Unis need better risk management, infosec and to stop playing politics


NSW universities need to improve their risk management, improve information security and stop paying money to political parties, according to the state’s auditor-general.

New South Wales universities need to continue improving their risk management frameworks — and for three, the reputational risk of being seen to support one side of politics must be eliminated, according to the state’s auditor-general.

Grant Hehir

Grant Hehir

Risk management frameworks are still maturing in the 10 NSW universities according to a recent report from the office of Grant Hehir, who is soon to take over from Ian McPhee as national Auditor-General. The report sketches out what a good risk management framework looks like:

“In the university with the most mature risk management framework, risk awareness is evident at each business level. Executive management uses a top-down approach to communicate strategic risks. Risk owners, at the operational levels, conduct risk management workshops to identify key risks and promptly escalate issues to management.”

FREE membership to The Mandarin

Receive unlimited access, get all the latest public sector news and features, plus The Juice, our daily news update sent direct to your inbox.

The Mandarin is where Australia's public sector leaders discuss their work and the issues faced within modern bureaucracy. Join today to discover the latest in public administration thinking and news from our dedicated reporters, current and former agency heads and senior executives.

  • roger dennis scott

    The other side of a much bigger coin is the need for governments not to wave money in front of university researchers and curriculum designers to advance their ideological purposes. The current controversy which wracked UWA is the tip of a slightly grubby iceberg. This iceberg will only get bigger and grubbier if the deregulation proposals twice rejected by the Senate again see the light of day.