Audit Committee Assurance Report

Meeting: Public Meeting

Date: 10 July 2024

Report Title: Audit Committee Assurance Report

Agenda Item: PUB24/07/6.2

Committee Date: 15 May 2024

Meeting Chair: George Lynn – Non-Executive Director and Committee Chair

Meeting Quorate: YES

Purpose: Assurance

Recommendation: The Board is asked to receive assurance from the business discussed at the meeting and to review the matters for escalation and referral.

Link to Strategic Objective:

• Be an exceptional place to work, volunteer and learn
• Provide outstanding quality of care and performance
• Be excellent collaborators and innovators as system partners
• Be an environmentally and financially sustainable organisation

Summary of Items Considered at the Meeting

Board Assurance Framework and Risk Management

Consideration: Overview of strategic and corporate risk management of the organisation.

Resolution/Outcome: Noted that the Board had met in March 2024 to review risks where it had determined that the Strategic Risks had not changed. The Committee agreed to the addition of eight new risks but reflected that we need assessments to consider Digital and Cyber-risks. The Committee discussed how specific controls and mitigations were assessed, noting that many were reviewed by the Compliance and Risk Group (CRG), a sub-group of Audit Committee.

Assurance: Reasonable

Group Assurance Report

Consideration: Report on levels of assurance provided in areas reported to CRG at its last meeting (29.03.2024)

Resolution/Outcome: Noted that four groups reported reasonable assurance and one substantial. There were no areas for escalation identified by CRG. The Committee agreed that it would be useful to better understand the methodologies used by CRG to interrogate risks and mitigations. It was agreed that members of Audit Committee will be invited to attend and observe future meetings of CRG. It was also noted that a project had commenced to review the meetings of the Trust Committee’s sub-groups.

Assurance: Reasonable

Directorate Risk Register “deep dives”: Operations

Consideration: New agenda item to provide assurance on the management of directorate risk registers

Resolution/Outcome: The Committee received a presentation from the Operations Directorate on their Risk Register covering 82 identified risks. The three key risks being:

• Response times to patients
• Staffing shortages at EOC’s
• Meeting Civil Contingencies Act obligations The Committee noted risks, controls and action plans.

Assurance: Reasonable

Freedom of Information

Consideration: Annual Report on FOI volumes, compliance, and ICO interaction.

Resolution/Outcome: A decrease was noted in open FOI requests, there had been real improvement in recent months. Open FOIs were down from 100 to c.60 with no ICO complaints. Noted the increasing use of body-cams and increased requests for footage (222% on last year). The Committee asked that the Information Governance Manager / Information Governance Group consider what strategic responses could be considered to the increasing data requirements. What options are there for automated FOI responses, open data and other options to automate responses (e.g. AI).

Assurance: Moderate

Information Governance updates

Consideration: Update on the Trust’s current position with respect to:

• Digital Security Protection Tool (DSPT) compliance
• Information Governance breaches
• Subject Access Requests and FOI’s

Resolution/Outcome: The Committee noted:

• DSPT internal audit in February 2024 concluded with a moderate assurance report.
• IG breaches continue at an average of 14 per month (key areas: email mis-direction and accessing NICE recordings. Although March 2024 reported 27 breaches.
• Progress on reporting compliance with 2023-24 DSPT was noted.

Assurance: Moderate

Demonstrating Impact Programme Assurance

Consideration: Review of highlights report of “Demonstrating Impact” from Fit for the Future Transformation Programmes

Resolution/Outcome: Transformation programmes focus on key areas of OPIP shared with Commissioners, Regulators and the Board. Key activity discussed was:

• Connected Planning – developing business analysis capability within the Informatics team.
• Innovative secondment of EEAST employee into Mid and South Essex.
• Developing Lean/Six-Sigma approach to considering Fleet and Make Ready capability.

Assurance: Reasonable

Financial Management – Losses and special payments

Consideration: Quarterly Report on compliance with HM Treasury 2023 publication “Managing Public Money” – (February – March 2024)

Resolution/Outcome: Noted eight ex-gratia payments totalling £33k. The annual accounts reported that for 2023-24, 37 matters costing £316k were reported to Audit Committee. The Trust’s MARS programme led to 46 agreements with severance payments of £1.8m, and £444k of PILONs. In this quarter that includes five PILONs amounting to £32k.

Assurance: Reasonable

Financial Management – Tenders and Waivers

Consideration: Report on Tenders and Waivers (February – March 2024)

Resolution/Outcome: Noted that the Trust had appeared by Q3 to be on-track to meet the financial waivers target. However, based on January 2024 numbers, it is expected that targets will be closely missed. Noted historic trajectory towards targets, but queried what needs to happen to meet targets within EEAST?

Assurance: Reasonable

Tenders and waivers

Consideration: Report on Tenders and Waivers (November 2023 – January 2024)

Resolution/Outcome: Noted that, at the end of 2023-24, the Trust exceeded its targets on managing waivers for:

• value 2.65% of non-pay spend (target 2%), and
• number – 83 (target – 40) The Committee discussed how the new Atamis system could be used towards the strategic and compliant management of contracts.

Assurance: Moderate

Annual Report and Accounts

Consideration: Presentation of draft 2023-24 Annual Accounts

Resolution/Outcome: Received reports from Executive team and External Auditors on progress towards approval of the Annual Accounts. Noted no significant accounting changes from previous years and the audit was progressing well.

Assurance: Substantial

Consideration: Presentation of draft 2023-24 Annual Performance Report

Resolution/Outcome: Received reports from the Executive team and External Auditors on progress towards approval of the Annual Performance Report.

Assurance: Substantial

Consideration: Presentation of draft 2023-24 Annual Governance Statement

Resolution/Outcome: Received reports from the Executive team and External Auditors on progress towards approval of the Annual Governance Statement.

Assurance: Substantial

Counter Fraud progress and 2023-24 Annual Report

Consideration: Update on Counter Fraud since last meeting, and review of 2023-24 Annual Report

Resolution/Outcome: Noted continuing progress in managing fraud across EEAST. Work planned for 2023-24 had been completed and an Annual Report presented. During 2023-24 there had been 29 referrals of fraud, of which 16 became full investigations.

Assurance: Reasonable

Internal audit reports

Consideration:

1. Update on emerging IA work against 2023-24 plan, including:

• Effectiveness of Business Planning (reasonable assurance)
• Data Security and Protection Toolkit (DSPT) (moderate assurance)

2. Proposed revisions to 2024-25 plan
3. Head of Internal Audit Opinion and Annual Report

Resolution/Outcome:

1. The Committee accepted reports from 2023-24 and noted that the outstanding reports will be presented at the July 2024 meeting.
2. Accepted proposed revision to incorporate an Absence Management audit into a wider Wellbeing and Occupational Health audit in 2024-25.
3. Overall view was that reasonable assurance was offered for the Annual Report

Assurance: Reasonable

External audit update report

Consideration: External Audit update on 2023-24 work

Resolution/Outcome: Committee noted the progress made in undertaking the annual audit. No new risks had been identified, draft accounts had been received on time, and work was ongoing.

Assurance: Reasonable

Annual Review of Audit Committee Effectiveness 2023-24

Consideration: Review of work undertaken by Audit Committee with reference to the annual work plan and Terms of Reference. In addition, feedback from an annual effectiveness review questionnaire.

Resolution/Outcome: The review confirmed that (i) the Audit Committee had fulfilled its role of providing assurance to the Board, and (ii) the Trust’s system of internal controls, risk management and governance arrangements are adequate and satisfactory.

Assurance: Reasonable