Family Life (the ‘Agency’) is committed to strong risk management and follows the five basic steps outlined in AS/NZS 4360 Risk management:
1. Establish the context
5. Treat the risks
A risk analysis, action register and checklist are used to facilitate the process. Risks are dealt with at the relevant operational level using tools and techniques for assessing risk.
The Board provides high-level overview via the Risk Management Plan at Board meetings and 6 monthly reviews by the Risk and Audit Committee. Through the budget process and the Finance and Property sub board contingency plans are reviewed and approved.
The Chief Executive Officer and managers regularly review operational risks with 6 monthly audits by the nominated Risk Manager.
The Risk Management Plan is developed up through the Department Action Plans with Team Leaders and Managers completing individual risk assessment profiles ensuring responsibility for risk management is delegated to the appropriate level of the organisation.
These are dynamic and flexible documents integrating with service plans and contracts.
The range of risk identification, prevention and control activities includes:
- Policies, practices and proforma documents available to all staff and on the Agency’s intranet site managers and team leaders provide line supervision, monitor work outputs, conduct annual performance appraisals of responsibilities, reporting and policy compliance, review of previous year’s plan and new plan-aligned to learning needs, government contracts and strategic directions.
- Board and sub-board overview of mission, strategic direction, and forward plan
- Executive sub-board: Board performance review, succession planning, strategic planning, opportunities, threats and risks (e.g. competition, population trends), general accountability, research ethics, employment, and annual performance appraisal of Chief Executive Officer
- Finance and Property sub-board: financial, assets, leases, external auditor reports
- Risk and Audit Committee: government policy, quality assurance, external evaluations and continuous improvement strategy
- Chief Executive Officer and Managers provide bimonthly reports to Board against forward plan and operational plans. Review by Board includes ensuring risks are managed
- Managers report to Chief Executive Officer against operational plan, program reviews, team development, productivity against contracts, and staff management responsibilities
- Paper-based and computerised internal data collection and document management systems provide audit trails for services delivered, and compliance with processes and protocols
- Recruitment and Board appointment process includes police checks, working with children checks review and signing of the Agency’s code of ethics signature form and confidentiality agreement form and declaration of interests.
Family Life’s Risk Management Plan reflects the agency’s integrated service delivery framework across all operational levels. The Australian and New Zealand Risk Standard 4360 and the AUSNZ IS0 31000:2009 Risk Management Standard Principles and Guidelines are applied to rate risks that apply to activities across the organisation. In this way risks are rated using a narrative and scored in terms of likelihood and impact, then ranked as high, medium and low accordingly.
In general, the Board and senior management felt that the risk profile of Family Life has increased over the past six months to December 2012, in line with external turbulence.
Recommendations to the Risk & Audit Committee are posed for their consideration. Adopted recommendations are put forward to the Board for endorsement.
Board Level Strategic Agency Risks include:
- Duty of Care
- Law or Ethics Disclosure
- Loss of CEO, Key Personnel and Intellectual Property
- Loss of Core Funding and Shift in Government Policy
- Financial Management