ENTERPRISE RISK M A NAGEMENT POLICY



Similar documents
Risk Management Policy

Risk Management Policy Adopted by:

Risk Management Policy

RISK MANAGEMENT FRAMEWORK

State Records Guideline No 25. Managing Information Risk

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

ENTERPRISE RISK MANAGEMENT FRAMEWORK

Risk Management Strategy

Risk Management Policy

Asset Management Policy. Sutherland Shire Council. Council Online - IM/Policies - Policies & Forms - IM/Policy Asset Management1

Northern Grampians Shire Council FRAUD CONTROL PLAN

The Lowitja Institute Risk Management Plan

Risk Management Policy and Framework

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Xavier Catholic College Risk Management - Policy & Procedure

Council Meeting Agenda 27/07/15

Department of Infrastructure and Planning: Governance Framework for Infrastructure Delivery Special Purpose Vehicles

Integrated Risk Management Policy

Business Continuity Management Policy

3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.

Confident in our Future, Risk Management Policy Statement and Strategy

Health and Safety Management Standards

RISK MANAGEMENT POLICY AND STRATEGY. Document Status: Draft. Approved by. Appendix 1. Originator: A Struthers. Updated: A Struthers

Information Governance Management Framework

University of New England Compliance Management Framework and Procedures

Information Security Management System Policy

AFTRS Health and Safety Risk Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

Audit of Business Continuity Planning

Information Governance Policy

Bedford Group of Drainage Boards

NHS Hartlepool and Stockton-on-Tees Clinical Commissioning Group. Information Governance Strategy 2015/16

SAI GLOBAL LIMITED Risk Management Policy

Corporate Health and Safety Policy

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS

RISK MANAGEMENT POLICY

Business Resilience and Risk Management

Policy. VBA Enterprise Risk Management. Governance Unit

Business Continuity Management Policy

REGIONAL COUNCIL OF GOYDER. Work Health Safety and Injury Management Policy

Information Governance Strategy

How To Ensure Information Security In Nhs.Org.Uk

Risk Management Committee Charter

Standards, quality processes and accountability

Information Governance Strategy :

Information Governance Policy

Audit, Risk and Compliance Committee Charter

Business Continuity Management

NHS Commissioning Board: Information governance policy

The Risk Management strategy sets out the framework that the Council has established.

Information Governance Policy

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

POL ENTERPRISE RISK MANAGEMENT SC51. Executive Services Department BUSINESS UNIT: Executive Support Services SERVICE UNIT:

Information Security Management System Information Security Policy

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

CONTROLLED DOCUMENT. Number: Version Number: 4. On: 25 July 2013 Review Date: June 2016 Distribution: Essential Reading for: Information for:

Annual Governance Statement 2013/14

River Stour (Kent) Internal Drainage Board Risk Management Strategy and Policy

Information Governance Strategy

COMPANY NAME. Environmental Management System Manual

HEALTH SAFETY & ENVIRONMENT MANAGEMENT SYSTEM

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

V1.0 - Eurojuris ISO 9001:2008 Certified

Corporate Information Security Management Policy

Shepway District Council Risk Management Policy

Risk Management Policy. Corporate Governance Risk Management Policy

Ealing Council Corporate Information and Data Security Policy

Policy Document Control Page

Performance Management Framework

Risk Management Framework

Waveney Lower Yare & Lothingland Internal Drainage Board Risk Management Strategy and Policy

Contract Management Guideline

Business Continuity Management Group Policy

EA-ISP-001 Information Security Policy

BUSINESS CONTINUITY MANAGEMENT POLICY

Page 1 of 24. To present the Asset Management Policy 2014 for Council adoption.

Annual Governance Statement

GLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY. 1. Occupational Health and Safety Policy Statement 1

RISK MANAGEMENT FRAMEWORK OKHAHLAMBA LOCAL MUNICIPALITYITY

RISK MANAGEMENT AND COMPLIANCE

NHS Newcastle Gateshead Clinical Commissioning Group. Information Governance Strategy 2015/16

Risk Management Strategy

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy

Risk Management. Policy

Avondale College Limited Enterprise Risk Management Framework

CHAPTER 24: ENVIRONMENTAL MANAGEMENT

Work Health & Safety Policy Document Number: WH&S Ver 1

Application of King III Corporate Governance Principles

Transcription:

Tablelands Regional Council ENTERPRISE RISK M A NAGEMENT POLICY Draft Final Policy No: PD 3.3.1 File ref: PD 3.3.1 Policy Section: INSURANCE AND RISK MANAGEMENT Version: 1 Date Adopted: 7 July 2010 Review Date: 7 July 2011 Author: Diane Wilson Review Officer: Manager CPP & R

Name of Policy CONTENTS 1.POLICY INTENT... 1 2.OBJECTIVES... 1 3.POLICY STATEMENT...1 4.PRINCIPLES... 1 5.POLICY DEFINITIONS:...2 6.POLICY EVALUATION PROCESS:...2 7.RISK POLICY DISCLOSURE...3 8.RESPONSIBILITIES:...3 9.CHANGES TO POLICY:...3 Version #: 00/00/2009

1. POLICY INTENT This policy applies to all Councillors and staff of the Tablelands Regional Council who are involved in the identification and management of all risks associated with the performance of Council s functions and the delivery of Council services. Contractors, committees and volunteers engaged in the provision of Council services, or the management of Council facilities and assets are also required to comply with this policy. 2. OBJECTIVES The objectives of this policy are to: Align Council activities to and support business objectives identified in Council s corporate and operational plans; Maintain and improve reliability and quality of service provided by Tablelands Regional Council, within Council s controls and capabilities; Achieve and maintain legislative and regulatory compliance, professional standards and codes of conduct; Demonstrate transparent and responsible risk management processes which align with accepted best practice through the implementation of a comprehensive risk management process; Minimise or eliminate adverse impacts from Council s services or infrastructure on the community, visitors and the environment; Capitalise on opportunities identified for Tablelands Regional Council; Safeguard Council s employees, contractors, committees, volunteers, assets, financial sustainability, property, reputation and information; Promote risk management principles as a strategic tool to ensure better informed decision making throughout Council; and Embed a culture of risk management across the Council. 3. POLICY STATEMENT Tablelands Regional Council recognises that as a public authority it is exposed to a broad range of risks which, if not managed, could adversely impact on the organisation achieving its strategic objectives. Therefore Council will implement a systematic risk management methodology to identify and address, where practical, areas of potential risk within Council. Any methodologies adopted will be consistent with AS/NZS ISO 31000:2009 Risk Management Standard. The intent of this policy is to create an environment where Council, management and staff assume responsibility for risk management, through consistent risk management practices. 4. PRINCIPLES The following principles will be adopted to ensure that the objectives are achieved: Apply a risk management framework which is consistent with the current International Risk Management Standard AS/NZS ISO 31000:2009 for making decisions on how best to identify, assess and manage risk throughout all departments of Council; Prioritise identified risks and implement treatments progressively based on the level of risk assessed and the effectiveness of the current treatments; Integrate risk management with existing planning and operational processes, including the Corporate Plan; Version #: 00/00/2009 1

Take into account relevant legislative requirements and political, social and economic environments in managing risks; Create a culture of risk awareness throughout the organisation through training, induction, promotion and risk review and reporting mechanisms; and Ensure resources and operational capabilities are identified and responsibility for managing risk is allocated. 5. POLICY DEFINITIO NS: Risk A risk to the business is any action or event that has the potential to impact on the achievement of business objectives. Risk also arises as much from the possibility that opportunities will not be realised as it does from the possibility that threats will materialise or that errors will be made. Risk Management Risk management for Council refers to the culture, processes and structures developed to effectively manage potential opportunities and adverse effects for any activity, function or process undertaken by the Council. Managing risk is achieved through the systematic application of policies, procedures and practices to identify, analyse, evaluate, treat, monitor and communicate risk. Enterprise Risk Management (ERM) Enterprise risk management encompasses all the major risk categories (including financial, environmental, health and safety, fraud, information technology, compliance, human resources, security and business continuity) and includes the co ordination, integration, consolidation and consistency of reporting by the various Council functions with identified risks. Risk Register A list of identified and assessed risks. 6. POLICY EVALUATION PROCESS: This Policy will be reviewed when any of the following evaluations occur: 1. Audit reports relating to risk management activities being undertaken by Council indicate that a policy review from a legislative, compliance or governance perspective is justified. 2. Relevant legislation, regulations, standards and policies are amended or replaced. 3. Other circumstances as determined from time to time by the Chief Executive officer or through a resolution of Council. Notwithstanding the above, this policy and Council's risk management framework will be reviewed at least annually by Council's Management Team to review their effectiveness and to ensure their continued application and relevance. Version #: 00/00/2009 2

7. RISK POLICY DISCLOSURE This policy is to be made available publicly on Council's website and intranet. 8. RESPONSIBILITIES: Policy Owner Policy Author Policy Implementation Policy Compliance Chief Executive Officer Manager Corporate Planning, Performance & Risk Manager Corporate Planning, Performance & Risk Insurance & Risk Management Officer 9. CHANGES TO POLICY: This policy is to remain in force until otherwise determined by the Council. Version #: 00/00/2009 3

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information