Risk Assessment and Management Policy


This policy has been developed to formalise the commitment to incorporating the principles of risk management into all aspects of U3A noosa.


This policy provides information and guidance of risk management and enables the Management Committee to identify high level strategic risks to the organisation and how those risks should be assessed and managed.


  • Risk management is incorporated into all areas of current and future operations including members and staff and corporate governance.
  • It is the responsibility of all staff and all areas.

Policy Statement

U3A noosa recognises the need for risk management to feature in strategic and operational planning, day to day management and decision-making at all levels in the organisation.

U3A noosa is committed to managing and minimising risk by identifying, analysing, evaluating and treating exposures that may impact on achieving its objective and/or the continued efficiency and effectiveness of its operations.

U3A noosa is committed to ensuring that all staff, particularly those with management, advisory, decision making responsibilities, obtain a sound understanding of the principles of risk management and the required skills to implement risk management effectively.


  1. Annual review of strategic risks
  2. Use of the template as attachment A to complete a risk assessment and risk register for the current year
  3. Reporting to the Management Committee – by sub committee

Key Areas

The main types of risk which may occur in each area of operation include, but are not limited to, the following:


Failure to meet legal obligations, ineffective management of operations, poor decision-making, insufficient accountability of the Management Committee to members, failure to adhere to the Business and Strategic Plans and constitutional violation.


Insolvency which renders the organisation no longer able to continue business operations, susceptibility to fraud, poor fiscal decision-making, bad or inappropriate management of funds and assets and failure to carry out correct auditing processes.


Failure to provide a safe environment for members and volunteers, inadequate training of staff and volunteers putting members at risk, and insufficient access to teaching venues and accommodation.


Non-compliance with Privacy legislation, failure to provide interactive communication with members, systems failures with loss of documents and records, poor control of documents and an inadequate retrieval system.


Lack of commitment to member focus, failure to adhere to workplace health and safety regulations, failure to comply with Privacy legislation, inadequacy of recruitment, staff development and succession planning, ineffective resolution of conflict, complaints and grievances and unchecked discriminatory practices.        

Programs and services

Decline in membership numbers, inadequate service provision, inadequate curriculum variety, programs that fail to attract members and failure to provide services that will enhance the member experience.


                    Attachment A: Risk Register & Risk Assessment Template

                              Attachment B: Risk Assessment Matrix



Approval and Amendment History Details
Version No 1.0
Approval Authority This Risk Assessment and Management Policy was adopted by the Management Committee and minuted as such, on 9 December 2019
Amendment History Insert Date. Describe the amendment and why it was made.
Amendment Authority and Date This Risk Assessment and Management Policy was amended by the Management Committee and minuted as such, on Day Month Year



Posted in Policies.