FWBC maintains security and risk management plans. These plans are reviewed and updated regularly to take account of changes in the business activities or the risk profile of FWBC.
During 2012-13, the following security and risk management plans were maintained by FWBC:
Risk management plan and risk register
Business continuity plan
Fraud control plan and fraud risk assessment – FWBC has prepared a fraud risk assessment and a fraud control plan. FWBC has taken all reasonable measures to minimise the incidence of fraud and to investigate and recover the proceeds of fraud against FWBC. FWBC has appropriate fraud prevention, detection, investigation, reporting and data collection procedures and processes in place that meet the specific needs of FWBC and comply with the Commonwealth Fraud Control Guidelines.
Internal audit plan – as part of FWBC’s internal audit strategy, PKF Chartered Accountants and Business Advisors has been appointed as FWBC’s internal auditors. Areas of significant operational or financial risk are identified in consultation with the FWBC and FWO Audit Committee and Director each year and are reflected in an annual Internal Audit Plan. The Internal Audit Plan, and any variations to the Internal Audit Plan that may occur during the year, are endorsed by the Audit Committee and approved by the Director.
The scope of all internal audit reviews are agreed between the Director, Conformance, Chief Financial Officer, any other applicable FWBC areas and PKF, Chartered Accountants prior to commencement of the review. The outcomes of all internal audit reviews, including management responses to internal audit findings/recommendations, are presented to the Audit Committee. Progress towards implementation of agreed internal audit recommendations are reported on at subsequent audit committee meetings until completed.
FWBC also maintains an Intellectual Property (IP) Policy and IP Register that complies with the Commonwealth Government IP Principles. The IP Policy and IP Register are regularly reviewed and updated to take account of any significant changes to FWBC’s IP.
In addition, FWBC has records management guidelines and a record-keeping policy. Regular checks are undertaken to ensure compliance with the policy and guidelines in respect of the handling of information within FWBC.
FWBC continued to monitor its compliance with the Commonwealth Protective Security Policy Framework. Policies and procedures to protect employees, information and assets are in place and a security awareness strategy to improve the understanding of security risks and procedures has been implemented.
The FWBC Agency Security Adviser reports to the Executive Board as required.
All FWBC staff are expected to comply with the APS Values and Code of Conduct and to maintain high standards of ethical conduct.