Risk Management

The purpose of risk management is the creation and protection of value. The University Council is ultimately responsible for the oversight of risk management.

Risk is defined as the effect of uncertainty on objectives, where:

  • effect (or impact) is a positive and/or negative deviation from what is expected,​
  • objectives can have multiple aspects and apply at different levels, and
  • risk is expressed in terms of Causes, Events, Impact and Likelihood.​

The University’s approach is to be Risk Aware, not Risk Averse.

The University Council, via the Risk Committee is responsible for setting the risk appetite of the University. The risk appetite establishes the level of risk that is acceptable and tolerable to the University, as well as risks that are intolerable and outside appetite.

All of us play a role in risk management.

Read the University’s Risk Management Policy and Risk Management Framework for information on:

  • Council’s risk appetite;
  • the University's integrated risk management framework;
  • our risk matrix; and
  • roles and responsibilities in relation to risk management, from the Council, Academic Senate and Executive Team right through to individual staff.

If you are a Risk Profile Owner, you can access your Operational Risk Profile here.

If you would like to learn more about risk management or looking for guidance in updating your Operational Risk Profile, you can access a range of resources here.