Visit our devolution and LGR hub for the latest information, support and resources

Improvement and assurance framework: Self-assessment tool

This tool supports local authorities to assess their own assurance arrangements and undertake self-improvement.

This tool is designed to help local authorities assess the measures they have in place to gain assurance of their performance and corporate governance, as set out in the 'Improvement and assurance framework for local government'. It is intended to be used by corporate statutory officers, in consultation with members and other key officers.

Councils can use this tool to self-assess the extent to which they are undertaking assurance activities effectively, and to:

  • inform the council’s annual review of the effectiveness of its system of internal control
  • support preparation for external challenge, including Corporate Peer Challenge or inspections, and
  • support the corporate statutory officers in their roles to ensure and support good governance in the authority.

It may also assist you in preparing for your Annual Governance Statement or addressing specific areas of concern which require assurance.

Download the editable 'Improvement and assurance framework: Self-assessment tool'.

How does the council continuously assure itself?

Sources of assurance (‘Three lines’)

The ‘three lines model’ outlines the contributions that different sources of assurance can provide. The three lines include:

  • Management assurance: These are actions by managers and staff who are responsible for identifying and managing risk as part of their day-to-day management and delivery of services.
  • Oversight and compliance assurance: These are the ways the authority oversees the effectiveness of its controls so that it operates effectively.
  • Independent assurance: These are independent reviews which provide an objective evaluation of the authority’s controls and performance to ensure reliability and compliance.

What is the action?

These are the activities which should contribute to assurance, in line with best practice.

Examples of evidence

These are examples of how to provide evidence that assurance activities are being conducted effectively.

Table 1: How does the council continuously assure itself?
Sources of assurance (‘Three lines’) What is the action? Examples of evidence
Management assurance

Where current external/ independent/ benchmarked assurance is not available, senior managers conduct robust annual reviews of the effectiveness of controls within their areas of responsibility. Their assurance statements:

  • confirm completion of reviews
  • identify the degree of assurance provided
  • identify actions for improvement as appropriate.

Assurance statements are:

  • completed by all senior managers
  • consider essential factors1
  • include areas for improvement
  • tested for robustness and completeness
  • reviewed by corporate statutory officers
  • inform annual governance statement
  • shared with the relevant portfolio holder/policy committee chair, where limited/no assurance is provided.
Management assurance The council has appropriate project and programme management arrangements in place for all significant projects and programmes, with links to corporate oversight and performance reporting.
  • Project and programme management governance policy/framework includes standards for accountabilities, governance, reporting and risk management, with clear criteria for its application.
  • Compliance with project/programme management framework is tested and reported to Corporate Management Team.
  • Minutes of Corporate Management Team show that as risk increases, associated assurance arrangements are increased.
  • Performance/benefits realisation, finance and risk reporting to Corporate Management Team and Executive/relevant committee.
Management assurance Resident and staff surveys are regularly conducted. Corporate Management Team and Executive/ relevant committee each consider their findings and agree appropriate actions.

Surveys are conducted annually and:

  • findings are published on the council’s website/intranet and external/internal communication channels as appropriate
  • Corporate Management Team and Executive/ relevant committee consider and approve plan to address findings and incorporate actions in business plans.
Management assurance

The council’s decision-making is informed by:

  • clear, appropriately concise reports
  • all appropriate professional advice and due diligence
  • consideration of risk and alternative options
  • consideration of equalities implications
  • appropriate consultation and engagement.
  • Documented process/timelines for signoff of decision reports, enabling timely and comprehensive advice.
  • Corporate statutory officers meeting routinely reviews and ‘quality tests’ decision reports.
  • Report writing training provided to report writers and those providing comments.
Management assurance The council’s code of local governance reflects the council’s current governance arrangements.
  • Corporate statutory officers at least annually review the code for currency/completeness and recommend updates where required.
  • Report/ minute of meeting: the council’s committee with delegated responsibility for governance reviews the code at least annually.
Management assurance The council regularly reviews its arrangements for complaints, member casework, FOIs, SARs and whistleblowing, ensuring that arrangements reflect current good practice and that they inform organisational learning.
  • Corporate Management Team, Executive/ Policy and Resources Committee review performance on complaints, member casework, FOIs, SARs at least annually (meeting minutes/ reports).
  • Review of arrangements conducted at least annually, with significant areas for improvement and actions reported in annual governance statement.
  • Scrutiny includes consideration of arrangements for complaints in its annual work programme and makes recommendations to the Executive.
Management assurance The council regularly reviews and updates its constitution and schemes of delegation to ensure they reflect current good practice and are appropriate to the council’s present context.
  • Corporate statutory officers ensure review of scheme of delegation and consider findings and recommendations at least annually.
  • Monitoring Officer reviews constitution at least annually.
Management assurance The ‘Golden Triangle’ complies with the code of guidance for governance statutory officers2.
  • CIPFA 'Code of practice on good governance for local authority statutory officers'.
  • The Chief Finance Officer and Monitoring Officer are members of the senior leadership team.
  • Regular meetings are held between the Head of Paid Service, Chief Finance Officer, and Monitoring Officer.
  • The ‘Golden Triangle’ meet with the Head of Internal Audit on a regular basis.
  • Minutes of the meetings are recorded to evidence when issues are reported and discussed, and any advice given.
Management assurance Key roles3 have direct access to members of the ‘Golden Triangle’.
  • Terms of reference for corporate statutory officer meetings include arrangements for key roles to attend as/when appropriate.
  • Corporate statutory officer meetings routinely consider issues relating to other key statutory/ assurance roles.
  • Chief executive meets regularly with chairs of adult and children’s safeguarding boards.
Oversight and compliance assurance Directorates, Corporate Management Team, Executive/ Policy and Resources Committee and Scrutiny (where applicable) each review performance, finance and risk at least quarterly4 and take action to address any risks of under-performance (service and corporate plan delivery).
  • Audit Committee approves and regularly reviews risk management strategy and methodology for assessing performance and risk (for example, RAG rating based on clear, impartial, empirical scoring system).
  • Reports/minutes of meetings: actions to address under-performance are minuted, include an owner and are addressed/monitored at the following meeting.
Oversight and compliance assurance

The Audit Committee:

  • has terms of reference which reflect CIPFA good practice guidance
  • plans its work programme to ensure that all elements of their remit are covered during the year.
  • Report/minute of meeting: the committee reviews its terms of reference at least annually, taking account of CIPFA good practice guidance, recommending changes to the constitution where required.
  • Report/minute of meeting: the committee plans its annual work programme to address all aspects of the terms of reference.
  • Member learning and development to support the committee to understand priority business.
Oversight and compliance assurance

Scrutiny/ policy committees (as appropriate):

  • regularly review their work to ensure its effectiveness in leading to improved outcomes for local people
  • listen to a range of independent voices to inform scrutiny/ policy development
  • plan their work programmes informed by these reviews.
 Annual report to full council evidences annual review, changes arising from review, engagement with range of independent voices and outcomes achieved by scrutiny.
Oversight and compliance assurance Standards Committee has the promotion of good standards of member behaviour and member learning and development within its remit, and regularly reviews its effectiveness.
  • The committee’s terms of reference include the promotion of good standards of behaviour (the member code of conduct) and member learning and development.
  • Annual report to full council on the committee’s work to promote good standards of behaviour and engagement with member development.
  • Committee reports and minutes evidence, scrutiny and challenge of activity on standards, member learning and development and engagement with the programme.
Oversight and compliance assurance

The Annual Governance Statement:

  • is informed by a cross-council review of the effectiveness of controls and governance5
  • is prepared in accordance with CIPFA/ SOLACE guidance
  • is an honest assessment of the council’s strengths and areas for development, including progress in addressing previously identified areas for improvement and forward risks
  • includes an action plan
  • is robustly challenged, in draft form, by the audit committee.
  • The statement includes:
    • outline of member and officer engagement in the preparation of the statement
    • improvement actions, including timeframes and owners
    • updates on progress against previous areas for improvement
    • assessment of the match between assurance activity and current risks
    • triangulation of evidence from internal audit, external audit, other inspections/peer reviews, performance against standards (for example, code of connection).
  • Report/minutes of the audit committee’s public consideration of the draft statement, having considered the statement’s accuracy taking account of the information considered during the period.
  • Progress against improvement actions is appropriately monitored throughout the year.
  • Local audit considers the statement’s accuracy, that improvement actions identified are appropriate and previously actions have been addressed.
Oversight and compliance assurance The council undertakes regular reviews of the governance of any local authority trading companies, informed by good practice guidance.
  • The outcome of the review of LATCo governance is included within the council’s annual governance statement, with any improvement actions.
  • LATCo governance is appropriately aligned/referenced with(in) the council’s constitution/code of governance.
  • Members and officers engaged in the governance of any LATCo receive appropriate training including arrangements for identifying and handling potential conflicts of interest.
  • The role of council officers acting as LATCo directors is reported and reviewed regularly by the Head of Paid Service, in consultation with key members.
  • Performance, finance and risk related to the LATCo is regularly reported to members, enabling consideration of cumulative impact on the authority’s levels of risk.
Oversight and compliance assurance The council regularly reviews the effectiveness of its external partnership arrangements.
  • Report/minutes of consideration by the committee with delegated responsibility for governance of regular reviews of the arrangements for each external partnership.
  • Arrangements for appointing and reviewing member appointments to external partnerships are contained within the constitution.
Independent assurance The head of internal audit and the external auditor have direct access to the Chair of the Audit Committee (and vice versa), meeting in closed session if necessary.

Reports from the head of internal audit and external auditor appear with appropriate frequency on the agenda of Audit Committee.

The Audit Committee chair has received training on their role in relation to the head of internal audit and external auditor and has their contact details to enable direct contact if required.

The head of internal audit and the external auditor confirm their ability to hold confidential discussions with the Chair of Audit Committee, if required.
Independent assurance Senior managers respond promptly to internal and external audit recommendations and ensure delivery of action plans to address recommendations.
  • Reports/minutes of Corporate Management Team show regular monitoring of progress in responding to internal and external audit recommendations, implementation of management actions and actions taken to address any delays.
  • Reports/minutes of Audit Committee regularly monitoring progress against audit recommendations.
Independent assurance The council ensures compliance with the Public Sector Internal Audit Standards6.
  • Audit Committee seeks and gains assurance that the council is compliant with the Public Sector Internal Audit Standards (reports/minutes of meetings) and monitors progress in implementing improvements where required.
Independent assurance

The council:

  • regularly commissions external reviews to assess its efficiency and effectiveness, including a Corporate or Finance Peer Challenge at least every five years
  • monitors delivery of action plans arising from external reviews.
  • Corporate/Finance Peer Challenge report published on the council’s website.
  • Report/minutes of Executive/policy and resources committee and/or full council public consideration of peer challenge recommendations; the council’s action plan (including timeframes and owners); and monitoring of implementation.
  • Findings of bespoke external reviews commissioned where additional assurance is required or weaknesses are identified, are publicly reported and considered at the relevant committee.

 

Table 1 footnotes

  • Including procurement/ contract management/ data quality/ provision of and engagement with training and networking for members and officers/ compliance with HR policies, appraisals, anti-fraud.
  •  Ensure consideration of service/ safeguarding/ resilience/ health and safety risks/ issues as well as corporate/ governance/ compliance with all necessary professional/ statutory codes.2
  •  Head of internal audit, Senior Information Risk Owner, Caldicott Guardian, Chair of Adult Safeguarding Board, Chair of Children’s Safeguarding Board.3
  •  Including complaints, performance against statutory requirements as well as local priorities. Do they include key risks, for example, safeguarding early warning indicators, delivery of savings, and include appropriate benchmarks?4
  •  Use the challenging questions for the leadership team in ‘Developing an effective assurance framework in a local authority’ as part of this review.5
  •  Are there any other similar standards for other service areas which aren’t subject to inspection?6

 

Table 2: How does the council make it easier for others to hold it to account?
What is the action? What is the evidence?
Full council requires key committees (for example, scrutiny, audit, standards) to give an account of their work annually and for the chair to be questioned by the council on the effectiveness of the committee’s work.
  • Committees’ annual report to council, including each committee’s remit, outcomes and objectives achieved and proposed forward plan for the next year.
The council publishes a comprehensive forward plan7 for future decisions, with sufficient detail to aid public understanding.
  • The council’s forward plan is published and easily locatable on the council's website.
  • The forward plan contains sufficient detail for members of the public and elected members to understand the nature and scope of future decisions.
  • Key decisions appear on the forward plan at a minimum 28 days before they are made.
The council publishes all member decision-making reports in accordance with statutory requirements and with only confidential/ exempt information included in report appendices on the ‘Part B’ agenda.
  • All decision-making reports are published a minimum of five clear working days before consideration.
  • The corporate statutory officers regularly review practice in relation to confidential/exempt information, ensuring that only the essential minimum appears in appendices on the ‘Part B’ agenda.
  • The annual governance statement addresses whether all member decision making adhered to statutory requirements and good practice in relation to publication of decision-making reports and handling of confidential/ exempt information.
Full council and scrutiny/ policy committees make appropriate provision for members of the public to ask questions/ bring petitions and receive responses.
  • The constitution includes a clear procedure for questions from members of the public, including at which meetings questions can be asked, to whom, for what period and with what prior notice.
  • The constitution includes a clear procedure for the submission of petitions, with appropriate thresholds.
  • The council’s website includes in a prominent location clear guidance on the procedures, with a contact for further guidance as required.
The council meets all requirements of the Local Government Transparency Code 2015 and Model Publication Scheme.

The council makes it easy for all elected members and the public to find the following, with introductory information where helpful to aid understanding:

  • The Council Plan
  • Local Code of Governance
  • Annual Governance Statement
  • Medium Term Financial Strategy
  • annual budget
  • statement of accounts
  • annual audit report
  • reports by inspectors, regulators and other external reviewers
  • performance reports.
  • The documents, with clear introductions, are published on the council’s website and are easily navigable from the home page.
  • There is a documented process and clear ownership for checking that the information remains current.

 

Table 2 footnotes

  •  Whether or not legally required to do so.7

Further reading

White text reading Improvement and assurance framework for local government on orange, green, pink chevron background

Improvement and assurance framework for local government

Each council must take appropriate measures to gain assurance both of the performance of its services and of its corporate governance. This framework is designed to support local authorities to understand the various components of assurance and accountability in local government, and to access guidance and support to increase the effectiveness of assurance activities in the sector.

Publications

Highlighted pages

Governance and assurance

Improvement and assurance framework for local government

Councillor's guide: Improvement and assurance framework for local government