Enterprise risk management policy

Policy statement

Barwon Water is committed to:

  • Effectively integrating the management of risk into Barwon Water’s management planning activities to ensure the achievement of its strategic objectives as outlined in Strategy 2030;
  • Applying and incorporating the Enterprise Risk Management Framework into Barwon Water’s operational activities;
  • Ensuring activities are undertaken within approved risk appetite levels set by the Board; and
  • Demonstrating commitment to comply with the requirements and continually improve the effectiveness of risk management and ISO certified systems.

Purpose

The purpose of this policy is to ensure that the Barwon Water Group has a clear and transparent approach to risk management and that it promotes risk awareness, continuous improvement and willingness to manage risk at all levels.

The Barwon Water Group is committed to maintaining an enterprise-wide risk management system which supports the achievement of Strategy 2030. This policy will ensure all associated processes are operating effectively to meet our corporate risk management responsibilities.

Scope

This policy is applicable to all staff of the Barwon Water Group (including other workplace participants such as agency resources).

Policy/Guidelines

The enterprise risk management framework approach is in accordance with AS ISO 31000:2018 Risk Management – Principles and Guidelines and meets the current requirements of the Victorian Government Risk Management Framework.

Policy details

Barwon Water will ensure:

  • Effective integration of risk management into management planning and operational business activities to ensure the achievement of its strategic objectives as outlined in Strategy 2030.
  • The Board and Executive Leadership Team (ELT) are in a position to confidently make informed strategic, project and operational decisions based on a consistent and systematic approach to enterprise risk management.
  • Processes are in place that supports a positive risk culture across the organisation, enabling the annual risk management attestation.
  • Activities are undertaken within approved risk appetite levels, being the level of risk that Barwon Water is willing to accept in the pursuit of its strategic and business objectives, as set by the Board annually.
  • All reasonably foreseeable risks are systematically identified, assessed, analysed, prioritised and considered for appropriate treatment.
  • The correct assignment of ownership of risks, through delegation of risk management responsibilities to management across all functional areas of Barwon Water.
  • All relevant legislation is complied with and certified management standards are used to continually improve risk management practices.
  • The risk management framework and risk profile is reviewed annually to ensure it remains current and is enhanced, as required.
  • Any breach in this policy will be reported and addressed by the ELT and Risk Management Committee.
  • Inter‑agency risks are addressed and shared across government departments, as appropriate.
  • Business Continuity Management is embedded across the organisation, using the Risk Management Framework as appropriate when assessing risk exposure.
  • A Compliance Management policy and framework exists which ensures that compliance risks are effectively controlled and systematically maintained.

Roles and responsibilities

Below is a summary of the roles and responsivities, for further detail please refer to the Risk Management Framework document.

Board

The Board oversee Barwon Water’s framework for corporate risk management and the management of significant corporate risks, including the procedures implemented by Barwon Water to ensure compliance with major relevant legislation. The Board is also responsible for determining the Corporation’s risk appetite statements annually and will notify the Minister and the Secretary of DELWP of any major risk.

Risk Management Committee (Including Audit and Risk Committee for BAS)

These committees foster a corporate culture that promotes open discussion of risk and integration of risk management principles into Barwon Water’s goals, policies and processes.Provide strategic direction for the development and implementation of Barwon Water’s Risk Management Framework, Compliance Management Framework, associated internal control systems and legal and regulatory obligations. Review management’s response to fraud and corruption incidents and oversee fraud and corruption control initiatives.

Managing Director

The Managing Director develops and promotes the risk management culture including responsibility for the development of strategy and processes.

Executive leadership team

The ELT is responsible for developing the risk culture, structure and the assignation of responsibilities for risk management.

Department managers

Department Managers are responsible for promoting, implementing, and delegating of the Enterprise Risk Management Framework.

Risk champions

Risk champions are responsible to coordinate the management of department risk registers, ensuring risks are correctly identified, assessed and owners are assigned to each Risk, Control and Treatment.

Governance department

The Governance department are responsible for providing oversight and consistency of all risk management functions across the organisation.

Staff and agency resources

All employees and agency resources are responsible for developing an understanding of how their responsibilities involve the management of risk.

References

Related policies and documents:

  • Enterprise Risk Management Framework
  • Risk Management Procedure
  • Risk Management Committee Charter
  • Compliancy Management Policy and Framework
  • Barwon Emergency Risk Management System (BERMS) - BCP

External resources