Example: air traffic controller

Risk Management Framework

Risk Management Framework TTHHIISS PPAAGGEE IINNTTEENNTTIIOONNAALLLLYY LLEEFFTT BBLLAANNKK Foreword The South Australian Government Risk Management Policy Statement 2009 advocates that consistent and systematic application of risk Management is central to maximising community outcomes, deriving the benefit of opportunities, managing uncertainty and minimising the impact of adverse events. Consistent with this policy the Department for Communities and Social Inclusion (DCSI) is committed to protecting itself, employees and others from situations or events that would prevent it from achieving its strategic goals and objectives. Risk Management is an integral part of good Management practice and the provision of safe workplace environments. A systematic approach to managing risks and opportunities is more effective and efficient than allowing informal, intuitive processes to operate.

Governance Framework with a reporting structure that reflects corporate needs and local circumstances. 3 4 Risk management is based on the best available information DCSI has rich data sources that are fostered by open channels of communication, allowing the highest level of information to be conveyed effectively to stakeholders. 6 6

Fullscreen Download

Tags:

  Governance, Management, Corporate, Risks, Framework, Risk management, Risk management framework

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of Risk Management Framework

1 Risk Management Framework TTHHIISS PPAAGGEE IINNTTEENNTTIIOONNAALLLLYY LLEEFFTT BBLLAANNKK Foreword The South Australian Government Risk Management Policy Statement 2009 advocates that consistent and systematic application of risk Management is central to maximising community outcomes, deriving the benefit of opportunities, managing uncertainty and minimising the impact of adverse events. Consistent with this policy the Department for Communities and Social Inclusion (DCSI) is committed to protecting itself, employees and others from situations or events that would prevent it from achieving its strategic goals and objectives. Risk Management is an integral part of good Management practice and the provision of safe workplace environments. A systematic approach to managing risks and opportunities is more effective and efficient than allowing informal, intuitive processes to operate.

2 DCSI s adoption of a structured approach to risk Management : defines a process for systematically managing the risk of all functions and activities in the organisation; encourages a high standard of accountability at all levels of the organisation; supports effective corporate and clinical governance systems and reporting mechanisms; encourages a high standard of efficient and effective client focused care and service delivery by taking advantage of opportunities for improvement; and allows the organisation to better meet its client and community demands. It is everyone s responsibility to be involved in the identification, evaluation and treatment of risks and opportunities that could impact or influence outcomes for the organisation. We trust this Framework is useful in assisting you to integrate risk Management into your role within the department.

3 Andrew Thompson Executive Director Financial Services A5013136 Page 4 of 42 TABLE OF CONTENTS Foreword .. 3 1. Introduction .. 5 2. What is Risk Management ? .. 7 3. Risk Management Principles .. 8 4. The Approach to Managing risks .. 10 5. The Risk Management Process .. 12 6. Roles and 16 7. Recording and Reporting Requirements .. 18 Appendices .. 21 Appendix 1 - SA Government Risk Management Policy 23 Appendix 2 DCSI Risk Management Policy .. 24 Appendix 3 - DCSI Risk Management Plan .. 27 Appendix 4 - Detailed Risk Management Process .. 28 Appendix 5 - Risk Categories and Potential Sources of Risk .. 36 Appendix 6 - DCSI Risk Assessment Matrix .. 37 Appendix 7 - DCSI Risk Escalation Flowchart .. 39 Appendix 8 - DCSI Risk Management Glossary .. 40 Version December 2012 A5013136 Page 5 of 42 1. Introduction The purpose of this Framework is to; define risk Management ; outline the department s risk Management plan (Appendix 3); describe the approach to managing risks based on AS/NZS ISO 31000:2009 principles; outline guidance on the risk Management process with a detailed context (Appendix 4); outline roles and responsibilities for risk Management within the department; and explain the risk Management recording and reporting requirements within the department.

4 Risk Management is implemented in a manner consistent with three directive documents. They are: AS/NZS ISO 31000:2009 Risk Management : Principles and Guidelines The international risk Management standard states that the success of risk Management will depend on the effectiveness of the risk Management Framework providing the foundations and arrangements that will embed it throughout the organisation at all levels. The Framework ; assists in managing the risks effectively through the application of the risk Management process; ensures that the information about risks derived from the risk Management process is accurately reported; and that the information is used as a basis for decision making and accountability at all relevant organisational levels. (AS/NZS ISO 31000:2009) Available at (Use of this reference material is subjected to copyright laws DCSI can reproduce this document for internal use only) A5013136 Page 6 of 42 Government of South Australia Risk Management Policy Statement The Government of South Australia Risk Management Policy Statement 2009 states: the South Australian Government recognises that commitment to risk Management contributes to sound Management practice and increasing community confidence in government performance Further, the Risk Management Policy Statement indicates that the Chief Executive of the Department for Communities and Social Inclusion (DCSI) is accountable to the relevant ministers for the development and implementation of a risk Management Framework specific to the departments business and organisational needs.

5 The key principle which underpins this statement is that risk Management contributes to the creation of sustainable value . (The Policy Statement is contained in Appendix 1) DCSI Risk Management Policy The DCSI Risk Management Policy confirms the department s commitment to identify, assess and manage risks which may prevent the achievement of strategic goals and objectives. Risk Management is regarded as an integral part of good Management practice and the provision of safe workplace environments. The policy directs that the department will integrate risk Management into its culture, decision-making processes, programs, practices, business planning and performance reporting activities and will establish a safe working environment for its staff. The DCSI Risk Management Policy is applicable to the whole of organisation as per organisational structure below: (The policy is contained in Appendix 2) Chief Executive Policy & Community Development Financial Services Disability & Domiciliary Care Services Youth Justice, Community Engagement & Organisational Support Disability SA Multicultural SA State Recovery Human Resources Office for Women Housing SA risk Management contributes to the creation of sustainable value A5013136 Page 7 of 42 2.

6 What is Risk Management ? Risk Management is about managing threats and opportunities. AS/NZS ISO 31000:2009 describes risk as the effect of uncertainty on objectives When Management of risks or opportunities is effective, it often remains unnoticed. When it fails, the consequences for clients and staff may be significant and politically high profile. Having good risk Management practice ensures that the department can undertake activities with the knowledge that measures are in place to maximise the benefits and minimise the negative effect of uncertainties on organisational objectives. The risk Management process is a systematic application of Management policies, procedures and practices to the activities of communicating and consulting, establishing the context, identifying, analysing, evaluating, treating, monitoring and reviewing risk . AS/NZS ISO 31000:2009 A5013136 Page 8 of 42 3.

7 Risk Management Principles Translating the AS/NZS ISO 31000:2009 The following table lists the principles identified in the AS/NZS ISO 31000:2009 standard which underpins effective risk Management . The table provides a synopsis of what the principles mean to this department. Along with this departmental approach, the South Australian High Performance Framework Characteristics and the Australian Business Excellence Framework Principles have also been aligned to demonstrate a holistic technique in achieving best practice ISO 31000: Principles of Risk Management How these principles apply to DCSI How it aligns to SAHPFC ABEF Risk Management creates and protects value Risk Management contributes to DCSI pursuing its primary objective of meeting the needs of the most disadvantaged in the community by the application of best practice in governance , human resource and asset Management and the identification of opportunities to improve the value of DCSI services to clients.

8 2 2 Risk Management is an integral part of all organisational processes DCSI incorporates risk Management into business planning and processes across all levels of the organisation and ensures consideration is given to financial, social and environment factors. 9 1 Risk Management is part of decision making Decisions made in DCSI by individuals, teams, units and divisions through to the Executive Leadership Team have regard to risk information and knowledge that is accurate, timely and complete. 1 9 Risk Management explicitly addresses uncertainty The recording and reporting of risks within DCSI is clear and concise and is responsive to organisational change. 5 7 Risk Management is systematic, structured and timely The risk Management process exists within the DCSI governance Framework with a reporting structure that reflects corporate needs and local circumstances.

9 3 4 Risk Management is based on the best available information DCSI has rich data sources that are fostered by open channels of communication, allowing the highest level of information to be conveyed effectively to stakeholders. 6 6 Risk Management is tailored The whole of DCSI, its divisions, and all of its business units, work with risk Management procedures that are tailored to meet their specific needs. 10 1 Risk Management takes human and cultural factors into account Consultation on the development and implementation of risk Management ensures policies; frameworks and practices in DCSI reflect the diversity of activities of the organisation, its staff and its clients. 7 8 Risk Management is transparent and inclusive Risk Management in DCSI involves the engagement of internal and external stakeholders through respectful acknowledgement of their contribution to the communication & consultation and monitoring & reviewing processes.

10 8 4 Risk Management is dynamic, iterative and responsive to change Risk Management in DCSI responds to the changing needs of the organisation, its staff and its clients by continually self-assessing, monitoring and reviewing business processes against the South Australia s Strategic Plan. Education and training within DCSI is tailored to the needs of Divisions and Business Units. 4 5 Risk Management facilitates continual improvement of the organisation In DCSI the identification and application of controls and treatments as a result of robust risk assessments, including refinement, leads to improved business practices and increased maturity of the risk Management process. 4 3 A5013136 Page 9 of 42 SA High Performance Framework Characteristics These characteristics state that high performing organisations: 1 Are well led 2 Are built on clear values 3 Are strategic 4 Are innovative and continually improving 5 Use information and knowledge effectively 6 Engage their workforce and stakeholders 7 Are customer and citizen focused 8 Are accountable 9 Manage to the triple bottom line 10 Focus on results The Australian Business Excellence Framework Principles of leadership and Management 1 Clear direction and mutually agreed plans enable organisation alignment and a focus on the achievement of goals.

Show more

Documents from same domain

COVID-19 Fact Sheet Cleaning and disinfection in the workplace

COVID-19 Fact Sheet Cleaning and disinfection in the workplace

dhs.sa.gov.au

COVID-19 Fact Sheet Cleaning and disinfection ... Safety and Personal Protective Equipment (PPE) ... methylated spirits). Household bleach is an effective disinfectant and comes in a variety of strengths. The concentration of active ingredient can be found on the product label.

  Sheet, Safety, Spirit, Methylated, Methylated spirit

Financial Services A4 Template 1 col

Financial Services A4 Template 1 col

dhs.sa.gov.au

updated strategic risk register and risk assessment matrix. Visible focus on managing strategic risk emergence and uncertainty • Exercising risk leadership by example and communicating the risk culture; • Modelling behaviours based on principles outlined in this framework;

  Registers

Related documents

Information Security & ISO 27001 - IT Governance

Information Security & ISO 27001 - IT Governance

www.itgovernance.co.uk

its survival. The role of IT in corporate governance, in that case, has become more clearly defined, and IT governance is increasingly recognised as a specific area for board and corporate attention. The information security standards The ISO 27000 family of standards offers a set of specifications, codes of conduct

  Information, Security, Governance, Corporate, 27001, Information security amp iso 27001, Corporate governance

Environmental, Social and Governance Report

Environmental, Social and Governance Report

corporate.bestbuy.com

Jan 30, 2021 · Governance. Corporate governance 81 Ethics 82 Data privacy and security 84 Product safety 86 Political activity 87 Stakeholder engagement 89 Association memberships 90. ... were the first U.S. large-format retailer to earn ISO 14001 certification, and are certified by a third party to the newest standard, ISO 14001:2015. ...

  Governance, Corporate, Corporate governance

Information Security Policy - NHS England

Information Security Policy - NHS England

www.england.nhs.uk

The role of the Head of Corporate Information Governance supported by the Head of Corporate ICT Technology and IT Cyber Security. ... processors have appropriate ISO and/ or Cyber Essentials accreditation where appropriate for assets stored electronically with third parties. Information Asset

  Policy, Information, Security, Governance, Corporate, Information security policy

Risk Governance Checklist - Effective Governance

Risk Governance Checklist - Effective Governance

www.effectivegovernance.com.au

key elements of risk governance, which includes the board itself, compliance risk and organisational culture along with risk management. NOTE: This checklist is only meant as a guide to establishing good practice risk governance. The presence or absence of many of the topics in the questions below will be dependent on the maturity

  Governance, Checklist, Risks, Risk governance checklist

Auditing IT Governance - IIA

Auditing IT Governance - IIA

www.iia.nl

www.theiia.org Auditing IT Governance 5 Introduction The highest level of governance is organizational governance, which is defined by the International Standards for the Professional Practice of Internal Auditing as “the combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the

  Governance

Understanding ISO 20022: A Resource Guide for Financial ...

Understanding ISO 20022: A Resource Guide for Financial ...

fedpaymentsimprovement.org

Adoption of ISO 20022. The white paper, available on the Business Payments Coalition website, summarizes findings from a corporate survey and shares secondary research. It demonstrates that ISO 20022 is being adopted in the U.S. for corporate to bank operations, explains why, and provides substantiating evidence.

  Corporate, Iso 20022, 20022

ISO 14001:2015 - ISO 9001 Checklist

ISO 14001:2015 - ISO 9001 Checklist

www.iso-9001-checklist.co.uk

ISO 14001:2015 EMS Manual www.iso-9001-checklist.co.uk Page 7 of 40 2. All corporate requirements imposed by upper levels of our organization; 3. All relevant requirements of relevant interested parties that our organization decides to comply with, these may either be contractual (customers) or voluntary (environmental commitments).

  Corporate

Handbook for Implementers of ISO 26000, Global Guidance ...

Handbook for Implementers of ISO 26000, Global Guidance ...

www.ecologia.org

Handbook for Implementers of ISO 26000 5 Key Elements of ISO 26000: Stakeholders, Core Subjects and Reporting 1) Stakeholders are those people and groups that are affected by the actions of your business. These can include workers, …

  Iso 26000, 26000

Related search queries

Information Security & ISO 27001, Governance, Corporate governance, Corporate, Information Security Policy, Risk Governance Checklist, ISO 20022, ISO 26000