FWBC maintains a number of security and risk management plans. These plans are reviewed and updated regularly to take account of changes in the business activities or the risk profile of FWBC.

During 2013-14, FWBC maintained the following security and risk management instruments:

  • Security Plan

  • Security Policy

  • Security Classification and Information Handling Guideline

  • Physical Security Policy

  • Designated Security Assessed Positions & Positions of Trust Guideline

  • Risk Management Plan and Risk Register

  • Pandemic Plan

  • Business Continuity Plan

  • Fraud Control Plan and Fraud Risk Assessment – FWBC takes all reasonable measures to minimise the incidence of fraud and to investigate and recover the proceeds of fraud against FWBC. FWBC has appropriate fraud prevention, detection, investigation, reporting and data collection procedures and processes in place that meet the specific needs of FWBC and comply with the Commonwealth Fraud Control Guidelines.

  • Internal Audit Plan – as part of FWBC’s internal audit strategy, Ernst & Young are FWBC’s appointed internal auditors. Areas of significant operational or financial risk are identified in consultation with the FWBC Audit Committee and the Director each year and are reflected in an annual Internal Audit Plan. The Internal Audit Plan, and any variations to the Internal Audit Plan that may occur during the year, is endorsed by the Audit Committee and approved by the Director.

  • Intellectual Property (IP) Policy and IP Register – the IP Policy and IP Register comply with the Commonwealth Government IP Principles and are regularly reviewed and updated to take account of any significant changes to FWBC’s IP.

  • Records management guidelines and record-keeping policy – regular checks are undertaken to ensure compliance with the policy and guidelines in respect of the handling of information within FWBC.

  • Commonwealth Protective Security Policy Framework – during the reporting period, FWBC continued to monitor its compliance with the Commonwealth Protective Security Policy Framework. Policies and procedures to protect employees, information and assets are in place and a security awareness strategy to improve the understanding of security risks and procedures has been implemented.

The FWBC Agency Security Advisor reports to the Executive Board as required.