Risk Management Policy

Similar documents
Risk Management Policy (v7.0)

RISK MANAGEMENT FRAMEWORK

RISK MANAGEMENT POLICY

Risk Management Policy Adopted by:

University of the Sunshine Coast (USC) Risk Appetite Statement

Risk Management Policy

RISK MANAGEMENT POLICY October 2015

POLICY. Policy Title: Integrated Risk Management. Director, Strategic and Governance Services Centre

RISK MANAGEMENT POLICY

Risk Management Policy

Risk Management Framework

Risk Management Policy. September 2015

University Risk Management Policy

RISK MANAGEMENT FRAMEWORK

Policy Number: 040 Risk Management August 2018

Goodman Group. Risk Management Policy. Risk Management Policy

Approved by: Diocesan Council 17 December 2015

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Risk Management Strategy Highland Council Pension Fund

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

An Introductory Presentation for ECU Staff

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

Policy (Board Approved) Public Version

Procedure: Risk management

Risk Management Policy

Risk Management Procedure

Risk Management Policy

RISK MANAGEMENT FRAMEWORK

Practical aspects of determining and applying a risk appetite for SMEs

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

Home Capital Group Inc. Home Trust Company Home Bank Risk and Capital Committee Charter

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

Policy No. Contact Brian Orpin Version 3.0 Issue Date 28/11/2014 Telephone Review Date IA Date 09/08/2013

Risk Management Framework. Metallica Minerals Ltd

Risk Management Policy

CORPORATE RISK MANAGEMENT POLICY

Risk Management Plan PURPOSE: SCOPE:

June 2017 MIRVAC GROUP RISK MANAGEMENT FRAMEWORK

Risk Management Policy Coface Singapore

Fathom Wealth Management Advisors Ltd Risk Management Disclosures Year Ended 31 December 2017

SOL PLAATJE MUNICIPALITY

Prudential Standard GOI 3 Risk Management and Internal Controls for Insurers

Risk Management Policy

RISK MANAGEMENT FRAMEWORK OVERVIEW

HEALTH RESEARCH CAPACITY STRENGTHENING INITIATIVE. Program Risk Management Policy. September Imperial : +265 (0)

Implementing A Risk Management Framework

Risk Appetite. What is risk appetite?

Risk Management Policy and Framework

ANZ Board Charter. 1.2 ANZ places great importance on the values of honesty, integrity, quality and trust.

D7 Risk Management Policy

ENTERPRISE RISK MANAGEMENT (ERM) POLICY

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

Solvency & Financial Condition Report. Surestone Insurance dac March

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

GROUP RISK COMMITTEE MANDATE

HONG LEONG INVESTMENT BANK BERHAD Company no: P (Incorporated in Malaysia)

Risk Management Framework

Perpetual s Risk Management Framework

British Library Risk Management Policy Framework (2017)

General Risk Management Framework

Bournemouth Primary MAT Risk Management Policy

Risk Management Policy

INTEGRATED RISK MANAGEMENT FRAMEWORK

GRINDROD SOUTH AFRICA//Policy Risk and opportunity governance framework

SOLVENCY & FINANCIAL CONDITION REPORT. SureStone Insurance dac

Guide. Risk Management For Community Service Organisations

The Country Risk Manager as Chief Risk Officer for the Government. Swiss Re, 3 June 2014

Scouting Ireland Risk Management Framework

Topic RISK MANAGEMENT Procedure Category Risk Management Updated 07/2011

TERMS OF REFERENCE OF THE BOARD RISK COMMITTEE OF THE BOARD OF DIRECTORS

Sections of the ORSA Report

Risk Management Strategy

Risk Management Policy

Kidsafe NSW Risk Management Plan. August 2014

Risk Management Guideline

The Central Bank of Ireland Risk Appetite: A Discussion Paper

Version: th November 2010 RISK MANAGEMENT POLICY

Risk Management Framework. Group Risk Management Version 2

Ashmore Group plc Pillar 3 Disclosures as at 30 June 2018

Integrated Risk Management Framework Sept Page 1 of 17

Policy (Board Approved)

Information Management Business Area. National Policing Information Risk Escalation Policy V1.0

CAPITAL ONE FINANCIAL CORPORATION CHARTER OF THE RISK COMMITTEE OF THE BOARD OF DIRECTORS

UNIVERSITY OF ABERDEEN RISK MANAGEMENT FRAMEWORK

Network Rail Limited (the Company ) Terms of Reference. for. The Audit and Risk Committee of the Board

The Management of Risk by Public Sector Entities

Effective Assurance Frameworks

South Lanarkshire College Risk Management Policy and Procedures

HSC Business Services Organisation Board

Risk Management Strategy

28 July May October 2016

Putting Barnsley People First INTEGRATED RISK MANAGEMENT FRAMEWORK

Master Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards

Introduction. The Assessment consists of: A checklist of best, good and leading practices A rating system to rank your company s current practices.

Capital Requirements Directive Pillar 3 Disclosure. June 2017

Audit & Risk Committee Report

Board Risk & Compliance Committee Charter

Pillar 3 As at 31st March 2011

JCU Risk Management Framework and Plan

Transcription:

Risk Management Policy Policy Type: Council Policy Policy Owner: Strategic Procurement, Contracts and Risk Program ManagerProcurement & Risk Coordinator Policy No. CP-099 Last Review Date: 19 June 2018 Policy Objectives To ensure the City of Melville s vision and objectives are achieved through the integration of sound risk management practices into governance, strategy and planning, management, reporting processes, policies, values and culture.the objective of this policy is to implement and embed a consistent risk management culture within the City of Melville. This will be achieved through the key elements of: good governance; confident decision making and planning; enhancing outcomes and accountability; continuously reviewing the City s exposure to risks and opportunities; and promoting a risk aware culture. Policy Scope This policy is applicable to all City of Melville activities and addresses: The City of Melville s rationale for managing risk. Accountability and responsibility for managing risk. Reporting and measuring of risk management performance. Continual improvement and review.this policy applies to all employees of the City and unless otherwise specified, any other worker engaged under the direct management of the City (for example, contractors, consultants, agency resources, labour hire and volunteers). Definitions / Abbreviations Used In Policy Risk means the effect of uncertainty on objectives. An effect is a deviation from the expected and can therefore be positive or negative. Risk Management means coordinated activities to direct and control an organisation with regard to risk. Mitigation means actions planned to be taken to reduce the likelihood or negative consequences or both associated with risk. Risk appetite means the amount and type of risk that an organisation is willing to pursue or retain. Uncontrolled Document When Printed - This Version: 21/05/2018 3:51 PM Page 1 of 5

Policy Statement The City of Melville is committed to the implementation of anembedding a strategic, consistent and structured enterprise-wide risk management approach to risk management that reflects the through continued development and maintenance of an enterprise-wide Risk Management Framework. The Risk Management Framework details the strategic approach to risk management and the methodology to be applied throughout the City of Melville. To ensure a best practice approach to risk management is employed, the Risk Management Framework is based on the current Australian Standard; on Risk Management AS/NZS ISO 31000:2009 Risk Management Principles and Guidelines. The organisational context and tools supporting this Standard are the Risk Management Framework and the Risk Management System Procedure. The context and tools are the foundations for risk management within the City. The City is committed to making the necessary resources available to assist those accountable and responsible for managing risk. The consistent application of these tools will make a positive contribution towards the achievement of the City s corporate aims and objectives and maximise the opportunities to achieve its vision. The policy and Risk Management Framework will apply best practice to the identification, evaluation, control and mitigation of risks to acceptable risk tolerance levels and thus maximise risk opportunities in an effective manner. Reviews will be conducted biennially or in response to an event or change in circumstance. Risk Appetite Risk appetite means the amount and type of risk that an organisation is willing to pursue or retain. Once the risk appetite threshold has been breached, risk management controls and actions are required to bring the exposure level back within the accepted range. The City will maintain a conservative approach to risk however, acknowledging that all risks cannot be avoided, the level of risk appetite that it tolerates is detailed in the table below: Risk Rating Minimum Treatment Description Required Low Risk Accept Manage by routine procedures Medium Risk Accept Manage by specific monitoring or response procedures High Risk Accept and mitigate These risks need to be mitigated with actions as required and managers need to be assigned these risks Extreme Risk Reject and avoid or mitigate Immediate action required in consultation with the EMT to either avoid the risk entirely or to implement mitigations to reduce the risk to a low, medium or high rating In line with its conservative attitude to risk, the City will not accept risks that carry a high or extreme residual risk of any of the following events or circumstances occurring: a significant negative effect on the City s financial sustainability; Uncontrolled Document When Printed - This Version: 21/05/2018 3:51 PM Page 2 of 5

an interruption to essential services that extends for more than one week; substantial public embarrassment; compromised safety or welfare of elected members, staff, contractors or members of the community; damage to relationships with a majority of, or significant, stakeholders; and a significant breach of legislative requirements and/or successful litigation against the City. Roles and Responsibilities Specific responsibilities for risk management are: Financial Management, Audit, Risk and Compliance Committee (FMARCC) Review and provide feedback on the Risk Management Policy, the Risk Management Framework and City of Melville Risk Registers.Is responsible for: o oversee the performance of the City s management of risk and assess the adequacy of the City s systems and processes for managing risk; and o determine the appropriateness of the allocation of resources to mitigate known exposures. Chief Executive Officer (CEO) Mandate the Risk Management Framework and promote the benefits of risk management to all City of Melville Employees.Is responsible for: o determining the strategic direction and creating an environment for risk management to operate effectively; o determining the City s risk appetite and tolerance levels; o ensuring the risk management objectives are achieved; o ensuring the availability of resources and information necessary to support the operation and monitoring of the risk processes including risk capability development; and o reviewing and measuring the appropriateness and effectiveness of the City s systems and procedures in relation to risk management and support the implementation and resourcing of risk management process improvements. Executive Management Team Endorse the Risk Management Framework and support the implementation, review and maintenance process for the Risk Management Framework.Is responsible for: o implementing the City s risk management processes including risk identification, assessment and mitigation of risk in their respective directorates; o maintaining the directorate and other relevant risk profiles; and o ensuring all staff are aware of the risk management policy and that relevant staff receive risk specific skills training to effectively implement risk management principles and processes. Directors and Operational Management Teamrs Manage implementation and maintenance of the Risk Management Framework in their areas of responsibility and create an environment where Employees are responsible for, and actively involve in, managing risk.is responsible for: o reporting regularly on risks, which includes the level of risk, control measures and mitigation progress; o determine risk mitigation strategies to address risks within their Service Areas; Uncontrolled Document When Printed - This Version: 21/05/2018 3:51 PM Page 3 of 5

o create an environment for the promotion of effective risk management practices and to ensure staff manage risk within their own area of responsibility; o manage the implementation and integration of good risk management processes and structures within their own area of responsibility; and o follow corporate processes and guidelines for the management of risk. Strategic Procurement, Contracts and Risk Program ManagerProcurement & Risk Coordinator Implement and review the Risk Management Framework and associated documentation for the whole of the City of Melville and provide advice in relation to risk management matters to all stakeholders.is responsible for: o providing specific advice and support for those employees responsible for managing risk and for specifying all risk management training with the City; o supporting the development and implementation of risk management processes, ensuring a consistent approach is taken in the management of risk across the City; o report quarterly to the Financial Management, Audit, Risk and Compliance Committee; and o institute the timely review of the policy. Business Improvement Auditor (Legal Services)Internal Audit Conduct risk assessments on business processes as part of the internal audit process.is responsible for: o conducting periodic compliance reviews of the Risk Management Framework and the Risk Management Policy; and o conducting periodic compliance reviews against specific risks in accordance with the approved annual Internal Audit Plan. Employees, contractors, consultants, labour hire, volunteers and any other worker engaged under the direct management of the City Are responsible for: o identifying and managing risk within their workplace. All risk measuring and monitoring for the City of Melville will be conducted in accordance with the Risk Management Framework. The Risk Management Policy and supporting organisational documentation will be subject to periodic review to allow for continual improvement. Reviews can be conducted annually, on request or in the event of a major change to the organisation. Uncontrolled Document When Printed - This Version: 21/05/2018 3:51 PM Page 4 of 5

Other References that may be applicable to this Policy Legislative Requirements: Delegated Authority: Plan / Policy / Framework: Procedure: Risk Management Framework SP-021 Risk Management Procedure Health, Safety and Environment Risk Management Work Instructions / Process Maps: Forms / Supporting Documents (internal): Supporting Documents (external): Risk Management Toolkit ISO AS/NZS 31000:2009 Risk Management Principles and Guidelines Origin / Authority Date Item Community and Technical Services 01/11/2005 Reviews Ordinary Meeting of the Council 21/08/2007 Ordinary Meeting of the Council 15/12/2009 (changed from Council to Operational Policy) Executive Management Team 27/6/2013 Executive Management Team 16/9/2015 Ordinary Meeting of Council 17/05/2016 C16/5484 Ordinary Meeting of Council 19/06/2018 C16/5617 Uncontrolled Document When Printed - This Version: 21/05/2018 3:51 PM Page 5 of 5

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback