Board Assurance Framework

Assurance is provided to the board and Committees via a number of reports which reflect the organisations governance arrangements. An overview of these is included within the Governance Statement contained within the Annual Report & Accounts.

Purpose

The Board Assurance framework forms part of the governance arrangements for the NHS Counter Fraud Authority. (NHSCFA). Information about the NHSCFA, for example its basis in law, its strategies and business plans is available from https://cfa.nhs.uk/about-nhscfa/corporate-publications

The governance arrangements ensure that the NHSCFA is held accountable in the key areas listed in table 1, which reflect the organisation’s operating structure, priorities and objectives.

This document sets out how the NHSCFA will record, report on and provide assurance to the NHSCFA Board via the Audit, Risk & Assurance Committee (ARAC), on the governance arrangements.

The governance arrangements are designed to promote accountability, ensuring the NHSCFA satisfies its social, regulatory and legal obligations.

Roles and responsibilities

The NHSCFA Board is responsible for providing strategic leadership for the organisation ensuring that it is able to account to parliament and the public on how the functions of NHSCFA are delivered. Details are set out in the NHSCFA Board Terms of Reference

The ARAC provides an independent view to the Board and Accounting Officer on the appropriateness and adequacy of all aspects of NHSCFA’s risk management, internal control environment, governance and assurance arrangements. Details are set out in the Audit & Risk Assurance Committee Terms of Reference (cfa.nhs.uk)

The executive team are responsible for leading the organisation, developing and setting strategy and ensuring the delivery of priorities and plans. The team are accountable for the delivery of the strategic duties as set by the Board.

The Finance and Corporate Governance Division is responsible for:

  • maintaining relevant risk management policies and guidance documents
  • completing of an annual assurance map
  • producing a risk based annual internal Governance & Assurance workplan
  • tracking the implementation of audit and Governance & Assurance recommendations
  • monitoring the compliance with government counter fraud standards (Gov13)
  • attending and supporting the Performance and Assurance Panels (PAPS) to challenge on assurance and risks.

The Performance & Improvement Director is responsible for chairing of the PAPS and provision of a quarterly assurance letter to the Accounting Officer.

Methodology

The NHSCFA adopts a risk-based approach to identifying where additional assurance is required and effective ways of assessing the controls in place and communicating these to the ARAC in a clear, concise and timely manner.

This approach will take into account the three lines of defence model set out in HM Government The Orange Book Management of Risk – principles and concepts.

Accordingly, the elements set out in Table 1 enable the ARAC to meet its responsibilities to the Board.

The following reports will be provided to the ARAC:

  • risk register report
  • external and internal audit reports (provided by NAO/GIAA)
  • internal Governance & Assurance reports (provided by F&CG on exception only)
  • progress reports on the implementation of external and internal audit recommendations
  • progress reports on the implementation of internal Governance & Assurance recommendations
  • an annual report on other elements of assurance

Review

The Board Assurance Framework will be subject to formal review no less than annually but may be reviewed and updated at any time.

Table detailing how ARAC will meet is responsibilities to the board
Corporate Governance Area Assurance/Controls in place Frequency/availability
Compliance with statutory instruments and directions which set out the structure and functions of the NHSCFA Operational Board & sub committees with annually reviewed Terms of Reference
G&A exercises on Statutory transfer of Functions 		Annual
Ad hoc
Delivery of the Board functions Operational Board & sub committees with annually reviewed Terms of Reference
Board effectiveness reviews
GIAA review completed in March 2020 (moderate rating)
Board Performance Report 		Annual
Annual
Ad hoc
Quarterly
Financial Management & Financial Planning SFI/ SFO reviewing annually
NAO/ GIAA audit reports
Standing agenda – ARAC and Board
Use of financial resources and financial management included in annual assurance map Integrated Planning arrangements 		Annual
Annual/ad hoc
Quarterly
Annual

Annual
Risk Management Suite of risk management documentation - Risk Appetite, Risk Policy, etc
Risk Register
Risk Register Review Group
Performance and Assurance Panels
Assurance map 		Annual

Quarterly
Quarterly
Bi-annual
Performance Management (against 2020-23 strategy & 2021-22 published KPIs) Management Reporting Tool
Performance and Assurance Panels
Assurance map 		Quarterly
Quarterly
Bi-annual
Performance Management (against Unit Business plan objectives and legislative requirements e.g Investigatory powers & legislation, PIDA, Safety Health & Environment, Sustainability) Management Reporting Tool
Performance and Assurance Panels
Assurance map 		Quarterly
Quarterly
Information Governance (inc. Data Protection, FOI & Equality Act) Assurance map
Annual Report - Governance Statement 		Annual
Annual
Programme & Project Management Management Reporting Tool
Assurance map
Governance Statement 		Quarterly
Annual
Annual
Stakeholder & External Profile Management Assurance map Annual
Counter Fraud, Anti Bribery, Whistle- blowing & Complaints Assurance map
Annual Report 		Annual
Annual
Annual Report & Accounts, including Governance Statement Annual review and authorisation Annual
Contract Management Governance Statement
G&A exercises 		Annual
Ad hoc