Page 102 - Pharmacy Appeals 1/4/04 to 31/3/05
P. 102
78 Corporate governance report
Through the regular review of the risk register and the Management assurance
assessment of the controls and required treatments
NHS Resolution's assurance arrangements bring
we were able to look at how treatment plans have
together governance and quality linked to our
contributed to any reduction of risk impact and/
strategic objectives. Its purpose is to ensure that
or likelihood of occurrence. One such risk where we
systems and information are available to provide
reduced the risk score was 'NHS Resolution's core
assurance on identified strategic risks and that such
systems become obsolete1which was previously
risks are being controlled and objectives achieved.
captured as a strategic risk and de-escalated to
the Corporate Operational Risk Register. Data quality
Where key issues have arisen we considered
We recognise the importance of having systems
whether the current controls in place could
in place to ensure, as far as possible, the data we
be strengthened to reduce the likelihood of a
produce is accurate and adequately described.
recurrence and major impact on the organisation.
The controls we have in place include:
• Exception reports and management review
Risk appetite • Quality assurance through the
Business Intelligence Team
The Board has developed a statement of risk
appetite which is reviewed and updated annually. • Internal audit of data both from the claims
The Board's approach is to minimise its exposure to function and third party Internal Audit provider
risk in relation to the delivery of its operations and
• External audit review of data quality
compliance with good standards of governance.
in relation to the provision.
The Board recognised there are a number of
initiatives underway simultaneously, including: Internal audit
• The continued challenges with the An internal audit plan is developed in conjunction with
impact of the Covid-19 pandemic. management and the Audit and Risk Committee to focus
on the areas of risk, and provide insight, advice and
• Revising our delivery model for our services.
assurance on the internal control framework. Internal
• Implementing a revised operating
Audit carried out eight reviews in the financial year:
model for the claims function.
• Adopting new ways of working with a Audit title Assurance
hybrid model across the organisation.
Data Security Protection Toolkit Advisory
• An office move for our Leeds-based staff.
Risk Maturity Advisory
• The programme for replacing our core IT systems.
Data Quality Substantial
These present both challenges and opportunities. The
Board expects that management will plan for and General Practice Indemnity Substantial
appropriately resource these initiatives, while ensuring
that the health and well-being of our staff and core Stakeholder Management Reasonable
operations are not compromised. Confidence in our
Claims Evolution Programme Advisory
ability to deliver core business is key to maintaining
our position as a trusted and effective organisation. Key Financial Controls - Payroll Reasonable 1
Procurement of Legal Panel Partial
assurance
Business continuity
Follow up of outstanding
Good progress
Effective business continuity arrangements continued internal audit recommendations
to be paramount for us during 2021/22 due to
The audit of the procurement of the legal panel
the impacts of Covid-19 as well as an IT-related
resulted in a partial assurance rating arising from
outage in April 2022. We regularly review our
issues related to planning and documentation, which
departmental Business Impact Assessments (BIAs),
did not affect the outcome of the procurement.
which take into account the changing external, as
Improvement actions are being taken forward in
well as our own internal, operating environment.
response to the recommendations made by Internal
Lessons learnt from any business continuity events and Audit across all audits undertaken in the year.
the BIAs have supported us in reviewing our business
continuity, crisis management and pandemic plans.
