WSA’s Board of Directors and Management are committed to implementing a robust risk management framework and processes as part of strategic and operational planning as a GBE, across its business domains and as the owner of project delivery for the design, construction and operation of Western Sydney International.

The organisation aims to foster a strong, positive risk culture based on shared values and behaviours, in order to promote an open and proactive approach to managing risk that considers both threat and opportunity and is one where risk is appropriately identified, assessed, communicated and managed across the Company.

8.1 Approach to risk management

The Risk Management Policy, Framework and the Audit and Risk Committee Charter provide the mandate from the Board and Management for how the Company will undertake the management of risk.

The Risk Management Framework is the overarching policy statement and process for the role of risk management within WSA. AS/NZS ISO 31000:2018 Risk Management – Principles and Guidelines on implementation is the international benchmark for risk management and provides the Standard by which the Company manages risk. It outlines the foundation and organisational arrangements for implementing, monitoring, reviewing and continually improving risk management across the business.

Through consistent and comprehensive application of the framework the Company will:

• Increase the likelihood of achieving strategic and business objectives;
• Encourage a high standard of accountability;
• Support effective decisionmaking through increased understanding of risk exposures and opportunities;
• Meet compliance and governance requirements;
• Ensure risks are identified, assessed and treated on a priority basis and in a consistent manner across the business; and
• Ensure control frameworks are incorporated into operational processes.

This framework also details the accountabilities and responsibilities of management, employees, contractors and sub-contractors, as well as the governance, processes and communication requirements. It allows foreseeable risks to be identified and understood so that sound business decisions can be made despite uncertainty.

The effective management of risk is essential to the success of any organisation and successful delivery of any project, and WSA is committed to establishing and maintaining the highest standards of risk management.

The Risk Management Framework was reviewed and updated in 2019 to align with both the requirements of ISO3100:2018 and the current risk maturity of the Company. The updated Risk Management Framework was approved by the Audit and Risk Committee and the Board of Directors on 13 May 2019.

8.2 WSA’s risk profile

WSA’s risk profile is grouped into four main categories: Strategic, Financial, Operational and Stakeholder. Across these four categories, the Company is managing risk in the following areas:

• Health, Safety and Wellbeing;
• Environment;
• Sustainability;
• Budget and Schedule;
• Procurement;
• Interface Management;
• Corporate Reputation;
• Cyber Infiltration; and
• People, Culture and Relationship Management.