WARNING - By their nature, text files cannot include scanned images and tables. 
The process of converting documents to text only, can cause formatting changes and 
misinterpretation of the contents can sometimes result. Wherever possible you 
should refer to the pdf version of this document.


CAIRNGORMS NATIONAL PARK AUTHORITY 
Board Paper 3 20/03/08 

CAIRNGORMS NATIONAL PARK AUTHORITY 


FOR INFORMATION 


Title: AUDIT COMMITTEE DRAFT ANNUAL REPORT 

Prepared by: David Cameron, Head of Corporate Services 

Purpose 

To present a draft Audit Committee Annual Report to members for approval, prior to its 
submission to the Board. 

Recommendation 

The Committee is requested to consider the draft annual report to the Board, set out in the 
paper and to: 

a) Agree any amendments required. 

b) Approve the submission of the report to the Board, subject to incorporation of any 
amendments agreed. 

Executive Summary 

The Audit Committee is required to report annually to the Board on its activities. The paper 
presented here sets out a draft of the third such annual report, covering the Committee’s 
activities from January to December 2007. 

It is intended that the agreed report will be presented as a paper to the Board at its meeting 
in March 2008, following the Committee’s consideration of the draft report and 
incorporation of any agreed changes. 



AUDIT COMMITTEE ANNUAL REPORT – FOR INFORMATION 

Background 

1. The Audit Committee is required to report annually to the full Board on its activities 
over the year, and on the reports presented to the Committee by the Authority’s 
internal and external auditors. 

2. The previous Audit Committee Annual Report was submitted to the Board on 23 
February 2007, covering the period from September 2005 to December 2006. This third 
Annual Report is presented on behalf of the Audit Committee to cover the period of its 
operations from January to December 2007. 

Overview 

3. The period of this Annual Report covers consideration of final accounts for 2006/07, 
together with associated reports from Audit Scotland, the Authority’s external 
auditors. The Committee has also continued to review the work of Deloitte, the 
Authority’s internal auditors, and consider reports issued by them. 

4. The Committee met three times in 2007. A fourth meeting, scheduled for 14 
December, was postponed to originally to February and then to March 2008 to allow 
for additional time for Planning Committee’s consideration of planning 
determinations. 

5. In addition to management reports from the Authority’s Internal and External 
Auditors, considered in further detail below, the Committee considered the following 
issues during the course of the year: 

a) Risk management: the Audit Committee undertakes a regular review and update 
of the Authority’s strategic risk register and associated actions, embedding a 
strategic level overview of risk management within the organisation. 

b) Organisational Greening Policy: the Committee has continued to review 
implementation of the Authority’s greening policy, approved by the Board in 
March 2006, and has facilitated development of a Board / officer Climate Change 
Group to review and discuss current and potential activity in this aspect of the 
Authority’s operations in more detail. 

c) “Balanced Scorecard” organisational monitoring: the Committee continues to 
monitor the Authority’s performance on governance and risk management as 
highlighted by measures incorporated in the balanced scorecard. 

d) Best Value: the Committee considered in detail the Authority’s Best Value self-
assessment, conducted using the Scottish Government self-assessment toolkit, 
and agreed a forward action plan through which the organisation aims to secure 
continuous improvement in service provision in keeping with the Scottish 
Government’s Best Value ethos. 

e) Best Value Reviews: actions focusing on service improvement arising from best 
value reviews of specific areas have been presented to Committee. 

f) Statement of Internal Control: review and approval of this statement, prior to its 
inclusion in the annual accounts and prior to signature by the Accountable 
Officer. 

g) Updates on progress in implementing previous audit recommendations: officers 
have presented regular progress updates on the implementation of audit 
recommendations. These officer reports have been highlighted by internal 
auditors as establishing best practice. 

h) Internal Audit Contract: the Committee approved an extension of the existing 
internal audit contract for a maximum of 2 years, in part to allow officers time to 
consider efficient government / joint working opportunities in securing future 
internal audit services. 

Internal Audit 

6. The Committee agree an annual internal audit work programme presented by Deloitte 
& Touche LLP. 

7. Over the course of 2007, Deloitte have presented three management reports to the 
Committee. Their findings and consequent recommendations for action are graded 
according to the internal auditors’ assessment of the significance of the underlying 
weakness to the effective management of the organisation. Table One presents a 
summary of the internal audit findings over the course of the year. 

Table One: Summary of Internal Audit Findings 

Internal Audit Study  /  Number of Recommendations 
Priority 1 Priority 2 Priority 3 

Human Resources System 
-
1
2 

Financial Controls (see para. 9)
 -
-
-

Health and Safety 
1 
5 
1 

8. The number of internal audit reports presented in the year is fewer than previous 
years as a result of the postponement of the December meeting. A further three 
reports are due to be presented to the Committee’s meeting in March 2008. 

9. The internal auditor’s financial controls report summarised the outcome of a wide 
ranging self-assessment of the Authority’s financial and governance controls. The self-
assessment was undertaken by Corporate Services Officers using a standard 
assessment tool supplied by Deloitte and with the results reviewed by Deloitte prior to 
reporting to Committee. There were no specific findings or recommendations arising 
from this review, but it has formed the basis of undertaking a risk-based review for 
future financial control internal audits. The outcome of two audits flowing from this, 
together with specific actions and recommendations, are to be reported to the 
Committee in March 2008. 

10. Only a single priority 1 recommendation has arisen from internal audit activity over 
the course of 2007. Priority one recommendations reflect findings which the internal 
auditors consider to be major issues which need to be brought to the attention of 
senior management and the Audit Committee. This finding reflected that, while 
action had been taken to address findings of an independent consultant’s fire risk 
assessment on the Authority’s office premises, no formal record of action taken or 
subsequent revised risk assessment was in place. Therefore, there was no adequate 
audit trail of action addressing health and safety issues and the Authority’s internal 
health and safety records were incomplete. These issues have been addressed by 
Corporate Services officers and a follow-up undertaken by Deloitte. 

11. In practice, the Committee is aware of all recommendations made by the internal 
auditors, through consideration of full management reports following each audit 
review. 

12. The Committee has agreed management responses to all recommendations made and 
will monitor progress made. The internal auditors will also conduct follow-up reports 
and report back to the Committee on their findings. 

13. All scheduled internal audit work for 2007 was undertaken, with the exception of a 
study on the Authority’s approach to efficient government. This was deferred 
pending completion of work on the Authority’s Best Value self-assessment and action 
plan. 

14. The remainder of the internal audit programme, including revision of the strategic risk 
register, will be delivered in the early part of 2008. 

15. The Internal Auditors’ Annual Report for 2006/07 was presented to the Committee at 
its meeting in August 2007. Their report concludes: “on the basis of work undertaken 
in the year ended 31 March 2007, we consider that Cairngorms National Park 
Authority generally has an adequate framework of control over the systems we 
examined. 

External Audit 

16. The Authority’s accounts for 2006/07 received a clear, unqualified external auditor’s 
report and opinion from Audit Scotland, our external auditors. 

17. The accounts and external auditor’s report for 2006/07 were signed on 29 August 2007, 
some 2 months earlier than the 2005/06 accounts. Corporate Services and 
Communications staff worked jointly to ensure that the publication and distribution of 
the Annual Report and Accounts was also completed around 2 months earlier than in 
previous years. 

18. The Audit Committee will considered Audit Scotland’s Management Report on the 
2006/07 accounts at its meeting in March 2008. There are no points for action raised in 
the report, compared with 3 issues raised in each of the previous 2 years’ reports. 

Conclusions 

19. The Audit Committee considers that it has been successful in progressing the Board’s 
governance and internal control priorities during the period to December 2007. It is 
regrettable that business had to be delayed due to a meeting having to be cancelled 
twice due to pressing issues within the Planning Committee. The Committee has also 
been concerned that holding meetings prior to the Planning Committee was a time 
constraint on its effective consideration of Audit business. The Audit Committee has 
requested staff to review the scheduling of Audit Committee meetings to address 
these issues. As a result, scheduled meetings for 2008 are now timetabled for days 
which are not existing Planning Committee or Board meeting dates. 

20. There has been an engagement through the year with issues identified by the 
Authority’s internal and external auditors, and also by the Authority’s officers. The 
Committee has received full reports on issues raised; considered recommendations 
made; and approved responses and actions. 

21. Both the internal auditors’ finding of adequate levels of internal controls within the 
Authority, and the external auditors’ unqualified audit certificate provide assurance to 
the Committee and Board that the Authority’s internal control and governance 
objectives are being met by management. 

22. In particular, reports over the course of the year have indicated that our practice of 
reviewing the status of action on outstanding audit recommendations continues to set 
best practice in this aspect of the Committee’s work on internal controls. It is also 
reassuring to see that officers and external auditors are working together to accelerate 
the year-end closure process and, through doing so, allow more timely publication of 
the Authority’s Annual Report and Accounts. 

23. The Committee will continue to address key, basic issues of internal control and the 
development of appropriate processes within the Authority. 

24. The Committee also plans over the course of the coming years to continue to consider 
means by which it can broaden its activities to review how well the Authority delivers 
its overall corporate and operational plan objectives. 

25. The Committee will also continue to facilitate the work on climate change started in 
2007, providing a forum for officers and Board members to identify opportunities to 
address climate change issues in the National Park and to guide the Authority’s work 
in tackling these issues. 

DAVID CAMERON 
February 2008 

davidcameron@cairngorms.co.uk