Background:
Since 2001/2002, NHS Chief Executives have been required to sign a Statement of Internal Control that forms part of the statutory accounts and annual report. In order to make this statement, Boards must be able to demonstrate that they have been properly informed about the totality of principle risks that an organisation faces (not just financial). Conclusions to such risks need to be documented using an evidence-based approach.
The Cloud2 Board Assurance solution was developed in conjunction with NHS Yorkshire and the Humber and is a SharePoint site consisting of two key elements:
- A list of risks, detailing these along with their owner, the type and severity. Various views of this list are provided to make it easy to review them, based on status, date etc
- A rich document library to hold related policies and framework documentation
Key features:
- Metadata to allow risks to be categorised and classified based on, for example, assurance type, business area, impact, owner, status etc.
- Multiple views to allow the data to be ‘sliced and diced’ in different ways. For example, to show risks grouped by business area, or high priority risks only.
- Versioning enabled to build up an audit trail of changes made over time to any given risk.
- Ability to export data to feed into periodic reports.
Benefits:
- Single system to manage identified risks
- Visibility at all times to Board members (properly informed)
- Able to clearly demonstrate control over the risks and their mitigation (evidence)
- Facilitate decision making process through timely access to relevant information
