Welcome to Risk Management at SCU

Policy

The Risk Management Policy is available online.

Background

The undertaking of a University-wide risk assessment is an expected outcome of a risk management process. In order to do this, a decision was made by the University executive to develop the risk management skills of all staff and the Manager Insurance and Risk Management has worked to establish a strategy and framework for organisation-wide risk management to best suit the University. It is generally accepted that, to be most effective, risk management should be integral to the day-to-day operations of all parts of an organisation, being part of the organisational culture rather than being viewed as a separate activity. Southern Cross University has resolved to develop a co-ordinated approach to its risk management, the outcome for which is stated below:

As a result of this process the University will have, and be able to demonstrate that it has in place, a strategy, structure and process to effectively identify and manage, in a timely fashion and at an appropriate level, its exposure to risk.

The Risk Management Standard

At Southern Cross University the current approach to Risk Management follows that set out in the Australian/New Zealand Risk Management Standard (AS/NZS 4360:2004). While this standard is generally regarded as exhibiting world's best practice in this area, it has been superseded (in November 2009) by the ISO 31000:2009 Risk Management Standard.

While the new ISO Standard differs only slightly from the AS/NZ Standard, the University's Risk Management Policy and Procedures will be reviewed and amended as deemed appropriate, in light of the abovementioned development.

What is Risk Management?

Risk is defined as "the chance of something happening that will have an impact upon objectives. It is measured in terms of likelihood and consequence".~

Risk Management is defined as "the culture, processes and structures that are directed towards effective management of potential opportunities and adverse effects".~

Risk Management is an integral part of good management. The application of sound risk management allows for continual improvement in decision making and processes.

Effective risk management involves the systematic application of management policies, procedures and practices and should include a clear understanding of roles and responsibilities.

(~ reference definitions as per AS/NZS 4360:2004)

Risk Management at SCU

Southern Cross University has specific risk management processes in place, for example, audits, OH&S, equity and access provisions, among others. Risk, however, occurs in much wider contexts including environment, governance, security, quality, entrepreneurial activities, reputation etc.

One of the overriding philosophies of Risk Management for SCU is that risk will be identified, assessed and managed by all employees, through supervisors and managers, appropriate to the level, and impact, of the risk.

Responsibility for managing risk rests with everyone. An effective risk management structure is one that assigns the responsibility to the appropriate operational area within which the risk is found, and establishes a timeframe for action to treat the risk.

Risk management will increase every manager's capacity to identify and deal with risk as well as provide the University with useful strategic information for planning, budgeting and reduction of exposure to risk at all levels.

Used by individuals in the workplace it will also be a most useful tool to assign priority order to competing tasks, enabling employees at all levels to meet their personal objectives.

The University's Strategic Risk Register is the central record for all strategic risks identified by the University.

Updated: 31 March 2014