Audit and Risk Committee - September 2025
5 September 2025
Papers for the Audit and Risk Committee meeting on 12 September 2025
This document contains the minutes from a meeting of the Cairngorms National Park Authority's Audit and Risk Committee, held on 12 September 2025. During the meeting, the committee approved minutes from a previous session and reviewed ongoing action points. They also considered updates on external and internal audit progress, including discussions about ensuring good governance. A significant part of the meeting focused on the strategic risk register, where members talked about issues like the potential impact of beavers, financial commitments, and uncertainties related to a future Scottish election. The committee also looked at improvements made to the Park Authority's procurement processes and noted how various services have been successfully made digital. The meeting concluded with an acknowledgement of Peter Cosgrove's final attendance as Vice-Chair.
Please be aware that this summary has been generated using AI.
Agenda for the Audit and Risk Committee meeting on 12 September 2025
Please be aware that this summary has been generated using AI.
Draft minutes from the Audit and Risk Committee meeting on 20 June 2025
Please be aware that this summary has been generated using AI.
This document contains a paper for the Audit and Risk Committee, dated 12 September 2025, regarding external audit assurances. Prepared by Louise Allen, Head of Finance and Corporate Operations, at the request of Tom Reid from Mazars, it presents the Request for information from Management and Those Charged with Governance prepared by Mazars. The Audit and Risk Committee is asked to consider the auditor's request and Management's response, and to provide assurance that its governance covers the items for which assurance is requested. Management has reviewed the request and is content to provide assurance of appropriate governance, and committee members are asked to consider each question before deciding whether they can provide the requested assurances.
Please be aware that this summary has been generated using AI.
This document contains a briefing note to the Audit and Risk Committee of the Cairngorms National Park Authority (CNPA) from Mazars, dated 30 January 2025, regarding the 2024/25 audit. It summarizes requirements under International Auditing Standards (ISA) related to preventing fraud, complying with laws and regulations, litigation and claims, and assessing going concern. Mazars seeks updates from the Committee on how it oversees management's processes for these areas, including identifying fraud risks, ensuring compliance, and handling potential issues, to inform the final stage of the CNPA's 2024/25 accounts audit. They request responses covering the year to 31 March 2025 by 31 July 2025.
Please be aware that this summary has been generated using AI.
This document contains a request for information from management and those charged with governance, specifically regarding fraud, compliance with laws and regulations, and going concern for the Cairngorms National Park Authority. The document details management's processes for assessing and responding to fraud risks, including internal controls, staff training, and reporting mechanisms. It also addresses how the Audit and Risk Committee (ARC) oversees these processes and ensures compliance. Additionally, the document explores potential fraud risks associated with high-risk posts, related party relationships, and external factors like cyber security. Finally, the document discusses how the organization assesses its ability to continue as a going concern, highlighting factors such as government support and project funding.
Please be aware that this summary has been generated using AI.
This document contains a paper for the Audit and Risk Committee of the Cairngorms National Park Authority, prepared by Louise Allen, Head of Finance and Corporate Operations, for discussion on 12 September 2025. The paper supports a review of the Park Authority's strategic risk management position and asks the Committee to consider the coverage and adequacy of the current strategic risk register and the Cairngorms 2030 programme risk management position, advising on any gaps or amendments needed. The most recent strategic risk register is set out in Annex 1 and the Cairngorms 2030 programme risk register is set out in Annex 2, with amendments shown in purple text; there are 13 active risks on the Strategic Risk Register. The total programme risk profile changed from Green to Amber in March due to funding risks for Active Communities transport projects, though the award of funding by Transport Scotland has since reduced this risk. The Committee is invited to consider the current coverage of the risk registers and their views are welcomed.
Please be aware that this summary has been generated using AI.
This document contains a risk register outlining various risks to the Cairngorms National Park Authority (CNPA) across different themes such as resources, technical issues, reputation, and strategic delivery. Each risk includes a description, mitigation and control measures, current impact and likelihood scores, trend, and planned actions with due dates. The document details preventative and remedial actions to address each identified risk, along with target risk scores and owners. Actions range from ongoing liaison with the Scottish Government, diversifying income streams, recruitment of specialist staff, development of strategic partnerships, and implementation of project initiation controls.
Please be aware that this summary has been generated using AI.
This document contains the Cairngorms 2030 risk management programme risk assessment for Q3 2024, reviewed on 22 February 2024. It identifies risks to the programme, including total programme risk profile, future funding profile, the financial impact on the Cairngorms National Park Authority budget, procurement standards, staffing levels, and the delivery of Sustrans-funded projects. Each risk is assessed for its impact, probability, and priority level, along with its trend (improving, worsening, or no change), mitigation strategy, and Risk profile RAG (Red, Amber, Green) status for Q1 and Q2 2025. The document details the owner of each risk, the date of the last assessment, the reassessment date, and a forward look to Q3 2025, highlighting the need for transport funding decisions and mitigation plans.
Please be aware that this summary has been generated using AI.
This document contains a paper that reflects on the lessons learned regarding procurement controls at the Cairngorms National Park Authority. It discusses how the Park Authority's operations have significantly expanded, leading to increased procurement activity and a need for improved formal controls. The board is asked to discuss the lessons learned from the Park Authority's approach to developing internal procurement controls. The paper also highlights the importance of ensuring adequate resources are allocated to corporate support functions and recommends considering a fuller risk assessment due to significant organisational changes.
Please be aware that this summary has been generated using AI.