Risk management and grants

This page provides information about the grant risk management approach used by the Department of Health

Page last updated: 15 September 2016

In line with the requirements of the Commonwealth Grant Rules and Guidelines, the Department of Health has adopted a risk-based approach to grant administration.

There are four key stages to grants administration:

    1. Program Design: the internal processes and procedures for developing, establishing and administering grant programs including setting objectives and key performance indicators.
    2. Service Provider Selection: selection of the organisations that will deliver services.
    3. Management of Funding Agreement: the processes and procedures (contractually) for the management of service delivery.
    4. Evaluation: review and evaluation of program outcomes (and the choices made to achieve them) against the program’s objectives.
Key to the department’s risk-based approach is risk assessment and management at the program design, service provider selection, and management of funding agreement stages.

This approach aims to help the department achieve value with relevant money, meet outcomes, reduce red tape for funded organisations and apply the principle of proportionality.

Frequently Asked Questions

What is a risk assessment and how often will risk assessments occur?

A risk assessment assists the department to identify and mitigate any risks that may impact grant implementation and delivery. A service provider can expect a risk assessment to be completed prior to execution of a funding agreement, or during funding agreement management if a risk to the Commonwealth has been identified.

What are the key areas against which risk is assessed?

The five risk areas that the department will assess are as follows:

Risk AreaProgram DesignService Provider
Performance ManagementThis relates to the activity not achieving its intended outcomes. It is about understanding the evidence base, service delivery model and the performance framework used to measure activity objectives. This relates to the provider’s ability to deliver the services to the required standards. Capacity of the organisation’s infrastructure to measure and report on performance and its flexibility to systematically adapt to changes in service delivery environment is considered.
Issues ManagementThis risk area takes into account government and stakeholder acceptance. This is closely aligned with governance in that the more stakeholders or greater the complexity of the policy issue, the higher the risk that needs to be managed.This area reflects on the provider’s policies and processes relating to the delivery of a service and issue management (and includes quality assurance processes, complaints handling and experience working with the target group of clients).
GovernanceThis area looks at the tasks and activities associated with internal management to ensure accountabilities are met.This area considers the provider’s ability to manage and oversight the proposed service delivery activities to agreed standards.
ViabilityThis area considers the risk of activity failure due to poor implementation. Consideration is given to supply issues and whether there are alternative providers available or whether supply is becoming limited to specialist providers. This area contemplates the provider’s ability to remain viable over the life of the funding agreement.
Financial ManagementThis area considers the internal processes to ensure compliance with legislative accountabilities. While most are aimed at financial accountability through the PGPA Act, there is a range of other requirements, such as records management, information security, confidentiality / privacy and staff behaviour that are also considered.This area covers the provider’s ability to manage grant funding.

How will the risk rating affect a funded organisation?

Risk assessments will be conducted before a decision is made to award a grant, and will affect the design of the funding agreement. Where there is low risk, the department aims to reduce red tape for funded organisations with fewer reporting and accountability obligations and the expectation that funded organisations will manage their risks appropriately. If risk is higher, the department will design the funding agreement and internal management of grant programs in a way that is proportional to the risks involved. Risk reviews may be conducted at various times during the life of a grant and the requirements of the funding agreement may be varied to reflect any change in the risk profile.

Why has the department decided to cease the Risk Assessment Profile Tool (RAPT) on-site Risk Assessment?

The department has decided to remove the requirement for an on-site risk assessment for specific grant programs and has adopted a single approach to risk assessment and management across all grant programs as described above. This will streamline requirements across funded organisations and reduce the workload associated with meeting funding reporting requirements.

Can a funded organisation still access the Risk Assessment Profile Tool (RAPT) for self-assessment?

Yes. The RAPT is still available on the department’s website Excel version (Excel 1892 KB) PDF version (PDF 1789 KB) and funded organisations are welcome to continue using the tool to assess their governance, financial management and risk arrangements. Self-assessment of risks helps to identify any problems early, enables continuous quality improvements in governance and financial management and allows the funded organisation to have confidence that they have appropriate processes in place.

How were funded organisations involved in development of the new approach?

The department invited a number of funded organisations (including peak representatives from across the health system) to provide input into the development of our internal risk assessment processes, to ensure it would not increase red tape for service providers.

We welcome your feedback

Whether you are a past, present or future grant recipient, we are keen to hear from you. Please email GSDenquiries@health.gov.au if you would like to provide any feedback about grant administration.

We are committed to treating your feedback seriously. Any comments received via our GSDenquiries@health.gov.au email address will be acknowledged and will receive a response.