Docstoc

AGS Rough Guide - CIPFA Networks

Document Sample
AGS Rough Guide - CIPFA Networks Powered By Docstoc
					                                                                           IPF




THE CIPFA FINANCE ADVISORY NETWORK
THE ANNUAL GOVERNANCE STATEMENT

Meeting the requirements of the Accounts and Audit Regulations 2003, Incorporating
Accounts and Audit (Amendment) (England) Regulations 2006

                                                     Rough Guide for Practitioners
                                                          With effect from 2007/8




                                         1
                                    CONTENTS
                                                                                             Page
THE ANNUAL GOVERNANCE STATEMENT
Section One – Introduction and Overview of legislative framework


1.1 Background to the Annual Governance Statement                                             4

1.2 Accounts and Audit (Amended) (England) Regulations 2006 – SI564/2006                      4

1.3 Defining proper practice – Circular 03/2006                                               5

1.4 CIPFA/SOLACE Governance Framework                                                         5

1.5 CIPFA Code of Practice on Local Authorities (The SORP)                                    6

1.6 Comment from the Audit Commission                                                         6
1.7 A comparison between the Statement on Internal Control and the Annual
                                                                                              7
    Governance Statement1
Annual Governance Statement – Overview                                                        8



Section Two – The Annual Governance Statement – Roles and responsibilities

2.1 Corporate Ownership and Responsibilities                                                  9

2.2 Structuring the Governance Statement and the Assurance Gathering Process                  9

Flowchart 1 – Review of Annual Governance Statement and the Assurance Gathering
                                                                                              11
Process



Section Three – The Annual Governance Statement – Scoping the process and
timeline

3.1 Responsibilities                                                                          13

3.2 Process                                                                                   13

Flowchart 2 – Annual Governance Statement Framework                                           16

3.3 Timetabling                                                                               17

Chart 1 – Possible sequence of preparation and reporting for the AGS                          18

Appendix A – Examples of assurance and evidence in support of the AGS                         19

Appendix B1 – Partnerships – Suggested Approach and Determination                             48

Appendix B2 – Partnerships – Significance Assessment Scorecard                                52

Appendix C – Comparison between the SIC and the AGS                                           53

Appendix D – Feedback from CIPFA AGS seminars in October/November 2007                        58

Note
The terms “authority” and “organisation” are generally interchangeable in this Rough
Guide. However, for the police service there is a distinction between the Police Authority
and the Force, each of which has its own accountabilities and responsibilities as well as
shared ones. In this case “authority” means the Police Authority and “organisation”
means the Police Authority and the Force. A similar distinction may apply to other
bodies to which this rough guide applies.




                                             2
 Acknowledgements to team members:


 The Finance Advisory Network would like to express its thanks for the dedication and
 commitment given to this rough guide document of the following review group
 members:

 Patrick Clackett, London Borough of Barking and Dagenham
 Cliff Dalton, CIPFA Finance Advisory Network
 John Duder, John Duder Associates Ltd
 Neil Hunter, Leeds City Council
 James Ingham, North Yorkshire Audit Partnership
 Greg Marks, CIPFA Better Governance Forum
 Peter Smith, Newark & Sherwood District Council
 Alan Taylor, Thames Valley Police Authority




 Other acknowledgements:


 The Finance Advisory Network would also like to thank other practitioners and the
 involvement of members of the Audit Commission for their help in compiling this guide.
 Kerry Ace, CIPFA
 Rachel Johnson, Audit Commission
 Mike Langley, Audit Commission
 Diana Melville, Senior Advisor (Audit and Risk) CIPFA Better Governance Forum
 Patricia Phillipson, North Kesteven District Council




Status of the Rough Guide

The CIPFA/SOLACE Governance Framework sets out the principles of good governance and
introduces the reader to an Annual Governance Statement (AGS) pro-forma based on six
standards of governance. This Rough Guide complements the framework by offering
practical advice to practitioners on how to compile an evidence-based AGS and is endorsed
by CIPFA/SOLACE.




                                               3
SECTION ONE – INTRODUCTION AND OVERVIEW OF THE CURRENT
LEGISLATIVE FRAMEWORK

1.1     Background to the annual governance statement

        Regulation 4 of the Accounts and Audit Regulations (2003) required
        audited bodies1 to conduct a review at least once a year of the
        effectiveness of its system of internal control and publish a statement on
        internal control (SIC) each year with the authority‟s financial statements.

        The purpose of the SIC is to demonstrate that there is a continuous review
        of the effectiveness of an organisation‟s internal control and risk
        management systems, so as to give assurance on their effectiveness
        and/or to produce a management action plan to address any identified
        weaknesses.

        The SIC is to be compiled in accordance with „proper practice‟, a
        framework which was subsequently published in April 20042 by CIPFA
        based on similar frameworks operating in central government
        departments.

        During 2004 the Finance Advisory Network set up a Rough Guide working
        group to interpret CIPFA‟s proper practice document for the benefit of
        practitioners. Included in our guidance were some sample statements, a
        suggested timeline underpinning the process along with many examples
        and suggested areas of assurance for use as evidence in support of the
        SIC.

        In April 2005 the National Assembly for Wales introduced their own
        legislative framework. Regulation 4 of the Accounts and Audit (Wales)
        Regulations 2005 placed a similar reporting requirement on Welsh local
        government with regards to the SIC. These Welsh regulations also cited
        CIPFA‟s proper practice document as the guidance to be followed,
        however, they went somewhat further than in England by emphasising a
        much greater focus on corporate responsibilities, stating in legislation that
        they were to be embedded in the processes of the authority as a whole.

1.2     Accounts and        Audit    (Amendment)        (England)      Regulations     2006     –
        SI564/2006

        In April 2006 amendment regulations to the Accounts and Audit
        Regulations (England) 2003 had a further effect on the compilation of the
        SIC for English authorities. Statutory Instrument 564/2006 came into
        force on 1st April 2006 and took effect from the 2006/7 financial reporting
        year (i.e. effective with the 2006/7 SIC statement).

        SI 564 introduced the following requirements:

        Regulation 4: required the findings of the review of the system of internal
        control to be considered by a committee of the relevant body, or by
        members of the body meeting as a whole, and



1
  Those bodies whose accounts are audited in accordance with Section 2 of the Audit Commission Act
1988 (other than health service bodies, local probation boards and Passenger Transport Executives
2
  The Statement of Internal Control in Local Government – Meeting the requirements of the Accounts
and Audit Regulations 2003




                                                4
        Regulation 6: required bodies to review the effectiveness of their system
        of internal audit once a year and for the findings of the review to be
        considered by a committee of the body, or by the body as a whole

        More detail relating to the impact on current reporting expectations that
        the amended Accounts and Audit Regulations 2006 introduce was issued
        by the Rough Guide Working Group in January 2007 (see Part B of this
        guide for a web link address to this guidance on the FAN website).


1.3     Defining proper practice – Circular 03/2006

        On 18th August 2006 the Department for Communities and Local
        Government issued further guidance to clarify what they deemed as
        „proper practice‟.

        Section 7 of circular 03/2006 stated that „proper practice‟ in relation to
        internal control relates to guidance contained in the following
        documentation:
             Statement on Internal Control in Local Government: meeting the
               requirements of the Accounts and Audit Regulations 2003,
               published by CIPFA in 2004
             Corporate Governance in Local Government: A Keystone for
               Community Governance (Framework and Guidance Note), produced
               by CIPFA/SOLACE in 2001.       This has recently been updated.
               „Delivering Good Governance in Local Government‟ was published
               by CIPFA/SOLACE in 2007.

        Circular 03/2006 has real significance for local authorities as it clears the
        way for the annual governance statement (the part of the new
        CIPFA/SOLACE governance framework that subsumes the SIC) to be
        assigned proper practice status and therefore have statutory backing.

        CIPFA has also confirmed that such status was assigned to the annual
        governance statement from 1st April 2007. This means that it has formally
        replaced its proper practice association with the SIC w.e.f. the 2007/8
        reporting year and that CIPFA‟s earlier proper practice document of April
        2004, therefore, has now been replaced by the new governance
        framework.


1.4     CIPFA/SOLACE Governance Framework

        The new CIPFA/SOLACE governance framework „Delivering Good
        Governance in Local Government‟ brings together an underlying set of
        legislative requirements, governance principles and management
        processes. Crucially, it states that good governance relates to the whole
        organisation3.

        CIPFA has assigned proper practice status to the governance framework.
        It outlines six core principles of governance focusing on the systems and
        processes for the direction and control 4 of the organisation and its


3
 In the police service this means that good governance relates to both the Force and to the Authority.
4
  Direction and control of the organisation is in the sense of the Cadbury Committee definition of
corporate governance. In the police service this should not be confused with the direction and control
of the Force, which is exercised by the Chief Constable.




                                                  5
      activities through which it accounts to, engages with and (where
      applicable*) leads the community. The degree to which the authority
      follows these principles should be declared in its Annual Governance
      Statement. It is this statement that has the legal backing of Regulation 4
      of the Accounts and Audit Regulations from 2007/8.

      For those organisations who had already considered and compiled their
      SIC as a corporate document (as suggested in our original rough guide to
      the SIC – 2005 document), and as emphasised in regulation by the Welsh
      Assembly, the transition to an Annual Governance Statement should not
      be onerous. Appendix A of this document gives the reader detailed
      suggested evidence and areas of assurance for the statement in
      accordance with the framework‟s governance principles.

      Separate guidance to the governance framework tailored for local
      authorities has been compiled by CIPFA/SOLACE. A further document
      tailored for police authorities is scheduled for publication later in 2008.


1.5   CIPFA Code of Practice on Local Authority (The SORP)

      CIPFA has for some years made it a requirement for authorities to publish
      a statement on the effectiveness of their internal control framework. SORP
      2005 (chapter 7) formally linked this statement to the publication of the
      Statement of Accounts. This was repeated in SORP 2006.

      Section 7.2 of SORP 2005 states:
      “English and Welsh local authorities should include with their statement of
      accounts a statement on internal control. The statement should relate to
      the system of internal control as it applied to the financial year for the
      accounts that it accompanies.”

      Changes to section 8 of SORP 2007 (published in summer 2007) have not
      been made and will mean that CIPFA‟s recommended practice for 2007/8
      year will still make reference to the SIC. Future versions of the SORP will
      reflect the requirement to produce an AGS.

      English authorities should be aware that (despite the wording of SORP
      2007) they will be expected to publish the new annual governance
      statement for 2007/8 with their accounts in place of the SIC (please note
      Welsh authorities are still able to publish the SIC for 2007/8).

      An historical overview of the current reporting requirement for an annual
      governance statement in terms of legislation, proper practice and other
      guidance, including the role of this updated rough guide document, is set
      out below. The reader should note the colour-coding key when considering
      these documents.

1.6   Comment from the Audit Commission

      As a member of the CIPFA/SOLACE working party that developed and
      published the revised governance framework, the Audit Commission fully
      supports the requirement for an annual governance statement.      The
      Commission also welcomes the Rough Guide as it provides a helpful,
      practical approach to preparing an annual governance statement.




                                       6
      In the Commission‟s view, the arrangements required for gathering
      assurances for the preparation of the annual governance statement
      provide an opportunity for authorities to consider the robustness of their
      governance arrangements. In doing so, authorities need to recognise that
      this is a corporate issue, affecting everyone in the organisation. It is also
      important to recognise that the purpose of the annual governance
      statement is not just to be „compliant‟, but also to provide an accurate
      representation of the arrangements in place during the year and to
      highlight those areas where improvement is required. This will also
      demonstrate to stakeholders what those arrangements are.

      As part of their use of resources assessments auditors will consider the
      arrangements in place to enable the preparation of the annual governance
      statement, including the degree to which the authority recognises the
      corporate ownership of its governance arrangements.

1.7   A comparison between the Statement on Internal Control and the Annual
      Governance Statement

      The AGS extends the coverage of the Statement on Internal Control to
      reflect how the organisation conducts its business, both internally and in
      its dealings with others. Appendix C compares the two.


      A summary of the issues concerning practitioners attending the CIPFA AGS
      seminars in October/November 2007 together with their suggested
      solutions is attached at Appendix D.




                                        7
            Annual Governance Statement – Overview
                         Reports following Corporate Governance
                            failures (Cadbury, Nolan, Turnbull)                Box Colour Key:
                                                                               Discretionary Code
                                                                               Proper Practice
                                                                               Statutory Requirement
CIPFA/SOLACE Framework                                          2003
 Corporate Governance                                            All
                                                                       2005
    Dimensions (2001)             Statement on Internal                 All
                                    Financial Control                       2007
                                                                          Wales only
                                                                                                      SORP
            CIPFA
        Proper practice                                         Accounts & Audit Regs.
                                       Statement on
        document 2004                                                  2003 – England
                                      Internal Control                  2005 – Wales
      FAN’s – Rough Guide
       (2005 – W.E.F. 2004/5)
                                                                                                  2007
                                                                    2006         2008
      FAN’s – Rough Guide          Annual Governance             Amended       Amended
                                                                                              England only
      (2007 – Draft for 2007/8)                                  (England)    (Wales) - tbc
                                   Statement (2007/8+)
       (2008 – W.E.F. 2008/9)
                                                                                                              2008
                                                                                                               All -
                                                                                                             tbc All
                                                                   CIPFA/Ass. of Police Authorities
             CIPFA                     CIPFA/SOLACE                (Specific guidance for Police)
     Proper practice (status)        Governance F’work
         awarded 2007                       2007
                                      (Principal Authorities)              CIPFA/SOLACE
                                                                          (Guidance notes)



                                                        8
SECTION TWO – Annual Governance Statement – Roles and
Responsibilities


2.1   Corporate Ownership & Responsibilities

      CIPFA‟s original proper practice relating to the SIC required the most
      senior officer (Chief Executive or equivalent) and the most senior member
      (Leader or equivalent) to sign the statement – and this is also required by
      the CIPFA/SOLACE framework for the Annual Governance Statement
      (AGS). Clearly the signatories must be satisfied that the document is
      supported by reliable evidence. The AGS should also accurately reflect the
      corporate governance environment as described in an authority‟s Local
      Code of Corporate Governance (produced in line with guidance contained
      within the CIPFA/SOLACE document “Delivering Good Governance in Local
      Government”).

      This Rough Guide offers options for authorities to compile their AGS and
      bring together the necessary supporting evidence.


2.2    Structuring the Annual Governance Statement and the Assurance
Gathering     Process

      The new CIPFA/SOLACE governance framework clearly sets out the
      fundamental principles of corporate governance; these are:

      1.     Focusing on the purpose of the authority and on outcomes for the
             community and creating and implementing a vision for the local
             area
      2.     Members and officers working together to achieve a common
             purpose with clearly defined functions and roles
      3.     Promoting values for the authority and demonstrating the values of
             good governance through upholding high standards of conduct and
             behaviour
      4.     Taking informed and transparent decisions which are subject to
             effective scrutiny and managing risk
      5.     Developing the capacity and capability of members and officers to
             be effective
      6.     Engaging with local people and other stakeholders to ensure robust
             accountability

      These principles are also supported in further guidance (from
      CIPFA/SOLACE) by a series of case study examples and other stated
      expectations around the role of officers and members in the organisation
      in supporting the framework.

      The separate guidance for local councils and the police service (currently
      in draft) both include a model Annual Governance Statement. FAN‟s rough
      guide focuses more on helping practitioners prepare and evidence the
      statutory Annual Governance Statement that is introduced under the new




                                       9
governance framework rather than the form it should take. It therefore
complements all guidance issued with the CIPFA/SOLACE Framework.

In essence, the Annual Governance Statement is the formal statement
that recognises, records and publishes an authority‟s governance
arrangements as defined in the framework. It is a statement which has
now subsumed the SIC just as the SIC subsumed the statement on
internal financial control from 2003/4.

It is because of the closeness of links between the SIC and the annual
governance statement that CIPFA/SOLACE are keen to keep faith with the
same „assurance gathering process‟ (first introduced by CIPFA‟s earlier
proper practice document in relation to the SIC) as the template around
which the new governance statement should be compiled.

The assurance gathering process is the well-established and structured
link between the strategic objectives and statutory requirements of the
authority and how these objectives are to be delivered. It requires the
identification of key controls that are deemed critical to the delivery of
these objectives and expects a formal review and risk assessment for the
management and delivery of these key controls.

The majority of changes and additions for this guide (set out at appendix
A) are in response to ongoing or further changes, challenges, pressures
and expectations now placed on authorities. Perhaps the most notable
examples of this are the assurance and evidence relating to joint working
arrangements, partnerships and shared services that have become much
more prevalent and high profile for local authorities. These arrangements
are likely to become even more prevalent as Local Area Agreements
develop further and we move towards the new performance assessment of
authorities in Comprehensive Area Assessment.

For convenience, flowchart 2 repeats the assurance gathering process that
practitioners should be familiar with and are encouraged to follow when
compiling their annual governance statement. It is this template that is
used in this guide when offering suggestions of assurance and evidence to
the reader.




                                10
Flowchart 1: Review of Annual Governance Statement and the Assurance
Gathering Process

                          Establish principal               Apply the Six
  Objective 1         statutory obligations and          CIPFA/SOLACE Core
                      organisational objectives               Principles




  Objective 2           Identify principal risks to achievement of objectives




  Objective 3         Identify and evaluate key controls to manage principal
                                               risks


  Objective 4           Obtain assurances on effectiveness of key controls



                             Evaluate assurances and identify gaps in
  Objective 5
                                       control/assurances



                         Action plan to address weaknesses and ensure
  Objective 6          continuous improvement of the system of Corporate
                                          Governance



  Objective 7                     Annual Governance Statement




  Objective 8                Report to Cabinet/Executive Committee




                                     11
Appendix A represents an approach to compiling the statutory statement
and has been fully accepted and supported by both the Audit Commission
and the CIPFA/SOLACE working group.

It emphasises the reliance on existing processes and documents in
compiling the AGS – though not all of these sources will be present (or
perhaps appropriate) for all organisations. The examples provided are not
intended to be prescriptive or comprehensive but are offered as items that
could be included in a governance statement. They may also act as a
prompt to encourage practitioners to think about other areas of assurance
and evidence that are specific to their authority.

CIPFA/SOLACE cite producing and disseminating a local Code of Corporate
Governance as best practice. It simplifies the production of the Annual
Governance Statement because all the expected core principles in the
CIPFA/SOLACE framework should be present in the local Code. Therefore,
evidencing compliance with the local Code will also provide significant
evidence to support the Annual Governance Statement. Appendix A
suggests what requirements should be reflected in the local code and
examples of the source documents, good practice or other means of
demonstrating compliance with the code and, hence, evidence in support
of the Annual Governance Statement.

The task is therefore to research and formally recognise things currently
done across the organisation and to record them accordingly – to best
support the assurance statement.

Transparency, co-ordination and referencing of all areas of assurance and
evidence across the organisation will promote and increase corporate
awareness of the governance statement, while helping to minimise
duplication of effort. It should also assist the “auditability” of the internal
control aspects of the authority‟s Use of Resources (PURE assessment in
Police).

As with the SIC, we envisage that work on the governance statement will
be co-ordinated by a designated working group of the authority, which
would report its findings to the designated committee of the authority. A
suggestion of membership and reporting structure see flowchart 2), along
with a suggested timeline that meets statutory reporting deadlines (see
chart 1) are set out in section 3 of this document.




                                  12
SECTION 3 – Annual Governance Statement – Scoping the process and
timeline


  3.1. Responsibilities

     The Annual Governance Statement (AGS) is a key corporate document.
     The most senior officer and the most senior member have joint
     responsibility as signatories for its accuracy and completeness.

     As a corporate document the AGS should be owned by all senior officers
     and members of the authority. It is essential that there is a buy-in at the
     top level of the organisation; otherwise there is a risk that the preparation
     of the AGS is not perceived as the important task that it is by managers
     and other staff. If the work is delegated to a single officer it is likely to
     dilute the statement‟s significance.

     The signatories need to ensure that the AGS accurately reflects the
     governance framework for which they are responsible. In order to achieve
     this they are likely to rely on many sources of assurance, such as:
          directors and managers;
          the responsible financial officer;
          the monitoring officer;
          members;
          the Head of Internal Audit;
          performance and risk management
          third-parties, e.g. partnerships;
          external audit and other review agencies;


     The statement should be continuously reviewed throughout the year, but
     in practice, authorities with well-developed arrangements will find that it
     will emerge from the routine governance and managerial processes (which
     necessarily operate continuously).


  3.2. Process

     There is no definitive way of producing an AGS. Organisations may
     choose to adopt different approaches within the framework of this guidance;
     what is important is the value gained from going through the process and
     from the assurance that it gives to the organisation and its stakeholders.

     Authorities will need to build on the process employed for compiling the
     SIC and determine who should be involved, when should they be involved
     and what should be included or evidenced. The proposed process will need
     to be communicated throughout the organisation and fully accepted and
     endorsed by all involved, particularly those responsible for governance.

     Flowchart 2 below sets out a framework that should help. It identifies
     some typical dynamics of an AGS that an authority should consider and
     shows how they can be brought together and evidenced.




                                      13
It is likely that most authorities will already have the components of a
robust AGS document. The document will simply bring these initiatives and
areas of good practice together in a co-ordinated and explicit way.

At the centre of the review process will be a working group who are given
ultimate responsibility for drafting the AGS, evaluating assurances and the
supporting evidence. This group should review whether or not there is
consistency with existing policies and the authority‟s governance
framework.


Risk management should feature strongly in the AGS process. It should
support the co-ordinating role of the corporate group by advising on risks
to achieving corporate objectives and statutory requirements, which are
set out in corporate, directorate and departmental risk registers, and how
they are managed.

In compiling an Annual Governance Statement issues that are considered
to fall short of the expected standards (whether or not set out in the
organisation‟s local code of corporate governance) could arise. In this
case a decision needs to be made about how significant the issue is and
whether or not it needs to be commented on in the Statement. The
organisation needs to determine for itself what constitutes a significant
issue; what may be important in one organisation might not be considered
as a major issue in another. But there needs to be a proper basis on
which the significance of an issue is determined and an action plan
explaining how the issue will be addressed should be included in the
Statement.

The Head of Internal Audit should provide a written annual report to those
charged with governance timed to support the Annual Governance
Statement. The Head of Internal Audit‟s formal annual report to the
organisation should:
    include an opinion on the overall adequacy and effectiveness of the
       organisation‟s risk management systems and internal control
       environment
    disclose any qualifications to that opinion, together with the
       reasons for the qualification
    present a summary of the audit work from which the opinion is
       derived, including reliance placed on work by other assurance
       bodies
    draw attention to any issues the Head of Internal Audit judges
       particularly relevant to the preparation of the Annual Governance
       Statement
    compare the work actually undertaken with the work that was
       planned and summarise the performance of the internal audit
       function against its performance measures and criteria
    comment on compliance with these standards and communicate
       the results of the internal audit quality assurance programme.




                                14
        In addition to the annual report, the Head of Internal Audit should make
        arrangements for interim reporting to the organisation in the course of the
        year. Such interim reports should address emerging issues in respect of
        the whole range of areas to be covered in the annual report.
        The review of the effectiveness of the system of internal audit helps to
        ensure that the opinion in the annual report of the Head of Internal Audit
        may be relied upon as a key source of evidence in the AGS 3.

        Compiling an AGS should not be done in a vacuum. Comments, evidence
        and feedback can come from many places, including reports from
        inspectorates, internal and external audit on specific service areas, or
        corporate reviews on performance and risk management. Each can provide
        additional assurances on the adequacy and effectiveness of existing
        service performance that can be viewed in the light of the AGS.

        The flowchart below shows a need for a review body in the process, such
        as an audit committee or equivalent, who should be charged with critically
        reviewing the AGS and its supporting documentation. It is vital that this
        review body remains independent from the AGS compilation and is given
        real powers to make recommendations and ultimately changes to the
        process as it sees fit.




3
  Guidance on this review was issued by the FAN in January 2007 and was endorsed by the Audit
Commission. Further work is being undertaken and it is anticipated that the guidance will be updated
by March 2008.




                                                15
   ANNUAL GOVERNANCE STATEMENT FRAMEWORK (FLOWCHART 2)

                    Framework - Key documents/process guidelines                                                                   Annual Governance
                    •   Performance management
                    •   Business strategy and planning process
                                                                                                                                       Statement
                    •   Budget and budgetary control
                    •   Local code of corporate governance
                    •   Project management/ Risk Management / counter Fraud Policy
                    •   Ethical Governance
                    •   Policies, procedures, codes of conduct                                                               Approval by Committee or by members
                    •   Partnership protocol                                                                                      of body meeting as a whole




                                                                                     Corporate Group with                           Review of the effectiveness
                                             Authority &                             responsibility for drafting                         of the system of
                                         Directorate Policies,                       AGS evaluate assurances                             Internal Audit
                                         Business Plans and                          and supporting evidence
                                            Risk Registers




 Performance       Risk                   Legal and                 Members’             Assurances by         Other sources of          Financial          Internal Audit   External Audit
Management &    Management                Regulatory                assurance           directors/service          assurance              control
 Data Quality                             Assurance                                          heads             (including third-         assurance
                                                                                                                     party)




                                                                             Ongoing assurance on adequacy and
                                                                              effectiveness of controls over key
                                                                                             risks




                                                                                           16
3.3   Timetabling

      The AGS should be reviewed at least once a year but should not be seen
      simply as an end of year activity to comply with legislation.

      Therefore, for this process to add value to the organisation, assurances on
      the effectiveness of controls over key risks should be obtained throughout
      the year. This will allow the organisation to take remedial action necessary
      at the earliest opportunity, thereby improving the corporate governance
      framework.

      Once an authority has agreed the process involved in compiling an AGS, it
      needs to consider an appropriate timeline that allows input into the
      document in a timely fashion.

      Chart 1 sets out how the document could be compiled over the year and is
      linked with the process flowchart set out at section 3.2.

      Authorities will be required to include the AGS document in the approval
      process of the statement of accounts (see section 1.5) – the statutory
      deadline for which was brought forward by the Accounts and Audit
      Regulations to the end of June from the 2005/6 financial year.

      The statutory reporting requirement for the AGS, however, is linked to the
      publication of the authority‟s financial statements (i.e. its statement of
      accounts), which is 3 months after the deadline for approval (i.e. end of
      September from the 2005/6 financial year). The dates set out in chart 1,
      therefore, are intended to support authorities completing the AGS in time
      for the approval of accounts.

      The AGS should be approved at a meeting of the authority or delegated
      committee in time for publication with the statutory accounts. Where an
      authority publishes the statement with its financial statements, therefore,
      it should be satisfied that the AGS is still current in relation to its formal
      approval (i.e. the greater the delay between approval of the AGS and
      publication with the statement of accounts, the greater the need for the
      authority to challenge its adequacy at that point in time).




                                        17
                             THROUGHOUT YEAR
                             Evaluate Controls
                                                                                                Chart 1:
                             Review/Update Risk Registers
                             Performance review reports                                         Possible sequence of preparation and
                             Management reports                                                 reporting for the Annual Governance
                             Internal Audit Reports                                             Statement.
                             External Audit communications

                              Progress on
                              action plans
    LAST YEAR’S
     STATEMENT                                           Training for the
                                                          review body
   (AGS OR SIC)
                       Map risks to risk
                          registers
  ANNUAL
GOVERNANCE                                                         A&A Reg 6 Review
 STATEMENT                                                          of Internal Audit
                                                                     Effectiveness

     AGS approved and signed by
      Leader & Chief Executive
                                                                  Review of controls by
                                                                 managers  assurance     The precise timing of the actions will need to
                                                                       statements
                                                                                          take account of statutory deadlines
      Management prepares AGS.
                                                               Review of ‘Partnership’
                                                               Governance systems.

             Audit Commission Use of
                Resources review.                         Other sources of
                                                             assurance


                               Internal Audit annual report,
                                 including overall opinion




                                                                   18
                                                            Appendix A

Suggested examples of assurance and evidence in support of the authority’s
annual governance statement.
Objective 1: Establishing principal statutory obligations and organisational
              objectives:
Step 1: In support of objective 1 – Mechanism established to identify principal
         statutory obligations
Examples of assurance:                      Evidenced by:
1.    Responsibilities for statutory          Documents (e.g. constitution) recording
      obligations are formally established     individual officer and member
                                               responsibilities
                                              Minutes of delegations to officers and
                                               committees
                                              Committee terms of reference
                                              Job descriptions of key officers
                                              Structure charts
                                              Member/officer protocols
2.    Record held of statutory obligations    Accessible record of statutory obligations
                                               (e.g. central registry or legal library,
                                               intranet)
3.    Effective procedures to identify,       Review of established processes in place
      evaluate, communicate, implement,       Appointment of suitably qualified and
      comply with and monitor legislative      experienced employees, selected against
      change exist and are used                accurate and specific job descriptions and
                                               person specifications
                                              Evidence of effective arrangements for
                                               internal and external communication (e.g.
                                               by review of communication of recent
                                               legislation to relevant officers and members)
                                              Appropriate induction training has been
                                               given to specific post holders
                                              Awareness training tailored to job profiles
                                               has been provided
                                              Inspection of reports to members on
                                               implications of new legislation
                                              Evidence that assurance has been given to
                                               Chief Executive (or equivalent) that all
                                               relevant legislative changes have been
                                               reported and addressed
4.    Effective action is taken where areas   Review of evidence to demonstrate that
      of non-compliance are found in either    action has been taken to overcome
      mechanism or legislation                 identified areas of non-compliance, for
                                               example:
                                               o Internal /external audit reports to audit
                                                   committee or equivalent;
                                               o Monitoring reports on progress on
                                                   delivering action plans in response to
                                                   identified legal/statutory risks in risk
                                                   register (e.g. on implementation of
                                                   Freedom of Information Act 2000)
                                               o Evidence of corrective action being
                                                   taken in response to upheld complaints
                                                   against the authority




                                          19
Step 2: In support of Objective 1 – Mechanism in place to establish organisational
         objectives5

Examples of assurance:                               Evidenced by:
1.   Consultation with stakeholders on                 Results from internal and/or external
     priorities and objectives                          consultation exercises have been analysed
                                                        and published
2.     The authority‟s priorities and                  Authority‟s approved and published strategic
       organisational objectives have been              plan takes account of all consultation and
       agreed (taking into account feedback             local and national priorities
       from consultation).                             Priorities and objectives in strategic
                                                        partnerships are aligned with corporate
                                                        priorities and objectives
3.     Priorities and objectives are aligned           Corporate priorities and objectives are
       to principal statutory obligations and           clearly set out in the strategic plan
       relate to available funding                     Strategic plan takes account of annual
                                                        budget and medium term financial plan
                                                       Financial plans take account of strategic
                                                        partnership contributions and income
                                                        streams
4.     Objectives are reflected in                     Clear terms of reference are set for the
       departmental plans and are clearly               preparation of departmental and/or service
       matched with associated budgets                  plans
                                                       Departmental and/or service plans clearly
                                                        reflect corporate objectives and match
                                                        approved funding
                                                       Annual reports are produced on the outcome
                                                        of departmental and/or service plans
5.     The authority‟s objectives are clearly          A communication strategy in respect of the
       communicated to staff and to all                 corporate objectives has been developed,
       stakeholders, including partners.                approved and implemented
                                                       Evidence of consultation with stakeholders
                                                        (e.g. public and internal surveys etc) and
                                                        strategic partners on service provision
                                                        against cost.
                                                       Documented meetings across departments
                                                        to discuss key objectives in corporate and
                                                        departmental and/or service plans
                                                       Corporate objectives and aims are set out in
                                                        key documents (annual plans, Local Area
                                                        Agreements etc) on the authority‟s website
                                                        and intranet site




5
 In the police service it is assumed that the Authority‟s corporate objectives will subsume those of the
Force.




                                                  20
Step 3: In support of objective 1 – Effective corporate governance arrangements
         are embedded within the authority
Examples of assurance:                     Evidenced by:
1.    Code of corporate governance           A Code of Corporate Governance in line
      established                             with the CIPFA/SOLACE guidance
                                              relevant to the type of authority has
                                              been adopted by the authority.
                                             A communication strategy in relation to
                                              the Code has been developed, approved
                                              and implemented
2.    Review and monitoring arrangements     The Code itself incorporates a review
      in place                                date and/or a system for continuous
                                              update in response to changed
                                              requirements
                                             There are clear arrangements for
                                              continuously monitoring compliance
                                              with the Code e.g. reports on
                                              compliance are regularly submitted to
                                              the committee charged with corporate
                                              governance responsibility
                                             An annual report on compliance with the
                                              Code of Corporate Governance is
                                              prepared and submitted to members
                                              (i.e. the Annual Governance Statement)
                                             Internal/external audit reports on
                                              adequacy of corporate governance
                                              arrangements
                                             An action plan is prepared to address
                                              any significant identified weaknesses in
                                              complying with the Code and is
                                              continuously monitored by the authority
                                              or committee charged with corporate
                                              governance responsibility (i.e. the AGS
                                              action plan)
3.    Committee charged with governance      Responsibility for overseeing corporate
      responsibilities                        governance has been formally delegated
                                              to an appropriate committee
                                             Committee terms of reference clearly
                                              demonstrating responsibility for
                                              corporate governance issues have been
                                              approved by the authority
                                             Terms of reference are sufficiently
                                              comprehensive to ensure that all
                                              appropriate aspects of corporate
                                              governance are covered
                                             Agendas and minutes from the
                                              committee charged with corporate
                                              governance responsibility indicate that
                                              the responsibility is being discharged
                                              adequately in accordance with terms of
                                              reference




                                         21
Examples of assurance:                       Evidenced by:
4.   Governance training provided to key       Induction training for key new officers
     officers and all members                   and all new members incorporate
                                                suitable coverage on corporate
                                                governance issues according to
                                                responsibilities
                                               Ongoing awareness training is provided
                                                as appropriate to key staff and all
                                                members to ensure that changes in the
                                                Code are made known within the
                                                authority
5.    Staff, public and other stakeholder      There is a general staff awareness
      awareness of corporate governance         programme
                                               The Code has been published and is
                                                accessible to all staff, the public and
                                                other stakeholders




                                            22
Step 4: In support of objective 1 – Performance management arrangements are
       in place

Examples of assurance:                 Evidenced by:
1.   Comprehensive and effective         There is a clearly defined performance
     performance management systems       management framework that identifies:
     operate routinely                    o all sources of performance
                                             measures;
                                          o who is responsible for achieving
                                             each performance measure;
                                          o who is responsible for collating the
                                             data for each one;
                                          o who determines and approves the
                                             performance measures;
                                          o who receives reports on
                                             performance and how often;
                                          o how data quality is assured;
                                          o how performance data is captured
                                             and its integrity maintained;
                                          o how poor performance is addressed;
                                          o how performance is driven upwards
                                             over time

                                          Reports resulting from internal or
                                           external reviews of performance
                                           management
                                          Year-on-year comparison of
                                           achievement against performance
                                           targets (e.g. in annual reports)
                                          Best value reviews, including
                                           benchmarking results
                                          Departmental and/or service
                                           benchmarking results
                                          Annual reports issued by, or in relation
                                           to, strategic partnerships
2.   Key performance indicators are       Appropriate key performance indicators
     established and monitored             (KPIs) have been established and
                                           approved for each service element and
                                           are included in departmental and
                                           service business/annual plans
                                          KPIs have been developed and are
                                           monitored in respect of key partnerships
                                          A robust monitoring system has been
                                           approved and implemented
                                          There are regular reports on progress
                                           on delivering approved KPIs
                                          There is an approved mechanism for
                                           reviewing the continuing suitability of
                                           KPIs and for securing continuous
                                           improvement




                                      23
Examples of assurance:                      Evidenced by:
3.   The authority knows how well it is       Regular reports are presented to
     performing against its planned            members on the delivery of national,
     outcomes                                  authority, departmental and partnership
                                               performance targets
                                              Internal and external auditor‟s reports
                                               on key performance indicators
                                              Key performance indicator risk
                                               scorecards
                                              Use of Resources (PURE for police
                                               service) reviews and progress reviews
                                               against the action plans.
                                              Monitoring reports on the achievement
                                               of local performance targets in the Local
                                               Policing Plan
                                              Best Value Performance Indicators
                                              Internal performance indicators
                                              Regular budget monitoring reports
                                               (capital and revenue, current year and
                                               medium-term)
                                              Voluntary benchmarking exercises with
                                               peer groups
                                              National comparative performance
                                               measures against comparable
                                               authorities (e.g. QuAnTa data on
                                               comparative policing performance
                                               against „most similar force‟)
                                              Local Area Agreements and other
                                               strategic partnerships
                                              Balanced score card
                                              EFQM model adopted
                                              External audit/agency reports on
                                               performance (e.g. compliance with
                                               National Crime Recording Standard,
                                               HMIC reports, Police Standards Unit
                                               reports)
4.    Knowledge of absolute and relative      Monitoring reports are regularly
      performances achieved is used to         presented to the appropriate committee
      support decisions that drive            The reports include detailed
      improvements in outcomes                 performance results, both absolute and
                                               relative to peer authorities, a clear
                                               indication of below target, on target and
                                               at, or above, target results, highlighting
                                               areas where corrective action is
                                               necessary
                                              Committee reports on below par
                                               performance include „SMART‟ action
                                               plans to improve performance
                                              Performance targets in subsequent
                                               corporate and departmental and/or
                                               service business plans are revised in the
                                               light of actual performance
                                              Continuous improvement is strived for
                                               by increasing the difficulty of
                                               performance targets when they have
                                               been met over a period (e.g.
                                               movements on KPI results)




                                           24
Examples of assurance:                        Evidenced by:
4.      Knowledge of absolute and relative      Performance trends are established and
        performances achieved is used to         reported upon over the medium term
        support decisions that drive             and are fed into the corporate and
        improvements in outcomes                 departmental and/or service planning
(continued)                                      process and into the planning process of
                                                 key partnerships
                                                Performance targets are adjusted in the
                                                 light of the performances of peer
                                                 authorities
5.    The authority continuously improves       The performance management systems
      its performance management                 are regularly reviewed and updated to
                                                 take account of changes in
                                                 organisational structure, new
                                                 performance measurement frameworks
                                                 (i.e. new Government initiatives, new
                                                 internal performance measures etc) and
                                                 other factors
                                                The performance management
                                                 arrangements are revised in line with
                                                 external or internal review of the
                                                 arrangements
                                                Performance management
                                                 arrangements are reviewed to
                                                 assimilate new techniques and/or
                                                 technology e.g. developments in
                                                 performance management information
                                                 systems
                                                Performance management
                                                 arrangements are developed and
                                                 monitored in relation to key
                                                 partnerships




                                             25
Step 1 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Focusing on the purpose of the authority and on outcomes for the community and
creating and implementing a vision for the local area

The code should reflect the                        Source documents/good practice/other
requirements for local authorities to:             means that may be used to
                                                   demonstrate compliance
1.   develop and promote the authority‟s           The Code is used as a basis for:
     purpose and vision                            corporate and service planning
                                                   shaping the community strategy
                                                   local area or performance agreements

2.   review on a regular basis the authority‟s
     vision for the local area and its impact
     on the authority‟s governance
     arrangements

3.   ensure that partnerships are                  The Code is made available to key
     underpinned by a common vision of             partnerships
     their work that is understood and
     agreed by all parties

4.   publish an annual report on a timely          annual financial statements
     basis to communicate the authority‟s          annual business plan
     activities and achievements, its financial    formal annual report
     position and performance (not police
     service)

5.   decide how the quality of service for         This information is reflected in the
     users is to be measured and make sure         authority‟s:
     that the information needed to review         corporate plan
     service quality effectively and regularly     medium term strategy
     is available                                  resourcing plan
                                                   in order to ensure improvement

6.   put in place effective arrangements to        satisfaction surveys
     identify and deal with failure in service     complaints procedure
     delivery

7.   decide how value for money is to be           The results are reflected in authority‟s
     measured and make sure that the               performance plans and in reviewing the
     authority or partnership has the              work of the authority
     information needed to review value for        Publish environmental strategy and policy,
     money and performance effectively.            incorporating monitoring and reporting
     Measure the environmental impact of           arrangements
     policies, plans and decisions.




                                                  26
Step 2 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Members and officers working together to achieve a common purpose with
clearly defined functions and roles

The local code should reflect the                      Source documents/good practice/other
requirements for local authorities to:                 means that maybe used to demonstrate
                                                       compliance
1. set out a clear statement of the                    Constitution (where appropriate)
   respective roles and responsibilities of            record of decisions and supporting materials
   the executive and of the executive‟s
   members individually and the
   authority‟s approach towards putting
   this into practice (this is not relevant for
   the police service)

2. set out a clear statement of the                    Constitution (where appropriate)
   respective roles and responsibilities of            conditions of employment
   other authority members, members                    Member/officer protocol
   generally and of senior officers

3. determine a scheme of delegation and                scheme of delegation
   reserve powers within the constitution,             statutory provisions
   including a formal schedule of those
   matters specifically reserved for
   collective decision of the authority
   taking account of relevant legislation
   and ensure that it is monitored and
   updated when required

4. make a chief executive or equivalent                job descriptions/specification
   responsible and accountable to the                  performance management system
   authority for all aspects of operational
   management6

5. develop protocols to ensure that the                new chief executive and leader pairing
   leader and chief executive (or                      consider how best to establish and maintain
   equivalent) negotiate their respective              effective communication
   roles early in the relationship and that a
   shared understanding of roles and
   objectives is maintained7


6. make a senior officer (usually the                  Section 151 responsibilities
   section 151 officer) responsible to the             S112/114 Local Gov‟t Finance Act 1988
   authority for ensuring that appropriate             Statutory provision
   advice is given on all financial matters,           Statutory reports
   for keeping proper financial records and            budget documentation
   accounts, and for maintaining an                    job description/specification
   effective system of internal financial
   control




6
 In the police service the Chief Executive or equivalent is responsible for the operational management
of the Police Authority; the Chief Constable is responsible for the operational management of the
Force.
7
    The Authority Chair, Chief Executive, Treasurer and Chief Constable in the police service.




                                                    27
The local code should reflect the               Source documents/good practice/other
requirements for local authorities to:          means that may be used to
                                                demonstrate compliance
7. make a senior officer (other than the        monitoring officer provisions
    Responsible Financial Officer)              Statutory provision
    responsible to the authority for ensuring   job description/specification
    that agreed procedures are followed and
    that all applicable statutes, regulations
    are complied with
8. develop protocols to ensure effective        Member/officer protocol
    communication between members and
    officers in their respective roles
9. set out the terms and conditions for         Pay and conditions policies and practices
    remuneration of members and officers        Member allowances/remuneration scheme
    and an effective structure for managing
    the process including an effective
    remuneration panel (if applicable)
10. ensure that effective mechanisms exist
    to monitor service delivery
11. ensure that the organisation‟s vision,          Vision, strategy, corporate plans, budgets,
    strategic plans, priorities and targets         performance plan/regime
    are developed through robust                    Communication/consultation strategies
    mechanisms, and in consultation with
    the local community and other key
    stakeholders, and that they are clearly
    articulated and disseminated
12. when working in partnership ensure            Protocols for partnership working. For each
    that members are clear about their            partnership there is:
    roles and responsibilities both                 a clear statement of the partnership
    individually and collectively in relation        principles and objectives
    to the partnership and to the authority         clarity of each partner‟s role within the
                                                     partnership
                                                    definition of roles of partnership board
                                                     members
                                                    line management responsibilities for
                                                     staff who support the partnership
                                                    a statement of funding sources for joint
                                                     projects and clear accountability for
                                                     proper financial administration
                                                    a protocol for dispute resolution within
                                                     the partnership
                                                (NB from special report „ Local Partnerships
                                                and Citizen Redress by LGO )
                                                Code of Corporate Governance is made
                                                available to all key partner organisations
                                                (See also appendix B1 & B2 of this rough
                                                guide – Partnerships suggested approach
                                                and determination)
13. when working in partnership:                Partnership agreement sets out legal status
    - ensure that there is clarity about the    and authority to make binding decisions
    legal status of the partnership             and/or financial commitments
    - ensure that representatives or
    organisations both understand and           Key partnership agreements are in line with
    make clear to all other partners the        codes of corporate governance
    extent of their authority to bind their
    organisation to partner decisions.




                                               28
Step 3 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Promoting values for the authority and demonstrating the values of good
governance through upholding high standards of conduct and behaviour

The local code should reflect the                   Source documents/good practice/other
requirements for local authorities to:              means that may be used to
                                                    demonstrate compliance
1.   ensure that the authority‟s leadership         Reports are compliant with statute re what
     sets a tone for the organisation by            can be deemed to be confidential
     creating a climate of openness, support        Decisions are made openly by the authority
     and respect


2.   ensure that standards of conduct and           members/officers code of conduct
     personal behaviour expected of                 performance management system
     members and staff, of work between             performance appraisal
     members and staff and between the              complaints procedures
     authority, its partners and the                antifraud and corruption policy
     community are defined and                      member/officer protocols
     communicated through codes of conduct          protocols and codes shared with           key
     and protocols                                  partners


3.   put in place arrangements to ensure            standing orders
     that members and employees of the              codes of conduct
     authority are not influenced by                financial regulations
     prejudice, bias or conflicts of interest in    “whistle-blowing” or equivalent confidential
     dealing with different stakeholders and        reporting facility
     put in place appropriate processes to
     ensure that they continue to operate in
     practice8
4.   develop and maintain shared values             codes of conduct
     including leadership values both for the
     organisation and staff reflecting public
     expectations and communicate these
     with members, staff, the community
     and partners
5.   put in place arrangements to ensure            codes of conduct
     that procedures and operations are
     designed in conformity with appropriate
     ethical standards, and monitor their
     continuing effectiveness in practice
6.   develop and maintain an effective              terms of reference
     standards committee                            regular reporting to the authority
7.   use the organisations shared values to         decision making practices, including QA of
     act as a guide for decision making and         reports to committees and authority
     as a basis for developing positive and
     trusting relationships within the
     authority
8.   in pursuing the vision of a partnership,       protocols for partnership working
     agree a set of values against which            code of corporate governance made
     decision making and actions can be             available to all key partners
     judged. Such values must be
     demonstrated by partners‟ behaviour
     both individually and collectively.




8
  In the police service “employees” includes the Chief Constable and staff under the direction and
control of the Chief Constable.




                                                   29
Step 4 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Taking informed and transparent decisions which are subject to effective scrutiny
and managing risk
The local code should reflect the          Source documents/good practice/other
requirements for local authorities to:     means that may be used to
                                           demonstrate compliance
1. develop and maintain an effective       Scrutiny is supported by robust evidence
   scrutiny function which encourages      and data analysis
   constructive challenge and enhances
   the organisation‟s performance overall
   and of any organisation for which it is
   responsible.

Note: The police service does not have a
requirement to have a scrutiny committee
as it does not operate on a cabinet basis. It
does, however, require a scrutiny function;
this is largely the role of the Authority.

2.   develop and maintain open and                decision   making    protocols   record of
     effective mechanisms for documenting         decisions and supporting materials
     evidence for decisions and recording the     reports on which decisions are to be made
     criteria, rationale and considerations on    go through a robust QA process
     which decisions are based

3.   put in place arrangements to safeguard       Members Code of Conduct
     members and employees against                Register of gifts and hospitality
     conflicts of interest and put in place       Financial regulations
     appropriate processes to ensure that         Standing orders
     they continue to operate in practice


4.   develop and maintain an effective audit      terms of reference
     committee ( or equivalent ) which is         membership
     independent or make other appropriate        training for committee members
     arrangements for the discharge of the
     functions of such a committee

5.   put in place effective transparent and       complaints procedure
     accessible arrangements for dealing          Communication of ways of referring
     with complaints                              complaints to external bodies e.g.
                                                  Ombudsman, IPCC

6.   ensure that those making decisions           members‟ induction scheme
     whether for the authority or partnership     training for committee chairs
     are provided with information that is fit    robust QA process for all reports
     for the purpose – relevant, timely and
     gives clear explanations of technical
     issues and their implications.

7.   ensure that professional advice on           record of decision making and supporting
     matters that have legal or financial         materials
     implications is available and recorded       robust QA process for all reports
     well in advance of decision making and       protocol re reporting deadlines
     used appropriately




                                                 30
The local code should reflect the                  Source documents/good practice/other
requirements for local authorities to:             means that may be used to
                                                   demonstrate compliance
8.   ensure that risk management is                risk management strategy/protocol
     embedded into the culture of the              financial standards and regulations
     organisation , with members and               job descriptions reflect risk management
     managers at all levels recognising that       responsibilities
     risk management is part of their job          reports leading to key decisions and/or
                                                   requiring major resources include risk
                                                   assessment

9.   ensure that arrangements are in place         Whistle-blowing policy
     for whistle blowing to which staff and all    publication of policy
     those contracting with the authority
     have access (In the police service
     “staff” includes the Chief Constable and
     those under the direction and control of
     the Chief Constable)


10. actively recognise the limits of lawful        Constitution (where appropriate)
    activity placed on them by, for example        monitoring officer provisions
    the ultra vires doctrine but also strive to    Statutory provision
    utilise powers to the full benefit of their    robust QA process for all reports
    communities


11. recognise the limits of lawful action and      robust QA process for all reports
    observe both the specific requirements
    of legislation and the general
    responsibilities placed on local
    authorities by public law


12. observe all specific legislative               monitoring officer provisions
    requirements placed upon them, as well         job description/specification
    as the requirements of general law, and        Statutory provision
    in particular to integrate the key             robust QA process for all reports
    principles of good administrative law –
    rationality, legality and natural justice
    into their procedures and decision
    making processes.




                                                  31
Step 5 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Developing the capacity and capability of members and officers to be effective
The local code should reflect the Source documents/good practice/other
requirements for local authorities to:       means that may be used to
                                             demonstrate compliance
1. provide induction programmes tailored     training and development plan
   to individual needs and opportunities for induction programme
   members and officers to update their      update courses/information
   knowledge on a regular basis

2.   ensure that the statutory officers have          job description/personal specifications
     the skills, resources and support                appointment process
     necessary to perform effectively in their        membership of top management team
     roles and that these roles are properly
     understood throughout the organisation

3.   assess the skills required by members            Appraisal
     and officers and make a commitment to            training development plan
     develop those skills to enable roles to
     be carried out effectively

4.   develop skills on a continuing basis to          training and development plan reflects
     improve performance including the                requirements of a modern councillor or
     ability to scrutinise and challenge and to       member including:
     recognise when outside expert advice is                 the ability to scrutinise and
     needed                                                   challenge
                                                             the ability to recognise when
                                                              outside advice is required
                                                             advice on how to act as an
                                                              ambassador for the community
                                                             leadership and influencing skills

5.   ensure that effective arrangements are       performance management system
     in place for reviewing the performance
     of the authority as a whole and of
     individual members and agreeing an
     action plan which might for example
     aim to address any training or
     development needs

6.   ensure that effective arrangements               strategic      partnership       framework
     designed to encourage individuals from           stakeholders forums‟ terms of reference
     all sections of the community to engage          area forums‟ roles and responsibilities
     with, contribute to and participate in the       residents panel structure
     work of the authority                            targeted advertising

7.   ensure that career structures are in             succession planning
     place for members and officers to
     encourage participation and
     development




                                                 32
Step 6 – In support of Objective 1 - Apply the Six CIPFA/SOLACE Core Principles
Engaging with local people and other stakeholders to ensure robust public
accountability

The local code should reflect the                 Source documents/good practice/other
requirements to:                                  means that may be used to
                                                  demonstrate compliance
1.   make clear to themselves, all staff and      community strategy
     the community, to whom they are              engagement strategy
     accountable and for what


2.   consider those stakeholder bodies to
     whom the organisation is accountable
     and assess the effectiveness of the
     relationships and any changes required

3.   produce an annual report on scrutiny             annual report
     function activity (where relevant)


4.   ensure that clear channels of                    community strategy
     communication are in place with all              engagement strategy
     sections of the community and other              processes for dealing with competing
     stakeholders including monitoring                demands within the community
     arrangements to ensure that they
     operate effectively


5.   Hold meetings in public unless there are     Compliance with statute regarding the
     good reasons for confidentiality.            determination of confidential issues



6.   ensure arrangements are in place to          Engagement strategy
     enable the authority to engage with all      Communication strategy
     sections of the community effectively.
     These arrangements should recognise
     that different sections of the community
     have different priorities and establish
     explicit processes for dealing with these
     competing demands


7.   establish a clear policy on the types of     partnership framework
     issues they will meaningfully consult on     communication strategy
     or engage with the public and service        engagement strategy
     users including a feedback mechanism
     for those consultees to demonstrate
     what has changed as a result




                                                 33
The local code should reflect the                Source documents/good practice/other
requirements for local authorities to:           means that may be used to
                                                 demonstrate compliance
8.   on an annual basis, publish a                annual report
     performance plan giving information on       annual financial statements
     the authority‟s vision, strategy, plans      annual business plan
     and financial statements as well as
     information about its outcomes,
     achievements and the satisfaction of
     service users in the previous period.


9.   ensure that the authority as a whole is         Constitution (where applicable)
     open and accessible to the community,           Communication strategy
     service users and its staff and ensure          Engagement strategy
     that it has made a commitment to
     openness and transparency in all its
     dealings, including partnerships subject
     only to the need to preserve
     confidentiality in those specific
     circumstances where it is proper and
     appropriate to do so

10. develop and maintain a clear policy on           Constitution (where appropriate)
    how staff and their representatives are          Consultation policy, identifying recognised
    consulted and involved in decision               staff representatives and the extent to
    making.                                          which they are consulted and involved in
                                                     decision making




                                                34
Objective 2: Identify principal risks to achievement of objectives:
Step 1: In support of objective 2 – The authority has robust systems and
       processes in place for the identification and management of strategic and
       operational risk

Examples of assurance:                         Evidenced by:
1.   There is a written strategy and policy      Existence of approved strategy and
     in place for managing risk which:            policy document
           Has been formally approved at        Evidence of formal approval (e.g.
            political and risk management         management board/committee minutes)
            board (or equivalent) level          Evidence of formal review (e.g.
           Is reviewed on a regular basis        management board/committee minutes,
           Has been communicated to all          document version number and date)
            relevant staff                       Evidence of communication strategy,
           Includes partnership risks            possibly covered in strategy document
                                                 Examples of dissemination e.g.
                                                  induction, briefings, awareness
                                                  sessions, policy and strategy published
                                                  on intranet, strategic diagnostic
                                                  questionnaire results
                                                 Partnership risk registers
2.    The authority has implemented clear         Management board/committee minutes
      structures and processes for risk           Job descriptions of senior and
      management which are successfully            operational managers and corporate
      implemented and:                             risk manager
           Management board and                  Internal audit reports and external
            elected members see risk               audit comments on risk management
            management as a priority and           system
            support it by personal interest       Use of resources, CPA or PPAF review
            and input                              comments on risk management
           Decision making considers risk        Annual business plans
           A senior manager has been             Link between internal audit and risk
            appointed to “champion” risk           management functions is clearly
            management                             defined in terms of reference of internal
           Roles and responsibilities for         audit
            risk management have been             Responsibility for risk management
            defined                                function, including partnership risk
           Risk management systems are            management, is set at appropriate
            subject to independent                 senior level
            assessment                            Committee reports setting out options
           Risk management is                     for change include an appropriate risk
            considered in the annual               assessment, including the „no change‟
            business planning process              option
           Risk management extends to            The corporate business plan and
            partnership risks                      financial plan assess risks as
                                                   appropriate and in particular take
                                                   account of new and emerging risks
                                                   facing the authority
                                                  Partnership risks are assessed before
                                                   agreements are signed
3.    The authority has developed a               Systematic procedures for risk
      corporate approach to the                    identification and evaluation have been
      identification and evaluation of risk        agreed and published in a policy
      which is understood by all staff             document and are consistently applied
                                                   across all business units and
                                                   partnerships
                                                  Examples of dissemination e.g.
                                                   induction, briefings, awareness
                                                   sessions, strategic diagnostic
                                                   questionnaire results




                                              35
Examples of assurance:                        Evidenced by:
4.   The authority has well defined              Evidenced by review of risk
     procedures for recording and                 management strategy and policy
     reporting risk                              Examination of corporate and
                                                  partnership risk registers
                                                 Key risk indicators have been
                                                  determined and there is evidence of
                                                  monitoring against these risks
                                                 Evidence of regular and frequent
                                                  reporting of risk to political and
                                                  management board level
                                                 Evidence of risk based auditing being
                                                  carried out
                                                 Evidence of risks not properly
                                                  addressed identified in internal audit
                                                  reports etc being fed into the risk
                                                  management process
                                                 Environmental scanning reports are fed
                                                  into the risk management process so as
                                                  to identify new and emerging risks
5.    The authority has well-established         Evidence that the authority‟s policy for
      and clear arrangements for financing        risk financing is regularly reviewed in
      risk                                        the light of costs and alternative risk
                                                  mitigation strategies
                                                 All legal requirements for insurance are
                                                  met
                                                 Evidence that self-insurance provisions
                                                  are subject to annual independent
                                                  actuarial valuation and that
                                                  contributions to the fund are adjusted
                                                  accordingly
                                                 Insurance claims being managed in
                                                  accordance with „Woolf‟ principles
                                                 Evidence of monitoring the incidence of
                                                  successful and unsuccessful claims and
                                                  of feeding the results back into the
                                                  policy for risk financing accordingly
6.    The authority has developed a              Training programme for risk
      programme of risk management                management
      training for relevant staff                Training needs analysis (both specialist
                                                  staff development and general
                                                  awareness)
                                                 Regular newsletter or other means of
                                                  communicating risk management
                                                  issues to staff
                                                 Induction programme includes risk
                                                  management
                                                 Appropriate responsibilities for risk
                                                  management incorporated into job
                                                  descriptions and appraisals




                                             36
Examples of assurance:                          Evidenced by:
7.   The corporate risk management                 Corporate risk management board or
     board (or equivalent) adds value to            equivalent terms of reference
     the risk management process by:               Minutes of corporate risk management
           Advising and supporting                 board
            corporate management team              Reports to corporate management
            on risk strategies                      team
           Identifying areas of                   Low incidence of avoidable risk events
            overlapping risk                        occurring
           Driving new risk management
            initiatives
           Communicating risk
            management and sharing good
            practice
           Providing and reviewing risk
            management training
           Regularly reviewing the risk
            register(s)
           Coordinating the results for
            risk reporting
8.   A corporate risk officer has been             Job description of corporate risk officer
     appointed with the necessary skills to        Key task matrix of corporate risk officer
     analyse issues and offer options and          Evidence of the corporate risk officer
     advice and:                                    reporting to corporate management
           Support decision making and             team on risk management issues
            policy formulation                     Evidence of training on current risk
           Provides support in the risk            management topics / membership of
            identification and analysis             appropriate organisations (e.g. ALARM)
            process                                Use of consultancy as appropriate
           Provides support in prioritising
            risk mitigation action
           Provides advice and support in
            determining risk treatments
           Inspires confidence in
            managers
9.   Managers are accountable for                  Evidence of manager involvement in
     managing their risks                           risk identification and analysis process
                                                   Risk owners detailed in corporate
                                                    /departmental risk register(s)
                                                   Risk owners assigned in relation to key
                                                    partnerships
                                                   Job descriptions of managers outline
                                                    their risk management responsibilities
                                                   Evidence of (at least) annual review of
                                                    risk at service/operational levels and of
                                                    partnership risks
                                                   Analysis of completed control and risk
                                                    self-assessment questionnaires




                                               37
Examples of assurance:                          Evidenced by:
10.  Risk management is embedded                   Evidence of a general risk management
     throughout the organisation                    culture at all levels
                                                   Risk management training programme
                                                   Evidence of managers involvement in
                                                    risk management aspects of business
                                                    planning
                                                   Results of strategic diagnostic survey to
                                                    ascertain the extent to which risk
                                                    management is understood by each
                                                    category of officer (senior
                                                    management, operational managers
                                                    etc) and members
11.   Risks in partnership working are fully       Evidence of risk assessments being
      considered                                    undertaken before the commencement
                                                    of major partnerships, preferably in the
                                                    report on which the decision to proceed
                                                    is based
                                                   Evidence that risk assessment are
                                                    regularly reviewed and updated during
                                                    the partnership period
                                                   Evidence that potential partners are
                                                    required to produce and submit risk
                                                    assessments
                                                   Evidence that partnership
                                                    arrangements are reviewed in terms of
                                                    risk before they are entered into and,
                                                    subsequently, that the risks are
                                                    reviewed
                                                   Evidence that there are effective
                                                    arrangements in place for risk sharing
                                                    (e.g. in the partnership contract terms
                                                    and conditions or agreement)
12.   Where employed, risk management              Evidence of risk information being
      information systems meet users‟               updated promptly
      needs                                        Review of accuracy and usefulness of
                                                    output from information systems
                                                   Evidence that users were/are consulted
                                                    on initial implementation and further
                                                    development
                                                   Interviews with users to assess
                                                    suitability of the system for their needs




                                               38
Objective 3: Identify and evaluate key controls to manage principal risks:
Step 1: In support of objective 3 – The authority has robust system of internal
       control which includes systems and procedures to mitigate principal risks

Examples of assurance:                         Evidenced by:
1.   There are written financial                 Financial regulations and instructions
     regulations in place which have been         exist & are reviewed & updated
     formally approved, regularly                 regularly
     reviewed and widely communicated            Evidence of formal approval
     to all relevant staff:                      Examples of dissemination e.g.
            Authority has adopted CIPFA          induction, briefings, awareness
             code on Treasury Management          sessions, accessible in finance manuals
            Compliance with the Prudential       and/or on intranet site
             Code                                Reports to audit committee or
                                                  equivalent confirming compliance or
                                                  identifying extent of non-compliance
                                                  with regulations and instructions
                                                 Report approving annual treasury
                                                  management and investment strategy
                                                 Outturn report on treasury mgt.
                                                 External audit assessment of
                                                  compliance with Prudential Code
                                                 Results of Use of Resources (or PURE)
                                                  assessment of internal control KLOEs
2.    There are written contract standing        Standing orders exist, are reviewed and
      orders in place which have been             updated regularly to cover new
      formally approved, regularly                procedures such as partnering
      reviewed and widely communicated            arrangements and on-line tendering
      to all relevant staff                      Evidence of formal approval
                                                 Examples of communication and
                                                  dissemination e.g. induction, briefings,
                                                  awareness sessions, accessible in
                                                  finance manuals and/or on intranet site
3.    There is a whistle blowing policy in       Whistle blowing policy exists and has
      place which has been formally               been reviewed and updated regularly
      approved, regularly reviewed and           Evidence of formal approval
      widely communicated to all relevant        Examples of communication and
      staff                                       dissemination e.g. induction, briefings,
                                                  awareness sessions, accessible on
                                                  website and intranet site
                                                 Evidence of effectiveness of policy (e.g.
                                                  reports on incidence of usage, evidence
                                                  on annual declarations on fraud to Audit
                                                  Commission)
4.    There is a counter fraud and               Counter fraud and corruption policy
      corruption policy in place which has        exists and has been reviewed and
      been formally approved, regularly           updated regularly
      reviewed and widely communicated           Evidence of formal approval
      to all relevant staff                      Examples of dissemination (briefings,
                                                  induction, awareness sessions,
                                                  accessible on website and intranet site)
                                                 Evidence of effectiveness of policy (e.g.
                                                  reports on identified frauds; annual
                                                  AF70 returns to Audit Commission,
                                                  reports on results of National Fraud
                                                  Initiatives)
                                                 Review of register of gifts and
                                                  hospitality




                                              39
Examples of assurance:                          Evidenced by:
5.   There are codes of conduct in place          Codes of conduct have been agreed,
     which have been formally approved             including national schemes (e.g. police
     and widely communicated to all                officers)
     relevant staff                               Evidence of formal approval
                                                  Examples of dissemination e.g.
                                                   induction, briefings, awareness
                                                   sessions, accessible on intranet site
6.    A register of interests is maintained,      Inspection of register of interests
      regularly updated and reviewed               (members and staff)
                                                  Evidence of regular updating and review
                                                   by senior officer(s)
7.    Where a scheme of delegation has            Scheme of delegation incorporates
      been drawn up, it has been formally          adequate controls and sanctions
      approved and communicated to all            Evidence of formal approval
      relevant staff                              Examples of communication and
                                                   dissemination e.g. induction, briefings,
                                                   awareness sessions, accessible on
                                                   intranet site
                                                  Regular reports on the operation of the
                                                   scheme (e.g. compliance, budget
                                                   monitoring, year-end balances)
8.    A corporate procurement policy has          Procurement policy exists and has been
      been drawn up, formally approved             reviewed and updated regularly to take
      and communicated to all relevant             account of new initiatives e.g. drive
      staff                                        towards wider consortia arrangements,
                                                   shared services
                                                  Evidence of formal approval
                                                  Examples of dissemination e.g.
                                                   induction, briefings, awareness
                                                   sessions, accessible on intranet site
                                                  Evidence of effectiveness of policy (e.g.
                                                   benchmarking results, best value
                                                   review, internal/ external audit review)
9.    Business/service continuity plans            Current business/service continuity
      have been drawn up for all critical           plans exist covering all critical service
      service areas and the plans:                  areas and are readily accessible
           Are subject to regular testing         Evidence of regular testing
           Are subject to regular review          Evidence of regular review in the light
                                                    of the results of testing and for changes
                                                    in structures, procedures, information
                                                    systems, responsibilities etc
10.   The corporate/departmental risk              Risk register sets out principal risks and
      register(s) includes expected key             sets out appropriate key controls to
      controls to manage principal risks            manage them.
                                                   Key controls are monitored, reviewed
                                                    and updated regularly
                                                   Use of risk management workshops to
                                                    underpin the process and review of
                                                    register and key controls
                                                   Risk owners are assigned to manage
                                                    principal risks
                                                   Partnership risks are considered




                                               40
Examples of assurance:                        Evidenced by:
11.  Key risk indicators have been drawn         Appropriate key risk indicators are
     up to track the movement of key              documented
     risks and are regularly monitored and       Evidence of regular monitoring
     reviewed.                                   Evidence of changes in risk indicators
                                                  (and reasons for change) emanating
                                                  from appropriate information sources
                                                  (e.g. where internal audit findings are
                                                  used to change the perceived level of
                                                  risk)
12.   The authority‟s internal control           Internal audit plans and reports
      framework is subject to regular            Annual report/opinion of Head of
      independent assessment                      Internal Audit
                                                 External audit reports
                                                 Use of Resources/PURE assessment
                                                  reports
13.   A corporate health and safety policy       Health & safety policy exists and has
      has been drawn up, formally                 been reviewed and updated regularly
      approved, is subject to regular            Policy covers partnerships
      review and has been communicated           Evidence of formal approval
      to all relevant staff                      Examples of dissemination e.g.
                                                  induction, briefings, awareness
                                                  sessions, inclusion of policy on website
                                                  and intranet site
                                                 Evidence of effectiveness of policy e.g.
                                                  number of cases investigated by Health
                                                  & Safety Executive – and the number
                                                  of cases proven
                                                 Review of number of reported
                                                  incidences and „near misses‟
14.   A corporate complaints                     Complaints policy/procedure exists and
      policy/procedure has been drawn up,         has been reviewed and updated
      formally approved, communicated to          regularly
      all relevant staff, the public and         Procedure is compliant with all relevant
      other stakeholders is regularly             statutory requirements
      reviewed                                   Evidence of formal approval
                                                 Examples of dissemination e.g.
                                                  induction, briefings, awareness
                                                  sessions, inclusion of policy on website
                                                  and intranet site
                                                 Leaflets/posters highlighting complaints
                                                  procedure
                                                 Complaints files
                                                 Committee reports summarising
                                                  complaints dealt with analysed by
                                                  outcome




                                             41
Objective 4: Obtain assurance on the effectiveness of key controls:
Step 1: In support of objective 4 – Appropriate assurance statements are
        received from designated internal and external assurance providers:
            The authority has identified appropriate sources of assurance
            Appropriate external assurances are identified and obtained

Examples of assurance:                        Evidenced by:
1.   The authority has determined                 Minutes of committee at which report
     appropriate internal and external             on assurances was considered
     sources of assurance                         Sources of assurance are appropriate to
                                                   the authority
2.    Appropriate key controls on which           Briefing notes, guidance, instructions
      assurance is to be given have been           etc given to appropriate managers
      identified and agreed                        regarding what is expected of them
3.    Departmental assurances are                 Departmental heads sign off on
      provided                                     adequacy of controls (i.e. provide
                                                   annual governance assurance
                                                   statements)
                                                  Supporting documentation provided by
                                                   departmental heads re review and
                                                   monitoring arrangements that key
                                                   controls have been in operation for the
                                                   period and will continue to operate until
                                                   accounts signed off.
                                              (Structured process and standard
                                              documentation to ensure consistency of
                                              coverage and common understanding of
                                              level of assurance given)
                                                  Completed Control & Risk Self-
                                                   Assessment questionnaires
                                                  Annual governance assurance
                                                   statements evaluated by officer team
                                                   or committee charged with the
                                                   responsibility of preparing the AGS.
                                                   Evaluation to include „reality checking‟
                                                   of sample of assurance statements
4.    External assurance reports are             Sources of external assurance relevant
      collated centrally                          to authority are identified and agreed,
            Reports are reviewed by              including partnerships
             relevant senior management          External assurance reports will vary
             team and reported to                 according to type of authority and could
             appropriate committee                include comment and input from the
            Action plans are prepared and        following (the list is not exhaustive):
             approved as appropriate             Audit Commission
            Follow up reports on                External Auditor (either from direct
             recommendations are                  audit work or from work jointly
             requested and reviewed by            commissioned)
             relevant senior management          Social Services Inspectorate
             team and progress is regularly      Use of Resources assessment
             reported to relevant committee      PURE assessment (police service)
                                                 Best Value Reviews
                                                 HMIC
                                                 Police Standards Unit
                                                 Home Office commissioned reports
                                                 Senior management team minutes
                                                 Follow up reports to appropriate
                                                  committee




                                           42
Examples of assurance:                     Evidenced by:
5.   Internal Audit Arrangements             Reports of Head of Internal Audit to
                                              audit committee or equivalent
                                              throughout the year
                                             Annual report of Head of Internal Audit,
                                              including opinion on internal control and
                                              risk management framework
6.    Corporate Governance Arrangements      Annual corporate governance assurance
                                              statement
                                             Internal or external audit review of
                                              corporate governance arrangements
                                             Monitoring reports to committee on
                                              delivery of action plans in response to
                                              reviews of corporate governance
7.    Performance monitoring                 Annual and in-year reports on delivery
      arrangements                            of key performance indicators by
                                              internal and/or external review agencies




                                          43
Objective 5: Evaluate assurances and identify gaps in control/ assurances:
Step 1: In support of objective 5 – The authority has made adequate
        arrangements to identify, receive and evaluate reports from the defined
        internal and external assurance providers to identify areas of weakness in
        controls
Examples of assurance:                        Evidenced by:
1.    Responsibilities for the evaluation of    Minutes of committee meetings
      assurances are clearly defined            Training plans
      throughout the organisation.              Job descriptions
                                                Committee terms of reference
2.    Mechanism established for collecting       Terms of reference and key
      governance assurances                       responsibilities
            Overall responsibility allocated    Record of assurances required and
             to governance senior officer         received is held and is complete
             group                               Approved written guidance re
            Required assurances are              evaluation procedure
             agreed and recorded                 Scoring matrix/methodology (Not all
            Central record of all                assurances are suitable for grading;
             assurances (either evidence          many will be subjective anyway. Key
             file, or showing clear link to       points are that there is a consistent and
             where evidence is held)              reliable assessment process and that
            Clear guidance as to evaluation      the conclusions drawn are in line with
             procedure including assurance        the evidence produced)
             over risks, independence and        An agreed timetable, allowing for in-
             objectivity of assurances            year evidence gathering and
            Defined evaluation mechanism         assessment and for the period between
            Timetable for completion by          the year-end and the date of the
             statutory deadline                   governance assurance statement
            Gap assessment – performed           (timetable driven by that for the
             and challenged                       production of the annual statement of
                                                  accounts)
                                                 Gap assessment results and actions
                                                  arising
                                                 Minutes of meetings
                                                 Annual report of Head of Internal Audit
                                                  – including opinion on internal control
                                                  and risk management framework
                                                 Reports of external auditor and other
                                                  external review agencies




                                            44
Objective 6: Action plan to address weaknesses and ensure continuous
                improvement of the system of corporate governance:
Step 1: In support of objective 6 – There is a robust mechanism to ensure that an
        appropriate action plan is agreed to address identified control weaknesses
        and is implemented and monitored
Examples of assurance:                     Evidenced by:
1.    An action plan is drawn up and           Prioritised action plan, setting out
      approved                                  actions, responsibilities and timescales,
                                                approved at appropriate level
                                               Minutes
2.    All actions are „SMART‟:                 Each action on prioritised action plan is
            Specific                           compliant with „SMART‟ test
            Measurable
            Achievable
            Realistic
            Time-bound
3.    Actions communicated and                 Responsibilities for each action are
      responsibilities assigned                 defined in action plan
                                               Evidence of distribution of action plan
                                                to those who require it
4.    Implementation timescales agreed         Target dates included in action plan
5.    Ongoing review of progress and of        Timetabled reviews
      continuing appropriateness of action     Minutes
                                               Progress reports
                                               Internal audit or other review of
                                                implementation of agreed actions




                                           45
Objective 7: Annual Governance Statement:
Step 1: In support of objective 7 – An Annual Governance Statement has been
       drafted in accordance with the statutory requirements and timetable set
       out in the Accounts and Audit Regulations 2003, as revised by the
       Accounts and Audit (Amendment) (England) Regulations 2006, and is in
       accordance with CIPFA guidance.
Examples of assurance:                      Evidenced by:
1.    Responsibility for the compilation of    Documented key responsibilities
      the Annual Governance Statement          Minutes
      has been assigned to a team drawn
      from appropriate disciplines and
      having sufficient seniority
2.    There is an Annual Governance            Annual Governance Statement
      Statement production timetable that       timetable is linked to that for the
      meets the statutory deadline              preparation of statutory accounts
3.    The Annual Governance Statement is       Terms of reference assigned to senior
      reviewed, challenged and approved         officers group
      by the authority                         Annual Governance Statement is
                                                compliant with CIPFA guidance
                                               Minutes
4.    The Annual Governance Statement          Format of Annual Governance
      incorporates all the required             Statement clearly incorporates required
      elements of the statement on              elements of the statement on internal
      internal control                          control
                                               Annual Governance Statement is
                                                prepared by a senior officer group
                                                under terms of reference defined by the
                                                authority
                                               Statutory timetable is followed




                                          46
Objective 8: Report to cabinet / executive committee:
Step 1: In support of objective 8 – An annual report to the authority (or
       delegated committee) on the Annual Governance Statement is presented,
       in accordance with the CIPFA pro forma
Examples of assurance:                        Evidenced by:
1.    Responsibility for reporting is clearly    Initial report explaining the
      defined                                     requirement to produce an annual
                                                  governance statement incorporating
                                                  the SIC should establish the reporting
                                                  arrangements / responsibilities of all
                                                  involved and set out who should sign
                                                  the annual governance assurance
                                                  statement after approval by the
                                                  authority or designated committee
                                                 Reports identifying any changes to
                                                  initial arrangements
2.    The signatories to the annual              As above
      governance statement and SIC are
      defined and are appropriate in
      accordance with statutory
      requirements (i.e. Most senior officer
      and most senior member of the
      organisation)
3.    The report is likely to be published in    Assessment of the current position in
      a timely fashion with the statutory         relation to the statutory deadline
      accounts




                                           47
                                                                 APPENDIX B1


Partnerships – Suggested Approach and Determination

Introduction
It is clear that the need for a statement on governance must encompass an
organisation‟s partnership activities, but it is not always clear how the body
should address the issue.
This section seeks to clarify the issues that the body should consider, and set out
ways in which appropriate assurance can be obtained and evidenced.
The starting point is a risk-based assessment of the key partnerships, which will
lead to an understanding of the appropriate level of assurance for each
partnership.
This leads on to a variety of possible sources of assurance, depending on the
individual circumstances of each partnership.


Definition
There are various definitions of “partnership”. For governance purposes, it should
be taken as embracing any joint working arrangement with other bodies,
whatever their formal status.
When assessing the need to review governance in these arrangements, the
crucial issue is the extent to which failure of the “partnership” could have a
detrimental impact on the organisation.


Control environment
There are some basic needs within the organisation itself for partnership
governance. As a minimum, it should have:
      defined what a partnership is;
      assessed and ranked risks for partnerships (see suggested matrix at
       Appendix B2);
      produced a    regularly-updated    list   of partnerships, highlighting key
       partners;
      defined its policy for partnerships (including such matters as a formal
       assessment or “gateway” process, option appraisals, and definition of
       mutual responsibilities);
      means to ensure that, where appropriate, partners have formal
       governance arrangements. A pack of standard policies and processes that
       partners may adopt might save a lot of time and concern in developing
       their own and thus simplify the definition and review of partners‟
       governance arrangements;
      a process to ensure that partnerships are (and remain) relevant to the
       organisation‟s goals;
      mechanisms to monitor and actively manage the performance of key
       partnerships;
      a risk register of partnerships and issues arising from them; and




                                         48
      a process for reviewing the delivery of benefits, and taking appropriate
       action to alter or end agreements if they are not achieving the intended
       goals


Assessing the key partnerships
Each organisation should review all its partnerships to assess which are key to its
operation, and which are more minor (see matrix at Appendix B2)
This should include consideration of service provision and reputation as well as
financial matters, and may require input from a number of different areas within
the organisation.
The treatment of individual partnerships can then reflect the significance that it
has in the organisation‟s overall service planning and delivery.


Sources of assurance
The most obvious conclusion for many of the smaller partnerships is that the
optimum course is not to seek any assurance, and to bear the risk of control
failures. Organisations should see this as a positive approach, allowing them to
concentrate resources on more important areas carrying higher risks.
The organisation‟s existing outcome monitoring processes provide a good level of
assurance, especially if they extend to a review of the systems and controls
involved in producing the outcomes.
This can be especially powerful as a mechanism if the partnership agreement has
been set up using an off-the-shelf, purpose-designed set of governance controls,
which the organisation offers to all partners if they do not already have such
controls. Such ready-made documents also allow a simple check of existing
partner controls.
The authority may choose to seek a “letter of comfort” or other assurance from
either the partner‟s governing body or its audit committee.
Similarly, the authority may wish to obtain assurance from the partner‟s auditors.
The assurances given under either of these mechanisms should be subjected to a
risk-assessed scrutiny to determine the extent to which they will give real insight
into the state of governance in the partner body.
Finally, if there are no other practical routes to gaining assurance of sound
governance, it may be necessary for the authority‟s own internal audit service to
carry out a review of arrangements.
It will always be easier to gain the necessary level of assurance if the partnership
agreement requires “open book” arrangements, so that the authority can obtain
any evidence it requires without the need for possibly protracted negotiations.
“Open book” arrangements are best practice for an organisation‟s key
partnerships.


Internal audit methodology
It may be helpful to indicate areas that an internal audit review might cover,
although the list is not exhaustive. The same areas, of course, should be covered
by externally-provided assurances, and the list below might be used as a
completeness check for all forms of assurance evidence.




                                        49
It will always be important to use a risk-based approach, drilling down and
making decisions about which areas are material and require fuller cover, and
which can safely be left alone.
Partner selection
      Was the partner selection process robust, with costed option appraisal?
      Was partner selection transparent?
      Are the partner‟s aims aligned to the organisation‟s priorities for the
       partnership?
      Does the business case stack up in terms of agreed aims and added value?
Partnership agreement
      Does a formal written agreement between partners exist?
      Is a clear understanding of mutual goals (shared vision) embedded in the
       agreement?
      Is there a clear record of who does what and how it will be monitored,
       giving specific roles and responsibilities for each partner?
      Are the arrangements for risk ownership and cost of transferring risk
       defined?
      Is there a risk register and action/monitoring plan?
      What are the governance arrangements (are they proportionate to risk
       and the cost of control)?
      Does the agreement specify the mechanism for releasing payments
       robustly and clearly?
      Have performance indicators been agreed; are they adequate; and do
       both partners monitor them?
      Are agreed outputs linked to payments?
      Are   there    robust   arrangements     for   sharing   profits/losses   or
       surplus/deficits?
      Have business continuity arrangements been considered?
      Is the mechanism for measuring the success of the partnership defined?
      What arrangements are there to review benefit realisation – do they go
       back to the business case and shared goals?
      Does the agreement provide for an appropriate exit strategy?
      Does the agreement specify the arrangements for allocating assets and
       liabilities, e.g. staffing costs, on termination of the partnership?


Monitoring and review
      Does the organisation ensure it fulfils its own agreed responsibilities for
       the partnership?
      Are dates set for partnership review, and possible renegotiation of the
       agreement?
      Is there an “open book” review of costs incurred by partner?
      Does the partner‟s internal auditor provide any assurance as part of the
       agreement?
      Are there clear and robust arrangements for dispute resolution?
      Has the organisation learned from previous partnership problems?
      Do the arrangements lead to timely awareness of things going wrong?




                                        50
      Does the organisation have the will and the formal right to withdraw from
       partnerships if they are unsuccessful (including business continuity
       arrangements)?



In considering these issues, practitioners should take account of the cost of
control in relation to risks and benefits.




                                      51
                                                       APPENDIX B2

Partnerships – Significance Assessment Scorecard

The determination of what a significant partner is should be determined
by the authority. There will be a number of factors that will need
considering when making this determination and by way of supporting the
authority with this, Leeds City Council has compiled an assessment
scorecard that looks at some key characteristics.

The link below is to an excel spreadsheet and some assessment questions
that covers these determination parameters


http://intranet.ipf.com/library/default_view.asp?content_ref=59
95




                                  52
                     COMPARISON BETWEEN THE SIC AND THE AGS                                                              APPENDIX C
                  SIC                                                                            AGS
1. SCOPE OF RESPONSIBILITY            Scope of responsibility
[The authority] is responsible for ensuring that its         [The authority] is responsible for ensuring that its business is conducted
business is conducted in accordance with the law and         in accordance with the law and proper standards, and that public money
proper standards, and that public money is                   is safeguarded and properly accounted for, and used economically,
safeguarded and properly accounted for, and used             efficiently and effectively. [The authority] also has a duty under the Local
economically, efficiently and effectively. [The authority]   Government Act 1999 to make arrangements to secure continuous
also has a duty under the Local Government Act 1999          improvement in the way in which its functions are exercised, having
to    make    arrangements     to    secure    continuous    regard to a combination of economy, efficiency and effectiveness.
improvement in the way in which its functions are
exercised, having regard to a combination of economy,        In discharging this overall responsibility, [the authority] is responsible for
efficiency and effectiveness.                                putting in place proper arrangements for the governance of its affairs,
                                                             facilitating the effective exercise of its functions, and which includes
In discharging this overall responsibility, [the             arrangements for the management of risk.
authority] is also responsible for ensuring that there is    [The authority] has approved and adopted a code of corporate
a sound system of internal control which facilitates the     governance, which is consistent with the principles of the CIPFA/SOLACE
effective exercise of [the                                   Framework Delivering Good Governance in Local Government.
authority‟s] functions and which includes arrangements       A copy of the code is on our website at […] or can be obtained from [...].
for the management of risk.                                  This statement explains how [the authority] has complied with the code
                                                             and also meets the requirements of regulation 4(2) of the Accounts and
                                                             Audit Regulations 2003 as amended by the Accounts an Audit
                                                             (Amendment) (England) Regulations 2006 in relation to the publication of
                                                             a statement on internal control.




                                                                    53
                      COMPARISON BETWEEN THE SIC AND THE AGS                                                         APPENDIX C
                   SIC                                           AGS
2. THE PURPOSE OF THE SYSTEM OF        The purpose of the governance framework
INTERNAL CONTROL
The system of internal control is designed to manage        The governance framework comprises the systems and processes, and
risk to a reasonable level rather than to eliminate all     culture and values, by which the authority is directed and controlled and
risk of failure to achieve policies, aims and objectives;   its activities through which it accounts to, engages with and leads the
it can therefore only                                       community. It enables the authority to monitor the achievement of its
provide reasonable and not absolute assurance of            strategic objectives and to consider whether those objectives have led to
effectiveness. The system of internal control is based      the delivery of appropriate, cost effective services.
on an ongoing process designed to identify and              The system of internal control is a significant part of that framework and
prioritise the risks to the achievement of [the             is designed to manage risk to a reasonable level. It cannot eliminate all
authority‟s] policies, aims and objectives, to evaluate     risk of failure to achieve policies, aims and objectives and can therefore
the likelihood of those risks being realised and the        only provide reasonable and not absolute assurance of effectiveness. The
impact should they be realised, and to manage them          system of internal control is based on an ongoing process designed to
efficiently, effectively and economically.                  identify and prioritise the risks to the achievement of [the authority‟s]
                                                            policies, aims and objectives, to evaluate the likelihood of those risks
                                                            being realised and the impact should they be realised, and to manage
The system of internal control has been in place at [the    them efficiently, effectively
authority] for the year ended 31 March 200x and up to       and economically.
the date of approval of the annual report and accounts.
                                                            The governance framework has been in place at [the authority] for the
                                                            year ended 31 March 200x and up to the date of approval of the [annual
                                                            report] and statement of accounts.




                                                                  54
                     COMPARISON BETWEEN THE SIC AND THE AGS                                                            APPENDIX C
                  SIC                                          AGS
3. THE INTERNAL CONTROL ENVIRONMENT   The governance framework
Describe the key elements of the internal control           Describe the key elements of the systems and processes that comprise
environment, including:                                     the authority‟s governance arrangements including arrangements for:
                                                            •• identifying and communicating the authority‟s vision of its purpose and
● establishing and monitoring the achievement of the        intended outcomes for citizens and service users
authority‟s objectives                                      •• reviewing the authority‟s vision and its implications for the authority‟s
● the facilitation of policy and decision-making            governance arrangements
● ensuring compliance with established policies,            •• measuring the quality of services for users, for ensuring they are
procedures, laws and regulations                            delivered in accordance with the authority‟s objectives and for ensuring
– including how risk management is embedded in the          that they represent the best use of resources
activity of the authority, how leadership is given to the   •• defining and documenting the roles and responsibilities of the
risk management process, and how staff are trained or       executive, nonexecutive, scrutiny and officer functions, with clear
equipped to manage risk in a way appropriate to their       delegation arrangements and protocols for effective communication
authority and duties                                        •• developing, communicating and embedding codes of conduct, defining
● ensuring the economical, effective and efficient use      the standards of behaviour for members and staff
of resources, and for securing continuous improvement       •• reviewing and updating standing orders, standing financial
in the way in which its functions are exercised, having     instructions, a scheme of delegation and supporting procedure
regard to a combination of economy, efficiency and          notes/manuals, which clearly define how decisions are taken and the
effectiveness as required by the Best Value duty            processes and controls required to manage risks
● the financial management of the authority and the         •• undertaking the core functions of an audit committee, as identified in
reporting of financial management, and                      CIPFA‟s Audit Committees – Practical Guidance for Local Authorities
● the performance management of the authority and           •• ensuring compliance with relevant laws and regulations, internal
the reporting of performance management.                    policies and procedures, and that expenditure is lawful
                                                            •• whistle-blowing and for receiving and investigating complaints from
                                                            the public
                                                            •• identifying the development needs of members and senior officers in
                                                            relation to their strategic roles, supported by appropriate training
                                                            •• establishing clear channels of communication with all sections of the
                                                            community and other stakeholders, ensuring accountability and
                                                            encouraging open consultation




                                                                   55
                        COMPARISON BETWEEN THE SIC AND THE AGS                         APPENDIX C
                     SIC                                             AGS
4. REVIEW OF EFFECTIVENESS               •• incorporating good governance arrangements in respect of
[The authority] has responsibility for conducting, at       partnerships and other group working as identified by the Audit
least annually, a review of the effectiveness of the        Commission‟s report on the governance of partnerships,(ref 7) and
system of internal control. The review of the               reflecting these in the authority‟s overall governance arrangements.
effectiveness of the                                        (ref7). Governing Partnerships: Bridging the Accountability Gap, Audit
system of internal control is informed by the work of       Commission, 2005.
the internal auditors and the executive managers            Review of effectiveness
within the authority who have responsibility for the        [The authority] has responsibility for conducting, at least annually, a
development                                                 review of the effectiveness of its governance framework including the
and maintenance of the internal control environment,        system of internal control. The review of effectiveness is informed by the
and also by comments made by the external auditors          work of the executive managers within the authority who have
and other review agencies and inspectorates.                responsibility for the development and maintenance of the governance
Describe the process that has been applied in               environment, the Head of Internal Audit‟s annual report,
maintaining and reviewing the effectiveness of the          and also by comments made by the external auditors and other review
system of internal control, including some comment on       agencies and inspectorates.
the role of:                                                Describe the process that has been applied in maintaining and reviewing
● the authority                                             the effectiveness of the governance framework, including some comment
● the executive                                             on the role of:
● the audit committee/overview and scrutiny                 •• the authority
committee/risk management committee                         •• the executive
● internal audit                                            •• the audit committee/overview and scrutiny committees/risk
● other explicit review/assurance mechanisms.               management committee
I/we have been advised on the implications of the           •• the standards committee
result of the review of the effectiveness of the system     •• internal audit
of internal control by the Authority, the executive/audit   •• other explicit review/assurance mechanisms.
committee/overview and                                      [I/we] have been advised on the implications of the result of the review
scrutiny    committee/risk    management      committee     of the effectiveness of the governance framework by [the executive/audit
(amend list as appropriate), and a plan to address          committee/overview       and     scrutiny    committee/risk   management
weaknesses and ensure continuous improvement of the         committee] (amend list as appropriate), and a plan to address
system is in place.                                         weaknesses and ensure continuous improvement of the system is in
                                                            place.




                                                                  56
                            COMPARISON BETWEEN THE SIC AND THE AGS                                               APPENDIX C
                         SIC                                                               AGS

                                                           Significant governance issues
                                                           [Include an outline of the actions taken, or proposed, to deal with
5. SIGNIFICANT INTERNAL CONTROL ISSUES                     significant governance issues.]
Include an outline of the actions taken, or proposed, to   We propose over the coming year to take steps to address the above
deal with significant internal control issues.             matters to further enhance our governance arrangements. We are
                                                           satisfied that these steps will address the need for improvements that
(Signature of Chief Executive and Leading Member and       were identified in our review of effectiveness and will monitor their
date)                                                      implementation and operation as part of our next annual review.
                                                           Signed:
                                                           ………..................……………………………………………………………………
                                                           Leading Member (or equivalent) & Chief Executive (or equivalent) on
                                                           behalf of (the authority)




                                                                 57
 IPF/FAN/BGF AGS Workshops ~ analysis of comment sheets from all workshops                                                                   APPENDIX D
                Area of concern                                                                     Solutions/actions
Corporateness - officers                                           Brief Chief Executive and management team, leader, and relevant committees, so
For many practitioners, the biggest problem was getting all the    they sign up as “champions” and agree the approach
relevant senior officers fully involved and committed to their     Build a multi-disciplinary team (led outside finance/internal audit); manage as a
rôles, in the face of other priorities. Ensuring it is no longer   project; start early and update regularly; emphasise KLOE
seen as an internal audit or a finance issue!                      Action plan agreed by Chief Executive and leader that results in real action to
Getting senior officers interested when authority may not exist    address concerns
after 1st April 2009: need a “quick and dirty”“ approach – a       Be pragmatic about unitary amalgamation: the AGS is a chance to get things right
path of least resistance                                           from the start in a new authority from 1st April 2009
Mechanics of the AGS process                                       There‟s a clear need to revise the proformas used for assurance to cover all
Delegates expressed many detailed concerns about the process       governance issues well, and to make checklists friendly, while discouraging a “tick
and the differences from the SIC. Most of the problems will be     box” response.
solved if the senior officers buy into the process                 Tying actions in to quarterly reporting processes will show members progress, and
Definition of a “significant” corporate governance issue for       ensure that tasks are completed
action plans was an issue for some
Perception of “tick box” exercise – transparency and honesty,
and a sense of perspective!
Many delegates were concerned about capacity to deliver the        Set process and timetable up early and monitor progress
AGS (& Reg 6 review) – skills, time available, cost, need to       Build into service planning & work plans at an early stage
address issues previously hidden, and the difficulty of            Identify rôles and responsibilities – this will force links to resources. Allocate tasks to
anticipating what external audit want. Specific vacancies cause    members of a corporate governance working group
real but transient issues. Capacity to deliver on action plans
                                                                   Training
also an issue




                                                                         58
 IPF/FAN/BGF AGS Workshops ~ analysis of comment sheets from all workshops                                                            APPENDIX D
               Area of concern                                                                  Solutions/actions
Review of internal audit system – method led to a lot of        Find views of internal audit at chief officer level, and conduct internal assessment
queries: some concerned about the value of any internal         (within council)
review, and others questioning the need for nay review. There   Involve audit committee (and others?) by reporting to them
was also concern about the different views of the IIA and       Consider reciprocal arrangements
CIPFA. Problems are very real when there is an external
                                                                Keep/make the review of audit effectiveness short and sharp, so that it feeds into
provider
                                                                the SIC/AGS as it is probably intended to do. Don‟t let it fall into the hands of audit
How to demonstrate effectiveness/value added?                   zealots who will make a mountain of unnecessary work for everyone else
Does the review need to be done every year? “Light touch”       Await further guidance on measuring effectiveness - meantime stay with internal
most years?                                                     self-assessment using CIPFA Code of Practice
                                                                Full review every 3 years with “light touch” in between
Partnerships                                                    Identify different types of partnership (e.g. collaboration, statutory, local); look at
Identifying what constitutes a partnership; where the           governance/accountability/transparency arrangements for each; compile a register
partnerships are; which are “key”                               (directors identify partnerships they monitor); involve LAA team and members;
How to establish details and engage partners on governance,     workshops with partners
getting appropriate assurances                                  Risk assess the partnerships: use „Leeds‟ scorecard template
Establishing benchmarks with partners                           Stipulate (appropriate for size) risk and governance arrangements
What if partners have conflicting AGS priorities?               Good performance management: redesign reporting if necessary
                                                                Include specific reference to key partnerships in local code
Getting the basics right                                        There are as many solutions as there are basic control and governance issues
A surprising number of delegates listed issues that should      expressed as difficulties. However, the general principles of sound communication,
already be embedded in all authorities: this shows the value    regularly updated training, good performance management and regular monitoring
the AGS has in driving home the importance of the basics        (including reporting problems and actually taking corrective action, and taking
(compliance with Standing Orders/Financial Regulations;         responsibility) address most issues
consistent risk/management/ financial management standards;
performance management; clarity about goals and outcomes;
communication with staff)
Some organisations are unwilling to see any shortcomings in
arrangements: others feel that continual restructure and




                                                                      59
 IPF/FAN/BGF AGS Workshops ~ analysis of comment sheets from all workshops                                                           APPENDIX D
               Area of concern                                                                  Solutions/actions
change makes embedding the gathering framework hard




Corporateness – members                                           Start the process early, and involve members in the review group, including the
A smaller number of delegates were concerned about how to         chairs of the audit and standards committees. There‟s a clear rôle for a corporate
get members involved in a meaningful way: communication is        governance group
the key, and must be continuous as members move on                Training, including “questions to ask” – so they know how and what to challenge.
A few authorities face problems with amalgamation exercises       Use IPF/others to deliver courses
                                                                  Workshops involving members/senior management/external auditors/Internal audit
                                                                  Competency and job descriptions for members.
                                                                  Members understand and accept more than officers
AGS basics                                                        Write simple (?! appropriate detail) report to explain AGS to management board and
A significant number of delegates expressed difficulty with the   members: briefing sessions: discussion of ideas to raise awareness
basic concept of an AGS – they (or their organisations) doubt     Need a really good example: learn from the private sector?
the value of reviewing governance arrangements                    Don‟t leave until June when finalising accounts makes it urgent
A less worrying concern was that there are few “good practice”    Launch local code of corporate governance; follow up with newsletter and team brief
examples available yet – so the size, content and types of
issues to include are not well-established



AGS methodology                                                   Standard format/proformas
Several delegates were concerned about the AGS process –          Request data via CMT
what to include, and how to go about it. Most of these issues     Work with corporate governance officer team, learn from SIC mistakes
will be resolved by tackling the AGS as a fully-managed           Promoting the AGS as a development tool rather than a stick to beat people with!
project, identifying risks and priorities




                                                                       60
 IPF/FAN/BGF AGS Workshops ~ analysis of comment sheets from all workshops                                                                  APPENDIX D
                Area of concern                                                                     Solutions/actions
Specific concerns were how big should the AGS be (cover
everything, or narrow focus); what is a significant issue (for
inclusion); risk of blandness (issues lost in the wording); being
seen as a paper exercise


Governance arrangements in partnerships worried a                   AGS requirements will force governance issues to be considered
number of delegates. Again, project management with clear           Develop process for managing partnerships (particularly for significant partnerships)
goals and prioritisation will tend to resolve most issues.          Local government partnerships register/board
There‟s a clear need to think through governance as well as         Consultation and discussions: evidence governance arrangements
objectives before entering a partnership – and to be ready to
                                                                    Send questionnaires out to find what partners need on governance
renegotiate if matters are really unsatisfactory
                                                                    Consult Audit Commission/external audit on level of significance
Definition of the internal audit system provided challenges.        View the review of internal audit as being subsumed within the AGS
It is clear that there‟s massive support for the CIPFA Audit        Pending final guidance from CIPFA, go for narrower definition
Panel producing a definitive scope for the system – and a lot of    Consultation on future Audit Panel proposals
concern that it should not embrace the system of internal
                                                                    Deal with the definition of the “system” through the AGS
control
                                                                    Get audit committee and chief financial officer to agree a definition
Code of governance                                                  Governance group to rethink and document the assurance framework and procedure
Some delegates were concerned that there is not yet a model         to support the AGS, and develop a code
local code of governance available. Some have adopted non-          Training for staff and members, especially the audit committee
CIPFA/SOLACE approaches, or were unsure of what to include          Make sure there IS a local Code of Governance – then the AGS can be a
in a Code in terms of key                                           straightforward review of how well the organisation applies it
Adding value (as opposed to bureaucracy) concerned                  The solution again seems to lie in performance and project management – setting
delegates. The value of the AGS will vary: need to adjust the       the goals and measuring achievement, then modifying actions as the situation
inputs so that the work is proportionate. Some worried about        changes
measuring effectiveness and value added
Ownership of SIC/AGS by heads of service - similar issues           Progress at chief officer/chief executive/leader/audit committee level, through a
to those for top managers: solutions will also be similar (top-     properly-tasked working group, and include in service planning




                                                                          61
 IPF/FAN/BGF AGS Workshops ~ analysis of comment sheets from all workshops                                                                 APPENDIX D
                Area of concern                                                                     Solutions/actions
level buy-in; inclusion of AGS work in performance                 Face-to-face discussions with heads of service Remove blame culture if officers can
management arrangements; full communication to tell people         demonstrate they are taking action on issues
why it matters)                                                    Look at best practice elsewhere so this is not a “tick box” exercise



Involving the community in the AGS – best to not make a            Involvement of external people in audit committees
big issue of the AGS, but keep it in mind for other stakeholder    2-year public opinion survey – feed results into management processes and review
work                                                               consultation strategy


Performance    management       is  an issue      for some         Involve the performance manager in the SIC/AGS group
organisations which have not embedded performance                  Periodic reports to chief finical officer, audit panel or other appropriate forum
management – stuck in a “performance reporting” timewarp
Risk  management        concerns      were    mainly     around    Develop risk management culture within services: demonstrate benefits
“embeddedness” and attitudes                                       Corporate monitoring
Review of internal audit/AGS overlap can be resolved
through project management and logical work planning
Joint working – between different tiers of local government,       Engage with other tiers locally early on: pragmatic approach
and where authorities will soon merge is a real issue for a few    Use new authority as opportunity to get things right form the start
authorities
CPA Use of Resources overlaps with the AGS for evidence: it        It would be useful to have the requirements mapped to the Use of Resources
can simply be cross-referred.                                      requirements
Understanding what the new “Standards” statement requires,
and whether there is any overlap with the AGS
No consideration of sustainability in AGS (environmental, social   To consider including
and economic issues)




                                                                         62
CIPFA is the leading professional accountancy body for public
services, whether in the public of private sectors. It provides
education and training in accountancy and financial management,
and sets and monitors professional standards. Its professional
qualification is high quality, relevant and practical, and is supported
by a range of other products and services.

The Institute of Public Finance (IPF), the commercial division of
CIPFA, provides professional services and support to public sector
organisations and managers.          Services provided include:
consultancy; training; interim management; asset management
software and services; statistical, technical and research
information services; European and international services; advisory
networks and forums.




                              IPF
                        E-mail: info@ipf.co.uk
                        Website: www.ipf.co.uk




 CROYDON          LONDON        CHESTER           EDINBURGH      
                              BELFAST

IPF is a company owned by the Chartered Institute of Public Finance and
                            Accountancy.




                                  63

				
DOCUMENT INFO