Golf NT RISK MANAGEMENT PLAN November 2015
advertisement
Golf NT RISK MANAGEMENT PLAN November 2015 Version Control, Change History and Distribution Version Control Document Name: Prepared by: Endorsed by: Date endorsed: Version: Golf NT Risk Management Plan 2015 Strategic Associations Support Golf NT Board 11 December 2015 1 Change History Amendment date Version No. November 2015 Draft Page No(s) replaced. This document supersedes original Golf NT RM Policy 2014 Distribution Golf NT Risk Management Policy (November 2015) Description of change Golf NT RM Policy as approved in September 2014 was revised to form the Golf NT Risk Management Plan Table of Contents 1. Scope 2. Context 3. Policy Statement 4. Definitions 5. Responsibilities 6. Stakeholders 7. Key Risk Elements 8. Criteria Related to Objectives 9. Identifying Risks 10. Assessing Risks 11. Treatment of Risks 12. Monitoring 13. Reporting 4 4 4 4 5 6 7 7 8 8 9 9 9 Appendices 1. Golf NT Risk Register Template 2. Golf NT Risk Action List Template Golf NT Risk Management Policy (November 2015) 10 12 1. Scope This Risk Management Plan documents Golf NT’s approach to the management of risk and the associated responsibilities of the Board and Golf NT employees. This Plan includes a policy statement, identification of Golf NT stakeholders, key elements of Golf NT business and the related activities, identifies our objectives for managing risk, articulates the criteria and methodology by which we identify, assess, analyse, monitor , record and review Risk. Golf NT is committed to achieving optimal practice in risk management and applying its principles and practices throughout Golf NT in accordance with AS/NZS ISO 31000:2009 Risk management - Principles and guidelines. 2. Context Golf NT is the peak body representing the sport of golf in the Northern Territory and responds directly to Golf Australia in respect of all matters relating to Golf in the Northern Territory. There are currently 11 golf clubs spread across the Northern Territory which are affiliated with Golf NT. Golf NT has a number of regulations, policies and procedures that guide the administration of the sport in the Northern Territory. Where there is no local policy or rule Golf NT defers to those of Golf Australia. This Risk Management Plan articulates the framework used by Golf NT to identify, assess, analyse and treat risks that pose a threat to the objectives of Golf NT and the sport of Golf in the Northern Territory. Golfers, coaches, officials, administrators and volunteers that participate in Golf will be made aware of these regulations and policies and ensure that they adhere to them when administering or participating in the sport. Most Golf NT regulations, policies and procedures by their very nature, have inherent risk management elements as they put in place measures and requirements that control the way Golf is conducted in the Northern Territory and therefor reduce the exposure that could result from a lack of control. The purpose of this Risk Management plan is to overtly state the risk criteria and methodology used in the decision making processes behind those regulations, policies and procedures. In adopting this approach to risk management planning Golf NT relies upon member Associations’ adherence to its regulations, policies and procedures. Golf NT endeavours to make policies, procedures and regulation only where it has legitimate authority to do so. Copies of all Golf NT regulations, policies and procedures can be found on the Golf NT website 3. Policy Statement Golf NT is committed to achieving optimal practice in risk management using AS/NZS ISO 31000:2009 Risk management - Principles and guidelines to ensure risk management is an integral part of its’ decision-making processes. 3.1 Principles a. Golf NT uses a structured risk management framework to minimize reasonably foreseeable disruption to operations, harm to people and damage to the environment, property and reputation of the sport. b. Golf NT’s risk tolerance level acknowledges that it must identify and take advantage of opportunities at the same time as avoiding adverse impacts. 4. Definitions1 Audit and Risk Committee – the subcommittee formed at a meeting of the Golf NT executive Committee and delegated the authority to investigate and make recommendations in relation to risk management and audit. 1 Source: AS/NZS ISO 31000:2009 Golf NT Risk Management Policy (November 2015) risk – effect of uncertainty on objectives risk management – coordinated activities to direct and control an organisation with regard to risk risk management framework – set of components that provide the foundations and organizational arrangements for designing, implementing, monitoring, reviewing and continually improving risk management throughout the organisation. risk management process – systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context, and identifying, analyzing, evaluating, treating, monitoring and reviewing risk. 5. Responsibilities 5.1 Ultimate accountability The Golf NT committee has ultimate responsibility and accountability Golf NT’s performance, including the overall management of risk. 5.2 Specific roles The Golf NT Executive acquits its responsibilities by designating the following roles in relation to the management of risk within Golf NT. a. Golf NT Executive - champion Golf NT's governance and risk management processes - determine Golf NT's risk tolerance - review Golf NT's strategic risks at least annually - review recommendations from the Audit and Risk Committee and determine future actions - incorporate risk management into all strategic and operational planning processes at all levels within Golf NT b. Audit and Risk Committee - oversee the risk management framework - ensure the risk management framework is implemented and adopted - review and approve Golf NT's list of material business risks (risk profile) and risk treatment strategies - monitor the implementation of the risk management program against the endorsed implementation strategy or plan - confirm that the company’s risk management process is continually maturing to reflect the changing environment and allows the company to identify and respond to emerging issues and risks - receive reports from Operations Manager on the effect of material business risks. c. Finance Committee - publicly report and make the necessary disclosures in the annual financial statements relating to financial risk as required by Accounting Standards. d. Operations Manager - develop Golf NT's strategic risk profile by identifying and prioritising material business risks - review Golf NT's risk profile periodically - review and assess the current and planned approach to managing material business risks - review and monitor the status of risk treatment strategies - periodically report on material business risks to the Board/Audit and Risk Committee - ensure the risk management framework is implemented across all areas of operations. e. Office Manager - monitor the material business risks for their areas of responsibility - provide suitable information on implemented treatment strategies to the Audit and Risk Committee through the Operations Manager to support ongoing reporting to the Board - ensure staff are adopting Golf NT's risk management framework as developed and intended Golf NT Risk Management Policy (November 2015) 6. Stakeholders Golf NT stakeholders and the objectives they engender for consideration in the management of risk by the Association are as follows: Stakeholder Objectives Member Clubs -increase their membership and improve their credibility by linking their members with opportunities to compete in accredited Golf NT events and titles - have matters relating to the game of golf considered and dealt with consistently across the NT - promote and advance the game of golf in the Northern Territory Golf Australia -maximise opportunities for development of elite talent. -ensure equitable, consistent and transparent administration of Golf as a sport throughout the Northern Territory Individual Golfers -improve their physical fitness, -achieve personal goals of performance and status while playing in a competitive but safe environment -develop social and competitive connections with other golfers -access to good quality and safe facilities and practices across the sport. -access to inter club, interstate and national competitions Communities and -access to knowledge and advice about safe and enjoyable golfing. -opportunities Schools to participate in the sport. Golf NT Executive -promote and advance the game of golf, particularly in the Northern Territory; -promote, manage and control Association golf tournaments; - maintain and improve relationships with Member Clubs; -engender by association a communal feeling amongst golfers and to promote the best interests of the game; -safeguard Golf NT’s assets – its people, property, finances, information and reputation; -meet their legal responsibilities under the Corporations Act 2001 (Cth), Golf NT Constitution and other legislation; -meet their responsibilities as a State Sporting Organisation affiliated with the National Sporting Organisation for Golf (Golf Australia); --improve the delivery of services to its members and stakeholders. Officials Sponsors- NTG Sponsors Volunteers and Supporters -advance their professional skills and positively contribute to the growth of the Sport; -develop collegiate relationships with officials in other member clubs; - achieve accreditation under national and international standards. -provide recreational opportunities for constituents -support aspirations of voters who are also Golfers -leverage economic opportunities from participation in a nationally and internationally played sport -promote the Northern Territory -provide positive image relationships for dollars spent. -enjoy an entertaining, healthy, ethical and safe recreational activity. 7. Key Risk Elements Key elements provide a structure for risk identification by categorizing the kinds of risks that may occur. Key Element Finance Governance Types of Activities Internal Controls, Budgeting, sponsorship, monitoring of financial performance, subsidies/grants to Golfers, investments, theft and fraud prevention, loans, license fees, membership fees, insurance costs, lease payments and payout of damages claims or fines by the government. Leadership, planning, policies and procedures that support compliance with the statutory and contractual requirements of the Association (including the Associations Act, Golf NT Constitution, Golf NT Risk Management Policy (November 2015) Key Element Stewardship Natural Elements Human Resources Security Technology and Technical Issues Types of Activities ASADA, State Sporting Organisation affiliated with the National Sporting Organisation for Golf (Golf Australia)requirements and accreditations, Working with Children rules, Privacy and confidentiality) Board and committee structures and responsibilities, staff duties and responsibilities and ethical standards. -Planning and policy development and implementation to foster organizational resilience, maintain Golf as a preferred sport in the Northern Territory and protect the reputation of Golf NT as a peak body for the sport in the NT -Development and implementation of membership, representative and selection policies that maximise inclusion and participation in the Sport, prevent discrimination and exclusion and ensure compliance with Anti Discrimination legislation Event Management, Asset Management, and contingency planning for business continuity in the context of the NT’s diverse and varied climatic conditions. In particular Cyclones and Monsoonal Rains in the Top End Nov - May, extreme arid heat in Southern regions and extreme rain events in all regions Employment and management of staff and volunteers wellbeing Safety and protection of property, members, personnel and systems Provision of Office systems and communication tools Management of Intellectual property and Records of operations and acquittals, Strategic realization of technology for enhanced operations and Policy development and implementation for the prevention of misuse of Official systems and equipment 8. Criteria Related to Objectives Golf NT will use the following criterion to measure and rate the scale of impact of risks. Criterion Notes Sporting Success Competitive results, level of participation, better sporting outcomes. Safety Safety for participants, coaches, officials, spectators, volunteers Financial Viability Direct costs, loss of revenue, budget certainty, sponsorship (private and Government) Compliance Compliance with the law, regulations, standards of behaviour, duty of care, rules Reputation and Member Providing optimal golfing experiences and opportunities for members whilst services maintaining public image and reputation with stakeholders, regulators, sponsors and media. 9. Identifying Risks Risks that have not been identified cannot be assessed. Golf NT will identify risks as Strategic, Operational or Project by systematic consideration of the key elements and the related activities to ascertain what might go wrong and how it would affect each of the Associations criteria and related objectives. Golf NT will use historical data, organizational expertise and corporate memory of the Executive, the opinions of Golf NT stakeholders, the Golf NT Strategic Plan 2014-17, Golf NT Constitution and anecdotal evidence of realized and avoided risks in other like organizations to identify and list those events or outcomes that may have a measurable impact on the achievement of agreed organizational objectives. 10. Assessing Risk Golf NT combines risk analysis and risk evaluation to assess identified risks. Golf NT Risk Management Policy (November 2015) 10.1 Risk Analysis Risks are analyzed by a consideration of the consequences or impacts of their realization on the organizations mission and the likelihood of those consequences or impacts occurring according to the following scale. Rating Catastrophic Major Moderate Minor Negligible Potential Impact Golf NT would be permanently disabled, ie put out of business. Most key elements threatened or severely affected. Some key elements affected, considerable effort to rectify. Easily remedied, with some effort the key elements could be restored. Very small impact, rectified by normal processes. The likelihood of specific risks arising and leading to the assessed levels of consequences are rated in terms of their annual occurrence. Rating Almost Certain Likely Possible Unlikely Rare Likelihood Will probably occur – could occur several times a year High probability – likely to arise once per year Reasonable likelihood of arising over a 5 year period Plausible – could occur over a 5 to 10 year period Very unlikely but not impossible – unlikely over 10 years. A simple matrix (Figure 1.) is used to combine the likelihood and consequence ratings to generate initial priorities for risk: CONSEQUENCES LIKELIHOOD Negligible Minor Almost certain Likely LOW Possible LOW Unlikely Rare Figure 1. Risk Priority Matrix Moderate Major Catastrophic EXTREME HIGH MEDIUM Treatment Required 10.2 Risk Evaluation Golf NT evaluates its risks by Executive Committee ratification of the Audit and Risk Management committee recommendations as to whether a risk is acceptable or not taking into account the following - the controls already in place - the scale (Strategic, Operational or Project) and cost impact of managing the risks or leaving them untreated - benefits and opportunities presented by the risk - the risks borne by other stakeholders The outcome of the evaluation is the Golf NT Risk Register which lists the ranked risks and their relative classification. All risks at classified as Medium or above are considered for treatment. The Golf NT Audit and Risk Management Committee is responsible for maintaining the Golf NT Risk Register but may specifically delegate this task to an appropriate paid employee. 11. Treatment of Risks Golf NT takes actions to treat risks that are identified and assessed as being unacceptable to Golf NT. Through its Risk Management process Golf NT Executive undertake to: - identify treatments that reduce the likelihood or consequences of each risk assessed as extreme, high or medium. - Evaluate identified risk treatment options in terms of feasibility, costs and benefit Golf NT Risk Management Policy (November 2015) - Choose the most appropriate and practicable option to reduce the level of the risk to a tolerable or acceptable level. These identified treatments form the Golf NT Risk Action List (Template at Attachment to this Plan) 12. Monitoring and Review 12.1 Regular reviews a. Golf NT Executive undertake major reviews of this Risk Management Plan and the associated Action list and Risk Register as part of annual budget preparation. b. The Audit and risk Committee will review the Risk Register and Risk Action List at each of its’ meetings c. This Plan and related documents may be reviewed at other times during the year at the behest of the Board or the Audit and Risk Committee to reflect any major changes to the Golf NT’s business activities, staffing structure or changes in the overall operational risk and strategic risk profile of the Golf NT. 12.2 Designated Critical Review Dates The following designated critical review dates apply to risks that have an overall risk rating extreme, high or medium’: a. Strategic risks - reviewed at a high level by the Board every twelve months based on advice from the Operations Manager and the Audit and Risk Committee. b. Operational risks - reviewed by the Operations Manager and/or Senior Managers who are directly responsible for the respective business activity every six months. c. Project risks - reviewed by the Senior Manager with major responsibility for delivery of the Project at regular intervals determined by the Operations Manager or the Board, usually determined at the inception of the Project. 13. Reporting Risks All members, coaches, golfers, spectators, supporters and participants are required to: - avert risk wherever possible, - report risks that cannot be immediately averted to a Committee member or venue manager, as the case may be. Risks reported to committee members will be referred to the Operations manager for immediate triage and if necessary averted out of session with the approval of the Risk and Audit Committee or discussed as part of the next meeting of that Committee. Golf NT Risk Management Policy (November 2015) APPENDIX A RISK REGISTER – GOLF NT Element RR Number 1. Finance 1.1 Fraud 1.2 Accounting errors 1.3 Non payment of fees 1.4 Public Liability 2.1 Legislative Compliance failure 2.2 Conflict within Executive group 2.3 Executive member conflict of Interest or exceedance of powers Golf Australia Relationship Failure Failure to realize opportunities for hosting events Compromise of Office systems and official registers Unauthorized use of generic email or systems Unauthorized use of information or photographs Cyclone Heatwave Monsoonal Rain Lightning Wildfire Air Service Interruption Workplace injury Harassment and Bullying Staff or volunteer Conflict of Interest 2. Governance 3. Stewardship 3.1 3.2 4. Technology and Technical Issues. 4.1 4.2 4.3 5. Natural Elements 6. Human Resources 5.1 5.2 5.3 5.4 5.5 6.1 6.2 6.3 Description of Risk Golf NT Risk Management Policy (November 2015) Existing Controls Consequences Likelihood Audit and Finance Committee – dual signatories Audit and Finance Committee Audit and Finance Committee Audit and Finance Committee Audit and Finance Committee President manages committee dynamic President manages committee dynamic Major Unlikely Minor Unlikely Moderate Unlikely Major Unlikely Major Unlikely Moderate Unlikely Moderate Unlikely Major Unlikely Moderate Unlikely Computer protection Major Possible Computer protection Major Possible None currently in place Moderate Likely WH&S Policy and Programs MPIP Employment Contract Major Minor Minor Minor Major Minor Major Moderate Moderate Possible Likely Likely Likely Unlikely Likely Unlikely Unlikely Unlikely Golf NT Executive manages this relationship Criteria Priority Element RR Number 6.4 7. Security and safety Description of Risk 6.5 Unethical behaviour or exceeding authority Poor Performance 7.1 7.2 Terrorism Power failure Golf NT Risk Management Policy (November 2015) Existing Controls Consequences Likelihood Employment Contract Moderate Unlikely Employment Contract – performance management Moderate Unlikely Minor Moderate Rare Likely Criteria Priority APPENDIX B RISK ACTION PLAN – GOLF NT RR Description of Risk Number Compromise of Office systems and 4.1 official registers 4.2 Unauthorized use of generic email or systems 4.3 Unauthorized use of information or photographs 7.2 Power failure GolfNT Risk Management Plan – November 2015 Existing Controls Agreed Priority Action Required Action Completed Operations Manager and Office Manager to ensure up to date computer protection Operations Manager and Office Manager to ensure up to date computer protection Develop agreement to have photos published – all tournament participants to sign Ensure we have surge protector at office 1
