City of Stirling Corporate Business Plan

Risk management

The City’s Risk Management Plan 2019 – 2021 focusses on improving and further embedding risk management at the City. This plan includes a review of the City’s Strategic Risk Register with the executive and leadership teams and elected members. The review includes but is not limited to: • Identifying significant risks that have the potential to prevent the achievement of the City’s strategic objectives and those that may impact the future direction of the City • Defining the City’s risk appetite and risk appetite statement with the intent of establishing the City’s risk tolerance level • Updating the City’s Risk Management Framework to align with changes made to the • Developing Key Risk Indicators (KRIs) to assist in benchmarking the City’s current behaviour against the key risks, facilitating action to align processes (including controls) and behaviours. AS/NZ ISA 3100 Risk Management in 2018

In the process of carrying out the responsibilities of a local government in a changing environment, the City faces a broad range of risks from both external and internal sources. The City is committed to embedding risk management practices across the organisation to support the delivery of the City’s Strategic Community Plan and Corporate Business Plan.

assessment, management, recording and reporting of risks in all functions and processes. The City has identified a comprehensive and mature Risk Management Framework and is constantly monitoring all areas within the organisation to improve risk management. The City’s Risk Management Framework, which includes the City’s Risk Policy and management practice, provides the foundations, key principles and processes for managing risk across the City. The Framework is aligned with the AS/NZ ISO 31000. Oversight of the Framework sits with the Corporate Risk Management Group, which reports to the Executive Team, and through the Executive Team to the Audit Committee with respect to the requirements of the Local Government (Audit) Regulations 1996, regulation 17.

A key focus for 2019/20 is the City’s Strategic Risks Register. These are the risks that affect or are created by the City’s business strategy and strategic outcomes. Strategic risks are higher order risks that tend to be long-term in nature and threaten the achievement of the City’s Strategic Community Plan and Corporate Business Plan. The City’s approach to risk management is that it is an integral part of the management function in the organisation, and is the responsibility of all employees, with Business Unit Managers having overall responsibility and accountability for assessing and managing risk within the context of their business environments. Business Units are supported in this role through the development, maintenance and continual improvement of an active risk management culture that acknowledges the need for

Corporate Business Plan 2019 – 2023 | 41