Risk Based Planning
Commitments in 2006 in relation to planning and risk management.
It is timely to consider the University's commitments during 2006 in relation to the documentation for planning and risk management activities. The following list summarises the minimum requirements under our accepted planning processes and the Risk Management Policy that was recently approved by the Audit and Risk Committee of Council.
Clearly this list represents a significant undertaking. The workload involved should be minimised through the use of “templates” and an appreciation of the appropriate amount of detail required at each “level”. The “usefulness” of the work will be enhanced through education of staff (undertaken by Organisational Development), support to individuals and groups through the Risk Working Group and Planning and Audit, and the promotion of an attitude that sees the task approached in a serious but practical manner. Accountabilities are to be discharged through standard University reporting lines and should be incorporated into the Performance Management process.
CSU Strategic Plan 2007-2011
- Performance indicators and associated institutional targets (annual and life of plan).
- Corporate level risk statement, updated quarterly.
University Plans
- Four University plans, performance indicators and associated targets.
- Associated high level risk statements.
Faculties and Divisions
- Summary Operational Plans (template, or an alternate format addressing the same requirements) – sign off by appropriate SEG member.
- Risk registers (template, or an alternate format addressing the same requirements) – sign off by appropriate SEG member.
Research Centres
- Summary Operational Plans (template, or an alternate format addressing the same requirements) – sign off by PVC (R>).
- Risk Registers (template, or an alternate format addressing the same requirements) – sign off by PVC (R>).
Schools and sections within Divisions (cost centres) - To be implemented for 2008.
- Summary Operational Plans (template, or an alternate format addressing the same requirements) – sign off by relevant Dean or Executive Director.
- Risk Registers (template, or an alternate format addressing the same requirements) – sign off by relevant Dean or Executive Director.
Campuses
- Critical Incident Response plan (Division of Facilities Management).
Projects
- Project methodology incorporating risk management (Project Service Centre).
Commercial ventures (including offshore programs)
- Business plan incorporating a Risk Register.
- Risk Register to be reviewed at least annually.
- Where capacity to materially affect institution, risk analysis conforms to Protocol 11 requirements.
Key Business processes and IT systems
- Business continuity and disaster recovery plans (work of Garry Taylor, Director, Technology Services & Infrastructure Centre).
Controlled Entities, Joint Ventures, Partnerships, Related Entities
- Risk analysis as part of Protocol 11 work.
Risk Register
CSU has adopted a generic risk regsiter template [.doc] to encompass risk identification, assessment, treatment and reporting. The advantage of a singled layered template is its simplicity. This template will be used to support University Strategic and Operational Plans prepared by the Vice-Chancellor, Faculties and Divisions.
There are a range of templates and other tools that can be adapted from the Standards Australia materials on risk management to support a staged or multi layered approach to identifying, assessing, prioritising and managing risk. At a budget centre level, CSU managers may adapt these materials to support risk management where the required level of detail exceeds the capacity of a single layered template.
It is expected that higher level CSU Risk Registers will be short and strategic. Where the register identifies the operation of another quality or risk management framework duplication should be avoided. A single line entry in the in the high level register noting compliance (or otherwise) with the adjunct quality or risk management process should suffice.
How to do a Risk Register [.doc ] is a guidance document adapted, from PM 007 Project Risk Register, Template & Guide, Department of Premier and Cabinet, Tasmania.