17. Dr Limbrick told us that although previous CSAS audits covered several important areas, she thought that they did not look at certain areas in “sufficient detail”.^[1] To improve consistency in safeguarding, in August 2017 CSAS introduced a National Quality Assurance Framework.^[2] The framework looks at six areas of safeguarding practice:^[3]

• prevention of harm and promotion of well-being;
• management of safeguarding concerns and allegations;
• risk identification, assessment and management;
• the response of the Church to survivors, victims and others affected by abuse;
• management and care of individuals accused or convicted; and
• governance.

Dr Limbrick considers that this framework will allow “a more in-depth analytical look at the work undertaken and the rationale for certain actions”.^[4]

18. The 2019 CSAS audits of the diocesan and independent religious safeguarding commissions focussed on the management of safeguarding concerns and allegations as well as risk identification, assessment and management.^[5] There were a number of key findings from some of these audits.

18.1. The April 2019 audit of Ampleforth’s safeguarding commission acknowledged that, since the Inquiry’s report in August 2018, there had been “a significant amount of change” in respect of safeguarding arrangements.^[6] It noted that whilst a number of statutory agencies had conducted reviews, CSAS remained concerned that recommendations to commission risk assessments and review safeguarding plans had “not yet been fully implemented” and that safeguarding plans were not the subject of timely reviews. The audit concluded that management of individuals was “not always effective, resulting in refusals to comply with restrictions and in breaches of plans”.^[7]

18.2. The Archdiocese of Birmingham’s June 2019 audit “found a significant improvement in record keeping; evidence of robust management of subjects and cases; and active, regular and appropriate supervision”.^[8] CSAS revisited the Archdiocese in January 2020 to monitor the improvements and confirmed “that the improvements had been sustained”.^[9]

18.3. The Archdiocese of Westminster’s June 2019 audit found that supervision of cases and files was “well documented” and that “appropriate and consistent” actions were taken once a case had been referred, including “working in partnership with colleagues within and outside of the Church and informing regulatory bodies”.^[10]

18.4. The Archdiocese of Menevia’s May 2019 audit noted that the safeguarding coordinator role was part time and had no administrative support.^[11] The audit was concerned about cases not being referred to the coordinator in a “timely way” but said that, once notified, the coordinator’s case management was “appropriate” and information was shared with the internal and external individuals/agencies to “manage risks”.

19. Each bishop, religious institute leader, safeguarding commission chair and safeguarding coordinator receives a copy of the audit report for their institution. Action plans continue to be used where recommendations are made or areas for development identified. CSAS (on behalf of the National Catholic Safeguarding Commission (NCSC)) will “follow up on progress” of any action plan.^[12] One safeguarding coordinator told us that recent audits were:

“very helpful but are very limited … Given the limited resourcing available to CSAS and the time that such reviews take this will always be the case.”^[13]

20. CSAS also prepares an overview report, which is shared with a number of individuals and organisations, including with the NCSC.^[14] The overview report for the 2019 audits reached a number of “thematic” conclusions.^[15]

20.1. There was “good evidence of cooperation” between the safeguarding commissions and the statutory agencies, where allegations and concerns were “mostly reported unless there is an identified rationale for not doing so e.g. already known, not considered appropriate for referral”.^[16]

20.2. There was evidence of “diligent” record-keeping in some safeguarding commissions.^[17] Where there was poor record-keeping, it was difficult to understand the action that had been taken and to ascertain whether risks were being managed. Electronic case management systems improved record-keeping.

20.3. Although not the focus of the audits, there was “some evidence of good victim/survivor focused work”.^[18] The inclusion in the quality assurance framework of an assessment of the response of the Church to survivors, victims and others affected by abuse is to be welcomed.

21. However, there remain concerns about:

• the use of risk assessments: in over half the files it was not clear how the risk assessment was used to inform risk management and the report suggested that future audits could focus on this issue;^[19]
• reviews of safeguarding plans: 101 of the 205 individual safeguarding plans reviewed “appeared” to be operational but, in the absence of regular reviews, it was not always possible to determine whether a plan was operational and still relevant:^[20]
   

  “11 of the dioceses and religious safeguarding commissions had safeguarding plans that had not been reviewed in accordance with national policy and procedure”;^[21]

• inconsistent record-keeping and lack of reviews of safeguarding plans: both of these factors made it difficult to ascertain which safeguarding plans were active and managing risk and which safeguarding plans were no longer required or may no longer be addressing risk and require urgent attention.^[22]

22. Safeguarding plans play a crucial role in keeping children safe and must be regularly reviewed to ensure that the risk posed by the subject is actively managed. Failure to review plans in accordance with national policy exposes children to the risk of harm.