Skip to main content
Watarrka National Park, NT
Watarrka National Park, NT

Risk oversight and management

The NIAA addresses challenges and identifies opportunities in a rapidly evolving landscape of enterprise, operational, shared and emerging risks in order to deliver on our purpose. We are committed to achieving and maintaining strong processes that align with the Commonwealth Risk Management Policy and section 16 of the Public Governance, Performance and Accountability Act 2013.

Managing risk

Young person dancing in a ceremony in front of a crowd
The Bunggul at Garma Festival 2022 in North East Arnhem Land, Australia. Photo credit: Rob Willmett

As part of implementing our principles-based and practical approach to risk management, we work to identify and understand shared risks in delivering on our initiatives with key partners across the nation. We are implementing improved risk monitoring and reporting practices, along with developing staff capability to proactively identify, manage and escalate risk. This will ensure we have the best chance of succeeding on the delivery of our important outcomes for First Nations peoples.

The NIAA is refining its internal controls and governance arrangements to efficiently and effectively manage risk across our Agency. We already have strong mechanisms in place to ensure the NIAA is best positioned for success in service delivery and policy development. For example, one of the key operational risk processes for the NIAA is the Grant Risk Management Framework. This framework addresses both provider risk, and individual activity risk in relation to grant funding.

Our Audit and Risk Committee and internal audit functions provide independent advice and assistance to the NIAA executive team on the appropriateness of the Agency’s financial performance, reporting responsibilities, risk oversight and management, and serves as a system of internal control. Through this mechanism, the NIAA has progressed its ability to identify and understand shared risk in delivery of initiatives with key partners across the nation. This will ultimately enhance our ability to maintain strong relationships, increase transparency, and identify trends and opportunities to better support us to collaborate with stakeholders and manage risk in the delivery of outcomes. Over the next 4 years the NIAA will continue to mature our approach to risk management by integrating, strengthening and embedding our Risk Management Framework and Policy to deliver on our purpose. Further, we will build our resilience and responsiveness as an Agency by enhancing our identification and understanding of emerging risks in the economic, environmental and health domains.

Our risk appetite

We articulate our appetite for engaging with risk through the following statement:

“The NIAA recognises that many of its activities are inherently risky, and that it is not possible or desirable to eliminate all risk. With operations across the country, involving regional and remote locations and the direct funding of services, there will always be risks including to people and to the reputation of the Agency. We need to engage with risk and manage it as best we can in order to achieve our important outcomes.”

We have a greater appetite to engage with risks that aim to improve the efficiency and effectiveness of our operations, or that will contribute to the achievement of our important outcomes.

We have less appetite to pursue risk where it will maintain the status quo, where there are suitable alternate options, or where the potential consequence is one where we have low or no tolerance.

Our approach to managing risk

Our approach to managing risk

Enterprise risks and mitigations

People and Capability

  • The NIAA is not able to maintain the right capabilities (people, resources, processes, systems and culture) to deliver government objectives.
  • The NIAA’s investment in and management of its people may not meet short and long-term requirements to achieve its purpose.
  • Develop an NIAA workforce plan and human resource management model, with a focus on leadership and development, performance management, and our action plan for the Commonwealth Aboriginal and Torres Strait Islander Workforce Strategy.
  • Continue to implement the Risk Management Framework to embed a strong risk management culture.
  • Consider broader implementation of the APS Mental Health Capability Framework tailored to the NIAA.
  • Continue to evolve HR and management processes to ensure that staff confidently raise claims of misconduct or discrimination, in a trauma informed environment, and that any complaint is dealt with appropriately. Ensure any identified trends are addressed at a local or agency level.
  • Implement the NIAA’s Digital Strategy, Data and Information Management Strategy and ICT strategy, focussing on a tailored capability uplift program.
  • Invest in a tailored capability uplift program for staff as per the 3 new strategies — digital, data/information and ICT.

Relationships and influence

  • The NIAA is not able to maintain credibility with key stakeholders and partners and is unable to collaborate and influence outcomes in support of the organisation’s purpose.
  • Aboriginal and Torres Strait Islander peoples do not see the NIAA as trusted or reliable.
  • A credible regional presence which is connected to and engaged with communities, service providers and state and territory governments.
  • We invest in a systematic external stakeholder engagement approach at all levels of the NIAA.
  • We demonstrate the shared benefit of collaboration through a partnership approach.


  • The NIAA’s organisational culture may not continue to work towards the unifying power of a One Team approach and leads to limited cohesion and alignment to the NIAA’s purpose.
  • Further develop the Footprints Cultural Learning Program to enhance cross-cultural capabilities.
  • Embed a positive risk culture at the NIAA through further education about risk and training staff to apply the Risk Management Framework.
  • Develop and implement an internal communications strategy to increase information sharing and support One Team.
  • Drive a culture of high performance and accountability through the development of the Organisational Performance Framework, including implementing the Group Performance Review process.
  • Implement mechanisms to support and monitor culture through ongoing performance reviews.


  • The NIAA’s administrative processes may impact effective and timely delivery of programs and services.
  • The NIAA’s future sponsored programs are not grounded in evidence and the lived experience of Indigenous communities.
  • Review and implement the Agency’s Policy Investment Framework and Performance Monitoring and Evaluation Framework, to better target our investment to the areas of greatest need and to enhance how we measure performance.
  • Develop a ‘digital first’ approach for enhanced use of information and improved evidence base. This will also improve the internal sharing of information and ability to detect and respond to further performance and compliance issues.
  • Implement the Agency’s Integrated Compliance and Fraud Framework to further improve our proactive approach to compliance, including prevention, early engagement and response.