Risk Management Framework
As required under the PGPA Act 2013, DVA has established appropriate internal systems and controls for the positive and transparent oversight and management of risk.
Effective risk management, considering both threat and opportunity, leads to well informed decision making, and this is crucial for DVA during this sustained period of service delivery innovation. In this way, our Risk Management Framework enables DVA to identify and manage maximum benefits derived from new initiatives, challenges and opportunities.
DVA has a robust Risk Management Framework and Policy that encapsulates Enterprise-Wide and Business Unit Specific Risks, as part of DVA’s Governance arrangements, which is compliant with the PGPA Act 2013 and the Commonwealth Risk Management Policy.
Enterprise risks are oversighted by the Audit and Risk Committee. Business Unit Risks are factored into annual business plans and are managed by the relevant Business Executive. Fraud risks and mitigations are addressed within the DVA Fraud Control Plan 2015-2017.
DVA's Enterprise Risks
- Inability to adapt to client/stakeholder needs and feedback and/or failure to develop/implement appropriate solutions/services to address them.
- Failure to respond to and meet the requirements of Government.
- Failure to make the right budget choices to facilitate appropriate response to change.
- Failure to initiate and/or complete appropriate reform activities.
- Failure to deliver appropriate, successful, dignified and solemn commemorative services.
- Failure to retain/develop a skilled workforce – people who are skilled to deliver.
- Failure to maintain/develop ICT and business capability – the processes and systems to deliver current and future services.
Enterprise Risk Mitigation
- Defining responsibility for managing risk at all levels.
- Understanding and managing shared risk across entities.
- Developing a positive risk culture.
- Embedding systematic risk management into business processes.
- Effective management of relationships with clients and client stakeholder groups.
- Communicating and consulting with staff about risk.
- Continually reviewing, evaluating and improving the management of risk.
- Maximising future agency internal capability needs.
- Identifying and communicating DVA's strategic direction.
- Maintaining a risk management capability.