Home > About Council > Council Overview > Policies > Risk Management Policy

Risk Management Policy



The purpose of this policy is to clearly document Council’s commitment to risk management principles and practices.


Council has a legal and ethical responsibility to ratepayers, residents, employees and visitors to minimise the likelihood and consequences of adverse risks and maximise Council’s potential to achieve its strategic objectives.


This policy applies to all activities undertaken across Council.

Procedures will be established to proactively and systematically manage organisational risks.

The Procedures will require that:-

  1. Risk management plans will be devised, implemented and regularly reviewed for improvement. This will involve risk identification and evaluation linked to practical, cost effective risk control measures.
  2. All Councillors, management, employees, contractors, and volunteers have a responsibility to follow effective risk management practices and ensure Council is aware of risks associated with its operations.
  3. Significant decisions are subject to risk assessment and control
  4. Significant incidents are analysed and used to inform future risk assessment


The Chief Executive Officer will:-

  • Ensure that Council’s culture and strategies are consistent with the Risk Management Policy.
  • Obtain commitment from Council to adequately resource risk management.
  • Develop agreed and assessable success measures with all Directors and Councillors to support strategic objectives.
  • Report risk management issues to the Internal Audit Committee.
  • Ensure that the following responsibilities are assigned to relevant employee.

The Executive LeadershipTeam will:-

  • Set strategic direction for the systematic management of risk across Council
  • Identify organisational level risks and implement actions to address them.
  • Establish likelihood and consequences tolerance levels.
  • Appoint employee relevant risk management groups and roles.
  • Approve the Risk Management Plan and supporting documentation.
  • Resource action plans for all extreme and high risks when required.
  • Monitor and evaluate performance of employees against risk management responsibilities.
  • Review the Council Risk Register.

Directors will:-

  • Ensure the systematic management of directorate level risks and implement effective actions in accordance with Council’s Risk Management Policy, Procedure and Plans.
  • Ensure employees are aware and have the capacity to meet their risk management responsibilities through adequate training, supervision and written procedures.

The Risk/ OHS Officer will:-

  • Lead and facilitate development and implementation of an overall risk management plan and supporting plans and materials.
  • Promote awareness and provide guidance and support to stakeholders in the development and implementation of risk management plans.
  • Facilitate the development of the corporate and operational risk profile.
  • Monitor and report risk register changes to the Risk Management Committee in regards to extreme and high risks
  • Facilitate the operation of the Risk Management Committee.

Managers / Co-ordinators will:-

Systematically manage operational risks and implement actions to address these risks within the resources provided.

  • Provide operational direction and risk management tasks to employees, contractors, and volunteers within their area of responsibility.
  • Allocate appropriate resources and responsibilities to manage identified risks.
  • Monitor and evaluate performance of employees against risk management responsibilities.
  • Inform employees about changes relating to risk management and Council’s Risk Register.
  • Report on the progress of risk management within their allocated area.
  • Monitor and evaluate performance of employees against risk management responsibilities.

The Risk Management Committee will:-

  • Be responsible for the delivery of an effective and efficient risk management program.
  • Respond to risk management issues raised by Council, Audit Committee, internal and external auditors or ELT.
  • Monitor risk management compliance and performance, including monitoring Council’s Risk Register.

The Risk Management Representatives will:-

  • Maintain an understanding of the risk profile within their area of responsibility.
  • Assist employees to maintain the Risk Register in relation to their area of responsibility.

All employees, contractors and volunteers will:-

  • Follow effective risk management practices.
  • Identify and communicate Council risks to the relevant personnel for action.

Related Policies / Documents

  • Risk Management Procedure – PRO/CORP 216D
  • Occupational Health and Safety Policy – POL/STAFF 107
  • Occupational Health and Safety Directive – DIR/STAFF
  • Fraud Control Policy – POL/CORP226
  • Incident and Claims Handling and Analysis – DIR/CORP230
  • Staff Code of Conduct – DIR/STAFF127
  • Business Continuity and Disaster Recovery Directive – DIR/CORP233

Related Legislation

  • Australian/New Zealand Standard ISO 31000:2009 – Risk management – Principles and guidelines
  • Occupational Health and Safety Act 2004
  • Local Government Act 1989

Signed: Cr Les McPhee (Mayor)
Date: 27/07/16

For information on current legislation visit: