The Scottish Government Consolidated Accounts for the year ended 31 March 2009

Listen

Statement on Internal Control

Scope of Responsibility

As Principal Accountable Officer, I have responsibility for maintaining a sound system of internal control that supports the achievement of policies, aims and objectives set by the Scottish Ministers, whilst safeguarding the public funds and assets for which I am personally responsible in accordance with the responsibilities assigned to me.

I am supported by colleagues within the Scottish Government, including our Executive Agencies, whom I have designated as the Accountable Officers of the respective bodies within the Scottish Government consolidation accounting boundary who bear this responsibility directly for their own organisations' financial management and conduct.

The Scottish Public Finance Manual ( SPFM) is issued by the Scottish Ministers to provide guidance to the Scottish Government and other relevant bodies on the proper handling of public funds. It is mainly designed to ensure compliance with statutory and parliamentary requirements, promote value for money, high standards of propriety, and secure effective accountability and good systems of internal control. Information on how Scottish Government bodies have applied this guidance is contained in these accounts and in the separately published accounts of the individual bodies.

The following analysis reflects the governance and accountability arrangements put in place by the Strategic Board. This is an essential part of the Scottish Government's performance management framework which underpins the National Performance Framework.

Corporate Governance Framework

Within the accountability framework established by the Public Finance & Accountability (Scotland) Act 2000, the Scottish Government senior management team is responsible for ensuring that the Scottish Government is organised and managed in the most effective way to support Ministers in the implementation of their policies. The Strategic Board, chaired by me, is the Scottish Government senior management team which provides the leadership and strategic direction for the organisation and acts as advocates of the Scottish Government's programme and priorities, influencing and persuading colleagues and stakeholders to focus on the achievement of the Scottish Government's Purpose. The Strategic Board comprises: six Directors General and the Scottish Government Director of Finance (from 18 September 2008); and three non-executive members who bring independent, challenging and informed input to the Board's meetings. Further information on the Strategic Board and its composition can be found at www.scotland.gov.uk/About/strategic-board.

Other bodies within the Scottish Government consolidation boundary similarly have arrangements in place in respect of board structures and non-executive representation.

The Scottish Government has put in place a Scheme of Delegation detailing internal structures for the delegation of authority to senior executives across the Scottish Government as part of the internal control framework. This includes the option of further sub-delegation as and when considered appropriate. These arrangements complement the assurance process necessary to support the signature of Statement on Internal Control that must be provided by Accountable Officers alongside the annual accounts.

Audit committees in the Scottish Government, its Executive Agencies and relevant bodies support the Accountable Officer by monitoring and reviewing both the risk, control and governance processes which have been established in the organisation, and the associated assurance processes. These committees are constituted in line with the Policy Principles for Audit Committees in Central Government as set out in the SPFM, including the appointment of non-executive members from appropriate external sources. An Audit Committee Handbook for those bodies subject to the SPFM, plus related Guidance for audit committee members in the core Scottish Government, is available at http://www.scotland.gov.uk/Publications/2008/08/Q/Page/3.

The organisational structure of the Scottish Government has led to the establishment of the overarching Scottish Government Audit Committee ( SGAC) with additional audit committees supporting Portfolio Accountable Officers. Audit committees in Executive Agencies and sponsored bodies also exist, essentially to service the needs of their own organisations; and collectively, they help also to provide assurances on the risk, control and governance across the Scottish Government as a whole and to underpin the Statement on Internal Control. A network has been established for all non executive members, providing close links between non executives and between all of these audit committees and SGAC.

The Purpose of the System of Internal Control

The system of internal control is designed to manage risk to a reasonable level rather than to eliminate all risk of failure to achieve the organisation's policies, aims and objectives in furtherance of the single overarching Purpose of the Government. It can therefore only provide reasonable and not absolute assurance of effectiveness.

The system of internal control is based on a process designed to identify the principal risks to the achievement of the Scottish Government's priorities captured by the National Performance Framework, to evaluate the nature and extent of those risks and to manage them efficiently, effectively and economically. The process within the Scottish Government accords with the guidance from the Scottish Ministers and has been in place during the period. Although the principles of internal controls have been unchanged, there have been some changes in practice in the period, primarily as a result of the continued embedding of outcomes focused government and the National Performance Framework; and work continues to adapt and embed the consistent application of good practice as part of the continuous improvement of our corporate systems and controls. More information on these can be found within the Operating and Financial Review section of the annual report and at www.scotland.gov.uk/About/scotPerforms.

Other Accountable Officers in Scottish Government bodies similarly have appropriate systems in place. (The annual accounts of these bodies contain separate specific Statements on Internal Control, which provide detailed information on their systems and plans).

The Risk and Control Framework

All bodies subject to the requirements of the SPFM must operate a risk management strategy in accordance with relevant guidance issued by the Scottish Ministers. The general principles for a successful risk management strategy are set out in the SPFM. Further information on how individual bodies do this is available in their separate annual accounts. A new risk management framework for the Scottish Government was agreed by the Strategic Board and positive assurance was given by the Scottish Government Audit Committee during the year.

The Strategic Board has played a significant role in standardising processes for risk management during the year, as changes to business arrangements and working practices have been introduced. The Strategic Board is concerned with risks which may prevent or hinder the Board from achieving its objectives, as set out in the Statement of Governance and Accountability.

Within Directorates, risk management controls are identified in project and delivery plans and are used to keep projects and programmes in line with plans at a number of levels in the organisation. Business areas are responsible for maintaining risk registers based on objectives for assessing and monitoring risks and actions taken to manage risk, and for ensuring that risk assessment is embedded into corporate and performance management, business planning and financial reporting processes. Risk registers may also be prepared for programmes, policies, projects and specific initiatives, as appropriate, to support the management of risk.

Other Developments in 2008-09 and up to the signing of these accounts

More generally, the Scottish Government is committed to a process of continuous development and improvement, developing our systems following the results of any reviews and in response to developments in best practice in this area. In particular, in the period covering the year to 31 March 2009 and up to the signing of these accounts, the Scottish Government:

  • has continued to build on its existing portfolio of Gateway Review projects as a method of reducing risk in large projects, mandatory for those organisations covered by the terms of the Scottish Public Finance Manual, specifically for those projects with a budget of £5m or more that are categorised as High-Risk or Mission Critical.
  • is making improvements to the information held on capital projects to improve further the quality of monitoring and consequently the management of such projects.
  • has defined, mapped and communicated the main roles and responsibilities of senior management in the Scottish Government and described how these work to support delivery of the Government's Purpose.
  • is reviewing the role of Non Executive Directors below Strategic Board level to ensure that they continue to play an important role in the organisation's governance.
  • has initiated work to develop appropriate links between financial/resource information and work to achieve National Outcomes.
  • has launched revised procedures on the Scottish Government's use of consultants which provided for a wider and more carefully specified definition of consultancy along with tighter controls on contract approval levels and best practice expectations. To facilitate continuous improvement and the sharing of best practice a template to support post project reviews which are expected to be conducted for all consultancy projects has been introduced. Procedures for the control of consultancy spend as a whole have also been introduced.
  • has produced a report on the carbon impact of the 2010-11 Budget, published alongside the draft budget in September.

Review of Effectiveness

As Principal Accountable Officer, I also have responsibility for reviewing the effectiveness of the system of internal control. My review is informed by:

  • the executive managers within the organisation who have responsibility for the development and maintenance of the internal control framework;
  • the work of the internal auditors, who submit to the relevant Audit Committees regular reports which include the Head of Internal Audit's independent opinion on the adequacy and effectiveness of the organisation's systems of internal control together with recommendations for improvement; and
  • comments made by the external auditors in their management letters and other reports.

Other bodies within the consolidated accounting boundary are also subject to internal and external audit and have in place systems for reporting by their executive managers.

Assurance on the maintenance and review of internal controls systems is provided by managers within the Scottish Government, who provide a certificate of assurance covering their areas of responsibility to a Director-General, who then provides an appropriate assurance to me. Similar processes exist within the other Scottish Government bodies, which may produce their own Statement on Internal Control if they publish their own annual accounts, or who will otherwise draw to the attention of the Portfolio Accountable Officers any significant internal control matters.

The Head of Internal Audit ( HIA) gave his annual assurance report to SGAC on 22 September 2009: this provided an overview of internal audit activity in the period and his independent opinion that he could provide substantial assurance on the overall arrangements for risk management, control and governance.

The audit committees support me and Portfolio Accountable Officers with regard to our responsibilities for issues of risk, control and governance and associated assurance through a process of constructive challenge and review. They provide advice on, and review the comprehensiveness of, assurances provided to the Accountable Officers, including the annual assurance provided by the HIA, reports from managers and the consideration of information on control issues received in respect of Executive Agencies or sponsored bodies. Assurances draw attention to those aspects of risk management, governance and internal control that are functioning effectively and, just as importantly, those that need to be improved. Where room for improvement is identified, appropriate action is taken forward by the relevant managers and this is subject to follow up by the relevant audit committees.

Portfolio Audit Committees ( PAC) provide an annual report to the SGAC giving an assurance that the PAC is operating in accordance with SPFM guidance and drawing the SGAC's attention to issues that may fall within its remit. This report will include, where appropriate, any notifications of problems being experienced by audit committees of Executive Agencies or relevant sponsored bodies. The PAC chairs also met with SGAC members on 7 September to discuss their reports and identify any common issues. The SGAC provides an annual report to the Principal Accountable Officer, timed to support the preparation of this statement. No significant issues were reported via these processes, culminating in the SGAC meeting of 22 September which recommended the signing of these accounts, which require to be reported here .

Where any matters arise from the assurance process, appropriate action is put in place to address any weaknesses identified and to ensure the continuous improvement of the system. The following areas are those where there is room for improvement and where action is already underway:

  • In view of the increased exposure to disallowance risk, transferred from the UK Government, a programme of action was under development during the 2008-09 period. Although the EU accounts for 2008 were cleared without any disallowance of expenditure, these actions are continuing to be implemented to improve our processes in relation to expenditure funded by the European Agriculture Guarantee Fund and European Agricultural Fund for Rural Development . We are aware that our activities will continue to be subject to a high level of audit scrutiny by the European Commission, with associated disallowance risk. We will continue to monitor this situation and respond appropriately as required.
  • In order to continue to mitigate the risk of conflicts of interest arising, the Scottish Government has made a number of changes to improve processes around its register of interests. These are designed to ensure greater consistency and assurance over their practical operation and include:
    • Consistent systems for identifying potential conflicts of interest during recruitment; and
    • Providing a more systematic process to assist members of the SCS to register and manage any potential conflict of interests. Prompts are in place to ensure that discussions with line managers and recording takes place consistently.

Going forward, the Strategic Board will continue to develop our organisation to deliver the Scottish Government's Purpose, underpinned by effective systems and processes.

Sir John Elvidge KCB signature

Principal Accountable Officer

Date: 22 September 2009

Page updated: Thursday, October 01, 2009