
WARNING - By their nature, text files cannot include scanned images and tables. 
The process of converting documents to text only, can cause formatting changes and 
misinterpretation of the contents can sometimes result. Wherever possible you 
should refer to the pdf version of this document.


CAIRNGORMS NATIONAL PARK AUTHORITY 
AUDIT COMMITTEE 
Minutes 17/04/09 


CAIRNGORMS NATIONAL PARK AUTHORITY 

Minutes of the Audit Committee 

Held at the Village Hall, Kincraig 
17 April 2009, 9:00am 


Present 

Eric Baird (Chair) 		Fiona Murdoch 
Ian MacKintosh 		Lucy Grant 

In Attendance 

Lisa MacDonald (Deloitte) 
Jane Hope, Chief Executive 
David Cameron, Head of Corporate Services 

Apologies 

Sue Walker 
Stephen O’Hagan, Alison MacDonald -Audit Scotland 


Appointment of Chair 

1. David Cameron invited nominations for Chair of the Committee, this being the first 
quorate meeting following the Board’s ratification of membership for the year to 
September 2009. Eric Baird was nominated, and there being no other nominations 
David declared Eric as Chair. 


Welcome 

2. The Chair welcomed all present and thanked them for their attendance. 


Apologies 

3. Apologies as recorded above were noted. 


Minutes of Meeting of 11 December 2008 

4. A typing error on point 11 of the minute was noted, which read “arrangement sin” 
and should read “arrangements in”. Other than this, the minutes of the meeting of 11 
December 2008 were agreed. 


PAGE 2

Matters Arising 

5. Members questioned the comment on auditor’s fees in the minutes (point 20). David 
Cameron confirmed that this item related to external audit fees and that the internal 
audit fees were covered by a separate contract. 

6. David Cameron highlighted that the schedule of outstanding audit recommendations 
had not been included on the agenda for this meeting as a result of work pressures. 
David commented that an update would be presented to the next meeting, most likely 
in the form of a formal follow-up report from the internal auditors. 

7. Lucy Grant left the meeting at this point. Lucy was required to attend preparations 
for a Board discussion she would be facilitating. 


Internal Audit Review: Project Management Review – Point of Entry 
Signage (Paper 1) 

8. Lisa MacDonald introduced this item, reporting on the outcome of Deloitte’s review 
of the Point of Entry Signage Project. The review found that in 3 of 7 areas of project 
control, arrangements accord with good practice and operate satisfactorily. Lisa 
highlighted four areas of control where arrangements are either adequate or offer 
scope for improvement and that five recommendations for action were made (all at 
priority 2). All recommendations have been accepted by the Head of Corporate 
Services and the Project Manager. 

9. David Cameron commented that in the case of 3 of the 5 recommendations, action 
has already been implemented to address the areas highlighted for improvement. 

10. Members welcomed the report and endorsed the management responses 
to the recommendations for action. 


Internal Audit Review: Project Management Review – Land Management 
Support (Paper 2) 

11. Lisa MacDonald introduced this item, reporting on the outcome of Deloitte’s review 
of the Land Management Support Project. The review found that in 4 of 7 areas of 
project control, arrangements accord with good practice and operate satisfactorily. 
Lisa highlighted three areas of control where arrangements are either adequate or 
offer scope for improvement and that three recommendations for action were made 
(all at priority 2). All recommendations had been accepted by the Head of Corporate 
Services and by the Head of Heritage and Land Management. 

12. In discussion, members particularly welcomed that the aspects of the reviews looking 
at the establishment of a rationale for each project; the linkages between projects and 
the Corporate and National Park Plans; the establishment of clear aims and objectives 
for projects and project impact were all found to be working relatively well. This gave 


PAGE 3

some confidence to members that projects undertaken were, indeed, contributing to 
the intended outcomes set out in the Corporate and National Park Plans. 

13. Members agreed that these project reviews were helpful and should be 
continued in future internal audit plans. 

14. Members welcomed the report and endorsed the management responses 
to the recommendations for action. 


Internal Audit: Strategic Risk Management (Paper 3) 

15. Lisa MacDonald presented this paper, setting out the outcome of the strategic risk 
management workshop held in December 2008. Deloitte had facilitated this 
workshop, with participants from both the Management Team and Audit Committee. 
Some 102 risks had been considered and voted on by attendees at the workshop. Lisa 
highlighted that the resultant top 25 risks had been extracted and approved by the 
Authority’s Management Team, with a few minor amendments, as the proposed 
Strategic Risk Register for the organisation. 

16. David Cameron stated that the proposed strategic risk register resulting from the 
Management Team’s subsequent consideration of the risk register workshop results 
was set out at Annex 2 to the paper. 

17. In discussion, members questioned the typical size of organisations’ strategic risk 
registers. Lisa commented that, in her experience, the 25 risks proposed by the 
Management Team and following on from the Deloitte report, was typical of the size 
of risk registers that organisations found to be manageable. 

18. Members had a lengthy discussion on the coverage of the risk register, and in 
particular whether there was adequate coverage of the range of visitor management 
and tourism work in which the Authority was engaged. David Cameron and Lisa 
MacDonald highlighted that it was appropriate for members to seek to add or amend 
the strategic risk register at this stage if there was agreement to do so. 

19. Members agreed that risk number 28 from the Deloitte workshop report 
should be added into the strategic risk register: that “tourism businesses 
do not engage with the concept of a National Park in a meaningful and 
effective way”. Members also agreed that the revised risk register should 
be included as an Appendix to the Committee’s Annual report to the 
Board, in order to fully inform All Board members of the work done with 
regard to risk management and ensure that the Board had regard to the 
risk register established. 

20. Subject to the amendment noted above, the Committee approved the 
revised strategic risk register for future ongoing monitoring by the 
Management Team and Audit Committee. 


PAGE 4

Internal Audit: Update on Current Activity 

21. Lisa MacDonald gave an oral update to members on work being progressed by 
Deloitte. 

22. A review of the Authority’s administration of the LEADER grant and support of the 
Local Action Group (LAG) had been undertaken. A draft report was in preparation 
and would be brought to a future meeting of the Committee. The report set out 6 
recommendations for future action which were being considered by the Head of 
Corporate Services and the Head of Economic and Social Development as the Head of 
Group responsible for this activity. Three of these recommendations were at priority 
2 level and 3 at priority 3. David Cameron confirmed that he was broadly content 
with the recommendations made. The greatest amount of potential work arising from 
the draft report was in the area of IT and progressing a specific accreditation for 
security standards. 

23. Deloitte had also been requested to undertake some work reconciling payments to a 
grant claim to Highlands and Islands Enterprise. The outcome of this work would also 
be reported to the Committee for information. 

24. Both of these items of work were additional to the main internal audit contract and 
workplan. 


External Audit Review: International Financial reporting Standards (Paper 6) 

25. David Cameron introduced this item on behalf of Stephen O’Hagan and Alison 
MacDonald. The paper set out Audit Scotland’s review of the Authority’s restated 
balance sheet at 31 March 2008, as required under the Scottish Government’s 
timetable for adoption of International Financial Reporting Standards (IFRS). The 
report from Audit Scotland highlights that there were no errors to report in the 
restated balance sheet. The report also noted that further work was needed to 
finalise segmental reporting analysis. Financial accounts, on an IFRS basis, are required 
to report on financial performance on the same basis as that used internally for 
allocating resources and evaluating performance. 

26. David confirmed that he did not anticipate this additional work to be problematic. 
The Finance Manager had already done a considerable amount of work in developing 
an appropriate system of segmental analysis, on the basis of the 10 priorities for action 
set out in the Authority’s Corporate and operational Plans. 

27. Members thanked Audit Scotland for their report and noted the results of 
the review. 


External Audit Review of Internal Control Systems 2008/09 

28. David Cameron introduced this item on behalf of Stephen O’Hagan and Alison 
MacDonald. The paper set out Audit Scotland’s review of the Authority’s internal 


PAGE 5

control systems as part of initial testing in the lead up to the 2008/09 review of the 
accounts. 

29. David reported that Alison MacDonald had mentioned to him that she had found 
significant improvement in the Authority’s budget monitoring systems as a result of 
new processes implemented by Alistair Highet, the Finance Manager. 

30. The report noted one action to be addressed – that a record be kept of the monthly 
reconciliation of the creditors control account. 

31. Members thanked Audit Scotland for their report and noted the results of 
the review. 


Any Other Business 

32. David Cameron highlighted the requirement to consider future internal audit 
contracts, as had been flagged up on the agenda. Lisa MacDonald thanked members 
for their attention to Deloitte’s reports at this point and left the room. 

33. David Cameron reported that he had made some effort to establish a joint 
procurement of internal audit services with other organisations, and had attended a 
number of procurement and shared services workshops and networking events to this 
end. However, there had been no success in establishing a joint contract as previously 
directed by the Committee. Unfortunately, Loch Lomond and the Trossachs National 
Park Authority (LLTNPA) had also separately let an internal audit contract, prior to 
commencing the current programme of closer joint working, and had not invited the 
CNPA to collaborate in this. 

34. Given the current joint working project with LLTNPA, David recommended that the 
CNPA contract with Deloitte should be extended for a further, final 2 years. This 
would give contracts for internal audit services which would come to a conclusion at 
the same time for both NPAs and allow a joint procurement process to take place. 

35. Members agreed this proposal and authorised David Cameron to negotiate 
a further 2 year extension to the current contract with Deloitte, on the 
basis that this would be the final extension to the contract. 


Date of Next Meeting 

36. The next meeting of the Committee would be Friday, 26 June, Ballater.