Image: Driving to Katherine, Northern Territory
The NIAA operates in an environment of constantly changing enterprise, operational, shared and emerging risks. We are committed to maintaining strong processes that align with the Commonwealth Risk Management Policy and section 16 of the PGPA Act.
Managing risk
Our Risk Management Policy and Framework is guided by the Commonwealth Risk Management Policy and focuses on taking a practical approach to risk management. The Chief Operating Officer has been appointed as the Chief Risk Officer (CRO). The CRO has responsibility for embedding a strong risk culture across the NIAA and overseeing the implementation of the NIAA Risk Management Framework and Policy.
As we continue to deliver our purpose through partnerships with others, a key component of our risk management approach is understanding the risks we share with our partners, including the communities and First Nations peoples we serve. In 2024–25, we will strengthen our relationships and partnerships by developing agreed approaches to shared risks and improve our risk monitoring, reporting and management practices. We continue developing staff capability to proactively identify, manage and escalate risk.
We are integrating, strengthening and embedding our Risk Management Policy and Framework, understanding that a strong risk-management culture positions us for successful service delivery, and policy and program development.
This includes our ongoing refinement of our internal controls and governance arrangements to efficiently and effectively manage risk, fraud, corruption and non-compliance across the NIAA.
As part of our active management of risks, and to maintain compliance with the Commonwealth Child Safe Framework, the NIAA publishes an annual Statement of Compliance on our website. This statement includes an overview of our child safety risk assessment as it relates to the agency’s activities, and appropriate strategies to manage identified risks.
How we engage with risk
We recognise that many of our activities are inherently risky, and it is not possible or desirable to eliminate all risk. Our operations involve the direct funding of services in regional and remote locations across the country, creating inherent risks related to travel and supporting a remote workforce. There will always be risks, we must engage with risk and manage it as best we can to achieve our important outcomes.
We have a greater appetite to engage with risks that aim to improve the efficiency and effectiveness of our operations, or that will contribute to the achievement of important outcomes.
We have less appetite to pursue risk where it will maintain the status quo, where there are suitable alternate options, or where the potential consequence is one where we have low or no tolerance.
Our risks and mitigations
Relationships and influence
Risks:
- The NIAA is not able to maintain credibility with key stakeholders and partners and is unable to collaborate and influence outcomes in support of the NIAA’s purpose.
- Aboriginal and Torres Strait Islander peoples do not see the NIAA as trusted or reliable.
Mitigations:
- We have a regional presence connecting communities, service providers and state, territory and local governments.
- We actively seek and capture feedback from communities to build relationships and trust.
- We invest in a systematic external stakeholder engagement approach at all levels of the NIAA.
- We maintain a Customer Relationship Management system and support staff to protect personal and sensitive information in accordance with our privacy obligations.
- We are strengthening our capability to collect, use and share data and information to build trust and strategic influence.
Delivery
Risks:
- The NIAA’s administrative processes may impact effective and timely delivery of programs and services.
- The NIAA’s future sponsored programs are not grounded in evidence and the lived experience of Indigenous communities.
Mitigations:
- We are developing regional and sector strategies to better target our investment to the areas of greatest need and to enhance how we measure performance.
- We continue to adopt a ‘digital first’ approach for enhanced use of information and improved evidence base. This will also improve the internal sharing of information and our ability to detect and respond to further performance and compliance issues.
- We are implementing a project management system (Project Central) for use across the agency to support our consideration of risk, opportunities, and capacity to deliver.
- We are enhancing the agency’s Integrated Program Compliance and Fraud Framework to further improve our proactive approach to compliance, fraud and corruption, including prevention, early engagement and response.
- We are implementing all recommendations outlined in the ANAO report into the NIAA’s Management of Provider Fraud and Noncompliance.
- This year we will focus on implementing our Engagement Toolkit to support our agency role as a convener and broker, sharing insights and feedback for better design and implementation of programs.
- We maintain emergency and business continuity policy and processes to respond to and minimise service disruption.
Culture
Risks:
- The NIAA’s organisational culture may not continue to work towards the unifying power of a ‘One Agency’ approach and leads to limited cohesion and alignment to the NIAA’s purpose.
Mitigations:
- We live our values and behaviours, and support cultural safety.
- We have mature staff networks that are supported by the organisation.
- We are implementing a Diversity and Inclusion Framework that outlines how we value and respect our employees’ differences, and aims to foster a sense of belonging and support.
- We implement the Footprints Cultural Learning Framework to enhance cross-cultural capabilities.
- We implement an internal communications strategy and implementation process to increase information sharing and support a ‘one Agency’ approach.
- We drive a culture of high performance and accountability through the development of the organisational performance framework, including implementing the Group Performance Review process.
- We monitor our organisation’s culture on an ongoing basis through the APS Employee Census, and address priority focus areas through our multi-year Census Action Plan, as well as team and individual performance discussions.
People and Capability
Risks:
- The NIAA is not able to maintain the right capabilities (people, resources, processes, systems and culture) to deliver government objectives.
- The NIAA’s investment in and management of its people may not meet short and long-term requirements to achieve its purpose.
Mitigations:
- We have a clear employee value proposition and will have targeted strategies for attraction, recruitment and retention, particularly to increase our Indigenous workforce.
- We continue to implement the NIAA’s Digital Strategy, Data and Information Management Strategy and ICT strategy, focusing on a tailored capability uplift program, including delivering the One Network Project.
- We prioritise building the capability of our staff. This year we will drive targeted activities through the
‘Our People Strategy’. - We continue to enhance our human resource management processes to ensure that staff confidently raise claims of misconduct or discrimination, in a trauma-informed environment, and that any complaint is dealt with appropriately. We also ensure any identified trends are addressed at a local or agency level.
- We are committed to strengthening our integrity culture in line with the APS Priority Reforms, including the capability of our people through dedicated integrity training initiatives.