Charles Sturt University
Charles Sturt University

Organisational Risk Management Framework

The following diagram is a representation of the elements of the University's Organisational Risk Framework:

2017 Risk Framework Diagram v.1.0 

Risk and opportunities are inherent in every activity we do.  We will manage these risks and opportunities in a variety of different methods. 

It is essential that we have processes to identify our risk exposures and to make visible opportunities across all our activities.  It is also essential to provide an assurance that these exposures are adequately controlled, gaps are rectified and we take advantage of opportunities presented to the University.

This will allow us to make well-informed decisions which will lead to long-term sustainability of the organisation.

Success of this ORM Framework

The success of this framework will depend on a number of factors:

  • Full commitment for all staff, led by the Vice-Chancellor, Leadership Team, the University Council and the Academic Senate;
  • Appropriate risk management processes are embedded at the relevant levels and areas of the organisation;
  • All relevant strategies, plans, position descriptions, performance management, budget cycles, project management, business planning and processes all link to this framework in an appropriate manner;
  • Appropriate reporting and monitoring is in place; and
  • Appropriate communication and consultation occurs with all relevant stakeholders.

Why do we need risk management?

Charles Sturt University is committed to establishing an organisation that ensures that risk management is a core and integral part of all activities, projects and events and it sits within the University Governance Framework.

The CSU Organisational Risk Management (ORM) Framework will be used to manage uncertainty and will be supported by efficient, effective and robust processes to assist the organisation achieve its mission and objectives.  This Framework will allow the University to:

  • identify risks and opportunities at any level of the organisation;
  • articulate those risks and opportunities in the most meaningful way;
  • identify and understand the causes of the risks or opportunities;
  • understand the controls we have in place already to manage the risks and to take advantage of the opportunities;
  • rate the risks and opportunities; and
  • identify any further treatments we can put in place to either mitigate the risk further or to take advantage of the opportunities for the University.

Benefits of good risk management

There a number of reasons why we want to have exceptional and robust risk management practices across the organisation:
  • increase the likelihood of achieving objectives;
  • encourage proactive management;
  • be aware of the need to identify and treat risk throughout the organisation;
  • improve the identification of opportunities and threats;
  • comply with relevant legal and regulatory environment;
  • improve financial reporting;
  • improve governance;
  • improve stakeholder confidence and trust in our organisation;
  • establish a reliable basis for decision-making and planning;
  • improve existing controls;
  • effectively allocate and use resources for treating risks;
  • improve operational effectiveness and efficiency;
  • enhance health and safety performance as well as environmental protection;
  • improve loss prevention and incident management; and
  • improve organisational learning, resilience and sustainability.

                                    Source:  AS NZS/ISO 31000:2009 Risk Management - Principles and Guidelines

ORM Framework Objectives

The objectives of the University's ORM Framework include:

  • systematic and consistent approach to managing risk at all levels of the university;
  • clarity for roles and responsibilities;
  • balance between risk-taking and being risk averse;
  • improves organisational decision-making;
  • assists with achievement of organisational objectives;
  • enhances organisational resilience;
  • promotes awareness and helps create a good risk culture where risks are considered prior to taking action;
  • enhances stakeholder confidence;
  • provision of training and resources; and
  • enhancement of risk skills with staff.

11 Principles for Managing Risk

The University's Organisational Risk Management Framework is built upon the 11 principles that is defined by the International Standard for Risk Management (AS/NZS ISO 31000:2009):

11 Principles