Cairngorms National Park Authority Audit Planning Memorandum for the 2003/04 Audit CONTENTS Section 1 Page 1 Background - Audit engagement - Facts and figures - Aims of Cairngorms National Park Authority - Organisation and board structure - Main financial systems Section 2 Page 4 Audit resources Section 3 Page 5 Audit objectives and testing - Audit objectives - Audit approach - Nature of audit testing Section 4 Page 10 Audit reporting - Auditor’s report - Reports to Management - Report to the Accountable Officer - Agreement and submission Section 5 Page 11 Audit plans - Long term plan - 2003/04 annual audit plan Appendix A Page 13 - Fee proposal SECTION 1 Background Audit Engagement 1.1 In terms of his responsibilities under the Public Finance and Accountability (Scotland) Act 2000, the Auditor General for Scotland has appointed Robert W Clark, Senior Audit Manager, Audit Scotland as the appointed auditor of Cairngorms National Park Authority. The audit appointment is for a three-year period covering the financial years 2003/04 to 2005/06. 1.2 Audit Scotland is a statutory body set up in April 2000 to provide assistance and support to the Accounts Commission and the Auditor General for Scotland in the exercise of their respective functions. Facts and Figures 1.3 The Cairngorms National Park was set up under the National Parks (Scotland) Act 2000 with the aim of promoting sustainable economic and social development of the area’s communities, conserving and enhancing the natural and cultural heritage of the area, to promote sustainable use of the natural resources of the area and to promote understanding and enjoyment of the special qualities of the area by the public. 1.4 The Cairngorms National Park is Scotland’s second national park and the United Kingdom’s largest at 3800 square kilometres (1400 square miles). Its area stretches from Grantown-on-Spey to the heads of the Angus Glens, from Ballater to Dalwhinnie and Drumochter including much of the Laggan area in the southwest and a large area of the Glen Livet estate and the Strathdon/Glen Buchat area. 1.5 It is home to 52 summits over 900 metres, including four of Scotland’s five highest mountains, and 43 Munros. 1.6 The National Park area is home to a quarter of Scotland’s native woodland with the biggest continuous stretches of near vegetation in Britain. It is a refuge for a host of rare plants and creatures, including 25% of the United Kingdom’s threatened species. 1.7 The administrative headquarters of The Cairngorms National Park are based at 14 The Square, Grantown-on-Spey. 1.8 Forecast gross expenditure on a cash basis for 2003/04 is £2m. The main source of income is grant-in-aid from the Scottish Executive. Aims of Cairngorms National Park Authority 1.9 The aims of the Cairngorms National Park Authority as set out in the National Parks (Scotland) Act are: - To conserve and enhance the natural and cultural heritage of the area; - To promote sustainable use of the natural resources of the area; - To promote understanding and enjoyment (including enjoyment in the form of recreation) of the special qualities of the area by the public; - To promote sustainable economic and social development of the area’s communities. Organisation and Board Structure Organisation Structure 1.10 In 2003/04 CNPA’s core organisation consists of the undernoted functional and support departments reporting to the Chief Executive. Chief Executive Chief Executive (interim) Jane Hope Functional Departments Planning and Development Control (interim) Denis Munro Natural Resources Fiona Newcombe Economic and Social Development Andrew Harper Visitor Services and Recreation Murray Ferguson Strategic Policy and Programme Management Nick Halfhide Support Departments Corporate Services Andy Rinning Communications Daniel Alexander Board Structure 1.11 The Board consists of twenty-five members. Ten members are appointed directly by Scottish Ministers; ten members are appointed to the Board by nomination of the four local authorities in the Park area (Highland Council 5, Aberdeenshire Council 3, Moray Council 1, Angus Council 1) and the 12,650 voters in the park area elect the final five members. The members will serve between 18 months and four years. 1.12 The Board came into existence on the 25th March 2003 and held its first meeting on the 15th April 2003. It took full powers and became operational on September 1st 2003. 1.13 The Board has an Audit Committee with five members. The Audit Committee will meet approximately three times a year. The chairperson of the Committee is Eric Baird (Deputy Convenor). 1.14 The Board has standing orders for the conduct of its proceedings and they will be reviewed as part of our 2003/04 audit. 1.15 The Principal Accountable Officer for the Scottish Administration has designated the interim chief executive as the Accountable Officer for Cairngorms National Park. As part of her responsibilities as Accountable Officer, she must personally account to the Scottish Parliament for the way in which expenditure out of the funds provided by the department is made. 1.16 The Board also has a draft Management Statement/Financial Memorandum, which covers a range of issues including: functions, duties and powers; aims, objectives and targets; responsibilities and accountability; planning, budgeting and control, and external accountability. Main Financial Systems 1.17 Over the three-year appointment we intend to audit Cairngorms National Park’s main accounting systems. These systems are detailed in the table below. System Software supplier Sage Line 50 Accounting system (ledger, creditors, debtors and payroll) 1.18 Included at Section 5 are the areas we have selected for review in 2003/04. SECTION 2 Audit Resources 2.1 In a letter dated 18 November 2003 Audit Scotland specified that the fee is negotiable between the external auditor and the audited body. This will be a provisional fee, which may be increased or decreased within a range of 10% with the agreement of the Chief Executive/Head of Corporate Services. In determining the agreed fee, the following factors have been considered: the standard of the audited body’s corporate governance arrangements, the control environment established by the body and the experience of its senior management; the standard of internal controls in main financial systems and whether audit recommendations are promptly acted upon; the standard of internal audit and the reliance that can be placed on its work; the extent to which comprehensive schedules and working papers are to be provided in support of the financial statements; whether or not the audited body wishes us to undertake specific additional work (e.g. additional centrally directed study work or a specific locally determined study); additional audit set-up time in the first year of an audit appointment. 2.2 The fee agreed with the Chief Executive for 2003/04 is £6,900 for field audit work. In addition there will be a central administrative charge of £2,000 making a total of £8,900. 2.3 Should additional audit work require to be undertaken that has not been provided for in this initial plan, the agreed fee will be revised within the indicative range, in conjunction with the audited body. 2.4 The core audit team will consist of Senior Audit Manager Robert W Clark FCCA Audit Senior James Munro FCCA ACMA Audit Senior Kenneth Goddard CPFA FCCA Assistant Auditor Kevin Irvine 2.5 The size of the audit means that the audit team will have an irregular presence on site. Systems audits and performance audit work will be undertaken during the period February to July 2004. During the period August to October 2004 we will concentrate on the financial statements in order to meet the requirement to lay the accounts before the Parliament by Scottish Ministers before 31 December 2004. In order to meet this date a full set of draft accounts and associated working papers will require to be provided by an agreed date which will allow sufficient time to complete our final accounts audit work. We have been advised that a final accounts timetable has still to be prepared for CPNA. However, it is anticipated draft accounts and working papers will be available to allow audit certification in advance of 31 December. SECTION 3 Audit objectives and testing Audit Objectives 3.1 External audit is the activity statutorily superimposed upon an audited body’s accountability, which provides an independent and objective check on the stewardship function. Its overall purpose is to undertake an independent appraisal of the discharge by management of its stewardship responsibilities, to enable it to give an assurance to the public that those responsibilities have been reasonably discharged. Statutory duties in relation to bodies falling within the remit of the Auditor General 3.2 The statutory duties of the auditor are derived through appointment by the Auditor General. These require the auditor to set out in his report his findings on: whether the expenditure and receipts shown in the financial statements were incurred or applied in accordance with any enactment by virtue of which the expenditure was incurred or the income received; whether the expenditure or receipts shown in the financial statements were incurred or applied in accordance with any applicable guidance issued by the Scottish Ministers; whether the financial statements comply with any applicable direction by virtue of any enactment. The auditor must send the financial statements and the auditor’s report to the Auditor General, who may prepare a report on the financial statements. 3.3 In general, an external auditor’s objectives can be summarised as to: (a) provide an opinion on the audited body’s financial statements and the regularity of transactions in accordance with standards and guidance issued by the Auditing Practices Board; (b) review and report on, to the extent required by relevant legislation and the requirements of the Code of Audit Practice approved by the Auditor General: (i) the audited body’s corporate governance arrangements as they relate to: the audited body’s review of its system of internal control; the prevention and detection of fraud and irregularity; standards of conduct, and prevention and detection of corruption; its financial position; (ii) aspects of the audited body’s arrangements to manage its performance, as they relate to economy, efficiency and effectiveness in the use of resources. 3.4 The duties and responsibilities placed upon public sector auditors are wider in many respects than those of their private sector counterparts, stemming from the acknowledged public interest in the propriety and the economy, efficiency and effectiveness in the use of public funds. The wider responsibilities of the auditor are fully detailed in the Code of Audit Practice. The attached plan has been prepared in accordance with the Code. 3.5 Our responsibilities also encompass the certification of grant claims, dealing with any formal complaints and drawing to the attention of the Auditor General any matters that could give rise to a statutory report. Audit Approach 3.6 Our audit approach is outlined in Audit Scotland’s Audit Manual, which has been developed to ensure compliance with the requirements of the Code of Audit Practice. The approach will seek to gain assurance that: the body’s system of recording and processing transactions provides an adequate basis for the preparation of financial statements and the effective management of its assets and interests; the body has adequate Corporate Governance arrangements in place which reflect the three fundamental principles of openness, integrity and accountability the systems of internal control provide an adequate means of preventing or detecting material mis-statement, error, fraud or corruption; transactions have been processed and recorded in accordance with statutory and management requirements; the financial statements give a true and fair view; the body has made proper arrangements for securing value for money in its use of resources; the body has properly considered and acted upon all matters of legality. Corporate Governance arrangements 3.7 In each audit year we undertake a review of the body’s Corporate Governance arrangements using a standard checklist covering issues relating to systems of internal control, arrangements for the prevention and detection of fraud and corruption, standards of conduct and the body’s financial position. Systems of internal control 3.8 The review of systems of internal control has a dual purpose in that it will contribute to both: the assessment of the body’s corporate governance arrangements in so far as they relate to the systems of internal control; the process of arriving at an appropriate audit opinion on the financial statements by establishing the extent to which the information provided by the financial systems can be relied upon. 3.9 It is not possible to review all the main financial systems in each audit year, although we would intend to review and have covered all main systems over the three-year appointment. 3.10 Based on information collated during planning, we have assessed the inherent risk attached to each system. This risk assessment will be reviewed as internal control systems are evaluated over the audit cycle. Financial position 3.11 The Code of Audit Practice requires us to consider whether adequate arrangements exist to ensure that the financial position is soundly based with regard to: financial monitoring and reporting arrangements; compliance with statutory requirements and achievement of financial targets; level of balances and reserves; the impact of planned future policies and known or foreseeable future developments on the financial position. 3.12 As noted above, this review will be undertaken as part of our review of the body’s Corporate Governance arrangements updated as appropriate to reflect the position as reported in the financial statements. Internal audit 3.13 The main duty of internal audit is to provide an assurance to management on the accounting and internal control systems within the body. We have been advised that the Cairngorm National Park Authority does not currently have an internal audit function but there are plans to have an internal audit presence in the 2004/05 financial year. In the 2003/04 financial year it may be necessary to undertake additional audit work as we will not be able to place reliance on the work of internal audit. Any additional fee will be subject to negotiation with the Chief Executive. Performance audit 3.14 The Code of Audit Practice requires us to review the arrangements CNPA has in place to secure value for money. This requirement is discharged by: appraising the arrangements in place to secure economy, efficiency and effectiveness in the use of resources reviewing evidence to confirm the arrangements are working in practice. Legality issues 3.15 We are required to keep under review the legality of significant transactions and events and to have an awareness of the key requirements of relevant statutory provisions. The legality of items of account are considered by: assessment of the arrangements the audited body has in place to obtain advice on legal matters; requesting written representations by the accountable officer regarding the legality of transactions; inclusion of significant legal requirements in audit programmes and checklists used in the conduct of the audit ; deployment of senior staff who have experience of the public sector’s legal framework; review of minutes for items where staff have raised concerns to ensure that those are adequately followed-up and resolved. Financial statements 3.16 It is management’s responsibility to ensure the preparation of financial statements, and to ensure that these statements present a true and fair view of the financial position of the audited body at the year-end and its income and expenditure for the year. Our responsibility is to provide an independent opinion on the financial statements. Standard Audit Scotland final accounts programmes will be used, tailored to meet the particular needs of the audited body. Representations will be sought from management in respect of key judgements. Nature of Audit Testing 3.17 We consider that the most efficient and effective method of obtaining the assurances noted above is a risk based audit approach, which takes cognisance of the existence and efficacy of key internal controls and risk. As a result, our system reviews will be based on these key controls and any audit testing will be directed into ensuring their existence. We will use standard Audit Scotland documentation, which has been developed to indicate the overall objectives and the expected controls required to achieve these objectives. Audit work will identify and appraise the controls in place by using a selection of appropriate audit tests contained within the standard documentation. 3.18 Sample sizes for testing controls depends on the frequency with which the control is operated. Sample sizes for substantive tests of individual transactions are determined by a combination of the assessed levels of control risk and inherent risk. 3.19 Provided internal control is found to be operating satisfactorily, assurance can be taken for the purposes of the financial statements. It is expected that the level of substantive testing required at the final accounts stage can be reduced, but not eliminated, by taking assurance from audit work carried out at the systems audit stage. Analytical procedures will also be deployed to systematically analyse and compare related figures, trends, ratios and other data with the aim of providing evidence to support the audit opinion. 3.20 Where possible, the use of CAATs (Computer Assisted Audit Techniques) will be incorporated into the audit tests as this will allow a more focused sample to be chosen; examples of CAATs may include overtime/bonus payments over a prescribed level and creditors’ invoices over a particular level. Audit Services - Audit Scotland 9 28 January 2004 SECTION 4 Audit reporting 4.1 Reports from the external auditor are the primary means by which the results of audit activity are brought to the attention of senior management of the audited body and other stakeholders, including the public. The target dates for the issue of planned audit outputs are listed in Appendix A but, in summary, the principal audit outputs are as follows. Auditor’s Report 4.2 The appointed auditor will provide a report to the audited body, the Auditor General for Scotland and the Scottish Parliament in approved terms, including an opinion on the financial statements. Reports to Management 4.3 Matters arising from each audit review will be reported to management on a timely basis throughout the year and will include an agreed action plan with agreed deadlines for implementation of audit recommendations and details of the officers responsible for their implementation. Report to the Accountable Officer 4.4 At the conclusion of each year’s audit, a report addressed to the accountable officer and the Auditor General for Scotland will provide a summary of the significant matters arising from the audit. This will be submitted to the Audit Committee for consideration as soon as possible after the formal completion of the audit of the financial statements. Agreement and Submission 4.5 Draft reports will, in the main, be discussed with the Head of Corporate Services and/or appropriate Departmental Heads to confirm their factual accuracy, but there will be circumstances where clearance by certain technical officers may be necessary, and in such circumstances we will approach the relevant officers for their comments. 4.6 A copy of all formal reports will be sent to the Chief Executive, Head of Corporate Services and appropriate Heads. 4.7 All formal reports, or a summary thereof, will be made available for submission to the Audit Committee for their consideration. SECTION 5 Audit plans Long Term Plan 5.1 We prepare a long-term plan from which our annual plan is drawn. It has been developed using a risk based approach and has been influenced by factors such as new systems to be introduced. However, it is emphasised that the long-term plan is not immutable and will be reassessed in the light of actual coverage, major new developments and changing priorities. 2003/04 Annual Audit Plan 5.2 In devising the current annual audit plan meetings held with the Chief Executive and Head of Corporate Services to discuss any potential problem areas and areas of audit interest. Review of systems 5.3 In accordance with our three-year audit plan we will evaluate the key systems in place and, to the extent this evaluation allows, place reliance on the internal controls within those systems. It will mainly be a systems based audit approach with a review of the controls within an application in some instances. 5.4 As outlined in our long-term plan, all systems will be subject to a cyclical review over the term of our engagement. Systems that are considered to be material to the financial statements will be subject to a degree of annual coverage. This is not necessarily a full audit review. 5.5 The following area has been chosen for a systems review in 2003/04: Main accounting system. Main accounting system 5.6 Our audit will consist of an applications control review and the objectives will include obtaining assurance that: all data input, by whatever means, is genuine, complete, accurate, not previously processed, properly authorised and timely; controls over output are sufficient to ensure its accuracy, completeness, confidentiality and timeliness. Performance audit 5.7 As part of the wider responsibilities under the public sector model the Auditor General requires that, for audited bodies falling within his remit, the auditor will consider whether the audited body has put in place adequate and appropriate arrangements to secure economy, efficiency and effectiveness in its use of resources. Our responsibilities in this area will be discharged principally by our planned review of the corporate governance arrangements within the Cairngorm National Park Authority. 5.8 The Freedom of Information (Scotland) Act 2002 was passed by the Scottish Parliament on 24 April and received Royal Assent on 28 May 2002. It will introduce a general statutory right of access to all types of ‘recorded’ information held by Scottish public authorities. Each public authority will be required to adopt and maintain a ‘publication scheme’ setting out how it intends to publish the different classes of information it holds, and whether there is to be a charge for the information. 5.9 As part of our 2003/04 audit we will review the arrangements the CNPA is making to ensure compliance with the above Act. Completed by James Munro FCCA ACMA Audit Senior Date 28/1/2004 Approved by Robert W Clark FCCA Certifying auditor Date 28/1/2004 APPENDIX A Fee proposal Comparison of Agreed Fee Against Indicative Fee Indicative fee range £6,210 to £7,590 (excluding central charge) Indicative fee per Director of Audit Strategy’s letter of 18 November 2003 £6,900 Adjustments Reasons for additions 1 2 3 4 Reasons for reductions 1 2 3 4 Agreed fee £6,900 Audit activity Period of Planned Output target fieldwork output date Main accounting system February to March 2004 Report 31 March 2004 Corporate governance arrangements April and May 2004 Report 30 June 2004 Final accounts October & November 2004 Auditor’s Report 30 November 2004 Report on the Audit 31 December 2004 Completed by James Munro FCCA ACMA Audit Senior Date 28/1/2004 Approved by Robert W Clark FCCA Certifying auditor Date 28/1/2004 Audit Services - Audit Scotland 13 28 January 2004