Audit and Risk Committee Assurance Report - July 2025
Meeting: Trust Board – Public Meeting
Date: 9 July 2025
Report Title: Audit and Risk Committee Assurance Report
Agenda Item: PUB25/07/4.4
Committee Date: 21 May 2025
Meeting Chair: George Lynn, Non-Executive Director and Committee Chair
Meeting quorate: YES
Purpose: Assurance
Link to Strategic Objective:
- Be an exceptional place to work, volunteer and learn.
- Provide outstanding quality of care and performance.
- Be excellent collaborators and innovators as system partners.
- Be an environmentally and financially sustainable organisation.
Summary of items considered at the meeting:
| Issue | Consideration | Resolution | Assurance |
|---|---|---|---|
| Directorate Risk Register Deep-dive: Clinical Risks | Overview of clinical matters, specifically: Emerging Risk Radar Spring 2025 Clinical Risk Deep Dive Reporting Patient Safety Information | Identified emerging risks: Cybersecurity threats Geopolitical instability and threats to supply chain Climate change Misinformation – threats to reputation Adapting to Government priorities Reviewed 26 risks currently identified on clinical and medical risk register. Patient safety reporting has identified areas for focus to improve performance. | Reasonable |
| Group Risk Management and Assurance Report | Reports on Corporate Risk Register (May 2025) and Risk Management KPI’s | Noted two risks now rated 15+ and 12 risks de-escalated or merged since last report. Verbally noted the anticipated changes to risk management going forward. | Reasonable |
| Sub-Group Assurance Report | Report on the levels of assurance provided in areas reported to the Compliance and Risk Group (CRG) at its last meeting | Noted that three groups reported – Risk Management Group, Information Governance Group, and the Data Quality and Security Group. There were no areas identified by CRG for escalation to the Committee. | Reasonable |
| Standing Orders Annual Review 2025-26 | Proposed Standing Orders resulting from the Reservation of Powers, Scheme of Delegation and Standing Financial Instructions as approved by the Committee in February 2025. | Reviewed proposed changes (job titles and references) and agreed to approve these at next Trust Board. | Reasonable |
| Attestation of Trust Seal 2024-25 | Report detailing the instances when the Trust Seal had been used during 2024-25 | We noted that there had been 19 occasions when the seal had been attested – all related to property transfer. | Reasonable |
| Review of Hospitality Register: Quarters 3 & 4 | 6-month review of reported Conflicts of Interest and gifts | Noted three items of sponsorship only, the largest being to support the Stars of EEAST event. No policy breaches over last 6-months. | Reasonable |
| Governance Review of Board and Committee Sub-Groups (update) | Report on the review into the workings of the sub-groups underpinning CRG and the Audit and Risk Committee | Noted the results of the reviews undertaken. Committee noted that the upcoming Governance review will enable an opportunity to consider the role, Terms of Reference, and formal relationship within Committee structures. We noted that the Standing Orders (reviewed earlier) do not reference sub-groups. | Moderate |
| Audit and Risk Committee Annual Effectiveness Review 2024-25 | Report covering the work of the Committee during 2024-25 | Noted results of self-evaluation and effectiveness review. Considered and agreed proposed agenda forward-plan and changes to the Committee Terms of Reference. | Reasonable |
| Information Governance and Data Security Protection Toolkit (DSPT) updates | Update on the Trust’s current position with respect to: Digital Security Protection Tool compliance Information Governance breaches Subject Access Requests and Freedom of Information (FOI’s) | Noted: FOI compliance 58% Information Governance breaches at 21 per month Information Governance training compliance has improved to 94% SAR Compliance in last 4-months – 90% Follow-on meeting with the Information Commissioner’s Officer planned for July. | Reasonable |
| Financial Management - Losses and Special Payments | Quarterly report on compliance with HM Treasury 2023 publication “Managing Public Money” – (July - September 2024) | Noted 13 losses and ex-gratia payments totalling £50.1k. The overall 2024-25 cost was £1.524m, largely due to one settlement of £0.962m reviewed at the previous ARC meeting. | Reasonable |
| Financial Management – Tenders and Waivers | Report on Tenders and Waivers Q4 (January – March 2025) | Noted the Trust waivered £1,236,753 of non-pay period in Q4 (amounting to 30 in total). | Moderate |
| Draft Annual Accounts 2024-25 | Draft Annual Accounts 2024-25 presented for review and comment | Noted progress of annual accounts and that still subject to internal review and audit clearance. | Substantial |
| Draft Annual Report 2024-25 | Draft Annual Report 2024-25 presented for review and comment | Noted progress of annual accounts and that still subject to internal review and audit clearance. | Substantial |
| Draft Annual Governance Statement 2024-25 | Draft Annual Governance Statement 2024-25 presented for review and comment | Noted progress of annual accounts and that still subject to internal review and audit clearance. | Substantial |
| Counter Fraud Progress Report | Update on Counter Fraud activity since last meeting | Noted continuing progress in managing fraud across EEAST. There are currently ten open investigations, and six have been closed since the last report. | Reasonable |
| Counter Fraud Annual Report | Overview of the work undertaken by the Counter Fraud specialist during 2024-25 | Noted that during 2024-25 there had been 26 referrals, 17 of which became full investigations. One case has been referred for prosecution. ARC approved the Counter Fraud Function Standard Return 2024-25 and work conducted against the Functional Standard Requirements 2024-25. | Substantial |
| Internal Audit Progress Report | Update on emerging internal audit work against the 2024-25 plan. Including: Equality, Diversity and Inclusion (reasonable assurance) Financial Management, including Cost Improvement Programme (reasonable assurance) Freedom of Information, including publication of statutory information (limited assurance) Business Continuity – final report and progress update | Noted reports issued. The issues of non-compliance and timeliness in dealing with FOI’s were noted. The internal auditor noted that some progress had been made but there remain several recommendations to improve assurance | Limited (FOI) Reasonable (others) |
| Head of Internal Audit – Opinion and Annual Report 2024-25 | TIAA provided their final annual report on internal work for 2024-25 | Three urgent internal control recommendations were noted, all related to compliance issues. | Moderate |
| Internal Audit Plan 2025-26 | RSM (new internal auditors) provided a report on their internal audit strategy and workplan for 2025-26. | Noted and agreed RSM’s internal audit strategy and workplan for 2025-26. | Reasonable |
| External Audit Progress Report | Received verbal update from the external audit partner on progress towards the 2024-25 accounts | Noted the good progress and anticipated clearance. | Reasonable |
Matters for escalation or referral:
None
