Risk and disaster management

Risk management

The Financial Accountability Act 2009 requires all accountable officers and statutory bodies to establish and maintain appropriate systems of internal control and risk management.

Our risk management policy and framework—based on the international risk management standard ISO 31000:2018 and Queensland Treasury’s document, A guide to risk managementensure risks are managed consistently across the department and are minimised through a robust system of internal controls. The framework encompasses threats and opportunities, reflecting the potential for either of these to impact positively or negatively on our strategic priorities and pursuit to deliver justice for all through safe, fair and responsible communities.

We are committed to ensuring effective risk management, with a focus on enhancing the ability to monitor, report and address risks in order to improve community outcomes and achieve our strategic objectives.

Disaster management

The Queensland Disaster Management Act 2003 forms the legislative basis for disaster management activities within all levels of government and the Queensland disaster management arrangements.

We support the Queensland Government’s strategic approach to keeping people safe and making communities more resilient to disaster risks and impacts. We commit to ensuring the safety of our staff and clients, and the delivery of our critical services.

The disaster management framework is part of our risk management framework and outlines how we will respond and recover to any type of disaster to maintain the delivery of services to Queenslanders. Our disaster management plan aligns with our risk management framework and conforms with the nationally consistent approach to risk assessment and prioritisation embodied in the National emergency risk assessment guidelines. It also supports the implementation of the National strategy for disaster resilience policy.

We have a duty of care to our staff and clients—and a responsibility to stakeholders and the community—to ensure service delivery is maintained in the event of a service interruption or disaster. Our business continuity policy enables us to perform the following during a business interruption due to a disaster or crisis event:

  • manage the immediate impacts of a business interruption
  • deliver critical services to the community before full-service resumes
  • resume business to pre-incident capacity, where possible.

We develop, test and maintain business continuity plans (BCPs) for our critical services in the event of a service interruption or disaster event. This ensures the rapid, efficient and cost-effective continuity of our critical services.