| Risk categories | Strategic sources/factors | Tactical or program specific sources/factors | Risk Factors |
Managing People -
Staff -
Students -
Clients -
Stakeholders | -
Culture & climate -
Staff capacity to deliver required services -
Knowledge & application of departmental policy -
Involvement & commitment of staff -
Capability & professional development -
Health, safety & wellbeing -
Organisational change | -
Change management
Management skills -
Staff performance planning & achievement planning -
Collation & interpretation of 'people data ' -
Succession planning -
HR (workforce management)
policy & processes -
Managing contractors | -
Managing staff -
Staff & resourcing issues -
Staff turnover -
Recruitment & selection process -
Knowledge loss - loss of expertise -
Inadequate staff skills -
Health and safety -
Illness and injury to staff & students -
Operational process issues -
Emergency response planning |
Products and service delivery | -
Knowledge of customer needs -
Understanding the market -
Customer relationship management -
Supplier & partner relationships -
Quality of products & services | -
Customer perception of value -
Service delivery -
Communication & consultation -
Marketing -
Management of takeholders & customers | -
Customer feedback -
Customer dissatisfaction |
Performance
measurement (financial,
& non-financial
planning,reporting issues) | -
Strategic planning processes -
Strategic business risk analysis -
Business planning -
Performance monitoring & reporting processes -
Financial reporting processes -
Non-financial reporting processes -
Business continuity planning | -
Accountability structure & delegations -
Performance reporting -
Key performance indicators -
Integration & use of data for setting performance targets -
Management reporting -
Business continuity planning | -
Operational business planning & reporting -
Budget & resource allocation -
Fraud, theft or misappropriation -
Insurance |
Information management systems (IT systems, administrative systems) | -
Information management systems -
Creation & management of knowledge -
IT systems -
Compliance requirements — legal & regulatory -
Whole-of government IT platforms | | -
Collation & interpretation of data & information -
Capacity of software & systems -
Migration of data -
Security of information -
Accuracy of information and data -
'User Friendly ' systems & processes -
IT system obsolescence |
Infrastructure and asset management | -
Integration of strategic planning & infrastructure planning -
Resource planning -
Capital infrastructure project management -
ICT project planning -
Business continuity management | -
Management of infrastructure, assets & physical resources -
ICT infrastructure planning & management -
Disaster management — business recovery -
General security | -
Workplace health & safety compliance -
Resource use -
Asset & equipment failure or breakdown -
Asset maintenance & replacement -
Asset protection & security |
Organisational environment (internal & external) | -
Understanding the business environment -
Regulatory compliance requirements (e.g. EPA, asbestos management) -
Changes in legislation -
Political climate -
Customer expectations -
Community expectations -
Internal culture & climate -
Adverse media coverage -
Change in government — machinery of government changes -
Changes in market demand -
Changes to competitor products or services | -
Impact of political decision or parliamentary reports -
Regulatory compliance requirements -
Adverse media coverage —specific program or initiative - Legal & public liability
| -
Negligence or inability with regard to a particular instance (e.g. workers comp) -
Natural disaster — lightning strike, flood, fire, storm |
Other languages