Audit Committee Handbook - Scottish Government

AUDIT COMMITTEE HANDBOOK:
Guidance for audit committee members in
the core Scottish Government

AUDIT COMMITTEE HANDBOOK:
Guidance for audit committee members in
the core Scottish Government
The Scottish Government, Edinburgh July 2008

AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
© Crown copyright 2008
ISBN: 978-0-7559-1783-9
The Scottish Government
St Andrew’s House
Edinburgh
EH1 3DG
Produced for the Scottish Government by RR Donnelley B55712 07/08
Published by the Scottish Government, July, 2008

CONTENTS
CONTENTS
Foreword v
Part 1: Accountability, audit and governance arrangements in the Scottish Government 1
Part 2: Operation of core Scottish Government audit committees 3
Annex A Facets of Accountability and Governance in the Scottish Government 11
Annex B Map of Accountability in the Scottish Government 12
Annex C Scottish Government Corporate Governance Framework 13
Annex D Core Scottish Government Audit Committee Competency Framework 14
Annex E Model letter of appointment to serve as a member of a portfolio audit committee 15
Annex F Model terms of reference for portfolio audit committees 17
Annex G Key lines of enquiry for an audit committee 23
Annex H Scottish Government Assurance Framework 26
Annex I Scottish Government Certificates of Assurance Map 27
Annex J The role of the chair in core Scottish Government Audit Committees:
Good Practice 28
Annex K Committee support: good practice 30
Annex L Shell annual report from PACs to SGAC 31
Page
iii

iv
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government

FOREWORD
FOREWORD
Corporate governance is about the way organisations are directed and controlled. It is concerned with
structures and processes for decision-making, accountability, control and behaviour at the upper levels of
the organisation. Three fundamental principles of corporate governance apply equally to all public sector
bodies – openness, integrity and accountability. However, for central government organisations, there is a
separation of roles between the legislature (Parliaments) and the Crown (Ministers and the politically
impartial role of civil servants).
Good practice in relation to corporate governance requires that an organisation should be independently
advised by an audit committee. The organisational structure of the Scottish Government has led to the
establishment of the overarching Scottish Government Audit Committee (SGAC) with additional audit
committees supporting Portfolio Accountable Officers. Taken together these audit committees cover the
core Scottish Government. For the purpose of this guidance, Portfolio Audit Committees include the audit
committee of the Crown Office and Procurator Fiscal Service.
This guidance is designed to provide – within the context of the Scottish Government Audit Committee
Handbook* – the non-executive members of SGAC and Portfolio Audit Committees with relevant background
information about the Scottish Government and detailed information and guidance on the role, membership
and work of their committees.
Securing good governance is essential to the Government in Scotland and we commend this guidance
to you.
Sir John Elvidge Alyson Stafford
Permanent Secretary for the Director of Finance for the
Scottish Government Scottish Government
*The Scottish Government Audit Committee Handbook draws on, and is consistent with, generally accepted principles concerning
corporate governance and the role of audit committees. Relevant source publications include:
HM Treasury’s Audit Committee Handbook (March 2007)
HM Treasury’s Corporate Governance Code for Central Government Departments (July 2005)
Financial Reporting Council’s Combined Code on Corporate Governance (June 2006)
Scottish Public Finance Manual
On Board: A Guide for Board Members of Public Bodies in Scotland (February 2003)
v

vi
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government

PART 1. ACCOUNTABILITY, AUDIT AND GOVERNANCE ARRANGEMENTS IN THE SCOTTISH GOVERNMENT
PART 1:
ACCOUNTABILITY, AUDIT AND GOVERNANCE
ARRANGEMENTS IN THE SCOTTISH GOVERNMENT
Accountability
1.1 Normally the head of a government organisation is also appointed as the Accountable Officer (AO).
The AO is individually and personally accountable for achieving good value for money, regularity and
propriety in the administration and operation of the organisation, and securing Best Value (see the
Scottish Public Finance Manual (SPFM) sections on Accountability and Best Value for more details).
1.2 There is no legal or statutory corporate structure to senior management in the Scottish Government
– unlike the private sector in which the directors are individually and severally accountable and liable
for the decisions of the Board. Management Boards in the Scottish Government (e.g. the Strategic
Board and Scottish Government Executive Agency Management Boards) are essentially tools of the
relevant AO and are more akin to private sector ‘Executive Committees’ than to private sector
Boards. Although authority is delegated by the AO to other senior managers, the responsibilities of
an AO cannot be delegated or shared.
1.3 The Principal Accountable Officer (the Permanent Secretary) and AOs designated by him/her are
held to account by the Parliament through the Parliament’s Audit Committee, usually in response to
reports prepared by the Auditor General for Scotland (AGS). Similarly, any accounts and associated
statements that AOs prepare are laid before the Parliament. There is no direct equivalent of the private
sector annual shareholders meeting at which the Board is held to account by the shareholders.
1.4 An important boundary to the responsibility of the AO lies in the area of policy formulation. There is
a separation between the policy decisions made by the responsible Minister and the policy advice
provided by the AO. If the AO considers a decision made by the Minister would breach the
requirements of the AO’s duties and if the Minister does not accept the AO’s advice, the AO must
seek a written instruction to proceed from the Minister, with a copy being sent to the AGS and the
Parliament’s Audit Committee. Ministers are held to account by the Parliament through the relevant
subject Committee. This contrasts with the private sector arrangements whereby the Board will
normally be accountable for all aspects of policy decisions.
1.5 AOs appoint non-executives to serve on their audit committees. In the private sector non-executives
have a clearly defined role of acting as a ‘check’ on the executive, while also having a liability for the
corporate actions of the Board. As the core Scottish Government and its Executive Agencies have no
comparable corporate Board structure, non-executives are more like external advisors or consultants.
Their role is to provide an effective ‘assurance and challenge’ function to the executive.
1

2
Audit
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
1.6 AOs of organisations that publish annual accounts are required to make suitable provision for
internal audit in accordance with the Government Internal Audit Standards. That provision may be
made through an in-house team or the function may be bought in under contract. The Scottish
Government’s Internal Audit Division provides the internal audit service for the core Scottish
Government – and some of its Executive Agencies.
1.7 The AGS is responsible for securing the external audit for the core Scottish Government and its
Executive Agencies and he/she is served in this by Audit Scotland. The AGS is appointed by the
Crown on the recommendation of the Parliament, but is independent of both the Scottish
Government and the Parliament – see the AGS: Auditors and Examiners section of the SPFM for
more details. There is consequently no role for the core Scottish Government audit committees in
recommending the appointment of external auditors. As well as certification of the relevant
accounts, the AGS may investigate the circumstances in which Ministers have issued written
instructions to AOs, and may choose to conduct value for money studies into the activities and
operations of relevant organisations.
Governance
1.8 Although the core Scottish Government and its Executive Agencies have no formal corporate structure,
AOs are required to make governance statements (a Statement on Internal Control) alongside the
accounts for which they are directly responsible. These are supported by a certificates of assurance
process. Detailed guidance on the requirement for governance statements can be found in the SPFM
sections on Statement on Internal Control and Certificates of Assurance and is supported by
strategic guidance on the implementation of business risk management processes – see the SPFM
section on Risk Management for details.
1.9 Although there are similarities between governance statements in central government and in the
private sector, there are subtle but significant differences. While both are designed to deliver
assurance that assets are protected and robust processes are in place for assessing and managing
business risks, in the private sector these focus on maximisation of shareholder value, while those in
the Scottish Government focus on delivering public service objectives (within the policy set by
Ministers), value for money, regularity and propriety. The Scottish Government has also committed
itself to delivering better public services through adherence to the principles of Best Value.
Mapping
1.10 Diagrams setting out the Facets of Accountability and Governance in the Scottish Government,
the Map of Accountability in the Scottish Government and the Scottish Government Corporate
Governance Framework are provided respectively at Annex A, Annex B and Annex C.

PART 2: OPERATION OF CORE SCOTTISH GOVERNMENT AUDIT COMMITTEES
PART 2:
OPERATION OF CORE SCOTTISH GOVERNMENT
AUDIT COMMITTEES
Role of Core Scottish Government Audit Committees
2.1 The organisational structure of the Scottish Government has led to the establishment of an over-arching
audit committee, i.e. the Scottish Government Audit Committee (SGAC) with additional committees
covering, essentially, the separate Scottish Cabinet portfolios. Taken together these audit committees
cover the core Scottish Government. Audit committees do not have any executive responsibilities
although they may draw attention to strengths and weaknesses in control and make suggestions on
how weaknesses might be addressed.
2.2 The audit committees support the Principal/Portfolio Accountable Officers by reviewing the
comprehensiveness of assurances provided to the Accountable Officers, and reviewing the reliability
and integrity of these assurances. Assurances draw attention to those aspects of risk management,
governance and internal control that are functioning effectively and, just as importantly, those that
need to be improved.
Linkage to Audit Committees in Executive Agencies and Sponsored Bodies
2.3 Audit committees in Scottish Government Executive Agencies, non-ministerial Executive Agencies
and bodies sponsored by the Scottish Government exist essentially to service the specific assurance
needs of their Accountable Officers and Boards. However, they also have a role in providing the
assurance required to underpin the Statement on Internal Control provided by the Principal Accountable
Officer alongside the consolidated accounts of the Scottish Government.
2.4 An audit committee in an Executive Agency or sponsored body is therefore required to notify the
relevant Portfolio Audit Committee if it considers that it has identified a significant problem which
may have wider implications. In non-ministerial Executive Agencies and sponsored bodies that are
not included in the consolidated accounts of the Scottish Government (i.e. outwith the Scottish
Government accounting boundary) only relevant issues relating to the ‘sponsorship’ role need to be
notified. Portfolio Audit Committees will in turn report relevant issues to SGAC.
Scottish Government Audit Committee
2.5 SGAC supports the Permanent Secretary in his/her role as the Principal Accountable Officer for the
Scottish Administration. In that role the Permanent Secretary appoints Accountable Officers for parts
of the Scottish Administration – including Portfolio Accountable Officers – and signs the
consolidated accounts of the Scottish Government. SGAC provides assurance to the Principal
Accountable Officer on risk, control and governance through a process of constructive challenge
and review.
3

4
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
Portfolio Audit Committees
2.6 The purpose of Portfolio Audit Committees (PACs) is to support Portfolio Accountable Officers – and
through them the Principal Accountable Officer – with regard to their responsibilities for issues of
risk, control and governance and associated assurance through a process of constructive challenge
and review. PACs report to SGAC.
2.7 The Principal Accountable Officer retains Accountable Officer responsibility for the core Scottish
Government’s administration costs (except with regard to the Crown Office and Procurator Fiscal
Service). These costs fall within the remit of the Corporate Audit Committee (which is one of the
PACs). In respect of finances the other PACs are concerned only with programme costs.
Administration costs are the resources consumed in providing services (e.g. staffing,
accommodation, office services) while programme costs are essentially all other expenditure,
including grants (i.e. support for NDPBs, local authorities, etc.).
Membership
2.8 The core Scottish Government audit committees must be independent and objective. In addition
each member should have a good understanding of the objectives and priorities of the Scottish
Government/Portfolio and their role as an audit committee member. The core Scottish Government
audit committees must have at least three members. All members must be non-executives.
Non-executives cannot be Scottish Government employees.
2.9 The Chairs of PACs should also be non-executive members of relevant Boards (e.g. the Programme
Board) in order to promote and maintain understanding and knowledge sharing.
Skills and Training
2.10 The core Scottish Government audit committees are charged with ensuring that the Principal/Portfolio
Accountable Officers gain the assurance they need on risk management, governance and internal
control. They need to have a range of skills and experience relevant to various aspects of risk,
governance and control. Because of the importance of financial management and financial reporting,
at least one member of each committee should have recent and relevant financial experience. This
experience should be sufficient to allow them to engage competently with the financial
management and reporting arrangements in the Scottish Government, and the associated
assurances. The audit committee should identify, and agree with the Principal/Portfolio Accountable
Officer, the other skills required for committee effectiveness. These identified skills should inform the
choice of members of the committee. The required skills set should be periodically reviewed. A
competency framework for core Scottish Government Audit Committees is set out in Annex D.
2.11 All core Scottish Government audit committee members will have training and development needs.
Recently appointed members will receive induction training, either to help them understand their
role, or if they have audit committee experience elsewhere, to provide relevant information about
the Scottish Government/Portfolio. In particular, those joining a public sector audit committee for
the first time will receive guidance about public sector standards, especially those relating to
governance and accountability.

PART 2: OPERATION OF CORE SCOTTISH GOVERNMENT AUDIT COMMITTEES
2.12 As the audit committee may be the only contact some members have with the Scottish Government,
such members will have to make particular efforts to obtain and maintain appropriate understanding
of the organisation. This is vital if they are to make a meaningful contribution to the audit
committee’s business.
Conflicts of Interest
2.13 Normally the process for recording declarations of conflicts of interests in the core Scottish Government
audit committees should mirror the processes used at Strategic Board level. Each member of an audit
committee should take personal responsibility to declare pro-actively any potential conflict of interest
arising out of business on the committee’s agenda or from changes in the member’s personal
circumstances. The Chair of the committee should then determine an appropriate course of action
with the member. For example, the member might simply be asked to leave while a particular item of
business is taken; or in more extreme cases the member could be asked to give up their membership.
If it is the Chair who has a conflict of interest, the relevant Accountable Officer should ask another
member of the committee to lead in determining the appropriate course of action. A key factor in
determining the course of action will be the likely duration of the conflict of interest: a conflict likely
to endure for a long time is more likely to suggest that the member should resign.
Terms of Appointment
2.14 The terms of appointment of members of core Scottish Government audit committees should be
clearly set out at the time of appointment. A model letter of appointment to serve as members of
PACs is provided at Annex E. Independent external members are not subject to the full public
appointments process. Appointments may be terminated, without notice, if attendance is considered
unsatisfactory.
Terms of Reference
2.15 The scope of an audit committee’s work should be defined in its Terms of Reference, and encompass
all the assurance needs of the Principal/Portfolio Accountable Officer. The SGAC agrees its own
Terms of Reference consistent with good practice principles and clears Terms of Reference for PACs.
Model Terms of Reference for PACs are provided at Annex F. Some key lines of enquiry members
might wish to pursue are set out at Annex G.
2.16 Appendix 2 to the model Terms of Reference includes a suggested core work programme for PACs.
The actual agenda and timing of meetings are, however, matters for the PAC Chairs. The work
programme for the Crown Office and Procurator Fiscal Service (COPFS) PAC would, of course, have
to reflect the need for it to consider matters relating to the COPFS accounts and statement on
internal control.
Attendance by Officials
2.17 The Principal Accountable Officer should attend all meetings of the SGAC together with the Scottish
Government’s Head of Internal Audit, the Scottish Government Director of Finance and a
representative from Audit Scotland. Portfolio Accountable Officers should attend all meetings of
relevant PACs together with representatives from Internal Audit Division, Audit Scotland and
Finance. Other officials should attend audit committee meetings as and when required.
5

6
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
Meetings
2.18 SGAC and PACs must meet at least four times per year. A minimum of 2 members of the committees
must be present for the meetings to be deemed quorate.
Risk Management
2.19 The management of risk should be assessed at every full meeting of SGAC and PACs by a detailed
review of risk management arrangements in relevant areas of responsibility. In the case of PACs this
will include satisfying themselves that relevant Directorates are following the risk management
guidance in the SPFM.
2.20 Overall assurance with regard to risk management is unlikely to be capable of expression in a single
phrase, sentence or indicator because it is highly unlikely that all risk will be equally managed.
Rather, the overall view may draw attention to areas where:
• risk is being appropriately managed (no action needed);
• risk is inadequately controlled (action needed to improve control);
• risk is over controlled (resource being wasted which could be diverted to other use); and
• there is lack of evidence to support a conclusion – and if this concerns areas material to the
operations of the organisation more audit and/or assurance work will need to be done.
Performance Management
2.21 Audit committees have no responsibilities for managing and monitoring performance. They should,
however, be assured that adequate performance management systems are in place across the
Scottish Government and within portfolios and that they are being operated effectively.
Internal Audit
2.22 The work of Internal Audit Division is the single most significant resource used by the core Scottish
Government audit committees in discharging their responsibilities. This is because the Head of
Internal Audit, in accordance with the Government Internal Audit Standards, has a responsibility to
offer an annual opinion on the overall adequacy and effectiveness of the Scottish Government’s risk
management, control and governance processes. There is consequently a major synergy between
the purpose of Internal Audit Division and the role of the core Scottish Government audit committees.
2.23 The role of the SGAC in relation to Internal Audit Division should include advising the Principal
Accountable Officer on:
• the Audit Strategy and periodic Audit Plans, forming a view on how well they support the Head
of Internal Audit’s responsibility to provide an annual opinion on the overall adequacy and
effectiveness of the Scottish Government’s risk management, control and governance processes;
• the results of Internal Audit Division work, and management response to issues raised by that work;
• the resourcing of Internal Audit Division; and
• the Terms of Reference (or equivalent) for Internal Audit Division.

PART 2: OPERATION OF CORE SCOTTISH GOVERNMENT AUDIT COMMITTEES
2.24 SGAC approves the over-arching internal audit strategy and allocation of resources. Flowing from
this periodic plans are drawn up and approved by each PAC. PACs will not routinely receive every
Internal Audit Division report, although they will receive summary information about each. A summary
of the main findings of each audit is also included in the annual Internal Audit assurance statement
provided to PACs, and it is open to PAC members to ask to see any specific reports at any time. It is
also crucial that the PACs are satisfied that management has in place appropriate procedures for
dealing with the audit reports received. Internal Audit Division provides a report to each meeting of
the various PACs on the implementation of recommendations contained within its reports. PACs
have the authority to ask Internal Audit Division to undertake or revisit programmes of work.
External Audit
2.25 Although the work of External Audit (the Auditor General for Scotland (AGS)/Audit Scotland) is
primarily conducted for the benefit of the Parliament, it is still of significant benefit to the Scottish
Government. Audit Scotland’s work programme is decided by the AGS following consultation with
stakeholders, including the Scottish Government. SGAC/PACs, however, are entitled and encouraged
to raise questions about the purpose and scope of examinations and should expect Audit Scotland,
on behalf of the AGS, to provide a full explanation.
2.26 As well as considering the results of external audit work, the core Scottish Government audit committees
should enquire about and consider Audit Scotland’s planned approach and the way in which Audit
Scotland is co-operating with Internal Audit Division to maximise overall audit efficiency, capture
opportunities to derive a greater level of assurance and minimise unnecessary duplication of work.
Finance
2.27 It is not a function of core Scottish Government audit committees to manage or monitor budgets
but they should be satisfied that proper systems are in place to do so.
Financial Reporting
2.28 Only SGAC and the PAC for the Crown Office and Procurator Fiscal Service within the core Scottish
Government will have a role in reviewing annual accounts in order to advise the Accountable Officer.
They will not, however, be able to review the accounts in detail and in reaching a view on the
accounts the following should be considered:
• key accounting policies and disclosures;
• assurances about the financial systems which provide the figures for the accounts;
• the quality of the control arrangements over the preparation of the accounts;
• key judgements made in preparing the accounts; and
• any disputes arising between those responsible for preparing the accounts and the auditors.
7

8
Fraud
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
2.29 Cases of actual or attempted fraud within a PAC’s area of responsibility should be reported to the
committee for information and consideration. PACs should also consider, at least annually, whether
or not any local arrangements – as opposed to the Scottish Government corporate arrangements –
for the reporting and handling of cases of actual and suspected fraud are sufficiently robust. A report
on fraud across the Scottish Government is submitted annually to SGAC, at which point the SGAC
considers the approach to fraud in the Scottish Government as a whole.
Assurance
2.30 Core Scottish Government audit committees have a key role in the annual assurance exercise undertaken
in support of the Statement on Internal Control (SIC) provided by the Principal Accountable Officer
alongside the consolidated accounts of the Scottish Government. (See the Scottish Government
Assurance Framework at Annex H and Certificates of Assurance Map at Annex I.) PACs advise
Portfolio Accountable Officers (PAOs) on the content of the PAO assurances to the Principal Accountable
Officer. In doing so PACs must take into account all matters and intelligence falling within their remits,
including the assurances provided by relevant Directors to PAOs.
2.31 In relation to assurance core Scottish Government audit committees should constructively challenge:
• assurance providers as to whether the scope of their activity meets the assurance need of the
Principal/Portfolio Accountable Officer; and
• the actual assurances to test that they are founded on sufficient reliable evidence and that the
conclusions are reasonable in the context of the evidence.
2.32 This adds to the value and usefulness of assurances by enhancing confidence in their reliability.
Core Scottish Government audit committees should also be proactive in commissioning assurance
work from appropriate sources if they identify any significant risk, governance and control issues which
are not being subjected to sufficient review, and in seeking assurance that weaknesses identified by
reviews that have been conducted are actually remedied.
Self Assessment
2.33 Core Scottish Government audit committees should periodically review their own effectiveness using
the Audit Committee Self-Assessment Checklist adopted by SGAC and report the results of that
review to the Principal/Portfolio Accountable Officer.
Secretariats
2.34 The secretariat function could be biased if provided by Internal Audit or Finance. The SGAC secretariat
is therefore provided by the Strategy and Ministerial Support Directorate while support for PACs is
supervised by the appropriate DG Co-ordination Unit or equivalent.

Communication
PART 2: OPERATION OF CORE SCOTTISH GOVERNMENT AUDIT COMMITTEES
2.35 Core Scottish Government audit committees should ensure that they have effective communication
with the Principal/Portfolio Accountable Officer, Internal Audit Division, Audit Scotland, and other
stakeholders. In addition, the role of the Chair and provision of appropriate secretariat support are
important elements in achieving audit committee effectiveness. Good practice guidance on these
roles is provided in Annex J and Annex K.
2.36 The work of the core Scottish Government audit committees needs to be communicated appropriately
if it is to be effective. After each meeting of the audit committee minutes should be prepared,
highlighting advice to the relevant Accountable Officer and action points, and circulated to interested
parties, including Internal Audit Division and Audit Scotland. Individual PACs should ensure that
SGAC and other PACs are made aware, at the earliest opportunity, of any issues arising within its
area of responsibility that may have implications for the wider Scottish Government. Minutes of
SGAC meetings should be circulated to all members of the Scottish Government Strategic Board and
to the chairs of PACs.
Rights of Access
2.37 There should be mutual rights of access among each of the Chairs of the core Scottish Government
audit committees, the Principal/Portfolio Accountable Officer, Internal Audit Division and Audit
Scotland. Whether or not that right of access is exercised, there should be an annual bilateral meeting
between the Chair of each audit committee and each of these parties to ensure that there is a clear
understanding of expectations and mutual understanding of current issues.
Annual Reports
2.38 The SGAC should provide an annual report to the Principal Accountable Officer, timed to support
preparation of the Statement on Internal Control. This internal report needs to be open and honest
in presenting SGAC’s views if it is to be of real benefit to the Principal Accountable Officer.
2.39 The annual report should summarise the SGAC’s work for the year past, and present its opinion about:
• the comprehensiveness of assurances in meeting the Principal Accountable Officer’s needs;
• the reliability and integrity of these assurances;
• whether the assurance available is sufficient to support the Principal Accountable Officer in his/her
decision taking and accountability obligations;
• the implication of these assurances for the overall management of risk;
• any issues the SGAC considers pertinent to the Statement on Internal Control provided alongside
the Scottish Government consolidated accounts and any long term issues the committee thinks
the Principal Accountable Officer should give attention to;
• financial reporting for the year;
• the quality of both Internal and External Audit and their approach to their responsibilities; and
• the SGAC’s view of its own effectiveness, including advice on ways in which it considers it needs
to be strengthened or developed.
9

10
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
2.40 PACs should submit an annual report to the SGAC in a format and to a timetable determined by the
SGAC giving an assurance that the PAC is operating in accordance with SPFM guidance (and the
Audit Committee Handbook) and drawing the SGAC’s attention to issues that may fall within its
remit, e.g. those arising within the PAC area of responsibility which may have wider implications.
This report should include any significant problems notified to the PAC by the audit committees of
relevant Executive Agencies or sponsored bodies within their area of responsibility that may have
wider implications. PAC secretariats should therefore ensure that the audit committees of relevant
Executive Agencies and sponsored bodies are reminded of their responsibilities in this respect and,
where appropriate, should be in a position to provide a nil return. A shell annual report from PACs to
SGAC is at Annex L.

ANNEX A: FACETS OF ACCOUNTABILITY AND GOVERNANCE WITHIN THE SCOTTISH GOVERNMENT
ANNEX A:
FACETS OF ACCOUNTABILITY AND GOVERNANCE
IN THE SCOTTISH GOVERNMENT
PARLIAMENTARY FACING: ACCOUNTABILITIES
– External
– Statute driven
Accountable Officers for parts of
the Scottish Administration
Principal Accountable Officer
Accountable Officers for
Other Public Bodies
The Principal Accountable Officer designates AOs then each AO has the duty of obtaining written
authority (unfettered)
AO designation has to be for defined ‘parts’ of the administration
It is for Ministers to decide priorities for the use of resources
Parliament approves the budget for Scottish Ministers – so there is an expectation of a read across to
portfolios for any sub-division of the total budget
INTERNAL: INDIVIDUAL RESPONSIBILITIES
– Corporate Governance driven (Codes of Good Practice)
– delegations
– authority to act/spend
– line management as the vehicle (traditionally)
– different arrangements for programme and administration budgets
INTERNAL: BOARDS AND COMMITTEES
– Corporate Governance Driven
Defined
– Membership; role of non-executives
– Authority
– Decision-making
– Reporting requirements
– Assurance landscape alongside
Line Managers SGAC
X X X
11

12
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
ANNEX B:
MAP OF ACCOUNTABILITY IN THE
SCOTTISH GOVERNMENT
Scottish Ministers
Scottish Parliament
Principal
Accountable Officer
(Permanent Secretary)
Portfolio
Accountable
Officers
Executive Agency Accountable
Officers
External Reporting/Accounts
SGAC
Portfolio Audit
Committees
Executive Agency
Audit Committees
Accountable Officers in Arm’s-Length Bodies
(appointed by the Principal
Accountable Officer)
Key:
Accountability Flow
External Reporting/Accounts
Internal Reporting
Scrutiny and Challenge
Information Flow
Audit Committees in
Arm’s-Length Bodies
The Scottish Government (SG) consolidated accounts reflect the consolidated assets and liabilities and the
results of all entities within the SG ‘departmental’ accounting boundary: Cabinet Portfolios, SG Executive
Agencies, the Crown Office and Procurator Fiscal Service and Health Bodies. The departmental accounting
boundary is the term used within the HM Treasury produced Government Financial Reporting Manual (FReM)
and in this case refers to the SG and its consolidated bodies. The Crown Office and Procurator Fiscal Service,
SG Executive Agencies and individual Health Bodies also produce and publish their own annual accounts.
The SG sponsors of a number of arm’s-length bodies, including executive, advisory and tribunal
non-departmental public bodies, that do not fall within its accounting boundary. They produce and publish
their own annual accounts where appropriate. Non-ministerial Executive Agencies are also outwith the SG
accounting boundary.

Systems and frameworks which direct and control the Scottish Government
� Accountability
Principal Accountable Officer
Accountable Officers
Ministers/Scottish Parliament
Audit Committees
Control and Assurance
Systems of internal control
Arrangements for prevention and detection of fraud
Risk management
Planning, monitoring and reporting arrangements
Monitoring and reporting of overall financial position
Performance management
Behaviour
Standards of conduct, integrity and openness
Taking stock
ANNEX C: SCOTTISH GOVERNMENT CORPORATE GOVERNANCE FRAMEWORK
ANNEX C:
SCOTTISH GOVERNMENT CORPORATE
GOVERNANCE FRAMEWORK
Best Value – continuous improvement culture
Effective leadership and strategy
Corporate Governance
�
�
Scottish Ministers
Decision Making
Corporate Leadership Team
DGs/Directorates
Line Managers
13

14
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
ANNEX D:
CORE SCOTTISH GOVERNMENT AUDIT
COMMITTEE COMPETENCY FRAMEWORK
All members of the audit committee should have, or acquire as soon as possible after appointment:
• understanding of the objectives of the Scottish Government/Portfolio and current significant issues;
• understanding of the Scottish Government’s culture;
• understanding of any relevant legislation or other rules governing the Scottish Government;
• broad understanding of the government environment, particularly accountability structures and current
major initiatives.
The audit committee should corporately possess:
• knowledge/skills/experience (as appropriate and required) in:
– financial management;
– accounting;
– risk management;
– audit;
– technical or specialist issues pertinent to the core Scottish Government’s business.
• relevant management experience;
• understanding of the wider relevant environments in which the Scottish Government operates; and
• detailed understanding of the government environment and accountability structures.

ANNEX E: MODEL LETTER OF APPOINTMENT TO SERVE AS A MEMBER OF A PORTFOLIO AUDIT COMMITTEE
ANNEX E:
MODEL LETTER OF APPOINTMENT TO SERVE AS
A MEMBER OF A PORTFOLIO AUDIT COMMITTEE
APPOINTMENT AND PURPOSE
You are hereby appointed as a member of the [name] Audit Committee within the core Scottish Government.
As a member of the audit committee you are accountable to the [name] Portfolio Accountable Officer
through the Chair of the Committee. Your appointment is for (number) years from (date). This appointment
mayberenewed(number) times (by mutual agreement) after the duration of this appointment.
The audit committee reports to the Scottish Government Audit Committee and the purpose of the audit
committee is to:
• review the comprehensiveness of assurances in meeting the assurance needs of the Portfolio
Accountable Officer;
• review the reliability and integrity of these assurances; and
• advise the Portfolio Accountable Officer about how well assurances consequently support him/her in
decision taking and in discharging his/her accountability obligations.
A copy of the audit committee’s Terms of Reference is enclosed. The Committee is chaired by (name) and
the other members are (names). [It is recommended that new members be provided with a list of contact
details]
SUPPORT AND TRAINING
The Secretary of the audit committee is (name/contact details) and he/she will shortly be in touch with you
to discuss and arrange appropriate induction training.
To help you understand the governance arrangements and the role of audit committees in government,
you should read the Audit Committee Handbook: Guidance for audit committee members in the core
Scottish Government.
COMMITMENT AND REMUNERATION
The audit committee meets at least four times each year, but additional meetings may be required from
time to time. You will also be expected to undertake appropriate training and activities designed to keep
you in touch with the Scottish Government/Portfolio’s activities and priorities. Your remuneration will be
(include details of daily rate and procedures for claims and payment). All monies paid in connection with
this appointment are taxable and it is your responsibility to make appropriate arrangements in respect of
income tax.
EXPENSES AND SUBSISTENCE
Travel and subsistence costs will be paid in accordance with the Scottish Government’s standard
arrangements. A copy of the current rates and conditions is enclosed for your information.
15

16
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
You are entitled to claim the following expenses and subsistence:
• travel expenses to and from home to the meeting venue;
• travel and subsistence expenses incurred as part of the work of the committee away from the normal
venue; and
• dependant care costs.
You would be entitled to travel first class by rail and business class by air. Any further clarification on
Scottish Government arrangements should be sought via the Secretary of the audit committee. As a rule of
thumb the aim is to use the most efficient and economic means of travel, taking into account
sustainability, subsistence costs and savings in time.
CONFLICTS OF INTEREST
Any potential conflict of interest for you in your audit committee role, including any arising from a change
in personal circumstances during your period of appointment, must be declared to the Chair of the audit
committee.
APPRAISAL
As a member of the audit committee you will be subject to appraisal by the audit committee Chair (include
brief details of the appraisal process).
CONDUCT
You are expected to conduct yourself in accordance with the principles of the Civil Service Code and the
Seven Principles of Public Life identified by the Committee on Standards in Public Life. Copies of the Civil
Service Code and the Seven Principles of Public Life are enclosed.
LIABILITY
Under the terms of the Scottish Public Finance Manual issued by the Scottish Ministers individual non-executive
members of public bodies, including non-executive members of committees, who have acted honestly and
in good faith do not have to meet out of their own personal resources any personal civil liability which is
incurred in the execution or purported execution of their board or committee functions, save where the
person has acted recklessly.
TERMINATION
If you choose to resign from this appointment you will be expected to give (number) months notice, unless
your circumstances have changed in a way that make it appropriate for you to resign immediately. If your
performance as an audit committee member is decided to be unacceptable (see appraisal) or if your conduct
(including conflicts of interests) is unacceptable your appointment may be terminated by the Portfolio
Accountable Officer.

ANNEX F: MODEL TERMS OF REFERENCE FOR PORTFOLIO AUDIT COMMITTEES
ANNEX F:
MODEL TERMS OF REFERENCE FOR PORTFOLIO
AUDIT COMMITTEES
TERMS OF REFERENCE FOR [NAME OF PORTFOLIO] AUDIT COMMITTEE
An Audit Committee has been established to support the Portfolio Accountable Officer[s]
(PAO) in his/her/their responsibilities for issues of risk, control and governance over the
[programme]/[administration] budget for [name of Portfolio]. This includes reviewing the
comprehensiveness of assurances in meeting the PAO’s assurance needs and reviewing the
reliability and integrity of these assurances. In formal terms, the Audit Committee reports
annually to the overarching Scottish Government Audit Committee (SGAC).
Membership
The Audit Committee will comprise three [or more] non-executive members, one of whom shall serve as
the chair. Details of the current members including the chair are shown in Appendix 1.
• The Audit Committee will be provided with a secretarial support service by (XXXXXX).
Meetings
• The Audit Committee will meet at least four times a year. The Chair of the Audit Committee may
convene additional meetings as he/she deems necessary.
• The PAO may also ask the Audit Committee to convene further meetings to discuss particular issues
on which he/she/they want the Audit Committee’s advice.
A minimum of two members of the Audit Committee will be present for the meetings to be deemed
quorate. In the absence of the Chairperson, one of the other non-executive members will assume that
role for the duration of the meeting.
• The Chair of SGAC should be advised of any member who fails to attend two consecutive meetings.
• Audit Committee meetings will normally be attended by the PAO and representatives from Internal
Audit Division, Audit Scotland and Finance.
• The Audit Committee may ask any other officials to attend to assist it with its discussions on any
particular matter.
• The Audit Committee may ask any or all of those who normally attend but who are not members to
withdraw to facilitate open and frank discussion of particular matters.
• Papers for Audit Committee meetings should be circulated to members at least one week prior to
the meeting date.
• A core work programme is attached at Appendix 2.
• An Action Point Tracker will be maintained to monitor progress on key issues raised at meetings.
17

18
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
Access
• Internal Audit Division and Audit Scotland will have free and confidential access to the Chair of the
committee and vice versa (it is expected, however, that exercise of this right would be on an exceptional
basis).
Reporting
• The Audit Committee will formally report back to the PAO after each meeting – providing a copy of
minutes of the meeting may form the basis of the report.
• The Audit Committee will also provide SGAC with an Annual Report, in a format agreed by SGAC and in
advance of the SGAC meeting timed to review the Scottish Government consolidated accounts and
associated Statement on Internal Control (SIC).
Responsibilities
The Audit Committee will advise the PAO on:
• the strategic processes for risk, control and governance
• the planned activity and results of both internal and external audit
• the adequacy of management response to issues identified by audit activity or by Parliamentary
Committees where they affect the portfolio’s overall performance
• assurances relating to the corporate governance requirements for the portfolio, e.g. Certificates of
Assurance and issues relating to the Permanent Secretary’s signing of the SIC.
Information Requirements
To achieve the above, for each meeting the Audit Committee will normally be provided with:
• a report on the [Portfolio] performance relating to risk management, including a summary of any key
changes to the risk register
• a progress report from Internal Audit Division detailing, as appropriate:
– work performed
– key issues emerging from internal audit work
– management responses to audit recommendations
– progress on the implementation of agreed recommendations
– the current internal audit plan including proposed changes
– any issues affecting the delivery of internal audit objectives
• a progress report from Audit Scotland summarising work done and emerging findings.
As and when appropriate, the Committee may also be provided with:
• The Terms of Reference of Internal Audit Division agreed by SGAC
• The Internal Audit Strategy agreed with SGAC
• Internal Audit Division’s annual assurance and report for the [Portfolio]

• Directors’ Certificates of Assurance
• the PAO’s draft Certificate of Assurance
• A report on relevant matters from Finance
ANNEX F: MODEL TERMS OF REFERENCE FOR PORTFOLIO AUDIT COMMITTEES
• A report on Business Performance Management Reports and any relevant outputs or assurances from
other review bodies or activities, including relevant Gateway reviews
• The major findings of relevant Parliamentary Committee reports
• Any appropriate relevant information from the draft accounts as they relate to the [Portfolio]
• Audit Scotland plans, and any relevant management letters and performance audit reports
• Notifications from relevant Executive Agency and sponsored body Audit Committees of significant
issues that are considered to be of wider interest
• Any relevant reports on fraud within the [Portfolio] or relevant Executive Agencies and sponsored
bodies
• Any report on co-operation between internal and external audit
• Copies of any external quality assurance reports on the internal audit function.
19

20
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
APPENDIX 1:
CURRENT MEMBERSHIP OF THE [PORTFOLIO]
AUDIT COMMITTEE
– Name 1 (period of appointment: dd mm yyyy – dd mm yyyy)
– Name 2 (period of appointment: dd mm yyyy – dd mm yyyy)
– Name 3 (period of appointment: dd mm yyyy – dd mm yyyy)
• The Audit Committee is chaired by (Name 1 above)

APPENDIX 2: SUGGESTED CORE ANNUAL PROGRAMME OF BUSINESS FOR PORTFOLIO AUDIT COMMITTEES
APPENDIX 2:
SUGGESTED CORE ANNUAL PROGRAMME OF
BUSINESS FOR PORTFOLIO AUDIT COMMITTEES
Spring Meeting
• Review performance relating to risk management
• Review the Internal Audit periodic work plan for the coming financial year
• Consider Audit Scotland plans for the coming financial year
• Consider any reports from Internal Audit and management responses
• Consider any reports from Audit Scotland [and management response to/implementation of
recommendations]
• Consider a report from Finance, including relevant information about financial performance and
achievement of financial targets
• Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses,
management responses to requests for information
Summer Meeting
• Review performance relating to risk management
• Consider (emerging) External Audit opinion for the financial year just finished
• Consider Internal Audit opinion for the financial year just finished
• Consider an annual report on fraud within the portfolio directorates, relevant Executive Agencies and
sponsored bodies
• Review certificates of assurance provided by portfolio directors and advise the Accountable Officer on
the terms of his/her assurance to the Permanent Secretary*
• Consider any reports from Internal Audit and management responses
• Consider any reports from Audit Scotland [and management response to/implementation of
recommendations]
• Consider a report from Finance, including relevant information about financial performance and
achievement of financial targets
• Consider any Scottish Parliament Audit Committee issues e.g. reports and formal responses,
management responses to requests for information
• *Consider an annual report to the Scottish Government Audit Committee
*These agenda items must be completed in sufficient time to meet the timetable for the preparation of the Scottish
Government’s consolidated accounts.
21

22
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
Autumn Meeting
• Review performance relating to risk management
• Review the performance management arrangements adopted within the portfolio including, where
appropriate, the timetable for reviewing such arrangements
• Consider any reports from Internal Audit and management responses
• Consider any reports from Audit Scotland [and management response to/implementation of
recommendations]
• Consider a report from Finance, including relevant information about financial performance and
achievement of financial targets
• Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses,
management responses to requests for information
Winter Meeting
• Review performance relating to risk management
• Consider the Audit Scotland portfolio report/management letter for the previous year and the
management response
• Consider whether or not any local arrangements – as opposed to the Scottish Government corporate
arrangements – for the reporting and handling of cases of actual and suspected fraud are sufficiently
robust
• Consider any reports from Internal Audit and management responses
• Consider any reports from Audit Scotland [and management response to/implementation of
recommendations]
• Consider a report from Finance, including relevant information about financial performance and
achievement of financial targets
• Consider any Scottish Parliament Audit Committee issues, e.g. reports and formal responses,
management responses to requests for information
• Consider the Committee’s own effectiveness in its work
• Review the Committee’s Terms of Reference

ANNEX G: KEY LINES OF ENQUIRY FOR AN AUDIT COMMITTEE
ANNEX G:
KEY LINES OF ENQUIRY FOR AN AUDIT COMMITTEE
This list of questions is not intended to be exhaustive or restrictive nor should it be treated as a
tick list substituting for detailed consideration of the issues it raises. Rather it is intended to act as
a ‘prompt’ to help audit committees ensure that their work is comprehensive.
On the strategic processes for risk, control and governance, how do we know:
• that the risk management culture is appropriate?
• that there is a comprehensive process for identifying and evaluating risk, and for deciding what levels of
risk are tolerable?
• that the risk register(s) reflect the risks facing the core Scottish Government/Portfolio?
• that appropriate ownership of risk in place?
• that management has an appropriate view of how effective internal control is?
• that risk management is carried out in a way that really benefits the core Scottish Government/Portfolio
or is it treated as a box ticking exercise?
• that the core Scottish Government/Portfolio as a whole and parts thereof are aware of the importance
of risk management and of the core Scottish Government’s/Portfolio’s risk priorities?
• that the system of internal control will provide indicators of things going wrong?
• that the annual Statement on Internal Control/certificates of assurance is/are meaningful, and what
evidence underpins it/them?
• that the SIC/certificates of assurance appropriately disclose(s) action to deal with material problems?
• that the core Scottish Government/Portfolio is appropriately considering the results of the effectiveness
review underpinning the SIC/assurances?
On risk management processes, how do we know:
• how senior management and Ministers support and promote risk management?
• how well people are equipped and supported to manage risk well?
• that there is a clear risk strategy and policies?
• that there are effective arrangements for managing risks with partners?
• that the Scottish Government’s/Portfolio’s processes incorporate effective risk management?
• if risks are handled well?
• if risk management contributes to achieving outcomes?
23

24
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
On the planned activity and results of both internal and external audit, how do we know:
• that the Internal Audit strategy is appropriate for delivery of a positive reasonable assurance on the
whole of risk, control and governance? [SGAC]
• that the periodic audit plan will achieve the objectives of the Internal Audit strategy, and in particular is
it adequate to facilitate a positive, reasonable assurance?
• that Internal Audit has appropriate resources, including skills, to deliver its objectives?
• that Internal Audit recommendations that have been agreed by management are actually
implemented?
• that any issues arising from line management not accepting Internal Audit recommendations are
appropriately escalated for consideration?
• that the quality of Internal Audit work is adequate?
• that there is appropriate co-operation between the internal and external auditors?
On the accounting policies and the accounts of the Scottish Government, how do we know:
• that the accounting policies in place comply with relevant requirements, particularly the Financial
Reporting Manual? [SGAC and COPFS]
• there has been due process in preparing the accounts and annual report and is that process robust?
[SGAC and COPFS]
• that the accounts and annual report have been subjected to sufficient review by management and by
the Accountable Officer? [SGAC and COPFS]
• that when new or novel accounting issues arise, appropriate advice on accounting treatment is gained?
[SGAC and COPFS]
• that there is an appropriate anti-fraud policy in place and losses are suitably recorded?
• that suitable processes are in place to ensure accurate financial records are kept?
• that suitable processes are in place to ensure fraud is guarded against and regularity and propriety is
achieved?
• that financial control, including the structure of delegations, enables the Scottish Government/Portfolio
to achieve its objectives with good value for money?
• if there are any issues likely to lead to qualification of the accounts?
• if the accounts have been qualified, that appropriate action is being taken to deal with the reason for
qualification? [SGAC and COPFS]
• that issues raised by Audit Scotland/the Auditor General for Scotland are given appropriate attention?
On the adequacy of management response to issues identified by audit activity, how do we know:
• that the implementation of recommendations is monitored and followed up?
• that there are suitable resolution procedures in place for cases when management reject audit
recommendations which the auditors stand by as being important?

ANNEX G: KEY LINES OF ENQUIRY FOR AN AUDIT COMMITTEE
On assurances relating to the corporate governance requirements for the organisation, how do
we know:
• that the range of assurances available is sufficient to facilitate the drafting of a meaningful Statement
on Internal Control?
• that those producing assurances understand fully the scope of the assurance they are being asked to
provide, and the purpose to which it will be put?
• what mechanisms are in place to ensure that assurances are reliable?
• that assurances are ‘positively’ stated (i.e. premised on sufficient relevant evidence to support them)?
• that the assurances draw appropriate attention to material weaknesses or losses which should be
addressed?
• that the Statement on Internal Control realistically reflects the assurances on which it is premised?
[SGAC and COPFS]
On the work of the audit committee itself, how do we know:
• that we are being effective in achieving our terms of reference and adding value to corporate
governance and control systems of the core Scottish Government?
• that we have the appropriate skills mix?
• that we have an appropriate level of understanding of the purpose and work of the Scottish
Government/Portfolio?
• that we have sufficient time to give proper consideration to our business?
• that our individual members are avoiding any conflict of interest?
• what impact we are having on the core Scottish Government?
25

26
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
ANNEX H:
SCOTTISH GOVERNMENT ASSURANCE
FRAMEWORK
Statement on Internal
Business Activities Assurance Activities
Control (SIC)
Control Framework
•Organisational
Structure
•Decision Making Process
•Delegated Authority
Statements
•Behaviour and Values
•Business Planning
•Prevention and
Detection of Fraud
Routine Management
Reporting
•PB/Strategic Board
Reports
•Performance
Management
•Overall Financial
Position
•Benchmarking
Risk Management
•Risk Framework
•Risk Registers
Principal Accountable
Officer (PAO)
Signs SIC
Scottish Government
Audit Committee
(SGAC)
•Facilitates co-ordination
and provides assurance
from across the Scottish
Government to PAO
•Considers adequacy of
overarching audit
strategy and other SIC
arrangements
•Approves Internal Audit
Strategy and resources
Portfolio Audit
Committees (PAC)
•Considers adequacy of
audit and other
assurance arrangements
for each portfolio in
support of the individual
AOs appointed by PAO
Primary Certification
•DG Certificates of Assurance
and Agency SICs
Internal Assurance
•Audit Strategy
•Internal Audit
•Finance Director’s Annual
Report
•Security Annual Report
•Annual Report on Fraud
External Assurance
•Audit Scotland
•Non-Executive Directors
•Directorate Certificates of
Assurance
•NDPB SIC
Internal Audit Portfolio Plans
and Summary Reports

SGAC
ANNEX I: SCOTTISH GOVERNMENT CERTIFICATES OF ASSURANCE MAP
ANNEX I:
SCOTTISH GOVERNMENT CERTIFICATES OF
ASSURANCE MAP
Finance Group
•Co-ordination and
qualitative assessment
Principal Accountable
Officer
Portfolio Accountable
Officer
•Certificate of Assurance
Directors
•Certificate of Assurance
•Finance Director’s
Certificate of Assurance
•CopyofCofAfromany
other relevant sources
Deputy Directors
•Certificate of Assurance
•Certificate of Assurance
Checklist
Executive Agency
Shared Services
•Finance Assurance
•HR Assurance
NDPB Accountable Officer
27

28
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
ANNEX J:
THE ROLE OF THE CHAIR IN CORE SCOTTISH
GOVERNMENT AUDIT COMMITTEES: GOOD PRACTICE
Exactly how a particular Chair manages a core Scottish Government audit committee will vary depending
on the character of the individual and the needs of the committee. Key activities beyond committee
meetings should include the following:
Agenda Setting
Before each meeting the Chair and the committee secretary should meet to discuss and agree the business
for the meeting. The Chair should take ownership of, and have final say in, the decisions about what
business will be pursued at any particular meeting.
Communication
• The Chair should ensure that after each meeting appropriate reports are prepared from the audit
committee to the Principal/Portfolio Accountable Officer.
• The Chair should ensure that the audit committee provides a suitable annual report to the Principal
Accountable Officer – or SGAC in respect of PACs.
• The Chair should have bilateral meetings at least annually with the Principal/Portfolio Accountable
Officer and representatives from Internal Audit Division and Audit Scotland.
• The Chair should meet any people newly appointed to these positions as soon as practicable after their
appointment.
• The Chair should ensure that all Committee members have an appropriate programme of interface with
the organisation and its activities to help them understand the Scottish Government/Portfolio, its
objectives, business needs and priorities.
Monitoring Actions
• The Chair should ensure that there is an appropriate process between meetings for action points arising
from committee business to be appropriately pursued.
• The Chair should ensure that members who have missed a meeting are appropriately briefed on the
business conducted in their absence. Chairs may choose to rely on the secretariat to take these actions.
Appraisal
• The Chair should take the lead in ensuring that committee members are provided with appropriate annual
appraisal of their performance as a committee member and that training needs are identified and
addressed. The Chair should seek appraisal of their own performance from the Principal/Portfolio
Accountable Officer.
• The Chair should ensure that there is a periodic review of the overall effectiveness of the audit committee
and of its Terms of Reference.

ANNEX J: THE ROLE OF THE CHAIR IN CORE SCOTTISH GOVERNMENT AUDIT COMMITTEES: GOOD PRACTICE
Appointments
The Chair should be involved in the appointment of new committee members, including providing advice
on the skills and experience being sought by the committee.
Resources
The Chair is responsible for ensuring that the work of the audit committee is appropriately resourced.
29

30
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
ANNEX K:
COMMITTEE SUPPORT: GOOD PRACTICE
A good secretariat function is more than a secretarial function. The secretariat should be able to support
the Chair of the committee in identifying business to be taken, and the relevant priorities of the business.
The Chair of the committee and the secretariat should agree procedures for commissioning briefing to
accompany business items on the committee’s agenda and timetables for the issue of meeting notices,
agendas, and minutes. The Chair of the committee should always review and approve minutes of meetings
before they are circulated.
The specific responsibilities of the audit committee secretariat should include:
• meeting with the Chair of the committee to prepare agendas for meetings;
• commissioning papers as necessary to support agenda items;
• circulating meeting documents in good time before each meeting;
• arranging for executives to be available as necessary to discuss specific agenda items with the committee
during meetings;
• keeping a record of meetings and providing draft minutes for the Chair’s approval;
• ensuring action points are being taken forward between meetings;
• supporting the Chair in the preparation of audit committee reports – either to the Principal Accountable
Officer or to SGAC;
• arranging the Chair’s bilateral meetings with the Principal/Portfolio Accountable Officer and designated
representatives of Internal Audit Division and Audit Scotland;
• keeping the Chair and members in touch with developments and relevant background information
about developments in the core Scottish Government;
• maintaining a record of when members’ terms of appointment are due for renewal or termination;
• ensuring that appropriate appointment processes are initiated when required;
• ensuring that new members receive appropriate induction training, and that all members are supported
in identifying and participating in ongoing training; and
• managing budgets allocated to the audit committee.
When the audit committee decides to meet privately, the Chair should decide whether the secretariat members
should also withdraw. If so, the Chair should ensure that an adequate note of proceedings is kept to support
the committee’s conclusions and advice.

ANNEX L: SHELL ANNUAL REPORT FROM PORTFOLIO AUDIT COMMITTEES TO SGAC
ANNEX L:
SHELL ANNUAL REPORT FROM PORTFOLIO
AUDIT COMMITTEES TO SGAC
[XXXX] PORTFOLIO AUDIT COMMITTEE (PAC) ANNUAL REPORT TO THE SCOTTISH GOVERNMENT AUDIT
COMMITTEE (SGAC): 20XX-20XX
The membership of the [XXXX] PAC, including vacancies, is currently as follows:
The PAC is chaired by [XXXXX].
The relevant Portfolio Accountable Officer(s) attended [all/number] meetings of the PAC and/or was/were
provided with minutes of the proceedings.
Matters relative to the 20XX-XX financial year were considered at [X] meetings of the PAC. A summary of
the key meeting agenda items is given overleaf:
31

32
AUDIT COMMITTEE HANDBOOK: Guidance for audit committee members in the core Scottish Government
Agenda Item Month/Year Month/Year Month/Year Month/Year
PAC Terms of Reference
Reviews of risk management
arrangements, including any
changes to the risk register
Internal audit plans
Internal audit reports
Audit Scotland plans
Audit Scotland reports
Finance reports, including
forecast outturn/outturn
statements for 20XX-XX
Audit Scotland portfolio
report/management letter
re 20XX-XX
Response to Audit Scotland
portfolio report/management
letter re 20XX-XX
Scottish Parliament Audit
Committee issues, e.g. reports
and formal responses
20XX-XX Certificates of
Assurance from relevant
Directors on the system of
internal control
20XX-XX draft Certificate of
Assurance from the Portfolio
Accountable Officer to the
Permanent Secretary
Reports of fraud within the
portfolio directorates,
including details of fraud in
relevant Executive Agencies
and sponsored bodies
Notification from Executive
Agencies and NDPB Audit
Committees of significant
issues considered to be of
wider interest
PAC Self-Appraisal
20XX-XX PAC annual report to
SGAC

ANNEX L: SHELL ANNUAL REPORT FROM PORTFOLIO AUDIT COMMITTEES TO SGAC
[Narrative explaining why any key meeting agenda items identified above were not considered.]
[Narrative describing the risk management arrangements adopted within the portfolio including, where
appropriate, the timetable for reviewing the portfolio risk register. This should include any concerns that
the PAC might have with such arrangements.]
[Narrative describing the performance management arrangements adopted within the portfolio including,
where appropriate, the timetable for reviewing such arrangements. This should include any concerns that
the PAC might have with such arrangements.]
[Narrative highlighting any information commissioned by the PAC from the Portfolio Accountable Officer to
address gaps in information/areas of concern.]
[Narrative describing any concerns that the PAC might have with the response - or lack of response - to its
challenge and advice on relevant matters, including relevant processes and procedures.]
The PAC operated in accordance with SPFM guidance during the period covered by the report. Issues
arising within the PAC’s remit that we would wish to draw to SGAC’s attention are as follows: [These
should include significant issues raised through internal/external audit activity and, where appropriate, any
recommendations or reports of concerns from relevant audit committees of Executive Agencies or NDPBs.
Details of any issues that appear to the PAC to have possible implications for the Scottish Government as a
whole must be provided here.]
OR
The PAC operated in accordance with SPFM guidance during the period covered by the report and there
were no issues arising within our remit that we consider should be brought to SGAC’s attention.
[Chair of XXX PAC]
[Date’xlmsfdmdm]
33

© Crown copyright 2008
This document is also available on the Scottish Government website:
www.scotland.gov.uk
RR Donnelley B55712 07/08
w w w . s c o t l a n d . g o v . u k