Risk Oversight and Management
Corporate Plan 2018-2019
The Federal Court of Australia (FCA) promotes a Risk Management Framework that supports the identification, analysis, assessment, treatment, monitoring and review of all strategic, professional, reputational, personnel, political and operational risks. These include risks to our stakeholders and emerging risks.
The Risk Management Plan has been developed in accordance with the methodology set out in Australian/New Zealand Risk Management Standard (AS/NZS ISO 31000:2009) and the Commonwealth Risk Management Policy 2014.
We have adopted seven broad criteria for establishing risk management Priorities. These are:
- Strategic risks—risks that affect performance against identified strategic Priorities.
- Financial risks—risks that affect the financial outcomes of the entity or have detrimental financial impact.
- Risks to reputation—risks that affect the reputation of the entity and its ability to perform, or which may impair the community's trust with the courts and judicial system.
- Operational risks—risks that affect the Chief Executive Officer and Principal Registrar's management of and accountability for performance, including the entity's service delivery obligations, regulatory framework and business relationships.
- Legal liability risks—risks arising from current or pending litigation to which the entity is a party of.
- Property and security—risks that affect the security of all courts' and the Tribunal's resources (including property) and visitors to its premises.
- Personnel risk—risks that affect staff ethical behaviour, the integrity of decisions, processes and information, or affect the health and safety of personnel.
Risks are reviewed at least each quarter and the risk register is updated after each review. Managing risks effectively and efficiently allows the FCA to achieve its objectives. The importance of training and awareness programs in risk management is recognised, and consequently, the FCA is committed to ensuring all staff receive regular training and information on risk management and their responsibilities.
The FCA participate in Comcover's annual Risk Management Benchmarking Program, which is designed to assess the maturity of a risk framework against the nine elements of the Commonwealth Risk Management Policy (the Policy), using a risk maturity model.
Additionally, Comcover's annual Risk Management Benchmarking Survey benchmarks the FCA risk management framework and capabilities against other participating agencies. The overall performance of the FCA risk management program has improved from the 2017 performance.
The Audit Committee is established in accordance with s 45 of the Public Governance, Performance and Accountability Act 2013. The CEO must establish and maintain an Audit Committee, with the functions and responsibilities required by s 17 of the Public Governance, Performance and Accountability Rule 2014.
The functions of the committee are to:
- provide independent assurance of the effectiveness of the entity's Risk Management Framework
- review compliance with the entity's Risk Management Policy
- monitor the implementation of the entity's Risk Management Plan
- review compliance with finance law, including financial and performance reporting
- review risk reports periodically (quarterly and annual reports)
- review the internal control programs and advise whether key controls are appropriate and are operating effectively
- monitor and understand the potential impact of emerging risks on the entity's ability to achieve its objectives, and
- provide assurance that the entity has well-designed business continuity and disaster recovery arrangements in place and are tested periodically.
As part of the FCA's continuous improvement approach and adopting best practices, the Risk Management Plan undergoes a periodic internal audit, either in its totality or specific sections (for example, fraud). The audit findings and recommendations are then reviewed and action plans are put in place to address the areas for improvement. The Audit Committee monitors quarterly, the implementation of the audit recommendations and respective action plans and advises on the suitability of the action plans proposed by management.
The table below provides some examples of the risks faced by the courts.
|Risks||Area of risk||Risk description||Mitigation strategy|
|Strategic||Disconnected future strategies||Risk for the courts and Tribunal of conflicting strategic agendas with government|| |
|Financial||Funding/financial resources||Insufficient financial resources to support the essential requirements of the courts and the Tribunal to deliver services to their customers|| |
|Reputation||Inadequate guidance provided to judicial staff regarding media liaison practices||Reputational damage to the courts which could lead to a lack of public confidence in the judicial system|| |
|Operational||Technological management||Information Technology (IT) tools and systems are unable or unavailable to support the judiciary, staff and customers of the courts and the Tribunal|| |
|Legal liability||Legal compliance||The courts and the Tribunal are subject to litigation|| |
|Property and security||Security management||Attacks/threats to staff, judges and members of the public in court premises|| |
|Personnel||Calibre of personnel||Difficulty in recruiting skilled/experienced professional support staff, registrars and family consultants and the loss of key personnel|| |