AnnuAl Accounts - Regulation and Quality Improvement Authority
AnnuAl Accounts - Regulation and Quality Improvement Authority
AnnuAl Accounts - Regulation and Quality Improvement Authority
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Statement on Internal Control<br />
/<br />
Scope of responsibility<br />
As Accountable Officer, I have responsibility for<br />
maintaining a sound system of internal control that<br />
supports the achievement of the HPSS <strong>Regulation</strong> <strong>and</strong><br />
<strong>Improvement</strong> <strong>Authority</strong> policies, aims <strong>and</strong> objectives,<br />
whilst safeguarding the public funds <strong>and</strong> departmental<br />
assets for which I am personally responsible, in<br />
accordance with the responsibilities assigned to me in<br />
Government Accounting Northern Irel<strong>and</strong>.<br />
The accountability arrangements in respect of the<br />
relationship between the <strong>Authority</strong> <strong>and</strong> the Department<br />
are to be set out in a Management Statement <strong>and</strong><br />
Financial Memor<strong>and</strong>um which is to be issued by the<br />
Department <strong>and</strong> agreed with the <strong>Authority</strong>.<br />
The purpose of the system of<br />
internal control<br />
The system of internal control is designed to manage risk<br />
to a reasonable level rather than to eliminate all risk of<br />
failure to achieve policies, aims <strong>and</strong> objectives; it can<br />
therefore only provide reasonable <strong>and</strong> not absolute<br />
assurance of effectiveness. The system of internal control<br />
is based on an ongoing process designed to identify<br />
<strong>and</strong> prioritise the risks to the achievement of<br />
departmental policies, aims <strong>and</strong> objectives, to evaluate<br />
the likelihood of those risks being realised <strong>and</strong> the<br />
impact should they be realised, <strong>and</strong> to manage them<br />
efficiently, effectively <strong>and</strong> economically. In the<br />
circumstances of the <strong>Authority</strong> being in the first few<br />
months of its existence, the system of internal control is in<br />
the process of being put in place <strong>and</strong> shall accord with<br />
DFP guidance. It is expected that the risk <strong>and</strong> control<br />
framework should be substantially completed during the<br />
next financial year with control measures being<br />
implemented in accordance with perceived priorities. At<br />
this stage it is expected that the procedures should be in<br />
place to fully comply with DFP guidance during 2006/07.<br />
Capacity to h<strong>and</strong>le risk<br />
Leadership is to be provided to the risk management<br />
process through the Board <strong>and</strong> Audit Committee with<br />
specific responsibility for the oversight of agreed<br />
measures undertaken by officers being given to a<br />
Governance <strong>and</strong> Risk Management Sub-Committee of<br />
the Audit Committee.<br />
Guidance on best practice is to be sought from the<br />
Department’s Governance <strong>and</strong> Risk Management<br />
Advisor. Staff shall be trained to identify <strong>and</strong> manage risk<br />
in an appropriate fashion according to their duties <strong>and</strong><br />
responsibilities.<br />
The risk <strong>and</strong> control framework<br />
A risk management strategy is to be developed. Senior<br />
managers will identify <strong>and</strong> evaluate the principal risks<br />
that could adversely affect the achievement of the<br />
objectives of the organisation. The controls assurance<br />
st<strong>and</strong>ards issued by DHSSPS which are applicable to the<br />
<strong>Authority</strong> will be reviewed <strong>and</strong> compliance with them<br />
evaluated against the criteria. These measures will enable<br />
a risk register to be compiled <strong>and</strong> action plans drawn up<br />
to implement any controls necessary to mitigate<br />
avoidable risk <strong>and</strong> ensure compliance with the st<strong>and</strong>ards.<br />
Risk management will be embedded in the activities of<br />
the <strong>Authority</strong>. Executive responsibility for risk management<br />
lies with the Chief Executive who delegates day-to-day<br />
responsibility to the Director of Corporate Services. The<br />
Senior Management Team shall address risk<br />
management issues as part of the business of its regular<br />
periodic meetings. An officer is to be nominated to<br />
oversee the operational aspects of risk management<br />
<strong>and</strong> to co-ordinate updates on risk management<br />
measures to the Governance <strong>and</strong> Risk Management<br />
Sub-Committee of the Audit Committee. Appropriate<br />
Service Level Agreements are being drawn up with the<br />
Central Services Agency which is the provider of human<br />
resources, finance, legal <strong>and</strong> procurement services to<br />
the <strong>Authority</strong>. Arrangements will be made to manage risk<br />
in these out-sourced services.<br />
Review of effectiveness<br />
As Accountable Officer, I have responsibility for reviewing<br />
the effectiveness of the system of internal control. During<br />
the financial year to 31 March 2005 in the initial stages<br />
of setting up the organisation, the administrative<br />
functions had not been developed to any significant<br />
extent. Henceforward, my review of the effectiveness of<br />
the system of internal control shall be informed by the<br />
work of the internal auditors <strong>and</strong> the executive managers<br />
who have responsibility for the development <strong>and</strong><br />
maintenance of the internal control framework, <strong>and</strong><br />
comments made by the external auditors in their<br />
RQIA Annual Report & <strong>Accounts</strong> 2004/2005
Change language