Risk and therefore risk management is an inherent and fundamental aspect of the Transport Agency's business. The Transport Agency applies an enterprise risk management (ERM) approach as an integral part of its management philosophy. ERM can be defined as:
‘…a process, affected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives’.
COSO Enterprise Risk Management-Integrated Framework: 2004
ERM provides a framework for the management of risk within organisations and within the Transport Agency our framework is aligned to AS/NZS ISO 31000:2009 Risk management principles and guidelines and is depicted in the suite of documents in the figure below. The conduct of risk management activities by Transport Agency staff is required to align with the requirements and guidance provided within the Transport Agency's document suite.
The application of risk management within HNO is governed by the Transport Agency's suite of documents. HNO staff are required and expected to understand and comply with corporate requirements regarding risk management as Transport Agency employees.
In addition to corporate requirements, HNO has risk management review and reporting requirements at the business level, which complement the Transport Agency’s processes and facilitate the linkage of risks that exist at the HNO business level. Such risks arise from three areas:
Asset improvement risks are those risks associated with the delivery of HNO capital projects, ie projects for the delivery of new roading infrastructure. Guidance for HNO staff on the conduct of risk management within this workstream is provided on the Project management risk page.
Risks identified within projects may merit escalation as regional business risks, guidance on the escalation of project risks is provided on the Project management risk page (see key steps).
Asset management risks are those risks associated with the delivery of HNO network management, ie contracts for delivery of existing roading infrastructure maintenance. Guidance for HNO staff on the conduct of risk management within this workstream is provided on the contract risk management page.
Risks identified within network management contracts may merit escalation as regional business risks, guidance on the escalation of project risks is provided on the contract risk management page (see key steps).
Business risks are those risks associated with delivery of specific group, regional or national objectives and the day to day operation of the applicable HNO business unit. HNO business risk management is aligned to the Transport Agency corporate requirements for the conduct of risk management as covered in the Transport Agency's Risk management manual.
Review and reporting requirements for HNO regional and national business risks are as defined on the Project management risk page.
Regional and national business risks are managed at the Regional Management Team (RMT) level or higher and, where appropriate, may be escalated to either the HNO Senior Management Team (SMT) or the Transport Agency Senior Leadership Team (SLT) level for review and to action.
For further information contact firstname.lastname@example.org.