Members Present:
Dean Sullivan (Chair)
Claire McAleenan
Jill Laughlin
In Attendance:
Marie Mallon OBE (Chair NIAO Advisory Board)
Dorinnia Carville (C&AG)
Rodney Allen (Chief Operating Officer)
Brian O’Neill (Director)
Megan O’Neill (Head of Corporate Services)
Ronan Lappin, SCC (External Auditor)
Lee Glover, Validera (Internal Auditor) – online via Teams
James Godsmark, Validera (Internal Auditor) – online via Teams
Louise Halligan (Secretariat Support)
Apologies
No apologies were recorded.
Declaration of Conflicts of Interest
There were no issues declared by members.
Minutes and Matters Arising from the previous meeting
Minutes of the Meeting held on 30 June 2025 were agreed by all parties concerned, there were no matters arising requiring updating.
1. External Audit
Ronan Lappin advised there was nothing significant to report and provided assurance that work was planned for commencing the 2025-26 audit.
2. Internal Audit
James Godsmark provided an update on the following:
2.1 Counter Fraud Arrangements Report – The final report has been issued with satisfactory assurance attained, two low priority action points were identified.
2.2 2025-26 Strategy – The Chairperson sought assurance that the recommendations in the information governance report would be followed up. Members noted and approved the revised 2025-26 Strategy presented all agreeing it was a clear, comprehensive Strategy.
2.3 Business Continuity 2025-26 - The final report has been issued, confirming that satisfactory assurance has been attained with three low level action points and areas of good practice identified. Members took assurance from the strength of the policies and procedures in place to support business continuity.
2.4 Budgetary Control 2025-26 - The final report has been issued with satisfactory assurance attained, no formal action points were identified and areas of good practice were noted. Members challenged and discussed budgetary controls in place, taking assurance from the information provided.
2.5 Risk Management (Advisory) 2025-26 – To support continuous improvement in respect of risk management arrangements Validera provided an advisory review of NIAO risk management process.
A workshop for Advisory Board members, SLT and the Corporate Risk Register Working Group has been scheduled for 29 September 2025 to discuss the refresh of risk management and an updated register.
2.6 Progress Report – Members noted the report presented with no significant issues raised.
3. Review of Disaster Recovery, Contingency and Crisis Planning
Brian O’Neill presented a paper to update members on contingency plans and procedures in place to deal with unpredictable events that could disrupt the work of the NIAO including events that could render the office premises unusable.
Members challenged and sought assurances regarding the outsourced IT services and software systems currently in place. Following discussion, it was agreed that any BCP testing would focus on recovery times for NIAO’s IT systems in the event of a key service becoming unexpectedly unavailable. Brian O’Neill will take this forward.
4. Risk Management
Corporate Risk Register
The Corporate Risk Register is currently being updated and has been progressed significantly since the June 2025 ARAC meeting. No risk register was presented for the meeting today as the refreshed risk management process and risks will be discussed at the workshop scheduled for 29 September 2025.
5. Report Tracking Implementation of Audit Recommendations
Internal Audit Recommendations
Brian O’Neill provided an update on the outstanding recommendations from the recent Internal Audit reports. Members were assured by the actions taken to address the recommendations outlined.
External Audit Recommendations
There are currently no outstanding recommendations.
6. Fraud, Raising Concerns and Complaints Report
Fraud
Brian O’Neill advised that there are no ongoing cases and no new fraud/raising concerns cases to report since the June 2025 ARAC meeting.
Internal Concerns Raised
There are no ongoing cases and no new cases to report since the June 2025 ARAC meeting.
Complaints
There has been one complaint received since the June 2025 ARAC meeting, this has been processed and responded to and no further action is required.
7. Proposed Meeting Dates 2026
The proposed dates for 2026 were agreed subject to amendment to the May 2026 ARAC meeting. Louise Halligan to circulate revised dates to all parties.
9. AOB
The C&AG advised that she would provide an update on current recruitment processes for Director and Local Government Auditor posts to members at the Advisory Board meeting scheduled for 29 September 2025.
10. Date of Next Meeting
26 January 2026 @ 10am
11. The Committee met with Internal and External Auditors for private discussions.