SAAS Annual Report and Accounts 2013-2014 - page 28

Internal Audit
The objective of Internal Audit is to provide independent assurance on the adequacy and effectiveness
of the systems of governance, controls and financial management established to manage the risks of the
Agency and to ensure accountability for public funds.
External Audit
The Auditor General for Scotland is responsible for auditing the Agency’s accounts.
Assessment of corporate governance arrangements
The governance arrangements continue to be strengthened and I will keep them under review to make
sure that they are fit for purpose.
Changes for 2014 include, but are not limited to:
Recruitment of additional Non-Executive Board
Members is complete subject to pre-appointment
checks. An additional 4 new Non-Executive Board
Members will join the Agency providing strategic
expertise across a range of skills identified in the
review of Board effectiveness;
The Strategic Board will be further strengthened
with the addition of the Scottish Government’s
Chief Nursing Officer. She will help ensure that
the Agency remains focused and accountable for
the activity it undertakes on behalf of Health
In April 2014, the Agency formally became a
member of the Scottish Government’s shared
procurement service. For the initial period of the
arrangement we have an embedded procurement
specialist implement a set of policy and
procedures that will be used for purchasing goods
and services across the Agency;
Completing an exercise to assess our potential
exposure to fraudulent applications and publish
our Fraud Strategy to respond to the risk;
Signed and put in place a formal Partnership
Agreement with the recognised Scottish
Government trade unions; and
Review the Agency’s Risk Management
arrangements to support improved identification
and mitigation of risks.
I am committed to delivering continued improvement in our corporate governance arrangements.
Risk assessment
All bodies to which the Scottish Public Finance Manual (SPFM) is directly applicable must operate and
maintain a risk management system in accordance with the general principles set out within the SPFM.
My Agency therefore maintains a risk register which records internal and external risks we are exposed to
and identifies the mitigating actions required to reduce the threat of these risks occurring and their
impact. The risk register is regularly updated and reviewed by our Audit Committee half yearly and
Management Board at least half yearly. Each risk is allocated an owner, category, type and description
along with an assessment of the likelihood of its happening and its impact on our operations. Mitigating
actions to minimise risks are recorded as action points along with details of who will carry them out and
when. Each risk is allocated a status and a date for review.
As well as the main risk register, individual risk registers are used for specific projects as a management
control tool to ensure successful outcomes. These provide a mechanism to report risks to the project’s
board for assessment and to escalate high level/high impact risks to project sponsors or senior Agency
management to take preventative action. The Agency also has a Business Continuity Plan which was
reviewed and updated during 2013-14.
The main risks for the Agency and mitigating actions are:
We are heavily reliant on IT systems to deliver our business and considerable development resource is
required each year to make sure that our IT systems continue to be ‘fit for purpose’. We have invested
in the current IT infrastructure to ensure existing systems are robust and well supported. This work is
underpinned by the development of an Agency IT Strategy;
We also recognise that we can improve both our efficiency and customer service by providing more
functionality and a better user experience to our customers on-line. We have developed a high-level
vision for our digital services and engaged contractors through the Scottish Government’s System’s
Integration contract to prepare for development and implementation;
1...,18,19,20,21,22,23,24,25,26,27 29,30,31,32,33,34,35,36,37,38,...50
Powered by FlippingBook