2022-03-31-accounts - The UK Cyber Security Council

This text was generated using OCR and may contain errors. Check the original PDF to see the document submitted to the regulator.

----- Start of picture text -----
UKCYBERSECURITYCOUNCIL.ORG.UK
FIND MORE
TRUSTEE REPORT AND FINANCIAL STATEMENTS FOR THE YEAR ENDED 31 MARCH 2022 Company Number: 12830814 Charity Number: 1195030
----- End of picture text -----

I have held almost 100 strategic	partnership meetings and met	regularly with DCMS, NCSC and the	Cabinet Office. For many, we are	now the organisation to call should	they need advice in our sector, and	we consult regularly with government	and beyond on their research and	strategies.		There is much to be done and I look	forward to leading it, but I am also delighted to take the opportunity of	this Trustee Report to chronicle just	how far we have already come.																Professor Simon Hepburn
Speaking of members, we now have	over 30 from across the industry,	large and small, professional, not for	profit and academic. These will be	the ‘life-blood’ of the	Council. Driving our thought-	leadership agenda through	volunteering on our committees,	currently looking at Diversity and	Inclusion, Industry Ethics and Career Mapping; all areas I am personally phenomenally passionate about, and I look forward to seeing their recommendations.					These engagements are continued in	our upcoming series of roadshows	where I will be out and about in the	regions, further building our working	relationships with our partners in all	four nations and meeting our new	members in person. As the world	opens back up after the last two-	years, I want to make sure that cyber	security is front and centre.	Even through the various lockdowns,	I, and my Board, have managed to		be out and about, either virtually or		in person.
From my initial days, I have sought	to develop the Council along four-	core strategic aims.	Structure the council to deliver the UK Cyber Security Strategy			Develop a sustainable & diverse	workforce of cyber	professionals		Engage with & listen to industry	Make every contact matter	All decisions and actions have been	driven by this agenda and I am	extremely proud of the	achievements my team are already	making and the changes we are	driving through the industry.	I have already noted how I have structured the Council to achieve		Charitable Status, no mean feat.	We can now work with members and partners to have professionals in the industry able to become chartered for the first-time.
This is our first retrospective of our	accomplishments since the charity	was formed in April 2021, and of our	partnership working with the	formation team led by the IET, the	industry, DCMS, and since	September, with our new members!	I am hugely proud of how far we have come over the last nine-months			and all the contributors to our story,	from the original four Board Directors who led us from inception,	through the start-up process and into	on-boarding members, under the	experienced leadership of Dr	Claudia Natanson. The four new	Directors who have added so much	more fullness to our Board and are	already making their mark on the	future of the organisation. And of	course, my team, who have been so	adaptable, dependable and	innovative in responding to the	needs of a new enterprise, evolving	requirements and strategies. I have been humbled by their collective		enterprise, and to them all, a huge		thank you!

We break down barriers, promote	fairness and champion the need and	the benefits for inclusion.		We will benefit the public through our	work to demystify and simplify career	paths within cyber security, which will	have a tangible impact through the	reduction of the skills gap in the sector.		We will ensure those in the profession	are working to a defined standard	and code of ethics, and make sure	anyone wanting to start a career in or	progress within cyber security can.		This not only benefits individuals, but	also employers, businesses, and the	wider community; creating a world	where the whole of society is safe and	secure in cyber space.
By bringing together professionals	within the cyber security sector,	with stakeholders, government, and	third sector organisations, we will	establish professional standards	and ethics, alongside our work	to encourage progression within	the sector.		We will work in collaboration with	the wider industry to tackle issues	such as closing the skills gap and	make sure we see a more	representative workforce.		Public Benefit	One of our key values is inclusion.	This means everyone. We embrace	diversity of all kinds and the rich	knowledge this empowers us with.
We have established 5 pillars to	deliver our aims, these pillars are:		Professional Standards -	Setting the standards	for practitioners across the	sector		Professional Ethics - Creating	and ensuring	cyber professionals adhere	to our Code of Ethics		Careers & Learning -	Providing guidance on how	to join and progress within	cyber security		Outreach & Diversity -	Striving for an inclusive	and representative sector		Thought Leadership &	Influence - Positioning	the Council as the voice of	the profession
The purpose of the UK Cyber	Security Council is to act as the voice	of the cyber security profession and	help ensure that the UK is the safest	place to live and work online, as set	out in the original National Cyber	Security Strategy (2016-2021).		Its aims are to:	Inspire, inform and advance	public cyber security awareness	and knowledge		Create an open, inclusive	and professional cyber security	culture		Influence cyber security best	practices that proactively benefit	the public in the UK and beyond		Act as the reference point for	cyber security professional	standards, competence and	commitment

This Phase One Strategy was	treated as a project, fully	programmed, baselined and	tracked, with specific outcomes to	be achieved and KPIs presented in	a balanced scorecard format to	the board and DCMS.		.
Through the first six months of this	financial year, the Council put in-	place its Phase One Strategy,	focused upon the evolution from	the Formation Project to a live	organisation.	There were six aims in all driven	by an interim MD with the initial four Board Trustees.				Successfully launch brand &	build positive presence		Launch and on-board initial		members positively with a		clear roIe (Phase One)		Secure successful relationships	with government and be seen	to ‘add value’ and be the first	point of call at all levels		Develop new business areas of	potential income		Establish all management	functions and secure the team		Prepare for phase two
Professional Development	Outreach & Diversity in Cyber	Security to develop the next	generation	Professional Ethics Thought Leadership & Influence				These aims have now been	subsumed into the Council’s four		strategic aims.		Structure the council to deliver		for the UK Cyber Security		Strategy		Develop a sustainable &	diverse workforce of cyber	professionals	Engage with & listen to industry			Make every contact matter		Which have then been augmented by the specific requirements of the DCMS Grant Funding				Agreements, the second of which	is due to be entered into early in	2022-23.
The Council Formation Project ran	for almost two years and was led	by the Institute of Engineering	Technology (IET) under the chair	of Dr Budgie Dhanda MBE	working in partnership with DCMS	and several industry partners and industry volunteers, all now		Founder Members of the Council.		The volume of work that came out of this project was considerable			and covered all the key areas in		the UK’s Cyber Security		Strategy. Most of this work has		subsequently been taken forward	into the GFA and the Council’s	own planning. Of the areas not	fully developed, key were the	business planning and financial	sustainability.			The Formation Project defined	four key strategic aims that sought	to respond to the DCMS’s original	requirements in:

Develop a sustainable Engage with & listen to Make every contact matter Structure the council to	workforce of cyber industry deliver the UK Cyber	professionals Strategy	We will work with our partners in We will continue to listen to the industry We will treat every contact with every We will structure the Council to deliver the	government, industry and academia to about the support it requires and person and organisation as an ambitions of DCMS, the industry and our	improve the expectations of the its expectations of the opportunity to promote the work of the members and ensure each area of work	chartered/registered cyber security chartered/registered cyber Council, the UK’s Cyber Security Strategy, receives the resources it requires to be	professional. We will develop professional. We will continue to to promote the industry, our members, successful. We will put processes in place	understandable career pathways, coupled develop our work with industry partners the profession and professionals. to develop our staff into key roles, creating	with accredited qualifications to achieve recognised career levels within the profession. We will do this in a manner that is fair, open and transparent, keeping our requirements and guidance relevant, to facilitate working committees on key cyber security and industry issues and ensure the findings are well understood across the industry and government. All types and forms of contact and contact points will be treated as opportunities for positive engagement and for learning. a culture of positive leadership in an organisation that is innovative, professional and forward looking.	effective, and representative of individuals’	diverse requirements.

Some key achievements under the pillar of ‘structure the	Council to deliver on the UK Cyber Security Strategy’ are as	follows:	Secured an industry-leading Chair in Dr. Claudia Natanson MBE	On-boarded a further seven high calibre experienced Board	Trustees from our industry & beyond	Secured Simon Hepburn as our first CEO, a charity and education	executive with over twenty years’ experience in a variety of national and international organisations	Built a dedicated & industrious team to deliver for the Council & the Industry	Established our governance arrangements, including sub-	committees & thought workshops	Launched our organisational membership programme and	exceeded our full financial year target	Secured three-year funding from DCMS
							Structure the council to deliver on UK Cyber Security Strategy

	The UK Cyber Security Council was incorporated as	a company limited by guarantee on 21 August 2020.		The UK Cyber Security Council was registered as a	Charity on 01 July 2021.	Charity on 01 July 2021.
Trustees:	Claudia Natanson - Chair (appointed		October 2020)	Jessica Figueras – Vice			Chair (appointed October 2020)	Mike Watson – Treasurer (appointed	October 2020)	Carla Baker – Trustee (appointed	October 2020)	Chitra Balakrishna – Trustee (appointed	October 2021)	Nathan Nagaiah – Trustee (appointed	October 2021)	Edward Goodchild –	Trustee (appointed October 2021)	Frances Le Grys – Trustee (appointed	October 2021)
Company Number: 12830814		Charity Number: 1195030		Registered Address: 3rd Floor, 106		Leadenhall Street, London, EC3A 4AA			Bankers:	Lloyds Bank PLC. 25 Gresham Street,	London EC2V 7HN	Co-operative Bank PLC. PO Box 101, 1	Balloon Street, Manchester, M60 4EP		Solicitors:	Birkett’s LLP. Providence House 141-145	Princes Street, Ipswich, Suffolk, IP1 1QJ		Auditors:	Moore Kingston Smith, 9 Appold Street	London EC2A 2AP

The Trustees are also responsible	The Programme for the appointment of the Chief Executive, to which they delegate the day-to-day running of the Charity. The Board has 4 sub-committees.	Boardensures the Council’s	programme directorate activity	including standards development	and career route mapping is fit	for purpose and in line with strategy and priorities of the organisation. TheFinance and	for purpose and in line with strategy and priorities of the organisation. TheFinance and	Audit Boardreview the risks,		controls, and financial	management of the organisation.	The Remuneration	Committee provides a forum, independent of	Committee provides a forum, independent of	the Council’s other governance bodies, for the	review and approval of the	remuneration of the Chief	remuneration of the Chief	Executive, the Leadership Team, and any ex-gratia payments. The Governance and Nominations Sub-Committee ensures the Council’s governance is fit	Executive, the Leadership Team, and any ex-gratia payments. The Governance and Nominations Sub-Committee ensures the Council’s governance is fit	for purpose and that it is populated by suitably diverse	for purpose and that it is populated by suitably diverse	and skilled individuals, in line	with strategy and representation.
	Declarations of interest are acquired from new Trustees and updated by all trustees annually. No remuneration is provided other than reasonable travel and subsistence costs. Trustees regularly review the progress of the charity and its funding and work in	conjunction with the executive team	and membership bodies to set the	strategy for the organisation.		Remuneration The Chair reviews the remuneration of	the Chief Executive and makes a	recommendation to the Remuneration	Committee for consideration. The		Remuneration Committee also review	the salaries of the Leadership Team.		Auditors The Board of Trustees approved the appointment of Moore Kingston Smith		as the Auditors on 23/3/22			The Council are governed by our Articles of Association (as a Charity Body) There are a maximum of 12 Trustee		spaces; 10 spaces are currently taken -	8 by general appointment, 2 appointed	by the membership.
	The Council was conceived initially as part of the UK Government’s National Cyber Security Strategy, which set out ambitions to develop and accredit the cyber security profession. It seeks to do this by “reinforcing the recognised body of cyber security excellence within the industry and providing a focal point which can advise, shape and inform national policy.” This was developed further in the Initial National Cyber Security Skills The first four Trustees were appointed by the Cyber Security Alliance in October 2020. The Board expanded to 8 Trustees in October 2021, with the four new Trustees appointed by the Board, in conjunction with the Interim Chief Executive. Four places remain available on the Board, and will be appointed by the Council’s member organisations, with the first two elected Trustees taking up post in October 2022.							Strategy (2018). This declared Our Board of Trustees has a		intentions to establish a new, independent, UK Cyber Security Council to act as an umbrella body for broad range of relevant skills, knowledge and experience, spanning education, skills and				existing professional organisations and drive progress against the key challenges the profession faces. Following a competitive professional development, commercial and business development, income generation and fundraising, legal, cyber security, financial management,				tender process, the Department for Digital, Culture, Media and Sport (DCMS) awarded the contract to design and deliver the Council in September 2019 to a consortium of risk management, business risk, professional standards and ethics, Government affairs and policy and furthering diversity, equality and inclusion.		cyber security professional bodies known as the Cyber Security Alliance. The Council considers each of the Trustees independent in character and judgement.

ORGANISATIONSTRUCTUREAND MANAGEMENT	Our updated structure is made up of four	As a start up organisation it is directorates	important that the operational and management structure of the organisation is fit for purpose to deliver on the Council’s mission and objectives. The Chief Executives Office Led by the CEO, this directorate is focussed on strategic planning, technical cyber, governance, external engagement and government relationships The Standards Directorate Led by the Director of Professional Standards, this directorate is focussed on developing the professional standards based upon	As such the Leadership Team working our 16 cyber specialisms.	with the Human Resource Partner, review where there are any pinch points within the organisation and then seek to mitigate this through increased In the 2023/2024 financial year we will be enacting the incorporation of our Royal Chartership, which in practical terms will mean the closure of the The Programme Directorate Led by the Director of Programmes and Partnerships, this directorate is focussed on	human resource or re-prioritisation of tasks. This along with the development and implementation of new systems current charity and company incorporations, and transition to the new Chartered Charity and Organisation. developing the careers road map, outreach programmes and the transition of programmes to the Council.	and processes helps staff to be more effective and efficient. All contracted staff will be transferred over to the new organisation as part of The Finance & Ops Directorate Led by the Director of Finance and	this process. Operations, this directorate is focussed on managing areas	including the organisations finance,	marketing, membership and	events.

The role of a Trustee is to ensure that
the Council fulfils its duty to its
beneficiaries and delivers its vision,
mission and values. Working together
with the other Trustees – and in
collaboration with the CEO they are
instrumental in ensuring that the
Council delivers its charitable
objectives, and values equality, diversity
and inclusion.
Our Trustees are individuals who have a
strong empathy with our vision and
mission combined with an in-depth
understanding of our work and
ambitions and they possess an
understanding of the culture and needs
of a values-driven organisation.
The role is one of legal liability and
responsibility for the compliant running
of a charity. Across the Board we seek
skills and experience in running a
professional organisation, although
recognise that not all candidates will
have these skills initially.
Trustees are legally required to act in
the best interests of the Council and
candidates should therefore not seek to
influence the Board in terms of
representing any other organisation.
For all Trustees, the following core
skills are essential to undertake their
duties:
Excellent communication
and influencing skills to be a
strong ambassador for the
Council
A collaborative approach
and openness to other views
and feedback on own
contribution
An ability to think diversely,
produce innovative ideas and
challenge existing thinking and
perspectives
Commitment to the
Council’s mission and values
Commitment to delivering
public good
Commitment to bringing
high standards of ethics
and transparency to the
Council’s governance
Commitment to inclusion
and diversity
Appointment of trustees
As set out in the articles of
association, the board of
trustees comprises
not more than 12 trustees
as Board Members
Maximum of 4 elected
from among and by the
full members
the chief executive of the
Association as an ex-
officio member of the
Board
Board members may
serve up to two terms of
three years
Trustees' induction and
training
On appointment, new trustees
are provided with information
about the company including its
constitution, strategy and plans,
finances, staffing structure and its
risk register.
Their attention is drawn to
relevant Charity Commission
guidance. They are offered the
opportunity to meet with the
chief executive and other staff for
a full briefing on the
organisation’s work.
Organisation
The Board is responsible for the
governance of the charity. The
trustees delegate the running of
the organisation to the chief
executive, within a framework of
delegated authority. The board
meets at least quarterly.

Into 2022-23	The DCMS have agreed a new Grant	Funding Agreement that will provide	income of up to £1,500 K to deliver	against the contract KPIs.	Additionally, we expect to continue to on-board new members and see		an increase in the total annual levies.	2022-23 will also be our first year of issuing Charterships to industry professionals and we will see	2022-23 will also be our first year of issuing Charterships to industry professionals and we will see	2022-23 will also be our first year of issuing Charterships to industry professionals and we will see	substantive income against the	delivery of the same.	Finally, our strategy for the coming	years will ensure the financial	sustainability of the organisation and	develop appropriate additional
Cashflow	Cashflow at commencement was	supported by several of our	contractors and interim staff	deferring their payments for the	first three months, this enabled the Council to move forwards with its	agenda without working capital and we are grateful to all of them for their contributions.			The Charity made a small surplus of	£68 k at the year end. Total funds	were £68 k with £14 k restricted	and £ £54 k unrestricted in the first	year of activity.	We are working with DCMS to	ensure a three-month cover for	total organisational expenses	always remains in-place.
Expenditure	Total expenditure for the year was	£1,539 k which was almost entirely	spent on delivering against the	DCMS’s Grant Funding Agreement.	To be noted, is the impact of our VAT structure that meant a total of		£214 K was spent and not	reclaimable on VAT. This structure remains in-place but a review of	this is on the agenda.
Income	Overall income was £1,606 K	comprised of £1,577 K from the	DCMS Grant Funding Agreement	and £29 K from new membership	levies. A small amount (<£1 K) was also raised from speaking at events.		The Grant Funding Agreement had a	funding ceiling of £1,581 K meaning the Charity underclaimed by just £4	K or 0.25%.

The Trustees are responsible for	the maintenance and integrity of	the corporate and financial	information included on the	charitable company’s website.		Legislation in the United	Kingdom governing the	preparation and dissemination of	financial statements may differ	from legislation in other	jurisdictions.		The financial statements have	been prepared in accordance	with the special provisions of part	15 of the companies act 2006	relating to small companies.		Approved and signed on behalf	of the Trustees by								Dr Claudia Natanson MBE	Chair of Trustees	13 December 2022
They are also responsible for	ensuring that the	financial statements comply	with the Companies act 2006.		As well as safeguarding the	assets of the charitable	company and group and hence	for taking reasonable steps for	the prevention and detection	of fraud and other	irregularities.			In so far as we are aware:		There is no relevant audit information of which the charities auditor is unaware; and					The Trustees have taken all	steps that they ought to have taken to		make themselves aware of any relevant audit information and to				establish that the auditor is	aware of that information.
In preparing these	financial statements, the Trustees are	required to:		Select suitable accounting	policies and then apply them	consistently		Observe the methods	and principles in the Charities	SORP		Make judgements and	estimates that are reasonable and	prudent		State whether applicable	UK accounting standards have	been followed, subject to any	material departures disclosed	and explained in the financial	statements; and	Prepare the financial statements	on the going concern basis unless		it is inappropriate to presume the	charity will continue in operation
The Trustees (who are also Directors	of the UK Cyber Security Council for	the purpose of company law) are	responsible for preparing the	trustee’s report and financial	statements in accordance with	applicable law and United Kingdom	accounting practices.		Company and Charity law requires	the Trustees to prepare financial	statements for each financial year.		Under company law the Trustees	must not approve the financial	statements unless they are satisfied	that they give a true and fair view of	the situation of the charitable	company and of the incoming	resources and application of	resources, including the income and	expenditure for that period.	The Trustees are responsible	for keeping adequate and		proper accounting records that are	sufficient to show and explain the	charitable company’s transactions and disclose with reasonable		accuracy at any time the financial	position of the charitable company.

INDEPENDENT AUDITORS’ REPORT TO THE MEMBERS OF THE UK CYBER SECURITY COUNCIL

Opinion

We have audited the financial statements of The UK Cyber Security Council (‘the charitable company’) for the year ended 31 March 2022 which comprise the Statement of Financial Activities, the Balance Sheet, the Statement of Cash Flows and notes to the financial statements, including a summary of significant accounting policies. The financial reporting framework that has been applied in their preparation is applicable law and United Kingdom Accounting Standards, including FRS 102 ‘The Financial Reporting Standard Applicable in the UK and Ireland’ (United Kingdom Generally Accepted Accounting Practice).

In our opinion the financial statements:

! give a true and fair view of the state of the charitable company’s affairs as at 31 March 2022 and of its incoming resources and application of resources, including its income and expenditure, for the year then ended;
! have been properly prepared in accordance with United Kingdom Generally Accepted Accounting Practice; and
! have been prepared in accordance with the requirements of the Companies Act 2006.

Basis for opinion

We conducted our audit in accordance with International Standards on Auditing (UK) (ISAs(UK)) and applicable law. Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the audit of financial statements section of our report. We are independent of the Corporation in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard, and we have fulfilled our other ethical responsibilities in accordance with these requirements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

Emphasis of matter – financial statements prepared on a basis other than going concern

We draw attention to Note 1 to the financial statements which explains that the trustees intend for the entity to cease trading and as a consequence, all activities will be transferred to a separate entity with effect from the 31 March 2023. At this point the trustees will liquidate the company and therefore do not consider it to be appropriate to adopt the going concern basis of accounting in preparing the financial statements. Accordingly the financial statements have been prepared on a basis other than going concern as described in Note 1. Our opinion is not modified in respect of this matter.

Other information

The other information comprises the information included in the annual report, other than the financial statements and our auditor’s report thereon. The trustees are responsible for the other information. Our opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon.

In connection with our audit of the financial statements, our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether there is a material misstatement in the financial statements or a material misstatement of the other information. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact.

We have nothing to report in this regard.

INDEPENDENT AUDITORS’ REPORT TO THE MEMBERS OF THE UK CYBER SECURITY COUNCIL

Opinions on other matters prescribed by the Companies Act 2006

In our opinion, based on the work undertaken in the course of the audit:

! the information given in the trustees’ annual report for the financial year for which the financial statements are prepared is consistent with the financial statements; and
! the trustees’ annual report have been prepared in accordance with applicable legal requirements.

Matters on which we are required to report by exception

In the light of the knowledge and understanding of the company and its environment obtained in the course of the audit, we have not identified material misstatements in the trustees’ annual report.

We have nothing to report in respect of the following matters where the Companies Act 2006 requires us to report to you if, in our opinion:

! adequate accounting records have not been kept, or returns adequate for our audit have not been received from branches not visited by us; or
! the financial statements are not in agreement with the accounting records and returns; or
! certain disclosures of trustees’ remuneration specified by law are not made; or
! we have not received all the information and explanations we require for our audit; or
! the trustees were not entitled to prepare the financial statements in accordance with the small companies regime and take advantage of the small companies exemption in preparing the Trustees’ Annual Report and from preparing a Strategic Report.

Responsibilities of trustees

As explained more fully in the trustees’ responsibilities statement set out on page 20, the trustees (who are also the directors of the charitable company for the purposes of company law) are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the trustees determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the financial statements, the trustees are responsible for assessing the charitable company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the trustees either intend to liquidate the charitable company or to cease operations, or have no realistic alternative but to do so.

Auditor’s responsibilities for the audit of the financial statements

Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with ISAs (UK) we exercise professional judgement and maintain professional scepticism throughout the audit. We also:

! Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.

INDEPENDENT AUDITORS’ REPORT TO THE MEMBERS OF THE UK CYBER SECURITY COUNCIL

! Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purposes of expressing an opinion on the effectiveness of the charitable company’s internal control.
! Evaluate the appropriateness of accounting policies used and the reasonableness of accounting estimates and related disclosures made by the trustees.
! Conclude on the appropriateness of the trustees’ use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the charitable company’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor’s report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor’s report. However, future events or conditions may cause the charitable company to cease to continue as a going concern.
! Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

Explanation as to what extent the audit was considered capable of detecting irregularities, including fraud

Irregularities, including fraud, are instances of non-compliance with laws and regulations. We design procedures in line with our responsibilities, outlined above, to detect material misstatements in respect of irregularities, including fraud. The extent to which our procedures are capable of detecting irregularities, including fraud is detailed below.

The objectives of our audit in respect of fraud, are; to identify and assess the risks of material misstatement of the financial statements due to fraud; to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud, through designing and implementing appropriate responses to those assessed risks; and to respond appropriately to instances of fraud or suspected fraud identified during the audit. However, the primary responsibility for the prevention and detection of fraud rests with both management and those charged with governance of the charitable company.

Our approach was as follows:

! We obtained an understanding of the legal and regulatory requirements applicable to the company and considered that the most significant are the Companies Act 2006, the Charities Act 2011, UK financial reporting standards as issued by the Financial Reporting Council and UK taxation legislation.
! We obtained an understanding of how the charitable company complies with these requirements by discussions with management and those charged with governance.
! We assessed the risk of material misstatement of the financial statements, including the risk of material misstatement due to fraud and how it might occur, by holding discussions with management and those charged with governance.
! We inquired of management and those charged with governance as to any known instances of non-compliance or suspected non-compliance with laws and regulations.
! Based on this understanding, we designed specific appropriate audit procedures to identify instances of non-compliance with laws and regulations. This included making enquiries of management and those charged with governance and obtaining additional corroborative evidence as required.

INDEPENDENT AUDITORS’ REPORT TO THE MEMBERS OF THE UK CYBER SECURITY COUNCIL

There are inherent limitations in the audit procedures described above. We are less likely to become aware of instances of non-compliance with laws and regulations that are not closely related to events and transactions reflected in the financial statements. Also, the risk of not detecting a material misstatement due to fraud is higher than the risk of not detecting one resulting from error, as fraud may involve deliberate concealment by, for example, forgery or intentional misrepresentations, or through collusion.

Use of our report

This report is made solely to the charitable company's members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to any party other than the charitable company and charitable company's members as a body, for our audit work, for this report, or for the opinions we have formed.

James Saunders (Senior Statutory Auditor) for and on behalf of Moore Kingston Smith LLP, Statutory Auditor

9 Appold Street London EC2A 2AP

Date: 13 January 2023

(incorporating an income and expenditure account)

----- Start of picture text -----
2021
Unrestricted Restricted Total
Note £ £ £
Donations and legacies 2 - 1,577,010 -
Charitable activities 3
- -
Membership 28,958
Other 500 - -
-
29,458 1,577,010
- -
Raising funds 30,818
Charitable activities
-
Membership 5,500 57,067
- -
Setting Standards 1,445,566
4 5,500 1,533,451 -
5 23,958 43,559 -
Transfers between funds 29,446 (29,446) -
-
53,404 14,113
- - -
Total funds brought forward
15 53,404 14,113 -
----- End of picture text -----

The charity was dormant in the previous financial period ended 31 March 2021.

All of the above results are derived from continuing activities. There were no other recognised gains or losses other than those stated above. Movements in funds are disclosed in Note 16 to the financial statements.

The notes on pages 28 to 34 form part of these financial statements

Company no. 12830814

Note 10 11 12 14 15 tricted funds ncome funds d income funds: mounts falling due within one year k and in hand sets funds	Note 10 11 12 14 15 tricted funds ncome funds d income funds: mounts falling due within one year k and in hand sets funds		£ - -	2021 £ -
				- -
			- -
			-
				-
				- -

				-

Approved by the trustees on 13 December 2022 and signed on their behalf by:

Dr Claudia Natanson MBE - Trustee

The notes on pages 28 to 34 form part of these financial statements

----- Start of picture text -----
Note
£ £
-
-
Depreciation charges
-
(Increase)/decrease in debtors
-
Increase/(decrease) in creditors
-
Purchase of fixed assets (29,446) -
-
(29,446)
-
351,255
- -
Cash and cash equivalents at the beginning of the year
-
351,255
At 31 March
2021
£
Cash in hand and at bank 351,255 -
-
At Start of At end of
year Cashflows year
£ £ £
Cash in hand and at bank - 351,255 351,255
----- End of picture text -----

The UK Cyber Security Council is a charitable company limited by guarantee registered in England with registration number 12830814. Its registered office address is 3rd Floor, 106 Leadenhall Street, London, England, EC3A 4AA.

The financial statements have been prepared in accordance with Accounting and Reporting by Charities: Statement of Recommended Practice applicable to charities preparing their accounts in accordance with the Financial Reporting Standard applicable in the UK and Republic of Ireland (FRS 102) (effective 1 January 2015) - (Charities SORP FRS 102), the Financial Reporting Standard applicable in the UK and Republic of Ireland (FRS 102) and Update Bulletin 2, and the Charities Act 2011. The accounts are presented in GBP rounded to £1, which is the functional currency of the charity.

Assets and liabilities are initially recognised at historical cost or transaction value unless otherwise stated in the relevant accounting policy or note. The charity was dormant in the previous financial period ended 31 March 2021. The functional currency is Sterling Pound (GBP).

The charitable company meets the definition of a public benefit entity under FRS 102.

The Trustees of the charity took the decision during the year to transfer the trade and operations of the company to a new Royal Charter charitable company and this transfer will take place with effect from the close of business on 31 March 2023. From that date the company will cease trading. As a result the financial statements have been prepared on a basis other than that of a going concern. No adjustments to the recognition or measurement of assets, liabilities or other transactions have been made as a result of the financial statements being prepared on a basis other that that of a going concern. No additional provisions have been recognised as a consequence of adopting a basis of preparation other than going concern.

Income, including from Government and other grants, whether 'capital' or 'income', is recognised when the charity has entitlement to the funds, any performance conditions attached to the income have been met, it is probable that the income will be received and that the amount can be measured reliably.

Membership income is generally for a period of tweleve months. Membership income relating to future financial years is deferred.

Restricted funds are to be used for specific purposes as laid down by the donor. Expenditure which meets Unrestricted funds are donations and other incoming resources received or generated for the charitable Designated funds are unrestricted funds earmarked by the trustees for particular purposes.

Expenditure is recognised once there is a legal or constructive obligation to make a payment to a third party, ! Costs of raising funds relate to the costs incurred by the charitable company in inducing third parties to ! Expenditure on charitable activities includes the costs of offering fellowships and delivering related ! Other expenditure represents those items not falling into any other heading.

Irrecoverable VAT is not charged as a cost against the activity for which the expenditure was incurred but identified separately as a cost itself.

Resources expended are allocated to the particular activity where the cost relates directly to that activity. However, the cost of overall direction and administration of each activity (support costs), comprising the salary and overhead costs of the central function, is apportioned on the following basis which are an estimate, based on staff time, of the amount attributable to each activity.

Where such information about the aims, objectives and projects of the charity is also provided to potential donors, activity costs are apportioned between fundraising and charitable activities on the basis of area of literature occupied by each activity.

! Fundraising 0%

! Membership 0%

! Setting Standards 100%

Where information about the aims, objectives and projects of the charity is provided to potential beneficiaries, the costs associated with this publicity are allocated to charitable expenditure.

Items of equipment are capitalised where the purchase price exceeds £500. Depreciation costs are allocated to activities on the basis of the use of the related assets in those activities. Assets are reviewed for impairment if circumstances indicate their carrying value may exceed their net realisable value and value in use.

Depreciation is provided at rates calculated to write down the cost of each asset to its estimated residual value over its expected useful life. The depreciation rates in use are as follows:

! IT and phone equipment

3 years

The charity only has financial assets and financial liabilities of a kind that qualify as basic financial instruments. Basic financial instruments are initially recognised at transaction value and subsequently measured at their settlement value.

Trade and other debtors are recognised at the settlement amount due after any trade discount offered. Prepayments are valued at the amount prepaid net of any trade discounts due.

Creditors and provisions are recognised where the charity has a present obligation resulting from a past event that will probably result in the transfer of funds to a third party and the amount due to settle the obligation can be measured or estimated reliably. Creditors and provisions are normally recognised at their settlement amount after allowing for any trade discounts due.

Cash at bank and cash in hand includes cash and short term highly liquid investments with a short maturity of three months or less from the date of acquisition or opening of the deposit or similar account. Cash balances exclude any funds held on behalf of service users.

The charity contributes towards the employees' personal pension schemes. The cost of the contribution is charged to the statement of financial activities on an accruals basis.

In the application of the company’s accounting policies, the charity is required to make judgements, estimates and assumptions about the carrying amount of assets and liabilities that are not readily apparent from other sources. The estimates and associated assumptions are based on historical experience and other factors that are considered to be relevant. Actual results may differ from these estimates.

The estimates and underlying assumptions are reviewed on an on-going basis. Revisions to accounting estimates are recognised in the period in which the estimate is revised, if the revision affects only that period, or in the period of the revision and future periods if the revision affects both current and future periods.

There are no estimates and assumptions that are considered to have a significant risk of causing a material adjustment to the financial statements in a future period.

----- Start of picture text -----
2021
Unrestricted Restricted Total
£ £ £
Grant from Department of Digital, Culture, Media &
- -
Sport 1,577,010
- -
1,577,010
2021
Unrestricted Restricted Total
£ £ £
- -
Membership 28,958
Total income from charitable activities 28,958 - -
----- End of picture text -----

	2021	Total	£	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
																						-
																							-
Cost of	raising Setting Support	funds Membership Standards costs	£ £ £ £	Staff costs (Note 8) 18,624 50,647 57,928 6,798	Staff expenses - - - 7,364	Staff recruitment - - - 19,622	Computer and IT support - - 15,625 -	Contractors - 6,420 424,886 172,252	Design and communication - - 181,624 -	Events Attendance & Conferences - - 52,877 -	General office costs - - - 11,205	Legal and professional fees - - - 61,561	Marketing 12,194 - - -	Office rent and insurance - - - 15,970	Technical service - - 54,000 -	Website and web services - - 116,032 -	Bad debts - 5,500 - -	Audit - - - 9,000	Trustee recruitment - - - 25,200	Unrecoverable VAT - - - 213,621	30,818 62,567 902,973 542,594	Support costs - - 542,594 (542,594)	Total expenditure 2021 - - - -	Of the total expenditure, £5,500 (2021: nil) was unrestricted and £1,533,451 was restricted (2021: nil).

This is stated after charging / crediting:

s' recruitment dit s' remuneration (excluding VAT): iation		2021 £ - - -

Staff costs were as follows:

2021 £ - Salaries and wages - Social security costs - Employer’s contribution to defined contribution pension schemes -

The following number of employees received employee benefits (excluding employer pension costs) during the year in bandings of costs greater than £60,000:

2021 No. - £70,000 - £79,999

The total employee benefits including pension contributions of the key management personnel, made up of the Chief Executive Officer and the Project Manager were £107,429 (2021: nil).

The charity trustees were not paid or received any other benefits from employment with the charity in the year (2021: £nil). No charity trustee received payment for professional or other services supplied to the charity (2021: £nil).

During the year, trustee was reimbursed travel expenses of nil (2021: nil).

The average number of employees (head count based on number of staff employed) during the year was as follows:

2021 No. - Cost of raising funds - Membership - Setting Standards - Governance and support -

Two trustees were reimbursed meeting expenses of £94 (2021: none). There are no related party transactions to disclose for 2022 (2021: none).

There are no donations from related parties which are outside the normal course of business.

The charitable company is exempt from corporation tax to the extent that all its income is charitable and is applied for charitable purposes.

----- Start of picture text -----
IT & phone
equipment
£
-
At the start of the year
Additions in year 29,446
At the end of the year 29,446
-
At the start of the year
Charge for the year 1,479
At the end of the year 1,479
27,967
- -
At the start of the year
All of the above assets are used for charitable purposes.
2021
£
Trade debtors -
-
Prepayments and accrued income
-
2021
£
Trade creditors -
-
Taxation and social security
Other creditors -
Accruals -
-
Deferred income (note 13)
-
----- End of picture text -----

Deferred income comprises membership fee income received during the year for future years. 2021 £ - Balance at the beginning of the year - Amount released to income in the year - Amount deferred in the year - Balance at the end of the year


assets ed assets DCMS	At 1 April 2021 £ -	Incoming resources & gains £ 1,577,010	£ 27,967 25,437 General unrestricted	Restricted £ - 14,113

			Outgoing resources & losses £ (1,533,451)	Transfers £ (29,446)
	-	1,577,010	(1,533,451)	(29,446)
	-	29,458	(5,500)	29,446
	-	29,458	(5,500)	29,446
	-	1,606,468	(1,538,951)	-

Transfers include:

Capitalised fixed assets funded by restricted funds where the fixed assets are for the general objects of the charity.

The grant from the Department of Digital, Culture, Media & Sports is used to cover costs of setting standards for cyber secuity and delivering the pilot.

\

There were no capital commitments not provided for in the financial statements (2021: none)