Risk Assurance Framework
A risk is registered on the strategic framework if its occurrence would cause one or more of the strategic themes to miss the agreed target.
Risks will be logged on the assurance framework in the following circumstances.
- A single operational risk may move to the strategic framework if the impact would result in a strategic theme going off course.
- A series of connected operational risks may, together, form a strategic level risk due to their combined effect on the achievement of a strategic theme.
As at 31st March 2021, the key risks on settle’s risk assurance framework, together with the principal controls we have in place to mitigate these risks are shown in the table below.
The Group risk heat map summarised here shows the residual risk rating as at 31st March 2021 after mitigating actions have been taken. All risks are kept under regular review by settle’s Executive Team, the Audit and Risk Committee and the Board.
Risk Management of Rowan Homes (NHH) Ltd
The same approach to risk management is in place for our subsidiary Rowan Homes (NHH). As at 31st March 2021, the key risks on Rowan Homes (NHH)’s risk assurance framework, together with the principal controls we have in place to mitigate these risks are shown in the table below.
The Group risk heat map summarised here shows the residual risk rating as at 31st March 2021 after mitigating actions have been taken.
Statement on Internal Controls Assurance
The Board acknowledges its responsibility for ensuring that settle has in place a system of internal control that is appropriate for its operations and for reviewing its effectiveness. The system of internal control is designed to manage risk and to provide reasonable, but not absolute, assurance that key business objectives and expected outcomes will be achieved. It also exists to give reasonable assurance about the preparation and reliability of financial information and the safeguarding of assets.
In meeting its responsibilities, the Board has adopted a risk-based approach to internal controls, which is embedded within normal management and governance processes. This approach includes the regular evaluation of the nature and extent of risks.
Key elements of our internal control framework include:
- Board-approved terms of reference and delegated authorities to the Group’s Committees;
- An annual review of compliance with the NHF Code of Governance;
- Formal board evaluation and appraisal procedures; this included an external board effectiveness review in the spring of 2021;
- Clear responsibilities for the identification, evaluation and control of risk. The Executive Team and the Audit and Risk Committee consider risks throughout the year. The Chief Executive and the Audit and Risk Committee are responsible for reporting any significant changes to the Board;
- Committee approved internal audit plan and internal audit reporting at Committee meetings;
- Regular reporting by the appropriate committee or the Board of risk information;
- Key health and safety issues reported to the Health, Safety and Wellbeing Board, the Audit and Risk Committee and the Board;
- Financial reporting procedures that include detailed budgets and forecasts for the year ahead;
- The Board regularly reviews key performance indicators to assess progress towards the achievement of key business issues, objectives, targets and outcomes;
- A detailed approach to treasury management and stress-testing;
- Regular monitoring of loan covenants and loan facilities;
- Chief Executive’s assurance to the Audit and Risk Committee and the Board;
- Review and assessment of compliance with the RSH regulatory standards at least twice a year to the Board;
- Regular updates and reporting by the external auditors; and
- Policies and procedures to reduce the risk of fraud, bribery and money laundering.
Our work on Data Governance has continued throughout the year with a focus on analysis of business critical data, and mapping of the flow of data across the organisation. We have successfully implemented a programme of annual data reviews across the business and made significant progress on the mapping of data journeys for our key performance data. This is a multi-year project and stage 1 of this will be completed during the first quarter of 2021-22.
The Board has delegated to the Audit and Risk Committee the regular review of the effectiveness of the system of internal controls, whilst maintaining ultimate responsibility for the system of internal control.
The Audit and Risk Committee reviewed the effectiveness of the system of internal control from the period commencing 1 April 2020 up to the date of approval of the financial statements, and the annual report of the internal auditor, and reported to the Board that it found no significant weaknesses in the system of internal control.
Governance and Financial Viability Standard
The Board confirms that an assessment of settle’s compliance with the Governance and Financial Viability Standard has been completed and certifies that settle is compliant with the Governance and Financial Viability Standard.