Governance Unit(Name of Unit) /
Chief Executives of HSCB, PHA, BSO, PCC, Trusts,
NIGALA, NIBTS, NIMDTA and of NDPBs / Room D3
Castle Buildings
Stormont
BELFAST BT4 3SQ
Tel: 028 9052 28662
Fax: 028 9052 2500
Email:
Your Ref:
Our Ref:DH1/15/242151
Date:14 September 2015

Dear Colleagues

CONTROLS ASSURANCE STANDARDS: PERFORMANCE IN 2014-15 & REPORTING REQUIREMENTS FOR 2015-16

Controls Assurance Standards – Performance in 2014-15

  1. The Department has now completed a review of all 17Arm’s Length Bodies(ALBs) performance against the controls assurance standards in 2014-15.
  1. For 21 of the 22 Controls Assurance Standards, 16 of the ALBs achieved the required level of substantive compliance. One organisation achieved moderate compliance in six of the fifteen standards it assessed against. For the Information Management Standard, which was new in 2013-14, 14 of the ALBs achieved substantive compliance with 3 ALBs achieving moderate compliance.
  1. Full details of each organisation’s performance can be found at:
  1. The Department requires all ALBs to ensure that action plans are in place to address any areas where their organisation’s performance fell short of ‘substantive’ in 2014-15. This will apply to individual criterion, as well as average scores on each standard. Internal Audit will report on action plans whilst verifying self-assessments in 2015-16.

Updates to the Standards for 2015-16

  1. The Controls Assurance Standards have been reviewed and updated for 2015-16, where applicable. There are no changes to any criteria within the 22 standards. However, references and links to guidance have been updated. There have been substantial updates to guidance and links within Purchasing & Supply, Information Management, Food Hygiene & Safety, Environmental Cleanliness and Emergency Planning Standards.
  1. The updated standards have been placed on the Department’s website at:

Compliance levels for 2015-16

  1. For 2015-16, the Department’s requirement is that all organisations achieve substantive(75 - 100%) compliance in the standards they assess against. Organisations may also mark individual criteria as not applicable if it can be substantiated with a valid reason.
  1. With regards to the Information Management Standard, details of individual compliance requirements for each criterion are detailed within the standard. Moderate compliance is acceptable for criteria 9, 16, 19, 20 and 25. Substantive compliance is required for all other criteria. An overall level of substantiverate of compliance is required for 2015-16.

Independent verification of compliance levels

  1. In 2015-16 the Governance, Risk Management and Financial Management core standards will once more be subject to review by BSOinternal audit. Compliance with the following standard will also be subject to internal audit verification:
  2. Information Management
  1. Each Chief Executive can also determine, in consultation as need be with their Audit Committee and withinternal audit, if it would be appropriate to verify any other standards.
  1. Any queries on the content of this letter should be directed to Karen Jeffrey at

Yours faithfully

Karen Jeffrey

cc Chairs of HSC organisations and of NDPBs

Richard Pengelly

Julie Thompson

Linda Devlin

Wendy Patterson