Risk management is a key element of good corporate governance and is a fundamental component of managing the department's business operations. In accordance with the Financial Accountability Act 2009, overall accountability for risk management resides with the Director-General, which is exercised through the Executive Leadership Team. The Audit and Risk Committee assists the Director-General in his oversight of the effective performance of the department's risk management framework and practices.
The risk management policy and framework, based on the International Standard ISO 31000:2018 Risk management guideline, ensure risks are managed consistently across the department and minimised through a robust system of internal controls.
Strategic risks and risk appetite
Strategic risks are those that could affect the department’s ability to deliver its vision and purpose outlined in its strategic plan, requiring executive oversight and sponsorship. Strategic risks have the potential to materially impact our strategic objectives and are therefore considered in our strategic planning process. Risk review workshops are regularly undertaken, which validate the risks against strategic objectives, suitability of treatment strategies and assessment of the ongoing risk exposure.
Following the implementation of the new Strategic Plan 2019–2023, the Executive Leadership Team has reframed the department’s strategic risks and revised the Risk Appetite Statement.
Key achievements in 2019–20
The Executive Leadership Team strengthened the risk management framework with the introduction of enterprise operating risks, based around five core themes. The enhancement to the framework will enable the Executive Leadership Team to have better oversight and management of those core enterprise-wide risks which potentially impact business operations are identified as having the lowest risk appetite.
The Executive Leadership Team:
- focused on strengthening its strategic risk management through regular strategic risk review workshops, improved reporting, and documentation enhancements
- embedded the Risk Management System across business areas, promoting a coordinated and consistent risk management approach
- made further improvements to the management of portfolio and program risks. All capital works project and program risks within the Queensland Transport and Roads Investment Program (QTRIP) are centrally captured and reported from the 3PCM portfolio management solution.