1. Purpose
The Board Assurance Framework forms part of the governance arrangements for the NHS Counter Fraud Authority. (NHSCFA). Information about the NHSCFA, for example its basis in law, its strategies and business plans is available from https://cfa.nhs.uk/about-nhscfa/corporate-publications
The governance arrangements ensure that the NHSCFA is held accountable in the key areas listed here, which reflect the organisation’s operating structure, priorities and objectives.
This document sets out how the NHSCFA will record, report on and provide assurance to the NHSCFA Board via the Audit and Risk Assurance Committee (ARAC), on the governance arrangements.
The governance arrangements are designed to promote accountability, ensuring the NHSCFA satisfies its social, regulatory and legal obligations.
The roles and responsibilities are set out in respective Terms of Reference the NHSCFA Board Terms of Reference, Audit and Risk Assurance Committee Terms of Reference (cfa.nhs.uk)
2. Methodology
The NHSCFA adopts a risk-based approach to assurance and effective ways of assessing the controls in place and communicating these to the ARAC in a clear, concise and timely manner.
This approach will take into account the three lines of defence model set out in HM Government The Orange Book Management of Risk – principles and concepts1.
Accordingly, the elements set out below enable the ARAC to meet its responsibilities to the Board.
| Aspect | Assurance/Controls in place | Frequency/availability |
|---|---|---|
| Aspect Compliance with statutory instruments and directions | Assurance/Controls in place Board & committees with annually reviewed Terms of Reference | Frequency/availability Annual Ad hoc |
| Aspect Delivery of the Board functions |
Assurance/Controls in place
|
Frequency/availability Annual Annual Ad hoc All Regular Meetings |
| Aspect Financial Management & Financial Planning |
Assurance/Controls in place
|
Frequency/availability Annual Annual/ad hoc Quarterly Annual Annual |
| Aspect Risk Management |
Assurance/Controls in place
|
Frequency/availability Annual All Regular Meetings All Regular Meetings Bi-annual |
| Aspect Strategic Delivery (against NHSCFA Strategy & KPIs) | Assurance/Controls in place Board Performance Report | Frequency/availability Quarterly |
| Aspect Government Functional Standards | Assurance/Controls in place Functional Standards Assurance Map | Frequency/availability Annual |
| Aspect Information Security & Governance | Assurance/Controls in place Information Security & Governance Report | Frequency/availability Annual |
| Aspect Business Continuity & Disaster Recovery | Assurance/Controls in place Business Continuity & Disaster Recovery Review | Frequency/availability Annual |
| Aspect Standards of Business Conduct |
Assurance/Controls in place
|
Frequency/availability
All Regular Meetings Bi-Annual Annual |
| Aspect Counter Fraud, Anti Bribery, Whistleblowing & Complaints |
Assurance/Controls in place
|
Frequency/availability
Annual Annual |
| Aspect Procurement and Contract Management | Assurance/Controls in place Pipeline/Procurement Contracts Report | Frequency/availability Bi-Annual |
3. Review
This Board Assurance Framework will be subject to formal review no less than annually but may be reviewed and updated at any time.