This policy describes UTS's approach to risk management.
The Risk Management Policy is also available as a PDF document.
||Policy approved 17/08/2011
Policy takes effect 01/09/2011
Policy is due for review (up to five years) 08/2015
|Policy amendment approved 11/12/2014
Policy amendment takes effect 22/07/2015
Meeting 11/5, 17 August 2011
|Latest amendment: Director, Governance Support Unit (see change history for details)
||Executive Officer to the Deputy Vice-Chancellor (Resources)
||Risk Management Policy
This policy describes UTS's approach to risk management. Risk management is a key responsibility of UTS Council, Council committees and management. Risk management helps decision makers make informed choices and contributes to efficient and reliable decision making. The key aims of risk management are to:
- prevent adverse incidents, and
- advance UTS's objectives.
Risk is inherent in all academic, administrative and business activities, and every member of the University community continuously manages risk. UTS's objectives and external and internal factors need to be considered when managing risk. These external and internal factors are set out in the UTS Risk Management Guidelines. All UTS policies address some risk.
UTS recognises that the aim of risk management is not to eliminate risk totally, but rather to provide the structural means to identify, prioritise and manage the risks involved in all University activities. It requires a balance between the cost of managing and treating risks and the anticipated benefits that will be derived.
UTS acknowledges that risk management is an essential element in the framework of good corporate governance, and is an integral part of good management practice. The intent of this policy is to embed risk management in a very practical way into business processes and functions via key approval processes, review processes and controls, not to impose risk management as an extra requirement.
This Policy applies to all staff at UTS and to emeritus professors, honorary appointees and contractors.
- is the effect (both positive and negative) of uncertainty on objectives.
- Risk management
- refers to the principles, framework and processes in place for managing risk effectively.
- Risk management framework
- is the set of components that provide the foundations and organisational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management at UTS.
- Risk assessment
- is the overall process of risk identification, risk analysis and risk evaluation.
- Risk identification
- is the process of finding, recognising and describing risks.
- Risk analysis
- is a process undertaken to understand the nature of a risk and to determine the level of risk (including the risk's possible consequences and the likelihood of the consequences occurring).
- Risk treatment
- is the process of modifying risk.
- include, but are not limited to, Deans, Directors, Heads of School, all Managers and other persons who supervise staff.
4. Policy principles
UTS is committed to making risk management an integral part of all UTS processes and embedding risk management into the key controls and approval processes of all major business processes and functions of the University.
The UTS vision in the UTS Strategic Plan 2009–2018 is to be a world-leading university of technology. UTS values include delivering on our obligations and sustaining our ability to create a positive, viable future. To achieve this vision, UTS needs to effectively manage risk to minimise the impact of risk on our ability to achieve our objectives and enable UTS to take advantage of opportunities.
- Provides a consistent risk management framework in which the risks concerning business processes and functions of UTS will be identified, considered, and addressed in key approval, review and control processes
- Encourages pro-active rather than re-active management
- Provides assistance to improve the quality of decision making throughout UTS
- Provides advice about legal and statutory requirements, and
- Assists in safeguarding UTS's assets — people, finance, property and reputation.
5. Policy statements
5.1 Approach to risk management
All UTS business processes and functions will adopt a risk management approach in their approval, review and control processes. The generic UTS risk management approach and methodology for this purpose is as set out in the UTS Risk Management Guidelines and reflects AS/NZS ISO 31000:2009 Risk management — Principles and guidelines.
5.2 Communication and awareness of risk
UTS will undertake activities to communicate and raise awareness of staff, emeritus professors, honorary appointees and contractors in relation to risk management. Supervisors will have a key role to play in such activities (refer to section 6).
6. Roles and responsibilities
Accountable Officer: Deputy Vice-Chancellor (Resources) has primary oversight of the operation of this Policy and may issue guidelines and other documents to support its implementation.
Implementation Officer: Executive Officer to the Deputy Vice-Chancellor (Resources) is the primary point of contact for advice regarding the implementation and administration of the policy.
Provost, Deputy Vice-Chancellors, Deans and Directors: are responsible for overseeing the operation of this Policy within their areas of responsibility.
UTS Council: oversees risk management across UTS, on advice from the Audit and Review Committee, the Vice-Chancellor and other Council Committees within their terms of reference.
Audit and Risk Committee of UTS Council: the Committee is to monitor the effectiveness of risk management at UTS and the implementation of this policy and assist in its review.
Supervisors, Project Managers and Contract Managers: are expected to:
- understand the risk management framework in place at UTS
- adopt a risk-based approach in their management
- lead by example in their behaviour in the workplace, and
- ensure risk assessments are conducted for all key risks in their area.
Performance and commitment in these areas will form part of the performance review and planning processes.
All staff: all staff are required to take responsibility for ensuring the integrity of UTS's management and administrative practices, including by identifying risks in their area and contributing to the implementation of risk treatments.
AS/NZS ISO 31000:2009 Risk management — Principles and guidelines
8. Version control and change history
||Approved by, resolution no. (date)
||Council, COU/11-5/77 (17/08/2011)
||Director, Governance Support Unit (GSU) (11/12/2014)
||Changes (approved under Delegation 3.17) to implement 2014 Senior Executive restructure.