CQUniversity is committed to managing risk in accordance with the process set out in the Australian/New Zealand Joint Standard on Risk Management (AS/NZS ISO 31000:2009) in order to benefit the University and manage the cost of risk.
To meet this commitment, risk is to be every employee's business. All employees are required to be responsible and accountable for managing risk in so far as is reasonably practicable within their area of responsibility.
Sound risk management principles and practices must become part of the normal management strategy for all business units within CQUniversity. The management of risk is to be integrated into CQUniversity's existing planning and operational processes and is to be fully recognised in the University's reporting processes.
Risk is defined as the chance of something happening that will have an impact on objectives.
It is measured in terms of consequences and likelihood. Risk arises out of uncertainty. A risk is an exposure to the possibility of such things as economic or financial loss or gain, physical damage, injury or delay, as a consequence of pursuing or not pursuing a particular course of action. The concept of risk has three elements:
- the perception that something could happen;
- the likelihood of something happening; and
- the consequence if it happens.
Risk Management is defined as the coordinated activities that are directed towards realising potential opportunities whilst managing adverse effects in order to improve the achievement of University objectives.
- is a logical and systematic process that can be used when making decisions to improve the effectiveness and efficiency of performance. It should be integrated into everyday work;
- is identifying and being prepared for what might happen. It involves taking action to avoid or reduce the unwanted exposures of the University to the costs or other effects of these events, or for the University to maximise the opportunities identified;
- encourages the University to manage proactively rather than reactively;
- means identifying and taking opportunities to improve performance as much as it means taking action to avoid or reduce the chances of something going wrong.
Risk Management is focused on identifying, evaluating, controlling and 'managing' risks. It is not a negative or constraining concept. It allows the University to seek and take advantage of opportunities to achieve improved outcomes and outputs by ensuring that any risk taken is based on informed decision-making, realistic and measurable objectives, and sound analysis of possible outcomes. The process can be applied at all levels of the University.