The Lincolnshire County Council Audit Committee met to discuss the annual audit opinion and reports, fraud risk, information assurance, external audit plans, the annual governance statement, and the audit committee work programme. The committee approved the Head of Internal Audit's opinion and report, the counter fraud work plan, the Information Assurance activity, the two external audit plans, and the Annual Governance Statement. The committee also agreed that the Audit Committee Work Programme should be reviewed and amended.

Annual Audit Opinion and Report

Claire Goodenough, Head of Internal Audit and Risk Management, presented her annual opinion and report for the financial year 2024-2025. Overall, she gave an adequate assurance rating, stating that the frameworks of governance, risk management and management controls were adequate and working in practice. She noted that 100% of recommendations made during the year had been accepted by management. Andrew Middleton, Independent Added Member, raised concerns about Fiskerton Primary School, his former school, being in deep, deep trouble according to the audit. He asked how comprehensive the council's offer of assistance to schools was, and whether more could be done to encourage schools to accept guidance. Councillor Bunney, CHAIRMAN OF THE COUNCIL, also raised concerns about schools listed on page 34 of the Public reports pack, and whether every school was being checked, particularly smaller primary schools. Councillor Carrington asked about the council's risk arrangements, and whether the council was still in the top 10% of local authorities, as it had been in July 2022. She also asked about contract awards and exceptions, and why some contracts were being recorded outside the council's software. Councillor Roberts asked whether academies were independently audited. Councillor Lock asked whether academy audits were publicly reported. The committee approved the Head of Internal Audit's opinion and report.

Fraud Risk Register Report

The committee approved the Fraud Risk Register Report for implementation across the council. The report provided the committee with the outcome of fraud risk assessments and an overview of fraud risks facing the council. The report noted that fraud continues to represent the single largest category of crime in the UK, and that local government is vulnerable to fraud due to the broad range of services it delivers. The report also noted that the UK's new failure to prevent fraud offence, established under the Economic Crime and Corporate Transparency Act 2023, will come into force on 1 September 2025¹. The report included a Fraud Risk Register Table.

Information Assurance Annual Report

David Ingham, Head of Information Assurance, presented the Information Assurance Annual Report 2024/25. The report captured activity of grants, records of management, information security and data protection. The report noted that requests for support and engagement from across the council have continued at very high levels. The report also noted that the ICO had a reasonable level of assurance that processes and procedures are in place and are delivering data protection compliance. Data protection complaints increased from five to eight, with four being upheld by the ICO. The hard copy records project has now reviewed over 335,000 individual records, and of those, 20% have been destroyed. There has been a 10% increased in confirmed security incidents, with the main cause being human error, and the main type of incident being misdirected information. Councillor Haldenby asked how many security incidents were not raised quickly, or by colleagues, but by another source. Councillor Davies asked about the timeline for the hard copy project, and whether the authority was subject to an appropriate level of security breaches, compared to the number of transactions. Andrew Middleton, Independent Added Member, asked whether further training could reduce the number of security incidents caused by human error. Councillor Roberts asked whether one of the breaches was a breach of medical records, and whether it was a criminal act, and what safeguards were now put in place to stop that from happening. Councillor Carrington asked about the rules that the council serves, and how the data is passed to a third party to process on the council's behalf. The committee approved the Information Assurance activity for 2024-25.

External Audit Plans

Claire Welberry, Strategic Finance Manager, presented the external audit plans for Lincolnshire County Council and the Lincolnshire Pension Fund 2024/25. The Lincolnshire County Council Audit Plan identified the key risks as:

• Valuation of land and buildings
• Management override of controls
• Valuation of post retirement benefit obligations The other audit risks were:
• Valuation of investment property
• Adoption of IFRS 16[^2] [^2]: IFRS 16 is an international accounting standard that specifies how to account for leases. The audit fee for the year was £316,000. The Lincolnshire Pension Fund Audit Plan identified the key risks as:
• Management override of controls The other audit risks were:
• Valuation of Level 1, 2 and Level 3 investments is misstated
• Level 1, 2 and 3 investments are not complete, do not exist or are not accurately recorded
• The actuarial position of the scheme is not appropriately presented in the financial statements The audit fee was £94,000. Councillor Davies asked whether a standard risk model could be agreed, and what reliance was placed on the previous year's internal audit. He also asked how national issues cropping up in other councils were fed into the audit, and how whistleblowers fed into the external audit. He also asked whether valuations were stress tested against where a field had been sold. Councillor Roberts asked whether money from the sale of an old school in Horncastle went straight into the coffers of LCC, or whether any part of it was ring fenced. The committee approved the two external audit plans.

Annual Governance Statement

Claire Goodenough, Head of Internal Audit and Risk Management, presented the Annual Governance Statement. The statement is a statutory document which outlines how the council conducted its business against lawful and proper standards for the last financial year. Councillor Davies asked what a significant governance issue was, and why issues around transparency codes and PCI compliance did not feature in the report. Councillor Bunney, CHAIRMAN OF THE COUNCIL, noted that in one or two places, percentages had been given of being met or not being met, but the actual number had not been given, and that it would be useful to have that base information. The committee approved the AGS for inclusion in the Statutory Accounts.

Audit Committee Work Programme

Claire Goodenough, Head of Audit and Risk Management, presented the Audit Committee Work Programme. The work plan outlines the timing of the reports coming to the committee, and includes any training and information plans as the year develops. The committee agreed that the work programme should be reviewed and amended.