Get documents about "Jul 10 BoD Paper SB oard Assurance Framework1
Document Sample
BOARD ASSURANCE FRAMEWORK
2010/2011
Updated April 2010 - June 2010
Audit Committee 7th September 2010
Board of Directors 29th July 2010
Performance and Assurance Group 12th August 2010
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
STRATEGIC OBJECTIVE 1: Continuously improve service quality, safety and effectiveness for our service users and carers
1.1 Create Quality Failure to agree Deputy Chief Audit Audit Report External
Account in line with Quality Indicators Executive/Director Commission due at the end Assurance on
Monitor timetable set with internal and of Performance and programme of July 2010 Quality Report
external Assurance agreed dated 14/07/10
stakeholders
Quality Account Minutes 28/04/10 – Min
Steering Group Ref; 5
13/04/10 – Min
Ref; 6
TQC Minutes 19/04/10
Corporate Risk 17/05/10
Register Ref; 21/06/10
COG Minutes 11/05/10 Min
Internal Audit Plan Ref; 33/10
2010/2011;
Presented at Positive
North Lincs, comments
Rotherham received from
Overview and mandated
Scrutiny organisations
Committee and included in
the QA June
2010.
Published on
website and
sent to DH
June 2010
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 2 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Patient Safety
1.2 Embed the Evidence only a Director of Essential Minutes (July meeting
Essential Trust-level and not Performance and Standards cancelled - to
Standards of understand or Assurance Working Group be rearranged)
Quality and Safety provided by Policy and Schedule of
location/service Q1 TBD
Standards officer meetings/
Corporate Risk levels Performance
work programme presentations
Register Ref; Appraisals
and associated
Internal Audit Plan Reports
attendance
2010/2011; 28/06/10,
lists.
05/07/10,
07/07/10,
Quarterly
09/07/10,
Performance
14/07/10,
Appraisal on
20/07/10,
CQC
23/07/10
Registration
1.3 Review, refresh Lack of direction and Director of Agreement on The Good Self
and implement clinical engagement Performance and methodology to Governance Assessment on
Patient Safety Assurance be used Institute (2010) Matrix to be
Strategy ‘The completed.
Governance of
patient safety
Maturity Matrix’
Patient Safety Schedule of
Lead work meetings/
programme presentations
Health and Minutes 26/05/10
Safety Forum
Corporate Risk NHSLA Steering Minutes 21/04/10
Register Ref; Group Action 19/05/10
Plan 16/06/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 3 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Internal Audit Plan Practice Practice Archive
2010/2011; Development Development material needs
Programme Programme to be linked to
Evidence the BAF
archive
1.4 Implement NHSLA Lack of capacity and Director of NHSLA Steering Minutes 21/04/10
Risk Management capability to develop Performance and Group Action 19/05/10
Policies a comprehensive Assurance Plan 16/06/10
framework for Reports to Minutes 15/04/10 Min
implementation Performance and Ref;419/10
Assurance Group 13/05/10 Min
Lack of clinical Ref;450/10
engagement 10/06/10 Min
Ref;484/10
Practice Practice Archive
Development Development material needs
Corporate Risk Programme Programme to be linked to
Register Ref; Evidence the BAF
archive
Mandatory risk Quarterly Improve links to
and safety Incident reports BAF
training from H&S Lead
Internal Audit Plan programme Training
2010/2011; compliance
reports
Clinical audit Clinical audit Clinical Audit
programme results Annual Report
to PAG 10/06/10
Min ref; 473/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 4 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
1.5 Implement University providers Director of Mandatory Risk Training Lack of reports
mandatory Risk unable to deliver Performance and and Safety compliance
and Safety training responsive and fit Assurance Training Manager reports
plans for purpose work programme
educational
Corporate Risk Mandatory Risk Plans do not
programmes
Register Ref; and Safety currently
training plans include an
Lack of managerial
Internal Audit Plan engagement with linked to NHSLA agreed
2010/2011; KSF/PDR process to Risk programme of
Training – 15 days identify and plan for
Management clinical risk
Standards. training.
staff needs.
Lack of capacity in
Business
Divisions/Directorates Practice Practice Archive
to release staff Development Development material needs
Programme Programme to be linked to
Lack of adequate Evidence the BAF
monitoring archive.
1.6 Continually review Insufficient Medical Director Medicines Minutes 09/04/10
medicines assurance regarding Management 07/05/10
management and medicines Committee 04/06/10
safety management
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 5 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Corporate Risk throughout the Trust
Register Ref;
July 2010; Risk 11
Internal Audit Plan
2010/2011;
1.7 Ensure compliance Plans are Deputy Chief Business Trust has All plans have
against national inadequate in the Executive/Chief Continuity Plans participated in been reviewed.
targets/guidelines event of a major Operating Officer Pandemic Flu a number of No major risks
for emergency incident, resulting in Plans simulation have presented.
preparedness key service failures. events, both
Heatwave Plans internal and Pandemic Flu
Corporate Risk
multi-agency, Plan – (due)
Register Ref;
Reports to Trust that have July 2010
Board and confirmed the
Internal Audit Plan
minutes stating potential Heatwave Plan
2010/2011;
assurance of effectiveness of – March 2010
preparedness plans.
1.8 Implement national Policies and plans Deputy Chief Safeguard Assessed PAG
requirements are inadequate to Executive Policies under NHSLA 15/04/10 Min
around Safeguard Children Level 1 Ref;412/10
safeguarding and Adult services Assessment,
children and adults. due January
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 6 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Corporate Risk 2011
Register Ref;
Safeguarding
children policy
CEO Checklist
Internal Audit Plan Safeguard Due August
2010/2011; Annual Report 2010
Safeguarding – 15
Days Safeguard PAG Updates Monthly
named nurses 15/04/10 Min
Ref;412/10
13/05/10 Min
Ref;442/10
10/06/10 Min
Ref;476/10
Safeguarding -Safeguarding
section on declaration
website -Bulletins
-Training for
Staff
-Publication
and guidance
Safeguarding Minutes Dated Minutes
Boards for
Children and
Adults
1.9 Ongoing HCAI Lack of clinical Deputy Chief Infection Policies to 15/04/10 Min
monitoring engagement Executive Prevention and Performance Ref;401/10
Control and Assurance
Lack of adequate Committee with Report
monitoring annual work plan Assessed
2010/11 under NHSLA
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 7 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Level 1
Assessment
Reports to 13/05/10 Min
Performance Ref;452/10
and Assurance
Group
In Monthly IPA PAG Minutes
Report 15/04/10 Min
Ref;408/10
13/05/10 Min
Ref;436/10
10/06/10 Min
Ref;466/10
BOD Minutes
29/04/10 Min
Ref;100B/10
27/05/10 Min
Ref;125B/10
Corporate Risk Annual report
Register Ref; to Board of
Directors
Internal Audit Plan -Practice Ward
2010/2011;Infection Development accreditation
Control – 10 Days Modern Matron Clinical audit
-Modern Matrons results
-Essential Steps
Ward
Accreditation
-Clean Your
Hands campaign
HCAI section on Website
Trust website
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 8 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Clinical Effectiveness
1.10 Review the Clinical Lack of clinical Director of Draft Clinical Trust Quality Minutes
Audit Policy engagement Performance and Audit Policy Council 19/04/10 Min
Assurance consulted on. For Minutes Ref;27/10(b)
Corporate Risk
Lack of adequate ratification by 17/05/10
Register Ref;
monitoring and Performance and 21/06/10 Min
reporting Assurance Group Ref;56/10
Performance Minutes
and Assurance 15/07/10
Internal Audit Plan
Group Minutes
2010/2011;
1.11 Integrate Clinical Lack of clinical Director of Approved Clinical Trust Quality 19/04/10 Min
Audit Programme engagement and Performance and Audit Programme Council Ref;27/10(b)
into Trust’s quality improvement Assurance minutes 17/05/10
governance action planning by 21/06/10 Min
processes, Business Divisions As 1.10 above, Ref;56/10
ensuring robust based on clinical Draft Clinical Performance 15/04/10
management of audit results Audit Policy sets and Assurance 13/05/10
recommendations out the Trust’s Group Minutes 10/06/10
through the arrangements
Business Divisions, 6 monthly,
risk registers and annual and by
Board Assurance exception
Framework reporting to
Performance
Corporate Risk
and Assurance
Register Ref;
Group
Internal Audit Plan
2010/2011;Clinical
Governance – 15
Days
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 9 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
1.12 Develop systematic Lack of clinical Director of Draft Clinical TQC Minutes 21/06/10 Min
approach to engagement Performance and Audit Programme Ref;56/10(b)
implementing audit Assurance supported by
findings/recommen Trust Quality
dations Council
Corporate Risk Clinical Audit PAG Minutes 15/07/10
Register Ref; Programme
Internal Audit Plan approved by
2010/2011; Performance and
Assurance Group
Draft Clinical Systems to be
Audit Policy sets implemented
out the Trust’s from July 2010
arrangements onwards.
6 monthly, annual Minutes 10/06/10
and by exception (Annual Report)
reporting to
Performance and
Assurance Group
1.13 Review Trust Lack of clinical Director of NICE Guidance Schedule of TQC Minutes
approach to engagement Performance and Implementation meetings/prese 19/04/10
implementing NICE Assurance Lead work ntations 17/05/10
Guidance programme 21/06/10
TQC Minutes
Discussions at PAG Minutes
Corporate Risk Trust Quality PAG Minutes 10/06/10 Min
Register Ref; Council (TQC) Ref;475/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 10 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Internal Audit Plan Quarterly and
2010/2011; annual reports to
Performance and
Assurance Group
Business Division Business Minutes
NICE Guidance Divisions
implementation
position
statements
Practice Practice Archive
Development Development material needs
Programme Programme to be linked to
Evidence the BAF
archive
1.14 Adopt Essence of Principles of Deputy Chief Nursing network Workplan Minutes
Care principles in essence of care not Executive
the delivery of adopted Merged with Quarterly
clinical care CQUIN for
MHSOP
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 11 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
1.15 Develop outcome Outcomes measures Chief Operating Clinical audit Clinical Audit
measures within are not available or Officer / programme is set Programme
the Clinical Audit are inadequate, Director of against the key
programme to resulting in quality Performance and clinical priorities
support quality plans not meeting Assurance of the Trust. NICE Guidance PAG Minutes
improvement key expectations, New service Annual Report 10/06/10 Min
and loss of model designs 2009/10 Ref;475/10
Corporate Risk
commissioner are exploring the
Register Ref;
confidence in the increasing use of Adult mental
services. outcome health service
Internal Audit Plan measures, model redesign
2010/2011;Clinical notably within plans.
Governance – 15 adult mental
Days health services.
Patient Experience
1.16 Improve service Levels of physical Director of Health, Wellbeing Minutes 10/05/10
user’s physical health and well- Performance and and Recovery 15/06/10
health and well- being support to our Assurance Steering Group
being by capacity service users are Physical Health Work plan Business Case
building through inadequate leading and Wellbeing submission to
policy and practice to reduced life Practice Rotherham,
development expectancy. Failure Development North Lincs,
to implement NICE Lead in post for Non recurrent
Public Health Doncaster funding in
guidance and local (temporary to 30 Doncaster
Public Health June 2011)
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 12 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
priorities. Identified Champions list
Physical Health
and Wellbeing Practice
Champions with Development
dedicated Programme
Practice Evidence
Development archive
Programme
Draft Physical Evidence of
Health and Well- consultation
Being Policy process
Other Clinical Trust website
Policies
Corporate Risk
Register Ref; July
2010 – Risk 5
Internal Audit Plan
2010/2011;
1.17 Harness patient Uncoordinated and Director of New Patient Patient Survey work
opinion to inform reactive approach to Performance and Experience/ Experience/ currently ad-
improvement patient feedback, Assurance Engagement Engagement hoc
programmes and lack of learning Strategy Strategy not
from such sources. yet completed. Surveys to be
CAMHS Service Survey Results CAMHS Service linked to CQC
Corporate Risk
User Experience User Experience Standards and
Register Ref;
Survey Report June Quality Account
2010
Draft Patient TQC Minutes 19/04/10 min Still to be
Opinion ref: 45/10 discussed at
Internal Audit Plan
Procedure PAG to agree a
2010/2011;
way forward.
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 13 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
1.18 Review and further Lack of a Director of -PALS Trust website Re-audit of
develop the comprehensive Performance and -Patient available
available set of approach to making Assurance Experience Team leaflets
patient information available evidence -Values Based Get it Write Panel output
throughout the based information Practice Process
clinical services Development Evaluation
Service user choice Days
Corporate Risk affected -Equality and
Register Ref; Diversity Lead
Internal Audit Plan -Trust policy Service user CAMHS Service
2010/2011; -Trust website feedback User Experience
Survey Report
June 2010
1.19 Integrate WRAP on Service redesign Chief Operating WRAP steering Service Proposal report
a functional and plans fail to integrate Officer / group has been redesign plans in respect of Report
structural basis WRAP, resulting in Director of established. objective.
within the service care planning not Performance and CPA Lead
redesign plans being person Assurance working with
centred and Project Team WRAP Steering Minutes and Dated Minutes
Corporate Risk
unsatisfactory towards Group terms of
Register Ref;
outcomes for service achieving reference
Internal Audit Plan users. objective.
2010/2011;
Patient Work plan Update on
Experience Lead objectives objectives
work plan
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 14 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Draft WRAP
Strategy and
action plan
consulted on with User Carer 18/05/10
service Partnership
Council
Minutes
Health, Wellbeing Performance 10/06/10 Min
and Recovery and Assurance Ref;474/10
Steering Group Group minutes
Terms of
reference
Practice Practice Archive
Development Development material needs
Programme Programme to be linked to
Evidence the BAF
archive
1.20 Develop a Customer care Chief Operating The principles of Complaints in Complaints Trust needs to
customer care continues to be poor Officer / this objective are high risk areas reports. develop an
programme and in some areas, Director of embedded in a have reduced, Productive overarching
action plan resulting in low Performance and range of work notably in adult ward/community plan that
service user Assurance areas e.g. inpatient areas. team action covers the
Corporate Risk
satisfaction and productive ward/ Customer care plans and areas already
Register Ref;
reputational risk to community actions within outcomes being
Internal Audit Plan the Trust. teams, service considered and
2010/2011; complaints action improvement identifies
plans, workforce plans actions against
strategy further
priorities
1.21 Delivering Same Services are not Deputy Chief DSSA -Policy Available on the
Sex delivered in same Executive Declaration on -Declaration Trust Website
Accommodation sex accommodation Trust website -Action Plan
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 15 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
(DSSA) – Reports to BOD Quarterly 29/04/10 Min
implement and ref; 089B/10
embed the principle 27/05/10 Min
of DSSA and ref; 117B/10
measure service Commissioners Monthly April 2010
outcomes including NHS Doncaster
the service user NHS Rotherham
experience. NHS N
Lincolnshire
May 2010
Corporate Risk NHS Doncaster
Register Ref; & South Humber
Internal Audit Plan NHS Trust NHS
2010/2011; Rotherham
NHS N Lincs
June 2010
NHS Doncaster
NHS Rotherham
NHS N Lincs
Learning & Improving
1.22 Ensure that a Director of Practice Practice Archive
practice Performance and Development development material needs
development Assurance Programme in programme to be linked to
programme is in place, facilitated evidence the BAF
place that is by Clinical archive
responsive to Assurance Team.
identified learning
and improvement/
practice
development needs
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 16 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Corporate Risk Complaints, SUIs TQC Minutes 19/04/10 Min
Register Ref; and incident Ref;34/10
analysis and 17/05/10 Min
reporting to Trust Ref;44/10
Quality Council 21/06/10 Min
Performance and Ref;54/10
Assurance Group PAG Minutes PAG Minutes
15/04/10 Min
Internal Audit Plan
Ref;408/10
2010/2011; 13/05/10 Min
Ref;436/10
10/06/10 Min
Ref;466/10
1.23 Embed Lack of capacity to Director of Complaints Monthly & BOD Minutes;
management move to new system Performance and Manager Quarterly 29/04/10 Min
processes relating Assurance Temporary reporting to Ref;100B/10
to SUIs, Operational Assistant Board of 27/05/10 Min
complaints, engagement in the Complaints Directors, PAG Ref;125B/10
incidents, claims modernisation of the Manager to add and
and PALS system and capacity whilst Commissioners
processes. practice resource Annual report PALS Policy
and implications to Performance PAG Minutes –
are scoped and Assurance 10/06/10 Min
Group and Ref; 463/10
Complaints Board of
Policy Directors Complaints
Complaints Policy PAG
training and other Minutes –
customer service 10/06/10 Min
related training Ref; 464/10
e.g. values based
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 17 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Corporate Risk practice Revised SUI Awaiting review
Register Ref; policy and against NHSLA
process 10/11 standard.
Internal Audit Plan
2010/2011;Serious
Untoward Incidents Service user
– 10 Days feedback
SUI Management Evaluation from
process participants
workshop when complete.
Workshop
06/07/10
1.24 Ensure that Lack of awareness Director of National Bi-Annual BoD Reports in No external
outcomes and to reports being Workforce, OD&CA investigation report to BoD December 2009 validation that
conclusions from published reports (and July 2010) we have
investigations at circulated, identified and
other NHS No mechanism for distributed and responded
organisations is receiving, reviewing publicised in accurately,
understood, and responding to many different appropriately
assessed for the reports and their ways and
relevance and findings proportionately to
acted upon where Regular review all reports.
appropriate by CEx / Dep. C
Ex / Board Sec of
publications and
intelligence
gathering.
Corporate Risk
Register Ref; Agreed process
of Dep. C Ex. and
Internal Audit Plan Board Sec,
2010/2011; undertaking initial
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 18 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
assessment and
plan of action.
Reports to
relevant policy
and planning
groups and bi-
annual report to
BoD
To meet both Regional and Local CQUIN targets
1.25 Ensure that the CQUIN targets could Chief Operating All Business
Trust has clear not be achieved Officer Divisions have
delivery plan to through targets identified priority
support the being too actions against
Business Division challenging and/or CQUIN targets.
structures with the services poor Performance
capacity and performance, overview is
capability to meet resulting in loss of monitored
CQUIN targets income. through the
Business
Corporate Risk Intelligence
Register Ref; Group (BIG)
Performance Integrated PAG Minutes
outturns against Performance 15/04/10
CQUIN targets. and Assurance 13/05/10
Report 10/06/10
15/07/10
Recovery Plans Business Monthly Dated Minutes
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 19 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Internal Audit Plan in respect of any Division
2010/2011;Quality targets identified management
Indicators – 15 as high risk. team minutes
Days Operational 06/04/10 Min
Management Ref; 4
Meeting 13/04/10 Min
minutes Ref; 5
04/05/10 Min
Ref; 5
11/05/10 Min
Ref; 6
25/05/10 Min
Ref; 4/5
08/06/10
22/06/10 Min
Ref; 5
BIG minutes (ISG Minutes
09/04/10 Min
Ref; 7&8)
BIG Minutes
11/06/10 Min
Ref; 6
25/06/10 Min
Ref; 6
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 20 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
STRATEGIC OBJECTIVE 2: Nurture the talent, commitment and ideas of our staff in order to deliver excellent services
2.1 Deliver year on Failure to fully Chief Operating Workforce Annual Staff Due March
year improvement implement workforce Officer Strategy, Survey 2011
for all elements and associated Business Division
Director of HR&OD 01/04/10 min
within the staff strategies, resulting workforce plans
Workforce, OD&CA Minutes ref: 32.10.03
survey in low staff morale, (e.g. managing
high sickness rates sickness HR and OD minutes ref
and poor service absence) Dashboard 01/04/10 38/10
performance. Sickness 06/05/10
absence rates 47.10.2
Lack of focus on the PDR 03/06/10
results from the staff completion 56.10.1
survey feedback. rates,
Turnover rates,
Managers Exit interviews
determining this is
not a priority Trust PAG Minutes
Staff reaction to performance 15/04/10 Min
organisational report. Ref;408/10
change 13/05/10 Min
Ref;436/10
10/06/10 Min
Ref;466/10
BOD Minutes
29/04/10 Min
Ref;100B/10
27/05/10 Min
Ref;125B/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 21 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Monthly Business Dated Minutes
Business Division minutes
Division - Monthly
Business
meetings
Corporate Risk
Register Ref;
Internal Audit Plan Copy of action TBD Dated Minutes
2010/2011; plans from Performance
each area and Appraisals
progress
updates on the
action plans
2.2 Review and Lack of Director of Undertake Training and Dated Minutes
reconfigure staff understanding of Workforce, OD&CA training audit Development
development business sub group.
programmes to development Learning and
ensure that they requirements development Business Minutes - Dated Minutes
reflect the needs of facilitators Division Monthly
the Business allocated to meetings
Divisions and are Business
delivered in the Divisions and
HR & OD Minutes
most effective and attendance at
01/04/10
efficient ways for Business Division
06/05/10
the Business meetings where
03/06/10
Divisions development
needs are
Corporate Risk discussed and
Register Ref; established
Internal Audit Plan
2010/2011; Regular meeting
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 22 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
between the
Head of Learning
and
Development,
Chief Operating
officer and the
Director of
Workforce
2.3 Develop the Failure to develop a Director of Developed a Action plan HR & OD
capacity and workforce in leading Workforce, OD&CA Leadership and progress Minutes
capability of the way with quality Management reported via the 01/04/10
Business Division and a rationale to Development HR and OD 06/05/10
leadership and support leadership Framework policy and 03/06/10
management teams at all levels and offer planning group
to meet existing appropriate and to the BOD Minutes
and future management Board of 29/04/10 Min
demands direction Directors Ref; 096B/10
Developed a 27/05/10 Min
Corporate Risk
leadership and Ref; 129B/10
Register Ref;
management
Internal Audit Plan development
2010/2011; action plan
2.4 Develop critical Impact on Director of Developed a Action plan HR & OD
leadership within leadership within the Workforce, OD&CA Leadership and progress Minutes
both formal organisation would Management reported via the 01/04/10
leadership roles lead to low staff Development HR and OD 06/05/10
and within the wider morale and lack of Framework policy and 03/06/10
operational direction within the planning group
workforce organisation Developed a and to the BOD Minutes
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 23 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Corporate Risk leadership and Board of 29/04/10 Min
Register Ref; management Directors Ref; 096B/10
development 27/05/10 Min
Internal Audit Plan action plan Ref; 129B/10
2010/2011;
2.5 Ensure that staff Result in the Director of A training sub Minutes of the HR & OD
development strategic goals not Workforce, OD&CA group is meetings Minutes
programmes reflect being implemented reviewing the 01/04/10
the strategic goals current training HR and OD 06/05/10
of the Trust provision and policy and 03/06/10
aligning it to the planning group
Corporate Risk
strategic goals of
Register Ref;
the Trust Workforce
Internal Audit Plan Efficiency
2010/2011; Workstream
2.6 Improve Leadership Failure to support Director of HR & OD HR & OD Minutes
capacity and the management Workforce, OD&CA Policy and Meetings 01/04/10
capability, and leadership Planning Group 06/05/10
specifically development 03/06/10
regarding clinical needed results in
engagement, lowering of Leadership and o Training No evidence of
innovation, motivation and the Management Records on KSF outcomes
succession Trust not Development ESR and PDRs
planning and maintaining Portfolio o KSF outlines completed.
implementation of reputation as o Staff Survey
360 degree developing on PDR’s and
feedback systems employer. Training &
Development
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 24 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Educational
Development
Programme
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
2.7 Improve staff If sickness not Director of Introduction of -Review of First 06/05/10 min
productivity through managed Workforce, OD&CA Sickness Care Pilot at ref: 46.10.3
implementing appropriately; Management HR & OD 03/06/10 min
relevant initiatives impact on Pilot ‘First Care’ ref:
such as the new productivity. -Project Plan 01/04/10 min
approach to Updated at HR ref: 38.10.02
managing sickness and OD 06/05/10 min
absence ref: 46.10.3
Sickness HR & OD Minutes
Absence Policy Group 05/03/09 min
Corporate Risk ref: 29/09
Register Ref;
Internal Audit Plan
2010/2011;Human
Resources –
Sickness – 5 Days
2.8 Maintain staff Impact on staff Director of Vie Life Pilot Annual report Awaiting final
health and productivity and Workforce, OD&CA from the report from the
wellbeing through motivation Department of Department of
implementing Health Health
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 25 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
action plan and Health and Healthy Days Health and
initiatives such as Wellbeing Programme Wellbeing
the DoH well being Steering Group Steering Group
pilot Healthy Staff 10/05/10
Survey Action 15/06/10
Corporate Risk Plan
Register Ref;
Internal Audit Plan
2010/2011;
2.9 Support workforce Failure to consult Director of Trust Staff Minutes 14/04/10
aspects of the new leads to lowering of Workforce, OD&CA Council 19/05/10
service model for staff motivation and Rotherham Minutes 15/04/10
AMH and other morale and may Modernisation
associated lead to increase in HR Steering
redesign initiatives sickness and Group
aimed at more grievances,
efficient and impacting on
effective services productivity.
Corporate Risk Adult Mental Minutes 29/04/10
Register Ref; Health Steering 27/05/10
Group 30/06/10
Internal Audit Plan
2010/2011;
2.10 Implement national Staff would not have Director of Training days HR & OD Development
workforce projects KSF outline and Workforce, OD&CA rolled-out across Group of ESR (self-
such as Knowledge Trust would not the Trust. On KSF Project service)
and Skills meet national going programme continues
Framework (KSF) expectations April-December
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 26 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
and Electronic Staff HR & OD Minutes 01/04/10
Record (ESR) Failure to meet 06/05/10
target for all staff to 03/06/10
have KSF outline
Corporate Risk Failure to make best
Register Ref; use of full
Internal Audit Plan functionality of ESR Client Minutes Dated Minutes
2010/2011; Relationship
Meeting
2.11 Engage staff side Managers failing to Director of Trust Staff TSC Minutes 14/04/10
colleagues and see the relevance Workforce, OD&CA Council 19/05/10
staff in workforce and importance of
change maintaining positive Trust Quality TQC Minutes 19/04/10
programmes employee relations. Council 17/05/10
21/06/10
Corporate Risk Timeframe within Adult Services
Register Ref; which attempting to Modernisation
Internal Audit Plan enact change is Steering Group
2010/2011; limited. and
implementation
groups
Formal meetings
set up with staff
to facilitate the
transfer of
services
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 27 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
2.12 Identify key Lack of broader Director of The Trust is Attendance at Report 29/06/10
diversity and engagement with Workforce, OD&CA participating in a the training
inclusion issues key stakeholders national pilot programmes
affecting the scheme facilitated by
organisation and Shapiro
the implications of consulting
these for meeting
our strategic Single Equality
priorities Scheme
developed to
address these
issues
Corporate Risk
Register Ref; Set up an Equality/ 25/06/10
Equality, Diversity and
Internal Audit Plan
Diversity and Human Rights
2010/2011;
Human Rights Steering Group
Steering Group minutes
with
representation
from all areas of
the Trust
Stakeholder
engagement
processes
including the
Council of
Governors
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 28 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
2.13 Build commitment Failure to undertake Director of Incorporate in to Equality, 25/06/10
and an approach to a wide variety of Workforce, OD&CA the leadership Diversity and
creating greater training. and management Human Rights
diversity in development Steering Group
leadership, Failure to engage programme. minutes
embedding with diverse groups Equality and
inclusion and and build these Diversity Training
diversity into the needs in to our
Board’s strategic overall strategic Build in to
approach and into direction recruitment and
leadership. selection training
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 29 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
STRATEGIC OBJECTIVE 3: Ensure value for money and increased organisational efficiency
3.1 Aim to achieve a Failure to meet Finance Director QIPP Directorate Minutes
surplus to: surplus targets due Workstreams Plans 29/04/10
to non delivery of 27/05/10
Invest in future financial savings Minutes 24/06/10
service plans. FIBD Group Minutes 22/04/10
improvement/mod 20/05/10
ernisation Non delivery of the 17/06/10
Manage future Trust's financial QIPP Programme Internal Audit Awaiting audit
financial risk targets due to the Board Review to be
economic downturn undertaken
Retain a financial represented by non Monthly reporting BOD Minutes 29/04/10 Min
risk rating of at delivery of £15 m to Trust Board of Ref; 097B/10
least a 3 cash savings over Directors 27/05/10 Min
the next three years Ref;123B/10
Non funding of key
Corporate Risk developments due
Register Ref; July to reduced growth
2010 – Risk 2 for commissioners
Internal Audit Plan
2010/2011;
3.2 Agree a financial Non delivery of the Finance Director QIPP Programme QIPP 29/04/10
plan which: Saving targets Board and Programme 27/05/10
assumed for each of monitoring Board Minutes 24/06/10
Sets aside the 3 financial years process
contingent
reserves to Non delivery of the
manage risk in QIPP QUIPP 29/04/10
CQUIN Workstreams Programme 27/05/10
2010/11 requirements and Board Minutes 24/06/10
Sets out the therefore non FIBDG Minutes 22/04/10
challenges in payment of the 20/05/10
monies attached to 17/06/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 30 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
2011/12 and these. BIG Group – Minutes (ISG Minutes
2012/13 and Fortnightly 09/04/10 Min
begins to put monitoring Ref; 7&8)
plans in place to delivery of BIG Minutes
manage these CQUIN 11/06/10 Min
challenges Ref; 6
25/06/10 Min
Retains a financial Ref; 6
risk rating of at Monitor BOD Minutes 29/04/10 Min
least 3,over the 3 Declaration Ref; 104B/10
years 27/05/10
2010/11/12/13
Develops and
agrees a 3 year
capital programme
which manages
capital risk and
delivers
modernisation and
business growth
Corporate Risk
Register Ref; July
2010 – Risk 2
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 31 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
3.3 Have clear Failure to achieve Finance Director CRES Plans Finance Report
monitoring CRES Savings RAG Rated
processes to results in efficiency
ensure the delivery programmes being
of the 2010/11 developed Monitor Annual Quarterly Awaiting letter.
CRES and the Plan Monitor
management of any Confirmation
risk. Also ensure Letter
the development of FIBD Group Minutes 22/04/10 Min
firm plans to deliver Quarterly Update Ref; 5
the CRES targets
for 2011/12 and QIPP Programme QIPP 29/04/10
2012/13. Board Programme 27/05/10
Board Minutes 24/06/10
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
3.4 Ensure that the Breakdown in Finance Director Audit Committee Quarterly 04/06/10
existing financial financial control and
systems deliver outdated systems FIBDG Monthly Internal Audit
sound financial not flexible enough 22/04/10 review of
governance to manage the 20/05/10 financial
financial challenges systems
Corporate Risk Financial IT
Register Ref; Modernisation
Project
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 32 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
STRATEGIC OBJECTIVE 4: Adapt and deliver services to meet changing local needs through enhanced partnerships
4.1 Complete the Implementation of Chief Operating Modernisation Modernisation
implementation of the new service Officer Steering Group, Steering Group Dated Minutes
the adult mental model for Adult Project Team Minutes
health service Community Services (weekly meetings (monthly)
model in may result in with Chief Progress
Doncaster, An increase of Operating Review
Rotherham and complaints from Officer), Workshop
North Lincolnshire. service 2/07/10
users/carers/ref
Corporate Risk Reports to
errers/staff
Register Ref; July Board and Reports
dissatisfaction
2010 – Risk 9 Board sub-
SUIs which may
groups
impact on the
Internal Audit Plan User Carer Dated Minutes
reputation of the
2010/2011; Partnership
Trust
minutes,
Commissioner Project plans,
dissatisfaction timelines and
risk register
4.2 Complete delivery Building Chief Operating Project plans and Progress Steering Group Dated minutes
and modernisation development fails to Officer timelines, against plans minutes,
of Swallownest meet targets and Steering Group, and timelines, Project plans
Court site for adult transition plans need Identified project within financial and timeline
inpatient services to be renegotiated. lead. constraints, tracking.
Planning
Corporate Risk
assumptions could
Register Ref;
prove incorrect,
Internal Audit Plan resulting in excess
2010/2011; pressure on
services.
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 33 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
4.3 Complete the Full Inability to progress Deputy Chief National Clinical June Gateway
Business Case for North Lincolnshire Executive Advisory Team Review to be
the North modernisation plan Reviews linked to the
Chief Operating
Lincolnshire due to financial BAF
Officer
modernisation of constraints. Gateway
adult and older Reviews
peoples inpatient Produced outline BOD Minutes
and community Business Case 29/04/10
services 27/05/10
NHS N.lincs Minutes
Commercial BOD Minutes –
Development 29/04/10 Min
Updates Ref;085B/10
Corporate Risk
Register Ref; July
2010 – Risk 3 FIBDG Minutes 22/04/10 Min
Ref;6
Internal Audit Plan 20/05/10 Min
2010/2011; Ref;6
17/06/10 Min
Ref;5
4.4 Progress the further St Catherine’s Site Deputy Chief Commercial BOD Minutes –
development of is not utilized for the Executive Development 29/04/10 Min
specialist inpatient further development Updates Ref;085B/10
Chief Operating
mental health of specific inpatient FIBDG Minutes 22/04/10 Min
Officer
services on the St mental health Ref;6
Catherine’s site services 20/05/10 Min
Corporate Risk Ref;6
Register Ref; 17/06/10 Min
Ref;5
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 34 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
4.5 Actively pursue The Trust does not Deputy Chief Commercial Updates to 22/04/10 Min
opportunities expand its business Executive Development FIBDG Ref;6
presented by base presented by Director 20/05/10 Min
Transforming Transforming Ref;6
Community Community Services 17/06/10 Min
Services (TCS). Ref;5
Updates to Minutes
BOD 29/04/10 Min
Ref;085B/10
27/05/10 Min
Ref;110B/10
Updates to SLT Minutes
06/04/10
26/04/10
10/05/10
24/05/10
07/06/10
28/06/10
Bid for NHS -Bid
N.Lincs TCS -Chief Executive
Response letter
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 35 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
4.6 Further develop the The Trust does not Deputy Chief Commercial Updates to 22/04/10 Min
Trust’s business explore, develop Executive Development FIBDG Ref;6
through opportunities to Director 20/05/10 Min
geographical expand Ref;6
extension or geographically 17/06/10 Min
diversification Ref;5
Updates to Minutes
BOD 29/04/10 Min
Ref;085B/10
27/05/10 Min
Ref;110B/10
Updates to SLT Minutes
06/04/10
Corporate Risk
26/04/10
Register Ref;
10/05/10
24/05/10
Internal Audit Plan 07/06/10
2010/2011; 28/06/10
4.7 Complete and Failure to deliver the Deputy Chief Commercial Updates to 22/04/10 Min
deliver construction project within budget Executive Development FIBDG Ref;6
of the new older and timescale. Director 20/05/10 Min
people’s inpatient Ref;6
facility on the 17/06/10 Min
Rotherham Ref;5
Foundation Trust
site, within Updates to Minutes
timescales and BOD 29/04/10 Min
allocated budget Ref;085B/10
27/05/10 Min
Ref;110B/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 36 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Updates to SLT Minutes
Corporate Risk
06/04/10
Register Ref;
26/04/10
10/05/10
Internal Audit Plan 24/05/10
2010/2011; 07/06/10
28/06/10
4.8 Modernise CAMHS Principle risks are Chief Operating Modernisation Doncaster Minutes
provision and changes needed Officer and service CAMHS Project 26/04/10
integrate new within the clinical transfer action Board Meeting 23/06/10
business into the practice of staff and plans
redesigned model being able to make Action plan Project Manager
necessary skill mix Business Division updates Appointed
Corporate Risk
changes, resulting in oversight.
Register Ref;
poor outcomes for Service
Internal Audit Plan service users and Improvement
2010/2011; loss of Deputy Director
commissioner Appointed
confidence.
4.9 Review the Market testing may Chief Operating Continuous Terms of Terms of
Community Homes focus Officer review of service Reference for Reference for
provision within the disproportionately model. the Review review, not yet
context of on cost, and not agreed.
Commissioner led quality, resulting in a
market testing loss of business to
the independent
Corporate Risk
sector, and potential
Register Ref;
for fragmentation of
Internal Audit Plan care for service
2010/2011;Commu users.
nity Homes – 15
Days
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 37 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
4.10 Complete the Plans may fail due Chief Operating Project lead in Project reports . Dated reports
review of the to incorrect planning Officer place and Budget reports
Learning assumptions against completing
Disabilities day need or inability of project work
services staff to adjust to new
ways of working,
Corporate Risk
resulting in poor
Register Ref;
outcomes for service
Internal Audit Plan users.
2010/2011;
4.11 Work with Personalisation Chief Operating Working jointly Pilot project Dated reports
Commissioners to plans could result in Officer with reports,
implement significant commissioners Trust position
personalisation for reductions in the on pilot projects, statement
health and social Trust’s core services Deputy Director report (in
care services through loss of to complete preparation)
income attached to position
Corporate Risk
individual statement report
Register Ref;
personalisation on local and
Internal Audit Plan plans national
2010/2011; perspective.
4.12 Integrate new Scale and pace of Chief Operating Service transfer Steering group Dated minutes
business into the change could Officer action plans, minutes
Business Divisions overwhelm the Project Managers
structure viability of Business appointed, Action plan
Division Business Division achievements
Corporate Risk
management oversight.
Register Ref;
capacity, resulting in Service
Internal Audit Plan loss of performance, Improvement
2010/2011; workforce Deputy Director
dissatisfaction. appointed.
STRATEGIC OBJECTIVE 5: Maintain excellent performance, develop a strong market position and improve further our reputation for quality
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 38 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Maintain excellent performance
5.1 Ensure that Loss of income due Finance Director Commissioning Monthly
effective to poor board and sub
commissioning performance/relation group meeting
structures are in ships with the lead
place and that the commissioners BIG Group to Fortnightly Minutes
Trust can deliver look at activity/ 11/06/10
the information Commissioning 25/06/10
needs to make issues
informed decisions
with the
commissioners and
protect the Trust’s
income base.
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
5.2 Improve timeliness, Trusts is non- Finance Director / BIG Meeting Performance Fortnightly Performance
data quality and compliant with Director of Report 11/06/10 Min Report
compliance of targets based on Performance and Ref; 5 development
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 39 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
information data-completeness Assurance 25/06/10 Min based on IM&T
systems to improve Ref; 5 ability to
clinical decision PAG Minutes 15/04/10 Min provide monthly
making Ref; 408/10, data.
409/10
Corporate Risk
13/05/10 Min
Register Ref;
Ref;436/10,
Internal Audit Plan
437/10
2010/2011;
10/06/10 Min
Ref;466/10
Data Quality TBDs
Policy Performance
Reports
BIG
PAG
5.3 Achieve Excellent The Trust achieves Director of OMM IPA Report Monthly
rating under CQC insufficient Performance and 06/04/10 Min
framework indicators to be Assurance Ref; 6
rated ‘excellent’ 13/04/10 Min
under the Care Ref; 5
Quality
Commissions P&A Group P&A Group Monthly
Regulation Quality Account 15/04/10
13/05/10
10/06/10
Corporate Risk COG COG Report Quarterly
Register Ref; 11/05/10 Min
Ref; 34/10
Internal Audit Plan BOD BOD Meeting Minutes
2010/2011;Care updates 29/04/10 Min
Quality Ref;100B/101B/
Commission – 15 10
Days 27/05/10 Min
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 40 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Ref;125B/126B/
10
5.4 Maintain CQC The Trust does not Director of P&A Group Minutes 15/04/10 Min
Registration continually develop Performance and Ref;410/10
processes in line Assurance 16/05/10 Min
with national agenda Ref;437/10
to continue 10/06/10 Min
monitoring, Ref;469/10
evidencing and Essential (July meeting Essential
improving the quality Standards cancelled - to be Standards
Corporate Risk of healthcare Working Group rearranged) working Group
Register Ref;
arranged for
Q2
Internal Audit Plan TBD Monthly Minutes Monthly Performance
2010/2011; Care Business Accelerator and
Quality Meetings Compliance
Commission – 15 Performance Quarterly reports not yet
Days Accelerator fully developed.
reports – Q2
Reporting
TBD Quarterly Minutes Psychological
Performance Therapies –
Appraisals 28/06/10
Forensic Service
– 05/07/10
CAMHS –
07/07/10
OPMHS –
09/07/10
Substance
Misuse –
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 41 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
14/07/10
Adult Services –
20/07/10
LD Services –
23/07/10
5.5 Maintain Trust does not Director of Annual Planning Quarterly Quarterly
compliance with maintain with Performance and Process includes monitoring by feedback letter
Monitor’s Monitor’s Assurance / governance Monitor from Monitor (to
Compliance Compliance Finance Director forecast for year Chief Executive)
Framework Framework through end
the under
Corporate Risk achievement of the
Register Ref; Mental Health BIG Meeting Performance Monthly BIG establish
governance targets. Report 11/06/10 Min to address data
Ref; 5 quality issues
Internal Audit Plan
25/06/10 Min identified that
2010/2011;
Ref; 5 affect reporting
requirements
i.e.
CQUIN,
MHMDS, LA
Indicators
5.6 Implement plans to Director of NHSLA Steering 21/04/10
move towards Performance and Group 19/05/10
NHSLA Level 1 Assurance 16/06/10
reassessment and
Level 2 assessment
Corporate Risk Performance and 15/04/10 Min
Register Ref; Assurance Group Ref;419/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 42 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
13/05/10 Min
Ref;450/10
Internal Audit Plan 10/06/10 Min
2010/2011; Ref;484/10
5.7 Implement and The Trust policy Director of NHSLA Steering Minutes 21/04/10
monitor adherence framework becomes Performance and Group 19/05/10
to Policy outdated and does Assurance 16/06/10
Development and not reflect best
Management practice
Policy on Policies Policy March 2010
Framework
Corporate Risk
Register Ref;
PAG Trust Policy 15/04/10 Min
Quarterly Ref;419/10
Internal Audit Plan
Update 13/05/10 Min
2010/2011;
Ref;450/10
10/06/10 Min
Ref;484/10
5.8 Continually develop The Board Director of P&A Group Corporate Risk 15/04/10 Min
Board Assurance Assurance Performance and Register Ref;413/10
Framework and Framework and the Assurance 13/05/10 Min
Risk Management Risk Management Ref;444/10
Framework to Process are not fully 10/06/10 Min
provide the Board developed resulting Ref;477/10
of Directors with in the Board not Business Updated Work ongoing
robust assurances being fully assured Division and monthly and to embed the
that key risks are Directorate presented within business
identified and Risk Registers Business division
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 43 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
managed Division processes
Management
Meetings
Board PAG Minutes Identification of
Assurance 13/05/10 Min gaps in control
Framework Ref;445/10 and
PAG Minutes 10/06/10 Min assurances
Ref;479/10 continues
BOD BOD Minutes Minutes
29/04/10 Min
Ref;100B/101B/
10
27/05/10 Min
Ref;125B/126B/
10
Audit Committee Audit 04/06/10
Committee
minutes
Audit Report Audit Plan Individual
2010/11 reports
Corporate Risk
Register Ref;
Risk Risk June 2010
Management Management PAG Minutes
Internal Audit Plan Framework Framework 10/06/10 Min
2010/2011;Assuran Ref;478/10
ce Framework 14
Days/Risk
Management/Risk
Registers 15 Days
5.9 Implement Failure to meet Finance Director -Information Approved by
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 44 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
approach to control Information Governance Board in
Information Governance Policy January 2010
Governance Risks requirements results -Informatics Informatics Dated Minutes
in lowering in Programme Programme
Monitor Compliance Board Board Minutes
Framework. FIBD Group FIBD Group Minutes
Minutes 22/04/10 Min
Corporate Risk Ref;7
Register Ref; 20/05/10 Min
Ref;3
- Information Results from
Governance Toolkit
Internal Audit Plan Toolkit
2010/2011; Internal Audit of
Information
Governance
Declaration
FIBD Group 22/04/10 (7.ii)
Minutes
Audit Committee Minutes 04/06/10
5.10 Establish robust TBDs performance Director of Quarterly TBD Minutes Quarterly (see
performance does not support the Performance and Performance 5.4)
framework for the Trusts Corporate Assurance / Reviews
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 45 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Trust business targets Chief Executive TBD Minutes Monthly
divisions and Performance
support the Meetings
reconfiguration of
corporate services
to meet the needs
of the Trust
business divisions.
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
5.11 Maintain effective Trusts PMF does Director of PMF is a time – Quality Account Published June
Performance not reflect regulatory Performance and limited framework 2010
Management requirements Assurance (review due Oct CQC Ratings October
Framework 2010) 2009/2010
reporting to provide Monitor Ratings Quarterly
assurance to Quarterly feedback letter
regulatory bodies from Monitor (to
Chief Executive)
Performance BOD Minutes Minutes
Report to Board 29/04/10 Min
of Directors Ref;100B/101B/
Corporate Risk 10
Register Ref; 27/05/10 Min
Ref;125B/126B/
Internal Audit Plan 10
2010/2011;
5.12 Ensure robust The Trust takes Director of BOD Minutes Specific to April
external decisions on self- Performance and & Monthly
assurances are assessments Assurance 29/04/10
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 46 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
provided to give the without seeking 27/05/10
public confidence external validation
that the Trust’s self- leading to a lack in
assessment confidence in PAG TOR PAG Minutes Monthly
processes are governance 15/04/10
clear, transparent processes 13/05/10
and robust 10/06/10
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
Develop a strong market position and improve further our reputation for quality
5.13 Deliver a Communications Director of Strategy agreed Strategy review Strategy/action
Communications Strategy fails to Performance and at Board of (to be agreed) plan not yet
Strategy that recognise Strategic Assurance Directors Action Plan to reviewed
enhances the importance of key be continuously
Trust’s market factors or focuses monitored
position, reputation too strongly on
and relationships internal
communications
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
5.14 To develop the Trust does not Deputy Chief Commercial Quarterly 29/04/10 Min
Trust’s market acquire new Executive Development Reports to Ref;085B/10
position through the business and is Director BOD 27/05/10 Min
successful under success in Ref;110B/10
implementation of developing its
The Market market position
Development
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 47 of 48
Ref Principal Principal Risk Classification Of Key Controls Assurances Assurance Gaps in Gaps in
Objectives Principal Risk on Control Position Control Assurance
What the What could Which area(s) What controls / Where we can Dated evidence Where are we Where are we
Organisation / prevent this within the systems we gain evidence that shows we failing to put failing to gain
Directorate aims objective being organisation the have in place to that our are reasonably controls / evidence that
to deliver achieved risk primarily aid the delivery controls / managing our systems in our controls /
relates to of the objective systems on risks and the place? What systems, on
which we are objectives are may be which we
placing being delivered causing us to place reliance,
reliance, are fail to make are effective?
effective them effective
Strategy 2010 –
2013 and the
Trust’s Strategic
Direction 2010 –
2013 and through
the acquisition of
new business
Corporate Risk
Register Ref;
Internal Audit Plan
2010/2011;
C:\Docstoc\Working\pdf\4cde13ea-de27-4163-9a0e-276562e5dbb0.doc Page 48 of 48
