WARNING: By their nature, text files cannot include scanned iamges and tables. The process of converting documents to text only, can cause formatting changes and misinterpretation of the contents can sometimes result. Wherever possible you should refer to the original PDF version of this document. Cairngorms National Park Authority Annual Audit Plan 2009/10 November 2009 Contents Summary plan 1 Summary of planned audit activity 1 Introduction 1 Our responsibilities 1 Our approach 2 Responsibility for the preparation of accounts 3 Format of the accounts 4 International Financial Reporting Standards (IFRS) 4 Audit issues and risks 4 Materiality 6 Reporting arrangements 6 Quality control 8 Fees and resources 8 Independence and objectivity 9 Appendix A - Summary assurance plan 10 Appendix B - Financial statements audit timetable 13 Appendix C - Audit team 14 Appendix D - Reliance on internal audit 15 Appendix E - Independence and objectivity 16 Summary plan 1 Summary of planned audit activity Based on our analysis of the risks facing Cairngorms National Park Authority, our planned work in 2009/10 includes: * an audit of the financial statements and provision of an opinion on whether: − they give a true and fair view of the state of affairs of Cairngorms National Park Authority the income and expenditure for the year were incurred or applied in accordance with applicable enactments and guidance issued by Scottish Ministers − the accounts have been properly prepared in accordance with the National Parks (Scotland) Act 2000 and directions made by Scottish Ministers * a review and assessment of Cairngorms National Park Authority’s governance and performance arrangements in a number of key areas including a review of the adequacy of internal audit work * review of 2008/09 shadow accounts, based on IFRS. Introduction 1. Our audit is focused on the identification and assessment of the key challenges and risks to Cairngorms National Park Authority (CNPA) in achieving its business objectives. We also assess the risk of material misstatement or irregularity in CNPA’s financial statements. This report summarises the key challenges and risks facing CNPA and sets out the audit work that we propose to undertake in 2009/10. Our plan reflects: * the risks and priorities facing CNPA * current national risks relevant to local circumstances * the impact of changing international auditing and accounting standards * our responsibilities under the Code of Audit Practice as approved by the Auditor General for Scotland * issues brought forward from previous audit reports. Our responsibilities 2. Our responsibilities, as independent auditor, are established by the Public Finance and Accountability (Scotland) Act 2000 and the Code of Audit Practice approved by the Auditor General for Scotland, and guided by the auditing profession’s ethical guidance. 3. Audit in the public sector goes beyond simply providing assurance on the financial statements and the organisation’s internal control environment. We are also required to provide a view on performance, regularity and the organisation’s use of resources. In doing this, we aim to support improvement and accountability. 4. In carrying out our audit, we seek to gain assurance that CNPA: * has good corporate governance arrangements in place which reflect the three fundamental principles of openness, integrity and accountability * has systems of recording and processing transactions which provides a sound basis for the preparation of financial statements and the effective management of its assets and interests * prepares financial statements which are true and fair and in accordance with the National Parks (Scotland) Act 2000, the Financial Reporting Manual (FReM) and directions from Scottish Ministers * has systems of internal control which provide an adequate means of preventing or detecting material misstatement, error, fraud or corruption * complies with established policies, procedures, laws and regulations * has made proper arrangements for securing best value in its use of resources. Our approach 5. Our audit approach is based on an understanding of the characteristics, responsibilities and principal activities, risks and governance arrangements of CNPA, and identification of the key audit risks and challenges in the central government sector generally. This approach includes: * understanding the business of CNPA and the risk exposure which could impact on the financial statements * assessing the key systems of internal control, and considering how risks in these systems could impact on the financial statements * identifying major transaction streams, balances and areas of estimation, understanding how CNPA will include these in the financial statements and developing procedures to audit these * assessing the risk of material misstatement in the financial statements, in conjunction with our evaluation of inherent risk, the control environment and control risk as part of our risk assessment * determining the nature, timing and extent of our testing programme to provide us with sufficient appropriate audit evidence as to whether the financial statements are free of material misstatement. 6. Through this approach we have also considered and documented the sources of assurance which will make best use of our resources and allow us to focus testing on higher risk areas during the audit of the financial statements. The main areas of assurance for the audit come from planned management action and reliance on systems of internal control. Management action being relied on for 2009/10 includes: * comprehensive closedown procedures for the financial statements accompanied by a timetable issued to all relevant staff * clear responsibilities for provision of accounts and working papers being agreed * delivery of unaudited accounts to agreed timescales with a comprehensive working papers package * completion of the internal audit programme for 2009/10. 7. Auditing standards require internal and external auditors to work closely together to make optimal use of available audit resources. We seek to rely on the work of internal audit wherever possible and, as part of our planning process we carry out an early assessment of the internal audit function. Internal audit is provided by Deloitte & Touche LLP. Based on our review of internal audit we plan to place formal reliance on the areas of work set out in Appendix D. 8. At the completion of the audit we will provide the Chief Executive with an annual report on the audit containing observations and recommendations on significant matters which have arisen in the course of the audit. Responsibility for the preparation of accounts 9. It is the responsibility of CNPA and the Accountable Officer (appointed by Scottish Ministers), to prepare the financial statements in accordance with the National Parks (Scotland) Act 2000 and directions signed by Scottish Ministers. This means: * acting within the law and ensuring the regularity of transactions by putting in place systems of internal control to ensure that financial transactions are in accordance with the appropriate authority * maintaining proper accounting records * preparing financial statements timeously which give a true and fair view of the financial position of CNPA as at 31 March 2010 and its expenditure and income for the year then ended * preparing an annual report, including management commentary and remuneration report. Format of the accounts 10. The financial statements should be prepared in accordance with the FReM and Directions signed by Scottish Ministers. The FReM sets out the principles applicable to the accounting and disclosure requirements for the annual report and accounts which bodies covered by resource accounting are required to prepare annually. International Financial Reporting Standards (IFRS) 11. As part of the UK Budget 2007, the Chancellor announced that the timetable for IFRS implementation was to be extended by a year. This means central government and health accounts in Scotland have to become IFRS compliant with effect from the 2009/10 financial year. The Scottish Government announced on 25 April 2008 that all Scottish Government Departments, Executive Agencies, Health Bodies and Non-Departmental Public Bodies will be required to produce shadow IFRS based accounts for financial year 2008/09. 12. Our role, as part of the 2009/10 audit activity, is to carry out a review of shadow accounts as at 31 March 2009. As part of this review we will: * review and report on progress on arrangements the organisation has made to manage the transition, including training and timetable * provide commentary on proposed changes to accounting polices * review proposed accounting entries and the restated shadow accounts. Audit issues and risks 13. Based on our discussions with staff, consideration of your own risk management arrangements and a review of supporting information, we identified the main risk areas for your organisation: * performance management * governance and internal control * financial management * partnership working. 14. Within these identified risk areas there is a range of more specific risks and these are summarised at Appendix A. In most cases, actions to manage these risks are either planned or already underway within the organisation. Details of the sources of assurance that we have received for each of these risks and any audit work we plan to undertake is also set out in Appendix A. In the period prior to the submission of the unaudited financial statements, we will liaise with senior officers on any new or emerging issues. Efficiency and Budgets 15. Public sector budgets in the immediate future will need to be managed within a tighter funding regime. Public bodies will need to deliver significant savings in order to achieve financial balance. There will be significant challenges for public bodies to prioritise spending, identify efficiencies and review commitments to ensure delivery of key targets and objectives, and manage financial pressures. As part of our audit we will examine the prioritising of spending, the identification of efficiencies and future commitments and the delivery of key targets and objectives. We will again focus on the robustness of reported efficiency gains and the impact on service quality in the light of the commitment for 2% savings during the year. Best value 16. Audit Scotland is continuing to develop its approach to the audit of best value and continuous improvement in the wider public sector, including central government bodies. Best value (BV) duties apply across the public sector. In central government, all Accountable Officers - chief executives of non-departmental bodies (NDPBs), executive agencies, public corporations and non-ministerial departments (NMDS) - are accountable for the delivery of BV. Audit Scotland has adopted a generic framework for BV for all public bodies. This will enable a consistent approach to auditing against BV principles across the public sector. 17. In support of this Audit Scotland has developed a priorities and risks framework (PRF) which is a tool for auditors to use when planning the risk-based audits of public sector bodies in Scotland. It helps to ensure that audit work is properly focused and takes account of a common set of priorities based on Best Value areas and associated risks across the public sector. Separate PRFs are prepared for the National Health Service and local government. 18. The PRF for central government audits is intended to provide a common framework for the delivery of high quality public sector audit across the public sector, and is one element of an audit approach which has been designed to meet the requirements of the Code of Audit Practice and International Standards on Auditing. These standards require auditors to understand their client’s business and its environment. Our understanding of the business will be informed by the PRF, along with work undertaken to identify issues and risks which are unique to the local situation. 19. We have used the PRF for central government to inform our risk analysis and planning for the audit of CNPA. Performance audit 20. In addition to the above work, Audit Scotland’s Public Reporting Group undertake a programme of studies on behalf of the Auditor General and Accounts Commission. The group is currently undertaking an evaluation of the performance of the Scottish public sector in promoting and improving the environment. This review is due for publication in January 2010. 21. In addition a study has commenced on the role of boards across Scottish public bodies. This study aims to clarify boards' roles and responsibilities and assess whether boards have the skills and experience they need to function effectively. It will also assess whether boards operate with openness and integrity, and how effectively they provide leadership, accountability and decision-making. The first stage of the review involves data gathering and interviews across all bodies covered by the study. The second stage examines in more detail the operation and effectiveness of the boards in a sample of the bodies, including CNPA. This report is due for publication in April 2010. Materiality 22. We consider materiality and its relationship with audit risk when planning the nature, timing and extent of our audit and conducting our audit programme. Specifically with regard to the financial statements, we assess the materiality of uncorrected misstatements, both individually and collectively. 23. International Standard on Auditing 320 states that, “information is material if its omission or misstatement could influence the economic decisions of users taken on the basis of the financial statements. Materiality depends on the size of item or error judged in the particular circumstances of its omissions or misstatement. Thus, materiality provides a threshold or cut-off point rather than being a primary qualitative characteristic which information must have if it is to be useful.” 24. When considering, in the context of a possible qualification, whether the misstatement of an item, or a number of items taken together, is material in terms of its monetary value, we use professional judgement, experience and internal guidelines from peers as broad guidance in regard to considering whether the results of tests of detail are material. 25. An item may be judged material for reasons other than its monetary or quantitative value. An inaccuracy, which would not normally be regarded as material by amount, may be important for other reasons. When such an item affects a critical point in the accounts, its materiality has to be viewed in a narrower context (for example the failure to achieve a statutory requirement, an item contrary to law, or areas affected by central government control). Again we use professional judgement, experience and internal guidelines from peers to determine when such matters would fall to be covered in an explanatory paragraph, rather than as a qualification to the audit opinion. Reporting arrangements 26. Under the Public Finance and Accountability (Scotland) 2000 Act, there is a requirement for the Resource account of the Scottish Government to be presented to Parliament within nine months of the financial year-end i.e. 31 December. CNPA is required to have their audited financial statements submitted to meet the consolidation timetable. 27. As the accounts have to be signed by the relevant officers and by the appointed auditor, Stephen O’Hagan – Senior Audit Manager, prior to submission, it is critical that a timetable is agreed with us for the production of the unaudited accounts. An agreed timetable is included at Appendix B of this plan, which takes account of submission requirements, planned audit committee dates and audit resources. 28. Matters arising from our audit will be reported on a timely basis and will include agreed action plans. Draft management reports will be issued to the Head of Corporate Services Group and relevant manager to confirm factual accuracy. Responses to draft reports are expected within four weeks of submission. 29. A copy of all final agreed reports will be sent to the Chief Executive, Head of Corporate Services Group, relevant manager, Internal Audit and Audit Scotland’s Public Reporting Group. 30. We will provide an independent auditor’s report to CNPA and the Auditor General that the audit of the financial statements has been completed in accordance with applicable statutory requirements, including an opinion on those financial statements. An annual report to CNPA will also be produced to summarise all significant matters arising from the audit and overall conclusions about CNPA’s management of key risks. 31. All annual reports produced by Audit Scotland are published on our website: (www.auditscotland.gov.uk). 32. The full range of outputs to be delivered by the audit team are summarised below: Planned outputs Target delivery date Governance Internal audit reliance 30 January 2010 Internal controls management letter 30 March 2010 Financial statements management letter 31 May 2010 Report to Audit Committee in terms of ISA 260 (Communication of audit matters to those charged with governance) 25 June 2010 Independent auditor’s report on the financial statements 25 June 2010 Annual report to the Accountable Officer and the Auditor General for Scotland/Members and the Controller of Audit 31 July 2010 Quality control 33. We are committed to ensuring that our audit reflects best practice and demonstrates best value to CNPA and the Auditor General for Scotland. We operate a strong quality control framework that seeks to ensure that your organisation receives a high quality service. The framework is embedded in our organisational structures and processes and includes an engagement lead for every client; in your case this is, Lorna Meahan, who is responsible for ensuring that our work is carried out on time and to a high quality standard. 34. As part of our commitment to quality and continuous improvement, we may periodically seek your views. We would be grateful for any feedback on our services. Fees and resources 35. Our fee for the 2009/10 audit of CNPA is £11,400 comprising a local audit fee of £10,200 and a fixed charge of £1,200. Our fee covers: * all of the work and outputs described in this plan * a contribution towards the costs of national performance studies and statutory reports by the Auditor General * attendance at the Audit Committee * access to advice and information on relevant audit issues * access to workshops/seminars on topical issues * travel and subsistence costs. 36. In determining the agreed fee we have taken account of the risk exposure of CNPA, the management assurances in place, and the level of reliance we plan to take from the work of internal audit. We have assumed receipt of the draft accounts and working papers by 7 May 2010. If the draft accounts and papers are late, agreed management assurances are unavailable, or planned internal audit reliance is not achieved, we reserve the right to charge an additional fee for further audit work. 37. An additional fee will be required in relation to any work or other significant exercises not within our planned audit activity. An additional fee will also be charged for work on any grant claims or returns not included in the planned outputs noted previously. 38. Stephen O’Hagan, Senior Audit Manager, is your appointed auditor. The local audit team will be led by Maria Patersion who will be responsible for the day to day management of the audit and who will be your primary contact. Details of the experience/skills of our team are provided at Appendix C. The core audit team will call on other specialist and support staff, as necessary. Independence and objectivity 39. Auditing and ethical standards require the appointed auditor to communicate any relationships that may affect the independence and objectivity of audit staff. We are not aware of any such relationships within the audit team. 40. We comply with ethical standards issued by the Auditing Practices Board and with Audit Scotland’s requirements in respect of independence and objectivity, as summarised at Appendix E. November 2009 Appendix A - Summary assurance plan In this section we identify a range of operational risks facing CNPA, the related source of assurance received and the audit work we propose to undertake to secure additional assurance. The management of risk is the responsibility of CNPA and its officers, with the auditor’s role being to review the arrangements put in place by management. Planned audit work, therefore, will notnecessarily address all residual risks. NOTE: The section below is made up of tables which cannot be converted to text. Please see original PDF for reference. Risk Source of assurance Planned audit action Performance Management SEARS Phase 2 of SEARS focused on reducing bureaucracy and the number of land manager visits through better co-ordination by partners, along with work on information and data sharing principles. Going forward, the partnership is examining the creation of rural hubs, as well as joint training delivery for bodies. To date the implications for the Park Authority, including resourcing of the project, have been manageable, however, there is a risk that future SEARS work could have an impact on the way the Park Authority operates. * Close liaison with SEARS * Representation on the Strategic Reference Group and Programme Board * Members of project Boards for frontline delivery and education and communication projects * Monitor updates through relevant board papers and minutes. * Comment in Annual Report Co-location of Bodies The accommodation review was completed and an option appraisal and business needs analysis has been passed to the estates department of the Scottish Government. * The response to the review from the sponsor department has not yet been received. This is expected in the current financial year, and will be reviewed by the board on receipt. * Review of committee papers and minutes. Risk Source of assurance Planned audit action Governance and Internal Control Business Planning The Local Plan which was finalised in Spring 2007 has since been subject to a Local Plan enquiry. Without the implementation of a Local Plan the Corporate Plan 08-11 cannot be achieved and the slippage of non delivery of the Local Plan may also impact on the delivery of the NPP The Inquiry took place between May and June and was conducted by two Scottish Government reporters. The reporters delivered their report in December 2009, and the findings of this will be considered formally by the Park Authority in Spring 2010. Review of Board minutes. Review of the formal report and the resulting Local Plan Board Restructuring Scottish Ministers have confirmed their intention to reduce the number of board members to 19, as recommended in the National Parks Review. In addition a short life National Park Strategy Group will be set up in 2010 which will contain 12 members. This group will be chaired by the Minister for Environment and operate at a strategic rather than operational level. The Park Authority will need to take account of the impact these changes will have on its governance arrangements, as well as potential succession planning and training needs for members. * Management strategy days will consider these aspects to ensure they are appropriately addressed. * Review and refresh governance arrangements in light of new Board arrangements coming into place * Explore representation required to make Designation order changes, to support delegation of planning decisions to a smaller group. * Series of board induction events planned for new board in late summer. * Review of the outcomes from the management strategy day. * Review of updated documentation and relevant committee minutes. Financial Management Review of Financial Statements - Efficiency Current pressures in funding at national levels could impact significantly on future funding stream to The Park Authority. The ability to deliver the Corporate Plan 08-11 and National Park Plan may be affected by the tightening of budgets. * Budget monitoring and a new budget management tool will be in place which assumes a 15% reduction in funding will be utilised. * A management strategy day is planned and will consider budgetary aspects. * The efficiency plan for 2009/10 agreed with sponsor department * Regular reporting to Finance Committee and Board on progress of Efficiency savings * Regular reporting of progress on the Corporate Plan and National Park Plan to Board * Regular review of reports to the Finance Committee showing the projected year end outturn. * Monitor reporting to Finance Committee and Board on the efficiency savings progress * Monitor reporting to Board on progress against Corporate Plan and National Park Plan Risk Source of assurance Planned audit action Review of Financial Statements The IFRS accounts are not prepared in accordance with guidelines. * Regular reporting to the Finance Committee noting any IFRS issues. *Liaison with Scottish Government * Submission of shadow accounts by the required deadline *Liaison with auditors including shadow account findings. * Review of shadow accounts for 2008/09. Information management The nature and size of the organisation does not allow it to demonstrate cost effectiveness in the delivery of the IT service. * Plans are in place to share the infrastructure of SNH with a target of November for the transfer of the server. * Currently looking at appropriate Quality Assurance processes in this area. * Review of the outcome of the Quality Assurance Framework review * ICT auditor review of arrangements Partnership Working National park plan Successful delivery against the National Park Plan will require the Park Authority to ensure that the key partners remain committed to delivering the plan. These include other NDPBs and the local authorities which fall within the Park’s boundaries. * The Cairngorms National Park Plan brings together all those involved in the managing of the Park to set out a long-term vision; a framework for management and priorities for action. It sets out how all sectors in the Park can work together to collectively achieve its four aims and to create a world class National Park. * The Plan has been developed and will be implemented through a wide range of partners and stakeholders. It identifies seven Priorities for Action which are to be delivered between 2007 and 2012 and which focus on the Park’s most pressing issues and challenges. * Review of board minutes * Comment in Annual Report Joint working with Loch Lomond The Park Authority continues to develop joint working arrangements with Loch Lomond and the Trossachs National Park Authority. This includes HR (per AR) Potential joint procurement officer. There is a risk that the anticipated benefits are not achieved, * Regular joint management team meetings. * Clearly defined goals and remits in joint working being developed. * Review of progress through discussion with officers and review of appropriate papers. * Comment in Annual Report. NOTE: The section below is made up of tables which cannot be converted to text. Please see original PDF for reference. Appendix B - Financial statements audit timetable Key stage Date AMEND FOLLOWING NARRATIVE AS APPROPRIATE Testing and review of internal control systems and transactions Jan/Feb 2010 Receipt of IFRS Shadow Accounts Package 30 Nov 2009 Report on IFRS Shadow Accounts 28 Feb 2010 Meetings with officers to clarify expectations of detailed working papers and financial system reports Jan/Feb 2010 Latest submission of unaudited financial statements with working papers package 14 May 2010 On site field work 17-28 May 2010 Progress meetings with lead officers on emerging issues As required during audit process Latest date for submission of management letter on financial statements audit 31 May 2010 Latest date for final clearance meeting with director of corporate services 11 June 2010 Agreement of unsigned financial statements for audit committee agenda, and issue of report to the audit committee on the audit of financial statements (ISA 260) 18 June 2010 Audit committee date 25 June 2010 Accountable Officer to sign accounts 25 June 2010 Independent Auditors Report signed 25 June 2010 Annual Report to the Accountable Officer 31 July 2010 Appendix C - Audit team A summarised curriculum vitae for each core team member is set out below: Stephen O’Hagan, CPFA Senior Audit Manager Stephen has over 12 years experience of public sector audit with Audit Scotland, covering local government, health and the education sector. Prior to this, Stephen worked in local government finance for 5 years. Maria Paterson, CPFA Senior Auditor Maria has thirteen years experience of public sector audit including NHS, Local Authority and Passenger Transport Authority. Lisa Proctor Graduate Trainee Lisa joined Audit Scotland in 2008 as part of our central government team, and has completed work on several clients within the Central Government portfolio. Appendix D - Reliance on internal audit Auditing standards require internal and external auditors to work closely together to make optimal use of available audit resources. We seek to rely on the work of internal audit wherever possible and as part of our planning process we carry out an early assessment of the internal audit function. Our review of the internal audit service concluded that the internal audit service provided by the Deloitte & Touche LLP, operates in accordance with government internal audit standards. We therefore plan to place reliance on the work of internal audit in the following areas: * Budgetary control * The delivery of the National Park Plan Appendix E - Independence and objectivity Auditors appointed by the Auditor General for Scotland are required to comply with the Code of Audit Practice and standing guidance for auditors, which defines the terms of appointment. When auditing the financial statements auditors are also required to comply with the auditing and ethical standards issued by the Auditing Practices Board (APB). The main requirements of the Code of Audit Practice, standing guidance for auditors and the standards are summarised below. International Standards on Auditing (UK and Ireland) 260 (Communication of audit matters to those charged with governance) requires that the appointed auditor: * discloses in writing all relationships that may bear on the auditor’s objectivity and independence, the related safeguards put in place to protect against these threats and the total amount of the fee that the auditor has charged the client * confirms in writing that the APB’s ethical standards are complied with and that, in the auditor’s professional judgement, they are independent and their objectivity is not compromised. The standard defines ‘those charged with governance’ as ‘those persons entrusted with the supervision, control and direction of an entity’. In your case, the appropriate addressee of communications from the auditor to those charged with governance is the audit committee. The auditor reserves the right to communicate directly with members on matters which are considered to be of sufficient importance. Audit Scotland’s Code of Audit Practice has an overriding general requirement that appointed auditors carry out their work independently and objectively, and ensure they do not act in any way that might give rise to, or could reasonably be perceived to give rise to, a conflict of interest. Appointed auditors and their staff should avoid entering in to any official, professional or personal relationships which may impair their independence, or might lead to a reasonable perception that their independence could be impaired. The standing guidance for auditors includes a number of specific requirements. The key requirements relevant to this audit appointment are as follows: * during the currency of an appointment, auditors should not perform non-audit work for an audited body, consultancy or otherwise, without the prior approval of Audit Scotland * the appointed auditor and key staff should, in all but exceptional circumstances, be changed at least once every five years in line with Audit Scotland’s rotation policy * the appointed auditor and audit team are required to carry out their duties in a politically neutral way, and should not engage in high profile public party political activity * the appointed auditor and audit team must abide by Audit Scotland’s policy on gifts and hospitality, as set out in the Audit Scotland Staff Code of Conduct.