QTC manages its risks within an enterprise-wide risk management framework (EwRM). The framework supports the achievement of QTC’s corporate strategies and objectives by providing assurance that QTC’s risks are appropriately and effectively identified and managed, using consistent evaluation and reporting methods.
As part of this framework, QTC periodically identifies its key or significant risks, which are reported to QTC’s Risk Management Team and to the Board. The Board is responsible for overseeing the adequacy and implementation of the EwRM framework and QTC’s risk appetite.
The Chief Risk Officer is responsible for embedding QTC’s risk management policy and program in its business processes, so that there is:
- a consistent approach toward risk mitigation across the organisation, and
- increased staff understanding of enterprise-wide risk management (EwRM) and what it means in managing their day-to-day work.
In accordance with the provisions of the Auditor-General Act 2009, the Queensland Audit Office is QTC’s external auditor. The Queensland Audit Office has the responsibility for providing Queensland’s Parliament with assurances as to the adequacy of QTC’s discharge of its financial and administrative obligations.
QTC also has an established internal audit function, which it undertakes by outsourcing internal audits. QTC’s current internal auditor is Ernst & Young.