Go to top of page

Assurance and Risk Management

The ILSC Group’s Risk Management Framework takes a whole-of-enterprise approach, is integrated into all operations and promotes the identification and management of risk at every level of each entity. The Group Risk Management framework aligns with the Commonwealth Risk Management Policy 2014, Better Practice Guides and relevant Australian and international good-practice guides and standards. It is reviewed regularly.

The Group’s commitment to effective risk management is ensuring consideration and treatment of risk is integrated in all policies and procedures, underpinning all ILSC Group functions, programs and operations. The Group Risk Framework is reviewed annually. Across the group, each entity’s Executive and Audit Committee review and test the systems of risk, internal control and compliance frameworks through the Group’s Internal Audit Program.


The ILSC Group’s external auditor is the Auditor General (through the Australian National Audit Office). Audit strategies are agreed by the Auditor-General, the ILSC and each subsidiary for the conduct of the audit of the financial statements.

The Audit and Assurance Committee oversees the group’s Internal Audit Program. The annual program is outsourced and is designed to provide assurance that key risks and compliance requirements are managed appropriately and in a timely manner.

Insurance and indemnities

Comcover, the Australian Government’s self-managed fund, provides cover, including Directors’ and Officers’ liability, for the ILSC Group’s insurable risks.

Limited indemnities are provided by way of deed of access to each of the Board’s Directors, the ILSC Group CEO and the Group General Counsel. These arrangements largely mirror those implied at common law; generally speaking, they indemnify Directors and Officers against personal liabilities they might incur while properly performing their roles as office holders. The indemnities do not cover liabilities arising from particular statutory breaches, breaches of the criminal law or actions involving a lack of good faith.

Fraud control and awareness

The ILSC maintains a rigorous Fraud Control and Awareness Program to minimise the risks of fraud and deal with any allegations of fraud that arise. The ILSC Board certifies that the ILSC complies with the Commonwealth Fraud Control Policy. The ILSC has taken all reasonable measures to minimise the incidence of fraud and to investigate and recover the proceeds of any fraud against the ILSC. It has in place fraud risk assessment and fraud control plans, as well as fraud prevention, detection, investigation, reporting, and data collection procedures to meet the specific needs of the ILSC Group and comply with relevant guidelines.

Maintenance of ethical standards

The ILSC has a Code of Conduct that employees are required to uphold and promote in their day-to-day work.

Table 22 Audit and Risk Committee membership, 2019-20


Qualifications, knowledge, skills or experience (include formal and informal as relevant)

Number of meetings attended / total number of meetings

Total annual remuneration

Maria Storti

Maria serves as an independent member of a number of Commonwealth audit committees as well as serving as a non-executive director on a number of entities. Maria is a Fellow of the Institute of Chartered Accountants, a Fellow of the Australian Institute of Company Directors, a member of the Australian Institute of Internal Auditors and hold both a degree in economics and a Masters in Business Administration. Maria is a former Ernst & Young advisory partner and has over 17 years’ experience working at senior levels in the areas of audit, risk and consultancy.



Joseph Elu

See Director statement



Patricia Crossin

See Director statement