3.1 The University is committed to excellence and continual improvement, and will continue to encourage innovation whilst maintaining a low-risk profile. Staff are encouraged to adopt a positive approach to risk management, which further strengthens the risk-aware culture (as opposed to a risk-averse culture) of the University.
3.2 Risk management is incorporated into the strategic and operational planning and quality processes at all levels within the University in order to minimise the impact of risk.
3.3 Opportunities and risks are identified and are proactively assessed and monitored by staff on an ongoing basis.
3.4 The University's approach to risk management, including the Risk Management Model and Principles, is aligned with Australian and New Zealand Standard AS/NZS 31000:2009 (Risk Management Principles and Guidelines).
4. Risk Management Model
4.1 The Risk Management Model (Figure 1 below) outlines the University's approach to risk management and integrates the Risk Management Principles and Risk Management Process.
Figure 1 - ACU's Risk Management Model
4.2 Risk Management Principles support the effective management of risk across the University. The University's risk management must:
Align with its Mission and Vision;
Be embedded within its operations, processes and systems;
Have clear accountability, ownership and governance;
Be systematic, transparent and consistently applied;
Include effective consultation and communication;
Consider the context (both the internal and external environment);
Support evidence-based decision-making; and
Facilitate continual improvement.
4.3 Risk Management Model consists of the following steps:
Identify: Identify the risk events that may prevent or delay the achievement of the University's strategic goals and objectives.
Analyse: Outline the causes, impacts and existing treatments in order to assess the consequence and likelihood of the risk and determine the risk rating.
Treat: Implement both existing and future treatments in order to prevent and/or mitigate the risk.
Monitor: Continually monitor and evaluate the risks and treatments in order to maintain the effectiveness and appropriateness of the University's risk management.
Report: Provide regular reports and updates in order to assure the University and key stakeholders that the risks are being appropriately managed and treated.
5. Roles and Responsibilities
5.1 The Senate and Audit and Risk Committee2 (sub-Committee of Senate) are responsible for reviewing the risk management practices of the University.
5.2 The Planning, Quality and Risk Committee will be responsible for overseeing the ongoing development, implementation, review and improvement of the University's Risk Management Model. This includes the reporting of significant University-wide risks to the Vice-Chancellor and Audit and Risk Committee as part of the University's governance processes.
5.3 The Members of the Senior Executive3 and Members of Executive4 will be responsible for:
Supporting the ongoing implementation of risk management in all areas of the University's operations;
The identification, analysis, treatment, monitoring and evaluation, and reporting of significant risks in their relevant Portfolios and Organisational Units;
Ensuring that staff understand their responsibilities with respect to risk management; and
Fostering a positive risk-aware culture within their area of responsibility.
5.4 The Office of Planning and Strategic Management will coordinate, facilitate and periodically review the University's Risk Management Policy and supporting documentation.
5.5 Managers and supervisors will ensure that staff within their areas understand their responsibilities and assist in fostering a risk-aware culture. Regular training and assistance will be provided to relevant staff to assist with risk management.
5.6 All staff and students have a significant role in the management of risk within their area of influence. Staff are responsible for adhering to the University's Risk Management Policy, Risk Management Procedure and any related documentation.
2 Please see the Terms of Reference for the Senate, Audit and Risk Committee, and Planning, Quality and Risk Committee for more information.