Audit and Risk Committee s Annual Report to Council

Similar documents
TERMS OF REFERENCE FOR THE AUDIT AND RISK COMMITTEE OF THE BOARD OF SPECTRIS PLC

RICARDO PLC TERMS OF REFERENCE FOR THE AUDIT COMMITTEE. functions and powers set out in these terms of reference.

AUDIT & RISK ASSURANCE COMMITTEE TERMS OF REFERENCE

Standards for commissioners

Terms of Reference of the AstraZeneca Audit Committee

BOARD MEETING. 27 April 2017

TERMS OF REFERENCE AUDIT AND RISK COMMITTEE

1.2 The Committee has the delegated authority of the board in respect of the functions and powers set out in these terms of reference.

Risk Committee Terms of Reference

GROUP AUDIT COMMITTEE ( the Committee ) TERMS OF REFERENCE

Terms of Reference. Audit and Risk Committee

Governance. Financial Reporting Council. October Governance Bible

Corporate Compliance and Responsibility Committee - Terms of Reference

TELECOM PLUS PLC. Terms of Reference for the Audit Committee. 1. Constitution

1.4 The external auditors will be invited to attend meetings of the Committee on a regular basis.

MIAA Anti-Fraud Services Annual Report 2015/2016 Audit Committee (May 2016) NHS Blackpool Clinical Commissioning Group

Trust Board Meeting in Public: Wednesday 12 July 2017 TB

Group Secretariat. Group Audit Committee Terms of Reference. RSA Insurance Group plc 20 Fenchurch Street London EC3M 3AU. Issued: December 2015

SABRE INSURANCE GROUP PLC AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

Ethics Committee Terms of Reference

GROUP POLICY GUIDELINES ON CORPORATE GOVERNANCE AUDIT COMMITTEE

Audit and Risk Committee Charter

SECURE TRUST BANK PLC ( STB or Company ) AUDIT COMMITTEE. TERMS OF REFERENCE adopted by the Board on 6 October

Halma plc Terms Of Reference Audit Committee Approved 26 April 2015

Group Secretariat. Group Audit Committee Terms of Reference. RSA Insurance Group plc 20 Fenchurch Street London EC3M 3AU. Issued: 1 November 2017

RISK AND AUDIT COMMITTEE TERMS OF REFERENCE

Terms of Reference. Audit Committee

DATED 28 NOVEMBER 2011 PETRA DIAMONDS LIMITED AUDIT COMMITTEE TERMS OF REFERENCE

SOFTCAT PLC. (the "Company") TERMS OF REFERENCE OF THE AUDIT COMMITTEE. Vin Murria Peter Ventress

Terms of Reference. Audit and Risk Committee

1.4 The external auditors will be invited to attend meetings of the Committee on a regular basis.

AUDIT COMMITTEE MEETING (Part 1) 15 March 2017

Audit Committee. 1.4 The external auditor will be invited to attend meetings of the Committee on a regular basis.

Audit and Risk Committee

1.4 The external auditor will be invited to attend meetings of the committee on a regular basis.

FENNER PLC JUNE The external auditor and Group Finance Director will be invited to attend meetings of the Committee on a regular basis.

Audit Committee Terms of Reference

Reference to the Committee shall mean the Audit Committee Reference to the Board shall mean the Board of Directors

DATED 1 December 2017 HOSTELWORLD GROUP PLC AUDIT COMMITTEE TERMS OF REFERENCE

Malin Corporation plc (the "Company") Terms of reference for the Audit Committee (the Committee ) of the Board of Directors (the Board )

1.1 Membership of the Committee shall be determined in accordance with Article of the Articles of Association

Terms of Reference Audit Committee

AUDIT AND RISK COMMITTEE: TERMS OF REFERENCE

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

Purplebricks Group PLC (the Company) TERMS OF REFERENCE FOR THE AUDIT COMMITTEE

Direct Line Insurance Group plc (the Company ) Audit Committee (the Committee ) Terms of Reference

Centrica plc (the Company) Audit Committee (the Committee) - Terms of Reference

AUDIT & FINANCE COMMITTEE TERMS OF REFERENCE

Coca-Cola European Partners plc Audit Committee Terms of Reference

MORSES CLUB PLC ( the Company ) Risk and Compliance Committee Terms of Reference

European Parliamentary

Terms Of Reference Audit Committee February 2011

Audit & Risk Committee: Terms of Reference

NHS Education for Scotland

McCarthy & Stone plc. (the Company ) Audit and Risk Committee - Terms of Reference

NCC GROUP PLC ("Company") AUDIT COMMITTEE: TERMS OF REFERENCE. "Board" means the board of directors of the Company;

AUDIT COMMITTEE. Terms of Reference

ONCIMMUNE HOLDINGS PLC (the Company ) AUDIT COMMITTEE TERMS OF REFERENCE

Mondi DLC. Audit Committee. Terms of Reference

3 Quorum The quorum necessary for the transaction of business shall be two members.

Terms of reference for the Audit Committee ( the Committee )

ALUFER MINING LIMITED ( the COMPANY ) AUDIT COMMITTEE CHARTER

Miss N Kennedy (Manager, Council Secretariat) Members confirmed there were no conflicts of interests for any of the agenda items.

TELECITY GROUP PLC. Audit Committee Terms of Reference

Audit Committee - Terms of Reference

The Committee should carry out the duties below for the Bank and subsidiary undertakings, as appropriate.

PERFORMANCE CONTRACTS 2014/15 FINANCIAL YEAR 11 TH CYCLE GUIDELINES CORRUPTION ERADICATION INDICATOR REPORTING TEMPLATE

CYBG PLC BOARD AUDIT COMMITTEE CHARTER

Internal Guidelines on Corporate Governance

WANdisco plc TERMS OF REFERENCE OF THE AUDIT COMMITTEE. Adopted by resolution of the Board on 24 February 2017

Irish Residential Properties REIT plc (the Company ) Audit Committee ( Committee ) Terms of Reference

Joint Commissioning Committee of the Cheshire Clinical Commissioning Groups Terms of Reference

Terms of Reference. Audit Committee

January Audit and Risk Committee Terms of Reference

AUDIT COMMITTEE TERMS OF REFERENCE

HARDY OIL AND GAS PLC. TERMS OF REFERENCE OF THE AUDIT COMMITTEE adopted pursuant to a resolution of the Board passed on 21 January 2013

BRAEMAR SHIPPING SERVICES PLC ( the Company ) TERMS OF REFERENCE FOR THE AUDIT COMMITTEE

Audit Committee Terms of Reference

Audit Committee Terms of Reference

Audit Committee Terms of Reference

Audit, Risk & Governance Committee Terms of Reference

AUDIT COMMITTEE SLM CORPORATION AND SALLIE MAE BANK CHARTER

TERMS OF REFERENCE FOR THE AUDIT COMMITTEE

Non Executive Director and Committee Chair. Deputy Chief Executive and Executive Director of Finance and Operations

Midatech Pharma PLC (the "Company") AUDIT COMMITTEE - TERMS OF REFERENCE

London Stock Exchange Group plc ("the Company") Audit Committee Terms of Reference

WITAN INVESTMENT TRUST PLC ( Witan or the Company ) Audit Committee WITAN INVESTMENT SERVICES LIMITED ( WIS ) Risk Committee Together the Committees

RISK COMMITTEE OF THE NEX GROUP PLC BOARD

EY UK Additional information

Audit Committee Terms of Reference

NORTHERN IRELAND PRACTICE AND EDUCATION COUNCIL FOR NURSING AND MIDWIFERY

TERMS OF REFERENCE. RECKITT BENCKISER GROUP plc AUDIT COMMITTEE. Adopted by resolution on 28 July 2016

AEW UK REIT PLC. (the "Company") AUDIT COMMITTEE. Terms of Reference. (as adopted on 27 February 2017)

Group Secretariat. Board Risk Committee Terms of Reference. RSA Insurance Group plc 20 Fenchurch Street London EC3M 3AU. Issued: 20 June 2018

Update to Investigating Committee Guidance Manual and Indicative Outcomes Guidance

Terms of Reference Audit Committee

In-common Meeting of Bristol, North Somerset and South Gloucestershire Clinical Commissioning Groups Governing Body

The Committee was established primarily to assist the Board in overseeing the:

Informa PLC TERMS OF REFERENCE AUDIT COMMITTEE. Adopted by the Board on

Biffa plc (the Company ) Audit Committee (the Committee ) Terms of Reference

Transcription:

Item 19(1) Council 1 December 2016 Audit and Risk Committee s Annual Report to Council Purpose of paper Action To provide a report on the work of the Audit and Risk Committee in 2016. For discussion Corporate Strategy 2016-19 Business Plan 2016 Decision Trail Recommendations Authorship of paper and further information Appendices Performance Objective 1: To improve our performance across all our functions so that we are highly effective as a regulator. Good governance: Consolidate the new processes introduced in 2015 and review their progress in supporting the Council and the executive to effectively carry out their roles. In accordance with the General Dental Council Standing Orders for the Non-Statutory Committee of Council 2016, committees are required to report on expenditure, progress made against work programmes and planned work programmes for the following year. A draft of this report was discussed at the ARC meeting on 9 November 2016. The workplan will be circulated to Council members separately. The Council is asked to discuss the ARC annual report to Council for 2016 and the Committee s work plan for 2017. Clare Mitchell Head of Governance Email: cmitchell@gdc-uk.org Tel: 0207 167 6348 None Page 1 of 7

Executive Summary 1. This paper sets out the work carried out by the Audit and Risk Committee during 2016. Introduction and background 2. The current membership of the Audit and Risk (the Committee) comprises of Alan MacDonald (Chair and Council lay member), Catherine Brady (Council registrant member), Jason Davies (Independent Committee member), Lawrence Mudford (Council registrant member) and David Smith (Council registrant member). 3. The key purpose of the Committee is: To monitor the integrity of the financial statements, to review the General Dental Council s (GDC) governance, internal control and risk management systems and review the internal and external audit services. 4. The Committee s functions and duties cover financial reporting, internal and external audit as well as whistleblowing, fraud and investigations. It is the role of the Audit and Risk Committee to assist the Council in fulfilling its oversight responsibilities with respect to governance, risk management, internal audit and internal controls, external audit and financial reporting, and mitigating the risk of fraud. 5. In accordance with the General Dental Council s (GDC) Standing Orders for the Non- Statutory Committee of Council 2016, clause 8.4, the Committee is required to report annually to the Council on its expenditure, progress made against its work programme for that year and its planned work programme for the following year. PSA Action Plan 6. The ARC has undertaken a significant piece of additional work during 2016. The PSA published its report on the investigation into the GDC s handling of a whistleblower s disclosure about the Investigating Committee in December 2015. Following discussion of the report by the Council at the end of January 2016, the Committee met on 3 February 2016 to discuss a draft action plan put together by the Executive to address the findings and recommendations in the PSA report. The Committee also met in private to reflect on the PSA s report and the criticisms of the past Audit Committee s performance. A number of points were made relating to the quality of minutes and papers, ensuring clarity and transparency of the role of the Committee and its remit, the need for structured inductions for Committee members and that all members needed to ask for additional information from the Executive if required. 7. The Council agreed its role and that of the Audit and Risk Committee in reviewing progress against the action plan in March 2016. The Council retained overall responsibility for ensuring the action plan was sufficient to deal with the issues identified in the PSA report, that it was adequately resourced and that the content of the plan was adjusted if necessary to ensure that the GDC fully achieved not just the detail of each element in the plan but also the intention underlying them. The Council also retained responsibility for ensuring progress was thoroughly scrutinised and that risks to implementation were identified in good time to manage or mitigate them effectively. 8. It was agreed that the ARC would meet before each Council meeting to review a progress update against the action plan. The ARC held four additional meetings to review progress against the PSA action plan in May, July, September and November 2016. The Chief Executive and the relevant Executive Directors attended these meetings to answer questions on the progress of the action plan. 9. The Chair of ARC reported to the Council after each meeting on the progress of the action plan and drew the Council s attention to the following: Page 2 of 7

Major variances from the action plan. This might be projects with ratings which have slipped from Green to Amber or from Amber to Red; or projects where ratings have not improved for a period of two months despite the executive s attempts to secure improvements in their implementation status Whether the reasons for major variances are fully understood by the executive and being thoroughly explained to the Council Whether the remedial action planned by the executive was likely to remedy the variance and, if not, what further action the executive might take Whether the Committee had any concerns about the adequacy of the executive s reporting to the Council Whether there were new risks to implementation emerging that the executive needed to consider. 10. The Committee scrutinised the timescales identified for each of the actions and proposed changes to the status of the actions e.g. from current to embedding. The Committee also ensured that there were clear success criteria for each of the actions. 11. Following the November ARC/PSA meeting the Committee made a recommendation to the Council that, as the majority of the actions that came directly from the PSA report had been completed and were now either closed or embedding, that a close out report should be considered at the main ARC meeting in March 2017 with a mid year report to Council. The close out report would also be reported to the Council. Following this any outstanding items would be monitored through the 2017 Business Plan. Standing Items Chief Executive s Report 12. The Committee received an update at each meeting on key areas of potential risk such as the GDC s emerging financial position in 2016, the key assumptions underpinning the 2017 budget and the implications of the referendum decision to withdraw from the EU. Significant Litigation 13. A report on significant litigation was presented to each ARC meeting in closed session. The format of the report changed during the year at the request of the Committee to set out more clearly the learning from these cases and the dates when any actions that had been identified would be undertaken. An annual report on significant litigation was presented to the Council in closed session on 4 October 2016. Annual Report and Accounts 2015 14. The Committee reviewed the annual report and accounts for 2015, the external audit report and management letter and the National Audit Office s audit report. The Committee recommended the annual report and accounts to the Council for approval. 15. Members of the Committee also met in private with representatives from the Internal Auditors, External Auditors and National Audit Office to discuss their remit and any issues arising from audits carried out. 16. The Committee received a paper providing an overview of the process for producing the 2015 Annual Report and Accounts and identifying areas where it could be improved in the future. The timetable and responsibilities for the production of the 2016 Annual Report and Accounts was agreed at the November meeting of the Committee. Page 3 of 7

Quality Assurance of Fitness to Practise 17. The Committee received reports at each meeting setting out the findings of the Quality Assurance Group, any lessons learned from its audits and from learning points provided by the PSA. 18. The 360 degree feedback system introduced for meetings of the Investigating Committee as one of the recommendations from the PSA investigation report was presented to the Committee at its June meeting. The Committee noted that this feedback system had also been introduced for Practice Committee hearings. 19. The Committee asked for two further questions to be added to the questionnaire to ensure that the concerns raised in the PSA report had been fully addressed. 20. A quarterly progress update on the use of Case Examiners would be presented to meetings of the Committee in 2017. Compliance updates 21. The Head of Compliance presented regular updates on the case work audits conducted during the year. Risks, which might impact on performance against the PSA standards, were raised in a number of areas particularly in relation to timeliness. The Committee asked that these risks were brought to the attention of the Council so that it was aware of the lack of assurance in some areas and the potential risk to the organisation both in terms of organisational and financial performance. 22. The Committee also received a report from the compliance team on the case work peer review system that was under development as a first line of defence with the compliance team moving to a second line audit function. The report set out a number of recommendations to strengthen the process. The Committee noted that the Compliance team would be broadening its focus to second line activity across the organisation, starting with the Registration Directorate. Information Governance/Data Security/Cyber Security 23. The Committee received reports on data security incidents across the GDC in 2015 and in Q1 and Q2 2016. There was an increase in DSIs in Q1 and Q 2 2016 including two significant incidents in Q1 which had been reported to the Information Commissioner s Office. The Committee asked that the Council be informed of these two incidents. A detailed action plan on tackling DSIs was requested and scrutinised at the June meeting. 24. The Committee also scrutinised the outcome of a review of staff access to data on CRM following a data security incident. 25. Following discussion at the November Committee meeting, it was agreed that a deputy SIRO should be appointed as a matter of urgency as the recently appointed SIRO was leaving the organisation. Information governance and data security were identified as a key risk area for the organisation and a clear plan for delivery and resourcing this area of work was requested for the next meeting of the Committee. 26. The Committee received an overview of the GDC s approach to cyber security. This was an area of emerging risk that had been identified both internally and by the external auditors. At its November meeting the Committee congratulated the Executive on achieving Cyber Essentials Plus certification, as a necessary step in improving performance Business Continuity/Disaster Recovery 27. The Committee noted the outcome of the testing of the GDC s business continuity and disaster recovery plans and a technical security review of the CRM system. Page 4 of 7

Risk Management 28. Following the appointment of the new Risk Manager the Strategic Risk Register (SRR) as a whole was reviewed during 2016. All operational risk registers were also reviewed. Where appropriate, risks in the SRR were moved into the relevant operational risk registers. The Committee also agreed amendments to the Model 1 template on which risks were recorded across the organisation. As a result the Committee was assured that the SRR, which it reviewed prior to each Council meeting, covered the key strategic risks facing the organisation and that processes were in place within Directorates to manage operational risks which the Committee was keeping under review. 29. Following a Council workshop on risk appetite in March 2016, risk appetite scores were included within the SRR to enable the Committee and the Council to identify risks that were currently outside the organisation s risk appetite and, where available, the mitigating action that was being taken to address this. 30. The Committee also reviewed an operational risk register from each Directorate at each meeting from June onwards. 31. At its November meeting the Committee recommended a change in risk scoring and agreed that the paper to the Council should include only the Model 1 templates for key risks and those recommended for dormancy. Council members would still have access to the current SRR for reference. Internal Audit 32. The Committee reviewed internal audit reports from Mazars LLP, the GDC s internal auditors, as follows: Risk management - assurance rating, adequate (pre embedding of the new risk management function, as set out in paragraphs 28 to 31) Online Register assurance rating, adequate Conflict of Interests assurance rating, advisory Quality Assurance of Education and Training assurance rating, limited Information Security and Data Protection assurance rating, limited Performance Management assurance rating, limited 33. The Committee also received a follow up report on recommendations made in previous internal audit reports, which provided assurance that recommendations had been implemented by the Executive. 34. The Committee expressed concern about the delays in receiving internal audit reports and it was agreed that a clear process for the review and finalisation of internal audit reports would be developed. A number of changes to the 2016 internal audit plan were approved during the year and the 2017 internal audit plan was reviewed at the Committee s November meeting. 35. The Committee received Mazars annual internal audit report at its June 2016 meeting. On the basis of the audit work undertaken to date, Mazars opinion was that the GDC s governance, risk management and internal control arrangements were generally adequate and effective. The Committee noted that the next annual internal audit report was likely to report a finding of limited assurance based on recent internal audit reports. External Audit 36. In June, the Committee considered a report on haysmacintyre s performance as the GDC s external auditors. The Committee agreed to recommend to the Council that Page 5 of 7

haysmacintyre be re-appointed to audit the GDC s final accounts for the year ending 31 December 2016. Effectiveness Review 37. The NAO facilitated an effectiveness workshop for the Audit and Risk Committee which took place following the September Committee meeting. The workshop was informed by responses to a questionnaire sent to Committee members and those staff who normally attended ARC meetings. The NAO provided a summary of the issues raised and actions agreed following discussion at the workshop. An action plan has been developed and reviewed by the Committee. The actions will now be taken forward by the Executive and the Chair of the Committee. Whistleblowing 38. The Committee received the annual report on whistleblowing at its May meeting. It was agreed that in future the annual report would come to the Committee in the first quarter of the year and cover the previous calendar year. A brief report on the number of whistleblowing cases, would be brought to each ARC meeting as appropriate along with any closure reports. 39. The Committee received the report from a whistleblowing investigation at its September meeting and was assured that appropriate action had been taken and the whistleblower s anonymity had been protected. Policies 40. The Committee reviewed the revised whistleblowing policies and associated guidance for Council Members and Associates and staff prior to approval by the Council. The revision of these policies was an action from the PSA report and the Committee received assurance that the new documentation addressed all the points made in the PSA investigation report and that the policies and guidance had been reviewed by an external employment law firm and by Public Concern at Work. 41. The Committee also approved the Anti-Fraud and Anti Bribery policy for staff and recommended the Anti-Fraud and Anti Bribery policy for Council members and Associates to the Council for approval. Governance 42. The Committee reviewed amendments to the scheme of delegation and recommended them to the Council for approval. The Committee also reviewed its terms of reference against the latest revision of HM Treasury Audit and Risk Assurance Committee Handbook. The amendments were approved by the Council in July 2016. 43. The Committee noted the exceptions to the procurement policy during the year and the reasons for them. The Committee also noted the procurement annual report covering procurement and contract management activity for the twelve months up to 31 March 2016. Expenditure 44. The only costs associated with the Committee in 2016 were the travel and subsistence of Council members for the meetings held. Page 6 of 7

Recommendations 45. The Council is asked to note and discuss the annual report. Page 7 of 7

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback