The Strategic and Investment Board oversees risk management and other governance bodies monitor specific areas of risk and performance. The Risk and Assurance Committee provides independent, impartial advice and insight to the Commissioner on risk oversight and management as well as our system of internal controls.
Our Enterprise Risk Management Framework is based on international standards for identifying and managing risks.
All enterprise risks are monitored by our Executive Leadership Team who meet regularly to review them and consider if any changes are required. Our current enterprise risks are:
| Enterprise risk | Some of our controls | |
|---|---|---|
| Risk 1 | Failure to deliver for customers or government priorities |
|
| Risk 2 | Compliance is reduced to the point of having a material impact on revenue collection for the Crown |
|
| Risk 3 | Unable to ensure continuity of business services |
|
| Risk 4 | Insufficient people capability and capacity to deliver outcomes |
|
| Risk 5 | Data, analytics, information and knowledge management is insufficient and impacts the quality, efficiency and integrity of our decision-making, outcomes and reputation. |
|
| Risk 6 | Change is not delivered to agreed outcomes or stakeholder expectations cannot be met. |
|
| Risk 7 | Failure to provide appropriate stewardship of the tax and social policy system. |
|
| Risk 8 | IR does not adequately consider the accountabilities we have over data in Artificial Intelligence tools, or does not sufficiently manage the implications of Artificial Intelligence on the tax and social policy system. |
|
Last updated:
09 Jan 2025