WARNING - By their nature, text files cannot include scanned images and tables. The process of converting documents to text only, can cause formatting changes and misinterpretation of the contents can sometimes result. Wherever possible you should refer to the pdf version of this document. CAIRNGORMS NATIONAL PARK AUTHORITY Audit Committee Meeting 26 August 2005 Paper 3 Cairngorms National Park Authority Internal Audit Annual Report August 2005 This report and the work connected therewith is subject to the Terms & Conditions of the contract between Cairngorms National Park Authority and Deloitte & Touche LLP. This report is for the sole use of management and should not be released to any third party, unless required by law. Contents Introduction Page 1 Results of Work Undertaken Page 2 Annual Statement to the Audit Committee Page 3 Statement of Responsibility Page 4 Introduction As Internal Auditors, our role is to provide the Audit Committee, Board and Management with independent assurance as to the adequacy and effectiveness of the systems of internal control we review and to report weaknesses identified together with recommendations for improvement. We fulfil this role by performing appropriate audit work in accordance with the annual internal audit plan approved by the Audit Committee. This annual report summarises the overall results of our internal audit work programme undertaken in respect of the financial year ended 31 March 2005. We have presented our Annual Internal Audit Statement on page 3. In terms of overall progress we can confirm that all fieldwork has been completed in accordance with the agreed audit programme, with the exception of our review of Project Management which was deferred until August 2005. A summary of the results of each of our projects during the year is outlined below. Table: Number of Issues by Priority (not available in full text format) Two reviews remained outstanding at the end of the financial year, and related to the areas of project management and financial procedures and policies. Our review of financial procedures was deferred as the Authority was still in the process of producing detailed procedures during 2004/05. We see this as a key area for completion within the Authority and will seek to gain assurance over this system in 2005/06. The review of project management was deferred to August 2005 due to excessive workload of Authority staff towards the end of the financial year. The scope for this work has been agreed and the results of the work will be reported at the next Audit Committee meeting. We are unable to confirm the results of our work at this time. Priority One Recommendations A summary of the priority one recommendations raised in 2004/05 is provided below. Our definition of a category one recommendation is: “A major issue that we consider needs to be brought to the attention of senior management and the Audit Committee.” In 2004/05, we raised 2 priority one recommendations, both in relation to our review of fixed assets. Firstly, no financial procedures were available for the management and accounting of fixed assets. Our second priority one recommendation identified significant weaknesses in the details recorded within the register. There was no breakdown of the specific assets and as a result individual values, descriptions and locations were not recorded on the register. The lack of detail in the fixed asset register could obstruct recognition of asset disposal and the gain / loss recognised in each asset. Several old computers held by the IT officer were due to be disposed of but could not be traced to the register. Follow-up As this is the first year of internal audit input to Cairngorms National Park Authority, no follow-up work was necessary in 2004/05. From 2005/06, the follow up of prior year recommendations is essential in the Audit Committee gaining assurance on the robustness of internal controls within the Authority. ANNUAL STATEMENT TO THE AUDIT COMMITTEE Report to the Audit Committee As Internal Auditors, we are required to provide the Audit Committee with an Annual Internal Audit statement. The Cairngorms National Park Authority and its management are responsible for ensuring that a system of control, financial and otherwise, is established and maintained. This is in order to carry on the operations of the Authority in an orderly and efficient manner, to ensure adherence to management policies, to safeguard the assets, and to secure, as far as possible, the completeness and accuracy of records. Our responsibility as internal auditors is to evaluate significant systems and processes and associated internal controls and to report to the Audit Committee on the adequacy of such controls and systems. We cannot examine the whole system of controls, financial or otherwise, nor is internal audit a substitute for management’s responsibility to maintain adequate systems of internal control over financial or operational systems. The number and priority of the recommendations that we raised during the year are summarised on page 3. In considering our opinion on the framework of controls we have taken the following into consideration: • all audits undertaken during the year • the balance of probity work against review of management arrangements and value for money work • our perception of the extent of ‘control awareness’ amongst staff. On the basis of work undertaken in the year ended 31 March 2005 we consider that Cairngorms National Park Authority generally has an adequate framework of control over the systems we examined as summarised on page 2 (subject to implementation of the recommendations). In providing such an opinion we would draw to your attention our summary findings as presented in our individual reports issued throughout the year, particularly the high priority recommendations summarised on 3 and the fact that the Authority does not have a full suite of formal financial policies or procedures in place. We take responsibility for this report, which has been prepared on the basis of the limitations set out on page 4. STATEMENT OF RESPONSIBILITY We take responsibility for this report, which is prepared on the basis of the limitations set out below. Deloitte & Touche LLP Inverness August 2005 This report and the work connected therewith are subject to the Terms and Conditions of the engagement letter dated15/07/04 between the Cairngorms National Park Authority and Deloitte & Touche LLP. The report is produced solely for the use of the Cairngorms National Park Authority. Its contents should not be quoted or referred to in whole or in part without our prior written consent, except as required by law. The matters contained in the report are only those which came to our attention during our internal audit work and are not necessarily a comprehensive record of all the errors or weaknesses that exist, or improvements made by management. Deloitte & Touche LLP will accept no responsibility to any third party, as the report has not been prepared, and is not intended for any other purpose. Deloitte & Touche LLP is a limited liability partnership registered in England and Wales with registered number OC303675. A list of members’ names is available for inspection at Stonecutter Court, 1 Stonecutter Street, London, EC4A 4TR, United Kingdom, the firm’s principal place of business and registered office. Tel: +44 (0) 20 7936 3000 Fax: (0) 20 7853 1198 Deloitte & Touche LLP is a member firm of Deloitte Touche Tohmatsu. Deloitte Touche Tohmatsu is a Swiss Verein (association), and, as such, neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other’s acts or omissions. Each member firm is a separate and independent legal entity operating under the names “Deloitte”, “Deloitte & Touche”, “Deloitte Touche Tohmatsu”, or other, related names. The services described herein are provided by the member firms and not by the Deloitte Touche Tohmatsu Verein. Deloitte & Touche LLP is authorised and regulated by the Financial Services Authority. © 2005 Deloitte & Touche LLP. All rights reserved.