Audit & Risk Committee - February 2022

This document contains the draft minutes from a Cairngorms National Park Authority Audit and Risk Committee meeting held on 29 October 2021. The meeting covered several topics including the approval of previous meeting minutes, action points from prior discussions, and reviews of the Cairngorms LEADER Programme and VAT compliance. The committee received and discussed internal audit reports, highlighting recommendations for improvements in records management and financial processes. Future actions included a detailed VAT review and ensuring lessons learned from past projects are properly documented and implemented. The next meeting was scheduled for 11 February 2022.

This document contains the agenda for the Cairngorms National Park Authority Audit and Risk Committee meeting on 11 February 2022. The meeting included items for decision, such as the 2021/22 external audit plan and the strategic internal audit plan for 2022/23. Discussion items covered internal audit reports on financial management, assurance mapping of major projects, and an internal audit progress report. A confidential session was scheduled for the committee to discuss governance and to have a confidential meeting with auditors. The next meeting was planned for 13 May 2022.

This document contains the draft final plan for the Cairngorms National Park Authority's 2021/22 external audit. The Audit and Risk Committee needs to approve the plan and note that the final audit fee will be determined after a review. The plan itself was agreed upon by the external audit manager and senior officers, with preliminary work already underway. A timetable for the audit process is included in the plan.

This document contains a draft external audit plan for the Cairngorms National Park Authority's financial year ending 31 March 2022. Prepared by Grant Thornton, the plan outlines the audit's scope, approach, and timeline, which is risk-based and will conclude by February. It details the responsibilities of both the auditors and the Park Authority, highlighting key areas of risk, such as management override of controls and fraud in expenditure and revenue. The plan also addresses matters concerning independence, communication, and compliance with relevant standards and regulations. The audit fees are discussed, along with the process for assessing going concern and accounting estimates. Finally, the document notes recent auditing developments and their impact on the audit.

This document contains a report on the Cairngorms National Park Authority's (CNPA) financial management and reporting. Azets, an auditing firm, reviewed the CNPA's systems and found three areas needing improvement. Management accepted these recommendations, and plans for addressing them are included. The audit also found that two areas met their control objectives, while two others could be improved. The report asks the Audit and Risk Committee to review the findings and approve the management's proposed actions.

This document contains the Cairngorms National Park Authority's (CNPA) internal audit report for 2021/22, focusing on financial management and reporting. The audit found that the CNPA generally met its budget targets and followed a clear budget planning schedule. However, areas for improvement were identified, including documenting the budget management approach, improving communication of budget holders' responsibilities, and clarifying roles and responsibilities for those with delegated financial authority. The report includes recommendations for strengthening the CNPA's financial control framework, with specific actions outlined in a management action plan. No significant risks to the organisation were identified as a result of the audit.

This document contains an internal audit report on the Cairngorms National Park Authority's assurance processes for major projects. The audit, conducted by Azets, reviewed the Authority's methods for ensuring projects meet their goals. The report includes two recommendations for improvement, both accepted by management, and an assessment of four control areas, three of which met objectives with room for improvement, and one fully meeting its objectives. The Audit and Risk Committee is asked to review the report and approve the suggested improvements.

This document contains the Cairngorms National Park Authority's internal audit report for 2021/22. The audit reviewed how the authority manages its major projects, finding that while all projects were identified and assurance was provided to the board, the implementation of a major project approach was only partially complete. Areas needing improvement include fully implementing the new approach, developing better templates and tools for monitoring and reporting, and creating a project plan for implementation. The audit also highlights some good practices and identifies two key risks related to resourcing major programmes. A management action plan is included to address the identified areas for improvement.

This document contains the Cairngorms National Park Authority's February 2022 Internal Audit Progress Report. It summarizes internal audit activities since the last meeting, noting the completion of reviews on financial management and reporting, and assurance mapping of major projects. Additional work, requested by management, includes a review of the Peatland Action Programme and associated workshops. The report also outlines the plan for the next quarter, including upcoming reports on ICT Strategy, cyber security, and a follow-up report. Finally, it requests the Audit and Risk Committee to review the report and approve the next quarter's plan.

This document contains Azets' proposed strategic internal audit plan for the Cairngorms National Park Authority for the 2022/23 financial and operational year. The Audit and Risk Committee is asked to review the plan, consider its appropriateness for the Authority's needs, and agree to it. Azets reviewed their 2021/22 to 2023/24 plan, considering the Cairngorms NPA's changing risk profile and discussions with the Chief Executive and Director of Corporate Services. The revised plan, including proposed internal audit coverage for 2022/23, is included as an annex.

This document contains the Cairngorms National Park Authority's internal audit plan for 2022/23. It outlines the plan's objectives, which focus on financial systems, governance, operations, and compliance. The plan is risk-based, using the Park Authority's risk register to guide the audits. The plan details how many days will be spent on each area, who will be involved, and how the findings will be reported. It emphasizes compliance with best practices and collaboration with the external auditor to ensure efficiency and value for money.

This document contains an overview of strategic risk management for the Cairngorms National Park Authority. It presents an updated strategic risk register, reviewed in January 2022, and discusses the management of risks related to the Heritage Horizons programme and the COVID-19 pandemic. The document recommends that the Audit and Risk Committee review the risk register, agree on mitigation actions for the Heritage Horizons programme, and reduce the COVID-19 business continuity risk register to operational management. The committee is also asked to consider the adequacy of risk management coverage and mitigation efforts. Finally, it's suggested that the COVID-19 business continuity risk management be removed from strategic level scrutiny, as the business continuity team will continue monitoring and managing the remaining risks.

This document contains a strategic risk register for the Cairngorms National Park Authority. It lists various risks, such as funding limitations, staffing shortages, and IT system vulnerabilities. For each risk, the document outlines responsible parties, mitigation strategies, comments on the current status, and a trend assessment showing the risk level over time. The assessment uses a color-coded system (green, amber, red) to visually represent whether the risk is improving, remaining stable, or worsening. The document also includes notes on the overall management of the strategic risks.

This document contains a risk register for the Heritage Horizons Project, created by the Cairngorms National Park Authority. It assesses potential problems, like unclear governance, lack of innovation, and insufficient community engagement, assigning likelihood and impact scores to each risk. Mitigation strategies are outlined for risks with scores of 15 or higher, while lower-scoring risks are monitored. The document includes updates on progress made to address key risks and ongoing monitoring of other areas. Different owners are assigned to specific risks to manage and implement the necessary actions.

This document contains a risk register for the Cairngorms National Park Authority's business continuity planning during the COVID-19 pandemic. It lists potential problems, like unpreparedness for changes in restrictions or difficulties with remote working, and gives their likelihood and impact. The document scores each risk, suggesting actions to prevent problems or reduce their impact. The register also includes risks that are being monitored and may need action later. The latest version was reviewed in January 2022.