B4 - Risk Management

  • The Audit Committee and Executive Management Board oversight the Directorate's risk management frameworks and the efficacy of the organisation's approach to risk management.
  • The Directorate's Governance Commitment Statement clearly articulates the expected approach to risk management and the organisation's risk appetite. It supports implementation of the Risk Management Policy which provides a framework for the identification, assessment and management of risk on a consistent basis. The Directorate's Governance Strategy outlines the continuous improvement approach being taken to embed this commitment to governance across the organisation and support effective risk management.
  • Business continuity management is a core component of good governance and in 2017-18 a comprehensive review of the organisation's emergency management and business continuity plans was completed. As a result, a new Emergency and Incident Management Policy was endorsed, which outlines the framework for the response to an emergency, incident or disaster. Under this policy a new Emergency Management Plan was created, outlining the responses to emergencies within the organisation, and the Business Continuity Plan was refreshed to ensure it reflects the roles and responsibilities within the Directorate. These documents will be tested annually to ensure they meet the needs of the organisation and support effective and timely responses to emergencies and incidents.
  • The Directorate continued to access support and advice from the ACT Insurance Agency to enable effective risk management practices, and identify areas for further improvement. Throughout the year 19 Directorate staff attended ACT Insurance Agency risk management training. Staff are encouraged to attend in accordance with their roles and their business area's requirements.

In 2018-19, as part of its Governance Strategy, the Directorate will complete a comprehensive review of its risk management framework in the context of the recently revised AS/NZS ISO 31000:2009 Risk Management - Principles and Guidelines.