STATEMENT ON INTERNAL CONTROL: ANNEX PRO FORMA STATEMENT ON INTERNAL CONTROL Scope of Responsibility As Accountable Officer, I have responsibility for maintaining a sound system of internal control that supports the achievement of the organisation's policies, aims and objectives set by the Scottish Ministers, whilst safeguarding the public funds and assets for which I am personally responsible, in accordance with the responsibilities assigned to me. [Accountable Officers should add to this paragraph to provide an explanation of the accountability arrangements surrounding their role.] The Scottish Public Finance Manual (SPFM) is issued by the Scottish Ministers to provide guidance to the Scottish Government and other relevant bodies on the proper handling and reporting of public funds. It sets out the relevant statutory, parliamentary and administrative requirements, emphasises the need for economy, efficiency and effectiveness, and promotes good practice and high standards of propriety. Purpose of the System of Internal Control The system of internal control is designed to manage rather than eliminate the risk of failure to achieve the organisation's policies, aims and objectives. It can therefore only provide reasonable and not absolute assurance of effectiveness. The system of internal control is based on an ongoing process designed to identify the principal risks to the achievement of the organisation's policies, aims and objectives; to evaluate the nature and extent of those risks and to manage them efficiently, effectively and economically. The process within the organisation accords with guidance from the Scottish Ministers provided the SPFM and has been in place for the year ended 31 March [200x] and up to the date of approval of the annual report and accounts. [Insert other or additional text as appropriate.] Risk and Control Framework All bodies to which the SPFM is directly applicable must operate a risk management strategy in accordance with relevant guidance issued by the Scottish Ministers. The general principles for a successful risk management strategy are set out in the SPFM. [Describe the key elements of the risk management strategy, including the way in which risk (or change in risk) is identified, evaluated, and controlled. Describe the key ways in which leadership is given to the risk management process, including the provision of training and guidance to appropriate staff. Describe the key ways in which risk management has been embedded in the activity of the organisation. Explicitly describe how risks to information are being managed and controlled as part of this process.] More generally, the organisation is committed to a process of continuous development and improvement: developing systems in response to any relevant reviews and developments in best practice in this area. In particular, in the period covering the year to 31 March and up to the signing of the accounts the organisation has: [Adapt wording as appropriate to use this paragraph to identify any significant developments in the framework either implemented in the period under report or planned.] Review of Effectiveness As Accountable Officer, I have responsibility for reviewing the effectiveness of the system of internal control. My review is informed by: - the executive managers within the organisation who have responsibility for the development and maintenance of the internal control framework;
- the work of the internal auditors, who submit to the organisation's Audit Committee regular reports which include the Head of Internal Audit's independent and objective opinion on the adequacy and effectiveness of the organisation's systems of internal control together with recommendations for improvement;
- comments made by the external auditors in their management letters and other reports.
[In this paragraph, describe the process that has been applied in maintaining and reviewing the effectiveness of the system of internal control, including some comment on the role(s) of (as relevant): the board; the Audit Committee; the risk committee; internal audit; other review/assurance mechanisms.] Appropriate action is in place to address any weaknesses identified and to ensure the continuous improvement of the system. [Include an outline of the actions taken, or proposed to deal with any significant internal control issues, if applicable.] Page Published / Updated: October 2008 |