21
City of Glasgow College Annual Report & Accounts 2019-20
Review of 2019-20
Internal Audit
The College's Internal Auditors were Henderson Loggie,
who have been contracted to undertake this role from 22
September 2016 for 4 years, with an option to extend a
further year. The role of the internal auditor is to provide
an independent, objective assurance and consulting
service. This is designed to improve performance, enhance
processes, add value, and improve the College's operations
across the full range of the College's activities and functions.
The auditor's approach is to help the College accomplish its
objectives by bringing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management,
control, and governance processes, as well as advise
best practice gained from the auditor's experience across
sectors.
In March 2017, Henderson Loggie had provided the
Committee with an Audit Needs Assessment (ANA),
including a proposed internal Audit Plan covering the period
2016 - 2020. The ANA was prepared following a review of
previous internal and external audits and related documents,
and in consultation with a number of College managers. This
assessment informed the Internal Audit plan which specified
audits of particular areas of College activity throughout the
period of the plan.
Internal Audit Reports
The Internal Auditors reported on the following areas in the
course of 2019-20:
• Student Recruitment Targets: Assurance level - Good,
with one low priority action agreed, to put in place robust
controls to ensure that all enquiries made via the website
"contact a lecturer" function are answered promptly via an
additional "shared mailbox" email address.
• Student Fees: Assurance level - Satisfactory. In this
report the auditors reported on the College's student fee
raising processes which the ANA had identified as an area
where risk can arise. Three low level recommendations
were agreed, to ensure correct fee calculation and
consistency with Unit-E systems, improvements to Unit-E
records of faculty information, and improvements to
records of invoicing and payment details.
• Quality Assurance and Improvement: Assurance level -
Good. One low priority action was agreed to improve the
recording of Performance Action Group plan adjustments
at PAG meetings.
• Staff/Organisational Development: Assurance level -
Good. Three low level recommendations were agreed:
to improve departmental induction records, ensure
completion of initial employee mandatory training and
integration within 12 weeks, and improved assessment of
training impact on performance.
• 2018-19 Student Activity Data. in line with Credits Audit
Guidance, a review of systems and procedures used
by the College in compiling the College student activity
data return for 2018-19 was undertaken. The auditor's
opinion confirmed that the returns had been compiled in
accordance with all relevant guidance, and that adequate
procedures were in place to ensure the accurate
collection and recording of the data. On the basis of audit
testing, the internal auditors provided the SFC reasonable
assurance that the FES return contained no material misstatement. No recommendations
were suggested.
• Business Continuity: Assurance Level - Good. In
2019, the College completed a major revision and
development plan for business continuity, involving an
external specialist consultant. This was a very positive
audit report, with significant strengths identified related
to departmental Business Recovery Plans, reflecting
recognised good practice as published by the Business
Continuity Institute. One low level recommendation was
agreed.
• Payroll: Assurance level - Good. This was another
positive report, across 11 audit objectives relating to the
expenditure of £53m of staff costs. Just one low level
recommendation was proposed and agreed, and ten key
strengths identified.
• Risk Management: Assurance Level - Good. This
audit examined the corporate procedures in place
to assess and minimize strategic risk, benchmarked
against good practice guidance. The audit found that
a robust risk management framework was in place,
exhibiting most aspects of good practice. Two low-level
recommendations were agreed.
• Procurement and Creditors Purchasing: Assurance
Level - Satisfactory. This review was not included in
the original audit strategic plan and was added into the
Annual Internal Audit Plan for 2019/20 at the specific
request of the Audit and Assurance Committee, following
the significant fraud identified by the College during 2019.
The audit found five areas to be graded Satisfactory, and
three as Good, with seven key strengths identified, and
nine low level recommendations overall.
• Web-based services: Assurance Level - Satisfactory.
This report related to the range of web-based systems
and services used by staff and students of the College,
including Connected, the College website, MyCity,
Enquirer, and the Library Management System. Seven low
level improvement recommendations were agreed.