Agenda of Audit and Risk Committee meeting

Audit and Risk Committee Agenda

3 June 2022

MINUTES OF Central Otago District Council
Audit and Risk Committee
HELD VIA MICROSOFT TEAMS AND LIVE STREAMED
ON Friday, 25 February 2022 AT 9.34 am

PRESENT: Ms L Robertson (Chair), Cr S Jeffery, Cr N McKinlay

IN ATTENDANCE: Cr C Laws, L Macdonald (Executive Manager - Corporate Services), J Muir (Executive Manager - Infrastructure Services), L van der Voort (Executive Manager - Planning and Environment), L Fleck (Executive Manager – People and Culture), S Righarts (Chief Advisor), N McLeod (IS Manager), I Evans (Water Services Manager), A McDowall (Finance Manager), A Crosbie (Senior Policy Advisor), P Bain (Water Services Team Leader), R Williams (Governance Manager) and W McEnteer (Governance Support Officer)

1 Apologies

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That apologies from His Worship the Mayor T Cadogan and Cr N Gillespie be received and accepted.

Carried

2 Public Forum

There was no public forum.

3 Confirmation of Minutes

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the public minutes of the Audit and Risk Committee Meeting held on 3 December 2021 be confirmed as a true and correct record.

Carried

4 Declaration of Interest

Members were reminded of their obligations in respect of declaring any interests. There were no further declarations of interest.

5 Reports

22.1.2 Policy and Strategy Register

To consider the updated Policy and Strategy Register. A question was raised about the Staff Interests Policy and whether or not current practise reflected the policy or not in terms of the Executive Team considering staff interests on a six monthly basis. An update on this was requested for the June meeting.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

22.1.3 Audit and Risk Committee Terms of Reference

To consider the terms of reference for the Audit and Risk Committee.

After discussion it was agreed that there should be two further amendments before the document was presented to Council. The first was to delete reference to the Deputy Chair as the position did not exist. The second was regarding the appointment cycle of the Chair, where an additional clarification was to be included to say that the Chair was appointed “each triennium following the year of election or as required.”

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the Audit and Risk Committee

A. Receives the report and accepts the level of significance.

B. Recommends to Council that they accept the proposed amendments to the Audit and Risk Committee’s terms of reference as detailed in appendix 2 of the report.

C. Recommends to Council that the reference to the Deputy Chair is removed from the delegation and that the term of the appointment of the Chair is clarified to include the words “each triennium following the year of election or as required.”

Carried

22.1.4 External and Internal Audit Updates

To consider an update on the status of the external and internal audit programme and any outstanding actions for completed external and internal audits.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

22.1.5 Financial Report for the Period ending 31 December 2021

To consider the financial performance for the period ending 31 December 2021.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

22.1.6 Cyber Security Plan 2018-2021 update

To consider an update on the 2018-2021 Cyber Security Plan.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

22.1.7 Local Government Official Information and Meetings Act 1987 (LGOIMA) Request Policy

To review and recommend the Chief Executive approves the Local Government Official Information and Meetings Act 1987 (LGOIMA) Request Policy, which is related to Council granting requests for information under the Local Government Official Information and Meetings Act 1987.

After discussion it was decided that the Committee should not recommend Chief Executive approval, rather they could support it.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the Audit and Risk Committee

A. Receives the report and accepts the level of significance.

B. Supports the Chief Executive approval of this policy and issues to staff for implementation.

Carried

22.1.8 Privacy Policy

To review and recommend the Chief Executive approves the Privacy Policy for council staff use, which is related to Council’s code of practice and legal obligations in accordance with the Privacy Act 2020.

The Committee asked if the scope of the policy included the Council’s obligations as an employer and it was agreed that the scope of the policy should be expanded to include this prior to final sign off.

It was also decided that the Committee should support the Chief Executive’s approval of the policy rather than recommend it.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the Audit and Risk Committee

A. Receives the report and accepts the level of significance.

B. Supports the Chief Executive approval of the policy and suggests its scope is expanded to include internal privacy relating to staff prior to implementation.

Carried

22.1.9 Health, Safety and Wellbeing Report

To provide with information on health, safety and wellbeing risks and controls at Central Otago District Council.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

6 Chair's Report

22.1.10 February 2022 Chair's Report

To consider the February Chair’s report.

The Chair had nothing to report.

7 Members' Reports

22.1.11 February Members' Reports

To consider the February members’ reports.

Councillor McKinlay reported that he was a member of subcommittee overseeing the Cromwell Hall project and noted that a timetable for the project was currently being put in place.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the reports be received.

Carried

8 Status Reports

22.1.12 February Governance Report

To report on items of general interest, consider the Audit and Risk Committee’s forward work programme and the current status report updates.

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the report be received.

Carried

9 Date of The Next Meeting

The date of the next scheduled meeting is 3 June 2022.

10 Resolution to Exclude the Public

Committee Resolution

Moved: Robertson

Seconded: Jeffery

That the public be excluded from the following parts of the proceedings of this meeting.

The general subject matter of each matter to be considered while the public is excluded, the reason for passing this resolution in relation to each matter, and the specific grounds under section 48 of the Local Government Official Information and Meetings Act 1987 for the passing of this resolution are as follows:

General subject of each matter to be considered	Reason for passing this resolution in relation to each matter	Ground(s) under section 48 for the passing of this resolution
Confidential Minutes of the Audit and Risk Committee	s7(2)(a) - the withholding of the information is necessary to protect the privacy of natural persons, including that of deceased natural persons s7(2)(c)(ii) - the withholding of the information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely otherwise to damage the public interest s7(2)(d) - the withholding of the information is necessary to avoid prejudice to measures protecting the health or safety of members of the public s7(2)(g) - the withholding of the information is necessary to maintain legal professional privilege s7(2)(i) - the withholding of the information is necessary to enable Council to carry on, without prejudice or disadvantage, negotiations (including commercial and industrial negotiations)	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7
22.1.13 - Wastewater Overflow Procedure review	s7(2)(g) - the withholding of the information is necessary to maintain legal professional privilege	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7
22.1.14 - Water Services Capital Projects Update	s7(2)(b)(ii) - the withholding of the information is necessary to protect information where the making available of the information would be likely unreasonably to prejudice the commercial position of the person who supplied or who is the subject of the information s7(2)(i) - the withholding of the information is necessary to enable Council to carry on, without prejudice or disadvantage, negotiations (including commercial and industrial negotiations)	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7
22.1.15 - Strategic Risk Register	s7(2)(i) - the withholding of the information is necessary to enable Council to carry on, without prejudice or disadvantage, negotiations (including commercial and industrial negotiations)	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7
22.1.16 - Litigation Register	s7(2)(g) - the withholding of the information is necessary to maintain legal professional privilege	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7
22.1.17 - February 2022 Confidential Governance Report	s7(2)(c)(ii) - the withholding of the information is necessary to protect information which is subject to an obligation of confidence or which any person has been or could be compelled to provide under the authority of any enactment, where the making available of the information would be likely otherwise to damage the public interest s7(2)(d) - the withholding of the information is necessary to avoid prejudice to measures protecting the health or safety of members of the public	s48(1)(a)(i) - the public conduct of the relevant part of the proceedings of the meeting would be likely to result in the disclosure of information for which good reason for withholding would exist under section 6 or section 7

Carried

The public were excluded at 10.33 am and the meeting closed at 11:37 am.

3 June 2022

Logo, company name

Description automatically generated

22.2.4 Financial Report for the Period ending 31 March 2022

Doc ID: 580293

1. Purpose

To consider the financial performance for the period ending 31 March 2022.

Recommendations

That the report be received.

2. Discussion

The quarterly financial report is presented to the Committee as part of regular updates.

3. Financial Reporting

The financials for March 2022 show an overall favourable variance of $1.274M. Development contributions are higher than budget by $967k. Offsetting this, are unfavourable variances in grants and subsidies, interest and dividends, and user fees and charges. Cost of Sales of $1.964M have come through for stage one of the Dunstan Park subdivision. The budgets for subdivision cost of sales are recognised in June.

Income of $52.068M against the year-to-date budget of $51,420M

Overall income has a favourable variance against the revised budget by $648k. This is being driven by the timing of development contributions with a favourable variance of $967k. This variance is offset by the timing of water meter readings and Waka Kotahi subsidies.

The main variances are:

· Government grants and subsidies revenue has an unfavourable variance of ($106k). This is mainly due to the timing of the Waka Kotahi New Zealand Transport Agency (Waka Kotahi) roading subsidy contributing an unfavourable variance of ($264k). Subsidies are claimed for both the operational and capital roading work programmes and fluctuate based on the work programme. This unfavourable variance is offset by Tourism Infrastructure funding (TIF) of $165k for the Clyde Historic Precinct toilet upgrades. The budget for this is recognised in other income, however this funding has been correctly recognised in grants and subsidies.

· User fees and other has an unfavourable variance of ($350k). This is being driven by the timing of the water meter reading, with a variance of ($286k). There is another water meter read due before the end of the financial year. Other income has a variance of ($56k). This is due to the grants budget being included in ‘other income’ rather than the correct place of grants and subsidies. This budget includes the TIF funding for the new Clyde toilet and Miners Lane carparks.

· Regulatory fees has a favourable variance of $140k. This variance continues to be driven by building consent revenue received, which year-to-date is $158k ahead of budget.

· Development Contributions has a favourable variance of $967k. This variance relates to the timing of development contributions which are dependent on the resource consent process and developer timeframes. Cromwell development contributions in wastewater, water and roading are higher than budgeted.

· Interest and dividends revenue is unfavourable against budget by ($129k). Interest rates received on term deposit investments are continuing to remain low, due to low market interest rates. Large project costs are also being managed with current cashflows while waiting for income to be received. This includes subdivision development costs. This results in less cash available to be invested and reduces the length of time term deposits can be locked in for. The current investment with Kiwibank is only returning 0.7% interest.

Expenditure of $37.686M against the year-to-date budget of $38.312M

Expenditure has a favourable variance of $626k. The main drivers behind the favourable variance are contracts, staff, professional fees, and other costs. Offsetting this favourable variance is the cost of sales from stage 1 of the Dunstan Park subdivision, along with depreciation.

The main variances are:

· Staff costs have a favourable variance of $303k. The is due in part to the lag between staff movement and the replacement of new staff, plus the relevant recruitment costs. It also includes staff training, made up of conferences and planned attendance at workshops, travel and accommodation. Attendance and travel plans have been delayed due to the on-going impact of COVID-19.

· Contracts has a favourable variance of $356k. Contract expenditure is determined by workflow and the time of the contract. The outcome of this is that the phased budgets will not necessarily align with actual expenditure, meaning some work appears favourable, and some contracts spend year-to-date appear unfavourable. Planned maintenance $147k; contracts $187k; and roading contracts $31k are the key timing variances year-to-date. The contracts variance of $187k is being driven by the timing of the Three Waters Stimulus operational improvements projects.

· Professional fees has a favourable variance of $291k. This is similar to contract expenditure where budget and actuals do not align throughout the year but typically align by the end of year. Major variances include, engineers fees $76k; management consultants $178k; planning consultants $112k and recoverable professional fees ($178k).

· Depreciation has an unfavourable variance of ($75k). This is mainly due to a difference between the actual and budgeted wastewater depreciation. Wastewater assets reflect the updated valuations which occurred after the 2021-31 Long-term Plan was approved. The depreciation budget has been brought into alignment for the 2022-23 Annual Plan. Areas with major variances include, parks and reserves recreation $213k; roading $64k; and wastewater ($234k).

· Costs of sales has an unfavourable variance of ($1.104M). This is due to the costs incurred for stage 1 of the Dunstan Park subdivision and is offset by land sales revenue of $3.7M received for the first stage of this development. The costs of sales budget is reflected with 50% expenditure in April and 50% in June. Development costs from Cemetery Road for stage 1 have not yet been finalised and allocated to cost of sales. The subdivision development costs are held on the balance sheet in property intended for sale until each stage is complete and land sales are received.

· Repairs and maintenance has a favourable variance of $117k, mainly due to the timing of various projects as well as building maintenance requirements. Weed control of $33k, buildings repairs and maintenance $44k and equipment hire $27k are the key timing variances.

· Projects has a favourable variance of $147k, due to the phasing schedule of Tourism Central Otago projects.

· Other costs has a favourable variance of $332k. A detailed breakdown for other costs is tabled below.

2021/22	9 MONTHS ENDING 31 MARCH 2022					2021/22
		YTD	YTD	YTD
Annual Plan		Actual	Revised Budget	Variance		Revised Budget
$000		$000	$000	$000		$000
	Income
33,270	Rates	25,215	25,180	35	˜	33,270
7,248	Govt Grants & Subsidies	12,084	12,190	(106)	˜	16,890
7,323	User Fees & Other	5,003	5,353	(350)	˜	7,737
17,286	Land Sales	4,769	4,767	2	˜	14,739
2,155	Regulatory Fees	2,033	1,893	140	˜	2,157
2,104	Development Contributions	2,505	1,538	967	˜	2,114
388	Interest & Dividends	57	186	(129)	˜	392
-	Reserves Contributions	293	196	97	˜	196
-	Profit on Sale of Assets	14	-	14	˜	-
55	Other Capital Contributions	95	117	(22)	˜	150
69,829	Total Income	52,068	51,420	648	˜	77,645

	Expenditure
13,565	Staff	9,317	9,620	303	˜	13,482
587	Members Remuneration	378	413	35	˜	587
8,904	Contracts	6,532	6,888	356	˜	9,811
2,902	Professional Fees	2,279	2,570	291	˜	3,869
9,997	Depreciation	7,881	7,806	(75)	˜	10,383
13,926	Costs of Sales	1,964	860	(1,104)	˜	7,229
3,920	Refuse & Recycling Costs	2,971	3,037	66	˜	4,029
-	Cost Allocations	(9)	(2)	7	˜	(2)
1,723	Repairs & Maintenance	1,149	1,266	117	˜	1,940
1,410	Electricity & Fuel	1,031	1,042	11	˜	1,419
-	Loss on Sale of Asset	262	262	0	˜	262
652	Grants	461	496	35	˜	631
1,115	Technology Costs	704	760	56	˜	1,100
303	Projects	704	851	147	˜	1,231
639	Rates Expense	555	605	50	˜	712
423	Insurance	451	450	(1)	˜	455
2,037	Other Costs	1,056	1,388	332	˜	2,087
62,103	Total Expenses	37,686	38,312	626	˜	59,225

7,726	Operating Surplus / (Deficit)	14,382	13,108	1,274		18,420

This table has rounding (+/- 1)

· Other costs has been configured to include only needs-based costs which will fluctuate against budget. There are no large variances of note to report on at present.

Other costs breakdown is as below:

2021/22		YTD Actual	YTD Revised Budget	YTD Variance		2021/22
Annual Plan	Other Costs breakdown	YTD Actual	YTD Revised Budget	YTD Variance		Revised Budget
$000		$000	$000	$000		$000
535	Administrative Costs	232	344	112	˜	562
690	Office Expenses	371	448	77	˜	655
234	Operating Expenses	154	178	24	˜	234
327	Advertising	135	229	94	˜	374
175	Valuation Services	123	134	11	˜	175
76	Retail	41	55	14	˜	87
2,037	Total Other Costs	1,056	1,388	332		2,087

This table has rounding (+/- 1)

Council Property and Facilities $2.376M favourable against budget:

This is mainly due to the timing of the Cromwell Town Centre Projects currently underspent by $1.954M. This includes the Memorial Hall project, Cromwell Administration Buildings projects and Grounds, paths and fences around the Town Centre. Other areas behind budget include community buildings $379k, council offices $162k and elderly person housing $17k.

Waste Management $187k favourable against budget:

The transfer station reconfiguration projects are contributing to $192k of the underspend. Some of this work is underway but not all work will be completed this year.

Vehicle Fleet $28k favourable against budget:

Vehicle renewals and purchases are under budget with 54% of the $256k total revised budget being spent.

Information Services $161k favourable against budget:

Information Services projects are behind budget. Projects include enhanced customer experience digital services $22k, enterprise resource planning information services $16k, financial performance improvement $89k and information and records management $24k.

Libraries $150k favourable against budget:

This favourable variance is due to the timing of the Alexandra Library building upgrade. Currently this project is in the design phase.

Parks and Recreation $1.072M favourable against budget:

This favourable variance is driven by a mixture of the timing of project budgets and contractor’s availability to perform the work. Projects include landscaping, signage and irrigation. The Cromwell pool replacement heat pump accounts for half of the capital budget variance. The work on installing the heat pump is well underway and is expected to be completed in late June.

Roading ($1.639) unfavourable against budget:

This unfavourable variance is due to the timing of the budget and work programme. Year-to-date $1.226M of the $1.365M annual revised budget has been spent. There is currently no budget allocated year-to-date March 2022, with the budget being allocated out over April, May and June. Other roading projects include footpath renewals $127k, carpark renewals $161k, structures renewals $173k, sealed road renewals ($584k), gravel road renewals ($206k) and drainage renewals ($50k). These variances are due to the timing of budgets and the work programme.

Three Waters is $2.1M favourable against budget:

The favourable variance is due to the timing of construction projects. The main drivers include the Lake Dunstan water supply $1.062M, water treatment plant and capacity upgrades $2.3M, wastewater improvements $135k and water stimulus fund projects $383k.

2021/22 Annual Plan	CAPITAL EXPENDITURE	YTD Actual	YTD Revised Budget	YTD Variance		2021/22 Revised Budget	Progress to date against revised budget
$000		$000	$000	$000		$000	Progress to date against revised budget
6,058	Council Property and Facilities	1,088	3,464	2,376	˜	9,305	12%
382	Waste Management	384	571	187	˜	913	42%
-	i-SITEs	-	1	1	˜	4	0%
50	Customer Services and Administration	15	33	18	˜	62	24%
204	Vehicle Fleet	139	167	28	˜	256	54%
248	Planning	-	139	139	˜	348	0%
352	Information Services	193	354	161	˜	1,369	14%
164	Libraries	98	248	150	˜	512	19%
1,713	Parks and Recreation	729	1,801	1,072	˜	3,755	19%
7,420	Roading	5,289	3,650	(1,639)	˜	8,129	65%
14,243	Three Waters	18,444	20,546	2,102	˜	40,295	46%
30,834	Grand Total	26,379	30,974	4,595		64,948	41%

Statement of Financial Position

The Statement of Financial Position (Balance Sheet) is a new report which will be included in the reports to both Council and to the Audit and Risk Committee. It is included to show the comparisons between actuals and budget. Below the financial position is a table summarising the reserves and the cash balances. This gives assurance that there are available funds to meet the cash financial reserve balances typically included in Council’s set of financial reports.

2020/21 Full Year Actual	2020/21 YTD March Actual	STATEMENT OF FINANCIAL POSITION	2021/22 YTD March Actual	2021/22 Full Year Revised Budget	2021/22 Full Year Annual Plan
$000	$000	for the period ended 31 March 2022	$000	$000	$000
		EQUITY
392,499	382,751	Ratepayers equity	404,031	410,719	389,661
12,318	10,009	Surplus/(Deficit)	14,382	18,420	7,726
7,035	14,638	Council Reserves	7,905	4,176	4,177
487,476	483,506	Property revaluation reserve	487,404	496,640	496,629
(17)	(20)	Investment shares fair value revaluation reserve	(17)	(20)	(20)
80	80	Restricted reserves	80	80	80
899,391	890,964	Total equity	913,785	930,015	898,253
		REPRESENTED BY:
		Current assets
6,514	15,051	Cash and cash equivalents	3,594	19,896	19,896
10,000	5,000	Other financial assets	5,000	8,000	8,000
4,852	1,054	Receivables	3,078	3,171	3,171
-	-	Non Current assets held for sale	-	-	-
5,394	2,342	Inventories	6,988	(815)	1,509
-	-	Investment Bond	-	625	625
26,760	23,447	Total current assets	18,660	30,877	33,201
		Less current liabilities
256	495	Agency and deposits	259	273	273
13,254	4,078	Payables and deferred revenue	8,900	4,705	4,705
673	581	Employee entitlements	697	1,010	1,010
-	-	Borrowings and other financial liabilities	-	-	-
14,183	5,154	Total current liabilities	9,856	5,988	5,988
12,577	18,293	Working capital	8,804	24,889	27,213
		Non-current assets
111	109	Available for sale financial assets	111	109	109
282	295	Loans and receivables	241	333	333
26,030	22,830	Work in Progress	47,424	60,961	26,929
852,766	846,563	Property, plant and equipment	849,599	864,417	864,363
1,272	845	Intangible assets	1,250	2,271
431	355	Forestry assets	431	357	357
5,925	1,675	Investment property	5,925	1,683	1,683
886,817	872,672	Total non-current assets	904,981	930,131	896,045
		Less non-current liabilities
-	1	Provisions	-	5	5
-	-	Borrowings and other financial liabilities	-	25,000	25,000
-	1	Total non-current liabilities	-	25,005	25,005

899,394	890,964	Net assets (assets minus liabilities)	913,785	930,015	898,253

This table has rounding (+/- 1)

4. Accounts Receivable

As at 31 March 2022, Council had $47k outstanding in accounts receivables greater than 90 days. The key contributors over $5k include:

Sundry debtors:

· Top Shelf Productions $5.7k (agreement to fund People on Bikes Series 2)

Resource consents:

· M N Shaw $6.8k (payment plan in place – balance to be paid by 30 June 2022)

Type of Debtor	Current	30 Days	60 Days	> 90 Days
Other	$ 945,991	$ 19,260	$ 6,479	$ 14,769
Building Consents	$ 52,248	$ 40,097	$ 3,201	$ 18,166
Resource Consents	$ 973,637	$ 47,203	$ 5,415	$ 14,813
TOTAL	1,971,876	$ 106,560	$ 15,095	$ 47,747

Type of Debtor	Mar-22	Feb-22	Jan-22	Mar-21
Other	$ 986,498	$ 726,097	$ 175,546	$ 92,016
Building Consents	$ 113,711	$ 132,621	$ 97,148	$ 34,002
Resource Consents	$ 1,041,069	$ 92,396	$ 84,218	$ 192,312
TOTAL	$ 2,141,278	$ 951,114	$ 356,912	$ 318,330

Debt is actively managed and monitored and if a debtor is past our three-month threshold, their information is sent to our debt collection agency, Receivables Management Limited.

There is a credit balance of ($77k) in current month outstanding invoices in “under 500”. This relates to building and resource consent debtors where payment has been made in advance of the invoice.

5. Investment

As at 31 March 2022, Council had cash balances of $8.59M, of which term deposits totalling $5M mature within 90 days.

Bank	Amount	Term (Month)	Start Date	End Date	Fixed Rate
KiwiBank	5,000,000	1	16 March 2022	19 April 2022	0.70%

Weighted average interest rates for all council term deposits is 0.70%.

6. Internal Loans

Forecast closing balance for 30 June 2022 is $4.075M.

OWED BY	Original Loan	1 July 2021	30 June 2022 Forecast
OWED BY	Original Loan	Opening Balance	Closing Balance
Public Toilets	670,000	491,239	468,048
Tarbert St Bldg	25,868	13,067	11,574
Alex Town Centre	94,420	49,759	44,545
Alex Town Centre	186,398	91,041	79,921
Alex Town Centre	290,600	155,412	139,137
Centennial Milkbar	47,821	21,284	18,192
Vincent Grants	95,000	19,000	9,500
Pioneer Store Naseby	21,589	10,949	9,609
Water	867,000	717,829	691,212
ANZ Bank Seismic Strengthening	180,000	149,030	143,504
Molyneux Pool	650,000	571,900	539,400
Māniōtoto Hospital	1,873,000	1,775,142	1,723,630
Alexandra Airport	218,000	204,485	197,216
Total	5,219,695	4,270,138	4,075,488

7. External Community Loans

The total amount of external loans at the beginning of the financial year 2021-22 was $189k. As at 31 March 2022, the outstanding balance was $148k. Council has received $40.9k in principal payments and $7.1k in interest payments.

Owed By	Original Loan	1 July 2021 Actual Opening Balance	Principal	Interest	31 March 2022 Actual Closing Balance
Cromwell College	400,000	130,770	26,369	5,218	104,400
Māniōtoto Curling	160,000	35,662	10,248	1,167	25,413
Oturehua Water	46,471	22,623	4,307	795	18,316
	606,471	189,055	40,924	7,180	148,129

8. Reserve Funds table

· As at 30 June 2021 the Council has an audited closing reserve funds balance of $7.035M. This reflects the whole district’s reserves and factors in the district-wide reserves which are in deficit at ($16.7M). Refer to Appendix 1.

· Taking the 2020-21 audited Annual Report closing balance and adding 2021-22 income and expenditure, carry forwards and resolutions, the whole district is projected to end the 2021-22 financial year with a closing deficit of ($12.825M).

9. Attachments

Appendix 1 - Council Wide Reserve Funds 2021-2022.pdf ⇩

Report author:	Reviewed and authorised by:

Ann McDowall	Leanne Macdonald
Finance Manager	Executive Manager - Corporate Services
16/05/2022	16/05/2022

3 June 2022

Logo, company name

Description automatically generated

22.2.5 Cyber Security, Information and Records Management, and Privacy update

Doc ID: 581244

1. Purpose

To consider an update on:

· Cyber Security Plan 2022-2025

· Information and Records Management Plan 2022-2025

· Privacy Plan

Recommendations

That the report be received.

2. Discussion

Information Services in addition to cyber security have been working on plans for information and records management and privacy.

In this report, the following topics will be covered:

Cyber Security Plan 2022-2025

· Audit and plan status

· What is happening in New Zealand?

· What is happening at Central Otago District Council?

· ALGIM Cyber Security Programme update

· Cyber Security programme of work by actions.

Information and Records Management Plan 2022-2025

· Audit and plan status

Future reports will include the following:

· Archives New Zealand Information Management Maturity Assessment update

· Information and Records Management programme of work by actions

Privacy Plan

· Audit and plan status

Future reports will include the following:

· Department of Internal Affairs Privacy Maturity Assessment Framework update

· Privacy programme of work by actions

Cyber Security Plan 2022-2025

Audit and plan status

The new Cyber Security Plan 2022-2025 will be based on the external audit scheduled to start 1 June 2022.

Attached is the draft Cyber Security Plan 2022-2025 that will form the basis of this audit.

Focus areas of cyber security focus since the last report have been on:

· Preparing for the external audit

· User education, training and awareness

· Protective technology improvements to maximise value

· Updating and reviewing actions related to the requirements and controls for the Association of Local Government Information Management (ALGIM) Cyber Security Programme framework

What is happening in New Zealand?

Council utilise Computer Emergency Response Team (CERT) as a resource for cyber security support. CERT NZ works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents. CERT provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

The following highlights quarter four 2021 cyber security incidents across New Zealand:

Diagram

Description automatically generated

Chart, bar chart

Description automatically generated

Chart

Description automatically generated

Graphical user interface, text, application, email

Description automatically generated

More details on the current threat landscape can be found here: Quarter Four Report 2021 | CERT NZ

In addition to the quarterly report, a summary of 2021 is now available: 2021 Report Summary | CERT NZ. Highlights of 2021:

Chart, bar chart

Description automatically generated

Chart, line chart

Description automatically generated

Chart, bar chart

Description automatically generated

Graphical user interface, chart, application

Description automatically generated

What is happening at Central Otago District Council?

The following outlines what Council protective technologies are doing for the 17 April 2022 to 17 May 2022 period:

Graphical user interface, application

Description automatically generated

Chart, bar chart

Description automatically generated

· Potentially unwanted applications (PUAs)

A picture containing chart

Description automatically generated

Managed Threat Response service over the last 30 days:

Chart

Description automatically generated

ALGIM Cyber Security Programme update

Association of Local Government Information Management (ALGIM) has defined a Cyber Security framework which is powered by SAM for Compliance giving councils the ability to manage and reduce organisational Cyber Security related risk. As part of the programme, councils that demonstrate defined levels of achievement and improvement will receive awards at the ALGIM annual conference.

The latest ALGIM Cyber Security Programme Management Status Report is attached for your information (Appendix 1).

The upcoming external audit will reset Council’s compliance levels.

The following details the current snapshot of how Council is preforming within this framework benchmarked against other Councils:

· The following shows that Council is 82.83% compliant with the framework controls:

Chart

Description automatically generated

· The following shows how Council is tracking against other councils within this framework over the last 12 months:

Chart, line chart

Description automatically generated

· The following is a summary of the controls by status:

Text, letter

Description automatically generated

Overall, Information Services are regularly reviewing the framework once a month, updating controls and working on outstanding actions and improvements.

The following is summary of the improvements within each function:

Identify:

· Governance – Digital and Information Strategy is due to be finalised June 2022, which will include Cyber Security. This is currently with the Leadership Group for final feedback.

Manage

· Access Control – Planned physical security work has been delayed due to COVID-19. Work on remote access agreements with our contractors is being progressed.

· Information and Data Security – USB portable drives access restriction testing is progressing; exemptions are yet to be agreed.

Protect

· Awareness and Training – this is currently the focus, Phriendly Phishing virtual training, reporting and staff education is ongoing. Onsite specialist training has been delayed due to COVID-19.

· Protective Technology – After the core functionality was initially deployed and bedded in, improvements to maximise its value are being investigated and deployed to meet Council policies and standards.

Detect

· Anomalies and Events – Events Management Procedure has been finalised and implemented.

Respond

· Review of the Information and Communication Technology (ICT) Disaster Recovery Plan has been completed. Testing of this updated plan will confirm our ability to respond and meet the business continuity requirements.

Recover

· ICT Disaster Recovery Plan and the Back-up and Recovery Procedure have been completed. Minor testing of recovery solution has been completed. Major testing is being worked through.

The following shows how Council is tracking by each function within the framework when compared to other councils:

Chart, bar chart

Description automatically generated

The following shows the trend by each function over the last 12 months.

Graphical user interface

Description automatically generated with medium confidence

Cyber Security programme of work

The Cyber Security Plan is supported by Cyber Security programme of work. A new programme of work will be prepared as part of the audit and new Cyber Security Plan 2022-2025.

Information and Records Management Plan 2022-2025

Audit and plan status

Staff have been preparing the first Information and Records Management (IRM) Plan.

The purpose of the information and records management plan is to assess how Council currently manages its information and records what actions it needs to undertake to improve that management.

Information and records are key strategic assets of an organisation. These assets need to be actively managed to maintain and improve value. Information and records management assets take many forms, including data and business systems. Our digital and information strategy and this information and records management plan will guide Council to make its current operations more effective by managing information and records.

The new Information and Records Management Plan 2022-2025 will be based on the external audit scheduled to start 1 June 2022.

Attached is the draft Information and Records Management Plan 2022-2025 that will form the basis of this audit.

The Information and Records Management Plan is supported by Information and Records Management programme of work. A new programme of work will be prepared as part of the audit and Information and Records Management Plan 2022-2025.

Privacy Plan

Audit and plan status

Staff have been preparing the first Privacy Plan.

Central Otago customers need to have trust and confidence in the way Council manages its personal information. This plan has a close relationship with Cyber Security Plan, and Information and Records Management Plan.

The purpose of this Privacy Plan is to assess how Council currently protects customer’s personal information and what actions it needs to undertake to improve that protection.

The next steps for the Privacy Plan is to be reviewed by the Executive Team.

Attached is the draft Privacy Plan, including the self-assessment carried out in early 2022. Further assessments will be carried out once the plan is finalised.

3. Attachments

Appendix 1 - ALGIM Cyber Security Programme Management Status Report ⇩

Appendix 2 - DRAFT Cyber Security Plan 2022-2024 ⇩

Appendix 3 - DRAFT Information and Records Management Plan 2022-2024 ⇩

Appendix 4 - DRAFT Privacy Plan ⇩

Report author:	Reviewed and authorised by:

Nathan McLeod	Leanne Macdonald
IS Manager	Executive Manager - Corporate Services
17/05/2022	18/05/2022

3 June 2022

Logo, company name

Description automatically generated

22.2.7 Health, Safety and Wellbeing Report

Doc ID: 580825

1. Purpose

To provide an update on the health, safety and wellbeing performance at Central Otago District Council.

Recommendations

That the report be received.

2. Discussion

2.1 COVID-19 Management update

Council continues to review its COVID-19 management risk assessments and make any required operational changes.

On April 5, 2022, council lifted the My Vaccine Pass requirement from pools, libraries and i-Sites.

Following the national move to the orange traffic light setting, Council offices returned to operating 50% staff capacity.

2.2 Contractor management

Council has 140 contractors on its Sitewise pre-qualification list. The average score of 89% is consistent with last quarter.

Graphical user interface

Description automatically generated

Figure 1. Sitewise contractor scores (retrieved May 10, 2022)

Council continues to improve its contractor monitoring processes. In March 2022, the Capital Projects team trialled a new site observation reporting process. This process will build a record of contractor health and safety performance on Council projects. 12 reports have been submitted through this process to date. The process will be introduced to other areas of the business in June 2022.

Contractors raised seven incidents to Council during the reporting period.

2.3 Incident and injury reports

There were 51 reports made between January-March 2022. These reports include safety observations, near misses, and incidents.

Council’s Risk Management Policy has a five-level risk consequence rating system. This system is used to determine incident severity. A rating of 1 or 2 is considered business as usual. All reports submitted this period were within business as usual.

Figure 2. Council risk consequence ratings (Source: Risk Management Policy)

Graph 1 shows the percentage of completed corrective actions. One action remains in progress this quarter.

Chart, bar chart

Description automatically generated

Table

Description automatically generated

Graph 1: Status of corrective actions

2.3.1 Employee incidents

Of the 52 reports submitted, 30 incidents affected employees.

Employees continue to raise health and safety concerns proactively. 70% of employee reports submitted this quarter were proactive.

Graph 2 shows the areas of concern employees are reporting in.

Chart, sunburst chart

Description automatically generated

Graph 2: Employee reports by area of concern

2.3.1a Recordable injuries

Recordable injuries include fatalities, lost time injuries (LTI), medical treatment injuries (MTI), first aid injuries (FAI) and non-treatment injuries.

There was one recordable injury during the reporting period January-March 2022.

Reporting period	Non-treatment injury	FAI	LTI	MTI	Fatality	Total recordable injuries
July-Sept 21	2	1	0	0	0	3
Oct-Dec 21	5	1	2	0	0	8
Jan-Mar 22	1	0	0	0	0	1

Table 2: Recordable injuries (employees)

2.3.1b Lost time injury frequency rate

Council has set the national benchmark for Lost time injury frequency rate (LTIFR) (1.99) as its target. LTIFR measures the number of lost time injuries per 200,000 hours worked.

During the reporting period, Council’s LTIFR has decreased from 2.27 to 2.18.

There were no lost time injuries during the reporting period.

Chart

Description automatically generated

Graph 3: Trend information for LTIFR (lost time injury frequency rate)

Month	Average LTIFR (YTD)	No. of injuries
April 2021	0	0
May 2021	0	0
June 2021	1.66	1
July 2021	1.39	0
August 2021	1.19	0
September 2021	1.04	0
October 2021	1.85	1
November 2021	2.50	1
December 2021	2.27	0
January 2022	2.26	0
February 2022	2.22	0
March 2022	2.18	0

Table 3: Lost time injury frequency rate data

2.3.2 Public incidents

There were 21 incidents involving members of the public during the period January-March 2022. Most incidents occurred at council pools. 19 of those incidents involved injury and are further explained in the public injuries section (2.3.2a) below.

Chart, waterfall chart

Description automatically generated

Graph 4: Public incidents by business activity

2.3.2a Public injuries

During the reporting period, there were 19 injuries to members of the public. Graph 5 shows the types of injuries that are occurring.

Reporting period	Non-treatment injury	FAI	MTI	Fatality	Total recordable injuries
July-Sept 21	2	7	0	0	9
Oct-Dec 21	0	11	0	0	11
Jan-Mar 22	2	17	0	0	19

Table 4. Recordable injuries (public)

Chart, sunburst chart

Description automatically generated

Graph 5: Public incidents by injury type

2.4 Critical risk

Incidents were reported in all critical risk areas during this reporting period.

Psychosocial hazards (including anti-social behaviour and threatening communications) were the focus area this quarter. Customer Services staff have undertaken de-escalation training. Council continues to support employees to report hazards and incidents related to psychosocial hazards.

Critical risk

Existing controls

New or upcoming controls

Related incident reports

Driving and vehicles

· Vehicle User Policy

· E-Roads installed in fleet vehicles

· 5-Star ANCAP rated vehicles

· Licenced drivers

· Fleet inductions for new starters

· Annual snow chain fitting training

· Vehicle User and Safe Driving policy review (including a review of driver training)

· The health and safety committee is using E-road reports to recognise safe drivers

· Snow chain fitting was held in May 2022

Remote or isolated working

· Working from Home Policy

· Panic buttons

· Work plans and risk assessments

· Pair or buddy work systems

· Procurement project for a lone worker app

· Work from home risk assessments

Psychosocial

hazards

· Employee Assistance Programme (EAP)

· Wellbeing programme

· Regular 1:1s

· Flexible working

· Equal Employment Opportunity (EEO), Discrimination, Harassment and Bullying Policy

· Performance Management Policy

· Fit for Work Programme

· De-escalation training completed by new customer services team members

· De-escalation training planned for aquatics teams

Biological hazards

· High-risk vaccinations programme

· Barriers and fences

· PPE is provided

· Reviewed our risk assessments for COVID-19

· Promoted annual flu vaccines

Hazardous chemicals

· Chemical register

· Display safety data sheets

· Appropriate storage

· Quantities stored is kept at a minimum

· Ventilation and circulation of air is monitored

· PPE is provided for handling or working with chemicals

· Records of training are maintained

· Fire schemes updated with FENZ (chemical registers)

· Qualified contractors

· A third-party health and safety contractor is supporting aquatics to audit hazardous chemicals procedures and handling practices

Table 5. Critical risk and controls

2.5 Training and initiatives

· Health and Safety Representatives will attend Stage 1 and Stage 2 training in May and June 2022.

· Fire warden training will return in the new financial year.

· Flu vaccinations were offered on-site at Alexandra Service Centre in May 2022.

· 43 staff participated in Move it March 2022. This is the first time this initiative has been run remotely.

· Financial wellbeing seminars will run from March-November 2022 in partnership with BNZ.

· Staff supported Pink Shirt Day on May 20, 2022

· New starters in the Customer Services team have completed de-escalation training

The following regular training was completed:

Training	Jan-Mar 2022	Financial YTD
New staff inductions	10	45
First aid	17	42
Fire warden	0	25
Chain fitting	13	NA

Table 6. Training register excerpt

3. Attachments

Appendix 1 - Risk Management Policy 2020-2021.pdf ⇩

Report author:	Reviewed and authorised by:

Rachel Ennis	Louise Fleck
Health, Safety and Wellbeing Officer	Executive Manager - People and Culture
19/05/2022	19/05/2022


AGENDA Audit and Risk Committee Meeting Friday, 3 June 2022
Date:	Friday, 3 June 2022
Time:	9.30 am
Location:	Ngā Hau e Whā, William Fraser Building, 1 Dunorling Street, Alexandra (Due to COVID-19 restrictions and limitations of the physical space, public access will be available through a live stream of the meeting. The link to the live stream will be available on the Central Otago District Council's website.)
Sanchia Jacobs Chief Executive Officer

Internal Audit Review Programme	FY 20-21	FY 21-22	FY 22-23	FY 23-24
Information and Records Management	x	ü
Procurement		ü
Cyber Security		ü
Contract Management			ü
Capital Expenditure Planning and Monitoring			ü
Health & Safety				ü
Recruitment Review				ü
Environmental Management (including Sustainability)
Business Continuity / Disaster Recovery
Asset Management
Benefits Realisation
Legislative Compliance

Report author:	Reviewed and authorised by:

Wayne McEnteer	Sanchia Jacobs
Governance Manager	Chief Executive Officer
24/05/2022	30/05/2022

Report author:	Reviewed and authorised by:

Alix Crosbie	Saskia Righarts
Senior Strategy Advisor	Chief Advisor
13/05/2022	17/05/2022