STATEMENT ON INTERNAL CONTROL 2006/07 KIRKLEES PRIMARY CARE TRUST 1.
Scope of responsibility
The Board is accountable for internal control. As Accountable Officer, and Chief Executive of this Board, I have responsibility for maintaining a sound system of internal control that supports the achievement of the organisation’s policies, aims and objectives. I also have responsibility for safeguarding the public funds and the organisation’s assets for which I am personally responsible as set out in the Accountable Officer Memorandum. As the accountable officer, I am responsible to the Chair and Non Executive members of the Board for the management and performance of the PCT in relation to achieving the organisation’s objectives. To enable me to discharge this responsibility there are a number of key processes that are in place by which Kirklees PCT works with the Strategic Health Authority (SHA), local NHS and Independent Sector providers and commissioners, local social care economy and other key partner organisations. The key processes that enable the discharge of responsibility and contribute to the PCTs overall accountability arrangements include: Assurance Framework PCT Integrated Governance Arrangements which include clinical and corporate governance and risk management. The Healthcare Commission’s Standards for Better Health PCT’s selfassessments which declared that other than the exclusion for Core Standard 9 the PCT was compliant with 23 of the 24 Core Standards. Further detail on this is contained within sections 3 and 4of this document. Details of the area of non compliance are set out in section 5. Local Delivery Planning Statutory reporting of the PCT’s performance Financial Management processes that meet statutory and local requirements including the Service and Financial Recovery Plan Bi-monthly reviews of the PCT’s performance against its objectives Senior Management Team meetings where Directors address the priorities of the PCT and determine appropriate actions and leadership intervention Annual Health Reporting Process Human Resources Shared Service Business Plan Contracting Management arrangements that ensure Service Level Agreements meet the needs of local residents and government priorities Quality Outcomes Framework for Independent Practitioners Arrangements for involving the public in determining local health service delivery. These have varied in relation to area of work, statutory guidance and changes in NHS agenda The partnership arrangements that make executive decisions and oversee progress towards the PCT’s objectives include: Kirklees Local Strategic Partnership
The Local Public Service Boards with Kirklees Metropolitan Borough Council, patient representatives, voluntary organisations and other key partners The present and former SHA wide Chief Executives forum that is chaired by a PCT Chief Executive The Transition Board which oversaw the formation of Kirklees PCT from the predecessor organisations of North Kirklees PCT, South Huddersfield PCT and Huddersfield Central PCT. 2.
The purpose of the system of internal control
The system of internal control is designed to manage risk to a reasonable level rather than to eliminate all risk of failure to achieve policies, aims and objectives; it can therefore only provide reasonable and not absolute assurance of effectiveness. The system of internal control is based on an ongoing process designed to: identify and prioritise the risks to the achievement of the organisation’s policies, aims and objectives, evaluate the likelihood of those risks being realised and the impact should they be realised, and to manage them efficiently, effectively and economically. The system of internal control has not been in place in Kirklees PCT for the whole year ended 31 March 2007, but was in place by 31 March 2007 and up to the date of approval of the annual report and accounts. 3.
Capacity to handle risk
The PCT has developed its governance arrangements to carry forward issues from the predecessor organisations into the Kirklees PCT governance arrangements which have been developed to meet the requirements of the change in focus of new PCTs to strengthen commissioning and separate the provider function. Financial risk for Kirklees PCT has been a key focus for the organisation since its formation on the 1st October 2006. The organisation has been in an informal turnaround process which has seen action taken to reduce a forecast potential financial risk of up to £13 million deficit into a year end balanced financial position. The Board and the Chief Executive provide overall leadership in respect of risk management. In terms of managerial responsibilities the Director of Corporate Services has overall responsibility for risk management within the PCT. Updates on progress are provided to the Board via the Governance Committee and also through the Board Assurance Framework. The implementation of decisions is devolved to the Director with responsibility and via the Risk Management Operational Group, who makes sure that operational responsibility is communicated, delivered and reported on. The PCT identifies risk trends through the incident/near miss reporting procedure. This has been promoted directly with teams and from 1 st April 2006 to 31 March 2007 962 incidents have been reported. Active encouragement of incident/near miss reporting has strengthened the process for identifying risks within the organisation. Once identified the Risk
Management Overview Group (RMOG) are tasked with evaluating and ensuring that control processes are in place. The RMOG reports to the Board via the Governance Committee. The improvements in Risk Management training to make it mandatory for all staff during 2005-06 have been maintained for the period that this SIC relates to. Attendance has been mandatory every two years for PCT staff since September 2005. Training for Health, Safety, Risk and Complaints management is now delivered on a regular basis covering such areas as: basic risk assessment and organisational policy, incident and near miss reporting, legal responsibilities including personal and duty of care, complaints reporting guidelines and organisational policies and systems of work. 4.
The risk and control framework
The risk management strategies and processes of the predecessor organisations were reviewed and interim risk management arrangements put in place as described above. The PCT is putting in place strengthened risk management processes that reflect the new structure and function of PCTs. The PCT recognises the need to put at arms length the PCT provider unit. The PCT is now developing a new risk management strategy which takes account of these changes which need to be in place by the end of 2007 and reflects the statements in section 5 of this document. The Board Assurance Framework adopted by the PCT Board in October 2006 has been reviewed and the way in which principle risks are identified and managed is being reviewed as part of the new governance processes and the introduction of the performance accelerator software system that incorporates the Board Assurance Framework and Risk Register. Any significant gap in control and/or assurance (i.e. Significant Control Issues) is escalated for senior management and Board attention. Embedding risk management within the PCT is continually supported via a number of activities which include: The Director of Corporate Services and the Assistant Director of Risk, Safety and Security are members of the Governance Committee. The membership of the Risk Management Overview Group being representative of the key functions of the PCT The implementation and continual development of the PCT systems for monitoring risks and identifying trends Actively encouraging the reporting of incidents and near misses Agreeing and implementing policies within the organisation to minimise adverse incidents within the PCT Attendance at Health, Safety and Risk Management training being mandatory Aligning the risk register with the Assurance Framework and overall PCT performance management systems The key steps within the Assurance Framework process have been to: To combine the principal objectives of the predecessor PCT’s from April 2006- September 2006 and reviewing all risks identified.
Kirklees PCT Board approved a Board Assurance Framework in October 2006 that has been thoroughly reviewed and the new framework approved at the March 2007 Board meeting. Identify principal risks using Standards for Better as the guiding template. Ensure that the named leads for each principal risk are involved in the whole process from identification to ongoing monitoring, review and reporting Regularly evaluate progress with managing the PCTs principal risks through the PCT Board sub committee structure. Ensure named leads provide details of corrective action where gaps in controls and/or assurances are noted. Key to the management of the organisation is that the PCTs stakeholders are involved in the risk management agenda and the attainment of the PCT’s objectives. This is complemented through a process of linked meetings (with Wakefield PCTs, Mid Yorkshire Hospitals NHS Trust, Calderdale and Huddersfield Foundation Trust and South and West Yorkshire Mental Health Services NHS Trust for example) as well as involvement in key areas that have been identified as being at risk. The Local Area Agreement is a key framework for involving Kirklees Council that sets out the shared responsibilities and targets for health and local authority organisations. As an employer with staff entitled to membership of the NHS pension scheme, control measures are in place to ensure all employer obligations contained within the Scheme regulations are complied with. This includes ensuring that deductions from salary, employer’s contributions and payments in to the Scheme are in accordance with the Scheme rules, and that member Pension Scheme records are accurately updated in accordance with the timescales detailed in the Regulations. 5.
Review of effectiveness
As Accountable Officer, I have responsibility for reviewing the effectiveness of the system of internal control. My review is informed in a number of ways. The head of internal audit provides me with an opinion on the overall arrangements for gaining assurance through the Assurance Framework and on the controls reviewed as part of the internal audit work. Directors within the organisation who have responsibility for the development and maintenance of the system of internal control provide me with assurance. The Assurance Framework itself provides me with evidence that the effectiveness of controls that manage the risks to the organisation achieving its principal objectives have been reviewed. . My review is also informed by a number of forms of external assurance that have been received by the PCT during the year as detailed in section 1- scope of responsibility as well as the governance structures in place set out below. Devolving responsibility for the strategic agenda has been secured through the development of a Governance Structure that supports and monitors day to day activities of the PCT in relation to the achievement of objectives. The PCT governance structure starts with the Board, PEC and Senior Management Team and is supported by seven Board sub committees which are the PEC, governance committee, patient and public involvement steering committee, the finance and performance committee, estates strategy committee, remuneration and terms of service committee and audit committee. The role of the Audit Committee is to provide the PCT with assurance that its systems of internal control are robust.
I have been advised on the implications of the result of my review of the effectiveness of the system of internal control by the Head of Internal Audit. A plan to address weaknesses and ensure continuous improvement of the system is in place. As detailed in Section 1 the PCT declared non compliance with Core Standard 9 this was due to changes in the assessment criteria and the PCT has taken action during 2006/07 to rectify this gap with identification of a records manager post and leadership for records management within the PCT The PCT declared the end of non compliance with this core standard on 28th March 2007. In line with the development of provider units as set out in section 4 all these governance arrangements are under review to ensure a divide between the commissioning and provider function of the PCT. This will be completed within the next 3 months to ensure a full system of internal control for 2007/08 meeting changing requirements in 2007. The Board sub committees provides assurance to the Board of the PCT’s systems of internal control and the Governance Committee takes an overview of the totality of risks within the PCT. The Assurance Framework is the conduit for ensuring transparency and robustness in the PCT’s Internal Control arrangements at Board and Directorate level. Updating the Assurance Framework is co-ordinated by corporate governance team although overall responsibility lies with the named lead for the principal risk. The PCT has implemented appropriate procedures for its key financial systems and these have been confirmed via internal audit reviews, and the more recent feedback from the Auditors Local Evaluation, which have been reported to the Audit Committee, Governance Committee and the Board. Key assurance documentation including Financial Reports is presented to the Board for consideration and this includes any significant risks identified. The Professional Executive Committee ensures that management controls are applied in the context of their clinical experience. Managerial direction is provided through the Senior Management Team. I am of the view that the mechanism and systems outlined in this Statement demonstrate that the PCT has done its reasonable best to maintain a sound system of internal control to manage the risks linked to the delivery of its objectives.
Mike Potts Chief Executive