Appendix F:

Common risk categories for the public sector

Insert client-

specific photo here

Categorising Risk…

• Use risk categorisation model to group risks• Allocate to risk category according to where risk arises and hence needs to be addressed• Use best judgment as to appropriate category• Allocate each risk to only one category

EXAMPLE: Poor design or failure of a FINANCE IT system will have an impact on Financial and other processes BUT is an IT RISK as the root cause of the risk is systems/IT- related and needs to be treated as an IT and Systems issue.

COMMON RISK CATEGORIES

G o ve rna n ce

S ta ke h o ld er

M a rke t

S ta te w id e R isk

S T R AT EG IC

L eg a l

A sse t M a n ag e m e nt

S u p po rt P ro cesses

S e cu rity

S e c to r sp e c if ic p roce sses

O P E R A T IO N S

H u m an R e so u rces

C u ltu re

C h an g e M an ag e m e nt

P EO PLE & C U LT U R E

M a rket

L iq u id ity

R e p orting

C a p ita l S tru c tu re

F IN A N C IA L

S ys te m s

In form atio n M an ag e m e nt

In te lle c tu a l P rop e rty

K N O W LE D G E

C lim ate C ha n ge

D ro ug ht

F lo od

E a rth Q u a ke

N A T U R A L E N V IR O N M E N T

StrategicStrategic

StakeholderStakeholder Market StructureMarket

StructureGovernanceGovernance

InformationInformation

IT SystemsIT Systems Intellectual Property

Intellectual Property

Information ManagementInformation

Management

FinancialFinancial

Liquidity & Credit

Liquidity & Credit

Capital StructureCapital

StructureMarketMarket ReportingReporting

OperationsOperations

ProcessProcess Physical AssetPhysical Asset People & Culture

People & Culture LegalLegal

Example Risk Categories

StakeholderStakeholder Market StructureMarket

StructureGovernanceGovernance

Service ProviderService Provider

NationalGovernment

NationalGovernment

DTFDTF

MinisterMinister

ElementsElements

PrinciplesPrinciples

Change ManagementChange Management

EconomicEconomic

LogisticsLogistics

Market DynamicsMarket Dynamics

CompetitorCompetitor

InformationInformation

IT SystemsIT Systems Intellectual Property

Intellectual Property

Information ManagementInformation

Management

Database Planning & Development

Database Planning & Development

OperationsOperations

Organisation & Monitoring

Organisation & Monitoring

Intangible Capital/ Assets

Intangible Capital/ Assets

Knowledge ManagementKnowledge

Management

FinancialFinancial

Liquidity & Credit

Liquidity & Credit

CollectabilityCollectability

Cash Management& Treasury

Cash Management& Treasury

FundingFunding

Capital StructureCapital

Structure

EquityEquity

DebtDebt

MarketMarket

Interest RateInterest Rate

Foreign ExchangeForeign Exchange

ReportingReporting

AccountingAccounting

Regulatory & Compliance

Regulatory & Compliance

OperationsOperations

ProcessProcess Physical AssetPhysical Asset

Service DeliveryService Delivery

Supply ChainManagementSupply ChainManagement

Transfer PaymentsTransfer

Payments

Plant, Estate & Property

Plant, Estate & Property

EquipmentEquipment

People & Culture

People & Culture

Occupational Health& Safety

Occupational Health& Safety

Skills DevelopmentSkills Development

LegalLegal

LiabilityLiability

ContractContract

Legislative & Regulatory

Legislative & Regulatory

New Service Development

Human ResourcesHuman Resources

FraudFraud

Victorian CabinetVictorian Cabinet

Growth Strategy & Development

Growth Strategy & Development

SupportProcessesSupport

Processes

Trade UnionsTrade Unions

Other Departments/

Agencies

Other Departments/

Agencies

Public entitiesPublic entities

VAGOVAGO

Business PartnerBusiness Partner

Financial InstitutionsFinancial

Institutions

PublicPublic

FiscalFiscal

Regulatory FrameworkRegulatory Framework PPP &

ProcurementPPP &

Procurement

Internal AuditInternal Audit

FleetFleet

Other TangiblesOther Tangibles

Budget Implementation

Budget Implementation

Accounting Norms &

Standards

Accounting Norms &

Standards

Compliance & Reporting

Compliance & Reporting

Economic IndicatorsEconomic Indicators

Capital MarketsCapital Markets

CPIXCPIX

Intangible AssetsIntangible AssetsBusiness ContinuityBusiness Continuity

HardwareHardware

SoftwareSoftware

NetworksNetworks

SecuritySecurity

ArchivingArchiving

Change Man, ControlChange Man, Control

Policies &ProceduresPolicies &

Procedures

ReputationReputation

MonitoringMonitoring

Authority &Responsibility

Authority &Responsibility

Resource AllocationResource Allocation

StrategicPlanningStrategicPlanning

EthicsEthics

EnvironmentEnvironment

IT Strategy, PlanningIT Strategy, Planning

StrategicStrategic Example Risk Categories