cw audit services BIRMINGHAM AND SOLIHULL MENTAL HEALTH NHS TRUST INTERNAL AUDIT YEAR END REPORT & AUDIT OPINION FINANCIAL YEAR 2007/08

Similar documents
Draft Head of Internal Audit Opinion 2012/13 Isle of Wight NHS Trust

tiaa FINAL Head of Internal Audit Annual Opinion 2013/14 Wandsworth CCG May /14

The Audit Findings for Northern Devon Healthcare NHS Trust Charitable Fund

A Housing Association Internal Audit Annual Report 2014/15

The Audit Findings for University Hospitals of Morecambe Bay NHS Foundation Trust

RUTLAND COUNTY COUNCIL INTERNAL AUDIT ANNUAL REPORT 2016/17

The Annual Audit Letter for West Hertfordshire Hospitals NHS Trust

The Annual Audit Letter for Avon and Wiltshire Mental Health Partnership NHS Trust

ANNUAL GOVERNANCE STATEMENT FOR THE POLICE AND CRIME COMMISSIONER FOR NORFOLK AND THE CHIEF CONSTABLE FOR NORFOLK

Annual Audit Letter Southport and Ormskirk Hospital NHS Trust 13 July 2016

GOVERNING BODY REPORT

Trust Board Meeting in Public: Wednesday 9 May 2018 TB This is a regular report to the Board

The Annual Audit Letter for Staffordshire and Stoke on Trent Partnership NHS Trust

Scottish Public Services Ombudsman

Annual Audit Letter. Hereford Hospitals NHS Trust Audit 2010/11

Internal Audit. Income and Receivables. April 2017

The Annual Audit Letter for Royal National Orthopaedic Hospital NHS Trust

South Western Ambulance Service NHS Trust. annualaccounts2008/09. We respond. quickly and safely to save lives, reduce anxiety, pain and suffering

Annual Audit Letter Year ending 31 March St George s University Hospitals NHS Foundation Trust 24 July 2018

CONTROLLED DOCUMENT. Version Number: 4.1. On: January 2018 Review Date: June 2016 Distribution: Essential Reading for: Information for: 1 of 15

Hartlepool and Stockton on Tees CCG Annual Audit Letter On the Audit for the year ending 31 March 2015 July 2015

Bolsover, Chesterfield and North East Derbyshire Councils. Internal Audit Consortium. Annual Report to Chesterfield Borough Council 2011/12

NHS SOUTH LINCOLNSHIRE CLINICAL COMMISSIONING GROUP AUDIT & RISK COMMITTEE TERMS OF REFERENCE

Understanding the financial position, financial forecasts and financial risk

Wolverhampton City Council

The Annual Audit Letter for Mersey Care NHS Trust

The Annual Audit Letter for Torbay and Southern Devon Health and Care NHS Trust

ensure there is an effective internal audit function established by management, which provides appropriate independent assurance to the Committee;

Internal Audit. Budget Management & Financial Recovery Plan Monitoring. June 2017

Finance, Performance & Resources Committee

Solent NHS Trust Shadow Historical Due Diligence Paper for Trust Board June 2011

INTRODUCTION TO NHS FINANCES. Paul Betts, Economic Adviser, FTN

Chief Constable of North Yorkshire Police

Trust Assurance Framework Reviews. (Structure, Engagement and Alignment 2017/18)

The Audit Findings for the Police and Crime Commissioner for Merseyside and the Chief Constable of Merseyside Police

Audit Committee report THE AUDIT COMMITTEE. Tim Weller Audit Committee Chairman

The Annual Audit Letter for London North West Healthcare NHS Trust

Cambridgeshire County Council

Risk Management Policy and Strategy

The Police and Crime Commissioner for Staffordshire and Chief Constable for Staffordshire. Annual Audit Letter for the year ended 31 March 2017

The Annual Audit Letter for University Hospitals of North Midlands NHS Trust

NHS HIGHLAND STRATEGIC RISK REGISTER ADULT SOCIAL CARE SERVICES AND CHILDREN S SERVICES

The Audit Findings London Borough of Barnet Pension Fund

Cash and Treasury Management Policy and Procedure

2017/18 Financial Plan and Budgets. John Ingham, Chief Finance Officer, NHS Norwich CCG. Discussion and Approval

Annual Audit Report 2016 Welsh Ambulance Services NHS Trust

The Annual Audit Letter for Dudley Metropolitan Borough Council

Audit Committee: Terms of Reference

The Audit Findings for East Lancashire Hospitals NHS Trust

The Mid Yorkshire Hospitals NHS Trust

The Annual Audit Letter for Leeds Teaching Hospitals NHS Trust

The Annual Audit Letter for the Police and Crime Commissioner for Merseyside and the Chief Constable of Merseyside Police

VELINDRE NHS TRUST INTERNAL AUDIT REVIEW GENERAL LEDGER

PRIME FINANCIAL POLICIES

Annual Audit Letter. Buckinghamshire Hospitals NHS Trust Audit 2008/09 September 2009

The Audit Findings for the Police and Crime Commissioner for Cheshire and the Chief Constable of Cheshire Police

CWM TAF UNIVERSITY HEALTH BOARD MINUTES OF THE MEETING OF THE AUDIT COMMITTEE HELD ON 3 JUNE 2015 AT YNYSMEURIG HOUSE, ABERCYNON

NHS Isle of Wight CCG

Cash and Treasury Management Policy and Procedure

NHS BROMLEY CLINICAL COMMISSIONING GROUP RISK MANAGEMENT STRATEGY

The Clatterbridge Cancer Centre NHS Foundation Trust Business Implementation Plan. Prop Co (NO APPENDICES)

The Annual Audit Letter for Royal Borough of Greenwich

Board of Management Audit Committee

Southport and Ormskirk Hospital NHS Trust

Consideration of Going concern Status 2014/15 Accounts

NHS Great Yarmouth and Waveney CCG

The Annual Audit Letter for Chorley and South Ribble Clinical Commissioning Group

Audit Committees in Common. NHS Leeds North CCG, NHS Leeds South and East CCG and NHS Leeds West CCG. Terms of Reference

Annual Audit Letter. Somerset County Council Audit 2008/09 November 2009

Title: NHS Funding Settlement Impact and Budget Setting 2018/19

Critical Incident Reviews, Significant Adverse Event Reports and action plans

Hartlepool and Stockton on Tees CCG Annual Audit Letter On the Audit for the year ending 31 March 2014 July 2014

Cambridgeshire County Council and Cambridgeshire Pension Fund

AUDIT (EXTERNAL AND INTERNAL) POLICY

Internal Audit Annual Report 2016/17

National Audit Office (NAO) Audit Completion Report on the financial statements

Annual Audit Letter Year ending 31 March NHS Shropshire CCG 27 June 2018

East Sussex Fire Authority

Annual Audit Letter Mid Yorkshire Hospitals NHS Trust 20 July 2017

Annual Financial Plan 2018/19. April 2018

NHS 24. Annual Audit Report to NHS 24 and the Auditor General for Scotland

The Board is asked to note progress against the current key challenges in relation to the financial performance:

GROUP GOVERNANCE FRAMEWORK MANUAL

Annual governance report

NHS Darlington Clinical Commissioning Group Audit and Risk Committee Terms of Reference

NHS North Somerset Clinical Commissioning Group Risk Management Strategy and Framework

St. Canice's Kilkenny Credit Union Ltd. Notice of AGM

NHS ENGLAND BOARD PAPER

Agenda Item 6.4 CCG Board EXECUTIVE SUMMARY SHEET

NHS Greater Glasgow and Clyde

Interim Audit 2017/18. Dorset County Council

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

OFFICIAL. Date and Time 15 th May 2018 SPA Boardroom, Pacific Quay Forensic Services Budget Management and Month End Guidelines Item Number 10.

Code of audit practice 2010

South Central Ambulance Service NHS Trust. Annual Audit Letter Audit 2006/07 October 2007

RISK MANAGEMENT STRATEGY Version 3

Annual Audit Report for Police & Crime Commissioner for Gwent and Chief Constable of Gwent Police

Curriculum Vitae of Michael Smith

The Annual Audit Letter for Birmingham City Council

TURNING POINT (SERVICES) LIMITED (PRIVATE LIMITED COMPANY) FINANCIAL STATEMENTS

Transcription:

cw audit services BIRMINGHAM AND SOLIHULL MENTAL HEALTH NHS TRUST INTERNAL AUDIT YEAR END REPORT & AUDIT OPINION FINANCIAL YEAR 27/8 Consortium Director: Paul Dudfield Area Chief Internal Auditor: Jenny Horrabin Date of Issue: April 28

1. Introduction This annual report provides my opinion as the ChiefInternal Auditor to the Trust. It also summarises the activities ofinternal Audit for the period 1 st April 27 to 31 st March 28.The requirement for me to give an annual opinion is specified in the latest revised guidance issued by the Department ofhealth.this requires me to give one opinion based on my views of: your overall arrangements for gaining assurance i.e.the Assurance Framework; the workcarried out by Internal Audit during the year on the effectiveness ofthe management ofthose principal risks identified within your Assurance Framework An assessment ofthe process by which the organisation has arrived at its declaration in respect ofthe Standards for Better Health; Any reliance that is being placed upon third party assurances. This opinion forms part ofthe overall arrangements put in place by the Board to produce its Statement on Internal Control (SIC).The Board should consider my opinion, together with management assurances, its own knowledge of the organisation and assurances received throughout the year from other review bodies (such as the Healthcare Commission and External Audit) when producing its SIC. In addition,the Strategic Health Authority may take my opinion into account as part oftheir overall assessment ofthe control environment,to assist them in fulfilling their performance management responsibilities. Internal Audit Assurance & Opinions 3 rd Party and other Review Body Assurance & Management Assurance Statement on Internal Control Figure 1 Derivingthe Statement on Internal Control Page 2 27/8

2. 27/8 Internal Audit Activity 2.1 Plan Outturn Throughout the year we have updated the Audit Committee on progress against the Internal Audit plan of work. This plan of Internal Audit work, as agreed by the Audit Committee, has now been completed. During the course of the year some amendments were required to the plan, for instance, to react to situations that arose or specific management requests. These amendments were reflected in the Progress Reports. The plan of was completed at 31 st March 28 and actual performance against the planned assignments is shown in Appendix One. 2.2 Compliance with Standards As Internal Auditors we are required to comply with a set of standards for the conduct of Internal Audit in the NHS. These standards cover all aspects of our work ranging from adherence to a professional code of conduct and ethics through the operational delivery, review and reporting aspects of our work. W e have undertaken our own internal review against these standards during the year and believe that all of our work has been undertaken in adherence with these standards. In addition our internal quality reviews, outside of the normal managerial review process, have not identified any significant issues in our work that we need to bring to your attention. 2.3 Report Status W e issued 2 formal reports and memos across the year containing a total of 153 recommendations designed to improve the system of internal control. All of our individual assignment reports contain opinions on the adequacy and effectiveness of the system examined, in addition to ranking all the recommendations made. These measures are designed to allow you to better understand those issues that are of significant importance. W e take these opinions from individual reports, together with our overall knowledge of you as an organisation, in forming our overall annual opinion. Page 3 27/8

3. Head of Internal Audit Opinion The Board s Responsibilities Roles and responsibilities The whole Board is collectively accountable for maintaining a sound system of internal control and is responsible for putting in place arrangements for gaining assurance about the effectiveness of that overall system. The Statement on Internal Control (SIC) is an annual statement by the Accountable Officer, on behalf of the Board, setting out: how the individual responsibilities of the Accountable Officer are discharged with regard to maintaining a sound system of internal control that supports the achievement of policies, aims and objectives; the purpose of the system of internal control as evidenced by a description of the risk management and review processes, including the Assurance Framework process; the conduct and results of the review of the effectiveness of the system of internal control including any disclosures of significant control failures together with assurances that actions are or will be taken where appropriate to address issues arising. The organisation s Assurance Framework should bring together all of the evidence required to support the SIC requirements. In accordance with NHS Internal Audit Standards, the Head of Internal Audit (HoIA) is required to provide an annual opinion, based upon and limited to the work performed, on the overall adequacy and effectiveness of the organisation s risk management, control and governance processes (i.e. the organisation s system of internal control). This is achieved through a risk-based plan of work, agreed with management and approved by the Audit Committee, which should provide a reasonable level of assurance, subject to the inherent limitations described below. The opinion does not imply that Internal Audit have reviewed all risks and assurances relating to the organisation. The opinion is substantially derived from the conduct of risk-based plans generated from a robust and organisation-led Assurance Framework. As such, it is one component that the Board takes into account in making its Statement on Internal Control. Page 4 27/8

The Head of Internal Audit Opinion The purpose of my annual HoIA Opinion is to contribute to the assurances available to the Accountable Officer and the Board which underpin the Board s own assessment of the effectiveness of the organisation s system of internal control. This Opinion will in turn assist the Board in the completion of its Statement on Internal Control, and may also be taken into account by the Healthcare Commission in relation to the Standards for Better Health. My opinion is set out as follows: 1. Overall opinion; 2. Basis for the opinion; 3. Commentary. Overall Opinion My overall opinion is that o assurance can be given that there is a generally sound system of internal control, designed to meet the organisation s objectives, and that controls are generally being applied consistently. However, some weakness in the design and/or inconsistent application of controls, put the achievement of particular objectives at risk; Basis for forming the opinion The basis for forming my opinion is as follows: 1. An assessment of the design and operation of the underpinning Assurance Framework and supporting processes; and 2. An assessment of the range of individual opinions arising from risk-based audit assignments, contained within internal audit risk-based plans that have been reported throughout the year. This assessment has taken account of the relative materiality of these areas and management s progress in respect of addressing control weaknesses. Page 5 27/8

3. An assessment of the process by which the organisation has arrived at its declaration in respect of the Standards for Better Health; 4. Any reliance that is being placed upon third party assurances. The commentary below provides the context for my opinion and together with the opinion should be read in its entirety. The design and operation of the Assurance Framework and associated processes I have reviewed the overall arrangements the Board has in place to conduct its review of the system of internal control. This has entailed reviewing the way in which the Board has identified the principal risks to achieving its objectives, the identification of controls in operation to mitigate against these risks and the degree to which the organisation has received assurances that these issues are being controlled. I have approached this by examining the Assurance Framework document that you have in place and also by giving consideration to the wider reporting to the Board that would inform on the effectiveness of the system of internal control. It is my view that you have an Assurance Framework in place that clearly links your objectives through to principal risks,controls and assurances. The design and construction of the Assurance Framework document is compliant to Department of Health guidance. My testing,by sample,has confirmed that the controls on which you rely are in place and that you have received satisfactory levels of assurance on the operation of those controls. It was noted at the time of Audit that there was no explicit update to the Board on progress against the action plans in place to address gaps in control or assurance,although,plans were in hand to address this. The system of internal control based on Internal Audit work undertaken My opinion also takes into account the range of individual opinions arising from risk-based audit assignments that have been reported throughout the year. The internal audit plan for 27/8 was developed to provide you with independent assurance on the adequacy and effectiveness of systems of control across a range of financial and organisational areas. To achieve this our plan of work for 27/8 was divided into two broad categories; work on the financial systems that underpin your financial processing and reporting and then broader risk focused work driven essentially by principal risk areas that you had identified in your Assurance Framework. A summary of work undertaken is included below: Page 6 27/8

During the year we have undertaken reviews of the core systems supporting financial transactions and budgetary reporting. This has involved reviews of your processes for maintaining your financial ledger and your responsibilities for budgetary control. We have also undertaken detailed audit reviews of the transaction processing systems that support your financial reporting. This has included reviews of the systems for managing your cash, paying invoices, collecting income, managing your assets and paying your staff. In general we have been able to conclude that these systems are robust and operate in a good control environment. We have undertaken a number of pieces of work on areas of principal risk identified from your Assurance Framework and reviews requested during the year. These have included reviews of Incident Reporting Mechanisms and Activity Recording. In general we have been able to conclude that these systems are robust and operate in a good control environment, however, we have raised concerns in respect of Incident Reporting Mechanisms and Patients Property and Money. In each case we have agreed action plans with management and will monitor the implementation of these plans over the coming months. All Internal Audit reports contain action plans, detailing recommendations to improve the system of internal control or to better comply with established controls and/or best practice. These recommendations are ranked to reflect their respective importance to you, with a Priority 1 item representing a significant area of risk and Priority 4 being more representative of a housekeeping issue. The detailed figures for the Trust are shown in Appendix Three. This shows that a small number of potentially fundamental issues have been identified through the audit work the significant majority of the audit findings raised have related to Priority 3 or 4 issues showing that in general the systems are well controlled. In all cases actions have been agreed with management to address the issues identified.]. In general your self assessment returns have shown a positive reaction to the timely implementation of internal audit recommendations, however, we have noted that the agreed actions had not been implemented by the agreed date as part of our follow up reviews in respect of Clinical Records, Queen Elizabeth Psychiatric Hospital (QEPH) General Office and Patients Property and Money. The Audit Committee have requested regular updates of the position in these areas and are monitoring the implementation of action plans. The levels of assurance that we provided for the systems and processes reviewed by Internal Audit in 27/8 are shown in Appendix Two. It is my view, taking account of the levels of assurance provided, an assessment of the relevant weighting of each individual assignment and the extent to which agreed actions have been implemented, that you have a generally sound system of internal control. Page 7 27/8

Standards for Better Health Declaration Process We have reviewed whether the Trust had a sufficient and robust enough framework to support its self-assessment declaration in respect of the Healthcare Standards. This involved a review of the process adopted and also undertaking a sample of checks of evidence to test the processes involved. Based on our work we can give assurance that sufficient and robust evidence was available to support the Trust s final declaration. Reliance on third party assurances In arriving at my overall opinion I have not sought to rely on any third party assurances that you may have received, however, if you are aware of any such assurances then you should take them into account, together with my opinion, when determining your statement on internal control. Page 8 27/8

4. Appendices Appendix One Plan Area and Assignment Summary Outturn Against the Annual Plan Plan Days Actual Days Status/Comments FINANCIAL ASSURANCE Financial Management 2 2 Draft report issued Financial Ledger 5 5 Report finalised Treasury Management 1 1 Report finalised Creditor Payments 1 1 Report finalised Income and Debtors 1 1 Report finalised Contracted out Payroll 1 1 Report finalised Expenses 1 1 Report finalised Charitable Funds 5 5 Report finalised Asset Management 5 5 Report finalised RISK FOCUSED Assurance Framework 15 15 Report finalised Standards for Better Health 1 1 Draft report issued IT Audit Security 15 1 Draft report issued. IT Audit - Information Governance Carried forward from 26/27 13 18 Utilised 5 days from 7/8. Report finalised Incident Reporting Mechanisms 15 15 Report finalised PFI Arrangements 2 2 Days utilised on PwC PFI review Activity Recording 15 15 Draft report issued Patients Property and Money 15 15 Report finalised Nurse Bank Office 5 5 Report finalised Care Service Improvement Programme (CSIP) 5 5 Draft report issued MISCELLANEOUS Follow Up Clinical Records, QEPH and Patients Property and Money Follow Up 1 1 Reports finalised Contract Management 15 15 Complete Recommendation Tracking maintenance 5 5 Complete Audit Opinion Work 5 5 HoIA Opinion Issued TOTAL 248* 248* *Includes 13 days carried forward from 26/7 for Information Governance Review Page 9 27/8

Appendix Two Levels of Assurance Individual Audit Assignments Audit Review Contracted Out Payroll Nurse Bank Office Income and Debtors Fixed Assets Charitable Funds Creditors Activity Recording Financial Ledger Treasury Management IT Governance Expenses Budgetary Control IT Security Clinical Records Follow Up QEPH General Office Review Follow Up Patients Property and Money and Follow Up Incident Reporting Level of Assurance Limited Limited Limited Limited 14 12 1 8 6 4 2 13 4 Fu l Limited No Level of assurance Full Limited No Criteria No significant risk issues identified Exposure to levels of risk that may only impair the effectiveness of the system or process under review Exposure to unacceptable level of risk that could have a serious impact upon the system or process under review Exposure to unacceptable levels of risk that could have a serious impact upon the organisation as a whole Page 1 27/8

Summary of Internal Audit Recommendations Recommendations made in 27/8 Appendix Three Priority 1 2 3 4 Num 12 87 54 12 54 Priority 1 Priority 2 Priority 3 Priority 4 Total 153 87 Current status of all recommendations made and due for implementation by 31 st March 28 Priority Num Impl O/S 1 2 3 4 1 1 71 61 1 8 67 58 2 4 3 156 134 9 8 6 4 2 Priority 1 Priority 2 Priority 3 Priority 4 Total Outstanding This position statement reflects a self assessment return made by the managers who were responsible for implementing the agreed actions. Page 11 27/8

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback