INTERNAL AUDIT REPORTING

INTERNAL AUDIT REPORTS

Members considered the audit report on estates and asset management. CRobertson highlighted a number of key points detailed within the report.

In discussion the following matters were raised:
• Noting the biggest issue was data, Members were assured work was progressing to introduce an estates database but until that point, accuracy checking would continue to be manual.
• Members agreed an estates management system was a sensible way forward but sought assurance that it could be linked to other systems and linked to the Capital Programme. James Gray (JGray) confirmed it would be linked and would grow as the data improves. He told Members this current year would be a transition year focussing on transactional activity, but it was anticipated that linkage could be evidenced by 2026/27. DCCSmith added that JGray and his team had been helpful in feeding into how it could work and how interdependencies would be addressed.

Members considered the audit report on ICT general controls. CRobertson highlighted a number of key points detailed within the report.

The Committee Chair noted it was a positive report and thanked those in the digital division who had contributed.

Members considered the audit report on grant management. CRobertson highlighted a number of key points detailed within the report.

In discussion the following matters were raised:
• JGray explained that the timing of the audit meant it was difficult to give a higher level of assurance however new approved arrangements are in place and provide a moderate level of assurance. He assured Members that the new policy and procedure helped to demonstrate improved controls.
• Lynn Brown acknowledged that the grant amount was not significant in the overall budget but was significant in itself therefore the report was requested, and the expected results have allowed the organisation to move forward.
• Members welcomed Police Scotland and SPAs request for the report but asked whether there was any potential duplication in grant awards. JGray assured the Committee that the new policy and procedures helped to ensure duplication was avoided. He offered to provide a list of what the grant fund covers which Members accepted.
• JGray advised that all recommendations should be complete by October 2025.
Members considered the audit report on health and safety – transportation of dangerous goods. CRobertson highlighted a number of key points detailed within the report.
In discussion the following matters were raised:
• Members welcomed the proactive request for the audit, noting it showed a level of maturity, transparency and desire for improvement.
• Members sought and received assurance that Forensic Services would be involved in the work undertaken to address the recommendations and any learning that came out of it.
• Members heard the audit results were anticipated, and two groups had been set up with action plans formulated from the report. One group was to look at high-risk productions and another was a partnership group to review end-to-end processes. The Committee heard Police Scotland take on the organisational risk of holding high risk productions and it was anticipated that the new modernisation bill will help address this.
• Members questioned whether there were any learning points for wider Health and Safety compliance and heard a Policy Development Working Group had been established to identify gaps and prioritise through internal investigative work.
• ACCRatcliff assured the Committee that health and safety was a focus, and internal departmental meetings review health and safety, with focus and input from the Health and Safety team.
• Member questioned whether external support would be required and heard outcomes from the action plan may require external support if there is no internal expertise in an area. An external contact has been identified but staff are also carrying out CPD work to help assist.

Members noted the report and agreed the following actions:
20250521-AUD-001: Committee Members to be provided a list of what the grant management fund covers.

ANNUAL INTERNAL AUDIT REPORT

Members considered the Annual Internal Audit Plan. CRobertson highlighted a number of key points detailed within the report.

In discussion the following matters were raised:
• Members questioned whether any overarching themes had emerged from the work done this year and heard central oversight, roll out of policies and procedures and prioritisation had been highlighted.
• CRobertson advised that having good quality data would help drive improvements. DCCSmith informed the Committee there is an intention to use data more effectively and discussions would take place at an upcoming Resources Committee Development Day with a robust plan brought to a future Resources Committee.
• Noting four audits provided limited assurance, Members were told this conclusion was due to Internal Audit not being content with the level of risk being carried and improvement actions were recommended.

Members noted the report.