1. No category

STATEMENT OF THE CHIEF EXECUTIVE`S RESPONSIBILITIES AS

STATEMENT OF THE CHIEF EXECUTIVE'S RESPONSIBILITIES AS THE
ACCOUNTABLE OFFICER OF THE TRUST
The Secretary of State has directed that the Chief Executive should be the Accountable
Officer to the trust. The relevant responsibilities of Accountable Officers are set out in the
Accountable Officers Memorandum issued by the Department of Health. These include
ensuring that:
- there are effective management systems in place to safeguard public funds and assets and
assist in the implementation of corporate governance;
- value for money is achieved from the resources available to the trust;
- the expenditure and income of the trust has been applied to the purposes intended by
Parliament and conform to the authorities which govern them;
- effective and sound financial management systems are in place; and
- annual statutory accounts are prepared in a format directed by the Secretary of State with
the approval of the Treasury to give a true and fair view of the state of affairs as at the end
of the financial year and the income and expenditure, recognised gains and losses and cash
flows for the year.
To the best of my knowledge and belief, I have properly discharged the responsibilities set
out in my letter of appointment as an accountable officer.
nb: sign and date in any colour ink except black
Signed.........................................................................Chief Executive
Date..........................
1
STATEMENT OF DIRECTORS' RESPONSIBILITIES IN RESPECT OF THE ACCOUNTS
The directors are required under the National Health Service Act 2006 to prepare accounts
for each financial year. The Secretary of State, with the approval of the Treasury, directs
that these accounts give a true and fair view of the state of affairs of the trust and of the
income and expenditure, recognised gains and losses and cash flows for the year. In
preparing those accounts, directors are required to:
- apply on a consistent basis accounting policies laid down by the Secretary of State with the
approval of the Treasury;
- make judgements and estimates which are reasonable and prudent;
- state whether applicable accounting standards have been followed, subject to any material
departures disclosed and explained in the accounts.
The directors are responsible for keeping proper accounting records which disclose with
reasonable accuracy at any time the financial position of the trust and to enable them to
ensure that the accounts comply with requirements outlined in the above mentioned
direction of the Secretary of State. They are also responsible for safeguarding the assets of
the trust and hence for taking reasonable steps for the prevention and detection of fraud and
other irregularities.
The directors confirm to the best of their knowledge and belief they have complied with the
above requirements in preparing the accounts.
By order of the Board
nb: sign and date in any colour ink except black
..............................Date.............................................................Chief Executive
..............................Date............................................................Finance Director
2
STATEMENT ON INTERNAL CONTROL 2008/09
1.
Scope of responsibility
The Board is accountable for internal control. As Accountable Officer, and Chief Executive
of this Board, I have responsibility for maintaining a sound system of internal control that
supports the achievement of the organisation’s policies, aims and objectives. I also have
responsibility for safeguarding the public funds and the organisation’s assets for which I am
personally responsible as set out in the Accountable Officer Memorandum.
It is my role to provide leadership to the Trust and to ensure that the Trust provides safe,
effective, high quality and patient centred care.
I work in partnership with the local health and social care community and particularly with
Nottingham City and Nottinghamshire County Teaching Primary Care Trusts. I do this
formally through:
•
•
•
•
The NHS East Midlands Chief Executives’ Forum
The Nottingham Safeguarding Boards (for children and vulnerable adults) which
involves joint agency working in the area of child protection and vulnerable adults
The Local Authority Overview and Scrutiny Committee (Joint Health Scrutiny
Committee)
Nottingham City Local Implementation Network (LINk)
I am also responsible for developing and maintaining strong working relationships with the
University of Nottingham and its Medical and Nursing Faculties to help ensure that we
provide integrated patient care, teaching and research. There is a formal hospital/university
liaison committee that oversees the relationship between the two organisations and NUH is
lead sponsor for the East Midlands intellectual property hub.
2.
The purpose of the system of internal control
The system of internal control is designed to manage risk to a reasonable level rather than
to eliminate all risk of failure to achieve policies, aims and objectives; it can therefore only
provide reasonable and not absolute assurance of effectiveness. The system of internal
control is based on an ongoing process designed to:
•
•
Identify and prioritise the risks to the achievement of the organisation’s policies, aims
and objectives,
Evaluate the likelihood of those risks being realised and the impact should they be
realised, and to manage them efficiently, effectively and economically.
The system of internal control has been in place in Nottingham University Hospitals NHS
Trust for the year ended 31 March 2009 and up to the date of approval of the annual report
and accounts.
3.
Capacity to handle risk
The Trust Board has endorsed the Trust’s Risk Management Strategy [last reviewed in
March 2008], which
•
•
•
sets out the Trust’s aims in relation to managing its risks;
the adoption of an integrated approach to managing risk
defines the structures for the management and ownership of risk at all levels of the
Trust;
3
•
•
•
•
•
•
•
•
specifies the way in which risk issues are to be considered at each level of the
organisation;
promotes a common understanding of the terminology used within the Trust in
relation to risk and risk management;
defines structures and processes for gaining assurance about the management of
risk;
sets out the criteria and tools which will be used to assess risks and the definition of
specific risks as “significant”;
defines the way in which the risk register and risk evaluation criteria will be regularly
reviewed;
defines the monitoring arrangements that the Trust will use to communicate and
monitor the effectiveness of the Trust’s Risk Management structures, systems and
processes;
sets objectives for the year;
defines a set of performance indicators.
The document has been brought to the attention of staff in a number of ways;
•
•
•
4.
forms an integral part of the Trust’s corporate and clinical induction programmes
published on both the Trust internet and internal intranet websites
appropriate references to the Strategy have been included within all governance /
risk management related training programmes
The risk and control framework
Through the risk management strategy and associated risk assessment tool the Trust has
set out and documented its processes and arrangements for the structured identification and
evaluation of risk.
The processes in place within the Trust include:
•
Identifying and recording risks
•
Evaluating risks using defined criteria which are applied consistently across the
organisation
•
Communicating risks within the organisation including the level of authority at which
a risk can be accepted or managed
•
Implementing the control measures to mitigate or prevent exposure to a given risk;
•
Evaluating those controls and identifying additional controls that need to be put into
place
Criteria for the Evaluation of Risk
Within the Risk Management Strategy and Risk Assessment Tool the Trust has set out the
specific criteria that will be used to evaluate the consequence and likelihood of any given
risk. The criteria used by the Trust gives consideration to;
•
•
•
•
the impact on patients, staff, contractors and others who use or provide services on
Trust premises;
service delivery / quality of service provided;
financial consequences;
the impact of the risk on the reputation of the Trust;
4
•
•
•
the delivery of the Trust objectives;
potential audit / enforcement action;
the likelihood or probability of the risk being realised
Risk Control Mechanisms
The recording and evaluation of existing controls forms a key part of the Trust’s risk
assessment process. Where it is identified that the controls in place are inadequate or a
significant residual risk still exists then additional controls / remedial actions are identified,
recorded and implemented to further mitigate the risk to an acceptable level. Where risks
cannot be mitigated or where the benefits are felt to outweigh the potential for harm, the risk
is reported to the appropriate level of management for action or acceptance as appropriate.
As part of the Trust’s risk management process, arrangements have been prescribed that
require risks to be kept under review in order to ensure that the controls remain effective.
For all significant risks the risk assessment (including any controls) are recorded within the
Trust’s Risk Register and reported to the Trust Board through a monthly significant risk
report and a quarterly Board Assurance Framework update. At this level assurances are
sought to confirm that the risks are being adequately controlled and that ongoing monitoring
is in place.
Information Governance
Information governance is the framework by which the NHS combines the legal
requirements, standards and best practice that apply to the handling of personal
information. The Trust uses the NHS Connecting for Health Information Governance toolkit
to assess its compliance with statutory requirements and planned improvement processes
for six areas of activity:
•
•
•
•
•
•
Information governance management
Data protection and confidentiality
Information security
Clinical information
Secondary use
Corporate information
Internal audit conducted a validation exercise of the Trust’s information governance selfassessment scores for Version six of the toolkit and concluded that the Trust’s overall score
of 76% was reasonable and demonstrated a year-on year improvement, resulting in the
Trust achieving an overall ‘Green’ status. Several measures to strengthen controls around
information security outlined in the recent Cabinet Office review and report on Data Handling
were established during 2008/2009 and include:
•
•
•
The appointment of a Senior Information Risk Owner (SIRO)
Implementation of encryption software
The reporting of personal data related incidents being incorporated into the Trust’s
Serious Untoward Incident procedure and included in the Annual Report.
There were no reportable personal data related incidents recorded during 2008/2009.
Assurance Framework
Through the development of the Assurance Framework the Trust has identified the principal
risks to achieving its objectives, the key controls and systems in place to manage these
5
risks, the sources of assurance which tell us how well we are managing the risks, the
positive assurances that can be given to the Board and any gaps in control and/or
assurance. Meeting the core standards for better health is an essential part of the Trust’s
system of internal control. One of the Trust’s corporate objectives is to ensure increasing
compliance with the standards for better health and progress towards achieving this
objective is demonstrated both in the Assurance Framework and by separate reporting on
progress with implementing the standards action plan to the Trust Board.
The Trust is not fully compliant with the core standards for better health (see Section 5).
Through its corporate and directorate management arrangements and review processes the
Trust regularly reviews its risks and controls. These reviews are aggregated and reported
upwards as follows:
•
•
•
•
•
•
To Directorate and Department Governance Groups
To the Clinical and Organisational Risk Committees
To the Risk Management Committee
To the Directors’ Group
To the Audit Committee
To the Trust Board
The Trust has also received assurances from reviews by a number of external review
bodies, including:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
The Healthcare Commission Annual Healthcheck
The Healthcare Commission Follow-up Review of Children’s Services
The Healthcare Commission assessment of compliance with the Hygiene Code
The Healthcare Commission In-Patient Survey
The Healthcare Commission Staff Survey
The Audit Commission Annual Audit Letter
The Audit Commission Auditor’s Local Evaluation
The Audit Commission Annual Governance Report
The Audit Commission Review of Your Business at Risk
The Audit Commission Follow-up of Debtors and Creditors
The Audit Commission Review of Maternity Services
The Audit Commission Review of Patient and Public Involvement and Complaints
Management
The Audit Commission Review of Performance Reporting and Data Quality
Internal Audit Review of Patient Consent
Internal Audit Follow-up of Expenses
Internal Audit Follow-up of Private Patients and Overseas Visitors
Internal Audit Follow-up of Budget Setting
Internal Audit Review of 18 weeks referral to treatment data cleansing
Internal Audit Review of Patient and Carer Feedback
Internal Audit Review of Registration Authority
Internal Audit Review of Stock Management (Theatres)
Internal Audit Review of Electronic Staff Record
Internal Audit Review of Network Infrastructure
Internal Audit Review of Cardiology Non-Pay Expenditure Controls
Internal Audit Review of Stock Management (Estates)
Internal Audit Review of Recruitment
Internal Audit Review of Payment by Results
Internal Audit Follow up of Waiting List Management
Internal Audit Review of Debtors and Credit Control
6
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Internal Audit Review of Budgetary Control and Financial Reporting
Internal Audit Follow up of Electronic Mail
Internal Audit Follow-up of Pathology Systems Controls
Internal Audit Review of Pay Expenditure
Internal Audit Review of Accounting and Ledger Control
Internal Audit Review of Creditor Payments
Internal Audit I M & T Strategy and Risk Review
Internal Audit Review of Information Governance Toolkit
Internal Audit Review of Information Security Management
Internal Audit Review of Mandatory Training
Internal Audit Review of Patient Data Migration
Internal Audit Review of Procurement
Internal Audit Review of Healthcare Income
Internal Audit Review of the Asset Register
Internal Audit Review of Business Continuity Management for Computer Systems
Internal Audit Review of the Management of Incidents
Internal Audit Review of High Cost Drugs
Internal Audit Review of the Management of Incidents
Counter Fraud Reports
Independent Review of Waiting List Management by Desford Consultancy
DH Infection Control Improvement Review
Department of Health Review of Infection Control
Adult Cystic Fibrosis Peer Review
National Sentinel Audit of Stroke
Dr Foster’s Good Hospital Guide
Clinical Pathology Accreditation
National Patient Safety Agency Patient Environment Action Team Assessments
Action plans from all such reviews are agreed with timescales and lead responsibilities
made clear and monitoring arrangements put in place.
There has been an increase in the level of positive audit assurance being awarded to the
Trust during 2008/09.
The Assurance Framework, which includes an assessment of compliance with the core
standards for better health, has identified the following control and assurance issues:
•
•
•
•
•
Clinical - critical care capacity not sufficient to meet demand – business case
approved for expansion and project team in place, staff and beds being used flexibly
and vacancy controls relaxed
Clinical – reductions in healthcare associated infection have successfully been
achieved throughout the year. The Trust has plans in place to ensure these are
sustained and continually improved.
Clinical/Environmental – decontamination of medical devices, specifically in relation
to new Health Technical Memorandum standards, assessed as a potential risk area
– a business case has been approved with associated capital for upgrading
decontamination facilities, equipment and systems and processes. Planned actions
are underway.
Environmental – in order to meet the national minimum cleaning standards the Trust
has a planned investment programme over the next five years. All the high risk
areas have been addressed throughout 2008/09
Environmental – the multi-storey car park structure on the QMC campus was judged
to be unsafe during the year and consequently closed. Demolition plans are in place
7
•
•
•
•
•
Environmental – a programme of generator testing is required in order to meet
legislation and recommended guidance. A programme of testing has been agreed
and commenced
ICT - limited assurance has been given in relation to the adequacy of security of
information security management arrangements, including the encryption of
removable media. Plans have been developed and implemented to address the
identified gaps
ICT – limited assurance has been given in relation to the disaster recovery plan for
ICT, including back-up routines, storage processes and regular planned testing. The
former two issues have already been addressed and plans are in place to address
the other weaknesses identified
Performance - arrangements to ensure emergency care targets are continually met
have remained a challenge. Trust emergency care delivery performance action
plans are in place.
Patient and Carer Feedback – limited assurance has been given in relation to the
adequacy of the Trust’s patient and carer feedback arrangements. An action plan
has been agreed and fully implemented.
Internal Audit reviewed our Assurance Framework and assessed the Trust as being in Band
A, giving this opinion:
“An Assurance Framework has been established which is designed and operating to meet
the requirements of the 2009/09 Statement on Internal Control and can provide reasonable
assurance on whether the Trust has an effective system of internal control to manage its
identified principal risks.”
There are a number of ways in which public stakeholders are involved in helping manage
the risks that impact on them, including:
•
•
•
Through the risk management plan linked to the local delivery plan and consequent
service level agreements
Through the Trust’s public and patient involvement arrangements
Through the Local Authority Overview and Scrutiny Committees
Compliance with Equality, Diversity and Human Rights Legislation
Control measures are in place to ensure that all the organisation’s obligations under
equality, diversity and human rights legislation are complied with.
Compliance with NHS Pension Scheme Regulations
As an employer with staff entitled to membership of the NHS Pension Scheme, control
measures are in place to ensure all employer obligations contained within the Scheme
regulations are complied with. This includes ensuring that deductions from salary,
employer’s contributions and payments in to the Scheme are in accordance with the
Scheme rules, and that member Pension Scheme records are accurately updated in
accordance with the timescales detailed in the Regulations.
5.
Review of Effectiveness
As Accountable Officer, I have responsibility for reviewing the effectiveness of the system of
internal control. My review is informed in a number of ways. The Head of Internal Audit
provides me with an opinion on the overall arrangements for gaining assurance through the
Assurance Framework and on the controls reviewed as part of internal audit work.
8
Executive managers within the organisation who have responsibility for the development
and maintenance of the system of internal control provide me with assurance. The
Assurance Framework itself provides me with evidence that the effectiveness of controls
that manage the risks to the organisation achieving its principal objectives have been
reviewed. My review is also informed by:
•
•
•
•
•
•
•
•
•
The Audit Commission’s Annual Audit Letters
The Audit Commission’s review of specific services
The Audit Commission’s Auditor’s Local Evaluation
The Healthcare Commission’s Annual Health Check
Internal Audit risk-based audit assignments
Assessment of Trust compliance with the national standards for better health
The views of the Local Authority Overview and Scrutiny Committee
The views of the Local LINKs
The views of the Local Safeguarding Boards
I have been advised on the implications of the result of my review of the effectiveness of the
system of internal control by the following Board and Directors’ Group committees:
•
•
•
•
•
•
•
The Audit Committee
The Financial Performance and Service Efficiency Monitoring Committee
The Directors’ Group
The Risk Management Committee
The Clinical Risk Committee
The Organisational Risk and Patient Partnership Committee
The Clinical Effectiveness Committee
Plans to address weaknesses and ensure continuous improvement of the system are in
place.
The Audit Committee’s primary role is to provide assurance to me, as Accountable Officer,
and the Board, on the effectiveness of the Trust’s risk management, internal control and
governance arrangements. It is supported in this task by the work of the Audit Commission
and Internal Audit. The Board is ultimately responsible for ensuring that the necessary
processes are in place for maintaining and reviewing the effectiveness of the overall system
of internal control.
Significant Internal Control Issues
National guidance outlines significant internal control issues as:
•
•
An Assurance Framework is not in place and embedded on 31st March 2009
An Assurance Framework, or any other source, has identified a significant control
issue/issues either at the year-end, or that have been identified within the year and
corrective plans are in place/have taken place. This should be confined to strategic
control issues in line with the Department of Health SIC guidance and not detailed
operational control issues. This must include potential weaknesses that could:
-
close down a service/services
seriously prejudice or threaten the achievement of a principal objective
threaten the safety of service users
threaten the reputation of the organisation/the NHS
have significant financial implications (including one off issues and/or
concern about general financial standing)
9
My review of the effectiveness of internal control has identified that there were the following
significant control issues:
•
The Trust Board declaration on the national standards for better health included a
judgement that the Trust did not fully comply with six of the standards:
Standard
C2 – Child protection
C4b – Acquisition and use
of medical devices
C8b – Personal
development programmes
C10a – Employment
checks
C11b – Mandatory training
C20b – Environment which
supports patient privacy
and confidentiality
Reason for non compliance
Suboptimal safeguarding/child
protection training needs
analysis, and limited training
delivered to staff
Weaknesses in Med Device
training and its recording of (1)
user staff and (2) technician
(maintenance) staff. Some
associated weaknesses in
procurement and register of
necessary training .
NHS Staff Survey – Appraisal
Result showed 43% (NHS
average – 64%)
Internal Audit and Healthcare
Commission findings,
especially in relation to CRB
Policy and maintenance of
personal records
Trust information
demonstrates variable
attendance.
Internal Audit findings
The provision of facilities to
support single sex
accommodation compliance.
Action planned or taken
Action taken in Q3 & 4
Compliant at Year End
Extensive Training Needs
Analysis and training
programme. Appropriate
Policies reviewed (notably on
single use devices). Plan
compliance by Q1 2009/10
Annual plan for all staff
Regular audit of activity
IWL Campaign for staff
Action taken December 2008
Compliant at Year End
Annual plan for all staff
Regular audit of activity
Review by Audit Committee
and Internal Audit
Trust single sex action plan
published -currently being
further developed and
implemented.
£2.2 million additional funding
secured through DoH Privacy
& Dignity Challenge fund –
improvements to be
implemented by June 2009
Signed……………………………….. P Homa, Chief Executive
Date……………………….
10

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz