Paper 2 Annex 1 Internal Audit Review Governance
Cairngorms National Park Authority Ùghdarras Pàirc Nàiseanta a’ Mhonaidh Ruaidh
Paper 2 Annex 1 13 March 2026
Paper 2 Annex 1
Cairngorms National Park Authority
Internal Audit 2025 – 26
Governance December 2025
Overall Conclusion Strong
Table of contents
Cairngorms National Park Authority Governance
| Section | Page |
|---|---|
| 1 EXECUTIVE SUMMARY | 2 |
| 2 BENCHMARKING | 17 |
| 3 DETAILED RECOMMENDATIONS | 18 |
| 4 OBSERVATIONS | 22 |
| 5 AUDIT ARRANGEMENTS | 24 |
| 6 KEY PERSONNEL | 25 |
| Appendix | Page |
| A GRADING STRUCTURE | 28 |
| B ASSIGNMENT PLAN | 30 |
The matters raised in this report came to our attention during the course of our audit and are not necessarily a comprehensive statement of all weaknesses that exist or all improvements that might be made.
This report has been prepared solely for Cairngorms National Park Authority’s individual use and should not be quoted in whole or in part without prior written consent. No responsibility to any third party is accepted as the report has not been prepared, and is not intended, for any third party.
We emphasise that the responsibility for a sound system of internal control rests with management and work performed by internal audit should not be relied upon to identify all system weaknesses that may exist. Neither should internal audit be relied upon to identify all circumstances of fraud or irregularity should there be any although our audit procedures are designed so that any material irregularity has a reasonable probability of discovery. Every sound system of control may not be proof against collusive fraud. Internal audit procedures are designed to focus on areas that are considered to be of greatest risk and significance.
1 Executive summary
Cairngorms National Park Authority Governance
Overview
Purpose of review The purpose of this review was to assess whether Cairngorms National Park Authority (the Organisation) has appropriate governance arrangements in place and that these have been embedded. This review sought to provide assurance that the Organisation’s corporate governance arrangements are appropriate and represent good practice.
This review forms part of our 2025⁄26 Internal Audit Annual Plan.
Scope of review Our objectives for this review were to assess whether:
- There is an effective scheme of governance in place.
- There are appropriate mechanisms in place to support effective leadership of the Organisation.
- The relationships and communication channels in place with external bodies support an effective system of governance.
- Clear responsibilities and reporting arrangements are established and are being followed.
- There are effective scrutiny arrangements in place which are being followed.
- There is a formal meeting structure in place.
1 Executive summary
Cairngorms National Park Authority Governance
- The Organisation’s governance arrangements meet the framework document(s) agreed between CNPA and the Scottish Government, guided by the National Parks (Scotland) Act 2000.
Our approach to this assignment took the form of discussion with relevant staff, review of documentation and where appropriate sample testing.
Limitation of scope
There was no limitation of scope.
1 Executive summary
Cairngorms National Park Authority Governance
Background
The Organisation has a clear scheme of governance in place. The Organisation is governed by the Board of Members (Board), with Board activity, roles and responsibilities set out in the Organisation’s Framework agreement with the Scottish Government, and the Board’s Standing Orders. The Board meets four times per year, with meetings led by the Convener. The Board is supported in its operation by five Committees, with details of each Committee set out below:
- The Planning Committee consists of all 19 Board members. Its activity is primarily focused to consider planning applications submitted to the Organisation, as well as strategic oversight and delivery of the local delivery plan.
- The Audit & Risk Committee oversee the internal and external audit processes and have responsibility for the development and oversight of the internal control systems. Additionally, the Committee supports the Organisation through oversight of risk management arrangements.
- The Resources Committee considers the effective deployment of both the Organisations’ financial and staffing resources in order to achieve best value for money.
- The Governance Committee maintains oversight of the Organisation’s governance and governance arrangements to ensure its effectiveness, as well as working to support the Convener.
- The Performance Committee meets to discuss the Organisation’s performance, and to maintain oversight of the performance of each of the Organisation’s projects. They help to ensure that the Organisation is achieving its objectives.
1 Executive summary
Cairngorms National Park Authority Governance
Governance Structure Membership make-up
The membership composition, and required meeting quorum, of the Organisation’s Board and supporting Committees is as follows:
| Governance Group | Membership | Meeting Quorum |
|---|---|---|
| Board of Members | 19 | 10 |
| Planning | 19 | 10 |
| Audit & Risk | 6 | 4 |
| Resources | 6 | 4 |
| Governance | 6 | 4 |
| Performance | 6 | 4 |
Code of Conduct
Board Members are required to agree to the Code of Conduct, which sets out the expected ethics and behaviours of an effective Board member. This aligns Board member behaviours with the expectations set by the Organisation.
We selected a sample of five Board Members and sought to confirm that they had evidenced their agreement to the Code of Conduct. In all cases, we confirm that the Board Member had either signed a copy of the Code or had confirmed their agreement via email.
Appraisal and Self-Assessment
Board member performance appraisals take place annually. These are conducted by the Convener, who will arrange face-to-face discussion with each Board member. Appraisals follow a standard format, whereby the Board member and the Convener will discuss their performance against the four core Board member objectives. Board members complete their section of the appraisal template before the meeting, using this as a starting point of discussion with the Convener. Following the meeting, the Convener will add their comments based on their perspective of the Board member’s performance and the discussion held.
1 Executive summary
Cairngorms National Park Authority Governance
We selected a sample of five Board members and sought evidence to confirm that their annual performance appraisal reviews had been completed for 2023⁄24 and for 2024⁄25. We found that in all cases, the appraisal was completed with input from both the Board member and the Convener, with the exception of one 2024⁄25 appraisal. Please see Section 4: Observations for more details.
The Board performs an annual skills self-assessment review and has developed a skills matrix to illustrate their position in November 2025. This includes a list of 29 required skills / experience desired by the Board, the Board’s Assessment (Green, Amber, Red) and a narrative comment. Review of this notes the Board are in a strong overall position, with 21 of the skills rated as green, five skills rated as amber, and three skills rated as red. Notably the three skills rated as red, illustrating significant gaps in the Board’s skill, are as follows:
- Peatland restoration;
- Green Finance / Financial Investment management / financial operations; and
- Audit & Risk management.
Discussion with the Convener confirmed that most Board members do not have significant audit and risk background. However, the current Chair of the Audit and Risk Committee does have significant valuable expertise. This will be lost when her ministerial term comes to an end. The Park Authority is focusing on experience in financial scrutiny as a key criterion for the upcoming recruitment process. Please see Section 4: Observations for more details.
Communication with the Scottish Government (SG) Fortnightly meetings are held between the Organisation and the Scottish Government. The Deputy Chief Executive Officer (DCEO) and the Director of Corporate Services, and the Head of Organisational Development meet with the Organisation’s Sponsorship Team at the Scottish Government. The Head of Communications and the Head of Finance and Corporate Operations occasionally join these catchup meetings.
1 Executive summary
Cairngorms National Park Authority Governance
In addition to this, the Organisation meets with the Scottish Government formally on a quarterly basis. The Organisation meets with the Scottish Government to provide updates on various aspects of performance/targets. Specifically, the Organisation’s CEO; Deputy CEO and the Director of Corporate Services; and the Head of Organisational Development meet with the Sponsorship Team and the Director General at the Scottish Government. These meetings have formal agendas and are minuted.
Questionnaire issued to the Board
We issued a questionnaire to all 19 of the Organisation’s Board Members and received ten responses. The responses received were overall positive and are summarised below.
However, while the feedback received from Board Members was positive, we have raised two observations resulting from the responses, focused on the programme of work and the Board skills appraisal. Please refer to Section 4: Observations for further information.
See below for Survey results:
Do you feel that roles and responsibilities for Board members are clearly defined?
- Yes: 100%
- No: 0%
How strongly would you rate the information received from Management during Board meetings for decision making (1= low and 10=high).
- Ratings are spread across the scale, with peaks at 8 (4 respondents) and 10 (2 respondents).
1 Executive summary
Cairngorms National Park Authority Governance
Do you believe that sufficient training and induction is provided to Board members?
- Yes: 20%
- Somewhat: 80%
Is there a programme of work/annual work plan in place for the Board that outlines the key topics and decisions required per meeting for the financial year?
- Yes: 40%
- No: 60%
If you are a member of a Sub-committee — Is there an appropriate annual work plan in place?
- Yes: 100%
- No: 0%
Do you believe that attendance at meetings is appropriately monitored?
- Yes: 10%
- Somewhat: 90%
1 Executive summary
Cairngorms National Park Authority Governance
Is Board performance appropriately reviewed and appraised annually?
- Yes: 50%
- Somewhat: 40%
- No: 10%
Were there any actions raised from the Board appraisal?
- Yes: 20%
- No: 50%
- Unsure: 20%
- No Response: 10%
As a member, have you received an individual appraisal?
- Yes: 90%
- No: 10%
Do you believe there to be a sufficient level of challenge at Board meetings?
- Yes: 30%
- Somewhat: 60%
- No: 10%
1 Executive summary
Cairngorms National Park Authority Governance
Work Undertaken
In line with our objectives for this review, our work undertaken was as follows:
Objective 1. There is an effective scheme of governance in place.
- We held discussions with the CEO, the Deputy CEO and Director of Corporate Services, and the Executive Support Manager to gain an understanding of the current governance arrangements in place.
- We assessed the current governance arrangements in place to confirm that they were appropriate and effective.
- We reviewed the Organisation’s Framework agreement and, the Board Standard’s Orders to assess whether these appropriately set out the leadership arrangements of the Organisation.
- We reviewed the Committee Terms of Reference in place to confirm that the remit of each Committee is clearly outlined and documented.
Objective 2. There are appropriate mechanisms in place to support effective leadership of the organisation.
- We discussed and reviewed the governance structure of the Organisation to ascertain whether it is effective to deliver their objectives.
- We reviewed the Board’s skills self-assessment arrangements in place to evaluate whether these effectively encourage effective leadership.
- We held discussions with the Convener of the Board to evaluate the Board Member appraisal arrangements in place.
- We reviewed a sample of Board Member appraisal records to confirm that these had taken place across 2023⁄24 and 2024⁄25.
- We reviewed the Code of Conduct expected of Board Members to assess whether this was appropriate and in line with good practice.
- For a sample of Board Members, we reviewed evidence to confirm that evidence of their agreement to the Code of Conduct was documented.
1 Executive summary
Cairngorms National Park Authority Governance
Objective 3. The relationships and communication channels in place with external bodies support an effective system of governance.
- We discussed and assessed the current communication channels in place between the Organisation and the Scottish Government with the Chief Executive, assessing these for adequacy and comparing this against the requirements set out in the Framework agreement.
- We reviewed the information published on the Organisations website, available to all external bodies.
Objective 4. Clear responsibilities and reporting arrangements are established and are being followed.
- We reviewed the Organisation’s Framework agreement and, the Board Standard’s Orders to assess whether these appropriately set out the roles and responsibilities of the Board.
- We assessed the reporting and escalation channels for each of the Board’s Committees for appropriateness.
- We reviewed the Annual Report and Accounts for 2024 – 25 to confirm these have been appropriately prepared and completed.
Objective 5. There are effective scrutiny arrangements in place which are being followed.
- We considered the scrutiny arrangements in place to ascertain whether these are effective.
- We obtained and reviewed the following meeting minutes to confirm that there was sufficient scrutiny and oversight taking place:
- Board (November 2024 – September 2025);
- Performance Committee (December 2024 – September 2025);
- Planning Committee (December 2024 – August 2025);
- Audit & Risk Committee (September 2024 – September 2025);
- Governance Committee (March 2024 – May 2025); and
- Resources Committee (August 2024 – August 2025).
1 Executive summary
Cairngorms National Park Authority Governance
Objective 6. There is a formal meeting structure in place.
- We evaluated the schedule and frequency of the Board and Committee meetings, including agenda setting, roles and responsibilities, registers of interest, attendance, minute-taking, documentation requirements, and whether a decision log is kept.
- We evaluated the effectiveness of Board’s meeting calendar for January 2025 – December 2025, comparing this to Board and Committee meeting minutes to confirm that all meetings took place.
Objective 7. The Organisation’s governance arrangements meet the Framework document(s) agreed between CNPA and the Scottish Government, guided by the National Parks (Scotland) Act 2000.
- We discussed the Framework agreement between the Organisation and the Scottish Government with the Chief Executive to understand how this shapes the Governance arrangements at the Organisation.
- We compared the Organisation’s Governance arrangements with the requirements laid out in the Framework agreement to confirm that the Organisation is complying with its requirements.
1 Executive summary
Cairngorms National Park Authority Governance
Conclusion
Overall conclusion: Overall Conclusion: Strong Following our review, we can provide the Organisation with a strong level of assurance surrounding governance arrangements and confirmed that these are appropriate and have been embedded throughout. This is highlighted as we have raised several areas of good practice, however, we have raised two low-grade recommendations and three observations for consideration. Please refer to Section 3: Detailed Recommendations and Section 4: Observations for further information.
Summary of recommendations
Grading of recommendations
| High | Medium | Low | Total | |
|---|---|---|---|---|
| Governance | 0 | 0 | 2 | 2 |
As can be seen from the above table there were no recommendations made which we have given a grading of high.
1 Executive summary
Cairngorms National Park Authority Governance
Areas of good practice
The following is a list of areas where the Organisation is operating effectively and following good practice.
- From our review of the Organisation’s governance arrangements, and comparison of this against the requirements laid out in the Framework agreement, we can confirm that the Organisation’s arrangements are effective to ensure that the requirements are being met.
- From our review of Board and Committee meeting agendas and minutes, we found that there is a formal meeting structure in place. Agendas are circulated to Board Members one week prior to the meeting and are used to ensure a structured approach is followed for each meeting. We also confirmed that all planned meetings for January 2025 — December 2025, as set out in the meeting calendar, have taken place to date.
- Attendance at meetings of the Board and Committees is monitored on an ongoing basis by the Clerk to the Board, allowing for identification of member under-performance.
- From our review of meeting minutes and papers, the Board and Committees maintain clear scrutiny arrangements aligned with their Terms of Reference, allowing for robust oversight of activities. The items being discussed appropriately follow the Terms of Reference and there is also standing items such as Declaration of Interests, to ensure these are considered on a regular basis.
- Reporting requirements for the Board are clearly defined in the Framework Agreement with the Scottish Government, and we confirmed that the 2024⁄25 Annual Accounts were correctly published in November 2025.
1 Executive summary
Cairngorms National Park Authority Governance
The following is a list of areas where the Organisation is operating effectively and following good practice.
- The Audit & Risk Committee, Performance Committee and Resources Committees each prepare annual reports of their activity, presenting these to the Board each year.
- The Board produces an annual calendar of Board and Committee meeting dates. We compared the calendar for January 2025 — December 2025, confirming that all planned meetings had taken place.
- From our review, we found that the quarterly meetings with the Scottish Government allow the Organisation to achieve effective communication with external bodies. As well as this, the public facing website also outlines key governance documentation and information for external bodies to view as required.
- The Board’s effectiveness is reviewed annually, with individual member appraisals conducted by the Convener feeding into an annual Board-wide skills assessment. The mix of skills is illustrated in the Skills Matrix.
- The Organisation has a Code of Conduct in place for its Board Members, effectively laying out the behaviours expected of its members.
- The Organisation has a clear governance structure in place, with defined reporting and escalation channels.
- The Committee purpose, duties, authority, membership, meetings and appointment are clearly outlined in the Terms of Reference for the Audit & Risk, Governance, Performance and Resources Committees, and within the Planning Committee’s Standing Orders.
1 Executive summary
Cairngorms National Park Authority Governance
The following is a list of areas where the Organisation is operating effectively and following good practice.
- The Organisation holds a Register of Interests for its Board Members and Executive Management Team. Declarations of Interest is a standing agenda item at each Board and Committee meeting, providing ample opportunity for interests to be declared. The Registers of Interest are published on the Organisation’s website.
- The Board has detailed Standing Orders which set out the powers and the responsibility of the Board and its members. The Standing Orders align to the governance arrangements and Board responsibilities established within the Organisation’s Framework agreement with the Scottish Government.
2 Benchmarking
Cairngorms National Park Authority Governance
We include for your reference comparative benchmarking data of the number and ranking of recommendations made for audits of a similar nature in the most recently finished internal audit year.
Governance
Benchmarking
| High | Medium | Low | Total | |
|---|---|---|---|---|
| Average number of recommendations in similar audits | 0 | 0 | 1 | 1 |
| Number of recommendations at Cairngorms National Park Authority | 0 | 0 | 2 | 2 |
From the table above it can be seen that the Organisation has a higher number of recommendations compared to those organisations it has been benchmarked against.
3 Detailed recommendations
Cairngorms National Park Authority Governance
Meeting Frequency
| Ref. | Finding and Risk | Grade | Recommendation |
|---|---|---|---|
| 1. | The meeting frequency of the Board and its supporting Committees should be formally documented within either the Standing Orders or the Terms of Reference as appropriate. The Board’s standing orders state that they will decide upon a calendar of meeting dates each year for the Board. The Planning Committee Standing Orders state that the Committee will normally meet every six weeks, and again that the calendar of their meetings will be agreed in advance by the Board. However, there is no specific meeting frequency required of the Board set out within its Standing Orders, or set out for any of the supporting Committees within their Terms of References. Our root cause analysis is that the meeting frequency of the Board and each of its Committees has been communicated informally to Board members. Further, as the Board agrees the calendar of meeting dates each year, it was not considered necessary to | Low | We recommend that Organisation formalise the meeting frequency of its Board and it’s supporting Committees. This should be included within the Board’s Standing Orders, and the Terms of Reference of each supporting Committee. |
3 Detailed recommendations
Cairngorms National Park Authority Governance
formalise the meeting frequency.
This creates a risk of a lack of governance continuity, where the Board and its’ Committees may not meet often enough to satisfy strategic objectives or discuss emerging in the event that future meeting calendars are not prepared appropriately. Further, this may create a risk of reduced accountability for the Board and it’s Committees, who may meet less often than expected if there is no documented requirement to do so.
| Management response | Responsibility and implementation date |
|---|---|
| Recommendation accepted. Terms of reference will be presented annually to the Board for review, along with the annual report of the Committee to the board. We will document the expected process for the review and approval of its Committees’ Terms of Reference. | Responsible Officer: Mariaan Pita, Executive Support Manager Implementation Date: 30 June 2026 |
3 Detailed recommendations
Cairngorms National Park Authority Governance
Terms of Reference Review and Approval
| Ref. | Finding and Risk | Grade | Recommendation |
|---|---|---|---|
| 2. | The Terms of Reference for each of the Board’s supporting Committees should be regularly reviewed to ensure they accurately reflect the desired remit of the Committee. The Terms of Reference for the Performance, Governance, Resources and Audit & Risk Committees state that their remit should be reviewed annually. Each of the supporting Committees presented an annual report of their activities to the full Board. Discussion with the Executive Support Manager confirmed that the Committees will confirm their review and approval of their Terms of Reference within these annual reports. Our review of the latest annual reports presented for each of these Committees noted that only the Resources Committee confirmed their approval. Our root cause analysis is that the process for the review of the Committee Terms of Reference is not formalised, with responsibility for this informally communicated to Committee | Low | We recommend that the Organisation formally document the expected process for the review and approval of its Committees’ Terms of Reference. The Organisation should consider including this within the Standing Orders of the Board, or within the individual Terms of Reference for each Committee. |
3 Detailed recommendations
Cairngorms National Park Authority Governance
Members. As a result, there is an inconsistency of approach.
Where Terms of Reference are not reviewed in line with the Organisation’s planned schedule, this increases the likelihood of scope-creep beyond the Committees remit, creating a risk that the Terms of Reference will not properly reflect the remit of the Committee.
| Management response | Responsibility and implementation date |
|---|---|
| Recommendation accepted. Terms of reference will be presented annually to the Board for review, along with the annual report of the Committee to the board. We will document the expected process for the review and approval of its Committees’ Terms of Reference. | Responsible Officer: Mariaan Pita, Executive Support Manager Implementation Date: November 2026 |
4 Observations
Cairngorms National Park Authority Governance
The following is a list of observations from our review
Within our questionnaire responses, we found that 40% of respondents had noted that there was not a programme of work in place for the Board. Our review confirmed that there is an annual Board calendar in place, which includes set items discussed annually, such as budgeting and review of the annual report. It was noted that the nature of the Organisation’s work suits a fluid approach in terms of which topics are reviewed at each meeting. The Organisation should ensure that all members are aware of the annual programme of work. The Organisation may consider reviewing the programme of work at each Board meeting.
Responses also noted that only 80% of respondents felt that sufficient training and induction had been provided. The Organisation may consider reviewing different approaches to training to better suit the Members.
Only 60% of respondents felt there was sufficient challenge at meetings. Our review found that the Organisation is working on improving the Board’s culture and dynamic, which should enhance Members’ confidence to challenge points in meetings. The Organisation should continue to foster a positive culture among the Board.
We performed sample testing of five Board Members to confirm that appraisals had taken place in 2023⁄24 and 2024⁄25. We found that for one Board Member, the 2024⁄25 appraisal has not yet been completed. This has been due to limited availability of the Board Member and the Convener, who are working to arrange time for an appraisal as soon as possible. The Organisation should ensure that this appraisal is completed, allowing for analysis of performance.
4 Observations
Cairngorms National Park Authority Governance
- Discussion with the Convener confirmed that most Board members do not have significant audit and risk background. However, the current Chair of the Audit and Risk Committee does have significant valuable expertise. This will be lost when her ministerial term comes to an end. This is a known skills gap for the Board. After identifying