Resource Accounts 2002 - 2003
THE SCOTTISH PARLIAMENTARY CORPORATE BODY
ANNUAL RESOURCE ACCOUNTS 2002-2003
(12 months ended 31 March 2003)
STATEMENT ON INTERNAL CONTROL
As Principal Accountable Officer of the SPCB, I acknowledge
my responsibility for ensuring that an effective system of internal
control is maintained and operated to safeguard the public funds and
assets for which I am personally responsible in accordance with the
responsibilities assigned to me.
The system of internal control is designed to manage rather than eliminate
the risk of failure to achieve the organisation’s policies, aims and
objectives; it can therefore only provide reasonable and not absolute assurance
of effectiveness.
The system of internal control is based on an ongoing process designed to identify
the principal risks to the achievement of the organisation’s policies,
aims and objectives, to evaluate the nature and extent of those risks and to
manage them efficiently, effectively and economically. This process has been
fully implemented in the year ended 31st March 2003 and has been in place up
to the date of approval of the annual accounts and accords with guidance from
the Scottish Public Finance Manual.
As Principal Accountable Officer, I also have responsibility for reviewing
the effectiveness of the system of internal control. The following processes
have been established:
- An Advisory Audit Board (AAB) has been established and met three times in the year ended 31/3/2003. The AAB is composed of two independent members and one member of the Corporate Body and it is chaired by one of the independent members. The AAB receives reports from both external and internal auditors and provides guidance to the Principal Accountable Officer on corporate governance issues.
- Senior Management meets monthly to consider the plans and strategic direction of the organisation.
- Regular reports by the internal auditors (Deloitte & Touche LLP) include their independent opinion on the adequacy and effectiveness of the system of internal control together with recommendations for improvement.
- The AAB approves the Internal Audit plan for the coming year proposed by Deloitte and Touche LLP.
- Regular reports from managers on the steps they are taking to manage risks in their areas of responsibility including progress reports on key projects.
- A regular programme of facilitated workshops to identify and keep up to date the record of risks facing the organisation.
- A programme of training for senior managers which includes corporate governance and risk management training.
- Establishment of key performance and risk indicators.
- Maintenance of an organisation-wide risk register.
- A policy on fraud prevention and fraud prevention guidance.
- The SPCB formally complies with the principles of the Scottish Public Finance Manual.
The SPCB is responsible for funding the activities
of the Scottish Public Services Ombudsman, with effect from 23 October
2002, and the Scottish Information Commissioner, with effect from 24
February 2003. These bodies were created by acts of the Scottish Parliament
and operate independently from the SPCB. I rely on the Accountable
Officer for each of these bodies to be responsible for ensuring that
an effective system of internal control is maintained and operated
to safeguard the public funds and assets for which they are personally
responsible.
Based on the Scottish Public Finance Manual, with which we currently comply,
we plan to develop a dedicated SPCB finance manual in 2003-04 to contain financial
policies and procedures that are specific to the SPCB.
My review of the effectiveness of the system of internal control is informed
by the work of the internal auditors and the senior managers within the organisation
who have responsibility for the development and maintenance of the internal
control framework. I am also informed by our external auditors, Audit Scotland,
on matters of internal control through their management letters and reports.
Based on their recommendations we are taking action to tighten up a number
of our financial processes in 2003-04.
I reported in the 2001-02 statement on internal control, that the implementation
of the Scottish Executive's new financial and management information system
(SEAS) in the final quarter of that year had created difficulties with the
SPCB's payment and recording systems. These difficulties persisted into the
start of the 2002-03 financial year. A significant number of transactions were
processed manually during this period to ensure that the SPCB's financial obligations
were met. Action was taken to correctly account for these transactions and
to identify weaknesses and strengthen controls and procedures to minimise risks
to the SPCB during this period.
The subsequent recording of these manual transactions on SEAS in the early
part of 2002-03 created difficulties with the reconciliation of bank accounts
that continued throughout the year and significant additional work has been
required after the year end in order to resolve the reconciling items. This
has successfully accounted for the vast majority of the 2002-03 transactions,
however a small number of accounting entries remain to be investigated and
cleared during 2003-04. These problems arose specifically out of the implementation
of the new financial system. They do not affect our on-going payment and recording
procedures and bank reconciliations are fully effective in 2003-04.
P E Grice |
18 December 2003 |