RM6 - Risk Reporting

Purpose

To ensure that there is open and frequent communication to key stakeholders regarding the performance of the risk management framework.

Definitions

Risk reporting is the regular provision of appropriate risk-related information to stakeholders and decision-makers within an organisation in order to support understanding of risk management issues and to assist stakeholders in performing their duties within the organisation.

Risk management reporting is the regular provision of risk information to enable decision makers to fulfil their risk management obligations.

Description

The owner or operator of an aquatic facility should ensure there is frequent and open communication with a broad group of internal and external stakeholders as part of its risk management framework.

Audience for Risk Reporting

Risk reports should be delivered to a broad spectrum of stakeholders relevant to the aquatic facility. Typical recipients of regular formal risk reports should include:

• CEO/General Manager and Board of Directors/Councillors
• Business unit heads of all major business functions
• Compliance committees (notably Internal Audit and Risk Management)
• Staff directly responsible for designing and implementing risk management treatments
• Employees who need to assist in the identification of risk and the implementation of risk plans
• Government ministries and agencies
• The public (through access to Annual Reports and press releases)

The owner or operator, typically the aquatic facility manager should be responsible for co-ordinating and drafting risk reports to ensure consistency in standards and format

References

• AS/NZS ISO 31000:2018 Risk management - Principles and Guidelines