Risk Management Policy
To improve decision-making, performance and accountability, while reducing the likelihood of risk, through a systematic approach to the identification, analysis and reporting of risk, as part of sound corporate governance.
This policy applies to all of Canberra Institute of Technology (CIT) employees, activities, students, contractors, and visitors.
3.1 CIT is committed to ensuring that all business and operational processes are underpinned by an effective risk management process.
3.2 CIT has adopted an organisational-wide approach, integrating risk management strategies with CIT business processes. Risk management forms part of the overall CIT governance framework.
3.3 CIT's Risk Management Framework, including the Enterprise Risk Management Profile, is designed to create value, be an integral part of CIT’s organisational governance and decision making processes, and is factored into CIT operations including: business planning; performance management; accountability; audit and assurance; business continuity; and project management.
3.4 The Enterprise Risk Management Profile explicitly addresses uncertainty, is dynamic and adaptable to change.
3.5 The Enterprise Risk Management Profile is comprehensively reviewed every two years, updated quarterly and is recommended by the CIT Audit Committee, to the CIT Board for approval.
3.6 The application of risk management at CIT is conducted in accordance with the Australian and New Zealand Standard, AS/NZS 31000 2018; the ACT Government Risk Management Framework; and the ACT Insurance Authority Risk Management Framework.
Context - This is the environment which makes up CIT. It includes stakeholder needs, customer expectations, Information Technology capabilities available to CIT etc. The section under Procedure 'Establish the operating and organisational context' under Risk Management Procedures Page 3, provides a more detailed definition.
Risk - The chance of something happening that could prevent or impair the achievement of objectives and outcomes. It can be a hazard or an opportunity.
Risk management - The processes, structures and culture developed to identify, analyse, evaluate, treat, monitor and communicate risks associated with any activity, function or process in a way that enables organisations to minimise losses and maximise opportunities.
Risk management profile - The document to report risk assessment, treatment, and other management information.
6. Policy Contact Officer
For more information about this policy contact the Senior Manager Audit, Risk and Corporate Governance.
Contact CIT Student Services on (02) 6207 3188 or email email@example.com.
This policy is implemented through the associated Risk Management Procedure. Authority to make changes to the procedure rests with the policy owner.
Policy No: 2017/885
Approved: August 2019
Next Review: August 2020
Category: Student Policies, Staff Policies, Corporate Policies
Policy Owner: Executive Director, Corporate Services
| Risk Management Procedures|
(PDF File 1.0 MB)
Client Service Charter
Student Code of Conduct
|POLICIES LAST UPDATED|
2020-03-10: Home Garaging of CIT Vehicle Policy
2020-02-28: Procurement Policy
2020-02-24: Research Policy
2020-02-24: Off-Campus Activities Policy
2020-02-24: Higher Education Scholarly Activity Policy