WARNING - By their nature, text files cannot include scanned images and tables. 
The process of converting documents to text only, can cause formatting changes and 
misinterpretation of the contents can sometimes result. Wherever possible you 
should refer to the pdf version of this document.


Cairngorms National Park Authority 

Annual Audit Plan 2007/08 



Contents 

Summary plan 1

Summary of planned audit activity  1

Introduction 1

Our responsibilities 1

Our approach 2

Responsibility for the preparation of accounts 3

Format of the accounts 4

Audit issues and risks 4

Materiality 5

Reporting arrangements 5

Quality control 7

Fees and resources 7

Independence and objectivity  8 

 Appendix A  9 

Summary assurance plan 9 

Appendix B 12 

Financial statements audit timetable 12 

Appendix C 13 

Audit team 13 

Appendix D 14 

Reliance on internal audit 14 

Appendix E 15  

Independence and Objectivity 15 


PAGE 1

Summary plan 

Summary of planned audit activity 

Based on our analysis of the risks facing Cairngorms National Park Authority our planned work in 2007/08 
includes: 

. an audit of the financial statements and provision of an opinion on whether: 

-they give a true and fair view of the state of affairs of Cairngorms National Park Authority 
-the income and expenditure for the year were incurred or applied in accordance with 
applicable enactments and guidance issued by Scottish Ministers 
-the accounts have been properly prepared in accordance with the National Parks (Scotland) 
Act 2000 and directions made by Scottish Ministers 

. a review and assessment of Cairngorms National Park Authority’s governance and performance 
arrangements in a number of key areas including the adequacy of internal audit. 

Introduction 

1. Our audit is focused on the identification and assessment of the key challenges and risks to 
Cairngorms National Park Authority (CNPA) in achieving its business objectives. We also assess the 
risk of material misstatement or irregularity in CNPA financial statements. This report summarises the 
key challenges and risks facing CNPA and sets out the audit work that we propose to undertake in 
2007/08. Our plan reflects: 

. the risks and priorities facing CNPA
 . current national risks relevant to local circumstances
 . the impact of changing international auditing and accounting standards 
. our responsibilities under the Code of Audit Practice as approved by the Auditor General for Scotland 
. issues brought forward from previous audit reports. 

Our responsibilities 

2. Our responsibilities, as independent auditor, are established by the Public Finance and Accountability 
(Scotland) Act 2000 and the Code of Audit Practice approved by the Auditor General for Scotland, and 
guided by the auditing profession’s ethical guidance. 


PAGE 2

3. Audit in the public sector goes beyond simply providing assurance on the financial statements and the 
organisation’s internal control environment. We are also required to provide a view on performance, 
regularity and the organisation’s use of resources. In doing this, we aim to support improvement and 
accountability. 

4. In carrying out our audit, we seek to gain assurance that CNPA 

. has good corporate governance arrangements in place which reflect the three fundamental 
principles of openness, integrity and accountability 

. has systems of recording and processing transactions which provides a sound basis for the 
preparation of financial statements and the effective management of its assets and interests 

. prepares financial statements which are true and fair and in accordance with the National Parks 
(Scotland) Act 2000, the Financial Reporting Manual (FReM) and directions from Scottish 
Ministers 

. has systems of internal control which provide an adequate means of preventing or detecting 
material misstatement, error, fraud or corruption 

. complies with established policies, procedures, laws and regulations 

. has made proper arrangements for securing best value in its use of resources. 

Our approach 

5. Our audit approach is based on an understanding of the characteristics, responsibilities and principal 
activities, risks and governance arrangements of CNPA, and identification of the key audit risks and 
challenges in the central government sector generally. This approach includes: 

. understanding the business of CNPA and the risk exposure which could impact on the financial 
statements 

. assessing the key systems of internal control, and considering how risks in these systems could 
impact on the financial statements 

. identifying major transaction streams, balances and areas of estimation, understanding how 
CNPA will include these in the financial statements and developing procedures to audit these 

. assessing the risk of material misstatement in the financial statements, in conjunction with our 
evaluation of inherent risk, the control environment and control risk as part of our risk 
assessment 

. determining the nature, timing and extent of our testing programme to provide us with sufficient 
appropriate audit evidence as to whether the financial statements are free of material 
misstatement. 


PAGE 3

6. Through this approach we have also considered and documented the sources of assurance which will 
make best use of our resources and allow us to focus testing on higher risk areas during the audit of 
the financial statements. The main areas of assurance for the audit come from planned management 
action and reliance on systems of internal control. Management action being relied on for 2007/08 
includes: 

. comprehensive closedown procedures for the financial statements accompanied by a timetable 
issued to all relevant staff 

. clear responsibilities for provision of accounts and working papers being agreed 

. delivery of unaudited accounts to agreed timescales with a comprehensive working papers 
package 

. completion of the internal audit programme for 2007/08. 

7. Auditing standards require internal and external auditors to work closely together to make optimal use 
of available audit resources. We seek to rely on the work of internal audit wherever possible and, as 
part of our planning process we carry out an early assessment of the internal audit function. Internal 
audit is provided by Deloitte & Touche LLP within CNPA. Based on our review of internal audit we 
plan to place formal reliance on the areas of work set out in Appendix D. 

8. At the completion of the audit we will provide the Chief Executive with an annual report on the audit 
containing observations and recommendations on significant matters which have arisen in the course 
of the audit. 

Responsibility for the preparation of accounts 

9. It is the responsibility of CNPA and the Chief Executive as Accountable Officer (appointed by Scottish 
Ministers), to prepare the financial statements in accordance with the Public Finance and 
Accountability (Scotland) Act 2000 and Directions signed by Scottish Ministers. This means: 

. acting within the law and ensuring the regularity of transactions by putting in place systems of 
internal control to ensure that financial transactions are in accordance with the appropriate 
authority 

. maintaining proper accounting records 

. preparing financial statements timeously which give a true and fair view of the financial position 
of CNPA as at 31 March 2008 and its expenditure and income for the year then ended 

. preparing an annual report, including management commentary and remuneration report. 


PAGE 4

Format of the accounts 

10. The financial statements should be prepared in accordance with the FReM and Directions signed by 
Scottish Ministers. The FReM sets out the principles applicable to the accounting and disclosure 
requirements for the annual report and accounts which bodies covered by resource accounting are 
required to prepare annually. 

Audit issues and risks 

11. Based on our discussions with staff, consideration of your own risk management arrangements and a 
review of supporting information, we identified the main risk areas for your organisation: 

. performance 

. governance and internal control. 

12. Within these identified risk areas there is a range of more specific risks and these are summarised at 
Appendix A. In most cases, actions to manage these risks are either planned or already underway 
within the organisation. Details of the sources of assurance that we have received for each of these 
risks and any audit work we plan to undertake is also set out in Appendix A. In the period prior to the 
submission of the unaudited financial statements, we will liaise with senior officers on any new or 
emerging issues. 

Best value 

13. In 2005/06 Audit Scotland carried out a baseline review of Best Value across Central Government 
bodies and the NHS in Scotland. The purpose of this work was to establish baseline information 
across the wider public sector on the management arrangements in place to secure Best Value and to 
identify areas of good practice which could be shared more widely to support continuous 
improvement. It should be emphasised that this was not an audit of Best Value. 

14. Audit Scotland is currently developing an approach to rolling out the audit of Best Value across the 
public sector including the NHS, central government and Executive Agencies. This work will take 
place in partnership with the Scottish Executive and other stakeholders to ensure that the audit 
approach that is ultimately adopted: 

. is understood and owned by those who will be subject to it; and 

. is likely to add value by supporting continuous improvement. 

15. Our audit approach will also reflect the objectives of Professor Crerar’s ongoing independent review of 
external scrutiny of public bodies in Scotland, which is seeking to deliver a coherent set of scrutiny 
arrangements across Scotland’s public sector which are streamlined, proportionate and risk-based. 


PAGE 5

Materiality 

16. We consider materiality and its relationship with audit risk when planning the nature, timing and extent 
of our audit and conducting our audit programme. Specifically with regard to the financial statements, 
we assess the materiality of uncorrected misstatements, both individually and collectively. 

17. International Standard on Auditing 320 states that, “information is material if its omission or 
misstatement could influence the economic decisions of users taken on the basis of the financial 
statements. Materiality depends on the size of item or error judged in the particular circumstances of 
its omissions or misstatement. Thus, materiality provides a threshold or cut-off point rather than being 
a primary qualitative characteristic which information must have if it is to be useful.” 

18. When considering, in the context of a possible qualification, whether the misstatement of an item, or a 
number of items taken together, is material in terms of its monetary value, we use professional 
judgement, experience and internal guidelines from peers as broad guidance in regard to considering 
whether the results of tests of detail are material. 

19. An item may be judged material for reasons other than its monetary or quantitative value. An 
inaccuracy, which would not normally be regarded as material by amount, may be important for other 
reasons. When such an item affects a critical point in the accounts, its materiality has to be viewed in 
a narrower context (for example the failure to achieve a statutory requirement, an item contrary to law, 
or areas affected by central government control). Again we use professional judgement, experience 
and internal guidelines from peers to determine when such matters would fall to be covered in an 
explanatory paragraph, rather than as a qualification to the audit opinion. 

Reporting arrangements 

20. Under the Public Finance and Accountability (Scotland) 2000 Act, there is a requirement for the 
Resource account of the Scottish Government to be presented to Parliament within nine months of the 
financial year-end i.e. 31 December. CNPA is required to have their audited financial statements 
submitted to meet the consolidation timetable. 

21. As the accounts have to be signed by the relevant officers and by the appointed auditor, Stephen 
O’Hagan – Senior Audit Manager, prior to submission, it is critical that a timetable is agreed with us for 
the production of the unaudited accounts. An agreed timetable is included at Appendix B of this plan, 
which takes account of submission requirements, proposed audit committee dates and audit 
resources. 

22. Matters arising from our audit will be reported on a timely basis and will include agreed action plans. 
Draft management reports will be issued to the Head of Corporate Services Group and relevant 
manager to confirm factual accuracy. Responses to draft reports are expected within four weeks of 
submission. 

PAGE 6

23. A copy of all final agreed reports will be sent to the Chief Executive, Head of Corporate Services 
Group, relevant manager, Internal Audit and Audit Scotland’s Public Reporting Group. 

24. We will provide an independent auditor’s report to CNPA and the Auditor General that the audit of the 
financial statements has been completed in accordance with applicable statutory requirements, 
including an opinion on those financial statements. An annual report to CNPA will also be produced to 
summarise all significant matters arising from the audit and overall conclusions about CNPA 
management of key risks. 

25. All annual reports produced by Audit Scotland are published on our website: (www.auditscotland.
gov.uk). 


PAGE 7

26. The full range of outputs to be delivered by the audit team are summarised below: 

Planned outputs   /  Target delivery date  

Governance  

Internal audit reliance  29 February 2008 

Internal controls management letter  30 April 2008 


Financial statements  

Financial statements management letter    4 July 2008 

Report to Audit Committee in terms of ISA 260 (Communication of 
audit matters to those charged with governance)   15 July 2008 

Independent auditor’s report on the financial statements   29 July 2008 

Annual report to the Accountable Officer and the Auditor General 
for Scotland/Members and the Controller of Audit   28 August 2008 


Quality control 

27. We are committed to ensuring that our audit reflects best practice and demonstrates best value to 
CNPA and the Auditor General for Scotland. We operate a strong quality control framework that seeks 
to ensure that your organisation receives a high quality service. The framework is embedded in our 
organisational structures and processes and includes an engagement lead for every client; in your 
case this is Lorna Meahan, who is responsible for ensuring that our work is carried out on time and to 
a high quality standard. 

28. As part of our commitment to quality and continuous improvement, we may periodically seek your 
views. We would be grateful for any feedback on our services. 

Fees and resources 

29. Our agreed fee for the 2007/08 audit of CNPA is Ł10,400 comprising a local audit fee of Ł9,300 and a 
fixed charge of Ł1,100. Our fee covers: 

. all of the work and outputs described in this plan 

. a contribution towards the costs of national performance studies and statutory reports by the 
Auditor General 

. attendance at the audit committee 

. access to advice and information on relevant audit issues 

. access to workshops/seminars on topical issues 

. travel and subsistence costs. 


PAGE 8

30. In determining the agreed fee we have taken account of the risk exposure of CNPA, the management 
assurances in place, and the level of reliance we plan to take from the work of internal audit. We have 
assumed receipt of the draft accounts and working papers by 6 June 2008. If the draft accounts and 
papers are late, agreed management assurances are unavailable, or planned internal audit reliance is 
not achieved, we reserve the right to charge an additional fee for further audit work. 

31. An additional fee will be required in relation to any work or other significant exercises not within our 
planned audit activity. An additional fee will also be charged for work on any grant claims or returns 
not included in the planned outputs noted previously. 

32. Stephen O’Hagan, Senior Audit Manager, is your appointed auditor. The local audit team will be led 
by Alison Macdonald] who will be responsible for the day to day management of the audit and who will 
be your primary contact. Details of the experience/skills of our team are provided at Appendix C. The 
core audit team will call on other specialist and support staff, as necessary. 

Independence and objectivity 

33. Auditing and ethical standards require the appointed auditor to communicate any relationships that 
may affect the independence and objectivity of audit staff. We are not aware of any such relationships 
within the audit team. 

34. We comply with ethical standards issued by the Auditing Practices Board and with Audit Scotland’s 
requirements in respect of independence and objectivity, as summarised at Appendix E. 

Audit Scotland
January 2008 


PAGE 9

Appendix A 

Summary assurance plan 

In this section we identify a range of operational risks facing CNPA, the related source of assurance 
received and the audit work we propose to undertake to secure additional assurance. The 
management of risk is the responsibility of CNPA and its officers, with the auditor’s role being to 
review the arrangements put in place by management. Planned audit work, therefore, will not 
necessarily address all residual risks. 

Risk   /  Source of assurance   /  Planned audit action 

Performance 

Single environment and rural service 

The Scottish Government has 
asked environment and rural 
affairs bodies to develop 
proposals by the end of June 
2008 for a more integrated 
approach to shared customer 
service delivery. Although the 
Authority is a relatively small 
organisation in relation to other 
stakeholders, this could have a 
significant impact on the way the 
Authority operates, including the 
resources required to develop 
proposals and deliver 
expectations. 

. Key members of management 
team represented on 
programme board and project 
workstreams 
. Regular reporting to board on 
programme progress and 
potential implications for 
Authority 

. Monitor progress through 
board minutes 
. Update in annual report 


5 year strategic review 

A strategic review of the 
Authority is likely to take place in 
2008. The findings of the review 
could have a significant impact 
on the future operation of the 
Authority, including its 
responsibilities, operation, and 
boundaries. 
Although the timing of the 
review has still to be decided, 
there is a risk of insufficient 
resources being available to 
support the review. 

. Following agreement of scope 
and timing, a resource plan will 
be prepared to support the 
review 

. Monitor through management 
discussions 
. Update in annual report 


PAGE 10

Risk   /  Source of assurance /  Planned audit action 

National Park Plan 

Delivery of the priorities set out 
in the national park plan 
requires a coordinated approach 
involving a range of partners. 
There is a risk that the five year 
outcomes are not are not 
achieved as a result of poor 
communication and partnership 
working. 

.CNPA has responsibility for 
leading and coordinating 
delivery of the plan. Through 
this role, it will 
.Establish groups to deliver 
and report progress on 
actions 
.Set up advisory forums to 
communicate on 
implementation around 
plan themes 

.Annual report will be prepared 
on implementation of national 
park plan 
.Indicators developed around 
key themes for monitoring the 
state of the park 
.Regular reporting to board on 
NPP targets 

.Review delivery group and 
board minutes 
. Review performance as 
reported in CNPA annual 
report 
.Update in annual report 


Corporate plan 

A key goal of the corporate plan 
is the adoption of a local plan. 
The timescale for this has been 
deferred from spring 2007 to 
March 2008. Until this is 
adopted, there is a risk of 
inconsistency in development 
control decisions. 
Following the development of 
the national park plan, there is a 
risk that the current corporate 
objectives may not be consistent 
with those of the national park 
plan. 

.Regular reporting to board on 
corporate plan progress 
.Updated 3 year corporate plan 
currently in draft takes account 
of national park plan objectives 
.Corporate targets in updated 
plan will be linked to both 
national park plan and Scottish 
Government targets 

.Monitor adoption of local plan 
through minute review 
. Review updated corporate 
plan following publication 
.Update in annual report 


National Park Plan 

Delivery of the priorities set out 
in the national park plan 
requires a coordinated approach 
involving a range of partners. 
There is a risk that the five year 
outcomes are not are not 
achieved as a result of poor 
communication and partnership 
working. 

.CNPA has responsibility for 
leading and coordinating 
delivery of the plan. Through 
this role, it will 
.Establish groups to deliver 
and report progress on 
actions 
.Set up advisory forums to 
communicate on 
implementation around 
plan themes 

.Annual report will be prepared 
on implementation of national 
park plan 
. Indicators developed around 
key themes for monitoring the 
state of the park 
.Regular reporting to board on 
NPP targets 

.Review delivery group and 
board minutes 
. Review performance as 
reported in CNPA annual 
report 
.Update in annual report 


Corporate plan 

A key goal of the corporate plan 
is the adoption of a local plan. 
The timescale for this has been 
deferred from spring 2007 to 
March 2008. Until this is 
adopted, there is a risk of 
inconsistency in development 
control decisions. 
Following the development of 
the national park plan, there is a 
risk that the current corporate 
objectives may not be consistent 
with those of the national park 
plan. 

.Regular reporting to board on 
corporate plan progress 
.Updated 3 year corporate plan 
currently in draft takes account 
of national park plan objectives 
.Corporate targets in updated 
plan will be linked to both 
national park plan and Scottish 
Government targets 

.Monitor adoption of local plan 
through minute review 
. Review updated corporate 
plan following publication 
.Update in annual report 


PAGE 11

Governance and 
Internal Control 

International Financial 
Reporting Standards (IFRS) 

IFRS will apply to the financial 
year from 1 April 2008. The 
Authority needs to review its 
accounting policies to ensure 
they comply with IFRS and 
make appropriate disclosures in 
2008/09 financial statements. 
Prior year comparative 
information will also require 
restatement. 
Although the application of IFRS 
may not have a significant 
impact on the presentation of 
the Authority’s accounts there is 
a risk that the resource 
requirement for the exercise is 
underestimated. 

.Finance staff are undertaking 
research and receiving 
appropriate training 
. Liaison with Scottish 
Government 

. Review progress during 
interim audit 
.Review of IFRS 
.Update in annual report 


Financial Position 

The October 2007 outturn report 
forecast a deficit of Ł80,000 for 
the financial year. There is a risk 
that the Authority will not deliver 
to planned budget. 

.Regular monitoring of financial 
information at management 
level and finance committee 
level 
.Action plan for recovery of 
financial position within the 
financial year monitored 
regularly 

.Monitor through the year 
. Review during financial 
statements audit work 


Pay Remit 

The current pay remit approval 
process, including definitions of 
non-contentious pay areas could 
be considered too limiting, 
leading to inconsistencies in 
application across central 
government bodies, and 
difficulties in future negotiations 
on pay remits with the Scottish 
Government Pay Policy unit. 

.Collective pay remit report 
prepared and presented to 
NDPB chief executive forum 
.High level negotiations ongoing 
between Scottish Government 
and NDPB chief executives. 

.Monitor through board 
minutes and meetings with 
management 
.Update in annual report 


PAGE 12

Appendix B 

Financial statements audit timetable 

Key stage   /  Date 

Testing and review of internal control systems and transactions   February/March 2008 

Meetings with officers to clarify expectations of detailed working papers 
and financial system reports February 2008 

Latest submission of unaudited financial statements with working papers 
package 6 June 2008 

Progress meetings with lead officers on emerging issues 
As required during audit process 

Latest date for submission of management letter on financial statements 
audit 4 July 2008 

Latest date for final clearance meeting with Head of Corporate Resources 11 July 2008 

Report to the audit committee on the audit of financial statements (ISA 
260) 15 July 2008 

Accountable Officer to sign accounts 28 July 2008 

Independent Auditors Report signed 29 July 2008 

Annual Report to the Accountable Officer 28 August 2008 


PAGE 13

Appendix C 

Audit team 

A summarised curriculum vitae for each core team member is set out below: 

Stephen O’Hagan, CPFA 
Senior Audit Manager 

Stephen has over 11 years experience of public sector audit with Audit Scotland, covering local 
government, health and the education sector. Prior to this, Stephen worked in local government finance for 
5 years. 


Alison Macdonald, ACCA 
Auditor 

Alison joined Audit Scotland in 2007 and has experience of audit in local government, health and central 
government sectors. Prior to joining us Alison worked in the public sector as an accountant. 


PAGE 14

Appendix D 

Reliance on internal audit 

Auditing standards require internal and external auditors to work closely together to make optimal use of 
available audit resources. We seek to rely on the work of internal audit wherever possible and as part of 
our planning process we carry out an early assessment of the internal audit function. Our review of the 
internal audit service concluded that the internal audit operates in accordance with government internal 
audit standards. We therefore plan to place reliance on the work of internal audit in the following areas: 

.. Budgetary control 
.. Corporate governance 
.. Procurement 
.. Efficient government 



PAGE 15

Appendix E 


Independence and Objectivity 

Auditors appointed by the Auditor General for Scotland are required to comply with the Code of Audit 
Practice and standing guidance for auditors, which defines the terms of appointment. When auditing the 
financial statements auditors are also required to comply with the auditing and ethical standards issued by 
the Auditing Practices Board (APB). The main requirements of the Code of Audit Practice, standing 
guidance for auditors and the standards are summarised below. 

International Standards on Auditing (UK and Ireland) 260 (Communication of audit matters to those 
charged with governance) requires that the appointed auditor: 

. discloses in writing all relationships that may bear on the auditor’s objectivity and independence, 
the related safeguards put in place to protect against these threats and the total amount of the 
fee that the auditor has charged the client 

. confirms in writing that the APB’s ethical standards are complied with and that, in the auditor’s 
professional judgement, they are independent and their objectivity is not compromised. 

The standard defines ‘those charged with governance’ as ‘those persons entrusted with the supervision, 
control and direction of an entity’. In your case, the appropriate addressee of communications from the 
auditor to those charged with governance is the audit committee. The auditor reserves the right to 
communicate directly with members on matters which are considered to be of sufficient importance. 

Audit Scotland’s Code of Audit Practice has an overriding general requirement that appointed auditors 
carry out their work independently and objectively, and ensure they do not act in any way that might give 
rise to, or could reasonably be perceived to give rise to, a conflict of interest. Appointed auditors and their 
staff should avoid entering in to any official, professional or personal relationships which may impair their 
independence, or might lead to a reasonable perception that their independence could be impaired. 

The standing guidance for auditors includes a number of specific requirements. The key requirements 
relevant to this audit appointment are as follows: 

. during the currency of an appointment, auditors should not perform non-audit work for an audited 
body, consultancy or otherwise, without the prior approval of Audit Scotland 

.. the appointed auditor and key staff should, in all but exceptional circumstances, be changed at 
least once every five years in line with Audit Scotland’s rotation policy 

. the appointed auditor and audit team are required to carry out their duties in a politically neutral 
way, and should not engage in high profile public party political activity 

. the appointed auditor and audit team must abide by Audit Scotland’s policy on gifts and 
hospitality, as set out in the Audit Scotland Staff Code of Conduct.