Follow us on:

The Directorate’s risk management framework is based on the Australian and New Zealand Standard ISO 31000:2009 Risk Management – principles and guidelines. Risks are identified and mitigated through the Directorate’s internal governance control structure, which includes:

The Directorate’s risk management functions are managed by the Chief Internal Auditor and the Director, Governance and Community Liaison. The Directorate’s Senior Executive and the Audit Committee receive regular risk management reports, providing an overview of significant risks, mitigation strategies, responsibilities and an oversight on the implementation of audit recommendations.

The Senior Executive and the Audit Committee assist with the allocation of resources and timeframes to ensure appropriate mitigation and monitoring strategies are implemented.

Monitoring and reporting on risk management occurs through:

The Directorate manages financial risks through a well-defined financial management framework that includes:

Critical Incidents

The number of critical incidents for a financial year has been calculated on those incidents reported which meet the definition for a critical incident in the Directorate’s Critical/Non Critical Incident Management and Reporting Policy i.e. an event that causes severe impact, such as significant disruption to the school routine, an emergency management situation, loss of a sense of control, or threat to the safety of students and staff.

In the period 1 July 2016 to 30 June 2017, there were seven critical incidents in ACT public schools. All seven incidents were classified as ‘lockdown, evacuation or temporary closure’.

Children’s Education And Care Assurance (CECA)

The National Quality Framework (NQF) for the education and care sector established the Education and Care Services National Law and a uniform approach to the regulation and quality assessment of the education and care sector. The Director-General of the Education Directorate is the ACT’s Regulatory Authority. The National Law places obligations upon the Regulatory Authority to undertake investigation, compliance, enforcement and assessment and rating functions.

Audit and Risk Management

The CECA Investigations team processed 796 notifications for the 2016-17 financial year.

Of those 796 notifications, 59 matters were investigated, 13 matters were subject to risk audit and seven matters were subject to both investigation and risk audit.

The team carried out approximately 103 compliance audits in the last half of the financial year and approximately five risk audits in response to incidents or allegations that substantiated a rapid response.

The team has an audit schedule of 351 services over the following three years.


Between 1 July 2016 and 30 June 2017 CECA commenced 65 investigations. During that time period, there were approximately 19 investigations in progress and 46 cases closed.

Major areas of investigation for the financial year were: allegations of harm to children; staffing arrangements and inadequate supervision; and missing/unaccounted for children.

CECA, and in particular the investigation team, have been working on operational relationships with ACT Ombudsman, Access Canberra, Child and Youth Protection Services and relevant Commonwealth agencies.


From 1 January to 30 June 2017, the Regulatory Authority issued approximately 38 compliance actions under the National Law. Compliance actions range from administrative letters, to conditions on service or provider approval, compliance directions, compliance notices, suspension of services and prohibition of individuals.


At the time of this report, three decisions to take compliance action under the National Law were subject to application for external review by the ACT Civil and Administrative Tribunal. Two appeals were resolved by way of consent orders in the favour of the Directorate, the third was still before the Tribunal as at 30 June 2017.

For further information contact:
Governance and Community Liaison
(02) 6205 5511

Back to Top