Audit Committee Assurance Report - September 2024
Meeting: Trust Board – Public Meeting
Date: 11 September 2024
Report Title: Audit Committee Assurance Report
Agenda Item: PUB24/9/6.1
Meeting Chair: George Lynn, Non-Executive Director and Committee Chair
Meeting Quorate YES
Purpose: Assurance
Recommendation: The Board is asked to receive assurance from the business discussed at the meeting and to review the matters for escalation and referral.
Link to Strategic Objective:
- Be an exceptional place to work, volunteer and learn
- Provide outstanding quality of care and performance
- Be excellent collaborators and innovators as system partners
- Be an environmentally and financially sustainable organisation
Summary of Items Considered at the Meeting:
| Issue | Consideration | Resolution/Outcome | Assurance |
|---|---|---|---|
| Board Assurance Framework and Risk Management | Overview of strategic and corporate risk management of the organisation, including specific review of risk monitoring processes | Noted that People Committee had proposed a reduction in risk scorings with respect to Strategic Risks 1(a) and 1(b) – this was agreed. Cyber risks have been recognised, and we expect to see more detailed risk assessments over coming months. The number of overdue actions in the BAF had decreased dramatically from April to June. Received a presentation on the Trust-wide reporting and management of risks, with specific sub-committees tasked with monitoring strategic risks. Noted that Internal Audit are about to undertake a review of risk management. Members determined to explore risk management activities outside of the meeting. | Reasonable |
| Group Assurance Report | Report on levels of assurance provided in areas reported to CRG at its last meeting (July 24) | Noted that four groups reported reasonable assurance. There were no areas for escalation to Audit Committee identified by CRG. Several items were taken to ELT for further discussion including the continuing decline in Information Governance training compliance, and scheduled ICO audit in September 2024. | Reasonable |
| Directorate Risk Register deep-dive: Fleet | Report on Fleet and Workshop risk register and management | Noted significant improvements had occurred in both fleet and workshop management in recent periods. As a result comprehensive risk register and required actions recognised. Specific risks considered – PTS, Telematics, and recruitment and retention. | Reasonable |
| Risk Management Framework & Process | Explanatory report on the Framework’s key elements, aims and objectives, and assurance structures | Noted report and recognised that the Internal Audit will be undertaken against these principles. | Reasonable |
| Sub-Group Assurance Report | Report on the workings of the sub-groups underpinning CRG and Audit Committees | Noted report, but Committee have requested more detailed assurance around cyber-risk and data-quality. | Moderate |
| Annual Review of AC Effectiveness 2023-24 – Action Plan | Follow-up report to effectiveness questionnaires setting out the proposed Action Plan for 2024-25 | Noted Action Plan tasks for Governance team and Audit Chair to undertake. | Reasonable |
| Out-of- Meeting Approvals & Late Papers | Specific report commissioned on direction of Trust Board to review causes of out-of- meeting approvals and late papers over the last year | Noted that there were 18 incidents outside of process. In a large proportion of cases, the Procurement team were not engaged and so due process was not followed. This was noted as unacceptable practice, and reflecting on upcoming new Procurement Act coming into force in October 2024, concluded to escalate paper to Trust Board, with a recommendation to create a Procurement Group. | Limited |
| Board Committee Assurance – progress report | Report on progress of project to undertake a detailed review of workings and authorities of sub-committee groups | Noted project plan comprised of three stages: Stocktake (Discovery phase); Mapping of assurance; Review. Anticipated that phases 1 and 2 will be completed and reported for next meeting. | Reasonable |
| Information Governance updates | Update on the Trust’s current position with respect to: Digital Security Protection Tool compliance; Information Governance breaches; Subject Access Requests and FOI’s | Noted: FOI compliance 60%; IG breaches at 15 per month; IG training compliance continues to reduce (72%); ICO to undertake audit in September 2024; Noted that this a small team facing an increasing volume of requests, especially video recordings. Members reflected on the need to support the team with appropriate digital solutions to managing work. | |
| Security Management Annual Report | Overview of Trust’s Compliance with NHS Violence, Prevention and Reduction Standard | Noted Trust ranks itself as being 68% compliant. Recommendations to increase compliance levels include: Approval of Violence, Prevention and Reduction Strategic Plan (September 2024?); Staff Training to Manage Violence and Aggression (by January 2025); Increased usage in BWCs Changes to DATIX to capture the required relevant data. | Reasonable |
| Civil Contingency Act Compliance | Overview of Trust’s progress to comply with EPRR Core Standards and the Interoperable Capabilities as part of wider NHS preparedness | Noted current assessments are: EPRR Core Standards (94.8%); Interoperable Capabilities (98.5%) Noted that continuing high levels of compliance were reliant on Resilience team staffing levels. Most Manchester Arena recommendations are currently unfunded by the NHS. | Substantial |
| Demonstrating Impact Programme Assurance | Review of highlights report of “Demonstrating Impact” from Fit for the Future Transformation Programmes | Transformation programmes focus on key areas of OPIP shared with Commissioners, Regulators and Board. Key activity discussed was: Connected Planning – developing business analysis capability in informatics team; New OPIP and Fleet power I dashboards; Updated Trust IPR report | Reasonable |
| Financial Management - Losses and special payments | Quarterly Report on compliance with HM Treasury 2023 publication “Managing Public Money” (April - June 2024) | Noted seven ex-gratia payments totalling £98k. Six of which covered ET and LTPS employee settlements. Other being HMRC tax compliance costs. | Reasonable |
| Financial Management – Tenders & Waivers | Report on Tenders and Waivers (April-June 2024) | Noted that, despite introducing new financial controls at the start of Q1, the Trust waivered £1,760,734 of non-pay in Q1 and, if this trend continues, will likely breach its 2% target. Noted also the relevance of this paper to earlier meeting paper on “Out-of- Meeting Approvals and Late Papers.” | Moderate |
| Recovery Support Programme | Obligations placed Audit Committee to support Trust’s NHS funding from Recovery Support Programme | Noted NHS approval letter includes expectations of Audit Committee, including that the Audit Committee is informed of the funding and receives a report in April 2025 on the extent to which the funding has supported the work identified. The Audit Committee is asked to receive a paper to this effect and share this with NHSE no later than 31 May 2025. | |
| Counter Fraud progress | Update on Counter Fraud team since last meeting | Noted the continuing progress in managing fraud across EEAST. There are currently 12 open investigations, and four have been closed since the last report. Noted that one case could lead to a criminal court outcome. | Reasonable |
| Internal audit reports | Update on emerging IA work against 2024/25 plan. Including: Cost Improvement and Transformation plans (limited assurance); Key Financial Controls (substantial assurance); Data Integrity – Rostering (reasonable assurance) | Noted reports issued and management comments, in particular action plans for Cost Improvement and Transformation plans. Noted next internal audit assignment is Risk Management – Audit Committee Chair to meet with internal audit team. | Reasonable |
| External audit update report | External Audit Final report on 2023-24 audit work | The Committee noted the Final Report with assurance that this was unchanged from 19 June 2024. | Substantial |
