The Framework describes the minimum risk management requirements agencies are required to meet to demonstrate that they are managing risk effectively, including inter‑agency and state significant risk. It outlines the role and responsibilities of an agency’s responsible body. The Framework adopts the Australian and New Zealand Standard AS/NZS ISO 31000:2009 Risk Management – Principles and Guidelines, which provides a generic, internationally accepted basis for best practice risk management.
The Framework is mandated by the Standing Directions 2018 under the Financial Management Act 1994 (Directions), specifically Direction 3.7.1 – Risk Management Framework and Processes. The Framework provides high level information for agencies and the responsible body. Detailed guidance, information and risk management support is available from the Victorian Managed Insurance Authority.
There have been no substantive changes to the mandatory requirements relating to risk and insurance management practices and policies since the last review of the Framework was published in March 2015. However, some updates have been made to take into account changes to the Directions and to remove now redundant transition arrangements for annual risk and insurance attestation.
This most current version of the Framework is designated: March 2015 (Updated July 2018).