About us
Enterprise risk management policy
Policy statement
Barwon Water is committed to:
- Effectively integrating the management of risk into management planning activities to support the achievement of its strategic objectives as outlined in Strategy 2030;
- Applying and incorporating the Enterprise Risk Management Framework into operational activities;
- Ensuring activities are undertaken within approved risk appetite levels set by the Board; and
- Demonstrating commitment to comply with the requirements and continually improve the effectiveness of risk management and ISO certified systems.
Purpose
The purpose of this policy is to make certain the Barwon Water Group has a clear and transparent approach to risk management and that it promotes ongoing risk awareness of our risk management practises, continuous improvement of our risk and control environments and willingness to manage risk at all levels.
The Barwon Water Group is committed to maintaining an enterprise-wide risk management system which supports the achievement of Strategy 2030. This policy will assist all associated processes to operate effectively and to meet our corporate risk management responsibilities.
Scope
This policy is applicable to all staff of the Barwon Water Group (including other workplace participants such as agency resources).
Policy/Guidelines
The enterprise risk management framework approach is in alignment with AS ISO 31000:2018 Risk Management – Principles and Guidelines and meets the current requirements of the Victorian Government Risk Management Framework.
Policy details
Barwon Water will ensure:
- Effective integration of risk management into management planning and operational business activities to support the achievement of its strategic objectives as outlined in Strategy 2030;
- The Board and Executive Leadership Team (ELT) are in a position to confidently make informed strategic, project and operational decisions based on a consistent and systematic approach to enterprise risk management;
- Processes are in place that supports a positive risk culture across the organisation, enabling the annual risk management attestation;
- Activities are undertaken within approved risk appetite levels, being the level of risk that the Barwon Water Group is willing to accept in the pursuit of its strategic and business objectives, as set by the Boards of Barwon Water and Barwon Asset Solutions annually;
- All reasonably foreseeable risks are systematically identified, assessed, analysed, prioritised and considered for appropriate treatment;
- The correct assignment of ownership of risks, through delegation of risk management responsibilities to management across all departments;
- All relevant legislation is complied with, and certified management standards are used to continually improve risk management practices;
- The risk management framework and key business risks are reviewed annually to so that they remain current and are updated as required;
- Any breach in this policy will be reported and addressed by the ELT and Risk Management Committee;
- Inter‑agency risks are addressed and shared across government departments, as appropriate;
- Business Continuity Management is embedded across the organisation, using the Risk Management Framework as appropriate when assessing risk exposure; and
- A Compliance Management policy and framework exists so that compliance risks are effectively controlled and systematically maintained.
- An Emergency Risk Management Framework exists which encompasses an all-hazards approach to managing incidents, focusing on prevention, preparation, response and recovery strategies.
Roles and responsibilities
Below is a summary table of the roles and responsibilities, for further detail please refer to the Risk Management Framework document.
| Role | Responsibility |
|---|---|
| Board (Inc. BAS Board) | Oversee Barwon Water’s framework for enterprise risk management and the management of significant corporate risks, including the procedures implemented by Barwon Water to comply with major relevant legislation. The Board is also responsible for determining the Corporation’s risk appetite statements annually and will notify the Minister and the Secretary of DEECA of any major risk. |
| Risk Management Committee (Inc. Audit and Risk Committee for BAS) | Foster a corporate culture that promotes open discussion of risk and integration of risk management principles into Barwon Water’s goals, policies and processes. Provide strategic direction for the development and implementation of Barwon Water’s Risk Management Framework, Compliance Management Framework, associated internal control systems and legal and regulatory obligations. Review management’s response to fraud and corruption incidents and oversee fraud and corruption control initiatives. |
| Managing Director | Develops and promotes the risk management culture including responsibility for the development of strategy and processes. |
| Executive Leadership Team | The ELT is responsible for developing the risk culture, the structure and assignment of responsibilities for risk management. |
| Head of Department | Head of Department’s are responsible for promoting, implementing, and delegating of the Enterprise Risk Management Framework, including maintaining and testing Business Continuity Plans. |
| Risk Champions | Risk Champion are responsible to coordinate the management of department risk registers, ensuring risks are correctly identified, assessed and owners are assigned to each Risk, Control and Treatment. |
| Governance Department | The Governance Department are responsible for providing oversight and consistency of all risk management functions across the organisation. |
| Staff and agency resources | All employees and agency resources are responsible for developing an understanding of how their responsibilities involve the management of risk. |
References
Related policies and documents:
- Enterprise Risk Management Framework
- Risk Appetite Statements
- Risk Management Procedure
- Risk Management Committee Charter
- Compliancy Management Policy and Framework
- Barwon Emergency Risk Management System (BERMS)
- Security Policy
- Health, Safety and Wellbeing Policy
- Environmental Policy
- Business Continuity Framework