Skip to site content Skip to main menu

Tell us whether you accept cookies

We use cookies to collect information about how you use the Police Scotland website. We use this information to make the website work as well as possible and improve our services.

View cookies
Published: 19 August 2025

Committee Chairs Reports - 21 August 2025

ITEM 4 Committee Chairs Report (pdf, .34MB )

Report Summary

This report provides members of the Scottish Police Authority with an overview of business progressed through the meetings which have met since the last Authority Meeting.

To access the full document please open the PDF document above.

To view as accessible content please use the sections below. (Note that tables and some appendixes are not available as accessible content). 

Meeting

The publication discussed was referenced in the meeting below

Green icons showing 7 inter-connected circles.

Meeting of the Scottish Police Authority - 21 August 2025

Date : 21 August 2025

Location : Clayton Hotel Glasgow, 298 Clyde St, Glasgow, G1 4NP

View Meeting

Audit, Risk and Assurance Committee


The formal minute of the public items of business will be available at the meeting scheduled for 12 November 2025. These will also be published on the SPA’s website. A full recording of the public items of business taken at this meeting can be accessed at Scottish Police Authority Audit, Risk & Assurance Committee - 14 August 2025 | Scottish Police Authority

ITEMS OF BUSINESS CONSIDERED
• Internal Audit progress update and reports on health and safety, and management of recommendations
• Audit and Improvement Recommendation Trackers
• Best Value Updates
• Annual Whistleblowing Reports
• Police Scotland Assurance Audit for SCRS Crime Compliance
• Draft Annual Report and Accounts
• Risk Management Reporting
• Cyber Security Update
• Annual Data Loss, Fraud and Theft Report

KEY ISSUES RAISED
• Internal Audit Reports
o Internal Audit report on health and safety. The Committee welcomed Police Scotland’s initiative to request the audit to help identify gaps and accelerate improvements. Members were concerned on the number of recommendations but received assurance that improvements on risk assessments were in advanced stages. Assurance was also received from Police Scotland’s Executive team that value is placed on health and safety and it is prioritised.
o Internal Audit report on management of recommendations. Police Scotland acknowledged that the number of outstanding recommendations is unacceptable and assured the Committee that progress will be made at pace.

• Audit and Improvement
o Police Scotland Audit and Improvement. The Committee heard focus was on addressing new recommendations and building momentum, ensuring alignment with the 2030 vision. Members sought and received assurance that high risks recommendations are always prioritised.
o Internal Audit Update. The Committee discussed the delayed overtime audit report and heard management responses were still to be received. Members were assured this would be presented to the next meeting in November. Members were assured there was an appropriate internal governance structure for discussing recommendations, but the Committee still raised concerns on the overall number and age.

• Assurance Reporting
o Best Value. The Committee heard audit work is mostly complete, and indicative early findings have been shared which are positive. Most findings were anticipated from the self-assessment. Emerging findings meetings are being held with Audit Scotland and HMICS. They will now write a report, with early drafts expected late autumn with the final report presented to parliament in early 2026.
o Whistleblowing Annual Reports. The Committee received reports from Police Scotland and SPA. Discussion focussed on the number of Police Scotland referrals and how the organisation differentiates whistleblowing from protected disclosures. The Committee were keen to understand Police Scotland’s internal governance for ensuring the whistleblowing process was appropriate and encouraged continuous training and providing feedback, acknowledging this was challenging when so many were made anonymously.
o Police Scotland cyber security update. An update was provided on recent activity and discussion focussed on risks and examining lessons learned from other organisations.
o Police Scotland annual data loss, fraud and theft report. An update was provided on incidents and discussion focussed on fraud cases and data loss incidents reported to ICO.

• Risk Management Reporting. The Committee received updates from SPA, Police Scotland and Forensic Services. Discussion focussed on Police Scotland’s strategic risks relating to partnership working and funding.

• Draft Annual Report and Accounts. The Committee received their first presentation of the draft 2024/25 Annual Report and Accounts and were provided detailed updates on a number of areas. The Committee will be provided with an updated draft at a meeting in September 2025 where recommendation to the Authority for approval will be sought.

CONCLUSIONS/ACTIONS REACHED
• Members remained concerned on the high number of open recommendations but were assured by Police Scotland’s commitment to progress at pace and respond to audit recommendations.
• It was agreed Police Scotland whistleblowing reports would be revised to provide more strategic detail on process. The Committee supported the proposal for a deep dive on whistleblowing including the differences between protected disclosures and whistleblowing. Members requested Police Scotland provide an example of how a whistleblowing lessons learned has been applied.
• Commitment was given to providing Members with further information on partially implemented cyber security recommendations.

 

Previous Section  | 
Back to all documents