Document Feedback - Review and Comment
Step 1 of 4: Comment on Document
How to make a comment?
1. Use this to open a comment box for your chosen Section, Part, Heading or clause.
2. Type your feedback into the comments box and then click "save comment" button located in the lower-right of the comment box.
3. Do not open more than one comment box at the same time.
4. When you have finished making comments proceed to the next stage by clicking on the "Continue to Step 2" button at the very bottom of this page.
Important Information
During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity. If you do not have JavaScript running you will recieve a message to advise you of the length of time before the time-out. If you have JavaScript enabled, the time-out is lengthy and should not cause difficulty, however you should note the following tips to avoid losing your comments or corrupting your entries:
-
DO NOT jump between web pages/applications while logging comments.
-
DO NOT log comments for more than one document at a time. Complete and submit all comments for one document before commenting on another.
-
DO NOT leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.
-
DO NOT exit from the interface until you have completed all three stages of the submission process.
(1) This Policy establishes Victoria University’s (VU) commitment to managing risk through implementation of a risk management framework and accountability structure. (2) HESF: 6.2 Corporate Monitoring and Accountability, 6.3 Academic Governance (3) Standards for RTOs: Standard 7, Standard 8. (5) Accountability: Responsibility for ensuring that risk is appropriately managed including the implementation of treatment plans and monitoring the effectiveness of controls. (6) Contributing Factors: Factors internal and external that contribute to the risk existing or could result in the risk materialising. (7) Controls: The existing actions, activities or mitigation strategies in place to prevent the risk from materialising. (8) Consequences: The outcome of a risk event or situation, being a loss, injury, disadvantage or gain. (9) Likelihood: The chance or probability of a risk materialising. (10) Risk: The effect of uncertainty on objectives: (11) Risk Appetite: The amount and type of risk that the University is willing to take in order to meet its strategic objectives. (12) Risk Categories: Broad categories of risk that the University uses to identify and group risks. (13) Risk Management: The coordinated management of activities to direct and control the University with regard to risk. (14) Risk Tolerance: The acceptable range of risk rating within which the University will seek to maintain each risk. (15) Treatment Plan: Actions that will be taken to reduce the likelihood or consequence of a risk occurring. (16) Managing risk is an essential component of good governance and leadership. Effective risk management both creates and protects value in an organisation by improving decision making. (17) To achieve its strategic objectives, the University must accept a measured degree of risk. Through the identification and analysis of risk, the University is able to be creative, adaptive and progressive in working to deliver its vision to be a global leader in dual sector learning and research. (18) VU’s risk management framework is based upon the International Standard for Risk Management AS ISO31000:2018, consistent with the Victorian Government Risk Management Framework and takes into account key risk considerations of the TEQSA and ASQA risk frameworks. (19) The framework is underpinned by the following principles: (20) The primary purpose of the risk management framework is to provide a coordinated and managed approach to critical risk that, if it were to occur, would impact on the achievement of strategic and operational objectives. VU’s risk management framework comprises: (21) The University has defined three levels of risk and accountability as outlined in the attached Risk Hierarchy: (25) VU employs three lines of defence to mitigate risk: (26) Oversight and reporting of the first and second lines of defence is to the Vice-Chancellor's Group. (27) Oversight and reporting of the third line of defence is to the Vice-Chancellor and University Council.Risk Management Policy
Section 1 - Summary
Section 2 - HESF/ASQA/ESOS Alignment
Section 3 - Scope
Top of PageSection 4 - Definitions
Section 5 - Policy Statement
Risk management principles
Principle
Demonstrated by
A positive risk culture
• A culture where identifying and managing risk is accepted as everyone’s responsibility.
• Driving excellence in corporate governance by increasing accountability, awareness and a positive attitude to risk management.
Accountability
• Clear accountability for each category of risk, individual risk and treatment plan to ensure action and monitoring is implemented.
Transparency
• Providing transparency and oversight to senior management and the University Council that strategic, enterprise and significant operational risks are managed effectively.
Risk based decision making
• Decision making, resource allocation and investment are prioritised and informed by risk analysis.
Embedded risk management
• All operational functions and process should include a link to risk.
• Risk analysis and identification will include broad stakeholder consultation.
Informed investment
• The consideration of the balance between risk and benefit in the development of investment strategies.
Informed resource allocation
• Adoption of a risk-based approach to the allocation of resources to mitigate future risks.
Risk management framework
Risk Type
Accountability
Strategic Risk
Council
Enterprise Risk
Vice-Chancellor's Group
Operational Risk
College/Research Centre/Business Unit Lead
Three Lines of Defence
Line
Role
Key duties
First Line – management and internal controls
Vice Chancellor’s Group and Senior Leadership Group
Identify and manage risk in daily operations, projects and pursuit of strategic objectives.
Develop policies, procedures and controls to mitigate risks.
Implement treatment plans to reduce risks where appropriate.
Second Line – oversight
Risk and Compliance Directorate
Develop and implement a risk management framework and tools.
Provide advice, assistance and training in assessing and managing risk.
Coordinate monitoring, reporting and escalation of risk to appropriate bodies.
Third Line – assurance
Internal Audit
Undertake independent review of internal controls.
Provide gap analysis and best practice advice to VCG.
Provide assurance to Council on application and appropriateness of risk controls.Section 6 - Procedures