Enterprise Risk Management Framework

PublishingPageContent

Page Content

​​​​​Risk is the chance of something going wrong. The
Enterprise Risk Management Framework (ERMF) (PDF, 151KB) is a comprehensive approach to identifying, assessing and treating risk based on the department’s risk appetite within the context of our risk environment. The ERMF is designed to support the achievement of the department’s priorities as presented in the
Strategic Plan.

Our risk environment

Delivery risks icon 

Delivery risks
Risks with significant impacts to delivering outcomes

Enterprise risks icon 

Enterprise risks
Areas of lowest
appetite to be
assessed by all

business areas

External risks icon 

External risks
Risks beyond the
direct control of the department

Operational risks icon 

Operational risks
Risks that may affect
the achievement of objectives

Program and project risks icon 

Program and project risks
Risks that may affect the achievement of programs or projects

Risk assessment process