• Audit and Risk Committee Minutes
  • 16 April 2024

Committee Members and Attendees

Minutes of the Audit and Risk Committee Hybrid Meeting held on Monday 25 March 2024, 14:00-16:00

Committee:
Marie Fallon (MF), Chair
Richard Dixon (RD)
Neil Oakley (NO)
Morag Sheppard (MS)

Attendees:
ESS Team (Items 2 – 4 only): 
Mark Roberts (MR), CEO
Rebecca Peppiette (RP), Head of Corporate Services and Communications
Neil Langhorn (NL), Head of Strategy and Analysis*
Lauren Queen (LQ), In-house Solicitor
Charlotte Lowe (CL), Governance Lead (Minutes)

External Audit
Muhammad Fadhil (MFad), Manager, Deloitte LLP
Kirsty Hair (KH), Assistant Manager, Deloitte LLP

Internal Audit
Iain Burns (IB), Lead Senior Internal Audit Manager
Douglas Falconer (DF), Senior Internal Audit Manager

Apologies
Rebecca Liu (RL), Interim Finance and Accountancy Advisor

*item 7 only

1. Private session

Members of the Committee attended a private session.

2. Welcome

The Chair welcomed the Committee and attendees to the meeting. There were apologies from RL.

It was noted that RD will become Acting Chair of ESS  as of 1 April 2024, but that he would continue to act as a regular Board member for the purposes of the Audit and Risk Committee.

The Chair noted that during the private session the Committee had discussed governance arrangements. MS was appointed as Deputy Chair of the Audit and Risk Committee.

3. Minutes and matters arising

The Committee approved the minutes of the 4 December 2023 and 22 January 2024 meetings, subject to a correction of dates on the latter.

The Committee discussed the matters arising and noted that iTECS has responded to a series of questions relating to cyber security assurance. The Committee noted that the responses had provided some assurance, but MS and NO undertook to follow up separately.

4. Finance

RP presented an update on the 2024/25 budget and 2023/24 expenditure to date, noting that despite mitigating actions ESS continued to carry an underspend in 2023/24. In discussion, the Committee:

  • highlighted a positive year-on-year decrease in the level of underspend
  • recommended scenario planning for areas where spend could be increased or decreased at pace
  • considered the balance of budget allocation for external expert advice versus in house resource
  • agreed recommendations to consider a refreshed 2024/25 budget at its 24 June 2024 meeting

5. Risk management and assurance

CL introduced the updated risk register. The Committee approved the updates to the register and:

  • recommended increasing the residual likelihood and reducing the residual impact to reflect where ESS is able to mitigate for taking on additional functions without additional resource
  • recommended considering the residual score regarding ESS’ cyber security risks and splitting the risk into distinct people and infrastructure-related risks
  • agreed to recommend the appointment of a Board Sustainability Champion at the next Board meeting
  • discussed governance arrangements and agreed to recommend another Board member join the Committee
  • recommended providing more information on the direction of travel of risks over time

CL presented a high-level review of ESS’ Risk Management Framework and Policy, noting that only minor updates were recommended as a fuller review of ESS’ risk management approach would take place during development of the next Strategic Plan. The Committee approved the updates for recommendation to the Board, subject to the revision of the risk appetite relating to accidental disclosure of sensitive information.

CL provided a verbal update on the annual assessment of risk maturity, which the Executive Team had agreed as ‘managed’ due to positive efforts at corporate-level to implement and review risk processes. The Committee noted that areas for improvement related to embedding risk management at all levels of the organisation.

6. Governance

RP provided a verbal update on ESS’ performance and management indicators to date for the financial year 2023/24, noting that the final year-end figures would be presented to the Board at its 26 April 2024 meeting.

RP presented the deep dive review of a number of third-party contracts which are due to be relet in the next financial year. The Committee considered areas such as risks, cost and carbon impact of each contract, and made recommendations to refine the individual briefs for re-tendering. RP agreed to share further details on the process for considering Scope 3 carbon emissions within procurement.

CL presented the annual review of the Committee’s Terms of Reference and the Board Standing Orders. In discussion, the Committee:

  • considered the quorum of the Board and Committee
  • noted that the item 5 recommendation to update Committee membership may require a further revision of the Terms of Reference
  • agreed a number of minor updates to be recommended to the Board

RP presented the Committee’s forward work plan and noted that ESS’ Business Plan for 2024/25 would be published shortly.

7. Internal Audit

[At this point NL joined the meeting].

IB provided an update on Internal Audit work including progress on the review of ESS’ cyber arrangements, follow up work on the 2022/23 review of Investigations processes and wider work in the public sector.

DF presented the final report on the review of Strategy and Analysis procedures, highlighting that a ‘reasonable’ level of assurance was provided. The Committee considered the recommendations for areas of improvement, noting the organisation-wide nature of some, and thanked DF, NL and the Strategy and Analysis Team for their work.

[At this point NL left the meeting].

IB presented Internal Audit’s 2024/25 work plan, which includes reviews of performance reporting and risk management arrangements, and noted wider public sector work planned on public service reform. The Committee agreed the plan, subject to a minor revision of total allocated work days.

8. External Audit

KH presented an overview of Deloitte’s external audit processes and lessons learned from 2023, and introduced the plan for ESS’ external audit for 2023/24. The Committee agreed the plan, subject to removal of items not relevant to ESS and removal of reference to assessing work of the Board rather than the Audit and Risk Committee.

9. General audit update

MF provided an update from the previous Audit Chairs Network meeting and agreed to circulate papers.

RP provided an update from a recent Standards Commissions for Scotland workshop, highlighting updates to guidance for the model Code of Conduct.

10. Any other business

There was no other business to consider.

Minutes Approved

Marie Fallon

Chair, Environmental Standards Scotland Audit and Risk Committee

24 June 2024

Back to top