Framework document between the Scottish Government and the Scottish Commission on Social Security

46. SCoSS, with advice and support as necessary from Scottish Government Social Security Programme Finance and its Sponsor Unit, will:

• establish and maintain arrangements for internal audit in accordance with the Public Sector Internal Audit Standards and the Internal Audit section of the SPFM;
• set up an Audit Committee of its Board, in accordance with the Audit Committees section of the SPFM, to advise both the board and the Accountable Officer;
• ensure that the Sponsor Team and the AO/Senior Sponsor receive promptly after they are produced or updated: the audit charter, strategy, periodic audit plans and annual audit assurance report, including the Head of Internal Audit opinion on risk management, control and governance – and provide any other relevant audit reports as requested by sponsors;
• keep records of, and prepare and forward promptly to the SG an annual report on fraud and theft suffered by SCoSS and notify the AO or Senior Sponsor immediately of any unusual or major incidents.

47. The SG’s Internal Audit and Assurance Directorate has an expectation of cooperation and access to relevant material when required, the parameters for which would be set out in an engagement document before information was shared. SCoSS should make it clear on their own Privacy Notice that material may be shared with SG’s Internal Audit and Assurance Directorate in certain circumstances