Purpose
The Board Assurance framework forms part of the governance arrangements for the NHS Counter Fraud Authority. (NHSCFA). Information about the NHSCFA, for example its basis in law, its strategies and business plans is available from https://cfa.nhs.uk/about-nhscfa/corporate-publications
The governance arrangements ensure that the NHSCFA is held accountable in the key areas listed in table 1, which reflect the organisation’s operating structure, priorities and objectives.
This document sets out how the NHSCFA will record, report on and provide assurance to the NHSCFA Board via the Audit, Risk & Assurance Committee (ARAC), on the governance arrangements.
The governance arrangements are designed to promote accountability, ensuring the NHSCFA satisfies its social, regulatory and legal obligations.
Roles and responsibilities
The NHSCFA Board is responsible for providing strategic leadership for the organisation ensuring that it is able to account to parliament and the public on how the functions of NHSCFA are delivered. Details are set out in the NHSCFA Board Terms of Reference
The ARAC provides an independent view to the Board and Accounting Officer on the appropriateness and adequacy of all aspects of NHSCFA’s risk management, internal control environment, governance and assurance arrangements. Details are set out in the Audit & Risk Assurance Committee Terms of Reference (cfa.nhs.uk)
The executive team are responsible for leading the organisation, developing and setting strategy and ensuring the delivery of priorities and plans. The team are accountable for the delivery of the strategic duties as set by the Board.
The Finance and Corporate Governance Division is responsible for:
- maintaining relevant risk management policies and guidance documents
- completing of an annual assurance map
- producing a risk based annual internal Governance & Assurance workplan
- tracking the implementation of audit and Governance & Assurance recommendations
- monitoring the compliance with government counter fraud standards (Gov13)
- attending and supporting the Performance and Assurance Panels (PAPS) to challenge on assurance and risks.
The Performance & Improvement Director is responsible for chairing of the PAPS and provision of a quarterly assurance letter to the Accounting Officer.
Methodology
The NHSCFA adopts a risk-based approach to identifying where additional assurance is required and effective ways of assessing the controls in place and communicating these to the ARAC in a clear, concise and timely manner.
This approach will take into account the three lines of defence model set out in HM Government The Orange Book Management of Risk – principles and concepts.
Accordingly, the elements set out in Table 1 enable the ARAC to meet its responsibilities to the Board.
The following reports will be provided to the ARAC:
- risk register report
- external and internal audit reports (provided by NAO/GIAA)
- internal Governance & Assurance reports (provided by F&CG on exception only)
- progress reports on the implementation of external and internal audit recommendations
- progress reports on the implementation of internal Governance & Assurance recommendations
- an annual report on other elements of assurance
Review
The Board Assurance Framework will be subject to formal review no less than annually but may be reviewed and updated at any time.
Corporate Governance Area | Assurance/Controls in place | Frequency/availability |
---|---|---|
Compliance with statutory instruments and directions which set out the structure and functions of the NHSCFA | Operational Board & sub committees with annually reviewed Terms of Reference G&A exercises on Statutory transfer of Functions |
Annual Ad hoc |
Delivery of the Board functions | Operational Board & sub committees with annually reviewed Terms of Reference Board effectiveness reviews GIAA review completed in March 2020 (moderate rating) Board Performance Report |
Annual Annual Ad hoc Quarterly |
Financial Management & Financial Planning | SFI/ SFO reviewing annually NAO/ GIAA audit reports Standing agenda – ARAC and Board Use of financial resources and financial management included in annual assurance map Integrated Planning arrangements |
Annual Annual/ad hoc Quarterly Annual Annual |
Risk Management | Suite of risk management documentation - Risk Appetite, Risk Policy, etc Risk Register Risk Register Review Group Performance and Assurance Panels Assurance map |
Annual Quarterly Quarterly Bi-annual |
Performance Management (against 2020-23 strategy & 2021-22 published KPIs) | Management Reporting Tool Performance and Assurance Panels Assurance map |
Quarterly Quarterly Bi-annual |
Performance Management (against Unit Business plan objectives and legislative requirements e.g Investigatory powers & legislation, PIDA, Safety Health & Environment, Sustainability) | Management Reporting Tool Performance and Assurance Panels Assurance map |
Quarterly Quarterly |
Information Governance (inc. Data Protection, FOI & Equality Act) | Assurance map Annual Report - Governance Statement |
Annual Annual |
Programme & Project Management | Management Reporting Tool Assurance map Governance Statement |
Quarterly Annual Annual |
Stakeholder & External Profile Management | Assurance map | Annual |
Counter Fraud, Anti Bribery, Whistle- blowing & Complaints | Assurance map Annual Report |
Annual Annual |
Annual Report & Accounts, including Governance Statement | Annual review and authorisation | Annual |
Contract Management | Governance Statement G&A exercises |
Annual Ad hoc |