Supersedes: Risk Management Strategy January 2017 December 2018 Description of Amendment(s):

Transcription

1 Risk Management Strategy January 2018 January 2019

2 Policy Title: Executive Summary: Risk Management Strategy The Strategy identifies those individuals with responsibilities in the management of risk covering clinical, organisational and financial risk. It sets out the key risk management structures and processes and defines the objectives of and responsibility for each of these within the Trust Supersedes: Risk Management Strategy January 2017 December 2018 Description of Amendment(s): Changes to the Risk Management Strategy include: Forward number of people employed by the Trust Section Refresh of Executive Director risk areas Section 15.3 Inclusion of requirement to upload supporting documentation in form of action plans, reports and business cases and risk assessments, where necessary Section 16 Refresh of risk approval levels Appendix 5 Refresh of Sources of Internal and External Assurance This policy will impact on: This is a Trust wide policy and impacts on all areas. Financial Implications: There are no financial implications in the implementation of this policy other than training time for senior managers and Executives. Policy Area: Governance Document Reference: ECT Version Number: V7 Effective Date: January 2018 Issued By: Chief Executive Officer Review Date: January 2019 Author: Director of Corporate Affairs and Governance Deputy Director of Corporate Affairs and Governance Impact Assessment Date: APPROVAL RECORD January 2018 Consultation: Directors January 2018 Approved by: Trust Board January 2018 Received for information: Risk Management Subcommittee members Operational Management Group January 2018 Page 2

3 Foreword East Cheshire NHS Trust (the trust) is an integrated community and acute NHS Trust, employing circa 2,500 people. The Trust s services are managed through three clinical directorates supported by corporate functions. Acute services are managed through a payment by results contract and Community Services a block contract. The Trust is a partner of the Caring Together programme, which aims to deliver a new integrated care system for the local population. The Trust recognises it has a responsibility to manage both internal and external risks as a key component of good governance and is committed to embedding risk management into the daily operations of the Trust from the setting of objectives, to service and financial planning through to departmental processes. We believe that effective risk management will help the Trust achieve its objectives and provide better services. In particular it will help deliver improved: care which is equitable, safe, patient centred, effective, and timely; strategic management and decision making; operational management; and financial management. This Risk Management Strategy will assist the organisation in ensuring risks are either eliminated or reduced to an acceptable level to protect the Trust s patients and employees and its services (assets and finances). The Trust is aware that some risks will always exist and will not be totally eliminated and recognises the importance of managing these risks effectively. John Wilbraham Chief Executive Julie Green Director of Corporate Affairs and Governance Page 3

4 Table of Contents 1. Introduction Page 5 2. Aims Page 5 3. The Trust Board s Intent Page 5 4. Scope Page 6 5. Strategic and Significant Risks Page 7 6. The Way We Work Page 7 7. Accountabilities, Responsibilities and Organisational Framework Page 8 8. Systems and Processes for Managing Risk Page Systems for Monitoring the Effectiveness of the Strategy Page Measuring Performance and Review Page Equality Impact Assessment Page Other Relevant Policies Page East Cheshire NHS Trust Stakeholders Page Communication with Stakeholders Page Risk Management Escalation Process Page Diagram of Flow of Risks Page 24 Appendix 1 Appendix 2 Appendix 3 Appendix 4 Appendix 5 Appendix 5 Appendix 6 Appendix 7 Definitions Organisational Structure for Risk Management and Assurance Roles and Responsibilities of Committees Responsible for Risk Management Escalation Process to Board when Serious Issues Occur Compliance Monitoring Tool Sources of Internal and External Assurance Board Structure and Committee Arrangements Acronyms Page 4

5 1. Introduction The Trust is committed to using a systematic/holistic approach to risk management and recognises that the proactive and continuous management of risk is essential to the efficient and effective delivery of its service aims and objectives and that all actions contain inherent risks. Risk management is central to the effective running of any organisation and is part of the organisational culture. At its simplest, risk management is good management practice and should not be seen as an end in itself, but as part of an overall management approach. The Board of East Cheshire NHS Trust will ensure that decisions made on behalf of the organisation are taken with consideration to the effective management of risk. This Strategy identifies those individuals with responsibilities in the management of risk covering clinical, organisational and financial risk. It sets out the key risk management structures and processes and defines the objectives of and responsibility for each of these within the Trust. 2. Aims This Strategy will provide a framework to ensure that patients, visitors and staff are protected from harm and that systems are in place to ensure that all risks are proactively managed to safeguard against impropriety, malpractice, waste or failure to provide value for money. The key aims of the Strategy will be to: provide the highest quality care without risk to the health of those involved and within resource allocations; understand the risks that the Trust faces, their causes and measures to control them so that resources can be appropriately directed; enhance the Trust s community profile and stakeholder confidence; ensure that the Trust is compliant with statutory and regulatory requirements; achieve best value for money, thereby maximising resources for patient services and care; minimise the total cost of claims and other losses to the Trust through negligence and fraud and ensure that lessons are learned and changes in practice are implemented; encourage and develop risk management as an integral part of the Trust s culture; and ensure links to the organisational objectives. 3. The Trust Board s Intent The East Cheshire NHS Trust Board is committed to leading the organisation forward to deliver a quality service and achieve excellent results, thereby ensuring that the organisation delivers the best care possible, is the right place and makes the very best possible use of public funds. The Board intends to use the risk management processes outlined in this Strategy as a means to help achieve this. Page 5

6 The objective of the Risk Management Strategy is to create a culture that encourages staff to: identify and control risks which may adversely affect the Trust s operational ability; compare one risk to another using the grading system explained in section 15. where possible, eliminate or transfer risks or else reduce them to an acceptable and cost effective level; and otherwise ensure the Trust Board openly accepts the remaining risks. Definitions of the terms used in this Risk Management Strategy are included in Appendix 1. Strategic Objectives The following are the strategic objectives which have been agreed by the Trust Board. Provide safe, effective personal care in the right place Build, value and develop a motivated and sustainable workforce Work within the Caring Together framework to deliver our vision To deliver services that are clinically and financially sustainable To support achievement of the organisational objectives, and in order to fulfil its responsibilities, the Board has developed a management system which allows decisions to be taken in a structured and equitable way. This Risk Management Strategy is a key component within that management system. 4. Scope This Strategy is intended for use by all directly employed, agency staff and contractors engaged on East Cheshire NHS Trust business in respect of any aspect of that work. It is recognised that actions contain inherent risks. The key strategic risks are identified and monitored by the Board, and operational risks are managed on a day-to-day basis by staff throughout the Trust. In order that progress in managing all risks can be acknowledged, the East Cheshire NHS Trust Board Assurance Framework and Corporate Risk Register provide a central record of risks to the organisation. The Department of Health (DH) requires the Chief Executive to sign a Governance Statement annually on behalf of the Board. This outlines how risks are identified, evaluated and controlled, together with confirmation that the effectiveness of the system of internal control has been reviewed. The Trust has, and will continue to enter into, agreements with other organisations for the provision of clinical and non-clinical services. These will be set out as Service Level Agreements (SLAs). The major Service Level Agreements (SLAs) and contracts are managed by Directors and risks identified will be escalated and managed in line with the following Strategy. These are the Shared Business Service for Finance and payroll and contracts/slas with third parties. Page 6

7 5. Strategic and Significant Risks The Assurance Framework identifies and quantifies all risks that may potentially compromise the organisation s ability to meet its strategic objectives. These strategic risks to the organisation are identified by the East Cheshire NHS Trust Board and recorded on the Board Assurance Framework. Gaps identified in controls or assurances, and the associated treatments to address them, contribute to the Trust s Corporate Risk Register. Operational risks are reported and managed through the Service Access programme-based risk registers. The process for creating and maintaining the Board Assurance Framework and Corporate Risk Register/Risk Registers is also described in the Trust s risk assessment procedure. An up-to-date position on the significant risks i.e. those risks of a score of 15 and above, is provided to the Clinical Management Board and is reported to the Trust Board 4 times per year and the Audit Committee 3 times per year. The Clinical Management Board is responsible for the co-ordination of both strategic and significant risks and discusses risks at every meeting and receives the Corporate Risk Register 4 times a year. The Deputy Directors meeting receive approved and unapproved high level Corporate Risk Register risks at least 8 times a year. Additionally the Operational Management Team discusses risks at every meeting and receives the Corporate Risk Register (moderate risks) at least 8 times a year. 6. The Way We Work All members of staff have an important role to play in identifying, assessing and managing risk. To support staff in this role, East Cheshire NHS Trust provides a fair and consistent environment. This encourages a culture of openness and willingness to admit mistakes. All staff are encouraged to report any situation where things have, or could have, gone wrong. Balanced in this approach is the need for the Trust to provide information, counselling and support, and training for staff in response to any such situation. At the heart of this Strategy is the desire to learn from events and situations in order to continuously improve management processes, including patient and staff safety. Where necessary, changes will be made to the Trust s systems to enable this to happen. In the interest of openness and the process of learning from mistakes, formal disciplinary action will not usually be taken as a result of a risk management investigation. However, a serious breach of health and safety regulations, or an act or omission constituting serious negligence causing loss or injury, are examples of gross misconduct, following which the East Cheshire NHS Trust s Disciplinary Policy will be applied. Disciplinary action may, therefore, be appropriate where it is found that a member of staff has acted: illegally - against the law; or maliciously - intending to cause harm which s/he knew was likely to result; or recklessly - deliberately taking an unjustifiable risk where s/he either knew of the risk or s/he deliberately closed his/her mind to its existence, e.g. working outside of agreed Trust/National Policy. Should disciplinary action be appropriate, this will be made clear as soon as the possibility emerges. The investigation would then be modified to take account of personnel policies with advice from Human Resources and in line with appropriate Human Resources policies. Page 7

8 7. Accountabilities, Responsibilities and Organisational Framework 7.1 Organisational Structure An organisational structure, to help manage delegated responsibility for implementing risk management systems within the Trust, is illustrated and explained in Appendix 2 and 3. The Terms of Reference for the Committees which report to the Board are included in the Corporate Governance Manual. All members of staff have an individual responsibility for the management of risk, and all levels of management must understand and implement the Trust s Risk Management Strategy and supporting processes. An outline of the specific risk management responsibilities relating to the structure is described below. 7.2 Trust Board The Trust Board is responsible for ensuring that the organisation consistently follows the principles of good governance applicable to NHS organisations. This includes the development of systems and processes for financial control, organisational control, governance and risk management. Board members must ensure that the systems, policies and people that are in place to manage risk are operating effectively, focused on key risks and driving the delivery of objectives. This is the meaning of assurance and is a fundamental principle of good management and accountability. In the context of this Strategy the Board will: demonstrate its continuing commitment to risk management through the endorsement of the revised Risk Management Strategy; ensure, through the Chief Executive, that the responsibilities and structure for risk management outlined in this document are maintained; oversee and participate in the risk assurance process; ensure communication with partner organisations on problems of mutual concern including risks; identify strategic objectives for the Trust from which performance targets and objectives for the Directorates and staff will be identified and monitored; ensure that appropriate structures are in place to implement effective risk management, in particular taking account of the NHS Litigation Authority and the Health and Social Care Act (2012) (Regulations 2009) delivering its objectives and reducing risk; commit those financial, managerial, technological and educational resources necessary to adequately control identified risks; ensure that lessons are learned and disseminated into practice from complaints, claims and incidents and other patient experience data; and receive reports from the committees with responsibility for managing risk and assurance processes, in line with terms of reference of committees. 7.3 Chief Executive The Chief Executive is the Accountable Officer of the Trust and as such has overall accountability and responsibility for ensuring it meets its statutory and legal requirements and adheres to guidance issued by the Department of Health in respect of Governance. This responsibility encompasses risk management, health and safety, financial and organisational controls and governance. The Chief Executive has overall accountability and responsibility for: Page 8

9 ensuring the Trust maintains an up-to-date Risk Management Strategy endorsed by the Board; promoting a risk management culture throughout the organisation; Ensuring that the Annual Governance Statement contains the appropriate assurance requirements; ensuring that there is a framework in place which provides assurance to the Trust management of risk and internal control; and ensuring that risk issues are considered at each level of business planning from the corporate process to the setting of staff objectives. decisions taken to eliminate or reduce risk as far as is reasonably practicable; sharing with stakeholders concerns which may impact on them and the wider population; being the Identified Qualified Person for Freedom of Information requests; having in place an effective system of risk management and internal control. The system of internal control is based on an ongoing risk management process designed to identify the strategic/principle risks to the achievement of the organisation s objectives, to evaluate the nature and extent of those risks and to manage them efficiently and economically as far as is reasonably practicable; signing the Governance Statement annually and presenting it to the Board for approval with this statement forming part of the statutory accounts and annual report; and set out its commitment to the risk management principles in the Trust Statement of Intent, which is a legal requirement under the Health and Safety at Work Act The following Directors have particular responsibilities in respect of assurance and the management of risk, summarised below. The Chief Executive will delegate responsibilities in relation to partnership working as appropriate. Page 9 Lead Executive Director Director of Corporate Affairs and Governance Risk Area Clinical and non-clinical risk management o Risk Management Strategy o Serious Incidents Requiring Investigation o Duty of Candour process o Systems for patient experience (surveys) o Patient survey Health, safety and fire Complaints and Patient Advice Liaison Service (PALS) Litigation o Claims o Inquests o Subject Access o Legal advice Corporate Governance o Policy Governance Information Governance o Toolkit (level 2) o Freedom of Information requests Senior Information Risk Owner Emergency preparedness o Business continuity o Major incident planning Communications and Public Engagement Strategy o Website and infonet Clinical audit, internal audit tracking

10 Page 10 Lead Executive Director Director of Nursing, Performance and Quality, and Deputy Chief Executive Medical Director Director of Human Resources and Organisational Development Risk Area Research governance Board governance Quality governance Freedom to Speak Up, Duty of Candour framework External Inspections NHS Improvement reporting sign-off Care Quality Commission Registration NHS Performance Framework standards Operational delivery Infection prevention control Safeguarding (children and adults) Prevent agenda Patient safety Patient experience Professional practice - competency frameworks and fitness to practice, revalidation (non-medical staff) Quality Strategy Quality Account Safe staffing Lead for Mental Health National screening programmes Professional Strategy Providing advice to the Board on nursing matters In the absence of the Chief Executive will assume all their duties Clinical Strategy o Clinical leadership Medicines management Clinical medical risk Responsible Officer for Clinical Effectiveness Providing advice to the Board on medical issues Approval of deviations from the Duty of Candour process Research strategy and innovation Responsible Officer for GMC delegated to Clinical Lead for Revalidation Human Tissue Authority Caldicott Guardian delegated to the Associate Director for Clinical Effectiveness Medical devices End-of-Life Care Mortality governance Guardian of Safe Working delegated to Consultant Surgeon Human Resources, Workforce and OD Strategy Human resources Organisational development o Leadership development o Talent management and coaching Staff wellbeing (including Occupational Health)

11 Lead Executive Director Director of Finance Risk Area Staff engagement o Your Voice o Staff survey o Inclusion and Diversity Professional registration Resourcing o Attraction o Recruitment and deployment o Temporary staffing and virtual pool o Professional registration o Workforce technology delivery plan Reward and remuneration HR policy and employee relations Training and development Corporate induction Statutory mandatory training Clinical skills development Learning partnerships Post graduate medical education MPET and CPD cash allocation Library Financial Strategy Financial Management Operating framework contracts Financial governance and risk management Security and local security management specialists Counter-fraud Procurement Estate management Advising on the Audit Plan Business planning Information and IT Service level agreements, tenders and contracting Delivery of QIPP including establishing o monitoring process o sustainability of process Planning and Implementation of Recovery Plan 7.4 Director of Corporate Affairs and Governance The Director of Corporate Affairs and Governance will: work closely with the Chair, Chief Executive, Executive Directors and Risk Managers to implement and maintain appropriate risk management strategies and processes, ensuring that effective governance systems clinical and non-clinical risk processes are in place to assure the delivery of Trust objectives and preservation of public sector values; lead and participate in risk management oversight at the highest level, covering all risks across the organisation, on a Trust-wide basis, acting independently from individual Directorates; Page 11

12 work closely with the Chief Executive and Directors to support the provision of Corporate, Directorates and Directorate level risk registers; develop and oversee the effective execution of the Board Assurance Framework and ensure effective processes are embedded to rigorously manage the risks therein, monitoring the action plans and reporting to the Board and relevant Committees; and develop and implement the Risk Management Strategy. 7.5 Deputy Chief Executive/Director of Nursing, Performance and Quality In the absence of the Chief Executive the Deputy Chief Executive will assume all roles and responsibilities as outlined above. The Director of Nursing, Performance and Quality is responsible for organisational operational management ensuring that all operations are carried out line with the NHS Operating Framework, the NHS and Primary Care Contracts. This includes monitoring Service risk via performance meetings. The Director of Nursing, Performance and Quality is responsible for: the delivery of the Quality Strategy Infection, prevention and control Providing nursing advice to the Board Ensuring safeguarding procedures are effective for both children and adults Delivery of the Prevent agenda the delivery of patient safety the delivery of Performance Standards 7.6 Executive Directors Executive Directors are accountable and responsible for ensuring that the Directorates and/or corporate functions are implementing the Risk Management Strategy and related policies. Each Director is accountable for the delivery of their particular service. They will ensure that the systems, policies and people are in place to deliver high quality safe services that operate effectively; are focused on key risks and that drive the delivery of the organisation s objectives. Executive Directors are responsible for ensuring that the Board Assurance Framework and the risk management reporting timetable are delivered to the Board. This includes any risks identified in the service level agreements managed by Directors. 7.7 Medical Director The Medical Director will provide the medical leadership to ensure the Trust undertakes this function in accordance with best practice, legal and statutory duties. The Medical Director will: ensure that systems are in place to provide services to patients that are legally and professionally acceptable and with consideration of ethical decisions and practice have responsibility for the management and control of adverse medical errors and investigations relating to any such clinical incidents Page 12

13 Delegate authority to: The Clinical Lead for Revalidation as the identified Responsible Officer for the General Medical Council The Associated Director for Clinical Effectiveness for responsibility to provide advice and guidance in respect of the Caldicott Principles as the organisation s Caldicott Guardian. 7.8 Director of Finance The Director of Finance will be responsible for: the management of an effective system of internal financial control, service and financial governance ensuring internal audit meet the required mandatory standards delivering an effective counter fraud system and the Trust s nominated Local Counter Fraud Specialist, including the investigation of fraud or fraudulent activity ensuring effective security systems are in place ensuring the estate is managed effectively 7.9 Director of Human Resources and Organisational Development The Director of Human Resources and Organisational Development is responsible for: recruitment, and therefore implicit in this activity is checking on professional registration of employees where appropriate, maintenance of training registers and staff records, particularly of new starters and their attendance on induction and mandatory training courses and is responsible for communicating the training Strategy to all employees of the Trust; ensuring employees have job descriptions containing reference to their responsibilities and contribution to the success of the Trust risk management process; and is responsible for drafting and monitoring employment policies and identifying any risk associated with contractual agreements Clinical Directors Clinical Directors are responsible for implementation of the Trust s relevant strategies and policies which support its risk management approach. Specifically they will: ensure a risk management forum (safety, quality and standards committee) is maintained within their area which will encourage integration of risk management; co-ordinate the risk management processes which include: risk assessments, incident reporting, the investigation of incidents/near misses and the management of the risk register; ensure there is a system for monitoring the application of risk management within their area and that risks are treated in accordance with the risk grading action guidance contained in section 16 of this document; provide reports to the appropriate committee of the Board that will contribute to the Trust-wide monitoring and auditing of risk; ensure staff attend relevant mandatory and local training programmes; Page 13

14 ensure a system is maintained to facilitate feedback to staff on risk management issues and the outcome of incident reporting; and ensure the specific responsibilities of managers and staff in relation to risk management, Health and Social Care Act 2012 and clinical governance are identified within the job description for the post and those key objectives are reflected in the individual performance review/staff appraisal process Deputy Director of Corporate Affairs and Governance The Deputy Director of Corporate Affairs and Governance will: provide specialist advice across the organisation in relation to controls and assurances for a range of functions at all levels in the organisation to support the effective management of clinical and nonclinical risk and governance; ensure that a central system is in place to collate risk registers across East Cheshire NHS Trust which link to the Board Assurance Framework; support the management and development of the Board Assurance Framework; and work with the Associate Directors, Deputies and Clinical Directorate Managers within the Directorates to ensure risks are escalated in accordance with the risk management strategy Head of Integrated Governance The Head of Integrated Governance will: work with and provide advice to Directorate staff and corporate functions on risk management and risk registers ensuring linkage to the assurance framework of the organisation in line with the risk management strategy; advise on areas related to the Information Governance Toolkit, Care Quality Commission regulation process and outcomes; and support the Director and Deputy Director of Corporate Affairs and Governance in the management and development of the board assurance framework and the corporate risk register The Corporate Affairs and Governance Team The core Governance Team will provide the specialist support and advice to Directors, managers and staff and keeps abreast of best practice, legal and statutory requirements and national guidance relevant to their role. This includes: risk management (clinical and non-clinical); information governance; legal services; clinical effectiveness; complaints and Patient Advisory and Liaison Service; fire; health and safety; freedom to speak up (whistleblowing); emergency preparedness communications and public engagement; and Patience experience Page 14

15 7.15 Risk Managers The Risk Managers (Health and Safety, Clinical, Fire Safety and Emergency Preparedness) are responsible for the day-to-day management and co-ordination of risk activities. This includes reviewing all incidents input on the Trust database, identifying incident trends, carrying out/assisting with root cause analysis where necessary and ensuring that lessons are learned and assimilated into practice Associate Directors/Service Managers The Associate Directors/ Service Managers will provide full support and co-operation to the Clinical Directors in achieving their responsibilities in respect of this Strategy Managers and Other Staff It is important that managers at all levels in the organisation encourage, support and facilitate staff in the application of good risk management practice and that they ensure staff are provided with the education and training to enable them to do so. Managers must be fully conversant with the Trust s approach to risk management and where applicable Health and Social Care Act (2012) (Regulations 2009) and governance. They will support the application of this Strategy and its related processes and participate in the monitoring and auditing process. All staff will: accept personal responsibility for maintaining a safe environment, which includes being aware of their duty under legislation to take reasonable care of their own safety and all others that may be affected by the Trust s business comply with the incident and near miss reporting procedures; be responsible for attending mandatory and relevant education and training events; participate in the risk management system, including the risk assessments within their area of work and the notification to their line manager of any perceived risk which may not have been assessed; and be aware of the Trust s risk management strategy and processes and the local Strategy and procedures and comply with them Contractors Specific risks identified by the Trust will be shared with any other relevant organisation working in partnership with the East Cheshire NHS Trust. Likewise, the Trust expects that any relevant risks identified by partners will be shared with the organisation. It is the responsibility of each contractor employed by East Cheshire NHS Trust to ensure that any staff working on their behalf is fully conversant with the health and safety requirements for the activity for which they are engaged. Page 15

16 8. Systems and Processes for Managing Risk The East Cheshire Trust operates three major systems to facilitate the management of risk throughout the organisation. These are each described in detail in the following documents: Policy for the Management and Investigation of Incidents Risk Assessment and Risk Register Policy Corporate Governance Manual Standing Financial Instructions (SFIs)* The accident and incident reporting and investigation policy and the risk assessment and risk register policy systems use the same risk grading process to assess risks in terms of frequency and severity of outcome. The risk assessment process is described in section 15 of this policy. *The Trust s SFIs are key to ensuring financial management controls are in place, breaching SFIs may result in disciplinary action being taken. 9. Systems for Monitoring the Effectiveness of the Strategy An annual report on Governance, which includes risk management in the East Cheshire NHS Trust based on all available relevant information, will be produced by the Director of Corporate Affairs and Governance. This report, together with performance against the Key Performance Indicators (KPIs), will be reviewed by the Clinical Management Board. 10. Measuring Performance and Review Please see the Compliance Monitoring Tool for details of how this strategy will be monitored (Appendix 4).Implementation, Training and Support The effective implementation of this Risk Management Strategy will facilitate the delivery of a quality service and, alongside staff training and support, will provide an improved awareness of the measures needed to prevent, control and contain risk. East Cheshire NHS Trust will: Page 16 ensure all staff and stakeholders have access to a copy of this Risk Management Strategy; produce a register of risk across the Trust which will be subject to regular review by the Board; communicate to staff any action to be taken in respect of risk issues; develop policies, procedures and guidelines to assist in the implementation of this Strategy; Ensure that risk management training is available to staff ensure that training programmes raise and sustain awareness throughout the Trust of the importance of identifying and managing risk; Ensure all Board Members, Directors, Senior Managers and Staff receive risk management training commensurate with their roles and responsibilities.

17 ensure that staff have the knowledge, skills, support and access to expert advice necessary to implement the policies, procedures and guidelines associated with this Strategy; and monitor and review the performance of the Trust in relation to the management of risk and the continuing suitability and effectiveness of the systems and processes in place to manage risk. 11. Equality Impact Assessment This policy has been impact assessed with regards to potential impact on race, gender, disability, age, lesbian/gay/bi-sexual and transgender, religion/ belief, carers and other characteristics and there are no areas in the policy that contravene equality and diversity guidance. Assessment available via Deputy Director of Corporate Affairs and Governance. 12. Other Relevant Policies All documents in the East Cheshire Policies Schedule are relevant, in particular: Health & Safety Policy Risk Assessment and Risk Register Policy Policy for Management and Investigation of Incidents Claims Handling Policy Complaints Policy Freedom to Speak Up Policy Disciplinary Policy, Procedure and Rules Major Incident Plan Corporate Governance Manual 13. East Cheshire NHS Trust Stakeholders Key stakeholders include: patients and carers; staff (directly employed, bank and agency); commissioners of services including general practitioners; NHS Improvement; contractors including suppliers and service providers e.g. cleaning contractor; and local authorities. Caring Together partners The Trust has identified a full list of key stakeholders and this has been approved by the Board. Page 17

18 14. Communication with Stakeholders Systems of communication with stakeholders that contribute to minimising risk are in place. These systems include the East Cheshire NHS Trust website ( regular meetings, annual in patient and staff surveys, publications, the annual general meeting, and the Public Board Meetings. Communication with staff is particularly important and is mainly effected via line management at team meetings. Any urgent or particularly important messages are communicated by . In order to promote openness in the organisation, the Risk Management Sub-committee extends an invite to any member of staff who wishes to raise a specific issue. A place is offered to Trade Union representation and the Chair of the Trust Consultative Committee is copied in to all notes of meetings. This Risk Management Strategy is available to all staff and to other stakeholders on the Trust website. The introduction of new or significantly revised risk management policies is supported by appropriate staff training. 15. Risk Management Escalation Process 15.1 Risk Grading Tool The same grading tool is used in East Cheshire Trust for all risk processes (risk assessment, risk register, and incident reporting assessment). Risks are measured according to the following formula: Likelihood x Impact = Risk Likelihood Risks are first judged on the likelihood of the risk being realised. Consider the descriptions below. Assess the risk to see which description in the likelihood and impact best fits the identified risk. Multiply the two numbers obtained to establish the risk rating. Measures of Likelihood The following table gives descriptions of the likelihood of a risk occurring. Level Descriptor Description 1 Rare May occur only in exceptional circumstances 2 Unlikely Not expected but could occur at some time 3 Possible May/will occur at some time 4 Likely Will probably occur but not a persistent issue 5 Almost Certain Likely to occur on many occasions, a persistent issue Page 18

19 Impact Situations are then judged to evaluate if the risk were to be realised, what the outcome would most likely be. In terms of risk tolerance levels, these may be adjusted to reflect the position of the Trust and this will be agreed with the Board at its annual review. The following table is a guide to the categories available for measuring the impact: Page 19 Measures of Impact Table Descriptor Insignificant 1 Minor 2 Moderate 3 Major 4 Catastrophic 5 Objectives / Performance Target / Project Barely noticeable reduction in scope / quality / schedule Minor reduction in scope / quality / schedule Reduction in scope or quality, project objectives or schedule Significant target miss or project Overrun Inability to meet performance targets or project objectives, reputation of the organization seriously Injury (physical and psychological) to patient / visitor / staff. Patient Experience Complaints / Claims Service / Interruption Staffing and Competence Financial (including damage / loss / fraud) escalation yo audit / board dependent on limits specified in SFIs Inspection / Audit Adverse event leading to minor injury not requiring first aid Reduced quality of patient experience / clinical outcome not directly related to delivery of clinical care Locally resolved verbal complaint Interruption in a service which does not impact on the delivery of patient care or the ability to continue to provide service Short term low staffing level temporarily reduces service quality (less than 1 day) Short term low staffing level (>1 day), where there is no disruption to patient care Negligible organisational / personal financial loss ( <5k) Small number of recommendations which focus on minor quality improvement issues Minor injury or illness, first aid treatment required Short term injury/harm < 1month Staff sickness< 3 days Unsatisfactory patient experience / clinical outcome directly related to care provision readily resolvable Justified written Complaint peripheral to clinical care Short term disruption to service with minor impact on patient care Ongoing low staffing level reduces service quality Minor error due to ineffective training / implementation of training Minor organisational / personal financial loss ( 5k- 24k) Recommendations made which can be addressed by low level of management action. Agency reportable, e.g. HSE, MHRA, Police. Semi-permanent injury (< 1 year) requiring medical treatment and/or counseling. Staff sickness < 4 weeks Unsatisfactory patient experience / clinical outcome, short term effects expect recovery <1wk Below excess non clinical claim. Clinical litigation possible. Justified complaint Some disruption in service with unacceptable impact on patient care Temporary loss of ability to provide service Late delivery of key objective / service due to lack of staff. Moderate error due to ineffective training / implementation of training Ongoing problem with staffing levels Significant organisational / personal financial loss ( 25k-50k) Challenging recommendations that can be addressed with appropriate action plan Major injuries / long term incapacity or disability (e.g. loss of limb/miss diagnosis mis treatment leading to poor prognosis). Long term sickness>4 weeks Unsatisfactory patient experience / clinical outcome, long term effects expect recovery >1wk Non clinical claim above excess level. Clinical litigation expected/almost certain. Multiple justified complaints Sustained loss of service which has serious impact on delivery of patient care resulting in major contingency plans being invoked. Uncertain delivery of key objective / service due to lack of staff. Major error due to ineffective training / implementation of training Major organisational / personal financial loss ( 50k - 1 million) escalate to Director of Finance for further risk assessment Enforcement action. Low rating Critical report. damaged. Incident leading to death or major Permanent incapacity. Significant number of people affected (screening errors) Unsatisfactory patient experience / clinical outcome, continued ongoing long term effects Multiple claims or single major claim Litigation certain Permanent loss of core service or facility Non delivery of key objective / service due to lack of staff. Loss of key staff. Critical error due to ineffective training / implementation of training Severe organisational / personal financial loss (> 1 million) Prosecution. Zero rating Severely critical report

20 Descriptor Insignificant 1 Minor 2 Moderate 3 Major 4 Catastrophic 5 Adverse Publicity / Reputation Rumours, no media coverage Local media long term adverse publicity. Little effect on staff morale Local media coverage short term. Some public embarrassment. Minor effect on staff morale / public attitudes. Significant effect on staff morale and public perception of the organisation National media / adverse publicity, less than 3 days. Public confidence in the organisation undermined Use of services Affected Note: Financial threshold of risk approved by the Clinical Management Board Measurement of Risk National / International media / adverse publicity, >3 days. MP concern (Questions in Parliament). Court Enforcement Public Enquiry Based on the above judgments, a risk assessment can be made of the potential future risk to stakeholders and the organisation as follows: Impact Likelihood Insignificant 1 Minor 2 Moderate 3 Major 4 Catastrophic 5 Almost certain 5 Likely 4 Possible 3 Unlikely 2 Rare Definition of Risk The following table explains how risks should be categorised at the risk assessment stage: Very Low 1-3 Low 4-8 Moderate 9-12 High Action that are/may be required based on the risk grading The following tables give guidance as to the actions taken based on the risk assessment and outlines who has authority to act. Page 20

21 Very Low and Low risks (1-8) Most risks will be graded into these less serious categories and can normally be managed through local action by line managers and may be put onto local risk registers. Risk Further Action By Whom Very Low Score 1-3 Low Score 4-8 Acceptable Inform all appropriate stakeholders. Take action to reduce risk where necessary and within authority. Maintain paper records. Acceptable Risk. As above plus: Discuss whether any further action should be taken to reduce future risk. Report to local governance groups for management. All staff Departmental Head/Supervisor/Ward Manager/Team Leader Moderate risks (9 12) Those risks classed as moderate will be addressed by a Clinical Director of the service area, Deputy Directors or Associate Directors. Where risks are complex, separate risk assessments and action plans must be uploaded for all identified moderate risks to determine the most appropriate way of dealing with the risk. This will be reported to the appropriate principle group e.g. Directorate governance group, Operational Management Team, Risk Management Sub Committee. Further action may also include a requirement to discuss the risk at the Trust s Clinical Management Board. Risk Further Action By Whom Moderate Score 9-12 High risks (15+) Considerable Risk. For complex risks, complete and upload full risk assessment and action plans Inform all appropriate stakeholders Take action to reduce risk within authority Maintain paper records Discuss further action to be taken to reduce risk Upload supporting information in form of reports, business cases and action plans Report to local governance groups for management Place onto local governance group and/or principle group risk register(s) Risks to be managed/monitored via the local governance group and/or principle group risk register(s) Risks to be discussed with appropriate Director on a monthly basis. Financial risk discussed at Clinical Management Board (CMB) Clinical Directors Deputy Directors Associate Directors General Manager Page 21

22 All high risks will be recorded on the Corporate Risk Register and reported four times per year by the Chief Executive to the Board which will approve treatment plans and monitor progress. Appendix 4 describes how the Board will be informed of other serious issues. Risk Further Action By Whom High Score Risk Treatment Significant Risk. As above plus: Assurance Framework will be reviewed by the Audit committee 3 times a year Assurance Framework will be submitted to the Clinical Management Board four times per year Assurance Framework risks will be reviewed by the relevant delegated Committee of the Board (Safety, Quality and Standards; and Finance, Performance and Workforce) 4 times a year Assurance Framework will go to the Trust Board four times per year for monitoring progress on treatment action plans Corporate Risk Register will be reviewed 4 times a year by the Clinical Management Board, Safety Quality and Standards committee and Finance Performance and Workforce Committees. Corporate Risk Register will be reviewed by the Audit committee 3 times per year The Corporate Risk Register will be reviewed by the Board 4 times per year Executive Directors Clinical Directors Deputy Directors/Associate Directors General Managers Head of Integrated Governance Once the risk has been quantified then the treatment to be applied to the risk has to be determined. The following options are to be considered. (a) Managed: Page Accepted: Very low and low risks can be accepted as requiring no further action. On reviewing this type of risk it may, however, be decided that some cost effective action would reduce the risk still further. Where risks are classed as moderate or high and all appropriate steps have been taken to mitigate (control) the risk and where further reduction would not be reasonably practicable then the Board can/may decide that no further action is necessary and the risk is accepted. 2. Managed: In many cases action can be taken to change the way activities are carried out in order to reduce the risk identified. East Cheshire NHS Trust is committed to using a systematic/holistic approach to risk management. 3. Avoided: In some cases risk cannot be accepted, transferred or managed. Then the Board may decide a particular risk should be avoided altogether. This may involve ceasing the activity giving rise to the risk.

23 (b) 4. Transferred: The Trust is a member of the Clinical Negligence Scheme, Liabilities to Third Parties and Property Expenses risk pooling schemes run by the NHSLA. This membership transfers some financial risk to these risk pooling schemes. Further action to reduce the risk is needed which will reduce the risk score Page 23

24 16. Diagram of Flow of Risks The following flowchart shows the approval process for new risks New Risk entered on DATIX Current Risk Score 0-8 Current Risk Score 9-12 Current Risk Score 15+ Departmental Manager reviews and when confirmed as correct moves the risk to Final Approval Departmental Manager reviews and when confirmed as correct moves the risk to Awaiting Final Approval and sends communication to General Manager to review Departmental Manager reviews and when confirmed as correct moves the risk to Awaiting Final Approval and sends communication to General Manager & Associate Director General Manager reviews and when confirmed as correct moves the risk to Final Approval Associate Director reviews and when confirmed as correct moves the risk to Being Approved and sends communication to Deputy Director to review NOTE: Escalated Risk When existing risks have the current score - escalated to 15+ the relevant director for review and approval Deputy Director reviews and when confirmed as correct moves the risk to Final Approval and notifies relevant Director Page 24

25 The following flow chart demonstrates the flow of risk from identification to assessment and management according to severity. Structure and flow chart for the management of assurance and risk in East Cheshire NHS Trust Risk identified via risk assessment, incident, claim, complaint, other indicator Grade the risk to determine the route for management 0 8 Identified risks managed locally, departmentally or via Directorate Safety Quality and Standards Subcommittee 9-12 Identified risks managed via Directorate Safety Quality and Standards Sub-committee discussed monthly or if required escalated to CMB (plus Strategic risk) Discussed at CMB & Trust Board 4 times/ year, Audit committee 3 times & other Board Committees, 4 times per year Monitor via the monthly Directorate performance management arrangements to receive assurance and monitor progress Deputy Directors Group receives Corporate Risk Register (15+) 8 times per year for review and to undertake consistency checking Clinical Management Board Receives all strategic risks from escalation routes when identified e.g. Directors and Directorate Performance Meetings and decide if risks are: accepted, managed, avoided or transferred. Receives Assurance Framework and Corporate Risk Register 4 times a year. Operational Management Team receives Corporate Risk Register (9-12) 8 times per year for review and to undertake consistency checking Trust Board Risks formulate on Assurance Framework and Corporate Risk Register reported to the Trust Board 4 times and Audit Committee x 3 per year by the Chief Executive Officer Page 25

26 Communication and Consultation Assess Risks APPENDIX 1 - Definitions Risk is the chance that something will happen that will have an impact on achievement of the Trust s aims and objectives. It is measured in terms of likelihood (frequency or probability of the risk occurring) and severity (impact or magnitude of the effect of the risk occurring). See section 16. Risk Management is the culture, processes and structures that are directed towards the effective management of potential opportunities and adverse effects. The risk management process is the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analysing, evaluating, treating, monitoring and communicating risk. It is described in the following diagram: Establish Context Identify Risks Analyse Risks Monitor and Review Evaluate and Rank Risks Treat Risks Risk Management Overview from AS/NZS 4360:1999 Significant/principle risks are those which, when measured according to the risk grading tool at section 16, are assessed to be High. The Board will take an active interest in the management of significant principle risks. Page 26

27 National Guidance External Assurance APPENDIX 2 - Organisational Structure for Risk Management and Assurance The following diagram describes the risk and assurance route through to the Trust Board and its subcommittees. The Clinical Management Board is the overarching meeting for risk management and risks are discussed as an agenda item at every meeting. This Committee receives information from the various Board committees to include any risks on either the Assurance Framework or the Corporate Risk Register (i.e. Audit Committee, Finance, Performance & Workforce Committee and Safety, Quality & Standards Committee). Where the flow chart indicates that various papers/reports are sent to various Board Committees this is in relation to their remit, scope, terms of reference and annual work program. Sources of internal and external assurance are identified in Appendix 5 The Process for Assurance & Escalation TRUST BOARD The Board may also identify risks for inclusion in the Assurance Framework RISK Minutes ACTION from TREATMENT Board Committees PLAN Scored Assurance Framework Papers from Executives to the Board Papers / reports / minutes sent to the Board Clinical Management Board (via the Chief Executive) [Overarching Risk Forum] Executive Management Team (via The Chief executive) [Risk Forum] Audit Committee [Risk Forum]* Finance, Performance & Workforce Committee [Risk Forum]* Safety, Quality & Standards Committee [Risk Forum]* Papers / reports sent to the various Board committees & Clinical Management Board Action Plans Actions to mitigate gaps in controls & assurances Unscored Assurance Framework Corporate Risk Register Risks identified as result of the business processes established by the Trust Directorate Performance Review Mtgs Incident Reporting Staff Objectives & Review Sub-committees & Working Groups Implementing NICE Guidance Freedom to Speak Up Performance Management Systems Developing / Reviewing Policies Other Reporting Mechanisms Low Risks (Score 1 8) Managed Locally Risk Management Process Service Area Risks Registers Moderate Risks (Score 9 12) Managed at Directorate level High Risks (Score 15 25) Clinical Management Board Informed Page 27

28 Appendix 3 - Roles and Responsibilities of Committees Responsible for Risk Management Trust Board The Trust Board is accountable and responsible for ensuring that East Cheshire NHS Trust has an effective programme for managing all types of risk which is achieved via the Board Assurance Framework, and review of the Corporate Risk Register. The Board is chaired by a Non-Executive Director and meets monthly. In order to verify that risks are being managed appropriately and that the organisation can deliver its objectives, the Board receives and considers reports from the Audit Committee and the Clinical Management Board. In particular, the Board considers risk reduction plans and monitors progress on action plans on all significant risks on a three monthly basis. Clinical Management Board This Board is accountable to the Trust Board via the Chief Executive who is the Chair of the Clinical Management Board and is attended by Executive Directors, Clinical Directors and Deputy Medical Director. This is the forum with overarching responsibility for managing risks and for the Chief Executive to gain assurance on the operational business of the organisation by: monitoring performance and delivery of finance and service delivery, and Quality Innovation Productivity and Prevention Plans (QIPP); and identifying risk and actions to mitigate risk. The Clinical Management Board also has responsibility to shape service and financial issues and resolve operational issues that impact across the Trust. Executive Management Team Meeting This is the forum where Executive Directors are held to account by the Chief Executive for delivery of objectives, which includes the delivery of the cost improvement programme. Safety, Quality and Standards Committee The Safety, Quality and Standards Committee is a committee of the Board and is chaired by a Non-Executive Director with Executive and Deputy Directors of Nursing and Governance, Deputy Medical Director and Chief Pharmacist as members. This Committee provides the Trust Board with assurance that national and local safety, quality and other standards are being met in relation to both clinical and non-clinical activities of the Trust. The Committee provides assurance that effective systems and process are in place to ensure all employees are aware of their responsibilities for promoting and maintaining the highest standards in everything the Trust does. This Committee has a prime focus on quality outcomes which impact on patient safety, clinical effectiveness and experience, which will ensure optimum opportunity to achieve the upper decile of quality for the Trust as it redesigns integrated care pathways. The Committee has a number of Sub-Committees reporting to it to ensure further detailed oversight occurs.

29 Audit Committee The Audit Committee is a committee of the Board and is appointed to support the Chief Executive as Accountable Officer and the Trust Board in monitoring the corporate and clinical governance and control systems in the Trust. This Committee is chaired by a Non-Executive Director and its members are Non- Executive Directors. Its role is to review, on behalf of the Board: The effectiveness of the processes in place to manage and oversee the systems necessary for integrated governance, risk management, internal control (i.e. financial and clinical management). To ensure it is satisfied that the same level of scrutiny and independent audit over controls and assurances is applied to the risks to all strategic objectives, be they clinical, financial or operational. The Audit Committee is informed by reports on the Trust s systems and processes prepared by both internal and external auditors. Finance, Performance and Workforce Committee The Finance, Performance and Workforce Committee is a committee of the Board and provides the Board with assurance that national and local standards relating to finance and workforce are being met. It discusses the integrated performance of the organisation and provides assurance that there is a robust performance management framework in place. Its quality focus is on systems and processes which underpin sound performance and workforce modelling to deliver redesigned clinical pathways. Attendance at Committee A record of attendance will be maintained by the Chairs of each Committee with responsibility for managing risk. Members of the committees must attend 75% of the meetings across each financial year, any deputies should have the authority to make decisions. The Chair of each committee will review the attendance annually and report to the Committee to agree actions required. Terms of Reference for the Trust Board Committees are included within the Governance Manual.

30 Appendix 4 Board immediately informed by telecom

31 APPENDIX 5 Compliance Monitoring Tool Requirement to be monitored Continued registration with the Care Quality Commission Process to be used for monitoring e.g. audit Annual Statement Responsible individual/ committee for carrying out monitoring Deputy Director of Corporate Affairs & Governance Frequency of monitoring Annual Responsible individual/committee for reviewing the results Trust SQS Trust Board Responsible Individual for developing an action plan Deputy Director of Corporate Affairs & Governance Responsible Committee/group monitoring the action plan Safety Quality and Standards Committee The Assurance Framework is populated by strategic/principle risks linked to the key objectives and will be reviewed by the Trust Board 4 times a year and the Audit Committee 3 times a year in line with their terms of reference Report Director of Corporate Affairs & Governance 4x per year 3x per year Trust Board Audit Committee Director of Corporate Affairs & Governance Clinical Management Board The Corporate Risk Register is populated from all areas and all types of risk across the organisation for monitoring. Risks 15 and above will be presented to the Clinical Management Board, Safety Quality & Standards Committee and Finance Performance & Workforce Committee 4 times per year and deep dive reviews will be undertaken in agreement with the chair. Report Director of Corporate Affairs & Governance 4 x per year (risks discussed on a monthly basis as standing agenda item) 3 x per year Clinical Management Board Safety Quality and Standards Committee Finance Performance and Workforce Committee Audit Committee Director of Corporate Affairs & Governance Clinical Management Board Risks 15 and above will be presented to the Audit committee 3 times per year. The process as outlined in section 10, which includes upload of supporting documentation and populating of risk registers, the duties Audit Internal Audit Annual Audit Committee Deputy Director of Corporate Affairs & Governance Audit Committee

32 Requirement to be monitored of those individuals with key responsibilities and authority for risk management will be audited annually for compliance through internal audit Process to be used for monitoring e.g. audit Responsible individual/ committee for carrying out monitoring Frequency of monitoring Responsible individual/committee for reviewing the results Responsible Individual for developing an action plan Director of Corporate Affairs & Governance Responsible Committee/group monitoring the action plan The organisation s risk management structure, detailing those committees and groups which have some responsibility for risk Annual review of RM Strategy Director of Corporate Affairs & Governance Annual Trust Board Director of Corporate Affairs & Governance Trust Board How the board or high level risk committee(s)review the organisationwide Risk register How risk is managed locally Annual review of RM Strategy Annual review of RM Strategy Director of Corporate Affairs & Governance Director of Corporate Affairs & Governance Annual Trust Board Director of Corporate Affairs & Governance Annual Trust Board Director of Corporate Affairs & Governance Trust Board Trust Board Duties of the key individuals for risk management activities Annual review of RM Strategy Director of Corporate Affairs & Governance Annual Trust Board Director of Corporate Affairs & Governance Trust Board Approved documented terms of reference for the high level committee(s) with overarching responsibility for risk will be reviewed annually. Annual review of RM Strategy Annual review of Corporate Governance Manual Director of Corporate Affairs & Governance Annual Trust Board Director of Corporate Affairs & Governance Trust Board

33 APPENDIX 6 Sources of Internal and External Assurance Source of Assurance Type Responsible Committees Health & Safety Executive inspection reports External SQS/Audit External Audit Reports External SQS/Audit National Patient Satisfaction Surveys (Inpatient, Outpatient, External SQS Maternity) CNST (Maternity) Reports External SQS/CMB PROMS (Patient Related Outcome Measures) External SQS CQUINS (Commissioning for Quality and Innovation) External SQS/ Board UKAS (Clinical Pathology Accreditation) External SQS CQC - Good Hospital Guide ) External SQS Independent reviews (clinical) External SQS Peer Reviews (e.g. cancer, screening, critical care) External SQS National Audits (e.g. TARN, LUCADA, MINAP) External SQS/Board Patient-led Assessments of Care Environments (PLACE) External SQS inspections National staff surveys External FPW/Board Patient Choices External SQS Specialist external reviews e.g. Confidential Enquiries External SQS NCEPOD/CMACE etc) NHS Commissioning Board -National Reporting and Learning External SQS System (NRLS) reports Department of Health, Eliminating Mixed Sex External SQS/Board Accommodation Information Governance Toolkit External CMB/Board Health & Social Care Information Centre (HSCIC), Hospital External Board Episode Statistics (HES) Care Quality Commission National Priorities (O4 = Stroke); External SQS (O16 = Clinical Audit); (O21 = Maternity data Quality) Department of Health, Cancer Waits Database External SQS/Board Department of Health, VTE Risk Assessment data collection External SQS/Board Health & Social Care Information Centre (HSCIC), NHS External Board Cervical Screening Programme CHKS reports External SQS/Board Department of Health, Cancelled Operations (QMCO) External SQS/Board Department of Health, A&E Attendances and Performance (QMAE) External SQS/Board Department of Health, Delayed Transfers of Care External SQS/Board Care Quality Commission, Chief Inspector of Hospitals External SQS Inspection Health Protection Agency (HPA), Clostridium Difficile External SQS/Board Surveillance Scheme/MRSA Bacteraemia Surveillance Scheme/Surgical Site Infection Surveillance Service Counter Fraud and Security Management Service, Security External Audit Management Service compliance data NHS Improvement External Board Department of Health, Estates Return Information Collection External CMB (ERIC) Department of Health Central Alerting System External SQS

34 Source of Assurance Type Responsible Committees Health & Social Care Information Centre (HSCIC), Secondary External Board Users Service (SUS) Data Quality Dashboard Audit Commission, Payment by Results (PbR) Data External Audit Assurance Framework Compliance with CQC outcome requirements Internal SQS Audit of compliance with CQC requirements Internal Audit Records PCA and audit results Internal SQS/Audit Key Performance Indicators (including quality indicators, Internal CMB/SQS contract measures, national targets and ward dashboard, finance, QIPP, workforce) Local Patient Satisfaction Surveys Internal SQS Local Staff Survey Results (PULSE) Internal CMB/FPW Committee Chair s reports to Board Internal Board Directorate Performance and Accountability Meetings Internal CMB Internal Audit Reports Internal Audit Local Counter Fraud Reports Internal Audit Safeguarding Serious Case Reviews Internal SQS Internal Management Reviews Internal SQS Quality Accounts + Audit of Accounts Internal External Board/Audit/ SQS Serious Incidents Requiring Investigation Internal SQS Clinical Audit Internal SQS Clinical presentations Internal CMB/SQS Incidents, Complaints, Litigation and Patient Experience Internal SQS reports Compliments Internal SQS Policies & Procedures monitoring of compliance Internal SQS Annual Reports from Committees Internal Board NHSI Hygiene Code Inspection External Board Fire Authority Cheshire Fire and Rescue Service External CMB

35 APPENDIX 7 Board Structure