PURPOSE
LI This policy provides information and guidance on Leaders Institute (LI) approaches to risk management.
POLICY
LI utilises the Risk Management Framework developed under Standards Australia as: AS ISO 31000:2018.
Risk is defined as the effect (positive or negative) of uncertainty on objectives. Risk is considered with reference to possible consequences and likelihood of occurrence. Risk management supports the achievement of strategic and operational goals of the company. LI manages risk continuously and methodically, involving assessment, monitoring, mitigation and review of risks. The Risk Management Plan covers all academic and financial activities of the Institute.
PRINCIPLES
LI acknowledges that as a part of the Institute’s good governance and corporate management processes, risk must first and foremost be managed at the corporate level. The Institute’s principles of risk management are to:
· ensure that risk management is an integral part of the decision-making process at all level of the Institute;
· foster an environment where staff assume responsibility for identification, implementation of control strategies and management of risk;
· implement risk management across all aspects of the Institute in accordance with best practice;
· ensure that appropriate monitoring, review and reporting processes are in place for risk management.
· ensure that risk management is the responsibility of all staff and all areas of the Institute, so that opportunities and risks are identified and proactively assessed and monitored by staff on an ongoing basis;
· incorporate risk management into the strategic and operational planning and quality processes at all levels within the Institute;
· detail in the Risk Management Plan the process for the identification, analysis, treatment, monitoring and reporting of risks. This includes strategic, operational and project-based risk and the development of the Institute’s Risk Register;
· identify, analyse, treat, monitor and report risks on an ongoing basis at nominated levels within the Institute in accordance with organisational responsibilities.
Leader’s risk management principles require its risk management framework to:
· align with its mission and values;
· have clear accountability, ownership and governance;
· be embedded within its operations, processes and systems;
· be systematic, transparent and consistently applied;
· include effective consultation and communication across the Institute;
· consider the context in terms of both the internal and external environments;
· be integral to evidence-based decision-making at all levels of the Institute; and
· facilitate continual improvement.
DEFINTIONS
Risk is defined as the effect (positive or negative) of uncertainty on objectives. Risk is considered with reference to possible consequences and likelihood of occurrence.
Risk Management is a tool used to support the achievement of strategic and operational goals of the company. The risk management framework provides a standardised approach to assessing risk at any level of the organisation. Risk management:
· creates and protects value by contributing to the achievement of objectives and improved performance;
· is an integral part of organisational processes, from strategic planning, project management and day to day activities;
· forms part of the decision-making process, allowing informed choices between alternative courses of action with different risk profiles;
·explicitly addresses “uncertainty”;
· is systematic, structured, timely;
· is based on the best available information, and acknowledges limitations of data;
· recognises the impact of human, cultural and environmental factors on objectives;
· includes perspectives of all stakeholders, not just management;
· is dynamic and responsive to change to continue to take account of new or emerging risks;
· is continually improving as the organisation grows.
ROLES AND RESPONSIBILITY
· Governing Board is responsible to ensure that the Risk Management Policy is formulated, implemented and regularly updated.
· Finance and Budget Committee is responsible for oversight, maintenance and regular review of the financial risks of the Institute.
· Academic Board is responsible for oversight, maintenance and regular review of the academic risks of the Institute.
· The President is responsible for making a full disclosure to Governing Board of risks, as they arise.
· Managers of departments must report directly to the President on hazards within their areas of responsibility so that plans can be made to alleviate potential risks.
· Executive Management Team coordinates, facilitates and periodically reviews the Risk Management Plan.
· Managers ensure that staff within their department understand their responsibilities and are trained to assist in fostering a risk-aware culture.
· All staff and students have a role in the management of risk within their area of influence.
· Risk management includes communication and reporting on risks that have been identified, as well as risk analysis, evaluation and mitigation options.
RISK MANAGEMENT PLAN
The Leaders Institute Risk Management Plan provides the formal mechanisms to monitor and review risks that may occur due to the breakdown of internal controls and corporate governance. The Risk Management Plan is reviewed every three years.
SUCCESSION PLANNING
The Institute is cognisant of the risk of loss of key staff and the need for it to be mitigated through succession planning. The President will work with the Finance and Budget Committee and Academic Board to develop a succession plan for Governing Board’s consideration and approval.
Scope
Whole Institute
Key Stakeholder
All staff and students
Procedures
· All staff must take reasonable care of Institute property, report all incidents, complaints, losses and near misses involving Institute property, and incidents involving visitors and students including, but not limited to, injuries or potential hazards.
· The Institute person or committee responsible for managing each risk will provide an annual update to the appropriate standing committee of Governing Board on the mitigation strategies and control effectiveness.
· Risk management awareness is incorporated into the functioning of Governing Board and its subcommittees, Executive Management Team, Academic Board and its subcommittees.
Risk ratings are determined through a combination of the consequences for the Institute if the risk is not treated, and the likelihood of this happening. The following Risk Assessment Matrix is utilised:
Risk Management Strategy detailed in the Risk Management Plan is implemented through the following key processes:
· Establish Context;
· Identify;
· Analyse;
· Evaluate;
· Treat;
· Communicate and Consult;
· Monitor and Review.
The Risk Management Strategy relevant to each identified risk are recorded in the Risk Management Plan. Risk management processes are also recorded appropriately. Assumptions, methods, data sources, analyses, results and reasons for decisions are also recorded.