Strategic Risk Management

Do you know what “risks” could impact the achievement of your Strategic Objectives?

With forums such as the Hayne Royal Commission and COVID-19 raising the attention on risk management practices, it is now incumbent on Boards and Management to continue to enhance their risk management processes to add real value and insights.

JNW has significant experience with assisting organisations design simple, effective, sustainable risk management frameworks. Our “Six Step Better Practice Risk Process” methodology leverages better practice methodologies and is compliant with risk management standards such as ISO AS/NZS 31000, ASX Principle 7, APRA’s CPS 220 and ASIC’s RG 259.

In a world of constant change, complex business environments, increasing shareholder and stakeholder demands for good governance and regulatory requirements creating personal liability, we can help you better operationalise risk management, build a platform for a strong “risk culture” and elevate the prominence and capability of risk management in the organisation.

Risk Framework Healthcheck

(better practice benchmarking/regulatory compliance)

Risk management strategy and framework

(policy, risk recording and risk reporting)

Risk Facilitation

(identification and rating)

Risk Training

(building sustainable risk culture)

Our Risk Solutions are strategy focused and designed to:

1. Increase your risk intelligence;
2. Enable you to anticipate disruption;
3. Predict emerging risks; and
4. Build your capacity and preparedness to act.

Risk Health Checker

JNW’s Value Proposition is built around - experience, professionalism, industry expertise and personal delivery.

Case Studies

Manningham City Council

Manningham City Council

  • Assisted with the acceleration of the procurement enhancement program including procurement structure, roles and responsibilities, financial delegation automation and controls framework. Created a delivery model that provides Procurement Intelligence - balance of operational excellence blended with decision making transparency and accountability.
  • Evaluated the risk management framework and developed a Process Improvement Roadmap.  Subsequently conducted risk identification and risk assessment workshops for both strategic and operating risks and developed treatment plans for high and very high rated risks. Outcomes were a more progressed strategic view of Council’s risks.
  • Prepared a Business Continuity Management framework improvement roadmap on how to update and strengthen the current Business Continuity Plans. The framework design incorporated a Crisis Management Team with clear command and control reporting structures to facilitate an efficient and effective recovery from the disaster event and continuity of critical services.
  • Independent observation of the IT Disaster Recovery Plan (IT DRP) test including test plans, infrastructure for back up processes and evaluation of the governance compared against an IT DRP test maturity matrix. Suggestions strengthened the testing processes.

The following is a typical example of our IT maturity assessment.


  • Consulting Director Alan Fotheringham is the independent Audit Committee Chairman. This experience gives Alan valuable insights into the challenges facing local governments.
City Of Melbourne

City Of Melbourne

  • Through strong client relationships and quality service, for five years, Jeff successfully led the outsourced internal audit function, including development and delivery of the internal audit plan, conducting assessments of project management, grant funding, event management, business continuity, data interrogation of rates revenue, IT controls, payroll, business continuity, risk management and major contracts.
  • Mapped the Governance and Assurance Processes against the Deloitte Local Government better practice framework. Other areas assessed included:
    • Strategic risks are matched against the key governance activities
    • There is alignment and integration between the various governance activities and key strategic processes
    • There is ownership and accountability for key control activities
    • Identification of potential duplication or gaps in coverage.
  • Reviewed procurement practices against the policies and procedures and assessed controls to prevent service creep, invoice splitting, conflicts of interest, bids evaluation, record management, approval and transparency of decisions.
  • For numerous major contracts, such as town hall hire, openspace facility management services, tree facility management services, aged care, security and building safety, parking meter coin collection, waste management, evaluated contract management procedures for managing the contracts including annual service plans, monthly contract monitoring meetings, contractor reporting systems used to assess assurance of quality of service and contract compliance, contract payment processes and the determination of compliance with Key Performance Indicators (KPIs) compliance and any bonus payments.
  • For each audit we created better practice tools. We were advised that the outcomes delivered and reports issued were innovative and insightful that strengthened the control environment.
  • Jeff presented all internal audit results to the Audit Committee, providing insight and clarity on issues.

To add value we linked the internal audit focus to risks and organisational value drivers - see below:

Frankston City Council

Frankston City Council

JNW has just developed an improvement roadmap for Frankston City Council to implement a Customer Focused Service Planning & Costing framework. The service costing methodology will provide vital operational cost intelligence to strategically position the Council to take advantage of different service delivery models.  Furthermore, by being customer focused it can structure itself to meet the Community’s future expectations efficiently and effectively and positively influence their experience.


Assisted the Council with a major acquisition.  This role included conducting a financial risk due diligence on key assumptions and building financial models in order to provide the Council with comfort around the financial risks, commercial viability and sustainability of this revenue generating opportunity.

To provide perspective, our typical approach is to map the risks onto a heat map - see below:

DD financial risks