CQC Strategic and High level Risk Register v /5/18

Transcription

1 (See R1 We do not have impact in encouraging improvement innovation and sustainability in care (significantly this could materialise because of a deterioration in quality of providers or an inability to improve due to financial constraints and challenges of recruiting key staff may limit their ability to maintain quality and improve) Chief Inspectors Imp H 5 Lh M 3 15 Monitoring quality of care across sectors for signs of deterioration - State of Care and thematic reports LH M(3) Strategic measures provider feedback on whether CQC helps improvement Evaluation of our impact Determine Registration applications - Registration as a barrier to poor care/ registering good services. Taking swift action on unregistered providers to protect people from harm Undertake inspections in response to or potential improvements in quality, taking enforcement action, including prosecution, to protect people who use services and hold providers to account Inspection of local health and social care systems in a local authority area (Local System Reviews) Publicise our findings through Inspection reports, State of Care and thematic reports and Local System review report Engage locally - providers, commissioners and other stakeholders to ensure they play their part in enabling improvement Engage nationally - National Quality Board; National Information Board; National Improvement and Leadership Development Board; Health and Social Care Regulators Forum; Adult Social Care Quality Matters Board to support national improvement efforts. Provider Trade Associations engagement Strengthen our approach to encouraging improvement including contribution to the implementation of the National Improvement and Leadership Development Strategic Framework (programme) Strengthening our independent voice including embedding and supporting CQC s independent voice model across teams at regional and national level Implementing next phase in Independent Health Implementing next phase in PMS R2 A change of external environment in health and social care or more widely could have implications for CQC s role (eg: integration) Exec Dir S&I(and Director of Policy and Strategy) Lh H (3) Horizon scanning the external environment in health and social care, ongoing relationships and conversations with stakeholders; services; people who use care. actions Determine actions where appropriate (eg: rescheduling some routine inspections of services to allow frontline staff and leaders to focus on continuing to ensure that people receive safe, high-quality care during periods of increased demand, in particular in the winter) R3 We do not implement our Operating Model effectively because we do not: make accurate; insightful; reliable; timely; lawful; regulatory decisions; C.I.s Quality assurance (sampling) Management assurance assessments in each Directorate Strategic measures inc. provider survey feedback on inspection team KPIs including response times at NCSC and Safeguarding / Public Confidence/ 1

2 (See encourage people who use services, their relatives and carers to engage with CQC respond quickly and effectively to public concerns; Scheme of Delegation, Clear Operating Model, Legal support, Enforcement policy. Representations and complaints processes. Guidance; CQC s website and reports for providers. NCSC processes for concerns. reporting within CRM. Learning programmes and mentoring for inspection and other staff Local engagement at all levels with community groups including using areas of interest leads (ASC), and local Healthwatch Regulatory and Legal Implement a quality improvement approach (QI) in CQC Carry out quality improvement activity in the following priority areas: Report timeliness Improve CQC s consistency in quality, performance and how it implements its approach to regulation (Priority list not finally agreed see CQC Business plan) R We do not effectively collect and process the information we need to be an effective intelligence-driven regulator and accurately predict quality Exec Dir S&I (and Director of Intelligence ) Lh H () Staff and provider feedback in relation to effectiveness and ease of use of: CQC Insight; Provider Implementation Collection (PIC); intelligence analytical tools and dashboards and analytical support Use staff and provider feedback to shape the development of: Continuously developed Insight Provider information collection - develop and deliver an always on digital form for Information Collection from Providers Data and evidence training for Inspectors Data Strategy development Deliver improvements to CQC s Digital products and services set out in CQC s Corporate Business Plan , aligned to the priorities agreed with the Board in October 2017 LH M (3) R5 We are unable to deliver our Strategy because we are not well supported by IT technologies and systems, which in turn requires efficient processes to support agile delivery (and Chief Digital Officer) Lh H () Feedback from staff in the annual survey and pulse checks Monitoring Digital improvement milestones in the CQC Business plan Change control process and governance, Engaging operational staff in changes, Imp M () LH M (3) Governance procurement Deliver improvements to CQC s Digital products and services set out in CQC s Corporate Business Plan , aligned to the priorities agreed with the Board in October

3 (See Embed CQC s new internal governance committees so that governance will provide assurance of agile delivery. Work with DHSC to ensure that assuring IT, professional services and digital spend through procurement processes can be best aligned Develop a culture of co-design and interaction with programmes of change including digital R6 We fail to respond adequately where our people feel we are not developing a high performing culture and embedding our values (and Dir of People) Lh H () Feedback from staff in the annual survey and pulse checks People policies, including Performance management Employee assistance programme Recruit and appoint exceptional future senior leaders who can continue to embody the culture and values of CQC Embed CQC s new internal governance committees Implement the cultural change we need to achieve the transformation set out in the business plan, in particular through our values and behaviours o Communicating with staff as we make developments and listening to their feedback o Involving staff in changes including designing and testing o Contributing resource - in particular staff time to co-design and interact with programmes of change eg: digital o Embedding Quality Improvement so CQC staff who experience a problem are at the core to researching, acting & learning to resolve it (These actions also underpin management of s 3,, 5 and 7), ( where the could impact on health safety or well-being) R7 We fail to implement an effective approach to regulating place-based, and emerging new models of care in particular we do not work across CQC effectively to do this CIs controls Strategic Change Board (tbc) actions Embed CQC s new internal governance committees Ongoing work with Accountable Care Organisations Cross Directorate work in relation to Local System Reviews R8 We fail to address the Health, Safety and Well-being needs of CQC staff Failure to comply with the Health & Safety at Work Act 197 due to lack of an effective governance strategy for health and safety. This could lead to inappropriate oversight of health and (and Directors of Lh H () People and FCI) controls Health and safety strategy H+S policies Information and training Health Safety and Wellbeing Committee oversight Management assurance standards and assessments Not yet rated 3

4 (See safety issues and failure to provide associated duty of care to staff and others who may be affected by the activities of the CQC Consider CQC position/statement on attacks on staff- zero and that prosecutions will be made. Formalise HR group to consider how we respond to of attacks on CQC staff. This ties in with the Health, Safety and Wellbeing Group. R9 We are unable to deliver our programme of public commitments as a result of CQC s own capacity issues ET (and Dir of People) KPIs for operational delivery and business plan milestones Monitoring actions set out in CQC s business plan (see below) Resources Board processes to support recruitment; Use of Cygnum to coordinate inspection and external specialist resource 6 Develop a more agile approach to the deployment of financial and people resources which takes account of changing s within each sector and encourages greater cross sector working and meets our statutory duties Implement always on recruitment so we can recruit an additional 100 inspection staff in 2018/19 Take action on those issues which impact on our retention rates and cause CQC staff to leave prematurely R10 We are unable to reduce our costs in line with our reduced budget or our fees are not received in a timely way (and Dir of Finance Commercia l and Infrastructu re) KPI for Directorate budget variance (< 2% + - variance) Budget has been set for , capital allocation is considered to be adequate. Budgetary and recruitment management information tracked regularly by Directorates and at ET and Board. Effective medium term planning, and benefits monitoring More use of direct debits and debt management Financial R11 We are not protecting or securely managing our information in accordance with regulatory requirements, agreed standards and legislation (and Chief Digital Officer) Imp H (5) 15 Management information considered by Information Governance Group this includes the Information Register. s are reviewed on a rolling basis in the IGG s monthly meetings Management assurance standards, the assessments made against them Information security and hardware loss incident reporting to Audit and Corporate Governance Committee Information management and governance policies, Induction and mandatory annual awareness training, Information

5 (See Access and security controls, Senior Information Owner (Director of Strategy and Intelligence) supported by the Information Governance Group (IGG) (Simon Richardson) Internal audit programme Annual information governance assessment Disaster recovery plans Cyber security updates to systems; training for staff; regular discussions with our infrastructure provider and other partners to this service to ensure that security protections remain in place, are effective and maintained and updated. Pilot, then introduce, revised Management assurance standards for Information management during 2018 R A difficult to replace Adult Social Care provider fails and CQC hadn t spotted it to give early warning to local authorities. C.I. ASC (and Director, Corporate Provider & Market Oversight) Market oversight function and relations with the marketplace Agreed processes in place for when failure occurs Closer working between Market Oversight, Inspection and Registration teams Information sharing with providers / local authorities and CCGs Relationship with DH and Treasury Lh L (2) 8 Impact s based on Scores 5 - Very High Very High - High 8 20 High 3 - Medium Medium 2 - Low Low 1 - Very Low Very Low 1 - Very Low 2 - Low 3 - Medium - High 5 - Very High Likelihood 5