Risk management

The identification and management of risk is central to delivering our purpose and objectives and – in turn – maximising the impact of our science and benefit to Australia.

Reviewing and improving our risk management

The identification and management of risk is central to delivering our purpose and – in turn – maximising the impact of our science and benefit to Australia. This includes understanding scientific, financial, customers and markets, legal and compliance, health, safety and security, environmental, brand and reputational risks. By actively identifying and managing strategic, operational and external risks we aim to increase our effectiveness as an organisation and provide greater certainty and confidence for the Government, our people, collaborators and other stakeholders in the community about our operations.

Risk framework

Our risk framework, methodology and approach are grounded in and aligned with both the international standard AS/NZS ISO 31000 Risk Management Principles and Guidelines and Commonwealth Risk Management Policy. Our risk framework is applied at the enterprise, Business Unit/functional and activity levels as illustrated left.

Risk committees

The CSIRO Board is also active in supporting our efforts to identify and manage our risks though three Board standing committees:

  1. People and Safety Committee assists the Board to fulfil its governance responsibilities in relation to organisational development, people-related activities, and health and safety.
  2. Audit and Risk Committee assists the Board in the areas of financial management, risk management internal control, and compliance.
  3. Science Excellence Committee assists the Board to endorse, oversee, and monitor the implementation of our strategic plans with respect to maintaining and growing our scientific excellence, its connection to delivering impact, and our role as innovation catalyst in the national innovation system.

Risk culture and capability

We are developing a culture and increasing organisational risk maturity in a way that supports taking risks where this is done mindfully, within organisational tolerances and is managed effectively.

Integration

Risk is aligned with key processes to enable decision-making. We continue to strengthen that alignment by increasing risk capability applied to each element of our strategic planning and execution framework.

Our most strategic and operational risks are summarised in the table on page 20 of our Corporate Plan 2020–21.