The Audit Committee of Hillingdon Council met on 28 August 2025 to discuss a range of topics, including updates on the Governance Review Improvement Plan, the Financial Modernisation Programme, risk management, and reports from both internal and external audit teams. The meeting also included a discussion of recommendations made under Section 24 of the Local Audit and Accountability Act 2014, and a review of the committee's work programme.

Issuance of Recommendations

The committee was scheduled to consider recommendations made by the external auditor under Section 24 Schedule 7(2) of the Local Audit and Accountability Act 2014. The report pack included a Value for Money update from the external auditors, Ernst & Young (EY), which contained seven statutory recommendations to the council:

• To ensure detailed implementation plans support all planned savings in the 2025-26 budget and future financial strategy.
• To review service delivery models for efficiency and value for money.
• To balance the schools' budget and address the Dedicated Schools Grant (DSG) deficit¹.
• To review financial forecasting processes.
• To establish a clear understanding of the council's current financial position.
• To address issues with the implementation of Oracle EPM².
• To continue the development and implementation of the Financial Modernisation Programme and the wider Governance Review Improvement Plan (GRIP).

The report pack noted that the external auditor recognised that the council had already begun taking steps to implement these recommendations.

External Audit Update

The committee was scheduled to receive an update on the draft 2024/25 accounts and the provisional audit planning report from Ernst & Young. The report pack included the auditor's annual report for 2023/24, which noted a disclaimed opinion on the council's financial statements, as in 2022/23. The report pack stated that this was due to time constraints and other limitations meaning that not all of the auditing processes could be completed. The report also highlighted weaknesses in regards to financial sustainability and the quality of council information. The report pack also included the Provisional Audit Planning Report for the year ended 31 March 2025. This report noted two new risks that would be assessed as part of the audit: the implementation of the new finance system (Oracle Fusion), and the governance risk linked to the capacity of the finance team.

Governance Review Improvement Plan and Finance Modernisation Programme

The Audit Committee was scheduled to receive an update on the Governance Review Improvement Plan (GRIP) and the Finance Modernisation Programme (FMP). The agenda frontsheet included a recommendation that the committee note the work on the GRIP and the FMP, seek any clarifications and assurances, and provide comments to officers.

The Governance Review Improvement Plan (GRIP) was commissioned in March 2025 and is sponsored by Tony Zaman, as Chief Executive and Head of Paid Service. It focuses on three workstreams: financial governance, directorate governance, and constitutional/democratic governance.

The Finance Modernisation Programme (FMP) was launched in April 2025, and its initial focus has been to support understanding of the financial outturn for 2024/25, improve budget monitoring and forecasting processes for the new financial year 2025/26, and address issues with the use of the council's finance system, Oracle Fusion.

Risk Management

The committee was scheduled to discuss the Q1 Risk Management Report, which presents a summary of the council's risks from the Risk Management System at the end of June 2025. The report pack included the Q1 Risk Management Report and the Strategic Risk Report August 2025.

The Risk Management Report focused on key performance indicators to support the committee in gaining assurance that risks were being managed effectively across the council and that mitigating actions were being implemented. The report also included a summary of the council's red rated risks, also known as the Corporate Risk Register.

The Strategic Risk Report focused on the strategic risks potentially impacting on the council's strategic objectives, aligning them to the council's key performance indicators to provide assurance that the risks were being managed effectively.

Internal Audit Progress

The committee was scheduled to receive an update on internal audit activity. The report pack included the Internal Audit Progress Report Aug 2025, which summarised the work covered by the Internal Audit (IA) team since the last committee meeting. The report also provided an opportunity for the Head of Internal Audit to highlight any significant issues that had arisen since the last IA Progress Report.

Counter Fraud Progress

The committee was scheduled to receive an update on counter fraud activity. The report pack included the 2025-26 Q1 CFT Progress Report, which presented summary information on all Counter Fraud Team (CFT) work covered in relation to 2025/26 Quarter 1. The report also provided an opportunity for the Head of Counter Fraud to highlight any significant counter fraud issues that had arisen.

Work Programme

The committee was scheduled to review planned meeting dates and the forward programme. The report pack included the Work Programme, which listed the dates for Audit Committee meetings and made suggestions for future agenda items, working practices and/ or reviews.