(1) This Policy details QUT’s approach to risk management. The University is committed to promoting an organisational culture that values effective risk management as a core management capability. QUT recognises that risk management is a critical component of good management practice and an essential element of governance. Effective risk management allows the University to take advantage of opportunities to improve its outcomes by ensuring that any risk taken is based on informed decision-making and realistic analysis. (2) QUT’s Risk Management System does not intend to eliminate risk completely, but is designed to ensure: (3) This Policy applies to all QUT operations as an integral and embedded part of all University activities. (4) QUT’s risk appetite is described in a set of qualitative, directional risk appetite statements that are prescribed, monitored and approved by Council as part of the University’s planning processes. (5) QUT’s Enterprise Risk Management approach is consistent with the Financial and Performance Management Standard 2019 (Qld) and designed on the principles and process set out in the International and Australian Standard for Risk Management (AS ISO 31000:2018 – Risk management - Guidelines) and comprises: (6) The function of Risk Management is to provide a sound contribution to the achievement of QUT's corporate objectives and to support the strategic directions of divisions, faculties and portfolios. This is demonstrated through the integration and embedding of risk management within the following QUT policies, frameworks and plans: (7) The QUT Risk Management Framework outlines how risk will be managed and reported and demonstrates alignment of governance and risk management including optimising opportunities and achieving the University’s objectives. (8) The Framework comprises the following elements: (9) QUT Risk Management Procedure provides a step-by-step guide on the risk assessment process and how to complete the Risk Management Plan and Risk Assessment Worksheet. (10) QUT is committed to business continuity management as an integral component of risk management, to ensure the University is able to resume business after a disruption. Business continuity management enables QUT to resume day-to-day operations as quickly and efficiently as possible, while minimising the impact on people, processes, systems, assets, and reputation. (11) Further information on how the University ensures the continuity of key business activities is available in the QUT Business Continuity Management Framework (QUT staff access only).Risk Management Policy
Section 1 - Purpose
Top of PageSection 2 - Application
Section 3 - Roles and Responsibilities
Position
Responsibility
QUT Council
Risk and Audit Committee
Director, Governance and Performance
Management and staff
Identifies and manages risks within their areas of responsibility.
Section 4 - Risk Appetite
Section 5 - QUT’s Enterprise Risk Management Approach
Top of PageSection 6 - QUT Risk Management Framework
Top of Page
Section 7 - QUT Risk Management Procedure
Section 8 - Business Continuity Management
Section 9 - Definitions
Term
Definition
Business Continuity Management
Is any preparation in a systematic manner to resume business after a disruption.
Risk
Is an event which, if realised, has the potential to affect the achievement of the University’s ability to contribute to its vision, goals, organisational values and objectives.
Risk Appetite
Is the amount of risk QUT is willing to accept in the pursuit of its strategic objectives or strategic priorities for the purpose of maximising value to its stakeholders.
Risk Management
Is the coordination of activities to direct and control QUT with regard to risk, including the establishment of culture, policy, processes and structures.
Risk Treatment
Is the process of modifying risk by implementing a risk strategy.
View Document
This is the current version of this document. You can provide feedback on this document to the document author - refer to the Status and Details on the document's navigation bar.
Sets, monitors and approves the University’s risk appetite statements.
Evaluates the adequacy and effectiveness of the University’s risk management and compliance framework.
Advises Council on QUT’s exposure to, and management of, significant business risks.
Provides risk services (including training, facilitation and advisory) to assist management and staff with identifying, assessing and treating enterprise risks associated with achieving University objectives.
Informs and reports to Risk and Audit Committee regarding emerging trends and changes to risks and risk treatments.
Oversees QUT’s Enterprise Risk Management Framework, including integration of the annual risk assessment process with the University Integrated Planning Framework.