document
DESCRIPTION
http://www.kirklees.nhs.uk/fileadmin/documents/publications/KPCT-09-183_Risk_Management_Strategy_V_3_October_2009_Board_amendments_Approved.pdfTRANSCRIPT
Version No: 3 Approved Date: October 2009
1
RISK MANAGEMENT STRATEGY
Prepared by: Helena Corder
Responsible Area: Corporate Services
Date Approved:
Approval Information: Committee PCT Board
Approved By: Print Name
Version No: 2
Review Date: September 2011
NHSLA Standards
1. Meets NHSLA Risk Management Standard requirements at a minimum of level 1
Care Quality Commission
2. Meets the requirements of the Care Quality Commission
Use of Resources
3. Meets use of resources requirements at level 3
World Class Commissioning
4. Key risks can be seen to inform the agendas of the Board and its sub committees.
Workforce
5. Staff are aware of the strategy and there is evidence that the principles are out in to practice at operational level e.g committee and directorate risk logs/registers are in place, the Board Assurance framework is reveiwed by the Board at least three times a year.
Version No: 3 Approved Date: October 2009
2
CONTENTS Section No.
Description Page No’s
1 Introduction 3
2 Aims 3
3 The Board’s intent 3
4 Who this strategy applies to 4
5 What the PCT must achieve 4
6 Strategic risks 4
7 The way we work 5
8 Accountabilities, responsibilities and organisational framework
5
9 Systems and processes for managing risk 6
10 Systems for monitoring the effectiveness of the Strategy
6
11 Key performance indicators 07/08 6
12 Implementation, training and support 6
13 Equality impact assessment 7
14 Other relevant policies 7
15 PCT stakeholders 7
16 Communication with stakeholders 8
Appendix 1 Definitions 9
Appendix 2 Operational responsibility for risk management 10
Appendix 3 Organisational structure for risk management and assurance
12
Appendix 4 Risk Management Operational Group Terms of Reference
14
Appendix 5 Governance Committee Terms of Reference 18
Appendix 6 Audit Committee Terms of Reference 22
Appendix 7 Equality Impact Assessment 26
Appendix 8 Risk Grading Tool 29
Appendix 9 Key Performance Indicators 2007/2008 31
Version No: 3 Approved Date: October 2009
3
1. INTRODUCTION
Risk is a part of everyday life we all assess and manage risk on a daily basis having a systematic approach to the identification, assessment and management of risk is central to the effective running of any organisation. At its simplest, risk management is good management practice. It should be seen as an integral part of an overall management approach from the Board through its sub committees and across the organisational structure and partnership working arrangements.
2. AIMS
The aims of this Risk Management Strategy are to ensure that there is a systematic and documented approach to risk management across the PCT that makes sure that:
• The Board identifies the strategic risks with the potential to threaten the achievement of organisational objectives.
• Strategic risks are reviewed and reported within the Board Assurance Framework which in turn informs the PCT Chief Executives annual Statement of Internal Control
• Risks to patients, staff and the public are identified and managed to the lowest level possible
• Risks of liability claims against the NHS are identified and minimised
• The PCT meets the standards applied via the National Health Service Litigation Authority (NHSLA) risk management programme.
• Key staff are trained to identify, assess and manage risk as part of the way they work
• The staff, reputation and finances of the PCT are protected through the process of risk identification, assessment and control.
3. THE ROLE OF THE BOARD
• To lead the organisation’s risk management programme by using risk profiling to identify key strategic issues that require Board attention.
• To make sure the PCT has management systems and processes in place that provide assurance that risks are being effectively managed at operational level across the organisation.
Version No: 3 Approved Date: October 2009
4
• To provide leadership to create a culture in which the management of risk is embedded across the organisation as a key component of all management activities. This will be achieved through the use of agreed policies and procedures, key organisational committees, mandated training and education and associated support systems.
4. WHO THIS STRATEGY APPLIES TO
This strategy is applicable to all staff and contractors including temporary and bank staff working within the PCT and should inform the approach to working with other NHS organisations and partners.
5. WHAT THE PCT MUST ACHIEVE
The Board is responsible for directing the work of the PCT to make sure it achieves its organisational objectives, one of which is to comply with legislation and NHS standards.
The Department of Health (DH) requires the Chief Executive to sign a Statement on Internal Control annually on behalf of the Board. This is a comment on how risks are identified, evaluated and controlled, together with confirmation that the effectiveness of the system of internal control has been reviewed.
To support achievement of the organisational objectives and in order to fulfil its responsibilities, the Board has developed a management system which allows decisions to be taken in a structured and equitable way.
This Risk Management Strategy is part of the overall Governance framework for managing the organisational risk profile. Risks will be identified using common tools which link to the overall performance management of organisational objectives.
6. STRATEGIC RISKS
Strategic risks to the organisation are identified by the Board via the PCT Directors and the Board sub committees. These strategic risks are considered by the Board who set out the action to be taken. These action plans are delegated to individual Directors and/or Board sub committees, each Directorate and sub committee record these risks on the PCT risk register via the PCT’s performance management software system. This enables progress to tracked, monitored and reported appropriately within the organisation up to Board level.
The PCT Risk management systems also record information in relation to other risks confronting the organisation. When these are significant (assessed as ’high’ or ‘extreme’ when measured against the grading tool at Appendix 8), they will also be reported to the appropriate committee with the Board taking an overview of the totality of risk within the organisation.
Version No: 3 Approved Date: October 2009
5
7. THE WAY WE WORK
All members of staff have an important role to play in identifying, assessing and managing risk. To support staff in this role the PCT provides a fair, consistent environment which encourages a culture of openness and willingness to admit mistakes. All staff are encouraged to report any situation where things have, or could have gone wrong. Balanced in this approach is the need for the PCT to provide information, counselling and support, and training for staff in response to any such situation.
At the heart of this strategy is the desire to learn from events and situations in order to continuously improve management processes. Where necessary, changes will be made to the Trust’s systems to enable this to happen.
The PCT recognises that most incidents occur as a result of the accumulation of a number of factors and events all conspiring together. Staff should be encouraged to report incidents without fear of disciplinary action in a culture of learning so that quality infuses into all aspects of the Trust’s work. Fear of disciplinary action may deter staff from reporting an incident. The view of the PCT is that disciplinary action will normally not form part of the response to an incident, except in cases where:
• In the view of the Trust, and or any professional registration body, the actions causing the incident/arising from the incident were far removed from acceptable practice.
• Where there is direct failure to report an incident in which the member of staff was either involved or about which they were aware.
• Illegally.
Should disciplinary action be appropriate, this will be made clear as soon as the possibility emerges. The investigation would then be modified to take account of personnel policies with advice from senior Human Resources staff.
8. ACCOUNTABILITIES, RESPONSIBILITIES AND ORGANISATIONAL FRAMEWORK
Accountabilities and Responsibilities
The Chief Executive has overall accountability and responsibility for risk management within the Trust. The Chief Executive has delegated responsibility for implementation of risk management as outlined in Appendix 2.
Version No: 3 Approved Date: October 2009
6
Organisational structure
The organisational structure noted in appendix 3 demonstrates how key risk management responsibility is delegated across the organisation. The Terms of Reference for the Committees which contribute to the assurance process are included as Appendix 4.
Board Assurance Framework
The Risk Management process is supported by the Board Assurance Framework. Through this Framework the PCT Board gains assurance from others that risks are being appropriately managed throughout the organisation.
9. SYSTEMS AND PROCESSES FOR MANAGING RISK
The PCT operates major systems to facilitate the management of risk throughout the organisation. These are each described in detail in the following documents:
• Incident Reporting and Investigation Policy
• Procedure for the Management of the Risk Register
• Serious Untoward Incident policy
• Associated Risk and H&S policies and procedures
All systems use a standard risk grading process to assess risks in terms of frequency and severity of outcome so that a common currency of assessing and calculating risks is used throughout the organisation. This is described fully in Appendix 7.
The systems are supported by a Serious Untoward Incident Policy which includes detailed methodology and guidance in conducting investigations.
10. SYSTEMS FOR MONITORING THE EFFECTIVENESS OF THE STRATEGY
The Risk Management Operational Group is responsible for collating all available information related to commissioning risk activity and for producing report to Board sub Committee. Each Board sub committee is responsible for reporting on risk to the PCT Board. The Risk Committee is responsible for collating all available information related to Kirklees Community Health Services risk activity including trends, patterns and actions and is responsible for reporting risk to the Governance Committee who provide assurance to KCHS Board. The Provider Board are responsible for ensuring the PCT Board are provided with adequate assurances that risk is being managed effectively and that the patients, staff and the organisation are not subject to any unnecessary risk exposure.
Version No: 3 Approved Date: October 2009
7
11. KEY PERFORMANCE INDICATORS
The KPIs to monitor risk management in are listed in Appendix 8.
12. IMPLEMENTATION, TRAINING AND SUPPORT
The effective implementation of this Risk Management Strategy will support the delivery of a quality service. Staff training and support, will provide an improved awareness of the measures needed to identify, control and contain risk.
The PCT will:
• Ensure all staff and stakeholders have access to a copy of this Risk Management Strategy via the Trust intranet.
• Produce a register of high level risks across the PCT which will be subject to regular review by sub committees and the Board.
• Ensure that Directorate Risk Registers are in place and managed by each Director or nominated senior managers.
• Communicate to staff any action to be taken in respect of risk issues;
• Develop policies and guidance as appropriate, based on the results of assessments and identified risks which assist in the implementation of this Strategy;
• Ensure that training programmes raise and sustain awareness throughout the PCT of the importance of identifying and managing risk.
• Monitor and review the performance of the PCT in relation to the management of risk and the continuing suitability and effectiveness of the systems and processes in place to manage risk.
12. EQUALITY IMPACT ASSESSMENT
As part of its development, this strategy and its impact on equality have been reviewed in consultation with trade union and other employee representatives in line with the Trust’s Equality Scheme and Equal Opportunities Policy and no detriment was identified. The purpose of the assessment is to minimise and if possible remove any disproportionate impact on employees on the grounds of race, sex, disability, age, sexual orientation or religious belief. Appendix 7.
13. PCT STAKEHOLDERS
Key stakeholders include:
• All PCT and KCHS Staff (directly employed and agency)
• Contractors
• Department of Health
• Strategic Health Authorities
• Other NHS organisations
Version No: 3 Approved Date: October 2009
8
• Private sector providers of NHS care where commissioned by the PCT
• Professional Executive Committee
• Partner agencies such as Kirklees Council, the police and fire service
• Public (via PCT website)
• Regulatory Bodies
14. COMMUNICATION WITH STAKEHOLDERS
Systems of communication with stakeholders that contribute to minimising risk are in place. These systems include the PCT website (www.kirklees-pct.nhs.uk), regular meetings, Public Engagement and consultation systems, patient and staff satisfaction surveys, publications, active systems to manage complaints and concerns and Public Board Meetings.
Communication with staff is particularly important and is mainly effected via line management at team meetings. Any urgent or particularly important messages are communicated by email or via the Trust Intranet.
This Risk Management Strategy is available via the PCT website. The introduction of new or significantly revised risk management policies is supported by appropriate staff training.
Version No: 3 Approved Date: October 2009
9
APPENDIX 1
DEFINITIONS
(Adapted from the Australian/New Zealand standard AS/NZS 4360:1999.)
Risk is the chance that something will happen that will have an impact on achievement of the PCT’s aims and objectives. It is measured in terms of likelihood (frequency or probability of the risk occurring) and severity (impact or magnitude of the effect of the risk occurring). See Appendix 7
Risk Management is “the culture, processes and structures that are directed towards the effective management of potential opportunities and adverse effects”.
The risk management process is “the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risk”. It is described in the following diagram:
Risk Management Overview from AS/NZS 4360:1999
Significant Risks are those which, when measured according to the risk grading tool at Appendix 7, are assessed to be ’High’ or ‘Extreme’. The Board and its sub committees will monitor and performance manage all significant risks via the Trust electronic Risk Management and the Board Assurance Framework.
Establish Context
Identify Risks
Analyse Risks
Evaluate and Rank Risks
Treat Risks
Asse
ss
Ris
ks
Co
mm
un
ica
tio
n a
nd
Co
nsu
lta
tio
n
Monitor and
Review
Version No: 3 Approved Date: October 2009
10
APPENDIX 2
RESPONSIBILITY FOR RISK MANAGEMENT
Chief Executive
The Chief Executive has overall accountability for all risk management systems with the organisation and is personally involved in the management of complaints and claims against the Trust. Operationally, the Chief Executive has delegated responsibility for risk management as outlined below.
Director of Corporate Services
The Director of Corporate Services is the Director designated as the accountable and responsible officer for implementing the system of internal control, including this Risk Management Strategy.
Assistant Director of Corporate Governance Services and Risk
The Assistant Director of Corporate Governance and Risk is accountable to the Director of Corporate Services for the day to day operational management of risk systems within the PCT and for managing the Risk management Operational Group.
Managing Director for Kirklees Community Health Services
The MD of KCHS is responsible for ensuring that KCHS have in place adequate systems and processes for identifying, quantifying and managing risks and that these are reported to the Provider Board and ultimately to the PCT Board.
Head of Health & Safety and Security
The PCT will appoint or contract a competent person/s to ensure compliance with all relevant legal obligations under Health & Safety legislation. Where necessary such competent person/s will be sourced from external service providers.
Directors
Directors are accountable for making sure that the Board Assurance Framework and Directorate Risk Registers are managed effectively and that all entries are regularly updated..
Managers
All managers within the PCT and KCHS are responsible for the day-to-day management of risks of all types within their area of responsibility. They are charged with ensuring that risk assessments are undertaken throughout their area of responsibility on a pro-active basis and that preventive action is carried out where necessary. The level of local responsibility for managing risks is identified in the Trust Incident and Investigation Policy.
Managers have a role to ensure that incidents including ‘near misses’ are investigated and recorded and that action is taken to reduce the potential of reoccurrence. Managers are also responsible for ensuring that staff who submit reports are provided with feedback on what actions have been taken.
They are also responsible for seeking advice about implementation of risk reduction plans from the PCT Risk Management Team or other suitably qualified and experienced staff.
Health & Safety Representatives
Health & Safety Representatives have a legal right to question the H&S systems used within the organisation including organisational and local systems and
Version No: 3 Approved Date: October 2009
11
processes. The PCT actively seeks and supports the role of recognised H&S Representatives as a positive action to reduce the risks to patients and staff and to support managers at all levels.
All Staff
Management of risks is a fundamental duty of all staff whatever their grade, role or status. All staff including temporary, bank and volunteers must follow all the PCT policies and procedures which explain how this duty is to be undertaken. In particular, all staff must ensure that identified risks and incidents are dealt with swiftly and effectively, reported to their immediate line manager and, if appropriate, a Health & Safety lead. All such issues must also be reported using the Trust incident management systems.
Risks associated with contracted services
There is a moral and contractual responsibility for the PCT, Service Providers and where necessary, other commissioners to work together to identify and manage risks, investigate incidents and take action including sharing outcomes and lessons so that learning can take place on a regional basis.
Partnership Risks
The PCT will work with partnership organisations to work together to identify and manage risks , investigate incidents and take action including sharing outcomes and lessons so that learning can take place on a regional basis.
Kirklees Community Health Services Board
The KCHS Board is accountable to NHS Kirklees Board for the management of risk within the provider arm of the PCT. It is expected to have robust systems and processes in place that provide assurance through the contracting process that it these in place. The Chair of the provider Board is accountable to the PCT Chair and the Managing Director accountable to the PCT Chief Executive in respect of risk management.
KCHS will have in place the following systems (as a minimum) in order to manage risks to the lowest level possible;
Systems of assurances:
Within KCHS:
1 KCHS Board Assurance Framework to identify, control and provide assurance on potential risks
2 Strategic and service risk registers to identify, control and provide assurance on existing risks
3 The Risk Committee minutes considered at KCHS Governance Committee.
4 Monitoring of complaints, incidents, SUIs, claims through action planning
5 Risk and COSHH assessments undertaken and updated & regularly; monitored through Operational Risk Committee
6 Operational Risk committees considers service monthly reports against KPIs
Version No: 3 Approved Date: October 2009
12
All above considered at KCHS Governance Committee which meets bi-monthly. Quarterly reports to KCHS Board to provide assurance of appropriate management and control of systems and processes.
External: 1 Internal audit reports considered at KCHS Audit & Effectiveness
Committee and monitored through KCHS Governance Committee 2 Quarterly quality reports to NHS Kirklees Contract Management Board 3 Successful compliance with Standards for Better Health, CQC
registration 4 Complaints action plans considered at PCT Internal closure panel. 5 Minutes of KCHS Board submitted to NHS Kirklees Board
Version No: 3 Approved Date: October 2009
13
APPENDIX 3
ORGANISATIONAL STRUCTURE FOR RISK MANAGEMENT AND ASSURANCE
Board
The Board is accountable and responsible for ensuring that the PCT has an effective programme for managing all types of risk which is achieved via the Assurance Framework. The Board is chaired by a non-executive director and meets monthly. In order to verify that risks are being managed appropriately and that the organisation can deliver its objectives, the Board receives and considers reports from the Audit Committee and minutes from the Governance Committee. In particular, the Governance Committee considers risk reduction plans and monitors progress on action plans on all significant risks on at least a quarterly basis.
All Board Sub Committees
Provide assurance to the Board that risk is being effectively managed at operational level. The Governance Committee oversees the work of the Risk Management Operational Group to provide additional assurance that risk is being actioned at operational level within the PCT. KCHS Board oversees the work of the Operational Risk Management Committee to provide additional assurance that risk is being actioned at operational level within KCHS.
Risk Management Operational Group
The Risk Management Operational Group monitors all areas of non financial risk management so that it can assure the Governance Committee and ultimately the Board that risks are being managed according to organisational policies and procedures. It is also responsible for monitoring the implementation of certain allocated treatment plans and reporting progress to the Governance Committee. The Risk Management Operational Group ensures that Key Performance Indicators (KPIs) are set and monitored in relation to risk. The Assistant Director of Corporate Services and Risk chairs the Group. It meets at least four times every year and reports directly to the Governance Committee on a quarterly basis. The Terms of Reference for the Risk Management Operational Group are attached at Appendix 4.
KCHS Board
Risk Management Operational Group
All Board sub committees
Board
Assurance
Senior Management Team
Inte
rna
l Aud
it, NH
SLA
& C
QC
sta
nd
ard
s
KCHS Governance Committee
Sub Committees
Risk Incident Reporting
Version No: 3 Approved Date: October 2009
14
Audit Committee
The Audit Committee is chaired by a non-executive director. It meets at least 4 times a year and reports directly to the Board. It ensures that an effective system of internal control for all risks is maintained. The Committee may review the results of audit work completed on the Trust’s risk management system and performance. The Committee will also agree an annual audit plan with reference to the PCT Risk Register. The Terms of Reference for the Audit Committee are attached at Appendix 6.
Version No: 3 Approved Date: October 2009
15
APPENDIX 4
Risk Management Operational Group Terms of Reference
1. Purpose of the Committee The Risk Management Operational Group will oversee the PCT’s programme of organisational risk management, in accordance with current Department of Health requirements. The programme will be approved and monitored by the Governance Committee. The Risk Management Operational Group is responsible for ensuring effective systems are in place to manage risks and makes sure that operational action agreed by Board sub committees is taking place. It will review the risk register and make sure that it is update regularly to support effective reporting at Directorate and Board sub committee level. The remit includes the review and the management of risk from a number of activities including:
1. Risks in commissioning services from other organisations and potential failures in those organisations including Kirklees Community Health Services.
2. Risks noted in partnership with Social Services, Voluntary Agencies
and Independent providers of care
3. Risks where the PCT is directly managing systems in relation to Services including Medical and Dental e.g. security and IT.
4. Risks in the work of relevant independent contractors – GPs, opticians,
pharmacists, and dentists.
There is a distinction between the PCT's responsibility for employed staff where the PCT has direct liability, and its responsibility towards commissioned care, where GPs and other primary care providers have direct liability as independent contractors – e.g. employment law and health and safety. The Risk Management Operational Group defines its approach to risk management for commissioned services as follows;
1. To actively engage with services providers including primary care independent contractors to support good practice in risk management i.e. offer support, help to develop.
2. To ensure that where PCT staff is working in primary care premises,
the same processes of identifying and addressing possible risks to them apply as would in PCT directly provided areas.
Version No: 3 Approved Date: October 2009
16
2. Objectives The objectives of RMOG are;
1. To ensure systems are in place to identify, quantify, prioritise and plan action on risks which may lead to harm, loss or damage to reputation. This will include establishing formal links with other relevant committees within the Trust and where possible with Commissioned Services.
2. To receive reports on the status of any ongoing Serious Untoward
Incidents prior to completion and submission to the Governance Committee and to monitor the completion of any agreed actions.
3. To receive reports on the status of any ongoing complaints
investigations prior to completion and submission to the Chief Executive and to monitor the completion of any agreed actions.
4. To prioritise work on risk registers delegated to it by Board sub
committees or Directors.
5. To ensure that systems are in place to record and analyse incidents, claims and near misses within the PCT to enable trends to be identified and preventative measure targeted. RMOG will also support the analysis of data related to commissioned services and use the information to support any actions required to reduce risk exposure via the contract management systems.
6. To support the development and implementation of the risk strategy
7. To ensure that the PCT has risk management training and awareness
programmes in place as well as systems to monitor attendance.
8. To promote and support risk management work amongst all the areas of commissioned service.
9. To ensure the development of the ability to quantify the cost of risk.
10. To develop and maintain appropriate links at local, regional and
national level.
11. To support the development of the Annual Report for approval by the Governance Committee to take to the Board.
12. To monitor Key performance programmes including regulatory
standards.
Version No: 3 Approved Date: October 2009
17
3. Membership of the Risk Management Operational Group The Risk Management Operational Group membership must include key staff who can advise on the complexity of risks being managed and therefore must include a wide remit of staff. Members
1. Assistant Director of Corporate Services and Risk (Chair) 2. Assistant Director Clinical Governance 3. Assistant Director Commissioning 4. Assistant Director of Medicines Management 5. Deputy Director of Infection, Prevention and Control 6. Head of Litigation and Complaints 7. Head of Training, Education and Development. 8. Health and Safety Advisor 9. Assistant Director HR 10. Assistant Director Public Health
4. In Attendance (co-opted staff) Other officers may be co-opted as necessary to report on or manage the risk agenda. 5. Quorate The Group is quorate when five members are present. Each member will appoint a chair to attend in the absence of the member. Attendance will be monitored and details provided to the Governance Committee within the Annual Report. 6. Frequency of Meetings The Group will meet quarterly. The Chair will convene additional meetings if required for emergency items. 7. Support for the Committee The Group will be supported by administration from the risk management team. 8. Reporting arrangements The Risk Management Operational Group will provide minutes to the Governance Committee and circulation to all related committees with a remit for risk management. 9. Level of Financial Authority/Decision making. The Risk Management Operational Group is an advisory Committee and therefore has no financial authority. The committee has authority to take action to resolve any immediate patient safety risk and can seek relevant authority when required for any risk issues that are not immediate.
Version No: 3 Approved Date: October 2009
18
10. Accountability and reporting The Board has overall responsibility for the management of risk, and for monitoring the work of the Committees with responsibility for risk management, i.e.:
1. The Governance Committee for verifying the overall system for risk management.
2. All Board sub committees who provide assurance to the Board in
relation to risk
3. The Risk Management Operational Group manages the risk profile related to the commissioning arm of the organisation but provides information to the PCT on risks noted with commissioned services.
4. The Infection Control Committee for managing any risks related to
infection prevention and control. 11. Conduct of Business The Risk Management Operational meet Group will conduct business in line with all PCT policies. 13. Review Date The Risk Management Operational Group TOR will be reviewed bi annually within the context of the Risk Management Strategy.
Version No: 3 Approved Date: October 2009
19
APPENDIX 5
NHS KIRKLEES
GOVERNANCE COMMITTEE TERMS OF REFERENCE.
1. BACKGROUND One of the prime governance tasks for a PCT is the effective management of risk, ensuring the provision of quality services, and the effective stewardship of public funds in providing those services. ‘Risk’ should be considered holistically to include:
� Financial and Business � Quality/Safeguarding/Patient Safety � Health, Safety and Security � Operational from a commissioning perspective � Litigation
2. PURPOSE OF THE GOVERNANCE COMMITTEE. The Board has delegated authority to the Governance Committee to ensure on its behalf that appropriate systems and processes are in place to achieve and maintain the highest standards of governance and public accountability across the whole spectrum of the PCT’s work. These systems and processes will identify how risk is identified, assessed, managed, monitored and reported so risk is effectively managed both strategically and operationally across the organisation and how links are made between operational and strategic risk. A key tool to facilitate this action is the Board Assurance Framework which is turn is fed by the Trust Risk Registers. The Governance Committee will also provide assurance to the Board that risk is being identified, assessed and monitored in respect of clinical quality, safeguarding, patient safety and litigation. 3. OBJECTIVES
1. To monitor compliance against NHS and legislative standards including Care Quality Commission, NHSLA and the Information Governance Toolkit and to provide assurance to the Board.
2. To take the lead on the development, implementation and monitoring of the PCT’s Risk Management Strategy.
3. To ratify those policies and associated documents that Trust Board has delegated authority to the committee to do so.
4. To provide assurance to the Board that the Risk Management Strategy is embedded in the daily work of the PCT.
5. To set key performance indicators for the management of risk.
Version No: 3 Approved Date: October 2009
20
6. To ensure that all contracted service providers have effective systems of corporate and clinical governance that meets national and contractual requirements and this is delivered through the contracting and clinical quality board
7. To ensure all partnership arrangements, including Local Partnership Service Boards have in place effective corporate and clinical governance arrangements
8. To ensure partnership working arrangements have effective governance in place with specific reference to the management of risk
9. To maintain a risk register is in place across the Trust and Directorates 10. To receive and consider reports the following reports:
a. Health, safety and security b. Incident reporting including Serious Untoward Incidents (SUI,s) c. Risk registers d. Workforce and HR e. Litigation, Complaints and PALs f. Annual review of governance arrangements and the
effectiveness of the committee g. Research Governance h. Safeguarding i. Clinical Effectiveness j. Training and Education k. Infection Control l. Performance Advisory Group and Decision Making Group
11. To receive and consider the minutes of the sub-committees listed in Section 10
12. To respond appropriately to matters referred to the committee by the Board and Professional Executive Committee
4. MEMBERSHIP
• Chief Executive (Chair)
• Non Executive Director
• PEC lead for Governance/Risk Management
• Director of Corporate Services (Vice Chair)
• Director of Finance
• Internal Auditor
• Director of Patient Care & Professions
• Director of Performance & Information
• The Director of Human Resources
• Assistant Director of Corporate Services and Risk
• Assistant Director of Quality and Clinical Governance,
• Assistant Director of Medicines Management
• Deputy Director of Infection, Prevention and Control
• Medical Director
• Other members of the PCT will attend as required to present reports
Version No: 3 Approved Date: October 2009
21
5; QUORUM The meetings will be quorate on the attendance of one third of the membership which must include the Chair or Deputy Chair. Each member will identify a deputy who will attend on behalf of the member if required. Records on attendance will be kept and reviewed by the Committee on an annual basis. 6; FREQUENCY OF MEETINGS Meetings of the Governance Committee will normally be on a six weekly cycle with a minimum of 7 meetings per year. The Chief Executive may convene additional meetings to address specific items.
7; SUPPORT TO THE COMMITTEE The committee will be supported by the Corporate Governance Administrator. 8; REPORTING
1. The Governance committee is a sub-committee of the Board and directly accountable to the Board.
2. The minutes of each meeting to be presented to the Board for receipt and discussion as appropriate.
3. The minutes and a bullet pointed highlight report to be presented to the Audit Committee
4. Risks that impact on the Board Assurance Framework will be reported to the Board via the framework report.
10; SUB-COMMITTEES
� Operational Risk Management Group � Infection Control Committee � Information Governance Group � Strategic Emergency Planning � Medicines Management Committee � Effectiveness Group � Medicines Management Group � Pharmacy Panel � Primary Care Commissioning Group � Performance Advice and Decision Making Groups � Safeguarding Committee � Research and Development Group � Policy Group � Area Prescribing Committee � QOF Assurance Panel
11; CONDUCT OF BUSINESS
� Agendas and papers will be circulated to committee members at least 5 calendar days before the meeting. � Minutes of the meeting will be circulated no later than 14 Calendar days after the meeting � This Committee will observe the requirements of the Freedom of information Act 2000, which allows a general right of access to
Version No: 3 Approved Date: October 2009
22
recorded information held by the PCT, including minutes of meetings, subject to specified exemptions. � This committee will operate in accordance with the PCT’s guidance for Chairs and Minute Takers. � All members must declare any conflict of interest they may have regarding an agenda item at the start of the meeting.
12; REVIEW DATE These Terms of Reference will be reviewed at least every two years. Approved by Trust Board Review Date July 2011
Version No: 3 Approved Date: October 2009
23
APPENDIX 6
NHS KIRKLEES
AUDIT COMMITTEE TERMS OF REFERENCE
Constitution The Board hereby resolves to establish a Committee of the Board to be known as the Audit Committee (The Committee). The Committee is a non-executive Committee of the Board and has no executive powers, other than those specifically delegated in these Terms of Reference. Membership The Committee shall be appointed by the Board from amongst the Non-Executive Directors of the PCT and shall consist of not less than three members. A quorum shall be two members. The Board will appoint one of the members Chair of the Committee. The Chairman of the PCT shall not be a member of the Committee. Attendance The Director of Finance and appropriate Internal and External Audit representatives shall normally attend meetings. However at least once a year the Committee should meet privately with the External and Internal Auditors. The Chief Executive and other executive Directors should be invited to attend, but particularly when the Committee is discussing areas of risk or operation that are the responsibility of that Director. The Chief Executive should be invited to attend, at least annually, to discuss with the Audit Committee the process for assurance that supports the Statement on Internal Control. The Trust Secretary, or whoever covers these duties, shall be Secretary to the Committee and shall attend to take minutes of the meeting and provide appropriate support to the Chairman and Committee members. Frequency Meetings shall be held not less than three times a year. The Director of Finance, the External Auditor or Head of Internal Audit may request a meeting if they consider that one is necessary. Authority The Committee is authorised by the Board to investigate any activity within its terms of reference. It is authorised to seek any information it requires from any employee and all employees are directed to co-operate with any request made by the Committee. The Committee is authorised by the Board to obtain outside legal or other independent professional advice and to secure the attendance of outsiders with relevant experience and expertise if it considers this necessary.
Version No: 3 Approved Date: October 2009
24
Duties The duties of the Committee can be categorised as follows: Governance, Risk Management and Internal Control The Committee shall review the establishment and maintenance of an effective system of integrated governance, risk management and Internal control, across the whole of the organisation’s activities (both clinical and non-clinical) that supports the achievement of the organisation’s objectives. In particular, the Committee will review the adequacy of:
• All risk and control related disclosure statements (in particular the statement on Internal control and declaration of compliance with the Care Quality Commission standards) together with any accompanying Head of Internal Audit statement, External Audit opinion or other appropriate independent assurances, prior to endorsement by the Board
• The underlying assurance processes that indicate the degree of the achievement of corporate objectives, the effectiveness of the management of principal risks and the appropriateness of the above disclosure statements
• The policies for ensuring compliance with relevant regulatory, legal and code of conduct requirements
• The policies and procedures for all work related to fraud and corruption as set out in Secretary of State Directions and as required by the Counter Fraud and Security Management Service
In carrying out this work the Committee will primarily utilise the work of Internal Audit, External Audit and other assurance functions, but will not be limited to these Audit functions. It will also seek reports and assurances from Directors and Managers as appropriate, concentrating on the overarching systems of integrated governance, risk management and Internal control, together with indicators of their effectiveness. This will be evidenced through the Committee’s use of an effective Assurance Framework to guide its work and that of the Audit and assurance functions that report to it. Internal Audit The Committee shall ensure that there is an effective Internal Audit function established by management that meets mandatory NHS Internal Audit Standards and provides appropriate independent assurance to the Audit Committee, Chief Executive and Board. This will be achieved by:
• Consideration of the provision of the Internal Audit Service, the cost of the Audit and any questions of resignation and dismissal
• Review and approval of the Internal Audit strategy, operational plan and more detailed programme of work, ensuring that this is consistent
Version No: 3 Approved Date: October 2009
25
with the Audit needs of the organisation as identified dint he Assurance Framework
• Consideration of the major findings of Internal Audit work (and management’s response), and ensure co-ordination between the Internal and External Auditors to optimise Audit resources
• Ensuring that the Internal Audit function is adequately resourced and has appropriate standing within the organisation
• Annual review of the effectiveness of Internal Audit External Audit The Committee shall review the work and findings of the External Auditor appointed by the Audit Commission and consider the implications and management’s responses to their work. This will be achieved by:
• Consideration of the appointment and performance of the External Auditor, as far as the Audit Commission’s rules permit.
• Discussion and agreement with the External Auditor, before the Audit commences, of the nature and scope of the Audit as set out in the Annual Plan, and ensure co-ordination, as appropriate, with other External Auditors in the local health economy.
• Discussion with the External Auditors of their local evaluation of Audit risks and assessment of the PCT and associated impact on the Audit fee.
• Review all External Audit reports, including agreement of the annual Audit letter before submission to the Board and any work carried outside the annual Audit plan, together with the appropriateness of management Reponses.
Other Assurance Functions The Audit Committee shall review the findings of other significant assurance functions, both Internal and External to the organisations and consider the implication to the governance of the organisation. These will include, but will not be limited to, any reviews by Department of Health Arms Length Bodies or Regulators/Inspectors (e.g. Care Quality Commission, NHS Litigation Authority, etc), professional bodies with responsibility for the performance of staff or functions (e.g. Royal Colleges, accreditation bodies, etc). In addition, the Committee will review the work of other Committees within the organisation, whose work can provide relevant assurance to the Audit Committee’s own scope of work. This will particularly include the Clinical Governance Committee and any Risk Management Committees that are established.
Version No: 3 Approved Date: October 2009
26
In reviewing the work of the Clinical Governance Committee, and issues around clinical risk management, the Audit Committee will wish to satisfy themselves on the assurance that can by gained from the clinical Audit function. Management The Committee shall request and review reports and positive assurances from Directors and Managers on the overall arrangements for governance, risk management and Internal control. They may also request specific reports from individual functions within the organisation (e.g. clinical Audit), as they may be appropriate to the overall arrangements. Financial Reporting The Audit Committee shall review the Annual Report and Financial Statements before submission to the Board, focusing particularly on:
• The wording in the Statement on Internal control and other disclosures relevant to the Terms of Reference of the Committee.
• Changes in, and compliance with, accounting policies and practices
• Unadjusted misstatements in the financial statements
• Major judgemental areas
• Significant adjustments resulting from the Audit. The Committee should also ensure that the systems for financial reporting to the Board, including those of budgetary control, are subject to review as to completeness and accuracy of the information provided to the Board. Reporting The minutes of Audit Committee meetings shall be formally recorded by the Trust Secretary and submitted to the Board. The Chair of Committee shall draw to the attention of the Board any issues that require disclosure to the full Board, or require executive action. The Committee will report to the Board annually on its work in support of the Statement on Internal control, specifically commenting on the fitness for purpose of the Assurance Framework, the completeness and embedment of risk management in the organisation, the integration of governance arrangements and the appropriateness of the self-assessment against the Standards for Better Health. Other Matters The Committee shall be supported administratively by the Trust Secretary, whose duties in this respect will include:
Version No: 3 Approved Date: October 2009
27
• Agreement of agenda with Chairman and attendees and collation of papers
• Taking minutes and keeping a record of matters arising and issues to be carried forward
• Advising the Committee on pertinent areas of concern.
Version No: 3 Approved Date: October 2009
28
Appendix 7 Equality Impact Assessment Tool To be completed and attached to any procedural document when submitted to the appropriate committee for consideration and approval.
Insert Name of Policy / Procedure
Yes/No Comments
1. Does the policy/guidance affect one group less or more favourably than another on the basis of:
• Race No
• Ethnic origins (including gypsies and travellers)
No
• Nationality No
• Gender No
• Culture No
• Religion or belief No
• Sexual orientation including lesbian, gay and bisexual people
No
• Age No
• Disability - learning disabilities, physical disability, sensory impairment and mental health problems
No
2. Is there any evidence that some groups are affected differently?
No
3. If you have identified potential discrimination, are any exceptions valid, legal and/or justifiable?
4. Is the impact of the policy/guidance likely to be negative?
5. If so can the impact be avoided?
6. What alternatives are there to achieving the policy/guidance without the impact?
7. Can we reduce the impact by taking different action?
If you have identified a potential discriminatory impact of this procedural document, please refer it to [insert name of appropriate person], together with any suggestions as to the action required to avoid/reduce this impact. For advice in respect of answering the above questions, please contact [insert name of appropriate person and contact details].
Version No: 3 Approved Date: October 2009
29
Appendix 8
RISK GRADING TOOL
The same grading tool is used by the PCT for all risk processes (risk assessment, Risk Register, and incident reporting assessment). Risks are measured according to the following formula source NPSA - A risk matrix for risk managers January 2008 :
Probability x Severity = Risk Probability - What is the likelihood of the consequence occurring?
Severity - Situations are then judged to evaluate, if the risk were to be realised, what the outcome is most likely to be.
Risk - Based on the above judgements, a risk assessment can be made of the potential future risk to stakeholders and the organisation as follows:
For grading risk, the scores obtained from the risk matrix are assigned grades as follows
Risk
Based on the above judgements, a risk assessment can be made of the potential future risk to stakeholders and the organisation as follows:
Probability ( Likelihood in Performance Accelerator) Severity (Consequence in Performance Accelerator) Negligible
1 Rare
2 Unlikely
3 Possible
4 Probable
5
Catastrophic (5) 5 10 15 20 25
Major (4) 4 8 12 16 20
Moderate (3) 3 6 9 12 15
Minor (2) 2 4 6 8 10
Low (1) 1 2 3 4 5
1-3 Low Risk
4-6 Moderate Risk
8-12 High Risk
15-25 Extreme Risk
Version No: 3 Approved Date: October 2009
30
Appendix 9
Financial Loss or Impact
Patient & Public Experience
Legal / Regulatory
Health/ Clinical Outcome
Safety / Injury / Harm (patients or staff)
Impact on Services Key Priorities -Annual
Health Check, LAA
Negligible(1)
£1k to £5k
Unsatisfactory patient experience not directly related to patient care
Locally resolved complaint
Minor non-compliance with standards
Minor recommendations e.g. clinical audit, internal audit, external audit etc
Minor adverse clinical outcome, e.g. slight delay in referral or treatment with low
impact
Short term verbal abuse. Less than 3 days
absence. Patients required extra observation or minor
treatment
Short term capacity issue (staff/facilities) reducing service quality (< 1 day)
Non achievement of locally agreed target, not
included in the Local Area Agreement
Minor
(2)
Up to £50k.
Unsatisfactory patient experience - readily
resolvable Justified complaint
peripheral to clinical care
Adverse local media report – short term
Possible minor out of court settlement or civil small
claims court.
Isolated failure to meet local standards.
Coroners Court Inquest
One off failure to meet
minimum clinical outcomes
Minor increase in
health inequalities (in only 1 area/group)
Physical encounter (scratches / bruising).
RIDDOR reportable injury with absence of 3 days to
1 week.
Patients require minor increase in treatment, did
not lead to permanent harm
Significant inconvenience or cost in maintaining
activity
Capacity issue (staff/facilities) reducing
service quality (<1 week)
Non achievement against one Local Area
Agreement target
Moderate(3)
Up to
£250k.
Mismanagement of patient care
Justified complaint involving
lack of appropriate care
Ongoing adverse local
media reports
Defensible civil action. Improvement notice
Persistent failure to meet local standards.
Intermittent failure to meet national performance
standards Coroners Court – narrative
verdict
Intermittent failure to meet minimum clinical
outcomes.
Moderate increase in health inequalities (across 2 or more
areas/groups)
RIDDOR reportable injury with absence of more
than 1 week.
Patients require moderate or major
increase in treatment, did not lead to permanent
harm
Ongoing unsafe staffing level
Significant ongoing
capacity issue (staff/facilities) preventing
service delivery (> 1 week)
Significant non-achievement against
Local Area Agreement.
Failure to improve current Healthcare Commission rating
Major
(4)
Up to
£500k. Destabilises
provider market
Serious mismanagement of patient care
Several justified complaints (of a HCC 2
nd stage
complaint) Adverse national press
interest (<3 days)
Criminal prosecution.
Persistent failure to meet national performance
targets. Coroners Court – neglect
verdict
Persistent failure to meet minimum clinical
outcomes in one clinical area
Significant increase in health inequalities (across 2 or more
area/groups)
RIDDOR reportable major injury or dangerous
occurrence
Patient experienced permanent harm
Significant ongoing
capacity issue (staff/facilities) preventing service delivery for (> 1
month)
Reduction in current Healthcare Commission
rating (down 1 level)
Significant non-achievement against
LAA targets
Catastrophic
(5)
Over £1m.
Significantly destabilises
provider market
Totally unsatisfactory patient experience
Multiple justified complaints On-going adverse national
press interest (>3 days), MP questions
Corporate Manslaughter or Corporate Killing
prosecution
Persistent failure to meet national, professional and
statutory requirements.
Persistent failure to meet minimum clinical outcomes in a range of
services Extreme impact on health inequalities
across Trust
RIDDOR reportable death.
NRLS reportable death - Patient died as a direct
result of incident
Interruption of all or significant range of Trust
activities (> 1 week)
Move to weak Care Quality Commission
rating
Version No: 3 Approved Date: October 2009
31
KEY PERFORMANCE INDICATORS
Key Performance Indicator Measured by Risk Strategy Agreed by Board Minutes from Committees Minutes from Sub Committees to overarching committees Risk Register reports Reports to Governance Committee NHSLA Compliance Compliance with standards CQC Compliance CQC Registration KCHS Assurance report KCHS Assurance report to PCT Board
KCHS Board Minutes KCHS Board Minutes to PCT Board Training of staff Mandatory training prospectus and attendance reports
QUALITY ASSESSMENT OF PRIMARY AND MIDDLE ...pub.iea.nl/fileadmin/user_upload/Publications/Electronic
Note de l'observatoire â€؛ fileadmin â€؛ Audelor â€؛ Publications â€؛ ... du maraأ®chage et Rian-tec