Board Assurance Framework

Purpose

The Board Assurance framework forms part of the governance arrangements for the NHS Counter Fraud Authority. (NHSCFA). Information about the NHSCFA, for example its basis in law, its strategies and business plans is available from https://cfa.nhs.uk/about-nhscfa/corporate-publications

The governance arrangements ensure that the NHSCFA is held accountable in the key areas listed in table 1, which reflect the organisation’s operating structure, priorities and objectives.

This document sets out how the NHSCFA will record, report on and provide assurance to the NHSCFA Board via the Audit, Risk & Assurance Committee (ARAC), on the governance arrangements.

The governance arrangements are designed to promote accountability, ensuring the NHSCFA satisfies its social, regulatory and legal obligations.

Roles and responsibilities

The NHSCFA Board is responsible for providing strategic leadership for the organisation ensuring that it is able to account to parliament and the public on how the functions of NHSCFA are delivered. Details are set out in the NHSCFA Board Terms of Reference

The ARAC provides an independent view to the Board and Accounting Officer on the appropriateness and adequacy of all aspects of NHSCFA’s risk management, internal control environment, governance and assurance arrangements. Details are set out in the Audit & Risk Assurance Committee Terms of Reference (cfa.nhs.uk)

The executive team are responsible for leading the organisation, developing and setting strategy and ensuring the delivery of priorities and plans. The team are accountable for the delivery of the strategic duties as set by the Board.

The Finance and Corporate Governance Division is responsible for:

• maintaining relevant risk management policies and guidance documents
• completing of an annual assurance map
• producing a risk based annual internal Governance & Assurance workplan
• tracking the implementation of audit and Governance & Assurance recommendations
• monitoring the compliance with government counter fraud standards (Gov13)
• attending and supporting the Performance and Assurance Panels (PAPS) to challenge on assurance and risks.

The Performance & Improvement Director is responsible for chairing of the PAPS and provision of a quarterly assurance letter to the Accounting Officer.

Methodology

The NHSCFA adopts a risk-based approach to identifying where additional assurance is required and effective ways of assessing the controls in place and communicating these to the ARAC in a clear, concise and timely manner.

This approach will take into account the three lines of defence model set out in HM Government The Orange Book Management of Risk – principles and concepts.

Accordingly, the elements set out in Table 1 enable the ARAC to meet its responsibilities to the Board.

The following reports will be provided to the ARAC:

• risk register report
• external and internal audit reports (provided by NAO/GIAA)
• internal Governance & Assurance reports (provided by F&CG on exception only)
• progress reports on the implementation of external and internal audit recommendations
• progress reports on the implementation of internal Governance & Assurance recommendations
• an annual report on other elements of assurance

Review

The Board Assurance Framework will be subject to formal review no less than annually but may be reviewed and updated at any time.