Audit Committee

Date:
22 January 2018
Time:
11.30am - 15.30pm
Location:

SPA HQ
1 Pacific Quay
Glasgow
G51 1DZ

Date: MONDAY 22 January 2018
Time: 11:30 – 15:30
Venue:  Pacific Quay, Boardroom, 1 Pacific Quay, Glasgow, G51 1DZ
Chair:  David Hume

1. Introduction / Welcome * - David Hume, Chair, SPA
1.1  Chair’s Opening Remarks
1.2  Apologies
1.3  Declarations of Interest
1.4  Any other business

2. Minute and Actions from previous closed meeting: * - David Hume, Chair, SPA
(For Approval)
2.1  Minute of Public Committee Meeting held 9th October 2017
2.2  Rolling Action Log

3. Matters Arising - David Hume, Chair, SPA

ITEMS OF BUSINESS

4. Internal Audit Reports: - Helen Berry, Scott-Moncrieff

4.1 Follow Up Q3 (includes Software Development – Follow Up Report)
4.2 Internal Audit Progress Report (additional IA days incorporated)
4.3 Draft Internal Audit Plan 2018/19  - paper to folow

5. SPA and Police Scotland Financial Regulations (Verbal) - James Gray, Police Scotland

6. Audit Committee Self-Assessment - David Hume and Graham Stickle, SPA

7. Police Scotland Audit and Improvement Recommendations Process - Donna Adam, Police Scotland

8.  Whistleblowing:
8.1 Police Scotland Whistleblowing Progress Report - Superintendent Mark Hargreaves, Police Scotland
8.2 SPA Whistleblowing Progress Report - John MacLean, SPA

9. General Data Protection Regulation (GDPR): 
9.1 SPA and Police Scotland GDPR Additional Preparedness - Paul Kelly, Scott-Moncrieff
9.2 Data Protection Overview - David Page, Police Scotland
9.3 General Data Protection Regulation (GDPR) Police Scotland Preparedness - Superintendent Mark Lundie, Police Scotland
9.4 General Data Protection Regulation (GDPR) SPA Preparedness - Catherine Topley, SPA

10. External Audit Reports:
10.1 Audit Scotland 2016/17 Annual Audit Report to
Members and the Auditor General for Scotland

10.2 Auditor General’s Draft Section 22 Report

11. Improvement Trackers:
11.1 Police Scotland Improvement Tracker - Donna Adam, Police Scotland
11.2 SPA Improvement Tracker Progress Update - SPA Improvement Tracker Progress Update - Lynne Clark, SPA

12. AOCB - David Hume, Chair, SPA

13. DATE OF NEXT MEETINGS: - David Hume, Chair, SPA
Tuesday 6th March 2018, Pacific Quay, Glasgow


PRIVATE Session: 

1. Introduction / Welcome * - David Hume, Chair, SPA
1.1  Chair’s Opening Remarks
1.2  Apologies
1.3  Declarations of Interest
1.4  Any other business

2. Minute and Actions from previous closed meeting: *(For Approval) - David Hume, Chair, SPA
2.1  Minute of Closed Committee Meeting held 9th October 2017
2.2 Minute of Closed Committee Meeting held 22nd  November 2017
2.3  Rolling Action Log

3. Matters Arising - David Hume, Chair, SPA

ITEMS OF BUSINESS

4. Report on Integrated Estates Transformation Team
Rationale – SPA Governance Framework Section 27 (e) Where any of the information to be discussed is
commercially sensitive, financially sensitive, relates to proposals for significant organisational
change or to significant changes to the terms and conditions of staff.

5. Fire Safety Compliance
Rationale – SPA Governance Framework Section 27 (b) Where public discussion of the information
may prejudice national security, legal proceedings (including misconduct or disciplinary proceedings),
or police operations

6. Risk Management:
Rationale – SPA Governance Framework Section 27 (b) Where public discussion of the information may
prejudice national security, legal proceedings (including misconduct or disciplinary proceedings),
or police operations
6.1 PS Corporate Risk Register - Fiona Davidson, Police Scotland
6.2 PS Risk Management Update - Fiona Davidson, Police Scotland  
6.3 SPA Risk Register - Graham Stickle, SPA

7. ICT Incidents - Hazel Irving, Police Scotland
Rationale – SPA Governance Framework Section 27 (b) Where public discussion of the information may
prejudice national security, legal proceedings (including misconduct or disciplinary proceedings),
or police operations

8. Data Loss Incidents* - Superintendent Mark Lundie, Police Scotland
Rationale – SPA Governance Framework Section 27 (b) Where public discussion of the information may
prejudice national security, legal proceedings (including misconduct or disciplinary proceedings),
or police operations

9. Fraud and Theft Reporting* - Superintendent Mark Lundie, Police Scotland
Rationale – SPA Governance Framework Section 27 (b) Where public discussion of the information may
prejudice national security, legal proceedings (including misconduct or disciplinary proceedings),
or police operations

10. Internal Audit Whistleblowing Report - Grace Scanlin, Scott-Moncrieff 
Rationale – SPA Governance Framework Section 27 (e) Where any of the information to be discussed
is commercially sensitive, financially sensitive, relates to proposals for significant organisational
change or to significant changes to the terms and conditions of staff.
10.1 Internal Audit Whistleblowing Report
10.2 Draft anonymised Whistleblowing Report

11. Scott-Moncrieff Management Report - ICT Healthceck, Sep 2007  - David Page, Police Scotland
Rationale – SPA Governance Framework Section 27 (e) Where any of the information to be discussed
is commercially sensitive, financially sensitive, relates to proposals for significant organisational
change or to significant changes to the terms and conditions of staff.

12. AOCB - David Hume, Chair, SPA

13. Internal Audit Contract Tendering Progress - Colette Sherry, Police Scotland 
Rationale – SPA Governance Framework Section 27 (e) Where any of the information to be discussed is
commercially sensitive, financially sensitive, relates to proposals for significant organisational change
or to significant changes to the terms and conditions of staff.

14. DATE OF NEXT MEETINGS: - David Hume, Chair, SPA
Tuesday 6th March 2018, Pacific Quay, Glasgow