Home > Publications > Audit and Risk Committee Terms of Reference

Audit and Risk Committee Terms of Reference

The Audit and Risk Committee is a sub-committee of the NHS South West London ICB Board. It provides independent oversight of governance, risk management, financial reporting, audit, and counter-fraud arrangements. Its role is to give assurance that public money is used properly, risks are well managed, and the organisation is accountable and transparent.

Audit and Risk Committee Terms of Reference (730kB pdf)

Request an accessible format

If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please contact us. Please tell us what format you need. It will help us if you say what assistive technology you use.

Introduction

1.Constitution

1.1 The Audit and Risk Committee (the Committee) is established by the Integrated Care Board (the Board or ICB) as a Committee of the Board in accordance with its Constitution, Standing Financial Instructions (SFIs), Standing Orders and Scheme of Reservation and Delegation (SoRD).

1.2 These Terms of Reference (ToR) set out the membership, remit, responsibilities, and reporting arrangements of the Committee and may only be changed with the approval of the Board. They will be published as part of the Governance Handbook on the ICB’s website.

1.3 The Committee is a non-executive committee of the Board and its members, including those who are not members of the Board, are bound by the Standing Orders and other policies of the ICB.

2. Authority

2.1 The Committee is authorised by the Board to:

Investigate any activity within its ToR;

  • Seek any information it requires within its remit, from any employee or member of the ICB (who are directed to co-operate with any request made by the Committee) within its remit as outlined in these ToR;
  • Commission any reports it deems necessary to help fulfil its obligations;
  • Obtain legal or other independent professional advice and secure the attendance of advisors with relevant expertise if it considers this is necessary to fulfil its functions. In doing so, the Committee must follow any procedures put in place by the ICB for obtaining legal or professional advice;
  • Create task and finish sub-groups in order to take forward specific programmes of work as considered necessary by the Committee’s members. The Committee shall determine the membership and ToR of any such task and finish sub-groups in accordance with the ICB’s Constitution, Standing Orders and SoRD but may not delegate any decisions to such groups

2.2 For the avoidance of doubt, the Committee will comply with, the ICB Standing Orders, SFIs and the SoRD,

2.3 The Committee has no executive powers, other than those delegated in the SoRD and specified in these ToR

3.Purpose

3.1 To contribute to the overall delivery of the ICB objectives by providing oversight and assurance to the Board on the adequacy of governance, risk management and internal control processes within the ICB.

3.2 The duties of the Committee will be driven by the organisation’s objectives and the associated risks. An annual programme of business will be agreed before the start of the financial year; however this will be flexible to new and emerging priorities and risks.

4. Responsibilities of the Committee

4.1 The Committee’s duties are as follows:

Integrated governance, risk management and internal control

4.2 To review the adequacy and effectiveness of the system of integrated governance, risk management and internal control across the whole of the ICB’s activities that support the achievement of its objectives, and to highlight any areas of weakness to the Board.

4.3 To ensure that financial systems and governance are established which facilitate compliance with DHSC’s Group Accounting Manual.

4.4 To review the adequacy and effectiveness of the assurance processes that indicate the degree of achievement of the ICB’s objectives, the effectiveness of the management of principal risks.

4.5 To have oversight of system risks where they relate to the achievement of the ICB’s objectives.

4.6 To ensure consistency that the ICB acts consistently with the principles and guidance established in HMT’s Managing Public Money.

4.7 To seek reports and assurance from directors and managers as appropriate, concentrating on the systems of integrated governance, risk management and internal control, together with indicators of their effectiveness.

4.8 To identify opportunities to improve governance, risk management and internal control processes across the ICB.

4.9 To have oversight of urgent decisions exercised by the Board.

Internal Audit

4.10 To ensure that there is an effective internal audit function that meets the Public Sector Internal Audit Standards and provides appropriate independent assurance to the Board. This will be achieved by:

  • Considering the provision of the internal audit service and the costs involved;
  • Reviewing and approving the annual internal audit plan and more detailed programme of work, ensuring that this is consistent with the audit needs of the organisation as identified in the assurance framework;
  • Considering the major findings of internal audit work, including the Head of Internal Audit Opinion, (and management’s response), and ensure coordination between the internal and external auditors to optimise the use of audit resources;
  • Approve the appointment of the ICB’s internal auditor service;
  • Ensuring that the internal audit function is adequately resourced and has appropriate standing within the organisation; and
  • Monitoring the effectiveness of internal audit and carrying out an annual review

External Audit

4.11 To review and monitor the external auditor’s independence and objectivity and the effectiveness of the audit process. In particular, the Committee will review the work and findings of the external auditors and consider the implications and management’s responses to their work. This will be achieved by:

  • Considering the appointment and performance of the external auditors, as far as the rules governing the appointment permit;
  • Discussing and agreeing with the external auditors, before the audit commences, the nature and scope of the audit as set out in the annual plan;
  • Discussing with the external auditors their evaluation of audit risks and assessment of the organisation and the impact on the audit fee; and
  • Reviewing all external audit reports, including to those charged with governance (before its submission to the Board) and any work undertaken outside the annual audit plan, together with the appropriateness of management responses.

Other assurance functions

4.12 To review the findings of assurance functions in the ICB, and to consider the implications for the governance of the ICB.

4.13 To review the work of other committees in the ICB, whose work can provide relevant assurance to the Audit and Risk Committee’s own areas of responsibility.

4.14 To review the assurance processes in place in relation to financial performance across the ICB including the completeness and accuracy of information provided.

4.15 To review the findings of external bodies and consider the implications for governance of the ICB. These will include, but will not be limited to:

  • Reviews and reports issued by arm’s length bodies or regulators and inspectors: e.g. National Audit Office, Select Committees, NHS Resolution, CQC; and
  • Reviews and reports issued by professional bodies with responsibility for the performance of staff or functions (e.g. Royal Colleges and accreditation bodies)

Counter Fraud

4.16 To assure itself that the ICB has adequate arrangements in place for counter fraud, bribery and corruption (including cyber security) that meet NHS Counter Fraud Authority’s (NHSCFA) standards and shall review the outcomes of work in these areas.

4.17 To review, approve and monitor counter fraud work plans, receiving regular updates on counter fraud activity, monitor the implementation of action plans, provide direct access and liaison with those responsible for counter fraud, review annual reports on counter fraud, and discuss NHSCFA quality assessment reports.

4.18 To ensure that the counter fraud service provides appropriate progress reports and that these are scrutinised and challenged where appropriate.

4.19 To be responsible for ensuring that the counter fraud service submits an Annual Report and Self-Review Assessment, outlining key work undertaken during each financial year to meet the NHS Standards for Commissioners; Fraud, Bribery and Corruption.

4.20 To report concerns of suspected fraud, bribery and corruption to the NHSCFA.

Freedom to Speak Up

4.21 To review the adequacy and security of the ICB’s arrangements for its employees, contractors and external parties to raise concerns, in confidence, in relation to financial, clinical management, or other matters. The Committee shall ensure that these arrangements allow proportionate and independent investigation of such matters and appropriate follow up action.

Information Governance (IG)

4.22 To receive regular updates on IG compliance (including uptake & completion of data security training), data breaches and any related issues and risks.

4.23 To review the annual Senior Information Risk Owner (SIRO) report, the submission for the Data Security & Protection Toolkit and relevant reports and action plans.

4.24 To receive reports on audits to assess information and IT security arrangements, including the annual Data Security & Protection Toolkit audit.

4.25 To provide assurance to the Board that there is an effective framework in place for the management of risks associated with information governance.

Financial reporting

4.26 To monitor the integrity of the financial statements of the ICB and any formal announcements relating to its financial performance.

4.27 To ensure that the systems for financial reporting to the Board, including those of budgetary control, are subject to review as to the completeness and accuracy of the information provided.

4.28 To review the annual report and financial statements (including accounting policies) before submission to the Board focusing particularly on:

  • The wording in the Governance Statement and other disclosures relevant to the Terms of Reference of the Committee;
  • Changes in accounting policies, practices and estimation techniques;
  • Unadjusted mis-statements in the Financial Statements;
  • Significant judgements and estimates made in preparing of the Financial Statements;
  • Significant adjustments resulting from the audit;
  • Letter of representation; and
  • Qualitative aspects of financial reporting.

Conflicts of Interest

4.29 The Chair of the Committee will be the nominateceive reports of breaches of policy and normal procedure or proceedings, including such as suspensions of the ICB’s standing orders, in order provide assurance in relation to the appropriateness of decisions and to derive future learning.

Communication

4.34 To co-ordinate and manage communications on governance, risk management and internal control with stakeholders internally and externally

4.35 To develop an approach with other committees, including the Integrated Care Partnership, to ensure the relationship between them is understood.

5. Membership and attendance

Membership

5.1 The Committee members shall be appointed by the Board in accordance with the ICB Constitution.

5.2 The Board will appoint no fewer than three members of the Committee comprising three Non-Executive Members of the Board. Other members of the Committee need not be members of the Board, but they may be.

5.3 Members are required to attend a minimum of 75% of meetings, other than absence due to sickness.

5.4 Members may nominate deputies to represent them in their absence and make decisions on their behalf, subject to the approval of the Chair.

5.5 Neither the Chair of the Board, nor employees of the ICB will be members of the Committee.

5.6 Members will possess between them knowledge, skills and experience in: accounting, risk management, internal, external audit; and technical or specialist issues pertinent to the ICB’s business. When determining the membership of the Committee, active consideration will be made to diversity and equality.

Chair and Vice Chair

5.7 The Committee will be chaired by a Non-Executive Member of the Board appointed on account of their specific knowledge skills and experience making them suitable to chair the Committee.

5.8 The Chair of the Committee shall be independent and therefore may not chair any other committees. In so far as it is possible, they will not be a member of any other committee.

5.9 If the Chair is absent or is disqualified from participating by a conflict of interest, a Chair shall be nominated by other members attending that meeting and any potential conflicts regarding independence by way of being a Chair of other Committees shall be noted.

5.10 The Chair will be responsible for agreeing the agenda and ensuring matters discussed meet the objectives as set out in these ToR.

Attendees

5.11 The Committee shall have the following non-voting attendees (as and when required):

• Chief Finance Officer or their nominated deputy;
• Senior Governance Advisor;
• Representatives of both internal and external audit;
• Individuals who lead on risk management and counter fraud matters;
• Other directors and/or managers as appropriate.

5.12 Attendees may present at meetings and contribute to the relevant discussions but are not allowed to participate in any formal vote.

5.13 Attendees may nominate deputies to represent them in their absence, with agreement of the Chair.

5.14 Other individuals may be invited to attend all or part of any meeting as and when appropriate to assist it with its discussions on any particular matter including representatives from the Health and Wellbeing Board(s), Secondary and Community Providers.

5.15 The Committee may invite or allow people to attend meetings as observers. Observers may not present at meetings, contribute to any discussion or participate in any formal vote.

5.16 The Chief Executive should be invited to attend the meeting at least annually.

5.17 The Chair of the ICB may also be invited to attend one meeting each year in order to gain an understanding of the Committee’s operations.

5.18 The Chair may ask any or all of those who normally attend, but who are not members, to withdraw to facilitate open and frank discussion of particular matters.

Access

5.19 Regardless of attendance, External Audit, Internal Audit, Local Counter Fraud and Security Management providers will have full and unrestricted rights of access to the Committee.

6. Meeting Frequency, Quoracy and Decisions

6.1 The Committee will meet a minimum four times a year and arrangements and notice for calling meetings are set out in the Standing Orders.. Additional meetings may take place as required.

6.2 The Board, Chair or Chief Executive may ask the Committee to convene further meetings to discuss particular issues on which they want the Committee’s advice.

6.3 The Committees may choose to meet physically, at its discretion. However, by default, the Committees will be held virtually. Meetings, unless previously agreed by the Chair, will be held virtually via MS Teams or suitable alternative platform.

Quorum

6.4 For a meeting to be quorate a minimum of two Non-Executive Members of the Board are required, including the Chair or Vice Chair of the Committee.

6.5 If any member of the Committee has been disqualified from participating in an item on the agenda, by reason of a declaration of conflicts of interest, then that individual shall no longer count towards the quorum.

6.6 If the quorum has not been reached, then the meeting may proceed if those attending agree, but no decisions may be taken.

Decision making and voting

6.7 Decisions will be taken in accordance with the Standing Orders. The Committee will ordinarily reach conclusions by consensus. When this is not possible the Chair may call a vote.

6.8 Only members of the Committee may vote. Each member is allowed one vote and a majority will be conclusive on any matter.

6.9 Where there is a split vote, with no clear majority, the Chair of the Committee will hold the casting vote.

6.10 If a decision is needed which cannot wait for the next scheduled meeting, the Chair may conduct business on a ‘virtual’ basis through the use of telephone, email or other electronic communication.

7. Accountability and reporting

7.1 The Committee is accountable to the Board and shall report to the Board on how it discharges its responsibilities.

7.2 The Committee shall make any such recommendations to the Board it deems appropriate on any area within its remit where action or improvement is needed.

7.3 The minutes of the meetings shall be formally recorded by the secretary and submitted to the Board (in the private session) in accordance with the Standing Orders.

7.4 The Chair will provide assurance reports to the Board at each meeting and shall draw to the attention of the Board any issues that require disclosure to the Board or require action.

7.5 The Committee will provide the Board with an Annual Report, timed to support finalisation of the accounts and the Governance Statement. The report will summarise its conclusions from the work it has done during the year specifically commenting on:


• The fitness for purpose of the assurance framework;
• The completeness and ‘embeddedness’ of risk management in the organisation;
• The integration of governance arrangements;
• The appropriateness of the evidence that shows the organisation is fulfilling its regulatory requirements; and
• The robustness of the processes behind the quality accounts

8. Conflicts of Interest

8.1 Conflicts of Interest shall be dealt with in accordance with the ICB Conflicts of Interest Policy.

8.2 The Committee will have a Register of Declared Interests that will be presented as a standing item on the agenda.

8.3 All members and attendees of the Committee must declare any relevant personal, non-personal, pecuniary or potential interests at the commencement of any meeting. The Committee Chair will determine if there is a conflict of interest such that the member and/or attendee will be required not to participate in a discussion.

9. Behaviours and Conduct

ICB values

9.1 Members will be expected to conduct business in line with the ICB values and objectives.

9.2 Members of, and those attending, the Committee shall behave in accordance with the ICB’s Constitution, Standing Orders, and Standards of Business Conduct Policy.
Equality and diversity

9.3 Members must demonstrably consider the equality and diversity implications of decisions they make.

10. Secretariat and Administration

10.1 The Committee shall be supported with a secretariat function which will include ensuring that:

  • The agenda and papers are prepared and distributed in accordance with the Standing Orders having been agreed by the Chair with the support of the relevant executive lead;
  • Attendance of those invited to each meeting is monitored and highlighting to the Chair those that do not meet the minimum requirements;
  • Records of members’ appointments and renewal dates and the Board is prompted to renew membership and identify new members where necessary;
  • Good quality minutes are taken in accordance with the Standing Orders and agreed with the Chair and that a record of matters arising, action points and issues to be carried forward between meetings, and progress against those actions is monitored;
  • The Chair is supported to prepare and deliver reports to the Board; and
  • The Committee is updated on pertinent issues / areas of interest / policy developments;

11. Review

11.1 The Committee will review its effectiveness at least annually and recommend any changes it considers necessary to the Board.

11.2 These ToR will be reviewed at least annually and more frequently if required. Any proposed amendments to the ToR will be submitted to the Board for approval.