ɬÀï·¬

Skip to Content
Need Help

Risk Management Policy

1. Purpose

To provide assurance to the Canberra Institute of Technology (CIT) Board, the ACT Government and community stakeholders that ɬÀï·¬has an effective risk management framework underpinning all ɬÀï·¬business and learning activities.


2. Scope

This policy applies to all ɬÀï·¬employees, activities, students, contractors, and visitors.


3. Principles

3.1 ɬÀï·¬is committed to ensuring that all business, operational and learning and teaching activities are underpinned by an effective risk management process.

3.2 ɬÀï·¬has adopted an organisational-wide approach, integrating risk management strategies with ɬÀï·¬business processes. Risk management forms part of the overall ɬÀï·¬governance framework.

3.3 This policy aligns with the ACT Government Risk Management Policy 2019 that details the risk management standard expected across Territory entities.

3.4 Risk at ɬÀï·¬is managed through Audit, Risk Management and Corporate Governance. Risk is supported through the Risk Management Framework that consists of a Risk Management Policy and Procedures, the Fraud Control Plan and Workplace Health and Safety (WHS) Policy and Procedures. WHS Risks are managed independently through the WHS Unit.

3.5 CIT's Risk Management Framework is designed to create value, be an integral part of CIT’s organisational governance and decision-making processes.

3.6 Strategic and operational risks are recorded in the ɬÀï·¬Strategic Risk Register, which is reviewed quarterly. Changes to risk ratings, controls and treatments and identification of emerging risks must be recorded.

3.7 The updated ɬÀï·¬Strategic Register is approved quarterly by the Executive Management Committee and endorsed by the Audit Committee and the ɬÀï·¬Board.

3.8 A major review of all risks must be conducted every two years.

3.9 The application of risk management at ɬÀï·¬is conducted in accordance with the Australian and New Zealand Standard ASISO 31000:2018 and the ACT Insurance Authority Risk Management Policy and Framework.


4. Documentation


5. Definitions

Risk management - The processes, structures and culture developed to identify, analyse, evaluate, treat, monitor and communicate risks associated with any activity, function or process in a way that enables organisations to minimise losses and maximise opportunities.

Risk - The chance of something happening that could prevent or impair the achievement of objectives and outcomes. It can be a hazard or an opportunity.

Risk Register - The document to report risk assessment, treatment, and other management information. ɬÀï·¬uses the ACTIA risk register template.


6. Policy Contact Officer

Manager Audit, Risk and Corporate Governance on 62052968.

Contact ɬÀï·¬Student Services on (02) 6207 3188 or email infoline@cit.edu.au for further information.


7. Procedures

This policy is implemented through the associated Risk Management Procedure. Authority to make changes to the procedure rests with the policy owner.