Go to top of page

Part 3.1: Corporate Governance

The Department’s corporate governance plays an integral role in ensuring Government priorities and program outcomes are delivered efficiently and effectively. In 2018-19, the Department commenced implementation of a range of initiatives to strengthen corporate governance, including revised governance structures to improve oversight of the Department’s highest risk change and implementation projects.

Senior governance committees

In 2018-19, the Department reviewed its senior governance arrangements to strengthen oversight of high risk change projects and administered programs and improve advice on strategic cross portfolio policy issues.

The governance structure in Figure 3.1.1 came into effect late in the 2018-19 financial year, and will continue to embed and mature over the next financial year.

The senior governance committees provide advice and make recommendations to the Executive on:

  • organisational performance;
  • delivery of Administered Programs;
  • implementation of the Department’s highest risk change projects; and
  • strategic portfolio policy issues to improve the performance of the health and aged care systems.

Figure 3.1.1: Senior governance committee structure

This figure is a hierarchy structure chart showing the Governance Committee structure within the Department. The Secretary overseas all committees, with the Executive Board and the Audit and Risk committee reporting directly to the Secretary. The Executive Board directly overseas the Program Assurance Committee, Investment and Implementation Board, Policy and Evidence Committee and the Security and Workforce Integrity Assurance Committee.

Table 3.1.1: Senior governance committees



Executive Board

The Executive Board provides advice and support to the Secretary by driving the leadership, culture and performance of the Department and provides stewardship through:

  • effective decision-making and governance;
  • setting the strategic direction and ensuring achievement of high quality outcomes;
  • shaping organisational culture and developing capability; and
  • monitoring and addressing departmental performance and risks.

Membership comprises the Secretary and all Deputy Secretaries.

Audit and Risk Committee

The Audit and Risk Committee provides independent advice and assurance to the Secretary on the appropriateness of the Department’s:

  • financial reporting;
  • performance reporting;
  • system of risk oversight and management; and
  • system of internal control.

Membership comprises an independent chair, two independent members and two

senior executive members chosen and rotated from time to time from within the Department.

Program Assurance Committee

The Program Assurance Committee drives excellence in program delivery across all Departmental programs. It considers both the ongoing delivery of programs and the implementation of new programs and measures.

The Program Assurance Committee provides oversight, advice and assurance to the Executive Board on:

  • management arrangements, accountability measures and performance results; and
  • alignment of resources, capabilities and senior focus relative to risk, government priorities and achievement of intended outcomes.

Membership comprises senior executives selected for their expertise and/or current role in the Department.

This committee was re-focused over 2018-19. The first meeting for this re-focused committee was held on 8 March 2019.

Investment and Implementation Board (formerly the Investment Board)

The Investment and Implementation Board provides oversight, advice and assurance to the Executive Board on:

  • effective management and ongoing viability of the Department’s high risk change projects; and
  • investments relating to IT, property and the use of capital and non-capital budgets.

Membership comprises senior executives selected for their expertise and/or current role in the Department.

The first meeting for this expanded committee was held on 19 March 2019.

Policy and Evidence Committee (formerly the Policy, Evaluation and Data Committee)

The Policy, Evaluation and Data Committee was re-established as the Policy and Evidence Committee on 17 April 2019. The Policy and Evidence Committee provides advice and recommendations to the Executive Board on:

  • comprehensive portfolio policies to improve the performance of the health and aged care systems, including over the long term; and
  • considerations of relevant data and evidence to inform strategic policy options for issues that may be impacting health outcomes.

Membership comprises senior executives selected for their expertise and/or current role in the Department.

Security and Workforce Integrity Assurance Committee

The Security and Workforce Integrity Assurance Committee supports the Secretary and Executive in the provision of a cohesive and coordinated approach to security and workforce integrity risk. The committee supports the Executive to:

  • set priorities to deliver the Government’s Protective Security and Policy Framework Reforms;
  • monitor the effectiveness of controls (policy and process) associated with the Department’s Professional Integrity & Security Framework; and
  • provide assurance against security and integrity initiatives for the Department’s corporate operating environment.

Membership comprises senior executives and executive level officers managing key functions relevant to security and workforce integrity.

The initial meeting for this committee was held on 20 June 2019.

Audit and Risk Committee Membership

Audit and Risk Committee comprises an independent chair, two independent members and two senior executive members chosen from within the Department. The Committee met five times in 2018-19. The Financial Statements Sub-Committee is chaired by one of the independent members.

In 2018-19, the two departmental senior executive members were the Deputy Secretary of the Health Financing Group and the First Assistant Secretary of the Health Workforce Division.

During 2018-19, the Audit and Risk Committee comprised the following independent membership.

Kathleen Conlon – independent external chair (June 2015 – November 2018)

Kathleen Conlon was Chair of the Department’s Audit and Risk Committee from June 2015 until November 2018. Kathleen is a professional non-executive director, with 20 years’ experience at the Boston Consulting Group, including seven years as a partner. During her time at Boston, Kathleen led their Asia-Pacific operational effectiveness practice area, health care practice area and the Sydney office.

Jenny Morison – independent external chair (November 2018 – current)

Jenny Morison commenced as Chair of the Department’s Audit and Risk Committee from 28 November 2018, having been a previous independent member. Jenny is a Fellow of the Chartered Accountants of Australia and New Zealand, with over 37 years of broad experience in accounting and commerce, including audit, taxation, management consulting, corporate advisory and consulting to government. Jenny has held numerous board positions and has extensive experience as an independent member and chair of Audit Committees in the Australian Government. Her experience encompasses both large departments and smaller entities.

Since 1996, Jenny has run her own business, providing strategic financial management, governance and risk advice within the government sector. Jenny has a Bachelor of Economics and is a Fellow of the Institute of Managers and Leaders.

Steve Peddle – independent external member

Steve Peddle commenced as an independent external member of the Department’s Audit and Risk Committee from August 2015. Steve has more than 20 years of senior management experience as a Chief Information Officer, Chief Technology Officer and General Manager, covering information and communication technology service delivery and senior general management.

Steve has experience in private, government and defence industries in the areas of computer design and engineering, applications development, strategic planning, outsourcing contract management, housing management services, digital broadcast video services, network security and operations service delivery. Steve is currently the Chief Information Officer for the Australian Maritime Safety Authority.

Nick Baker – independent external member

Nick Baker is a Fellow of Certified Practicing Accountant Australia and a Member of the Australian Computer Society and was a senior Partner in KPMG Australia (1995–2015) prior to his retirement.

Nick’s career has spanned 40 years and encompassed a broad range of areas including public sector accounting, financial management, information technology and general management consulting. Nick has particular expertise in Public Sector Financial Management Reform, Policy/Program Design and Information Technology, Security and Control.

Nick has held a number of Board Chair positions in not-for-profit organisations and has Audit Committee experience in the Public Sector with Agencies such as the Australian Competition and Consumer Commission, Department of Human Services (now Services Australia), Department of Social Services (Chair) and the National Disability Insurance Scheme Quality and Safeguards Commission (Chair).

Nick holds dual tertiary level qualifications in Professional Accounting and Computing and also a Certificate IV in Commonwealth Fraud Control (Investigations).

Organisational planning

The Department’s corporate governance agenda is guided by the Corporate Plan. In 2018-19, the Department continued to strengthen oversight of program performance through implementing changes to align with the enhanced Commonwealth performance framework. Planning and risk processes are closely aligned to ensure each area’s priorities aim to meet our vision and objectives.

Our purpose

To support government and stakeholders to lead and shape Australia’s health and aged care system and sporting outcomes through evidence-based policy, well-targeted programs, and best practice regulation.

Corporate Plan

The Corporate Plan1 is the primary strategic planning document for the Department and is a core element of the Department’s performance and accountability framework.

The four year horizon for the Corporate Plan sets out the Department’s priorities and key actions. It also includes the Department’s capability improvement agenda, approach to managing risk, and how performance will be measured in delivering a modern, sustainable health system for all Australians.

The Corporate Plan is prepared to meet requirements of the Public Governance, Performance and Accountability Act 2013 and the Public Governance, Performance and Accountability Rule 2014.

Risk management

The Department continued to improve the risk culture and raise awareness of risk management during 2018-19 by developing and implementing Risk Management Community of Practice forums. These forums are designed as interactive engagement sessions open to all staff across the Department, including state and territory offices, to raise risk awareness, improve capability, build networks and share risk tips and tools.

In 2018, the Department launched the inaugural annual Risk Awareness Day. This event raised awareness of how important the effective management of risk is in our daily roles, including having frequent risk conversations and following through with practical risk mitigation strategies.

The Department developed the Risk Maturity Posture Framework, an evidence-based methodology of assessment, applying a more structured approach to reporting and reviewing risk controls and treatments on divisional level business and risk plans. The Risk Maturity Posture Framework includes an assessment methodology, assessment criteria, grading scheme and a matrix to report the maturity posture at the divisional level.

To remain responsive to the Department’s needs, a review of the Department’s Risk Management Framework was undertaken in 2018-19. This review led to improvements in the business and risk planning process, risk guidance materials and learning and development opportunities.

To assist in improving our risk culture, each Division Head presents their business and risk plans to discuss with the Department’s Executive Board.

In 2019, the Department maintained its ‘Integrated’ level of maturity against the annual Comcover Risk Management Benchmarking Survey.

Fraud minimisation and control

The Department undertook audit and fraud control assurance activities to promote and support effective corporate governance.

Internal audits completed during 2018-19 supported compliance, and provided assurance in relation to the Department’s key delivery objectives and the effectiveness of its control frameworks.

During 2018-19, the Department completed five audits from the 2017-18 Internal Audit Work Program, 10 audits from the 2018-19 Internal Audit Work Program and two management requested assurance assessments. A further three audits were underway or pending completion as at 30 June 2019.

The Department’s Fraud and Corruption Control Plan 2018–20 and intranet supports employees in identifying and reporting fraud and corruption concerns. Members of the public are able to report their fraud and corruption concerns through the Department’s internet site.

During 2018-19, the Department received 104 fraud allegations2, which were 97 allegations related to external (program) fraud and corruption, and seven related to internal fraud and corruption.

During 2018-19, 38 referrals were made to relevant internal business areas for compliance action, and 23 allegations required no further action. A total of 46 referrals were made to law enforcement or other agencies for review or action.

Compliance reporting

There have been no significant breaches of finance law by the Department during 2018-19. The Department maintains a risk-based approach to compliance with a combination of self reporting and focused review. Any changes to this methodology are reviewed and endorsed by the Audit and Risk Committee. All instances of non-compliance are reported to the Audit and Risk Committee. The Department minimises non-compliance through training and publication of legislation and rules, delegation schedules and Accountable Authority Instructions, which are available to staff to inform decision-making.

Certification of departmental fraud control arrangements

I, Glenys Beauchamp, certify the Department has:

  • prepared fraud risk assessments and fraud control plans;
  • in place appropriate fraud prevention, detection, investigation, and reporting mechanisms that meet the specific needs of the Department; and
  • taken all reasonable measures to appropriately deal with fraud relating to the Department.

Glenys Beauchamp PSM

September 2019


  1. Available at: www.health.gov.au/corporateplan
  2. A single fraud allegation may contain external and internal components. An allegation may result in multiple referrals to internal business areas for action or to other relevant agencies in part or in full simultaneously.