220527AuCtteePaper2AACyberSecurityCover

This document contains the Cairngorms National Park Authority's (CNPA) internal audit report on cyber security. An independent review found that four recommendations for improvement were made, all of which the CNPA accepted. Three of these recommendations addressed high-risk areas, while one was considered moderate risk. The audit also assessed four control areas, with one area meeting objectives (though with room for improvement) and three areas failing to meet objectives due to inadequate controls. The Audit and Risk Committee is asked to review the report's findings and endorse the CNPA's planned responses.