Audit Committee Handbook: Guidance for Audit Committee Members in the Core Scottish Government

Listen

ANNEX F: MODEL TERMS OF REFERENCE FOR PORTFOLIO AUDIT COMMITTEES

TERMS OF REFERENCE FOR [NAME OF PORTFOLIO] AUDIT COMMITTEE

An Audit Committee has been established to support the Portfolio Accountable Officer[s] ( PAO) in his/her/their responsibilities for issues of risk, control and governance over the [programme]/[administration] budget for [name of Portfolio]. This includes reviewing the comprehensiveness of assurances in meeting the PAO's assurance needs and reviewing the reliability and integrity of these assurances. In formal terms, the Audit Committee reports annually to the overarching Scottish Government Audit Committee ( SGAC).

Membership

The Audit Committee will comprise three [or more] non-executive members, one of whom shall serve as the chair. Details of the current members including the chair are shown in Appendix 1.

  • The Audit Committee will be provided with a secretarial support service by (XXXXXX).

Meetings

  • The Audit Committee will meet at least four times a year. The Chair of the Audit Committee may convene additional meetings as he/she deems necessary.
  • The PAO may also ask the Audit Committee to convene further meetings to discuss particular issues on which he/she/they want the Audit Committee's advice.

A minimum of two members of the Audit Committee will be present for the meetings to be deemed quorate. In the absence of the Chairperson, one of the other non-executive members will assume that role for the duration of the meeting.

  • The Chair of SGAC should be advised of any member who fails to attend two consecutive meetings.
  • Audit Committee meetings will normally be attended by the PAO and representatives from Internal Audit Division, Audit Scotland and Finance.
  • The Audit Committee may ask any other officials to attend to assist it with its discussions on any particular matter.
  • The Audit Committee may ask any or all of those who normally attend but who are not members to withdraw to facilitate open and frank discussion of particular matters.
  • Papers for Audit Committee meetings should be circulated to members at least one week prior to the meeting date.
  • A core work programme is attached at Appendix 2.
  • An Action Point Tracker will be maintained to monitor progress on key issues raised at meetings.

Access

  • Internal Audit Division and Audit Scotland will have free and confidential access to the Chair of the committee and vice versa (it is expected, however, that exercise of this right would be on an exceptional basis).

Reporting

  • The Audit Committee will formally report back to the PAO after each meeting - providing a copy of minutes of the meeting may form the basis of the report.
  • The Audit Committee will also provide SGAC with an Annual Report, in a format agreed by SGAC and in advance of the SGAC meeting timed to review the Scottish Government consolidated accounts and associated Statement on Internal Control ( SIC).

Responsibilities

The Audit Committee will advise the PAO on:

  • the strategic processes for risk, control and governance
  • the planned activity and results of both internal and external audit
  • the adequacy of management response to issues identified by audit activity or by Parliamentary Committees where they affect the portfolio's overall performance
  • assurances relating to the corporate governance requirements for the portfolio, e.g. Certificates of Assurance and issues relating to the Permanent Secretary's signing of the SIC.

Information Requirements

To achieve the above, for each meeting the Audit Committee will normally be provided with:

  • a report on the [Portfolio] performance relating to risk management, including a summary of any key changes to the risk register
  • a progress report from Internal Audit Division detailing, as appropriate:
    • work performed
    • key issues emerging from internal audit work
    • management responses to audit recommendations
    • progress on the implementation of agreed recommendations
    • the current internal audit plan including proposed changes
    • any issues affecting the delivery of internal audit objectives
  • a progress report from Audit Scotland summarising work done and emerging findings.

As and when appropriate, the Committee may also be provided with:

  • The Terms of Reference of Internal Audit Division agreed by SGAC
  • The Internal Audit Strategy agreed with SGAC
  • Internal Audit Division's annual assurance and report for the [Portfolio]
  • Directors' Certificates of Assurance
  • the PAO's draft Certificate of Assurance
  • A report on relevant matters from Finance
  • A report on Business Performance Management Reports and any relevant outputs or assurances from other review bodies or activities, including relevant Gateway reviews
  • The major findings of relevant Parliamentary Committee reports
  • Any appropriate relevant information from the draft accounts as they relate to the [Portfolio]
  • Audit Scotland plans, and any relevant management letters and performance audit reports
  • Notifications from relevant Executive Agency and sponsored body Audit Committees of significant issues that are considered to be of wider interest
  • Any relevant reports on fraud within the [Portfolio] or relevant Executive Agencies and sponsored bodies
  • Any report on co-operation between internal and external audit
  • Copies of any external quality assurance reports on the internal audit function.

APPENDIX 1: CURRENT MEMBERSHIP OF THE [PORTFOLIO] AUDIT COMMITTEE

    • Name 1 (period of appointment: dd mm yyyy - dd mm yyyy)
    • Name 2 (period of appointment: dd mm yyyy - dd mm yyyy)
    • Name 3 (period of appointment: dd mm yyyy - dd mm yyyy)
  • The Audit Committee is chaired by (Name 1 above)

APPENDIX 2: SUGGESTED CORE ANNUAL PROGRAMME OF BUSINESS FOR PORTFOLIO AUDIT COMMITTEES

Spring Meeting

  • Review performance relating to risk management
  • Review the Internal Audit periodic work plan for the coming financial year
  • Consider Audit Scotland plans for the coming financial year
  • Consider any reports from Internal Audit and management responses
  • Consider any reports from Audit Scotland [and management response to/implementation of recommendations]
  • Consider a report from Finance, including relevant information about financial performance and achievement of financial targets
  • Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses, management responses to requests for information

Summer Meeting

  • Review performance relating to risk management
  • Consider (emerging) External Audit opinion for the financial year just finished
  • Consider Internal Audit opinion for the financial year just finished
  • Consider an annual report on fraud within the portfolio directorates, relevant Executive Agencies and sponsored bodies
  • Review certificates of assurance provided by portfolio directors and advise the Accountable Officer on the terms of his/her assurance to the Permanent Secretary*
  • Consider any reports from Internal Audit and management responses
  • Consider any reports from Audit Scotland [and management response to/implementation of recommendations]
  • Consider a report from Finance, including relevant information about financial performance and achievement of financial targets
  • Consider any Scottish Parliament Audit Committee issues e.g. reports and formal responses, management responses to requests for information
  • *Consider an annual report to the Scottish Government Audit Committee

* These agenda items must be completed in sufficient time to meet the timetable for the preparation of the Scottish Government's consolidated accounts.

Autumn Meeting

  • Review performance relating to risk management
  • Review the performance management arrangements adopted within the portfolio including, where appropriate, the timetable for reviewing such arrangements
  • Consider any reports from Internal Audit and management responses
  • Consider any reports from Audit Scotland [and management response to/implementation of recommendations]
  • Consider a report from Finance, including relevant information about financial performance and achievement of financial targets
  • Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses, management responses to requests for information

Winter Meeting

  • Review performance relating to risk management
  • Consider the Audit Scotland portfolio report/management letter for the previous year and the management response
  • Consider whether or not any local arrangements - as opposed to the Scottish Government corporate arrangements - for the reporting and handling of cases of actual and suspected fraud are sufficiently robust
  • Consider any reports from Internal Audit and management responses
  • Consider any reports from Audit Scotland [and management response to/implementation of recommendations]
  • Consider a report from Finance, including relevant information about financial performance and achievement of financial targets
  • Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses, management responses to requests for information
  • Consider the Committee's own effectiveness in its work
  • Review the Committee's Terms of Reference

Page updated: Friday, August 08, 2008