C.2 Risk Management and Internal Audit
ACT Health's Audit and Risk Management Committee Charter governs the operation of the Audit and Risk Management Committee, which provides assurance to the Director-General on ACT Health's governance and oversight in relation to risk management, internal systems and legislative compliance. It objectively considers the internal control environment, governance and risk management activities.
The committee consists of five members: an independent chair, three senior executives from within ACT Health and one external member. Observers from ACT Health and the ACT Auditor-General's Office also attend meetings. The committee is supported by ACT Health's Manager, Internal Audit and Risk Management.
The Audit and Risk Management Committee held five meetings in 2013 - 14. Attendances are set out below:
|Name of member||Position||Duration on the committee||Meetings attended|
|Geoff Knuckey||Independent Chair||3 years||4|
|Jeremy Chandler||External member and Deputy Chair||1.5 years||5|
|Ian Thompson||Member||7.5 years||5 1 *|
|Katrina Bracher||Member||1.1 years||5 1 **|
|Stephen Goggs||Member||1.7 years||5 1 ***|
ACT Health's Internal Audit and Risk Management Branch promotes and improves ACT Health's corporate governance by conducting and coordinating internal audits and investigations and making recommendations for improvements.
In 2013-14, nine internal audit assignments were completed. One special review was also commissioned, as one audit topic from the Strategic Internal Audit Program was split into two audits.
Audit findings and recommendations are rated in line with ACT Health's Integrated Risk Management Guidelines.
Throughout the year, the Manager, Internal Audit and Risk Management reported developments in implementing the Strategic Internal Audit Program and implementation of audit recommendations to the Executive Directors' Council and the Audit and Risk Management Committee.
The committee is also kept informed on implementation of recommendations made by the ACT Auditor-General's Office, where these apply to ACT Health.
The ACT Health Risk Management Policy and Guidelines are maintained in full compliance with the International Standard for risk management, AS/NZS ISO 31000. The documents clarify the governance arrangements and include clear responsibilities and measurable key performance indicators.
Executive Risk Management workshops are held regularly to review the directorate's organisational level risks.
ACT Health's Executive Directors' Council is responsible for:
- monitoring timely, effective management of organisational level risks and
- managing escalation of risks to organisational level.