• Home
  • Current congress
  • Public Website
  • My papers
  • root
  • browse
  • IAC-17
  • E3
  • 6
  • paper

    • The Systems of Risk Management in the Australian Department of Defence

    Paper number

    IAC-17,E3,6,6,x39999

    Author

    Mrs. Michelle Noack, Australia

    Coauthor

    Mr. Darren Box, Australia

    Coauthor

    Mrs. Gabby Taylor, Australia

    Year

    2017

    Abstract
    To provide an understanding of how the different types of risk are evolving in Defence, we propose a model which represents the identified Defence risks as three co-existing and interdependent systems of risk management. The presentation will explore how this has been implemented by the Defence, drawing from the lived experience, lessons learned and future directions for Defence Enterprise Risk Management.
Traditionally enterprise risk management in the Defence was focused on conforming to the technical aspects of risk management, the Australian Risk Policy Institute’s (ARPI) Strategic Risk Policy 2016 is advocating identification of, and protection against, vulnerabilities before risks arise and when protection is not possible and risks arise, that ‘systemic risks’ with multiple ownership are recognised and dealt with differently. In addition, the existing ‘risk equation’ must be enhanced to allow ‘policy’ to determine when ‘consequence’ must dominate the risk assessment and action. Defence has applied the latest expert thinking on risk management to ensure it proactively meets today’s challenges and opportunities through informed decision-making, in line with legislation.
Historically Defence had approached enterprise risk management with the assumption that there existed only two types or systems of risk in Defence, those managed “on ground”, which are the risks to delivering a specific military outcome and objective, and strategic risks which are those risks managed by the Australian Government relating to national security and threats to Australia’s strategic interests. In 2016 a group of risk professionals in Defence identified that there are in fact three interdependent systems of risk management, co-existing at three different conceptual and organisational levels: 
Strategic Risks (strategy risks): Risks that may impact Government decisions on Defence capability and policy. They emerge from broader national and geo-political trends, shaping Defence’s strategy;
Enterprise-level Risks (capacity risks): Risks that may limit Defence’s capacity to generate and maintain capability and meet its obligations to Government, shaping Defence’s capacity; and
Group and Service Managed Risk (delivery risks): Risk that may impact on specific Defence capabilities and business functions, and their related programs, projects and policy initiatives, shaping Defence’s performance.
Identifying the existence of another type or system of risk management, being risks to Defence’s organisational capacity, was the first important step towards implementing an enterprise risk management framework that was capable of managing the volatility and uncertainty of Australia’s strategic environment in an interconnected world.
    Abstract document

    IAC-17,E3,6,6,x39999.brief.pdf

    Manuscript document

    IAC-17,E3,6,6,x39999.doc (🔒 authorized access only).

    To get the manuscript, please contact IAF Secretariat.