Risk Management Policy

This policy applies to all employees and contractors of Commit Works. This policy is expressed by documents that are split into two sections; the Policy (see below), and its accompanying Procedures for compliance with the Policy.

This document is effective from 28/06/17.

Purpose

Commit Works has developed its Risk Management Policy to:

• Support effective decision-making that is guided by the Commit Works' Mission and Vision;
• Ensure a consistent and effective approach to risk management;
• Formalise its commitment to the principles of risk management and incorporating these into all areas of the Commit Works;
• Foster and encourage a risk-aware culture where risk management is seen as a positive attribute of decision-making rather than a corrective measure;
• Align the Commit Works' planning, quality and risk management systems, and their integration into all areas of the Commit Works' operations; and
• Ensure corporate governance practices effectively manage risk while allowing innovation and development.

Scope

Risk management is incorporated into all areas of the Commit Works' operations, including corporate governance.

Risk management is the responsibility of all employees and all areas of the Commit Works.

Critical incident management and work, health and safety risks are covered by specific Commit Works policies and procedures.

Overview

Commit Works is committed to excellence and continual improvement and will continue to encourage innovation whilst maintaining a low-risk profile. Employees are encouraged to adopt a positive approach to risk management, which further strengthens the risk-aware culture (as opposed to a risk-averse culture) of Commit Works.

Risk management is incorporated into the strategic and operational planning and quality processes at all levels within Commit Works in order to minimise the impact of risk.

Opportunities and risks are identified and are proactively assessed and monitored by employees on an ongoing basis.

The Commit Works' approach to risk management, including the Risk Management Model and Principles, is aligned with Australian and New Zealand Standard AS/NZS 31000:2009 (Risk Management Principles and Guidelines).

Risk Management Model

The Risk Management Model (see below) outlines Commit Works' approach to risk management and integrates the Risk Management Principles and Risk Management Process.

Risk Management Principles

Risk Management Principles support the effective management of risk across Commit Works. Commit Works' risk management must:

• Align with its Mission and Vision;
• Be embedded within its operations, processes and systems;
• Have clear accountability, ownership and governance;
• Be systematic, transparent and consistently applied;
• Include effective consultation and communication;
• Consider the context (both the internal and external environment);
• Support evidence-based decision-making; and
• Facilitate continual improvement.

Risk Management Process

Risk Management Model consists of the following steps:

• Identify: Identify the risk events that may prevent or delay the achievement of Commit Works' strategic goals and objectives.
• Analyse: Outline the causes, impacts and existing treatments in order to assess the consequence and likelihood of the risk and determine the risk rating.
• Treat: Implement both existing and future treatments in order to prevent and/or mitigate the risk.
• Monitor: Continually monitor and evaluate the risks and treatments in order to maintain the effectiveness and appropriateness of Commit Works' risk management.
• Report: Provide regular reports and updates in order to assure Commit Works and key stakeholders that the risks are being appropriately managed and treated.

Roles and Responsibilities

The Members of Executive will be responsible for:

• Reviewing the risk management practices of Commit Works
• Supporting the ongoing implementation and development of risk management in all areas of Commit Works' operations;
• The identification, analysis, treatment, monitoring and evaluation, and reporting of significant risks in their relevant portfolios and organisational units;
• Ensuring that employees understand their responsibilities with respect to risk management;
• Fostering a positive risk-aware culture within their area of responsibility; and
• Coordinating, facilitating and periodically reviewing Commit Works' Risk Management Policyand supporting documentation

Managers will ensure that employees within their areas understand their responsibilities and assist in fostering a risk-aware culture. Regular training and assistance will be provided to relevant employees to assist with risk management.

All Employees have a significant role in the management of risk within their area of influence. Employees are responsible for adhering to the Commit Works' Risk Management Policy,  Risk Management Procedure and any related documentation.

6. Glossary of Terms