The ARPANS Act and the PGPA Act are the foundation of ARPANSA’s governance practices.

Our corporate governance framework enables effective strategic planning, risk management and performance monitoring to support achievement of our strategic objectives. Our core governance structure includes three statutory advisory bodies and two senior committees that are supported by a number of management committees.

Advisory bodies

The ARPANS Act establishes the Radiation Health and Safety Advisory Council (Council), the Radiation Health Committee (RHC) and the Nuclear Safety Committee (NSC) to advise the CEO of ARPANSA.

Radiation Health and Safety Advisory Council

The role of Council in relation to radiation protection and nuclear safety is to identify emerging issues; examine matters of major concern to the community; consider the adoption of recommendations, policies, codes and standards; advise and report to the CEO, at the CEO’s request or as Council considers appropriate, on the above and any other matters. During 2018–19, the Council met on two occasions: 11 October 2018, and 6–7 March 2019. A summary of the issues considered and discussed at Council during 2018–19 can be found in Appendix 2.

Radiation Health Committee

The role of RHC in relation to radiation protection is to advise the CEO and the Council; develop policies and to prepare draft publications for the promotion of uniform national standards; formulate draft national policies, codes and standards for consideration by the Commonwealth, the states and the territories; from time to time, to review national policies, codes and standards to ensure that they continue to substantially reflect world best practice; and consult publicly in the development and review of such policies, codes and standards. During 2018–19, the RHC met on three occasions: 17–18 July 2018, 9–10 October 2018 and 12–13 March 2019. A summary of the issues considered and discussed at RHC during 2018-19 can be found in Appendix 2.

Nuclear Safety Committee

The role of NSC in relation to nuclear safety and the safety of controlled facilities is to advise the CEO and the Council; review and assess the effectiveness of standards, codes, practices and procedures; develop detailed policies and prepare draft publications to promote uniform national standards. During 2018–19, the NSC met on three occasions: 2 November 2018, 15 March 2019 and 21 June 2019. A summary of the issues considered and discussed at NSC during 2018-19 can be found in Appendix 2.

Senior committees

At the strategic level, the CEO is advised by two key committees:

Audit and Risk Committee

The PGPA Act requires Commonwealth entities to establish an audit committee. ARPANSA’s Audit and Risk Committee provides independent assurance and advice to the CEO on the agency’s financial reporting, performance reporting, system of risk oversight and management, and system of internal control.

The Audit and Risk Committee comprises four members, three of whom are independent external members (including the Chair) and one ARPANSA staff member. Representatives from the Australian National Audit Office (ANAO) also attend meetings. The CEO is an observer on the committee and other senior managers may attend meetings as observers when required to report on particular matters. The Audit and Risk Committee met five times in 2018–19.

Strategic Management Committee

The Strategic Management Committee (SMC) considers the threats and opportunities that may influence the strategic direction of the agency and contributes at key times throughout the year to ARPANSA’s planning and performance framework. The SMC met four times in 2018–19 and comprises the CEO (Chair), branch and office heads, the Chief Financial Officer, and two external members appointed by the CEO.

Management committees

ARPANSA has in place a number of management committees to ensure effective decision‑making, management and oversight of the agency’s operations and performance.

Executive Group

The Executive Group (EG) is ARPANSA’s operational management forum. The EG is responsible for monitoring the key tactics and activities used to implement agency business plans. The EG met nine times in 2018–19 and comprises the CEO, branch and office heads and the Chief Financial Officer.

Work Health and Safety Committee

The Work Health and Safety (WHS) Committee provides the agency with a consultative mechanism to enable management and worker contributions to WHS improvements across all operations. The WHS Committee comprises the CEO (Chair), Health and Safety Representatives, management representatives, and the WHS Advisor/Radiation Safety Officer. Other subject matter experts may participate in meetings as required. The WHS Committee met four times in 2018–19.

The Radiation Safety Committee

The Radiation Safety Committee monitors, reviews and improves radiation safety practices within ARPANSA. It is chaired by the Radiation Safety Officer and comprises of Radiation Protection Advisors from across the agency. It works closely with the WHS Advisor, Quality Manager and the WHS Committee. The Radiation Safety Committee met five times in 2018–19. Key activities for the Radiation Safety Committee included a comprehensive review of ARPANSA’s radiation safety management system and oversight of the installation and commissioning of ARPANSA’s new linear accelerator (see: Case study 2: ARPANSA's new linear accelerator.)

Agency Security Group

The Agency Security Group (ASG) oversees the development and implementation of a protective security program across ARPANSA to ensure our policies, procedures and practices comply with the Commonwealth’s Protective Security Policy Framework.

The ASG met six times in 2018–19, and comprises the Chief Security Officer (Chair), the Chief Information Security Officer, the Agency Security Adviser, the Chief Information Officer, the Information Technology Security Adviser, agency security officers and the Facilities Manager. Other subject matter experts may participate in meetings as required.

International Coordination Group

The International Coordination Group (ICG) leads the implementation of ARPANSA’s international engagement strategy, which aims to align the agency’s international engagement priorities with whole-of-government priorities, sharpening our capacity to shape the broader radiation protection and nuclear security and safety environment in which we operate. The ICG met four times in 2018–19.

Project Management Advisory Group

The Project Management Advisory Group (PMAG) provides a centralised coordination and support function to agency projects to achieve alignment of projects with ARPANSA’s strategic objectives and ensure consistent application of project management practices across the agency. The PMAG comprises the Director of Performance and Governance (Chair), the Chief Financial Officer, Chief Information Officer and four staff with project management expertise. The PMAG met ten times in 2018–19.

Staff Consultative Forum

ARPANSA’s enterprise agreement continues to provide for a Staff Consultative Forum (SCF) as the key employee consultative body. The SCF comprises the CEO, nine employees elected by staff and a representative from each of the unions supporting ARPANSA staff. The SCF met on six occasions in 2018–19 to discuss a range of issues relating to management of the agency.

Digital Transformation Advisory Group

The Digital Transformation Advisory Group (DTAG) is responsible for leading the investigation of digital transformation at ARPANSA by encouraging and supporting the piloting and implementation of innovative digital solutions.

The DTAG comprises the Branch Head of Medical Radiation Services (Chair), Branch Head of Radiation Health Services, Chief of Staff, Head of Corporate Office and the Chief Information Officer. The DTAG met twice in 2018–19.

Digital Information Advisory Group

In May 2019 the Digital Information Advisory Group (DIAG) was established to achieve agency-wide information and technology governance. It is responsible for the management of agency information, technology and data, and coordination of agency information and data management frameworks, strategies and policies. The DIAG comprises the Chief Information Officer (Chair) and six staff with digital information and technology expertise. The DIAG met twice in 2018–19.

Accountability and risk management

Accountable authority

Under the PGPA Act the CEO of ARPANSA is the accountable authority. The CEO discharges their governance obligations through their involvement in ARPANSA’s planning, performance reporting and risk management activities.

Planning

ARPANSA has an integrated planning, budgeting and performance reporting process that is informed by risk. The integrated annual planning cycle ensures alignment of our strategic priorities, operational activities, resource allocation and performance measures. This results in clear linkages between key planning documents, including the corporate plan, portfolio budget statement and agency business plans.

The SMC oversees the planning process and preparation of the corporate plan. Progress against the measures and other commitments outlined in key planning documents is monitored and reported to management and the Audit and Risk Committee.

Performance reporting

ARPANSA's non-financial performance measures are detailed in both the corporate plan and portfolio budget statement. They include several measures that meet performance reporting obligations under the Regulator Performance Framework. ARPANSA produces quarterly internal reports on non-financial performance. These reports are presented to management and the Audit and Risk Committee at the end of each quarter.

Financial performance is reported separately through monthly internal financial reports to management, and to the Audit and Risk Committee at the end of each quarter. Performance reporting culminates in the publication of this annual report, inclusive of the annual performance statement (at Part 3), financial statements (at Part 5), and the Regulator Performance Framework externally‑validated self-assessment report available on the ARPANSA website.

Several other mechanisms assist management to monitor performance in a wider context:

• The Audit and Risk Committee requires management to regularly provide evidence of performance against the mandatory elements of the PGPA Act and other relevant legislation.
• ARPANSA’s internal audit program, informed by risk and overseen by the Audit and Risk Committee, is focused on compliance performance and systems of internal control.
• ARPANSA’s quality audit program, a crucial part of maintaining ISO/IEC 17025 certification for our laboratories, monitors operational performance against the requirements of the relevant standards captured in the documented management system.

Risk management

ARPANSA has a comprehensive Risk Management Framework that aligns responsibility and accountability for risk across the agency. Risk management is integrated into our business planning processes, which enables effective identification and management of risks that could impact on the agency achieving its outcomes or otherwise cause it harm.

ARPANSA’s Risk Management Framework aligns with broader requirements such as the Commonwealth Risk Management Policy 2014 and the international standard on risk management (AS/NZS ISO 31000), and meets the requirements of section 16 of the PGPA Act.

During this reporting period, ARPANSA’s risk management framework was reviewed as part of the Integrated Regulatory Review Service (IRRS) Mission that occurred in November 2018. The IRRS team of international experts assessed ARPANSA’s risk management approach as a ‘good practice’ example of Australia’s national regulatory framework for nuclear and radiation safety. In 2018–19 ARPANSA achieved an ‘advanced’ level of maturity in the Comcover Risk Management Benchmarking Survey. This result is greater than the average risk maturity state achieved by participating Commonwealth entities.

Audit and fraud control

Audit program

ARPANSA’s audit program is informed by risk and directed by the Audit and Risk Committee. ARPANSA has a robust governance and control framework to establish and maintain appropriate systems and internal controls for the oversight and management of risk. The internal audit program examines and evaluates the appropriateness and effectiveness of the agency’s management system to ensure the agency meets its external and internal obligations and risk control mechanisms. ARPANSA’s management system audits are a crucial part of maintaining ISO 17025 certification for our scientific laboratories, and monitoring performance against the requirements of the relevant standards captured in the documented management system.

ARPANSA is also subject to audits conducted by external organisations, such as the Australian National Audit Office (ANAO) and the National Association of Testing Authorities (NATA), which assess compliance and conformance with relevant legislation, regulations, rules, standards, etc. During this reporting period, ARPANSA’s seven accredited laboratories were assessed by NATA and certified as compliant against the new ISO 17025 standard that was released in 2017.

In 2018–19 the ANAO conducted an audit of ARPANSA and five other agencies’ performance on Mitigating Insider Threats through Personnel Security. During this reporting period ARPANSA established a process, in accordance with the Protective Security Policy Framework requirements, to undertake an annual health check for clearance holders and their managers. Implementation of this process will address the final ANAO audit recommendation.

Significant non-compliance issues

ARPANSA management acknowledges their responsibility for ensuring compliance with the provisions of the PGPA Act and requirements related to finance law.

ARPANSA has complied with the provisions and requirements of the:

• PGPA Act 2013
• Public Governance, Performance and Accountability Rule 2014 (PGPA Rule)
• Appropriation Acts
• other instruments defined as finance law including relevant ministerial directions.

ARPANSA did not identify any significant non-compliances with finance law during the reporting period.

All instances of non-compliance are reported to the Audit and Risk Committee. Where insignificant non-compliances were identified, they were managed in accordance with our policies and procedures.

Fraud minimisation strategies

During 2018–19, the agency maintained a rolling program embedded within ARPANSA’s overarching risk management framework to assess fraud risks. Treatment strategies are developed and monitored as part of that process in compliance with section 10 of the PGPA Rule. Results of the fraud risk assessment process are used to inform the development of the internal audit schedule. No instances of fraud were identified during 2018–19.

Disability reporting mechanisms

Since 1994, non-corporate Commonwealth entities have reported on their performance as policy adviser, purchaser, employer, regulator and provider under the Commonwealth Disability Strategy. In 2007–08, reporting on the employer role was transferred to the Australian Public Service Commission’s State of the Service reports and the APS Statistical Bulletin. These reports are available at apsc.gov.au. From 2010–11, entities have no longer been required to report on these functions.

The Commonwealth Disability Strategy has been overtaken by the National Disability Strategy 2010–2020, which sets out a 10-year national policy framework to improve the lives of people with disability, promote participation and create a more inclusive society. A high-level, two-yearly report will track progress against each of the six outcome areas of the strategy and present a picture of how people with disability are faring. The first of these progress reports was published in 2014, and can be found at dss.gov.au.

ARPANSA’s Diversity and Inclusion Strategy outlines objectives to review recruitment processes, engage in the Stepping Into internship program by 2020, and remove barriers to hiring candidates with disability. In 2018–19, ARPANSA has supported people to apply for jobs through the development of an inclusive recruitment statement and use of the RecruitAbility scheme.

Work health and safety

ARPANSA’s commitment to safety through protecting the Australian people and the environment from the harmful effect of radiation, is second to none and we are equally committed to utilising our expertise to develop a leading work health and safety (WHS) framework within the agency.

During 2018–19, ARPANSA conducted a safety culture self-assessment of its regulatory activities using a custom-built safety culture maturity model. The self-assessment characterised the culture within regulatory services branch, assisted in forming a vision of how our culture should look and has enabled a number of improvement actions to be identified. The assessment was a pilot study which will now be applied to a whole-of-agency safety culture assessment during 2019–2020.

During the reporting period, ARPANSA established a health and wellbeing working group to help guide the implementation of ARPANSA’s Health and Wellbeing Strategy. The working group has contributed to the development of an action plan and the development of initiatives that will benefit the health and wellbeing of ARPANSA staff.

Throughout 2018–19 ARPANSA continued its program of regular WHS inspections and resulting improvements. During the reporting period the agency completed all planned WHS inspections in accordance with the environmental and holistic safety inspection program.

Hazard and incident reporting

ARPANSA has a strong commitment to preventing work health and safety incidents from occurring, understanding the importance of preventive measures, and applying timely and appropriate corrective actions when incidents or hazards do arise.

During 2018–19 the agency continued to build a positive safety reporting culture, which again saw a number of hazards and good practices reported. In 2018–19 there was a total of 13 incidents reported, which included six hazards, six minor incidents and one serious incident. None of the incidents were notifiable to Comcare with respect to the agency’s statutory obligation under section 35 of the Work Health and Safety Act 2011.

Workers compensation

One workers compensation claim was made during the 2018–19 year.

Investigations or notices given

There were no investigations initiated or notices given in 2018–19.