Brecon Beacons National Park Authority Assurance Rating...

Brecon Beacons National Park Authority

Internal Audit Report 2013/14

Financial Systems

Assurance Rating:

Budgetary Control

Asset Management

Outsourced Payroll

Brecon Beacons National Park Authority – Internal A udit 2013/14 – Financial Systems Private & Confidential ©2014 Deloitte LLP

Distribution List:

Final Report • Chief Executive • Audit and Scrutiny Committee • Section 151 Officer • Finance Manager • Responsible Officer(s)

Date of fieldwork: December 2013 - January 2014 Date of draft report: March 2014 Date of final report: April 2014 This report and the work connected therewith are subject to the Terms and Conditions of the contract dated 15 July 2013 between Brecon Beacons National Park Authority and Deloitte LLP. Other than as stated below, this document is confidential and prepared solely for your information and that of other beneficiaries of our advice listed in our engagement letter. Therefore you should not, refer to or use our name or this document for any other purpose, disclose them or refer to them in any prospectus or other document, or make them available or communicate them to any other party. If this document contains details of an arrangement that could result in a tax or National Insurance saving, no such conditions of confidentiality apply to the details of that arrangement (for example, for the purpose of discussion with tax authorities). In any event, no other party is entitled to rely on our document for any purpose whatsoever and thus we accept no liability to any other party who is shown or gains access to this document. This report has been prepared on the basis of the limitations set out at Appendix D.

Brecon Beacons National Park Authority – Internal A udit 2013/14 – Financial Systems Private & Confidential ©2014 Deloitte LLP

Contents

Page

1. EXECUTIVE SUMMARY ...................................................................................................... 1

1.1 Background .................................................................................................................. 1

1.2 Audit Objectives and Scope ........................................................................................ 1

1.3 Key Findings ................................................................................................................. 2

1.4 Conclusion .................................................................................................................... 4

1.5 Restriction of Use ......................................................................................................... 4

1.6 Acknowledgement ........................................................................................................ 4

2. OBSERVATIONS AND RECOMMENDATIONS ................................................................ 5

2.1 Budgetary Control: Authorising Virements – Medium Priority .................................. 5

2.2 Budgetary Control: Reviewing Policies and Procedures – Low Priority .................. 6

2.3 Payroll: Exception Reports – Medium Priority ........................................................... 7

2.4 Fixed Assets: Asset Identification – Medium Priority ................................................ 8

2.5 Fixed Assets: Procedure Notes – Medium Priority ................................................... 9

2.6 Fixed Assets: Disposal Dates – Medium Priority .................................................... 10

2.7 Fixed Assets: Reviewing Assets – Medium Priority ................................................ 11

3. FOLLOW UP OF PRIOR YEAR RECOMMENDATIONS ................................................ 12

APPENDIX A – REPORTING DEFINITIONS ............................................................................. 16

APPENDIX B – STAFF INTERVIEWED ..................................................................................... 17

APPENDIX C – TERMS OF REFERENCE ................................................................................. 18

APPENDIX D – STATEMENT OF RESPONSIBILITY .............................................................. 20

Brecon Beacons National Park – Internal Audit 2013/ 14 – Financial Systems Private & Confidential ©2014 Deloitte LLP 1

1. Executive Summary

1.1 Background

The internal audit assessed the adequacy and effectiveness of Brecon Beacons National Park Authority’s (the Authority’s) internal controls in operation regarding Financial Systems. The internal audit work was carried out through discussion with relevant staff (a list of staff interviewed can be found at Appendix B), examination of documentation and sample testing, as necessary, to confirm the effectiveness of the controls in place.

1.2 Audit Objectives and Scope

The internal audit assessed the adequacy and effectiveness of internal controls in operation. Weaknesses were brought to the attention of management and advice issued on how particular problems may be resolved and control improved to minimise future occurrence. The internal audit sought to provide reasonable assurance over the following areas: Budgetary Control

• Budgetary control policies and procedures have been established and communicated to all relevant members of staff;

• Roles and responsibilities in relation to budgetary control have been established; • A budget setting process is in place with approval by the Authority; • When considering budget setting, controls are in place to ensure compliance with the Prudential

Code; • Timely information about actual income/expenditure against budgeted income/expenditure is

available to budget holders; • Arrangements are in place for budget monitoring and follow-up by budget holders and management; • Budget information is provided to management in a timely manner to provide a sound basis for

control and decision making; • There is evidence of preparation of this budget information and review by a more senior officer; • Budget profiling is used where appropriate, to make actual versus budget comparisons more

meaningful; and • Virements are documented and authorised by management.

Assets Management

• Clearly defined asset management policies and procedures including additions, disposals, impairments, transfers and maintenance of fixed assets have been established and communicated to all relevant members of staff;

• All fixed assets acquired are recorded accurately in the asset register in accordance with the fixed asset policy;

• The asset register includes enough information for each asset to be physically verified; • All fixed asset disposals and transfers are identified and the asset register amended accordingly; • The asset register accurately records depreciation charges; • The asset register is reconciled to the general ledger on a regular basis; • The asset register is secure against unauthorised access and data loss; • The asset register is capable of recording asset segments as required by IAS14; • A fixed asset verification exercise is undertaken periodically; and • Senior officers are responsible for ensuring appropriate maintenance and monitoring the

effectiveness, cost efficiency and operational use of assets. As part of the internal audit we will select a sample of assets on the fixed asset register to confirm existence. We will also select a sample of assets and confirm that they are included on the fixed asset register.


Outsourced Payroll • Payroll policies and procedures have been established and communicated to all relevant members

of staff; • Segregation of duties exist for payroll processes; • Payroll data sent to the outsourced payroll providers is updated promptly for starters and leavers; • Changes to payroll data (e.g. employee bank account details, addresses etc.) are submitted to the

payroll providers on a timely basis, processed accurately and are adequately controlled; • Deductions and temporary changes (e.g. overtime payments) are processed accurately and on a

timely basis; • Appropriate exception reports are prepared on a regular basis and there is evidence of their review;

and • Controls exist to ensure that the BACS payment run is an accurate reflection of data from the payroll

provider. Follow Up We will seek to assess progress made in implementing the outstanding recommendations from the Financial Systems Internal Audit Report issued by Deloitte in 2012/13.

1.3 Key Findings

Budgetary Control The Financial Regulations provide information on budget setting and monitoring. There is a Budget Amendments procedure in place which details the process of adjusting budgets. The budget setting process in place at the Authority ensures that the budget is sent to the Audit and Scrutiny Committee in January for approval. It is then recommended for approval by the Authority in February. There are 26 budget holders at the Authority and they receive budget information on a monthly basis. The finance system (Agresso) automatically generates budget reports which are sent to all budget holders via email. These reports provide a detailed breakdown of all income/expenditure against budgeted income/expenditure. The Finance Manager monitors budget variances and queries them with the relevant budget holder. It is the Finance Managers responsibility to understand the reasons behind budget variances as she prepares the quarterly Budget Monitoring Reports which go to Audit and Scrutiny Committee. Agresso also generates summary budget reports. A member of the finance team will add notes to these reports detailing where action is required and the reasons for the variances. This report is then presented to management during monthly meetings and discussed. As detailed in the Budget Amendments procedure notes, a Budget Adjustment Request Form should be completed and appropriately authorised prior to a virement being processed. Testing undertaken on virements suggests that they are not always authorised. We have identified one medium priority issue which we consider requires management’s attention and provides scope for improvements to be made. This is in relation to the authorisation of virements. In addition we have raised one low priority recommendation concerning a minor issue which nevertheless need to be addressed. Detailed findings are set out in the “Observations and Recommendations” section. Outsourced Payroll Payroll services are provided to the Authority by Cardiff Payroll. There is a payroll policy in place at the Authority which gives detail of payroll processes. The Authority has access to the SAP Payroll System to enter hours submitted via timesheet and make some changes to payroll data. Cardiff Payroll is responsible for calculating the amounts to be paid each month, factoring in any deductions or temporary changes. The Authority is notified of the amount to be paid each month and gives Cardiff


Payroll authorisation to run the payment. From our testing, we have not identified any issues with the BACS payment run process. From our testing we have not identified any issues with the system being updated for starters and leavers, changes to payroll data, deductions and temporary changes. Exception reports are not in use at the Authority. A recommendation has been raised in relation to this. We have identified one medium priority issue which we consider requires management’s attention and provides scope for improvements to be made. This is in relation to exception reports. Detailed findings are set out in the “Observations and Recommendations” section. Asset Management The Financial Regulations provide information around fixed assets and their disposal. However, there is no fixed assets procedure note in place which details the procedures in relation to additions, impairments, transfers and maintenance of fixed assets. The asset register is compiled at the end of each financial year and details asset numbers and descriptions of assets. During our testing we found that the asset register did not contain enough information to physically verify most of the assets. The Finance Manager informed us that there have been no assets acquired to date this financial year. There are 58 assets included on the asset register that still have a useful life remaining. From our testing of depreciation charges, no issues have been noted. The asset register is only accessible by members of the Finance Department. The register is reconciled at year end to the General Ledger. Fixed asset verifications take place annually and provide the opportunity for the operational use of assets to be confirmed along with any maintenance needs. These verifications are only carried out for assets that have a useful life remaining. From our verification of fixed assets, we identified that from a sample of five assets included on the asset register, three had been disposed of in previous years. We have identified four medium priority issues which we consider require management’s attention and provide scope for improvements to be made. These concerned asset identification, procedure notes, updating the asset register for disposals and reviewing assets included on the asset register. Detailed findings are set out in the “Observations and Recommendations” section. Follow up review We followed up progress made in implementing the six recommendations identified in the Financial Systems report issued by Deloitte in 2012/13. We are pleased to report that four of the six prior year recommendations have been implemented and one will not be re-raised. One recommendation has been partially implemented. The findings are detailed in the “Follow Up of Prior Year Recommendations” section.


1.4 Conclusion

Based on the work undertaken as detailed in the “Audit Objective and Scope” section, our overall assessment is that the classification of assurance that can be taken in respect of each area is:

Budgetary Control

Asset Management

Outsourced Payroll

Management should be aware that our internal audit work was performed according to Public Sector Internal Audit Standards (PSIAS) which are different from internal audits performed in accordance with International Standards on Auditing (UK and Ireland) issued by the Auditing Practices Board. Similarly, the assurance classifications provided in our internal audit report are not comparable with the International Standard on Assurance Engagements (ISAE 3000) issued by the International Audit and Assurance Standards Board. Our internal audit testing was performed on a judgemental sample basis and focussed on the key controls mitigating risks. Internal audit testing is designed to assess the adequacy and effectiveness of key controls in operation at the time of an audit. Definitions of the assurance classifications and recommendation classifications used in this internal audit report are provided in Appendix A.

1.5 Restriction of Use

We wish to draw to your attention that this report may only be used in accordance with our contract and may not be made available to third parties, except as may be required by law.

1.6 Acknowledgement

We would like to thank the staff who participated in this internal audit for their assistance and co-operation.


2. Observations and Recommendations

2.1 Budgetary Control: Authorising Virements – Medi um Priority

Recommendation Rationale Priority

It is recommended that Budget Adjustment Request Forms are not accepted by the Finance Department if they have not been appropriately authorised.

We identified that from a sample of three of 36 Budget Adjustment Request Forms tested that only two had been signed.

There is a risk that unauthorised virements are processed.

Management Response Responsibility/ Deadline

All budget adjustments are discussed with budget holders and senior management as required. Earlier in the year a small number of forms were not signed off by the relevant budget holder. Signatures have been obtained for these.

Accounting Technician

Completed


2.2 Budgetary Control: Reviewing Policies and Proce dures – Low Priority


It is recommended that policies and procedures are reviewed periodically and that the date of next review is stated on them.

We identified that the Budget Amendments Policy is not reviewed periodically.

There is a risk that policies and procedures may not be up to date if they are not periodically reviewed.


Policies and procedures will be reviewed, although due to other priorities this may not take place until the completion of the Statement of Accounts.

Finance Manager 1/10/14


2.3 Payroll: Exception Reports – Medium Priority


It is recommended that the Authority requests a monthly payroll exception report from Cardiff Payroll and that this is checked and signed prior to payroll payments being made.

We identified that the Authority does not currently receive exception reports for monthly payroll. For example, a report detailing change in pay from the previous month by more than 10%.

There is a risk that monthly changes to payroll amounts are not monitored.


Cardiff Council has now set up an exception report, starting with the March payroll, which can be accessed as part of the monthly payroll routines. Finance staff will run the report and pull out a list of all variances over 10%. This will be passed to HR to confirm against changes input into SAPS system.

Finance/HR, w.e.f. 31 March 2014.


2.4 Fixed Assets: Asset Identification – Medium Pri ority


It is recommended that items included in the fixed asset register are marked with an asset barcode and the asset barcode number be included on the fixed asset register.

If this was considered impractical for certain types of assets, the fixed asset register should be updated with more detailed descriptions and location information to support identification of the assets.

Inventory listings should include information to help make items uniquely identifiable, such as including the serial numbers for electronic equipment.

We identified from a sample of five assets included in the fixed asset register, that the descriptions were not very detailed, and did not allow assets to be unique identifiable or provide enough detail on their location.

We also noted that the Authority maintains inventory listings for items under £10,000. These provide detail on the owner and location of assets, but do not include information for assets to be uniquely identifiable (eg by including serial numbers of electronic equipment.)

There is a risk that items on the fixed asset register and inventory listings may not be easily identifiable.


The asset listing held in Finance for accounting purposes will be reviewed to ensure all assets have a sufficiently detailed description/location to enable verification by non-specialist staff. All fully-depreciated items will be removed from the record. Departments will review inventory information and ensure it is complete up to date and sufficient to enable each item to be individually verified.

Finance Manager, Directors

30/6/2014.


2.5 Fixed Assets: Procedure Notes – Medium Priority


It is recommended that a fixed assets procedure document is created to include clear procedures in relation to additions, disposals, impairments, transfers and maintenance.

We identified that the Authority does not have procedure documents in place in relation to the addition, impairment, transfer and maintenance of fixed assets.

There is a risk that correct procedures may not be followed if the processes are not clearly defined, for example if key finance staff are absent for a prolonged period of time. This may result in the balance sheet being misstated in the annual accounts.


Procedures will be drafted by the Finance Manager in consultation with Directors, and communicated to staff with responsibility for property and equipment.


30 June 2014


2.6 Fixed Assets: Disposal Dates – Medium Priority


It is recommended that the fixed asset register is updated to clearly show whether assets within the fixed assets register have been disposed of.

From a sample of five assets on the fixed asset register, the Finance Manager confirmed that three equipment assets had been disposed of by the Authority.

There is a risk that the fixed asset register does not correctly show the assets owned by the Authority.


Disposal information will be included on the asset register held in Finance for all future disposals

All Inventory records will include the disposal date of property and equipment disposed of since the previous update.

Finance Manager, Directors – 30/6/14


2.7 Fixed Assets: Reviewing Assets – Medium Priorit y


It is recommended that fixed asset verification is carried out for all assets included on the fixed asset register, including checking to ensure the assets are in good working order.

We identified that the Impairment of Assets form is completed for assets that are recorded as having a remaining useful life, and as a result only these assets are reviewed and physically verified on an annual basis. There is no physical verification of assets that are included on the asset register but have no useful life remaining. Assets that have no useful life remaining such as asset C027 ‘Talgarth – bridge’ are not therefore covered by this assessment, and yet may still be in use but not checked to be in good working order.

There is a risk that the Authority may not be aware of assets that are not in good working order. There is also a risk that portable assets may go missing and this will not be discovered.


Property in the Finance asset register will be verified and checked as part of the implementation of recommendation 2.4. Individual Managers are responsible for reporting any impairments in assets for the annual statement of accounts and will be asked to provide additional details to identify assets where required.

Inventory listings for property and equipment below £10,000 will include a requirement for a named individual to check that items are in good repair and still in use.


By 30 June 2014.


3. Follow Up of Prior Year Recommendations

Recommendations that have been implemented or will not be re-raised are shaded in grey.

Original Recommendation

Original Agreed Management Action

Current Finding

Updated Agreed Management Action, Responsibility and

Timetable

3.1 It is recommended that a policy is introduced in respect of bank reconciliations whereby they are prepared and authorised within ten working days of month end.

Priority: Medium

Bank reconciliations are complete to end of February. During installation of new system, we had a delay while Carmarthen provided training and set-up bank reconciliation process, which is much more automated on the new software but required initial set-up. This caused a delay in completing the November and December bank reconciliations. The section has a target to produce Bank reconciliations within 10 working days of the month end.

Responsible Officer: Finance Manager

Implementation Date: Complete

We understand the new process to be that bank reconciliations are prepared and authorised within 10 working days of the month end. From our sample testing of bank reconciliations, no issues have been noted.

Recommendation implemented

Not applicable – recommendation implemented.




Current Finding


Timetable

3.2 It is recommended that cash flow forecasts are prepared and considered at least on a quarterly basis.

Priority: Medium

A cash flow forecast will be produced should any further commitment be made to invest in fixed-term investments (current bond is due to expire in April). The authority’s historical cash surplus means that the risk attached to cashflow shortfalls has been assessed as low and thus resources have not been devoted to frequent cashflow forecasting. A review of projected cashflows will be undertaken at least annually and reported to Audit and Scrutiny. A decision can then be made regarding the need for more frequent cashflow forecasts if the risk of negative cashflows is perceived to be increasing.


Implementation Date: By next Audit and Scrutiny meeting

The Finance Manager informed us that quarterly cash flow forecasts are not considered necessary and that an annual cash flow forecast is considered reasonable. We obtained the cash flow forecast for 2014/15, prepared in February 2014 to support the annual treasury management and borrowing approval report to the Authority, and consider this recommendation to me implemented.

Recommendation implemented.





Current Finding


Timetable

3.3 It is recommended that the Authority considers the services of other banking institutions when considering fixed term savings e.g. One year bonds.

Priority: Low

Banking services to the authority are a single package with substantial savings from free banking being offset against lower investment returns. Some comparative information may be available from another authority on banking costs and returns due to a recent tendering exercise. This could be reviewed for value-for-money purposes.


Implementation Date: After accounts close down

The Authority decided to continue using the services of their current banking institution in order to continue receiving free banking.

Recommendation will not be re-raised.

Not applicable – recommendation will not be re-raised.

3.4 It is recommended that procedure notes are provided for non-HQ staff.

Priority: Low

Procedure notes relating to cash banking at the centres, particularly for lone staff, will be reviewed by staff responsible for Centre Management

Responsible Officer: Commercial Manager/Director of Countryside and Land

Implementation Date: May 2013

A Centres Banking Procedures document is now in place.






Current Finding


Timetable

3.5 It is recommended that the Authority performs an annual review of fees and charges.

Priority: Low

The Authority has a policy whereby Directors review charges annually and consider whether they need to be amended. Directors will then report to Members if changes need to be made to fees and charges and ensure that the authority complies with Regulations and Guidance.

Directors will review their Department’s charges and consider whether changes need to be made within one year of the previous review

Responsible Officer: Departmental Directors

Implementation Date: Annually

A review of room hire charges has taken place and this was discussed and agreed with the Democratic Services Team on 01/02/2013.

The Director of Planning informed us that a review of pre-application services fees has not taken place in the last year as the last review took place in March 2012.

Recommendation partially implemented.

Planning pre-app fees review was completed in March. Directors will ensure an annual review of fees and charges takes place in each Department.

3.6 It is recommended that procedure notes are prepared for the BACS income accounting process.

Priority: Low

These will be prepared. There are already detailed guidance notes on accounting for BACS income but the summary of the procedure has not been updated following the transfer to the new finance system.


Implementation Date: May 2013

The Finance Manager informed us that the new finance system was put in place 1 October 2012. The BACS Income Procedure was updated following this in January 2013.



Brecon Beacons National Park Authority – Internal A udit 2013/14 – Financial Systems Private & Confidential ©2014 Deloitte LLP 16

Appendix A – Reporting Definitions Audit Assurance We have four categories by which we classify internal audit assurance over the systems we examine: Full, Substantial, Limited or None which are defined as follows:

Assurance Level Evaluation and Testing Conclusion

The controls tested are being consistently applied.

There is a sound system of internal control designed to achieve the system objectives.

There is evidence that the level of non-compliance with some of the controls may put some of the system objectives at risk.

While there is a basically sound system of internal control, there are weaknesses, which put some of the system objectives at risk.

The level of non-compliance puts the system objectives at risk.

Weaknesses in the system of internal controls are such as to put the system objectives at risk.

Significant non-compliance with basic controls leaves the system open to error or abuse.

Control is generally weak leaving the system open to significant error or abuse.

The assurance gradings provided here are not comparable with the International Standard on Assurance Engagements (ISAE 3000) issued by the International Audit and Assurance Standards Board and as such the grading of ‘Full Assurance’ does not imply that there are no risks to the stated control objectives. Grading of Recommendations In order to assist management in using our reports, we categorise our recommendations according to their level of priority as follows:

Priority Level Definition

Recommendations which are fundamental to the system and upon which the organisation should take immediate action;

Recommendations which, although not fundamental to the system, provide scope for improvements to be made; and

Recommendations concerning issues which are considered to be of a minor nature, but which nevertheless need to be addressed.


Appendix B – Staff Interviewed Elaine Standen Finance Manager Elizabeth Lewis HR Officer Rhys Davies IT Officer Delyth Stephens Finance Officer


Appendix C – Terms of Reference Internal Audit: Financial Systems Commencement: 16 December 2013 Budget: 6 days Auditor: Lauren Parsons Key contact(s): Elaine Standen – Finance Manager

Agreed with: Elaine Standen – Finance Manager Report distribution:

• Chief Executive • Audit and Scrutiny Committee • Section 151 Officer • Finance Manager • Responsible Officer(s)

Introduction This internal audit forms part of the delivery of the approved internal audit plan for 2013/14. Objectives The internal audit will assess the adequacy and effectiveness of internal controls in operation. Weaknesses and unnecessary controls will then be brought to the attention of management and advice issued on how particular problems may be resolved and controlled. The internal audit will seek to provide reasonable assurance over the following areas: Budgetary Control

• Budgetary control policies and procedures have been established and communicated to all relevant members of staff;

• Roles and responsibilities in relation to budgetary control have been established; • A budget setting process is in place with approval by the Authority; • When considering budget setting, controls are in place to ensure compliance with the Prudential

Code; • Timely information about actual income/expenditure against budgeted income/expenditure is available

to budget holders; • Arrangements are in place for budget monitoring and follow-up by budget holders and management; • Budget information is provided to management in a timely manner to provide a sound basis for control

and decision making; • There is evidence of preparation of this budget information and review by a more senior officer; • Budget profiling is used where appropriate, to make actual versus budget comparisons more

meaningful; and • Virements are documented and authorised by management.

Assets Management

• Clearly defined asset management policies and procedures including additions, disposals, impairments, transfers and maintenance of fixed assets have been established and communicated to all relevant members of staff;

• All fixed assets acquired are recorded accurately in the asset register in accordance with the fixed asset policy;

• The asset register includes enough information for each asset to be physically verified; • All fixed asset disposals and transfers are identified and the asset register amended accordingly; • The asset register accurately records depreciation charges; • The asset register is reconciled to the general ledger on a regular basis; • The asset register is secure against unauthorised access and data loss;


• The asset register is capable of recording asset segments as required by IAS14; • A fixed asset verification exercise is undertaken periodically; and • Senior officers are responsible for ensuring appropriate maintenance and monitoring the

effectiveness, cost efficiency and operational use of assets. As part of the internal audit we will select a sample of assets on the fixed asset register to confirm existence. We will also select a sample of assets and confirm that they are included on the fixed asset register. Outsourced Payroll

• Payroll policies and procedures have been established and communicated to all relevant members of staff;

• Segregation of duties exist for payroll processes; • Payroll data sent to the outsourced payroll providers is updated promptly for starters and leavers; • Changes to payroll data (e.g. employee bank account details, addresses etc.) are submitted to the

payroll providers on a timely basis, processed accurately and are adequately controlled; • Deductions and temporary changes (e.g. overtime payments) are processed accurately and on a

timely basis; • Appropriate exception reports are prepared on a regular basis and there is evidence of their review;

and • Controls exist to ensure that the BACS payment run is an accurate reflection of data from the payroll

provider. Follow Up We will seek to assess progress made in implementing the outstanding recommendations from the Financial Systems Internal Audit Report issued by Deloitte in 2012/13. Methodology The internal audit work will be carried out by discussion with appropriate staff, review of documents and testing, as necessary, to confirm the effectiveness of the controls in place. The internal audit shall be carried out with due awareness of the risks of fraud and corruption in the processes under examination however it cannot be relied on to identify all fraud and corruption risks. When the internal audit work has been completed, the findings and any recommendations made will be discussed at a pre-arranged exit meeting. Reporting A draft report will be issued within 15 working days from the exit meeting to which the auditee will be asked to formally respond. A final report will be issued when all responses have been received and any outstanding issues addressed.


Appendix D – Statement of Responsibility We take responsibility for this report which is prepared on the basis of the limitations set out below.

The matters raised in this report are only those which came to our attention during the course of our internal audit work and are not necessarily a comprehensive statement of all the weaknesses that exist or all improvements that might be made. Recommendations for improvements should be assessed by you for their full impact before they are implemented. The performance of internal audit work is not and should not be taken as a substitute for management’s responsibilities for the application of sound management practices. We emphasise that the responsibility for a sound system of internal controls and the prevention and detection of fraud and other irregularities rests with management and work performed by internal audit should not be relied upon to identify all strengths and weaknesses in internal controls, nor relied upon to identify all circumstances of fraud or irregularity. Auditors, in conducting their work, are required to have regards to the possibility of fraud or irregularities. Even sound systems of internal control can only provide reasonable and not absolute assurance and may not be proof against collusive fraud. Internal audit procedures are designed to focus on areas as identified by management as being of greatest risk and significance and as such we rely on management to provide us full access to their accounting records and transactions for the purposes of our audit work and to ensure the authenticity of these documents. Effective and timely implementation of our recommendations by management is important for the maintenance of a reliable internal control system.

Deloitte LLP

Cardiff

April 2014

In this document references to Deloitte are references to Deloitte LLP. Deloitte LLP is a limited liability partnership registered in England and Wales with registered number OC303675 and its registered office at 2 New Street Square, London EC4A 3BZ, United Kingdom. Deloitte LLP is the United Kingdom member firm of Deloitte Touche Tohmatsu Limited (“DTTL”), a UK private company limited by guarantee, whose member firms are legally separate and independent entities. Please see www.deloitte.co.uk/about for a detailed description of the legal structure of DTTL and its member firms.

Brecon Beacons National Park Authority Assurance Rating...

Documents

Transcript of Brecon Beacons National Park Authority Assurance Rating...