disclaimer: This transcript was automatically generated, so it may contain errors. Please view the webcast to confirm whether the content is accurate.
Thank you very much.
Debbie Simpson, Chair (Independent Member) - 0:00:15
Thank you and welcome everyone to this meeting of the governance Nordic committee and toour new members.
We are now being recorded and streamed.
We will start with agenda item 1 which is apologies for absence.
Apologies for absence have been received from Rob Winter.
Debbie Simpson, Chair (Independent Member) - 0:00:36
Thank you. Rob can't make this meeting as we've heard. He sent me some comments whichhe's asked to be fed into the meeting at relevant points and which I will do. I should say,
though, that I'm going to have a talk with Nicky at some point just to understand how
we move that sort of matter or how we deal with that sort of request moving forward to
make sure that we do represent people's views, but also that we ensure people are at the
meetings to represent their own views as well. So once I have that chat with Nicky, then
we'll update you in future. Okay. Agenda item two is declarations of interest.
Has anyone got any declarations of interest to declare? No? Thank you.
Agenda item 3.
1 Apologies for Absence
2 Declarations of Disclosable Pecuniary Interests
This is the agenda item that lists any matters that officers have recommended are heard in
closed session.
3 Exempt Information - Possible Exclusion of the Press and Public
Today we've got two recommendations.
One is for agenda item 12, appendix A, and the other is for agenda item 13, appendix
3.
For the benefit of the new members, we've debated exemption of the matter raised under
gender item three at the last meeting. A couple of members felt very strongly that the matter
shouldn't be exempt. There was no public interest argument for that matter being heard in closed
session. Dave has asked me to share that he still feels that that's the same. As with
the gender item 12, doesn't feel that's exempt. So as we've got new members, I'd be very interested
to hear your views on that and understand whether you feel those two matters should
remain exempt or not. And I wonder before we do that if any officers wanted to give
their opinion on how they have arrived at the decision.
Thank you, Chair. If I may assist, we have also got the statutory data protection officer
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:02:38
here as well to assist with item 12. Now, local government has a regime under schedule12A to exempt certain items where it affects particular business affairs or commercial
interests or indeed the operation of a combined authority. It's important that when you apply
those exemptions, these are different to legal privilege or other matters when we're in litigation,
that we take a proportionate approach as to what should be disclosed and set out in the
public arena and where it shouldn't. And that's where you take a balancing act.
Now with regards to the Data Protection Act, I will hand over to Seema shortly just to
set out why an assessment has been made as to what should be exempted and what should
be put in the public domain. But with regards to risk management, I've
given advice previously on this, that it's important that when you are assessing risk,
those particular specified risks which have been split in two parts of the report, it
would be highly prejudicial to us as an organisation if we disclose those risks to the public.
It would provide an opportunity for those that see that risk to infiltrate or potentially
get round those risks whilst they are being managed. So for those reasons that an assessment
has been taken for risk management that it ought to be exempt and we put what we can
in the public domain from the corporate register. So I'll just hand over to Saima so that she
can just explain how an assessment has been taken in regards to data protection.
Saeema Hawaldar, Officer (West Yorkshire Combined Authority) - 0:04:20
Thank you Nicky. So with regards to the appendix for item 12, in terms of assessing the reasonas to why it would be exempt or why I'd recommend that it is exempt from public disclosure is
it does contain information about the organization's information, governance and security controls,
which does touch on sort of weaknesses and evidences, evidence of assurances against
those control measures.
Public discussion of this would risk disclosing sensitive information at a granular level
about the security arrangements and vulnerabilities which could be exploited from a malicious
activity and sort of compromise the security and confidentiality of our information assets
as well as increasing risks to cyber security. With that said, under paragraph three of the
local government act, I would ask that this is exempt on the basis that disclosure would
prejudice and combined authorities business affairs. It's not intended to avoid scrutiny
but it is to protect that sensitive operational detail at that granular level while we work
on improvement actions. The public report which does touch on transparency and compliance
as well as key performance indicators and improvement actions, we think that on balance
there is a public interest in that transparency and that's been touched on in the report.
But in terms of maintaining the exemption, the public interest in maintaining the exemption
outweighs the disclosure on those detailed findings and that's for appendix one of the
Debbie Simpson, Chair (Independent Member) - 0:06:07
item 12. Thank you. So have any members got any questionsthat they would like to raise or any comments on that?
Just to clarify, my concerns with this was that not all of the information that in these
Cllr Bob Felstead Chair - Scrutiny Committee - 0:06:22
two appendices I think needs to be excluded and subjects of what has just been said IDavid Merrett (Independent Member) - 0:06:29
don't think clear specific reasons for particular things within the report have been outlinedin the report has said here. I think you've outlined the reasons why you could do that,
but I think we need to have a more specific conversation potentially in the private session
this time around about specifically which parts of this really need to be, particularly
which risks need to be excluded, some of them I don't think do, and what the very specific
vulnerabilities that we're leaving ourselves open to are if we do share this in public,
because that's my concern.
Do you want to come back on that?
I think I'd encourage you to apply the exemption today and as the independent member has advised
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:07:09
that we go into a private session when we have a discussion at a more granular levelto distinguish which particular part of the appendices should be disclosed and whether
the legal test should be applied to those.
We take a consensus view in a private session so it can be discussed in that manner.
So I'd encourage members to accept the the the exemption for now so that we can go into a private session at the appropriate time to discuss that further.
Thank you. Any Councillor Greenwood?
Cllr Alex Greenwood CA Member - 0:07:45
Yes, I don't know whether I've got maybe a slightly older agenda pack.My agenda pack speaks to item 13 appendix 3 risk management.
But in my pack it appears to be a gender item 13 appendix 2 that is exempt.
Yes it is.
So...
I think there's a typo on the top part.
Well spotted, Councillor.
So we'll need to make an amendment when we go to the vote on that.
Okay, any other queries, questions, challenges?
Debbie Simpson, Chair (Independent Member) - 0:08:22
Okay, so if we can go to the votes on this then.All those in favour of agenda item 12, appendix 1, exemption being upheld.
All those against?
Debbie Simpson, Chair (Independent Member) - 0:08:41
And anyone abstaining?So that's passed then.
That item will remain exempt.
And then again, all those in favour of Agenda Item 13, Appendix 2 being exempt.
All those against.
And any abstentions?
Thank you.
So that one has passed as well.
So that item will remain exempt, but we will take Nicky's advice and we will come back
to that again in closed session next time and we will work our way through some of those
questions that have been posed today.
Okay, so moving on to agenda item four, that's the minutes of the meeting held on the 19th
of February.
4 Minutes of the Meeting of the Governance and Audit Committee held on 19 February 2026
I think there's only a couple, is it Dave and Councillor Jenkins who were at that meeting,
so are there any comments from either of you on those?
Yeah, Dave.
I think we actually had two sets of minutes here, the one from January and the one from
Cllr Bob Felstead Chair - Scrutiny Committee - 0:09:54
February. Just on the, I guess, both of them just wanted to note that I don't think theDavid Merrett (Independent Member) - 0:10:02
vote we just had then was unanimous either, as I didn't vote for exclusion in those twocases either, so that just needs to be corrected. On the January ones, under item six, I think
At the time I requested that the reporting line, the administrative reporting line for
the head of internal audit be changed to a more appropriate line to the CEO.
I don't think that was recorded, nor the CEO's response to that, and that's not the first
time we've asked that question here, so I think that needs to be recorded in the minutes.
And then finally, just one thing, it's not to do with the accuracy of the minutes, just
something to pick up at some point.
Item 9 under the February minutes, we talk about the PWC external readiness cheque report,
but there's been no any progress on allowing us to see the content of that.
I'd like to pick up at some point during the meeting if I could.
Thank you. I think we've made note of all those adjustments.
Debbie Simpson, Chair (Independent Member) - 0:11:00
Councillor Jenkins, anything from you? No.So if we make the adjustments, can we accept them on the basis of making the adjustments?
You can if you all vote in favour of those amendments. They're clarification comments
by the independent members so it's entirely appropriate that that's included.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:11:19
Thank you. So can we just have a show of hands from you both that you accept those minutes?Just the ones who were here. Thank you.
Debbie Simpson, Chair (Independent Member) - 0:11:26
That's lovely.5 Governance Arrangements Report & Terms of Reference
Okay, so Agenda Item 5, that's for the Committee to note the governance arrangements for this Committee.
committee. These were approved by the Combined Authority meeting on the 25th of June and
also for the committee to nominate the elected member for transport for the North Audit and
Government Committee. So if you take the first matter first, which is to note the governance
arrangements for this committee, for the benefit of new members, this committee has been extensively
engaged during the development of these changes and so there shouldn't be anything that the
existing members see in there that they weren't aware of. But Nicky do you want to take us
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:12:17
through this? So members, as the chair has outlined, thisreally sets out the governance arrangements which were approved at Combined Authority
last week. In addition to that there are some rather detailed terms of reference which were
approved. Now, just by way of background, there was a significant governance review
that was undertaken at the beginning of last year when I joined the Combined Authority.
And what that was to do was really to streamline activity for the Authority, given the legislative
changes under the Devolution Act, which received Royal Assent in April. What we recognised
was that given the strengthening of powers and more devolved powers for us as a Combined
authority, it was appropriate that we had agile committee structures in place so that
decisions could be made very quickly and effectively in a transparent fashion. Hence why there
was a reduction of 11 committees to five. So there was a significant reduction.
Now with the terms of reference that you see before you, we have stood down what was FRCC
committee which dealt with finance and resourcing. And we've combined a lot of those duties with
governance and audit scrutiny and they've been spread across the tri -executive model.
But what you will see here is a more consolidated position on you as a committee and what documentation
you will now see going forward.
Things like pay statements, not just treasury management reports but a whole suite of documents
relating to management structures and performance as well.
Now we have got a repository that is available for you as members which we'll be hoping that
you'll all sign up to so that you can see a lot of the background information and internal
governance decisions as well, so that you've got a completely transparent approach to how
governance is taking place here. And the documentation within that pack really reflects that. It's
very straightforward. It's just setting out what's been agreed at Combined Authority.
If you have any comments, I'm happy to take those. But really, it sets out the calendar
of dates, what the membership is. You're all sat around the table, thankfully. And then
there's a secondary matter as chair has outlined the appointment to Transport
for North external nominee from this committee. Chair I'm happy to take further
Debbie Simpson, Chair (Independent Member) - 0:14:36
questions if you have any and members but that concludes my points. Thank you and I think it'simportant to note that the focus of this committee regardless of change is on
independent assurance and processes of reviewing the governance
framework so that hasn't changed at all in what we're looking to do. Councillor
Thank you, Chair. I just had a question on the terms of reference.
Cllr John Taylor CA Member - 0:14:56
So in the terms of reference, it talks about us reviewing management information quarterly,but we don't meet quarterly. So when you look at the dates that we meet,
you know, two of the dates are very close together in sort of January and February.
So I'm not quite sure how we can review management information quarterly if we're not meeting,
you know sort of an appropriate spread through the year so I'm not quite sure how we meet
that.
Debbie Simpson, Chair (Independent Member) - 0:15:24
I think Kate's going to reference.Kate Taylor, Director West Yorkshire Combined Authority - 0:15:28
So the committee meets I think in terms of numbers quarterly sometimes the cycle hasto so the primary objective I guess for the committee is making sure that it can certainly
cover things like the audit cycle for example so it can fulfil those statutory duties that
has around the accounts, approving opinions, et cetera,
during that point in time.
For that, I think certainly we can look at the timing
if we feel that that is absolutely not a problem
to make sure that they are synced sufficiently.
I think we are still working through,
Nikki's team have done a huge amount of work.
There is a huge amount of reorganisation
with the new governance in making sure
that that syncing is there.
And we, with your permission as a committee,
we can look at that back.
Just to clarify around the January and the February meetings, the January meeting will be an accounts only meeting,
so the primary purpose of that will be for you to come together to approve the annual accounts for 25 -26
to meet the backstop date of the 30th of January that is required, so it will be a one item only meeting
and February will be a normal business meeting in there, so that's why they come together there.
Cllr John Taylor CA Member - 0:16:40
I think that makes my point. We're not meeting quarterly so I wouldn't be happy signing offa terms of reference that says that we're going to review management information quarterly
because we're not able to do that the way the meetings are currently organised. So there's
a discrepancy between what you drafted as terms of reference and what you're asking
us as committee to do.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:17:02
I think the drafting took place before the calendar dates were set or it's happened inreverse but we can certainly adjust that. If you would like a, that's a non -material
an amendment essentially, I would say,
we can say that they will be presented
in whichever frequency or course that you would prefer.
Whether those reports are useful to you on a quarterly basis
or at each meeting is what I would propose as an amendment.
So for me, I'm new to this.
Obviously, I've got experience of a couple of those.
I'm not understanding at the moment what the ask is because the ask per the terms of
Cllr John Taylor CA Member - 0:17:38
reference is that we review this information on a quarterly basis.It's to consider.
And I think that's valid for us to look at that on a quarterly basis. But then we set
up meetings that don't enable us to do that. So is it important that we review that information
on a quarterly basis? It feels to me as though it is but I don't know that. That's just
my gut feel, but the arrangements you put in place don't enable us to do that.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:18:11
What we can do is we can say at each meeting because that will enable us to fulfil thatrequirement unless otherwise agreed. So these are terms of reference. Terms of reference
can flex in a number of ways. They don't need to be exactly precise in regards to when you
receive the information. The important thing is that you receive the information in a timely
way in order for you to process and consider the documentation. It may be that for quarter
two we don't have any management information for you to consider. We have consolidated
it for the next meeting. So this is something that we can discuss through the chair or yourselves
as committees or deposit it in the repository. We do have a cycle of business, don't we?
Debbie Simpson, Chair (Independent Member) - 0:18:52
And I just wonder if it's worth having a look at that because that was developed very muchin mind with ensuring that this committee receives the right information at the right
time. And I think that's probably the key document we should be focusing on in terms
of when information will be available and the statutory deadlines we have to meet for
things like the finance side of things. So is it worth bringing that back and could we
have a look at a good session on that next time?
I think that would be very helpful, Chair, yes, and then we can correlate to it.
Kate Taylor, Director West Yorkshire Combined Authority - 0:19:27
Based on the point that Councillor Turner is making, I would propose, well not propose,Nikki Deol Assistant Director Legal, Governance & Compliance - 0:19:37
I would advise that instead of saying to consider on a quarterly basis management information,just to consider management information and then we can make sure that it's brought to
the appropriate meeting in accordance with that cycle.
And then you're fulfilling the requirements of that term under point 18.
Cllr John Taylor CA Member - 0:19:54
I'm just me but I'm uncomfortable at the moment because you've drafted terms of referenceclearly with an understanding of what you're asking this committee to do and now we're
turning it on its head almost. We're only meeting three times a year if the fourth meeting
I fully understand that and get that because I used to do that, you just signed them off
for Kirk Lees.
There's an awful lot in those terms of reference and we're only going to meet three times a
year.
I'm not sure how we provide really detailed reassurance and get that reassurance if we're
Debbie Simpson, Chair (Independent Member) - 0:20:39
not meeting very often and either we're going to have very, very long sessions because there'sCllr John Taylor CA Member - 0:20:40
that much information that we need to go through in those sessions.I mean, it feels uncomfortable to me and I, you know, I always used to push that I didn't
have too many agenda items on a committee meeting because you do get to the stage where
you can't concentrate for five hours on detailed documents and when I look at the terms of
reference there's a lot in there. It's a big ask of us as members and you're saying, but
but we'll do all of that effectively in three meetings.
And this is the first one.
Debbie Simpson, Chair (Independent Member) - 0:21:15
I think there's several questions in that, isn't there?One is are we receiving the right information
at the right time to give that effective governance?
The other is around the number of times
we received that information.
This has been raised before with this committee,
and if we need an extra meeting or not.
So I think that's something we could come back to as well,
isn't it?
And the length of the meeting I quite agree and we did make an attempt
We've looked at that recently because it did get to the stage where we had too much information
but the answer to that at that time when we considered it was to
Extend the meetings from two to three hours
So I think there's something around looking at all of those three elements again
And I think that's worth coming back to next time and having a further discussion
I would like to back John on that.
Our governance and audit committees meet seven times, which is a smaller department than
yours, so I do back them.
This is a lot to go through.
Cllr Robin Cumming CA Member - 0:22:16
So if we reduce it and have more meetings, or even just add an extra one, we would bebeneficial.
We could certainly look at that.
Debbie Simpson, Chair (Independent Member) - 0:22:23
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:22:25
I totally take on board the points that you are raising.There is a lot of information for you to process, so we could certainly look at adding dates
and making sure that they're not overwhelmingly long so that you can get through the information.
Cllr Alex Greenwood CA Member - 0:22:37
Debbie Simpson, Chair (Independent Member) - 0:22:39
Can I also, Nicky, just raise a point that Rob asked me to present, which he felt therewas a slight contradiction between the cover report, which states that GNA have no role
in the review and approval of the framework, and then later in the actual terms of reference,
which says that the role of the group is to ensure that the framework of assurance provides
sufficient coverage. So I think it was what is our role, I expect, is what he's trying
to drive at there. Are we here to challenge and ensure the arrangements?
Debbie Simpson, Chair (Independent Member) - 0:23:25
Okay, thank you. Okay, so that covers that point and we will come back to that at thenext meeting because I think it's a very valid point and we'll explore that in more detail.
So if there are no more comments on that, the second part of this agenda item is for
the committee to nominate the elected member to transport for the North Sordid and Governance
Committee and we have a nomination and Councillor Jenkins and I think we've got
somebody to second that so Councillor
Oh, Proposer. Sorry, Proposer first. So Councillor Cummings and then second. Thank you very much
Debbie Simpson, Chair (Independent Member) - 0:24:15
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:24:25
Debbie Simpson, Chair (Independent Member) - 0:24:27
Councillor Taylor. Okay so we can confirm then. Okay thank you. So we move on toagenda item six and this is for members to receive and comment on the draught
6 Draft Annual Governance Statement
internal governance report. This report details the governance improvement plan
which was adjusted to reflect previous comments from this committee.
So, again on this one I've received several comments from Dave,
which I'll go through before I pass over to officers.
There was a view that the governance statement should include key risks
and how these have changed through the year,
so I think they were looking at the transition journey in terms of those risks.
There was a request for more detail on the White Rose and the CI systems implementations.
There was concern, the statement on pages 34 and 35 don't align with the opinion expressed
throughout the year by the head of internal audit.
And then there were two requests, firstly to have site of changes to the annual government
statement well in advance of the meeting, and secondly for the governance improvement
plan to come back to governance and audit with more detail on the impact of changes
made. So quite a few comments there. So can I pass over to officers to introduce it.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:25:47
Thank you, Chair. So for members who are not familiar or are familiar with this, this isan annual governance statement. This is where we look back over the past financial year
and review how the operating model for governance has functioned, taking into
account a number of assurance sources across the organisation. One of those has
been mentioned, namely the internal audit function, which is one element of us
forming that statement. We also look at risk management, which has also been
mentioned. We look at performance operations across the organisation, as
as well as governance and compliance monitoring.
And then we get input from all of the directors,
the directorates, they all feed into this statement
so that we create a holistic document.
This is a document that looks back at the organisation
as a whole, it doesn't hone into specifics,
it takes a holistic view and a balanced view
of the governance arrangements.
Now the overall conclusions within this governance
and your governance statement were that there were
sound governance arrangements in place. And this is taken against and through the lens
that we have been a significantly fast -paced organisation that is growing really quickly,
we are getting more devolved powers, we've been through a readiness cheque through central
government to assess whether we have got the right arrangements in place to get integrated
settlement. Integrated settlement for us as an organisation is a huge step forward in
in relation to devolved powers and responsibility in delivering major programmes. And governance
is a real important aspect and the annual governance statement seeks to reflect that.
It also acknowledges that we've had a big year of transition. There's a lot of change
within the organisation in terms of workforce, skills and programme of delivery. So it's
about looking at that in a holistic way but it does recognise our weaknesses. It recognises
that there is a lot to do. There are weaknesses and the main point is that there is inconsistency
in a number of areas and controls within the combined authority. So during this year of
transition there is a lot of strengthening that needs to be undertaken around our systems,
CIA systems, around financial controls, around how are we going to embed this new governance
arrangement which was approved in March 2026. With that there is quite a detailed improvement
plan that sits behind the governance statement which recognises all of the steps that we
have to take under the lens that we are changing as an organisation. We are a strategic mayoral
authority now and there is a lot to do. The trajectory is really, really high and in my
my view this is a corporate response to all of those suite and sources of
assurance as to how we consider the year has happened and a look back. So chair on
the points that you've said about, let me take the points in in sequence, risk
management is mentioned within that report but in terms of the governance
improvement plan because this is in draught form and it will stay in draught
until we submit the next round of accounts, we can certainly draw that in and a reflection
to make sure that that's reflected in there. The second point about CIA systems and the
effectiveness of it, we can certainly look and edit that out as well. Indeed, we did
that in February when you saw, when members of this committee saw the annual governance
statement in February with the statement of accounts that Kate presented, we looked at
we've noted that were raised in February and what action has been taken in regards to that.
And then thirdly, I can only apologise that you did not have sight of the annual governance
statement before the Combined Authority. I would say that that is because of the synchronisation
of meetings. We went into pre -election period very, very early, given that Kirklees was
the first council to go in, I think two weeks before the rest of the councils did, which
meant that we observed that pre -election period earlier and we were unable to give you the
draught document because we weren't sure which members would be around the table, hence why
it went to the Combined Authority last week in draught form in order for us to receive comments
from you. So we're very ready to take those comments on and adjust that statement, but
it has been approved by the Combined Authority. I would make that point.
Thank you, Chair.
Debbie Simpson, Chair (Independent Member) - 0:30:16
Thanks, Nicky. I think it's important to be clear that the purpose of this report is toprovide assurance on effectiveness of the framework.
It's not intended to provide detailed action plans or performance commentary, and that
sort of thing will appear in different reports to this committee.
I do, however, agree with the point about the request to bring back the governance improvement
plan back to this committee, and I think that before we'd been assured that we would see
that.
So that would be really useful to keep an eye on that.
So has anybody else got any questions?
David.
Yes, just a couple of points on this.
And just noting and thanking you for the changes that were
Cllr Bob Felstead Chair - Scrutiny Committee - 0:30:59
made to this last time round.I remember at the time, the feedback from your side
was the comments were rather late in the process.
So hopefully we can get the comments in early this time
David Merrett (Independent Member) - 0:31:06
round.So I'd encourage you to take another look at the drafting
of the risk management paragraph on page 35
and compare it in particular to in the next agenda
item we've got internal audits view of risk management in particular page 55 and page
69 but also audit 38 that says limited assurance on risk management.
I think it's much more a work in progress than is highlighted on page 35.
So that probably needs a bit of addressing.
Second point was again this year we've got a list of significant governance issues, page
37 onwards, many of which we've not seen anything in this committee about.
And most of them I can't understand from the description in there what the significant
governance issue is.
I can understand there's an issue, but I don't really see any explanation of what the governance
issue is, nor what the action coming out of it is in order to resolve that governance
issue, which I would expect to see in an annual governance statement.
So that would be more helpful for us to understand, or whoever's reading this, to understand what
the governance issue was and what's been done about it. So those are the two bits of feedback
I'd like to give.
Nicky, do you want to come back? Thank you to the independent member. We can certainly
look at that because that's just making sure that the narrative is clear to the reader,
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:32:27
so we can certainly do that. And I think that's entirely appropriate, so I'm grateful forthe comment.
Can I also ask Nicky, we had a discussion at a previous committee about having a version
Debbie Simpson, Chair (Independent Member) - 0:32:38
of this that was jargon free, a sort of plain English version for public consumption. Idon't know if anything has been done on that yet. I can certainly look at that for you,
Chair. Okay, Councillor Taylor.
Debbie Simpson, Chair (Independent Member) - 0:32:53
Cllr John Taylor CA Member - 0:32:55
Just back up what David said on the governance issues. When I've seen the equivalent of thisat the Kirklees Council where you've got an issue, it would also show you what the proposals
are to address that issue and at the time scale and who was the accountable officer
that was owning that issue. And I think that would be helpful because what we've got here
is paragraph statements about an issue where it's not really clear, you know, what time
scale are we expecting this issue to be resolved within and what are we doing to actually resolve
it and actually who is accountable for trying to address that issue. So I think as it stands,
it's lacking in information that ought really to be in there.
Kate?
I think we can certainly take all of that on board.
Cllr Robin Cumming CA Member - 0:33:47
What I would just say is Nicky's been with us less than a year actually with this authorityKate Taylor, Director West Yorkshire Combined Authority - 0:33:55
so I think giving Nicky the time and space actually to look at that and I know Nickypicked up a number of things and I think particularly around this statement that is something that
we do want to look at how we evolve it over the next. I think it's important to note the
improvements that are already in this year's statement versus last year's statement in
there, so the trajectory that we're on, but I think we're certainly happy to take these
comments on board and go back as we look around for continuous improvement.
Cllr Robin Cumming CA Member - 0:34:23
Just to come back, I hear that, I understand that, but at the end of the day this is apublic document and the public document needs to be good enough and as it stands I don't
Cllr John Taylor CA Member - 0:34:31
think it's good enough and I don't mean that as a personal criticism it is ourjob to say yes we're happy with it or no we're not happy with it that I'm not
happy with at the moment because I don't think it does the job it ought to be
doing and really we need to get better at that. Thank you Councillor Taylor and I
Cllr Robin Cumming CA Member - 0:34:49
totally agree with you this is an evolving document so what I would say isI have prepared the governance improvement plan for this year and if
you look at that it sets out specifically what the issue is, what needs to happen, who
the owner is, what the time scale is and what the outcome is as well. So if you look at
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:35:08
page 45 I have already set that out going forward in terms of the governance improvementplan. What you're doing is you're looking back at what the governance issues were and
I can certainly, these predate a lot of, I'm sorry to say officers that are sat around
the table, because not only am I a new statutory officer as is Kate, we will ensure that that
information is provided because that's a quick, that's a position of fact at the end of the
day and we can certainly incorporate that into the statement.
But going forward I'd invite you to look at page 45 because that is the trajectory that
we're on in terms of making it clear what the issues are, who the owner is, the time
scales and what the outcome should be.
Cllr Robin Cumming CA Member - 0:35:46
Councillor Cummings.Debbie Simpson, Chair (Independent Member) - 0:35:50
Cllr Robin Cumming CA Member - 0:35:51
Just a general point, it might be because we're quite new to this or you know, thereA lot of these documentation has acronyms and spread throughout.
Some have the actual full wording, then the acronym, then sometimes they don't.
So would it be easier if you dropped the acronyms just for the first couple of meetings, or
put the full word in so we know what you're talking about.
The second point, a lot of these headlines, mass transit programme reset, because we've
not been here before.
I have no idea what that is.
So if you put a bit of background in it or something for people picking this massive
document up for the first time a week and a half ago, it's a lot to take in.
So more details on previous issues would be nice.
I think that goes back to the point that Councillor Taylor was saying, an explanation of what
the issue was at a more granular level so that you're aware of this.
So we'll absolutely address those points.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:36:53
Thank you, Councillor.And in terms of accriments,
I think we might need an glossary.
So I think that's the best way to deal with that.
Councillor Mazzoni.
Thank you.
I think what I would also add to that
Debbie Simpson, Chair (Independent Member) - 0:37:08
in terms of explaining the issue iswhat's the risk exposure?
So what would be the impact if that
kind of goes out of control or there's an event
Cllr Christiana Mirosanu CA Member - 0:37:17
which causes the risk to materialise,to know how much pressure or how much escalation needs to be put for that to be resolved.
Debbie Simpson, Chair (Independent Member) - 0:37:26
I totally agree. You'll be meeting the risk manager later today and then if there areCllr Alex Greenwood CA Member - 0:37:35
any points that you want to pick up on in terms of how the management of risk is andthe explanation within this, we can certainly develop that.
Debbie Simpson, Chair (Independent Member) - 0:37:40
I think that goes back to my point that this isn't an update, a performance update. Thosereports, the subsequent reports you see, should pick up on all of those matters and address
them in terms of bronze work in audit and the risk management report. We should see
all of these matters linking through in all the subsequent reports, but that's not the
purpose of this report. This purpose is to give a broad assurance how things have been
working through the year.
Cllr Alex Greenwood CA Member - 0:38:14
Cllr John Taylor CA Member - 0:38:25
Yes, on page 38 about White Rose, it's a bit vague and I would like it to be brought toCllr John Hardie CA Member - 0:38:28
Cllr David Jenkins CA Member - 0:38:31
the next meeting really, where it says due to commence in 2026 or when and what is goingto happen you know we need more background as other people have said.
Kate?
Debbie Simpson, Chair (Independent Member) - 0:38:46
Cllr Alex Greenwood CA Member - 0:38:49
So there have been several reports on White Rose that have gone through to the combinedauthority already in there so it's a report probably going back around 12 months which
looked at lessons learned there have been later reports and the last report went in
March actually I believe to the combined authority which was around the finalisation of that
position and set out the next step so the team are currently working on the
final business case at the moment we have just secured the site and are in
the process of looking and costing that up and that will feed into the final
business case that will be coming through when ready to the combined
authority I believe it probably will be the combined authority that that looks
at that so we could certainly circulate those reports which have gone through
but from a transparency point of view the information has been in public
Debbie Simpson, Chair (Independent Member) - 0:39:37
domain. Thanks Kate. Any other questions? Yes Councillor Dews.Cllr Alex Greenwood CA Member - 0:39:43
General point, Nick you were just saying about how there's a lot more majorresponsibilities coming down the track and I'm just wondering about is the
staffing already being looked at or in place for this because there's a general
Cllr John Taylor CA Member - 0:40:03
perception with the problems with the mass transit and white rows which aremajor items with problems that if we're getting a lot more responsibilities
Cllr Alex Greenwood CA Member - 0:40:15
coming down is it are we prepared for it?Good question which officer wants to take that?
Debbie Simpson, Chair (Independent Member) - 0:40:20
Cllr Alex Greenwood CA Member - 0:40:22
So that is again there've been so Ben is the Head of Paid Service that sits within his statutory role effectively to assess that.that we have the right people in place.
We have actually taken a number of reports again
throughout the year which have talked.
So there was a paper that went around future state
of the organisation, probably going back about eight months
ago that went to the combined authority
and talked around the skills and the future workforce
strategy of the organisation as well
in terms of what we will need for the future
to be able to meet either increased powers
or in some cases newer powers that are coming through,
so new areas that are in there.
In terms of how we do that,
Kate Taylor, Director West Yorkshire Combined Authority - 0:41:04
we run a integrated business planning process every year,where effectively we go out to the directorates,
we ask them to say what they need to achieve
over the next kind of 12 months,
but certainly to also to look younger within that,
what they are going to do,
and then what they need to be able to do that,
which looks at both money and humans,
and obviously humans also drive money in terms of that.
So that is integrated into part of our process overall in terms of an integrated process
that looks at workforce planning, also money planning and also activity planning.
So it is constantly on our radar in terms of ensuring that we have got the right skills
and resources, capacity and capability within this organisation.
Thank you, Kate.
Debbie Simpson, Chair (Independent Member) - 0:41:51
Yes, Councillor Greenwood.Cllr Alex Greenwood CA Member - 0:41:56
Yeah, just two comments. I am somewhat concerned that the AGS doesn'tsufficiently reflect the opinion of the
yes I am also another comment that I want to make is surely the AGS is the
interface between the public and the authority in terms of governance and that when there
is a comment made such as a version for public consumption, surely this should be the version
for public consumption. I understand officers are not responsible for legacy or anything
like that, but I am just concerned that if I were to give this AGS to one of my residents
governments in one of my wards they would not be able to navigate it and they would
not be able to understand how the authority thought its own governance was currently being
conducted. Those are just my two comments.
Debbie Simpson, Chair (Independent Member) - 0:43:03
Thank you. Nicky do you want to come back on that second point and then Bron on thefirst?
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:43:11
So on the second point about it not being appropriate for public consumption, I canI'd certainly take that on board, but this is a template that the combined authority
and a lot of combined authorities use in terms of the headlines of what's required. And the
content of that is taken from what's called a code of corporate governance and framework
which is prepared by CITFA. So in February, the framework, which is the setting of how
we do the annual governance statement, was approved by this committee in February because
we'd updated it. From that, we use that framework and it sets out very specifically what is
required in this document. I take on board that it is quite a technical document and
maybe that is something we need to reflect on so members of the public can read it. What
I would assure you is that it does not differ from annual government statements that you
see across the country. This is very much akin to what you will see nationally.
Thank you. Bron, did you want to come back on this point?
I am going to pick that up in the section on the head of order opinion so rather than
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 0:44:15
I will repeat myself. I will deal with it there.Debbie Simpson, Chair (Independent Member) - 0:44:17
Any other questions or comments? The cycle of this year, this municipal yearand the last municipal year has been quite difficult to manage.
Nikki Deol Assistant Director Legal, Governance & Compliance - 0:44:37
The preparation of these documents has been later rather than earlier and I have not beenable to get them to you as earlier as I would have preferred.
We are going to start on the next annual government statement now.
So you will be seeing that in its draught form rather than you being presented with a document.
That's my intention as monitoring officer because it's not appropriate that we just
present you with something that's already gone through a particular channel.
So I just want to say we're resetting that approach and Kate and I have discussed this
as statutory officers and what we're hoping to do is work with our statutory officers
and our teams on assurance to make sure that that is a clearer trajectory for you so that
you can input at the right time rather than being presented with something and having
to retrofit almost.
Thank you, Nicky. I think it's important to recognise the authority has got a bit of a
Debbie Simpson, Chair (Independent Member) - 0:45:25
balance between including in these documents things that they're expected to put in becauseof SIPFRA and things like that, and recognising a need that such as your constituents need
something that's readable and understandable. So it is a very difficult balance, but I would
ask officers if they could take that challenge away and just maybe come back and let us know
the thoughts on that. Okay. Thank you. So there's no more questions on that. Can we
note that the committee has considered that item? Thank you.
We move on to Agenda Item 7, and that's the annual report covering the work of internal
7 Head of Internal Audit Annual Opinion
audit on the 2526 audit plan. So Bron, did you want to talk to this paper?
Thank you, Chair. So just picking up on, I'll start with that earlier point just so that
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 0:46:17
I don't forget and neglect to cover it. It is really important to remember that the contextof internal audit work is set around a risk -based plan focused on the areas of greatest risk
and concern.
It's inevitable that the slant of the work that we
do is going to pick out the areas that require
improvement and continuous development and embedding
and further sort of proactive monitoring and
attention by the organisation.
So it is very easy to see the audit opinion of
internal audit as the, because it's an independent
assurance opinion, the one that supersedes everything
else, it doesn't. It has to be seen in the context of what the organisation put forward
in their annual governance statement and all of the reporting that comes to this committee
throughout the course of the year so that when you review the annual governance statement
you are factoring in all of what you have seen through the course of the year. It's
a difficult one for this committee because you haven't been here over this last year
to see all of the things that have come to this committee and I think what Nicky is committing
to in terms of going forward and bringing a governance statement to you in draught at
much earlier points is something we would all welcome around this table. I certainly
feel that there's a lot of pressure here on the internal audit opinion to sort of be that
kind of overriding factor that determines everything else. It shouldn't be. It's a significant
independent view, but it is the opinion of audit. It is not the management response to
how they have organised and governed their organisation during the last year.
That does not mean I want you to take my opinion any less seriously, because I spend a whole
year of working with my team to get this independent assurance in place so that it is based on
evidence, it's based on conversations with the organisation where we agree those areas
that require development and improvement, and we then monitor and follow that up throughout
the course of the year which you will see in the recommendation follow -up report.
So it is just about making sure that the context of this opinion sits in a broader picture.
In terms of the opinion this year, it's the same as it was last year, disappointing all
round I think.
I certainly was hoping that we would have embedded arrangements more clearly, more effectively
over the course of the year and I will absolutely own up to the fact that I might have been
slightly over optimistic in thinking that we could do all of that in a year, along with
all of the additional growth and development and new responsibilities of the organisation.
However, as the head of audit, I do believe those things that we are raising and the fact
that it is a risk -based plan focused on areas that matter means that these things should
be taken seriously.
And the improvements that we are asking the business
to make are to make the business better.
So I think it is important that they remain a focus,
as they have over the course of this last year,
very much developed through our corporate boards to be.
So I am confident, it's going to sound like optimism bias again,
but I am confident that there will be better progress
by the end of this year, and sincerely hoping
that we can move away from a less than adequate opinion
will be able to do that again. So if I can draw the
committee's attention to the opinion report that additional
safeguards have been developed to protect the independence of
internal audit in response to some previous issues that have
been raised in this committee and to confirm that while
functionally it is absolutely clear that audit reports to this
committee.
Administratively, we report to the Director of Finance and Commercial Services, but in
recognising some of the concerns that the committee previously expressed, we have developed
an additional protocol that affords me the opportunity to raise any independence issues
immediately with the chair of this committee, which the chair will then consider, look to
consider more carefully and decide whether to bring it to the full committee for the
committee to take action on as they see fit.
So we are listening to what the committee are saying to us in
terms of what they would like to see.
I do have a very direct report, not reporting line,
but a very direct communication line with the CEO of the
organisation, Ben Still.
And he has very clearly been pushing within his corporate
boards and his officer boards to make sure that what all
it is raising is getting the action and the attention that it deserves.
So other than that I'm going to take the papers as read.
Really happy to take questions and comments in addition to those that have already been
raised.
So, Chair, happy to take comments, questions.
Thanks, Bron.
So just one from me and then Dave.
Debbie Simpson, Chair (Independent Member) - 0:51:28
We've talked at this committee before about management accountability and in section 15there are a lot of areas for improvement now. So I suppose the question is how are managers
being held to account for those now and how has that differed since the committee last
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 0:51:51
put the challenge there? So thank you, Chair. That's an excellent point.And again, I just set the context there. Those areas, those themes that were developed came
out of the recommendations made which by nature of the recommendations are around areas for
continuous improvement. They don't do the balancing bit of reflecting the positives
that we found, which is something we are going to work on in terms of how we report going
forward. That said, part of the work we did last year looking at compliance across the
directorates, we concluded that piece of work by doing an overarching report, looking at
those areas where we actually felt there was an
organisational response required.
It picked up quite a lot of the themes
out of that section 15.
And those are currently being discussed with the directors
where we are looking for a director to take ownership
of each of those recommendations that we've made.
And that is very close to resolution,
I'm led to understand.
But that does pick up a lot of the stuff that we think
we need the senior leadership team
to be taking those forward in a very meaningful way.
Thank you.
Debbie Simpson, Chair (Independent Member) - 0:53:00
So we'll see the results of that fed backthrough this committee and where appropriate,
we can talk to the relevant directors.
Yeah.
Absolutely.
And they will actually form part
of the recommendation follow -up,
so you will get those regular updates
as well as having a director here to speak to any
that you particularly want to deep dive on.
Thanks, Bron.
So I think we had Dave.
Thank you.
Cllr Bob Felstead Chair - Scrutiny Committee - 0:53:24
Just very specifically on page 56, I think,8 Draft Internal Audit Plan 26/27
and this is probably a question for Kate,
in the absence of the CEO.
It said here that the concerted effort is needed
to improve the control framework with enhanced
cheque and challenge from the second line defence.
I want to ask whether we can get a commitment
David Merrett (Independent Member) - 0:53:41
on behalf of the CEO for that sustained effortand concerted effort to be delivered,
and in what form that's going to take
to improve that issue, please.
So we are currently doing a piece of work
at the moment, which Bron and Nicky have been leading,
Kate Taylor, Director West Yorkshire Combined Authority - 0:53:58
which is looking at precisely this,looking at the control framework,
looking at the second and third line of defence,
and where we would strengthen that.
The bulk of, effectively, second line of defence
within our organisation largely sits
within the corporate services of the organisation.
So activity is delivered at first line.
delivery directorates, second line sits with with us as corporate services and
then third sits the internal audit, external audit that are in there. So we are
absolutely strengthening that within there. We introduced a corporate board
chaired by myself into our internal governance structure within the last
sort of year in terms of that which is providing a forum actually for us to be
able to strengthen that and to keep monitoring and to keep monitoring that
that progress. So it is certainly a very strong focus of us as corporate directors at the
moment and something we are working through. I think we could look to bring that piece
of work actually and report to the committee at a suitable point in time so you can see
Debbie Simpson, Chair (Independent Member) - 0:55:06
that. Thanks Kate. Anybody else got any questions?Yes, Councillor. It seems from the fact that there are so many
Cllr Christiana Mirosanu CA Member - 0:55:14
limited opinions where it says there's an adequate framework of controls but they arenot being consistently applied. It's maybe a cultural issue around people not following
the control framework, so why you said you were looking at those frameworks and if they
are appropriate, which it seems they are mostly. What are you doing to make sure that people
are trained up and take on as part of their job responsibilities risk management as a
Debbie Simpson, Chair (Independent Member) - 0:55:43
Is that Bron or Kate?I can give you a view from audit in terms of what the business are doing.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 0:55:52
A lot of the limited reports came out of the approach to doing a directorate by directorate assessment of complianceand it was a very deliberate thing that we did to give us a baseline of where everybody was.
Part of what we did, so right down at individual head of service level rather than overall directorate level,
We talked with the heads of service about what their
specific control frameworks looked like, how they were
describing those as part of, so it was very much a
compliance audit, but it was also advisory in that we
gave some advice and guidance at that level at
that point in terms of what we would expect to see and
where we thought that improvements could be made.
And really what we want the second line to do, the
second line of defence going forward, is to test those
control frameworks more regularly.
So the control frameworks were there, not always set out as clearly as they could be
and certainly worth heads of service paying attention to, and that's what the benefit
of that direct -to -wide review was, was we were really getting down into that level of
the business to improve the way that they were dealing with things.
On the risk management point specifically, I have some strong views that the way we get
risk management better embedded in the organisation is to unengineer it a bit, make it much more
accessible to people. I think you're in real danger if you make it an all singing, all
dancing, does everything for everyone, starts to do nothing for anyone, because actually
what happens is people disengage and they stop actually doing risk management in the
way you want them to do it. So we have a lot of work, one of the limited audit reports
was around risk management.
And it wasn't because we're not doing enough.
It's because we're doing too much.
It's because we are making it hard for people
to fill in really long risk registers that I know are great
when you want to do dashboards and present information,
et cetera.
But somebody has to sit there and do the work of filling
in those registers.
And if you're asking for teams and across the organisation
for that to be embedded and done well, you have to make it easy.
I think it's an audit mantra, isn't it?
you keep it simple so that people can simply comply.
So there is a lot going on in that space
and we are working really closely with the risk team
through that integrated assurance approach
to try and make sure that that,
you know, we're thinking about what the business
can actually do, not just what it would be wonderful
if we could do, if we could gold plate everything,
that would be great, but I think you have to be realistic
and it has to be doable in the business.
Does that answer the?
Thank you.
Councillor Taylor.
Debbie Simpson, Chair (Independent Member) - 0:58:33
Two points I would like to make.Cllr John Taylor CA Member - 0:58:36
Firstly, when you look at the report, your team have done a good job.I think sometimes we do need to acknowledge those things, don't we?
Because you look at the amount of work that you have got through, you have got through
more of the planning than you have done in previous years.
When you look at the data that is there, it reads a good storey, doesn't it?
So please pass on our thanks to your team.
Then my other comment is around the some of the work that has been done, and particularly
the three where we came out with minimal audit opinion.
I would expect to see at this committee a bit more detail about each of those, because
if we have got minimal assurance, and our role here is to look at the assurance of the
controls is being well managed. But I don't know at the moment what's being done about
that because it doesn't tell me. It doesn't say anywhere what are the things, what were
the problems, what actions have been agreed for those problems, who's owning them, when
are we expecting to see an outcome. And that's what I would expect to see at this committee
for those where you're calling them red. Obviously you can't do it for everything, but for those
that you're calling red I'd expect to see that detail. I can't see that from this report.
Debbie Simpson, Chair (Independent Member) - 1:00:00
I think Dave just wants to come in.Cllr John Taylor CA Member - 1:00:04
If I could just pick up on that one specifically. So let's take one example, the audit number12 debt recovery on page 78, which is red minimal assurance. We've got a basic summary
there which is all we get at this committee. Having looked at the underlying report in
David Merrett (Independent Member) - 1:00:16
our SharePoint repository and looked at the details, I think there are questions for Ithink it's Kate's area to answer on this one, specifically how we got into the position
we're in which is not great by the looks of it and there is over two million pounds in
Cllr Bob Felstead Chair - Scrutiny Committee - 1:00:31
outstanding debt that's over 90 days due. My question is what's happening with the fourrecommendations in relation to that, three of which seem to be overdue and how much of
that debt is going to have to be written off do we think at this point?
Debbie Simpson, Chair (Independent Member) - 1:00:45
So Bron, do you want to take the first point and then Kate on the second?Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:00:52
Actually Dave's very helpfully pointed some of the things out I was going to do.We do bring the summaries here, we do bring the overarching dashboards etc, but
we do put the full reports in the repository so that this committee is
absolutely entitled to ask people to come and talk to specific reports should
they wish to do that and I think there is real benefit in doing that because you've
got the audit view in the repository in the full report, you've got the audit view in
this, what you want to hear is the management response set out from the point of view of
whoever is responsible for that area.
You get some comfort and assurance from the follow up of the recommendations because we
I think it would be a very sensible proposition and I would advocate that any minimal reports
come as a report in its own right to this committee for discussion.
Debbie Simpson, Chair (Independent Member) - 1:02:07
I would welcome that, Bron. I don't know if I'm supported by the committee members.Yes, yes, so we could take that forward. Did you want to come back, Councillor Taylor?
Cllr John Taylor CA Member - 1:02:19
The repository, I'm not familiar with the repository yet, but also this is a publicdocument that's going into the public domain. The public don't have access to the repository,
So we need to be thinking about what message are we giving to the public because we're
saying there's a minimal assurance but then we're saying nothing else about it.
Debbie Simpson, Chair (Independent Member) - 1:02:42
Cllr John Taylor CA Member - 1:02:43
So I think in the public document to enable the public to actually understand it and hidingthe information and I don't know if that's the wrong word.
Having the information in the repository, it might be helpful for us if we know where
find it. Clearly David you've got experience, you know where to find these things, hopefully
I'll get there, but the public don't and these are public documents and we're accountable
to the public. So I would like to see where we have this kind of response that there is
the information in the report so that the public can see that as well because currently
Debbie Simpson, Chair (Independent Member) - 1:03:20
they can't. So I would say as a head of order that makesBronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:03:22
my job really difficult if we publish full reports, mostly because we are the internalaudit function of the organisation, we are here to help the organisation be better. If
we end up in constant conflict around what's in a report because it's going into the public
domain and what's not in a report, I think that creates actually more tension for audit
to raise the issues it needs to raise. Sometimes what we're raising is stuff that actually
and I'm thinking about some of the things like cyber risks,
for example.
We don't want that out in the public domain in a similar way
to the way we don't want the risks in the public domain.
Order is about helping the business to do better.
The job of the committee here is to challenge both us
and management to make sure that we are all
doing that in the right way.
We can certainly look at putting more information
into the summary reports but using our judgement as to how much more we put in as opposed to
putting everything.
Because I like my team, we don't write long reports, we write relatively short reports,
but I like them to be quite on the nose.
I really do encourage them to be really clear with the business on what we would expect
them to do to improve things.
And what I don't want to do is to just become an endless round of what those reports actually
say, or even doing a summarised report, which I know a lot of audit functions do.
I don't like that at all.
I prefer the committee to see them in full and for the committee to come and exercise
its judgement here on whether we are doing the right things in terms of what we're auditing
and we're getting the right responses from management.
But that is a discussion, I think, for the committee to consider.
I think the Councillor tells you something.
Debbie Simpson, Chair (Independent Member) - 1:05:15
I disagree with you.Cllr John Taylor CA Member - 1:05:19
At the end of the day, we're responsible and accountable to the public.And the public has every right to know.
And if we're publishing a report that says there is minimal assurance around financial controls,
I expect us to be able to provide more information to the public about that and what actions we're taking.
So I don't expect it on everything, but when we're saying we have minimal assurance,
the public will quite rightly look at that and go, well, what on earth is the organisation doing about it?
Because it appears from the report that we've reported that and on we move.
And if it's uncomfortable for officers that they're getting a minimal assurance report
and that's going into the public domain, well you know what, that may help get officers
to make sure that they don't get minimal reports. And it is part of the sanctions we have to
make sure that they are delivering the right level of management control. You know, if
we hide it away from the public, actually we're making it easier for officers and that's
what our job is. Our job is to hold them accountable and if they're not delivering, we need to
say they're not delivering.
Cllr Alex Greenwood CA Member - 1:06:48
And I do think that's why they should be discussed at the committee with the relevant directorDebbie Simpson, Chair (Independent Member) - 1:06:54
or officer. I think the challenge with that is that we would probably only see one ortwo officers each time whereas there may well be more than that, minimal in the reports.
I don't know, I think Kate wants to come back.
Cllr Alex Greenwood CA Member - 1:07:07
Just to be clear the actions are public so the actions are included in the audit follow -up reportKate Taylor, Director West Yorkshire Combined Authority - 1:07:14
So the the action and the finding with the responsible officer in the due date is a report that's later on hereWhat's drawn by not publishing the full report there may be detail and that detail may be commercially sensitive
For example, it may talk in the debt about specific
commercial aspects that we do not and cannot
from a legal perspective put into public domain so that the I
I guess the action and nothing is hidden in that sense, you can see in that report all
of the things that we have to do and where we are with them in terms of that.
What is kept within private is where those may be specific details that cannot be either
legally, they're sensitive or commercial, particularly if it's talking around specific
detail.
Cllr Alex Greenwood CA Member - 1:07:59
That raises the point though and I think it's a valid one.If there is nothing of that nature in the report, is there any reason why we can't share
the report?
I don't think there is.
Debbie Simpson, Chair (Independent Member) - 1:08:11
Cllr Alex Greenwood CA Member - 1:08:13
So for minimal reports I'm really happy to apply that judgement and just make sure thatBronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:08:19
we either redact or don't publish those full reports where there is too much informationof that nature.
Councillor Taylor?
Debbie Simpson, Chair (Independent Member) - 1:08:22
It will always be a judgement call and you ought to be making that judgement call.Cllr Alex Greenwood CA Member - 1:08:27
I'm not sure I know am I supposed to be looking somewhere else in this report for that information?Debbie Simpson, Chair (Independent Member) - 1:08:34
There is a further report later on the agenda which always comes to this committee from Bron which is theinternal action follow -up report in there which has all of the actions so today is
item 9 on the agenda and that will that comes every single meeting that you have
of this one where Bron reports effectively. If your action has been done it goes
but it moves off on there but anything that is still open is still being worked
on is within that report.
Cllr Alex Greenwood CA Member - 1:09:01
Debbie Simpson, Chair (Independent Member) - 1:09:04
There is something here about cross -referencing some of these reports because if you don'tknow that or as an external reader you might miss it.
So if we've got something in one part of the report and there is further detail in another
agenda item, can it be linked?
Cllr Alex Greenwood CA Member - 1:09:22
You probably just need to be mindful that we're discussing the head of internal auditopinion which is a summary of all the work that has been done in the year that the reports
that are later on are actually the ongoing work. So there's almost two parts to this
agenda which is summarising out the work that has happened over the last 12 months and then
Kate Taylor, Director West Yorkshire Combined Authority - 1:09:37
there is the ongoing BAU work which obviously is the ongoing kind of piece in there. SoI think we just need to be mindful of not confusing the two and keeping the purity of
the opinion piece within there.
Cllr Alex Greenwood CA Member - 1:09:52
Debbie Simpson, Chair (Independent Member) - 1:09:54
Cllr Alex Greenwood CA Member - 1:09:55
That doesn't mean I can reflect that in the cover report, which I'm happy to do.Debbie Simpson, Chair (Independent Member) - 1:09:56
Yes, I think that would be useful in terms, because I think it feels to me as though we have got some of the answers within this report, it's just not clear how to link.Cllr Alex Greenwood CA Member - 1:10:18
Debbie Simpson, Chair (Independent Member) - 1:10:19
Cllr Alex Greenwood CA Member - 1:10:23
I just wanted to comment I think about something going through the audit reports, particularlylooking at some of the minimum assurance, I get a sense that there's a really basic
requirement for a kind of basic governance toolkit that everybody gets whenever they
start a project that is very clear, very obvious, because it's as though people don't know what
they should be doing on quite a fundamental level.
Now, I know you're quite a young organisation,
and I think organisations get more wary
and more risk averse when they have gone through a period
when things have gone really wrong,
and they've got experience with that,
so they immediately have that awareness of risk
and resistance to risk.
But I just wondered if some of the answers to this are quite ...
just as simple as a very basic governance toolkit. So people understand what they should
be thinking about and doing and, because I mean the idea to me that you would set up
a board or you would set up a project and you would have no terms of reference is so
alien to me that I think it needs kind of flagging up from a local authority point of
view. Just that comment.
Debbie Simpson, Chair (Independent Member) - 1:11:49
I think all of the points that you've made there, Council Grewin, is absolutely right.Nikki Deol Assistant Director Legal, Governance & Compliance - 1:11:54
And we're working on that. This feeds into Councillor Marissoo's point, is that it's acultural move and shift as well. So making sure we have got these toolkits, we've got
a plethora of guidance, but it's about engaging with that document and making sure that you're
ready and getting the right advice at the right time. Because with the governance team,
that's growing, I come in from a local authority so I understand these fundamental aspects
but it's a really, really good point and that's something I think we should reflect on as
an organisation.
Thank you, I think you were developing your assurance framework weren't you to say an
Debbie Simpson, Chair (Independent Member) - 1:12:29
integrated framework, is it worth just mentioning that work as well, how that's going?So yes, Kate actually alluded to it earlier, it's a piece of work that Nicky and I are
Cllr Robin Cumming CA Member - 1:12:39
on, it will be Nicky's eventually and that's to ensure that we are not, youknow, we don't become the overriding factor in that integrated assurance, it
is genuinely pulling assurance from across all the different providers of
assurance in the business, strengthening the second line, making sure we've got a
map that's clear about where our assurances are, that is all work in
progress that we've talked about previously at this committee and we will
I think being in a position to bring an update on that to the October meeting, I think I'm
right it is October, we would definitely expect to be able to come and present what the assurance
map looks like, what the integrated assurance framework looks like so the committee can
comment on that. We would welcome views on where people might have examples of good practise
from elsewhere that they would like to see us build in. It's much better if you can get
the ground floor and look at those assurances, what does this committee actually want from
an integrated assurance framework? Hopefully we'll bring you something that will tick all
the boxes but if we don't we are open to that being developed. So if we take an action to
bring that, put it on the forward plan and bring it to the October meeting.
Debbie Simpson, Chair (Independent Member) - 1:13:52
Yeah if you can please Bron, because I think that's, yeah.I'm kind of volunteering Nicky to do that, I apologise.
We've been asked quite a few questions today about who does what and how you get visibility
and I think that piece of work will start to give us as a committee that sense of where
accountability lies for various governance functions and then we can pull on that, can't
we, to get the right information and people into the committee.
Cllr Robin Cumming CA Member - 1:14:19
Just a quick question. On the summary of internal audit works and linking to the summary ofthe report, not in the same sequence.
Is there any chance you can just have a reference number on the summary to the details so we
can go straight to that one?
I know it's an easy question.
Yes.
The reason it's like that is we stick to the numbering that is in our original plan and
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:14:47
that's to make sure that we keep audit honest, that we don't drop things off the plan becausethey get too difficult to do or we want to reduce the size of the plan because
we don't think we're going to deliver our KPIs etc we stick to the original
numbering of the plan however your point is absolutely right we can just
reference it for the point of view of this document I take that on board
Debbie Simpson, Chair (Independent Member) - 1:15:12
absolutely thank you councillor Jenkins yes so this is a positive thing on pageCllr David Jenkins CA Member - 1:15:16
70 the forward look so apprentices and workforce planning so we heard earlierthat it's quite hard to get people to become auditors.
So hopefully somebody is going to be taken on as an audit apprentice.
But I think there is a – the government brought out a scheme whereby you can get £3 ,000
towards each employee to encourage apprenticeships.
I think this has only come out in the last few days.
So I wondered if we could look at that and see if we could get a report on getting in
as many apprentices as possible into this authority.
Debbie Simpson, Chair (Independent Member) - 1:16:00
Kate Taylor, Director West Yorkshire Combined Authority - 1:16:02
Kate? We do and we actively do. We do have to be a little bit mindful of, so we're notallowed to use the apprentice levy anymore for level 7 qualifications for anyone over
22, that was brought in last year. That actually affects a lot of our professional qualifications
in there so some of the top level of IA certainly our accountancy qualifications
solicitor qualifications etc so that that has been an issue for the industry
in terms of that but as an organisation yes we are looking at that that sits
within our people and transformation team who look at that programme for us so
we're looking at apprenticeship school leavers at the moment how we kind of
to bring people in through that. So yes, that will probably come through in some of the
monitoring information I guess.
Debbie Simpson, Chair (Independent Member) - 1:16:53
Thank you. Any other questions on that paper? No? Okay, so if we can note that the committeehas considered that paper and move on to agenda item 9. So this is a forward look now for
9 Audit Recommendation Follow Up Report
audit so this is a plan is a 26 27 plan and and this plan can be amended if the
committee wishes to see anything else included so Bron do you want to
Cllr Alex Greenwood CA Member - 1:17:24
introduce the paper so as you said chair this is the 26 27 audit plan we aretrying to to bring the audit plan a little bit more in line with the normal
financial year. We usually run audits past the end of the financial year because of course
it feeds into the annual governance statement, the accounts etcetera, the accounts are not
normally finished at the point at which the financial year ends, that then becomes a production
issue. So this last year we ran the audit work to the end of May. It does create some
difficulties though in terms of timing, so I have announced to the team that we will
be doing an 11 month plan this year and we will be bringing forward the
completion of audit work to the end of April. I also followed it up with a KPI
of 90 % delivery at that point so there are some intakes of breath and people
looking at cancelling their annual leave sort of urgently. That said it is a...
I am sorry.
Kate Taylor, Director West Yorkshire Combined Authority - 1:18:27
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:18:30
I will try to pick up my train of thought.I think I was on a roll.
Bringing the plan forward to complete at the end of
April allows us to bring things to a conclusion
more rapidly.
It is better with the annual governance statement
in terms of having the opinion be more as a projected
into the annual governance statement earlier in the
process.
I think that is a good thing.
is going to be really helpful.
The plan itself, we would normally bring a draught to this committee for a full discussion
where we go into the provenance of why things have been included on the plan, et cetera.
But we had a long period of time where we missed a meeting which was scheduled for April,
I think, or May.
And we are now at a point where we are obviously in the new plan year.
So I'm not going to say anything other than to this committee.
we are already working on this draught plan.
We have a number of reviews underway.
We had a few reviews carried forward from last year,
but it is dynamic.
As the chair said, it is a risk -based plan,
and by its very intent, it means we can flex,
change, move, add, take out,
whatever we need to do with the approval of this committee.
It is important this committee is confident
that the plan is still addressing the right things.
And that's kind of back to my point about numbering the plan
at the first stage of the year and not changing the numbers
throughout the course of the year means that we have to be
absolutely clear and transparent when we are adding
or taking things out of the plan.
It's how I keep myself and my team honest
and I'm sure the committee will grow to love the rather
sort of perverse numbering system further down in the year,
but we will absolutely try and make the point of referencing more appropriately going forward.
So this plan is for approval today. Normally, as I said, we would do a draught plan first
and then we bring the final following revisions as the final plan to be approved. If, however,
the committee is content to approve the plan subject to any other things they would like
us to consider. We can do that, that's not an issue, we can bring the plan again to the
next meeting for further approval. We do that at every meeting, we do an update against
the plan. We highlight any changes we're proposing to make or where events overtake us and things
necessitate bringing in some more urgent work. So it is something that does come back to
every single committee meeting and you will have the opportunity to yea or nay any changes
to the plan proposed in the future.
I think that's all I'd like to say apart from the fact
that a lot of planning goes into actually developing
what goes on the plan.
It does reference that in the report.
It is incredibly intense.
It's a period of year,
so while you're trying to complete one year's work
and you're thinking about next year's work,
it's very intense.
We do get a lot of traction with our director and leadership team around the planning
So all of this stuff will have been through multiple discussions both with individual directors as well as with the corporate boards
So it it has a lot of internal
Consideration in terms of what goes on the plan, but I'm happy to take questions. I'm aware I'm
Debbie Simpson, Chair (Independent Member) - 1:22:01
Thanks, but just one from me bit and then council greenwood and can you just explain to the committee a bit aboutthe risk -based prioritisation. You have explained it before, I know, but I think it would be
useful to go back to it because the point has been made that, for example, item 16,
it's shown as quite high risk but due later. So how do you arrive at what's the basis of
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:22:27
the decision -making? Okay, so the phasing of the audits, the donow, do next, do later, is not related to the risk. So the risk is what gets things
on the plan.
If it's very high risk or a corporate risk,
it goes on the plan.
If it's something that we can audit,
it absolutely goes on the plan.
The timing, the phasing, the do now, do next, do later,
is that bit of flexibility that we
get to accommodate new emerging risks, matters of concern that
have come forward, so we can flex the plan.
We can move it around from a do now to a do next or a do later.
We did used to bring a quarterly plan to the committee,
but it required so much change at every meeting
that this just appeared to be a more flexible option
that we advisedly stole from other organisations
that were using it effectively.
But it's not meant to be an indicator of risk.
So just because it's due later, it might absolutely
be linked to the progress that we expect to see in that area
and the point in the year at which we can actually
give the most assurance.
So it may be, for example, on some of the major projects,
they will have a particular piece of work,
bus franchising is an example,
they're going through the tendering process.
We will take a view at the end of that
to make sure that actually what has been done
in terms of that process has been done
in line with all of our contract standing orders
and procurement regulations.
That's an example, I'm not saying we will absolutely
do that piece of work, by the way.
It's just a phasing rather than a link to risk.
Debbie Simpson, Chair (Independent Member) - 1:24:03
Thank you. So Councillor Greenwood, Councillor Taylor, no Councillor MSingh. Yeah just a really quick one. What is the new PIMS system?
Cllr Alex Greenwood CA Member - 1:24:11
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:24:17
Do you know, and I've absolutely heard the message about no more acronyms, I thinkwe are going to go and just and relook at everything and just spell it all out.
It is our project information management system so all our projects get logged
on to this PIMS system.
It is under development at the moment for a refresh.
It absolutely should be our one version of the truth
in terms of all of the projects that we are running
in the combined authority.
Do I need to say more or is that, that's fine.
Thank you, Councillor Taylor.
Debbie Simpson, Chair (Independent Member) - 1:24:48
Yeah, couple of comments.Cllr John Taylor CA Member - 1:24:50
And number two on the plan says due diligence.I know what due diligence means,
but I'm not sure what it means in the context of this.
and it says risks identified through investigation work, what was that?
I have gone to the question.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:25:09
So investigation work does inform the plan and where we have done investigations wherewe felt that actually we may have...
I don't know what you have done, just in this context. I get why it is on the plan.
Yeah.
So it is really what are grant funders and contract managers
looking at, and what are they doing in terms of due diligence
before they award.
So it is very, very much predicated
on are we doing sufficient upfront cheques
before we actually make a grant or give out a contract.
Debbie Simpson, Chair (Independent Member) - 1:25:43
So could we possibly extend the descriptions of some of thosejust to give that to the level of?
Cllr John Taylor CA Member - 1:25:49
My second one was really when we have done an audit opinion, in particular those thatare minimal, presumably at some point we go back and I'm not sure whether that shows on
here or it's picked up in a different way. I'm sure it is picked up in some way, but
should I be seeing it on here or is it picked up differently?
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:26:11
So we do the follow up through the recommendation follow up. If we believe that actually that'sWe have an absolute hard line that we do not close
recommendations until we see the evidence.
And I think the directors around the table here will
tell you the team are very dogmatic about that.
If we believe that actually we don't need to do a
follow -up piece, we don't automatically schedule in
follow -up pieces.
And that's irrespective of the opinion rating because
we treat everything on its own merits.
If, however, we think that sufficient progress has not
been made and we want to come in and do a more specific follow -up piece to
identify what the blockers might be to why that is not happening we will come
in and do that. We have a contingency award in each and every single
directorate area that is where we would build in additional things and it would
be added to the plan but we do it on a case -by -case basis because it can soak
up a lot of resource. I mean we're quite fortunate that we only had three minimal
reports this last year but I think and some of those are sort of factoring into
other audits that we're doing so we would try and pick it up there as well
but yeah we would leave ourselves the option to do a full follow -up review
Debbie Simpson, Chair (Independent Member) - 1:27:26
thank you councillor mr. Sona I was gonna ask a similar thing about how theCllr Christiana Mirosanu CA Member - 1:27:31
minimal assurance reports are followed up because for example like the payrollone it would require extensive sample testing to cheque that it is actually
operating in a full period, because while they might
provide documentation to say they can now have policies
and guidance, how do we know that that is actually
operating consistently in that department?
So yeah, we'll be looking forward to see how it develops
through the year in terms of the action tracking
and then to determine whether further testing is needed
as an audio door, like a short follow up.
Actually, you've just given me an absolutely perfect segue into a little bit about the
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:28:09
data analytics work that we're doing.So that payroll audit identified an area that could benefit from regular data analytics
work from the team.
So we have put together a script that we are now running regularly and giving the exception
reports to the payroll team to take action on.
So we are sort of almost trying to do not just what you would think of as traditional audit,
we're trying to also add value in the sense of if we pick up issues within the way things are operating and we have an
opportunity to do through the use of this specific audit software we have,
some data analytics work to support the areas of the business, we do do that.
So it's a great example of where we have
follow -up and we have also additional action and then the potential to do further audits
if we need to.
Cllr Christiana Mirosanu CA Member - 1:29:04
Is that data analytics work after its embedded plan to be transferred over to the teams thatare receiving it? Because it's not really internal what is its job to be giving out
regular reports when you could be focusing on areas of higher risk.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:29:18
And that is a very astute point and absolutely correct and that is where this integratedassurance approach and developing the second line of defence into fulfilling that role.
In the meantime though, we'd rather we absolutely were picking up any anomalies and dealing
with them. So audit will do that until the point at which the business is competent to
take that on and to do it effectively.
Thank you. Any other questions on that paper?
Debbie Simpson, Chair (Independent Member) - 1:29:42
No, so I think we need to approve the plan.So could you have hands for all those in favour, please?
Yeah.
Any objections?
And any abstentions?
No.
OK.
Thank you.
So that's plans approved.
A gender item 9 is now where the committee can see the progress with audit recommendations.
So there's quite a lot of detail in here, quite an extensive plan.
Bronte, do you want to say anything about it before we take questions?
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:30:24
I imagine you're all a bit sick of hearing my voice by now, so I'll try and keep thisvery brief.
I've already suggested there may be some opportunities to invite people in to respond to things in
future so I won't reiterate that.
Just in terms of a positive that I do want to bring to the committee's attention, if
you look at the first table in the appendix under the performance metrics, the first graph
there shows that the overdue actions have gone down from 29 % to 18 % and that is very
much linked to the change in reporting that we developed.
We talked about it with the committee at the end of last year. We implemented a
process of sending out these regular updates to the directors to take up with
their heads of service and managers at their directorate outcome boards and we
are seeing a concerted effort to work to close recommendations. There are some
and you will pick this up from reading the pack where management would really
like to close the recommendation.
We're not confident to do that until we've seen the evidence.
We are really clear it's done at the point
at which we are satisfied it's addressed the risk.
So I think it's a really positive thing that's happened.
It takes quite a bit of time for audit to do those reports.
So it's another one.
We're just picking up Councillor's earlier point
about what audit should be doing.
I think it's one where actually it's in all of our interests
to do that, because the less time we have to spend chasing
recommendations. The sooner they get the resolved the better the control
frameworks are applied the better the business is so I think we feel that it's
a worthwhile cause. I also usually ask the committee at this point to see
whether this report meets the needs of the committee. It's a very long report it
has a lot of detail in it. I've made the offer before I'll make the offer again.
We could put the whole of the report in the repository for members to look
out in detail with possibly a focus on the red and ambers at this meeting.
But I'm absolutely happy to continue with it as is if the committee decide that's what
they want.
Thanks, Bron.
A quick one from me, then I'll pass to Dave.
Debbie Simpson, Chair (Independent Member) - 1:32:37
So the – we've seen a reduction in terms of the overdue ones, which is good, but canI just cheque there's no correlation between that and the reprofiling of the due dates?
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:32:55
So the overdue actions, we do sometimes re -profile and give a revised date but not if we thinkactually it's too risky. You're not addressing the risk, we will keep it red if we think
that the risk is not being addressed quickly enough. So we will not always do a revised
date. It may become amber but that will be because we've assessed that actually we are
not in danger here of creating more risk rather than resolving risk.
So the reds and that's why I think the emphasis on the red and amber which does give you oversight
of those that have had revised dates is sensible.
I think that's the right way to go.
I genuinely hold the organisation to account for the recommendations because I believe
an audit is not done until the recommendations are delivered.
That is when you actually get improvement.
So we are very challenging, both before recommendations are accepted in terms of the dates that people
give us. It is disappointing that so many have needed to be revised. We do challenge,
and I'm sure the directors here will confirm, we do go back and say, are you giving us a
sensible date for completing this work? We think it's a bit more challenging than you
are perhaps considering, so we try and bring in a hint of realism to all of this and consider
the art of the possible. The business quite often, you know, they do have a
commitment and culturally I would say this organisation is very committed to
doing the right thing, it just finds it runs out of time and capacity sometimes
to do that as quickly as I would like anyway. I don't know if I've answered the
Debbie Simpson, Chair (Independent Member) - 1:34:34
question. Yes, I think it has. Thank you. So I think we've got Dave, CouncillorCllr Bob Felstead Chair - Scrutiny Committee - 1:34:44
I think we reflected in previous committee meetings that the reason this paper is longand complex is because of the number of outstanding and ongoing audit recommendations that need
to be completed and until the solution to that is to bring that number down rather than
to push that detail into the background, I think. Just on the overall progress, just
to understand where we're at, looking at page 106, 107, we've got three sort of different
leads of the overall data. So if you look at the chart, you've got 116 total outstanding.
The table below you add it up, it's 134. And then the following detailed tables is 117.
So three different numbers. Broadly speaking, it looks to me as if we're at the same sort
of level we were before in terms of 120 or maybe a little bit more in terms of the overall
number of audit issues outstanding, is that true?
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:35:40
So a little bit of that depends on when we cut the data and unfortunately the paper isgoing quite early. Where I can update it I do, where I can't I don't. So sometimes the
numbers are not absolutely the same. Our one version of the truth is our tracker so we
can give you an updated picture. I think it's really important to remember though that the
Positive in getting rid of the overdues and making revised dates to some degree just gives
us a better idea of what we should be watching, what we should be looking at.
So I don't really have an issue with revising dates.
I do have an issue with the business being too optimistic about what they set in the
first place.
And I'm certainly glad the overdue ones where we hold the line and say, no, we're not going
to give you a revised date, you must deliver this now and we're keeping it red because
it needs that emphasis.
The number of recommendations though, when somebody made the point earlier, the amount of work we've done this year, it's going to keep going up.
The more work we do, the more recommendations we are going to be making. It's not a bad thing to have a lot of recommendations, it's a bad thing if they don't get delivered on time.
So I suspect what we need is, and also just for the record, we don't make, we don't distinguish
between high, medium and low recommendations here because we believe that if you're making
a recommendation it's because it needs to be done.
We are looking at in the future bringing in a critical and a, I can't remember the term
not the, a critical and a serious recommendation, just to distinguish where there may be a time
element that is significant which we think would be helpful for the committee
and the business to understand but actually more recommendations not
necessarily bad in and of its own right more outstanding and overdue
recommendations not great
Debbie Simpson, Chair (Independent Member) - 1:37:35
Thank You councillor Maris and it's great to have that explanation about theCllr Christiana Mirosanu CA Member - 1:37:40
ratings of the findings is I was going to ask something along those lines soin the meantime should we take that the overdue revised implementation date
not agreed, that column in the table, are those the ones that you deem higher risk out
of the total and those should have more emphasis to be resolved?
That's correct. So if we will not revise a date, it's because we think there's a risk
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:38:00
there that needs addressing more quickly. Sometimes it's a very annoying thing thatis just a small item that might be what fails to get it over the line in terms of actually
delivering the recommendation but if we are adamant that actually that small
thing makes a big difference then it will stay red and that's where the
committee should should definitely put its emphasis in terms of review. Thank
Debbie Simpson, Chair (Independent Member) - 1:38:25
you. Council Greenwood. Yeah I just wondered how you verify theCllr Alex Greenwood CA Member - 1:38:30
recommendation has been implemented. So we ask the organisation to give us anBronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:38:36
supported by any evidence they wish to supply to us.If the auditor is not confident that the evidence is actually demonstrating,
addressing the risk, because sometimes, and I'm sure you will pick this up in reading through the report,
the management response doesn't always directly align with the recommendation and the risk.
They'll go out and do a walkthrough with the business to make sure that the actual evidence is sufficient
and allows us to close the recommendation.
It's quite unusual to get to that point usually.
The business has become very educated over time.
When we say we want this evidence,
we try to be more prescriptive about what the evidence is that we want.
They are much better at sending that through to us,
so the team are able to sign that off without doing too much additional work.
Would it be possible to have...
How can I explain?
Cllr Alex Greenwood CA Member - 1:39:29
An example of this, or like...a case study so I can get an idea of what it looks like.
I mean it doesn't have to be a real one, if you've got an example one,
just so I can understand exactly what the process is,
from a practical basis.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:39:50
So for example, in some of the financial controls work that we've been doing,where we've had a number of different things that have been needed
to create a control framework that's more effective.
So it might have been building in the number of controls,
and we have a number of different things.
When we get the assertion back from the
business
they can give us some snapshots of information
on the system
to say this is how we have done this.
That is one snapshot.
Is that one thing you have worked on in order
to give us confidence
that the system
could be?
The auditor will go out and say can we just sit
down in the system, have a look at that,
show me how that works so that I can see it's replicated.
It's not one example just to meet a recommendation.
We know people are under pressure to meet recommendations,
but we want them done right, so we will take
that extra step if we need to.
Quite often it's a lot simpler than that.
We need your strategy, send us the strategy,
we will look at that and make sure it addresses
the risks that were raised in the audit.
So it's very case dependent.
Okay. Councilman Taylor.
Debbie Simpson, Chair (Independent Member) - 1:41:00
Cllr John Taylor CA Member - 1:41:02
Yeah, two things. I'd welcome something in here that does give us that kind of criticalserious level because there are a lot of recommendations and really we need to try and focus on those
that are probably the more critical, most important. The other thing that I'd welcome
in this report is the date of the audit because actually if we've got an item where the audit
was done two years ago and we're still waiting for those recommendations.
We need to get the relevant owner of that action to come and explain why it's two years
since this was raised perhaps and nothing's really happened on it even though it may not
be the most serious. So just that other lens of looking through that really I think would
be helpful.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:41:51
I think that's a really easy one for us to accommodate because we can literally afterthis.
I've just got a quick question.
Cllr Robin Cumming CA Member - 1:42:02
You're on a new recommendation and it seems to be working.Debbie Simpson, Chair (Independent Member) - 1:42:04
Then they say we have done it, there's my proof.What's the ongoing cheque so they don't revert back to the old ways of working if it's easier?
So that comes back to the point of follow up.
And the year before that, well actually going back further than that even.
If we think there are things that will need regular testing, we'll build them into cyclical audits,
which we do around a lot of the financial stuff, lots of the procurement stuff.
Anything where we've got standing instructions to the business that we need to test,
we will go back and do a political audit of those.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:42:45
Thank you.I think we did talk once before, Bron,
about trying to set some trigger points
Debbie Simpson, Chair (Independent Member) - 1:42:51
for when things, when officers would come in,and I think you just touched on it then, Councillor Thayer.
It might be worth brushing that off again
now we've got some new committee members
and having a bit of a think about that,
maybe it's pre -session.
Yeah, happy to do that.
We can arrange something.
Thank you.
Bronwyn Baker, Officer (West Yorkshire Combined Authority) - 1:43:07
Kate, did you want to?Debbie Simpson, Chair (Independent Member) - 1:43:08
Kate Taylor, Director West Yorkshire Combined Authority - 1:43:12
It was just coming back to Dave's question earlier around debt. I hadn't forgotten onthat one. So in terms of the debt actions, a number of the actions we're sitting with,
the action owner hasn't been in the business for the last three months in terms of that,
so I have been covering that role. In terms of doing that, that has also coincided with
the accounts period in terms of those. So some of those have slipped back a little bit
in terms of work to do, I've had to make assessments of what was the right thing to do from an
organisation and where the most risk sat. I felt that was protecting the accounts process
at that point in time. As part of that, we have of course reviewed all of our existing
debt. So some of those actions, some of it is admin in terms of we just haven't been
on top of emails for the last three or four weeks. In terms of that, I don't know, some
of I've seen this morning, some of those responses have been going through as the team are getting
back into BAU in terms of that. Some of those around the debt policy I will be picking up
now. We're kind of over that hump over the next month to get those through in terms of
that. And I think, you know, as Bron says, we are, there's optimism bias and then sometimes
things happen that takes specific capacity out and we have to then reassess across that
and that's ultimately my job.
Cllr Bob Felstead Chair - Scrutiny Committee - 1:44:33
So just in summary then, do we have any understanding yet how much of the couple of million poundsworth of outstanding debt we're going to have to write off?
Kate Taylor, Director West Yorkshire Combined Authority - 1:44:40
At the moment all of that is being said, there's some debt that was written off because asa report I'd outlined in there, some of it is legacy debt that came actually over with
the old system, it's going back to 2017. We have quite strict policy for writing off debt,
particularly in terms of assuring that we know the origination of that and that it's
not a, effectively not fraud.
So we have quite a strict process that we go through in terms of getting internal audit.
We will also cheque with external audit where appropriate to do that as well before we do
that.
So some, there was a minimum amount of debt that went through that's been written off
there.
The other debts that are sitting in there, I know where they all are, they are all being
actively chased at the moment, either through internal action or some are actually sitting
with the administrators.
Debbie Simpson, Chair (Independent Member) - 1:45:35
Thanks Kate. Any other questions on that paper? No? Okay, so I am, if you can, minute thatthe committee has noted that paper. We'll move on to Agenda Item 10 and that's the external
10 External Audit Update
audit update for information. So Alistair, do you want to take us through that?
Alastair Newall (Auditor) Mazars - 1:45:58
Thank you, chair. What you've got here is our usual style of audit update report thatwe produce with a section updating you on the progress since the last meeting and also
a section highlighting national publications that may be of interest to you as audit committee
members. In this report, conscious that we've got a largely new committee, I've included
more background on the external audit history more than normal because of the, shall I say
the complex history of external audit at the combined authority. Some committee members
will know the background which I have tried to summarise to set out how we have arrived
at where we are. So to summarise, we have two main responsibilities as your external
auditor, we give an opinion on the accounts and we consider the arrangements that the
authority has to deliver value for money in its use of resources, focusing on three criteria,
those being financial sustainability, governance and improving economy efficiency and effectiveness.
In terms of the accounts audit work, I won't replay what is in the report but the report
Just to summarise that the recent history of external audit at the Combined Authority
before my time as external auditor and before Kate's time as Director of Finance and Financial Services
is a troubling and a troubled position.
The 21 -22 audit, there were some national technical matters which affected most local authorities
And alongside the combined authority not having sufficient resources to respond to the audit meant that that audit was completed very late and
Meant that the combined authority only published its 22 23 accounts in March
2024 and
that has led to
Me and the auditor
Before me disclaiming audit opinions on the authorities accounts since 22 23
And the focus we are now in is trying to rebuild that assurance from where we are, having three
years of disclaimed opinions.
That rebuilding assurance will take time.
Our focus now is on identifying the risks that exist in the accounts to target our work
accordingly.
We've been waiting, existing members will know, we've been waiting a long time for the
various external parties, national interested parties, to put in place a framework for rebuilding,
which enables ourself as the external audit firm and the other audit firms to put in place
their own approaches to how we rebuild assurance in these situations.
We've now got that, so my focus for the current year
and for the current month is to focus on the risk
assessment work, which we are doing to identify
what approach we can take to rebuilding assurance
and how quickly that might happen.
I don't have that information at the moment.
We've got to go through that risk assessment process,
as I say, which we're on with.
we should have that completed by the end of July,
so I will be in a much clearer position
when we come to your next meeting in October
to be able to say,
this is what the risk assessment has shown,
these are the issues, the key risks,
this is our approach to that,
and consequently, this is how long it will take, I think.
Obviously, the quicker and shorter it is to deliver,
the easier it is for the combined authority
to support that process.
An audit is not just me coming along and doing my work.
I've got the Combined Authorities Finance team to work with to support that.
So if there's an awful lot of work, that is necessarily going to take consideration as
to how quickly that can be rebuilt.
Hope that gives you a little bit of background.
I've got an apology on the report.
In the section when I talk about our value for money work, I've summarised that there
was one reported weakness which I've listed for you
and set out what work we would do to consider
if that had been addressed.
That's absolutely true, but there were two weaknesses,
not one, and I've neglected to put the second weakness
in there, so I apologise for that.
The second weakness which we reported last year
actually links to something that is included
in the annual governance statement earlier,
and it's around the operation of the bank reconciliation
controls that operated through 2024 -25. The authority identified that the process that
it had been going through hadn't actually been reconciling the right thing to the right
thing. So there had been a reconciliation process but it hadn't been giving the authority
the assurance that it wanted to get. I think that's fair and accurate, isn't it Kate? You're
nodding, I've not misrepresented that. So that we reported as a significant weakness
last year as well.
I hope that gives you a little bit of a summary of that.
We will obviously be following that up in our work
on value for money.
We will be carrying out that work.
We've started that work now,
and we will be carrying that work out.
We will, the timetable for completing value for money work
is that I have to report it by the end of November each year.
So, whether I'm able to bring a summary
to your October meeting is, shall we say, questionable.
We'll need to make good progress to do that,
but we would be reporting it by the end of November
and discussing that with Kate in advance,
and we will bring that to you,
the outcome of that to you at your next meeting
if it isn't in October.
So I shall pause at that point,
and happy to take any questions.
Thank you, Alistair.
Council Camus.
Debbie Simpson, Chair (Independent Member) - 1:52:23
Alastair Newall (Auditor) Mazars - 1:52:25
Bank reconciliation, now to me that's the easiest thing to do.You have a bank statement, you've got your accounts payables,
your accounts receivables and you tick them off.
How can they get it wrong?
Because obviously that may, I mean to be honest that's a critical thing.
You then know your computer systems recording correctly.
You've not got any fraudulent activity going out that hasn't been recorded in your computer systems.
So you've got your analysing your computer system
for duplicate payments, et cetera.
So surely that's something that should be done since 2000
and well, ever since the bank and computer system started.
Yeah.
Yeah.
I'll let Kate answer the question,
because the question is more directed as to how that happened.
In terms of my work and my focus, you're right.
It's a fundamental control.
There's no more important control.
I think from what I recall, the authority identified itself from the work it had done
that what it had been doing wasn't reconciling the right thing to the right thing.
But I'll let Kate explain more accurately.
That's absolutely true.
Kate Taylor, Director West Yorkshire Combined Authority - 1:53:33
So the weakness was picked up by ourselves, reported to Mazaars by ourselves.We had already reconciled the entirety of 24, 25 at that point and put the controls
in place at that point where we were in 25, 26.
in terms of what had happened before I can't possibly comment because I was not
here and in terms of there and we don't really have many staff that were here so
I couldn't I couldn't in terms of been able to comment around how that arose
from there I think that would be inappropriate actually of me to do that
and to I'd be speculating ultimately to do that but what I yeah kind of sure is
we have got that in now and do understand what we should be reconciling to which which
Mazars have seen the reconciliations that we've performed for that.
Debbie Simpson, Chair (Independent Member) - 1:54:25
Can I ask you how often you do the bank rec? Is it got to be done within five days of monthCllr Robin Cumming CA Member - 1:54:29
end or is it sort of like something that will be done but it gives you time to sort of likemiss things and you know so what's the actual timeline?
Kate Taylor, Director West Yorkshire Combined Authority - 1:54:41
I'd get back to you on timeline. Certainly they are done monthly now as part of within kind of the we closed down withinWell the ledger itself in terms of getting JIRA and I etc in there to close down is within about seven days
Working days of the month end in terms of that and in the control bank rate will be done within that period
Any other questions
Debbie Simpson, Chair (Independent Member) - 1:55:06
No? Okay, thank you Alistair, so that's been noted. Agenda item 11, Mr Kate please state an update on the 2526 statement of accounts.11 Statement of Accounts 2025/26 Updates (Including Accounts Improvement Process)
Kate Taylor, Director West Yorkshire Combined Authority - 1:55:21
Thank you chair. I think the first would be to say that we can't stand here today and confirm,as was sent out very kindly by Meg, 2526 draught statement of accounts including AGS was published
by the 30th by the statutory deadline. As Alastair has outlined, given the history that
is a significant achievement for this authority to have done that. In there I guess in terms
of the work plan that is reported in here actually I guess that is the proof that we
have followed through on that. We have effectively focused on three key pillars to support that
which was capacity, capability and planning to drive that forward in terms of there.
We have had some challenges on some of those pillars, particularly capacity.
We have been running around 2 FTE down at all points over the accounts production period,
but managed to maintain that work and do that through having a very strong plan in place,
a very strong project plan that has allowed us to move that work around in terms of to other members of the team,
including myself at points in time on there. So we have made significant
strides it is a document that we are proud of as well that is out there in
the public for that. We have a number of future improvements that we want to make
so it's not the end from our perspective we want to continue to make future
improvements in that for it and I would just put on record as well from my
perspective just to say thank you to the entirety of my finance team because it has been an extreme amount of work to get here
It's been 12 months of work
To get here in particular my financial accounts team, but it has
Absolutely been a team effort from everybody within the finance team to get us here today with some late nights
I think I say towards the end
Debbie Simpson, Chair (Independent Member) - 1:57:21
Thanks Kate and I appreciate the effort that's gone into that and it's good to see it's been fouled on time. That's a real achievementSo there's a bit of officer heroics in meeting this deadline.
Cllr Alex Greenwood CA Member - 1:57:32
There is always officer heroics if I'm honest meeting across the entirety of the sector.Kate Taylor, Director West Yorkshire Combined Authority - 1:57:44
The deadline is challenging, the accounts are very complex in the public sector, thedocument runs to 170 pages, that is not a substantial piece of work to get there, there's
technicality to it. We also have group accounts so our Wicar accounts are we
have a single entity which is as I would describe what happens in this building.
We also then have to consolidate West Yorkshire policing as well and produce a
second set of numbers. They're working to the same deadline as us so that it's it
is it is hard to get to there absolutely yeah it's always been hard.
Cllr Alex Greenwood CA Member - 1:58:21
As I noticed you have recruited some new finance officers, soDo you feel that for 26 27 the process will be less challenging?
Kate Taylor, Director West Yorkshire Combined Authority - 1:58:37
No, I don't because the nature of the authority is changing and therefore the complexity is changing of what we do and that will bringAnd we're already on top of this.
We're talking about, so things like the bus franchising programme, and this is the complexity
of what we do.
The bus franchising programme means that we own a significant number of assets.
That becomes relatively complex with those arrangements and how we then need to account
for those under the accounting standards.
So the nature and the change of what you kind of see means that the accounts don't stand
still and the financial complexity doesn't stand still.
So in terms of will it get easier, no.
because our nature will keep changing.
In terms of will we be more confident,
and we will feel more confident
to be able to pick up those changes,
absolutely yes in terms of that.
So I have restructured the team
over the early part of the year in terms of that,
so we had a relatively flat structure,
created more hierarchy,
which sits better for controls perspective
because you've got doers, reviewers, approvers
within that structure.
We have got a more permanent contingent of staff. We were heavily reliant on contractors within our accounting
Staff and we have got some new appointees coming in hopefully with the next three to four months
In terms of their following completion of pre -employment cheques, so we are very much on a good trajectory
In terms of doing there and a growth through there
But in terms of you know, I think it would be remiss of me to say that it will get easier
over there because we're not doing easy things. Thanks Kate. Any other questions on that?
Debbie Simpson, Chair (Independent Member) - 2:00:17
Thank you. OK, we'll move on to agenda item 12 and that's the report from the Data Protection12 Data Protection Officer Report
Officer, an update for members on the Governance and Audit Committee's assurance regarding
data protection. This is the agenda item we're going to close for officers to discuss appendix
one. So, Nikki, do you want to introduce the report and we'll take questions on everything
apart from appendix one. Thank you, Chair. So this is a standard item
Nikki Deol Assistant Director Legal, Governance & Compliance - 2:00:57
that you will find at each meeting that you have as a committee. It deals with the dataprotection aspects and it will be presented by my statutory officer and she can go through
that report for you. Can I remind members not to discuss the exempt items, we will go
into closed session for those. Thank you.
Thank you chair, thank you Nicky. This report provides members of the committee with an
Saeema Hawaldar, Officer (West Yorkshire Combined Authority) - 2:01:27
update on the information governance performance across the combined authority since the lastmeeting of the governance and audit committee. I'll take the report as read but we'll just
expand on a few key points from the report. So the report generally highlights some progress
against the ICO's accountability framework which is what we use to measure our compliance
performance against and effectively audit our work. It also touches on key performance
performance indicators and that we ended the 25 -26 financial year on.
Members of the committee are asked to note the contents of the report, specifically performance
data presented and the continued maintenance of statutory information governance compliance
across the organisation.
To note, the CA appointed a new data protection officer immediately following the departure
of the previous post holder was perhaps significant to note there is that there was no gap in
the statutory coverage, so there was no period during which the organisation was left without
a designated data protection officer. We have received notification of two complaints
from the ICO since the previous reporting period. We don't yet have any further information
on the details of the investigation from the ICO yet. I can confirm that they will likely
likely look at the application of an exemption under the Freedom of Information Act.
On transparency obligations, the figures presented in the report include a slight improvement
since the previous reporting period and onto sort of assessment of the ICO accountability
framework.
That is validated through internal or its own independent assessment.
The initial assessment found that 82 % of the brain work requirements were fully met and
were sort of highlighted as green.
There is some work to do for improvement and there are further details about that in the
appendix which can obviously be discussed in the private session.
We ended the previous financial year with an improvement of 4 .1 % on the previous stats
for GDPR training compliance for all staff members across the organisation.
And then just finally to touch on information requests across the board, there's been a
marked improvement in the compliance with responding to requests within a statutory
time frame. I'd ask members to note that this is despite an increase in the volume of requests
For FLI specifically, it's been an incredibly busy period showing 17 % increase in volume
of requests on the previous year and the trends tend to show that we are receiving an increase
of requests year on year.
Thank you.
I'll conclude on that and recommend that the committee notes the contents of the report
and I will welcome any questions.
Obviously if there are any about the private appendix if you can move that to the private session, please
Debbie Simpson, Chair (Independent Member) - 2:04:33
Thank you. Any questions other than that is relating to appendix oneYes
It's not so much a question just to comment. I thought the performance was very very strong
Cllr John Taylor CA Member - 2:04:46
And as you as you've mentioned, you know that the increasing volumes as wellAnd I know how difficult some of these FOIs are as well
to actually get the responses back from various places.
So I just think it's credit to you and your team.
So just take that back from the committee to the team.
Thank you.
Debbie Simpson, Chair (Independent Member) - 2:05:03
Anything else before we move to closed session?No?
OK, can we move to closed session, please?
12 Data Protection Officer Report
?
Gospel typstone.
Nikki Deol Assistant Director Legal, Governance & Compliance - 2:05:54
the risk manager but this is again like the data protection report this is astanding item on your agenda and that you should expect to receive as part of
your pack at each meeting. I'll hand over to the risk management.
Thank you Nikki. Before I walk through the risk paper for the committee a warm
welcome to our new council members and of course existing council members for
Ismail Mayat, Officer (West Yorkshire Combined Authority) - 2:06:17
for the ongoing contributions in this business year of 26 -27.Allow me to provide the committee with a brief context and background
to support the understanding of the risk paper presented before the committee today.
It is to be noted that we are on the first rotation of our risk maturity cycle
and currently on the journey to embed standardised consistent approaches
across the many programmes, projects and directors here at the combined authority.
This is important to note as the corporate register, the contents of which is summarised
in the paper today, you may find there are two overall types of risks that require management.
The first is what you would ordinarily expect, such as risks that impact the whole organisation
and quite often strategic risks.
However, we also have a second type. These are risks that require
temporary escalation to the corporate risk register due to the oversight and interventions
necessary for effective risk management.
All corporate risks are assigned to leadership offices as risk owners working alongside
senior leadership officers as risk sponsors. What this means in practise for corporate risks is it's our head of services or
equivalent that are risk owners and the directors including assistant directors,
executive directors, senior responsible officers and where necessary even our
chief exec. This provides assurance that the right level of authority is managing
the risks at corporate level. For further assurance the senior leadership board in
a formal setting discuss and review risks on a corporate register every two
months. This is a standing agenda item and is beyond the usual progress and review activity
leadership and senior leadership offices are involved in between the formal discussion
and review. The two types of risk aforementioned on the corporate register should provide the
committee with assurance that escalated risks as well as the usual corporate risks have the right
level of oversight and interventions in keeping with effective risk management practises.
For risks on levels other than the corporate register, work is ongoing to ensure risks
are discussed as part of everyday business as opposed to periodic review time only, acting
as an early warning indicator for a prompt escalation where necessary and perhaps landing
on the corporate register which ultimately is reported to this committee as well as other
governance boards.
With this understanding, it is not unusual for risk to temporarily come onto the corporate register
and then to come off as they are de -escalated to direct programme or project level risk registers.
Let us now take a look at the risk paper as item 13 on the agenda.
We should find this on page 193 of the printed pack and page 197 if you are looking at the digital pack.
The paper confirms the number of risks currently held on the register within the table under
3 .1. We can note there are currently 14 risks with not much change from the previous reports
to the committee drafted in January 26 and October 25. The report then highlights two
appendices in 3 .2 and 3 .3 providing a summary of the information held on the corporate register
split between appendix 1 and 2. Before we go into those appendices the report further
explains in 3 .4 the non -standard 5 by 5 risk matrix used by the combined authority to risk
using likelihood and impact scoring assessments. These risk the risk matrix was previously
endorsed by the committee and approved by the governance board for standardisation and
consistency. The remaining part of the report looks at implications of the
report and I asked the committee for these implications to be noted. With the
presentation of the appendices the committee is asked to note the risks
currently held on the corporate risk register presented within the ROPE
reports. To clarify a ROPE report is a risk on a page report. As per the term it
has each risk presented on a single page to be able to ensure clear
understanding of the risk event, the cause, consequences, the assessment of the ratings,
the next steps and the risk controls required or planned to achieve the target appetite
position. We have, however, included a summary table as a cover to the risks presented on
individual pages, providing the committee a glance view of the risks held on the register,
the assigned responsible offices, the previous rating position, the current rating position,
direction of travel and the target appetite that management are working to achieve
within with these risks. In simple terms, the ratings present a high -level view of
where we were previously, where we are now, where we are trying to get to and
importantly are we closer, further away or is there no change from where we were before?
For corporate level risks it's not unusual to find no change for long
periods as it takes implementation of significant and lengthy mitigation plans
to reduce the levels of risk and ensure the mitigation controls are much more
and effective in managing the risk. If the direction of travel is reducing
these can be classed as wins in the sense that we are getting closer to the
If we are reducing to a lower risk than the target appetite, it provides us an opportunity
to assess if the spend on the mitigation resources can be utilised more effectively as we are
already at acceptable levels of risk.
So it's important to note that reducing isn't always a win.
It can have or it gives us the opportunity to ensure we are prioritising resources appropriately.
On the contrary, if the direction of travel is increasing, this is a warning indicator,
not to be seen negatively but as a flag for further or prompt intervention,
extremely important in effective risk management models,
providing the opportunity to manage the risk before it becomes an issue.
May I remind the Committee that the job roles of the responsible offices for corporate risks
Our leadership team in the heads of service or equivalent as risk owners and the senior
leadership officers such as directors and so forth noted earlier as the risk sponsor.
Appendix 1 report contains the risks held on the corporate register excluding four risks
which are exempt under commercially sensitive information in relation to the security aspects
where disclosure would lead the organisation vulnerable to security breaches.
Of course we have just discussed with regards to legacy arrangements, but we have however
noted in the summary table of appendix one that outlines all 14 risks including exempt
13 Risk Management
risks so as to provide balance and transparency and make sure the disclosure is appropriate
for those risks without identifying the specific exempt information.
The risk on the page detail for the risk containing exempt information are not available
in Appendix 1 but are instead reported in Appendix 2 available
for discussion during the private setting.
Let us remain on Appendix 1 and note the four risks that are not within the appendix
But outlined in the summary table are recorded with risk ID C are all 0 0 1
014 0 18 and 0 23 each of which contain mitigation information around security measures
staying on appendix 1 summary table
Of travel these are CR are 0 2
CCR -002, titled as fatality, and CCR -016, titled as post -franchising.
For those who are really good with attention to detail, we will note a reporting error
on CCR.
Very high rating and the current position as high rating.
The true position is the reverse.
So to correct the error, it is to be noted that the previous rating position for the bus franchising risk was rated as high,
and the current rating position is very high.
The correction then correctly reports the risk is in fact
–
CRL002 is due to the association of the risk in line with the national threat level increase to severe.
This change, the likelihood from unlikely to possible and the impact remaining critical,
it impacts each being reviewed in particular with guidance still emerging from Martin's law.
This will be adjusted and updated to reflect any change on the risk rating,
though it is to be noted that this risk will always be assessed in association with the national
6 is due to
evaluation of the control effectiveness and maturity ratings the register confirms that mitigation controls to
Manage this risk have been defined and are partially effective. However with a number of items
management are focusing on to strengthen the controls
and their effectiveness.
It was agreed that the likelihood score assessment
is raised from possible to likely.
Retaining the impact assessment scores serious.
This changes the position from high to very high.
A mitigation plan is under review
and management will be in a better place
to report interventions over the next two reporting periods
with this particular risk.
Whilst there is no change in the rating reported for the two cyber related corporate risks,
CRR 001 and CRR 023, management can confirm that we have achieved the cyber essentials
plus accreditation from an audit that took place just last month.
This provides dependable assurance that the risk is well managed and the reporting at
the next committee will reflect this.
There is one risk that continues to meet target appetite. This is CRR014, protective security.
The detail of which is in the exempt information, however this risk was recommended to senior leadership board for de -escalation and will come off the corporate register at the next report to this committee.
The operated post services risk IDC are R006.
One operator ceased all operations after 31st of March 26th,
partially as a result of the high cost of fuel.
Emergency contracts for all impacted services are now in place.
A full tender exercise has taken place for operators to cover contracts until they are franchised.
All remaining risks continue to make general progress
and no risks are reported to be stagnant as at this reporting period.
Prior to moving on to the appendix 2 in the private setting, does the committee have any
comments or questions to raise on this paper and appendix 1?
Debbie Simpson, Chair (Independent Member) - 2:18:27
Thank you for that. Can I just make one request which is somewhere we have a date of whenthese risks were put on to the register so we can get a feel for how long they have been
on there. That might be useful for cotton sex. Has anybody got any questions on this
before we move to closed session? No? Thank you. Can we move to closed session?
13 Risk Management
Ismail Mayat, Officer (West Yorkshire Combined Authority) - 2:18:51
Ismail Mayat, Officer (West Yorkshire Combined Authority) - 2:19:04
and no further questions.That will bring us to the close of the meeting.
However, I would just like to ask,
how are people, can I ask you,
can you please make a recommendation?
Oh sorry, yes, can we recommend
Debbie Simpson, Chair (Independent Member) - 2:19:19
that the reports be voted in?Yes, we've come to lots of different things today.
Lots of recommendations, actually,
with the candidates, but I think that's what we do
to get the action that is due.
and how about the vote of the approval of the first point of the meeting to cheque the comments by December meeting.
14 Date of Next Meeting
I will take some of that in the pre -meets and then take some of it back to the committee as well.
Thank you chair. And just to wrap up this agenda item, given that this is a standing item that you will receive,
Ismail Mayat, Officer (West Yorkshire Combined Authority) - 2:19:56
can we please go to the vote that you've all noted the content of thatand officers will take away all of the comments that members have provided to us and will
ensure that that is provided as an update and actioned accordingly.
So can we go to all those in favour?
Nikki Deol Assistant Director Legal, Governance & Compliance - 2:20:26
Thank you.- Item 4 - Minutes - 19 February 2026 DRAFT, opens in new tab
- 2. 260219G&A Minutes - 19 February 2026 DRAFT, opens in new tab
- Item 5 - Governance Arrangements, opens in new tab
- Item 5 - Appendix 2 - Membership v2, opens in new tab
- Item 5 -Appendix 1 – Terms of Reference for the Governance & Audit Committee, opens in new tab
- Item 6 - Report Draft Annual Governance Statement, opens in new tab
- Item 6 - Appendix 1 - Draft Annual Governance Statement 2025-26, opens in new tab
- Item 7 - Head of Internal Audit Annual Opinion, opens in new tab
- Item 7 - Appendix 1 Internal Audit Annual Opinion 25-26, opens in new tab
- Item 7 - Appendix 2 Audit report summaries, opens in new tab
- Item 8 - Draft Internal Audit Plan, opens in new tab
- Item 8 - Appendix 1 Draft Internal Audit Plan 26-27, opens in new tab
- Item 9 - Audit Recommendations Follow Up, opens in new tab
- Item 9 - Appendix 1 - Audit Recommendation Follow Up, opens in new tab
- Item 10 - External Audit Update, opens in new tab
- Item 10 - Appendix 1 - Audit Progress Report July 2026, opens in new tab
- Item 11 - Statement of Accounts 2025-26 Update, opens in new tab
- Item 11 - Appendix 1 - Financial Closure Advisory Report Actions Update, opens in new tab
- Item 12 - Data Protection Officer Report, opens in new tab
- Item 12 - Appendix 2 - DPO Report, opens in new tab
- Item 13 - Risk Management, opens in new tab
- Item 13 - Risk Management Appendix 1 - ROAP Report, opens in new tab
West Yorkshire Combined Authority