Appendix A: protocol between the SG and Audit Scotland on the audit of SG accounts
Introduction
1. This protocol sets out procedures for the reporting of audit work by Audit Scotland to the Scottish Government in relation to the Scottish Government's accounts.
2. Audit Scotland seeks to establish open and professional working relations with all the public bodies that it audits on behalf of the Auditor General for Scotland. It is committed to the principle that there should be "no surprises" in that its findings should be discussed and agreed with the officials concerned, and that its reports should be timely, add value and communicate effectively the results of its work to the bodies concerned. Audit Scotland's reporting arrangements comply as necessary with International Standard on Auditing (ISA 260 Communication of Audit Matters with those Charged with Governance).
3. As a minimum, Audit Scotland will provide:
- An annual audit opinion issued by the Auditor General for Scotland stating whether:
- the Scottish Government's consolidated resource accounts give a true and fair view and have been properly prepared under the Public Finance and Accountability (Scotland) Act 2000 (the PFA Act) and directions made thereunder by the Scottish Ministers.
- in all material respects, the expenditure and receipts shown in the financial statements were incurred or applied in accordance with relevant legislation and guidance issued by the Scottish Ministers (the regularity audit opinion).
- Reports or letters addressed to management bringing to their attention matters arising from audit work.
- Opinions on the consistency of parts of the annual report with the financial statements.
- A final report on the audit (the "final report").
Audit planning
4. In the early stages of the annual audit process Audit Scotland will discuss an annual Audit Plan with Scottish Government finance staff covering the scope and timing of planned work. Audit Scotland will liaise with the Scottish Government on any proposed changes to the Plan. The scheduling of external audit work will recognise the faster closing of accounts objective and the role of the Scottish Government Audit & Risk Committee (SGARC) and Portfolio Audit & Risk Committees in the assurance process necessary to enable the Principal Accountable Officer to sign the governance statement.
Day-to-day audit liaison
5. In the daily course of their duties, Audit Scotland staff will have most contact with Scottish Government finance staff although there will also be frequent contact with staff from policy and programme expenditure branches. In most cases, audit issues arising are expected to be resolved at that level.
6. In some cases, for example concerning technical accounting issues, there may be a need for discussion between Audit Scotland staff and Scottish Government officials at a different forum. Most of these issues are expected to be resolved at monthly Accounts and Audit Control Group meetings between senior members of the audit team and Scottish Government finance staff. Where issues cannot be resolved at the Control Group level they will be raised initially with the Head of Corporate Reporting. Where issues still cannot be resolved, they will be raised with the DG Finance.
7. In exceptional cases, for example, due to the seriousness of the issue or because prompt management action is required, it may be necessary to by-pass this process. Examples of these might include, but are not limited to, concerns about the conduct of certain members of staff or where there is a perceived risk of the Scottish Government suffering financial loss. In these circumstances, Audit Scotland may directly approach the Head of Corporate Reporting or, exceptionally, the DG Finance.
8. Audit Scotland staff will, where appropriate and in liaison with Scottish Government finance staff, engage more generally with senior Scottish Government staff (Deputy Directors, Directors or Directors General (DGs)) to help ensure effective relations, aid understanding of key business issues and provide a wider audit perspective.
Liaison with Internal Audit Division
9. Audit Scotland will liaise with the Scottish Government's Directorate of Internal Audit and Assurance on relevant matters in accordance with any separate protocols in place covering that relationship.
Audit Scotland reports
10. There may be instances where audit work identifies only limited or minor issues. In such circumstances Audit Scotland may submit a letter to management rather than a formal report. The main types of reports arising from Audit Scotland's annual audit activities are as follows:
Governance/performance management reports
These reports cover a range of issues including key financial systems, programme expenditure, information technology, corporate governance, financial management, budgetary control, efficient government and best value. Audit Scotland can be expected to produce a number of such reports to management during the course of the audit year.
ISA 260 Report (Report to those Charged with Governance)
This report is produced immediately prior to the audit certificate being issued to bring certain matters arising from the audit of the financial statements to the attention of the Accountable Officer and SGARC. Matters reported include:
- Likely wording of the audit certificate, i.e. whether a modified or unmodified certificate is proposed.
- Unadjusted, non-material misstatements in the accounts.
- Material weaknesses in accounting and internal control systems.
- Qualitative aspects of accounting practice and financial reporting.
- Matters required by other auditing standards to be reported to those charged with governance.
Final report on the audit (the "final report")
This report summarises the significant matters arising from the whole of that year's audit including the auditor's opinions. In broad terms, the report will be used to:
- Set out, as appropriate, the respective responsibilities of management and the auditor in relation to issues associated with regularity, propriety and performance management.
- Report or direct attention to any matters of significance arising from the audit process.
- Note the action taken or the auditor's recommendation(s) as to action required to be taken by management to resolve any issues arising in the period under review and previous periods.
- Expand upon any qualification in the audit certificate in relation to the financial statements or explanatory paragraph.
Clearance of draft Audit Scotland reports
11. All draft reports will be submitted by email to the nominated key contact within the Scottish Government. The nominated key contacts for Audit Scotland reports will generally be the relevant Deputy Director of Finance and the Finance Business Partner (or equivalent). With respect to specific programme areas, the nominated key contact may be the Head of Division or Branch Manager. In certain exceptional cases, the nominated key contact may be the DG Finance or other appropriate DG.
12. All reports relating to central systems, or any reports with potential impact on the accounts will also be copied to the Head of the Financial Reporting.
13. The nominated key contact will be requested to confirm the factual accuracy of reports and provide appropriate, coordinated management responses within an agreed timescale which normally should not exceed four weeks from the date of submission, through a clearance meeting and/or correspondence. The nominated key contact will consult appropriately with Scottish Government colleagues so that all relevant perspectives (including the corporate perspective) are reflected in the management responses. The following information will be contained on the front cover of all draft reports:
Draft to:
Copy to:
Response Requested by:
Audit Contact:
14. If no response is received from the nominated contact within the agreed timescale - or if the response is incomplete - Audit Scotland will contact the relevant officer to confirm when a complete response can be expected. Thereafter reminders will be sent to the relevant officer and copied to the DG Finance and other appropriate senior management. Ultimately, in exceptional circumstances, Audit Scotland shall issue the draft report to the relevant Portfolio Audit and Risk Committee. Where it has been necessary to issue a draft report to an audit committee the finalised report will be submitted as soon as it becomes available. The audit committee shall consider at that point whether or not any further action is necessary.
Circulation of agreed reports
15. On agreement of any draft report as to its factual accuracy, the final version will be issued electronically to the nominated key contact. Hard copies will only be issued if requested. Copies of agreed reports and management letters will also be submitted as a matter of course to the DG Finance and the Head of Internal Audit. Copies of reports will also be issued as follows:
Governance/performance management reports
Reports on corporate matters will normally be issued to the Corporate Audit and Risk Committee. Reports or summaries will be included in progress reports to the relevant Portfolio Audit and Risk Committees for information. Reports relating to individual Directorate responsibilities will normally be issued to the relevant Portfolio Audit and Risk Committee for its consideration. In exceptional circumstances, however, or where Audit Scotland considers an issue to be material or significant, it will raise the issue with SGARC.
ISA 260 Report and final report on the audit
These reports will be issued to SGARC and the Permanent Secretary. The agreed final report on the audit will be published on Audit Scotland's website once the Scottish Government's financial statements are laid in the Parliament. The annual report (and where relevant the ISA 260 report) will be provided to all Portfolio Audit and Risk Committees for information after presentation to SGARC. Any comments that Audit Scotland considers relevant to specific portfolios will be highlighted in standard progress reports to the relevant committees at the end of the final accounts process.
Engagement with audit and risk committees
16. Audit Scotland staff will regularly attend SGARC and Portfolio Audit and Risk Committees. They will present formal reports to relevant committees as outlined above, highlighting key findings and supporting audit and risk committees to understand any issues raised. They will seek to provide constructive responses to any queries or questions raised by the committee members.
17. Committees will direct questioning on proposed or actual management response to the issues raised in audit reports to relevant Scottish Government officials. They will also seek explanations from officials of the circumstances leading to audit issues.
18. Audit Scotland will also provide regular written 'progress updates' to all audit and risk committees - presenting and answering questions on these as necessary. These updates will summarise the progress of the audit in the area of interest of each committee. They will also highlight other matters that Audit Scotland considers to be of interest to the committee arising from its audit of the Scottish Government accounts or its wider work - including for example 3E examinations, outcomes from the audits of other public sector organisations, changes to auditing or accounting guidance. Audit Scotland will be responsive to the interests and terms of reference of individual committees, and establish a dialogue with them on the nature and format of such information.
19. Where issues included in progress updates are potentially contentious committees are likely to seek explanations or assurances from Scottish Government officials, these will be discussed in advance of the relevant committee meeting using the day-to-day liaison arrangements set out above.
Section 22 reports
20. Audit Scotland will advise Scottish Government finance staff at the earliest point possible of any issues that it considers might lead to a report by the Auditor General for Scotland under section 22 of the PFA Act. The Scottish Government will be given reasonable opportunity to comment on the terms of any such report before it is published.
Disclosure of information
21. If a request is made to Audit Scotland for the disclosure of information obtained from the Scottish Government in the context of an audit and the information might be regarded by the Scottish Government as sensitive or exempt under FOI legislation, Audit Scotland will, where reasonably practicable, consult the Scottish Government before complying with the request. Audit Scotland will similarly consult the Scottish Government before volunteering such information to a third party or including it in any publication.
Page updated: May 2011