FAQs
Why is Council prepared to tolerate or accept risk levels above ‘Low’?
To advance the business, improve and innovate, Council cannot avoid all risk.
If Council does not accept a level of risk and manage it effectively, it will be difficult to successfully achieve the objectives of its Community Strategic Plan.
This policy will enhance educated decision making, allowing Council to better prioritise decisions, manage significant risks first, and act in the best interests of the whole community.
Who developed this draft policy?
The draft Policy development has been led by Council's Corporate Governance Unit, with guidance from external consultants at Statewide Mutual (Council’s insurer) and subject matter experts.
Extensive internal consultation across Council also took place including with the Executive, Business Unit Managers and the Council Audit, Risk and Improvement Committee (ARIC).
What is a Risk Management Framework ?
The Risk Management Framework establishes Council’s chosen approach to the management of risk that is focused on achieving its purpose to successfully achieving the outcomes of its Community Strategic Plan. It specifies the type of risk Council chooses to manage, how it will be managed, who will manage it and how and who will provide assurance and monitor management effectiveness.
View the Risk Management Framework under Schedule A of the draft policy in the Document Library.
What is a Risk Appetite Statement?
The Risk Appetite Statement is designed to help understand what level of risk (across the spectrum of risk categories in by the Enterprise Risk Framework) Council is prepared to accept, resist and avoid. It acknowledges that despite best efforts Council might not always be able to operate within acceptable levels of risk and so helps ensure focus on those risks that cannot be mitigated below or to the accepted risk level. It also helps to ensure risk is managed down to the acceptable level where possible.
The Risk Appetite Statement features:
1. A qualitative statement of Council’s risk tolerance in relation to each risk category
2. A series of quantitative statements for each risk category that demonstrate the type and level of risk that Council will accept, resist and avoid
3. A quantitative statement of overall appetite for each risk category, rated against Council’s existing Risk Assessment Matrix, from Low to Extreme risk.
What is a Risk Assessment Matrix?
A Risk Assessment Matrix (sometimes called a risk control matrix) is a tool used during the risk assessment stage of project planning.
It's used to identify and capture the likelihood of project risks, as well as to evaluate the potential damage or interruption caused by those risks.
Council's existing Risk Assessment Matrix has been updated to reflect the new proposed Risk Appetite Statement and can be found under Schedule C of the draft policy.