Our risk appetite
Seeking out and engaging with new opportunities to drive positive outcomes for Australians means taking and sometimes realising risks. We acknowledge that is a part of doing business and it is incumbent on us to ensure we do so in a considered and effective way to reduce the likelihood of adverse outcomes or their impacts.
To achieve our vision, we must be innovative in our policy development, simplify our program delivery and continue to exceed expectations in delivering on the Government’s priorities. This means taking measured risks where the potential benefit exceeds the potential downside; however, we do not tolerate repeat failures and systemic issues.
We recognise that effective risk engagement and risk management must be part of our culture—they must be embedded in our policies, processes and systems. This ensures we continue to make good decisions in the face of a complex and uncertain operating environment.
Our risk framework
Our Risk Management Framework 2018–20 sets out a systematic approach to risk management for all our business operations and staff at all levels. We achieve this through a consultative approach and tools designed to:
- build organisational risk capability so that risk awareness and effective engagement become part of our mindset and our skillset
- embed risk management into business processes and performance management so that risk thinking adds value
- drive better knowledge management to improve our performance in achieving our purposes.
We have established systems of risk oversight, management and internal controls in accordance with section 16 of the Public Governance, Performance and Accountability Act 2013 and the Commonwealth Risk Management Policy.
The Executive Board is responsible for determining and reviewing our risk appetite, tolerance levels and the department’s performance in managing risks. The Executive Board is active in identifying emerging risks and provides support to the Secretary in the strategic management of the department’s risks.
The Assurance and Audit Committee considers the appropriateness of the risk management framework, adequacy of procedures and overall effectiveness of risk management systems and processes, including providing independent advice and assurance to the Executive Board.
We undertake periodic risk reviews, reporting results and findings through our departmental governance structures. This includes regular monitoring of and reporting on the risk environment to the Audit Committee and during the business planning and review process.
The framework is consistent with the Commonwealth Risk Management Policy and is designed in accordance with the Australian and New Zealand Risk Management Standard ISO 31000:2009, Risk management—principles and guidelines.