Managing risk across the public sector
Overview
This audit assesses whether appropriate risk management frameworks have been developed and operate to effectively identify, analyse, evaluate, treat, manage and communicate key organisational or program risks, as an integral part of the corporate governance arrangements operating across the Victorian public sector.
Specifically, the audit assessed whether: public sector agencies have appropriate risk management strategies in place, which are effectively implemented and strategically managed; risk management is effectively integrated into the governance or management structures of government agencies; and risk management structures and processes have been established and operate, in a manner which would lead to the effective identification, management and reporting of key risks that should properly have been drawn to the attention of the Government.
The audit investigated risk management in the Victorian public sector by: examining risk management across a representative sample of 61 Victorian public sector organisations and a range of organisational and governance arrangements; investigating, in detail, risk management practices in a smaller number of selected agencies; and reviewing risk management structures and processes across the State-sector through research, interviews and examination of practices in selected departments, authorities and central agencies. The audit included the Department of Treasury and Finance and the Department of Premier and Cabinet in their role as central agencies and the Victorian Managed Insurance Authority (VMIA) in its role as a risk manager and insurer of the Victorian Budget sector. Local government was excluded from the scope of this audit.