Risk Oversight and Management
Corporate Plan 2017 - 2018
The FCA, as the merged entity, promotes a Risk Management Framework that supports the identification, analysis, assessment, treatment, monitoring and review of all strategic, professional, reputational, personnel, political and operational risks. These include risks to our stakeholders and emerging risks.
The Risk Management Plan has been developed in accordance with the methodology set out in
Australian/New Zealand Risk Management Standard (AS/NZS ISO 31000:2009) and the Commonwealth Risk Management Policy 2014.
We have adopted seven broad criteria for establishing risk management priorities. These are:
- Strategic risks—risks that affect performance against identified strategic priorities.
- Financial risks—risks that affect the financial outcomes of the entity or have detrimental financial impact.
- Risks to reputation—risks that affect the reputation of the entity and its ability to perform, or which may impair the community’s trust with the courts and judicial system.
- Operational risks—risks that affect the Chief Executive Officer and Principal Registrar’s management of and accountability for performance, including the entity’s service delivery obligations, regulatory framework and business relationships.
- Legal liability risks—risks arising from current or pending litigation to which the entity is a party of.
- Property and security—risks that affect the security of all courts’ and the NNTT’s resources (including property) and visitors to its premises.
- Personnel risk—risks that affect staff ethical behaviour, the integrity of decisions, processes and information, or affect the health and safety of personnel.
Risks are reviewed at least each quarter and the risk register is updated after each review. Managing risks effectively and efficiently allows the entity to achieve its objectives. We recognise the importance of training and awareness programs in risk management. Consequently, the entity is committed to ensuring all staff receive regular training and information on risk management and their responsibilities.
We participate in Comcover's annual Risk Management Benchmarking Survey which benchmarks our framework and capabilities against other participating agencies. The overall performance of the FCA risk management program has remained consistent with 2016 performance.
The Audit Committee is established in accordance with s 45 of the Public Governance, Performance and Accountability Act 2013. The CEO must establish and maintain an Audit Committee, with the functions and responsibilities required by s 17 Public Governance, Performance and Accountability Rule 2014.
The functions of the committee are to:
- provide independent assurance of the effectiveness of the entity’s Risk Management Framework
- review compliance with the entity’s Risk Management Policy
- monitor the implementation of the entity’s Risk Management Plan
- review compliance with finance law, including financial and performance reporting
- review risk reports periodically (quarterly and annual reports)
- review the internal control programs and advise whether key controls are appropriate and are operating effectively
- monitor and understand the potential impact of emerging risks on the entity’s ability to achieve its objectives, and
- provide assurance that the entity has well-designed business continuity and disaster recovery arrangements in place and are tested periodically.
As part of the entity’s continuous improvement approach and adopting best practices, the Risk Management Plan undergoes a periodic internal audit, either in its totality or specific sections (for example fraud). The audit findings and recommendations are then reviewed by the entity and action plans are put in place to address the areas for improvement. The Audit Committee monitors quarterly, the implementation of the audit recommendations and respective action plans and advises on the suitability of the action plans proposed by the entity’s management.