Skip to main content
Go to search page

Risk management

Men working on a large slab of fallen rock, Hume Reservoir 1952Men working on a large slab of fallen rock, Hume Reservoir 1952 (MDBA historic images collection).

Risk management is an essential part of our operations. Our risk management framework and policy was revised in 2014–15 to comply with the Public Governance, Performance and Accountability Act 2013 and better practice. We also updated our risk management plan, our business continuity policy and our business continuity plan.

The Audit Committee and the Executive Committee monitor the risk management framework and implementation of enterprise risk treatments. Risk management is monitored as part of quarterly corporate planning and reporting processes. Our Health and Safety Committee monitors health and safety risks, and the Security Group monitors security risks.

The fraud control plan continues to be monitored by the Executive Committee and the Audit Committee. Our fraud risk assessment and fraud control plan will be updated during 2015–16.


Comcover provides insurance cover to the MDBA. Identifying and assessing MDBA's insurable risks is done annually through Comcover's insurance renewal process. The MDBA is separately insured by Comcare for worker's compensation for employees.

In 2015 we again participated in the annual Comcover risk management benchmarking survey. The survey, which is now mandatory for all Australian Government entities, provides an opportunity for agencies to review and measure how successfully risk management has been integrated into their business operations.

The survey report showed that we again rated well, near the top 21% of all entities. We were assessed as having an overall risk maturity level of advanced. Only one entity rated in the category above this (optimal).

The Comcover survey determined that our strengths in risk management were in relation to establishing a risk management policy, defining responsibility for managing risk and developing a positive risk culture.

The elements where the survey found that we could improve the most were: maintaining a risk management capability, communicating and consulting about risk, and embedding systematic risk management into business processes.

During the year the MDBA provided training on risk management, and mandatory online training in ethics, fraud and conflict of interest (including managing sensitive water market information).

Fraud control and investigations

Our fraud control policy is set out in our fraud control plan, on our intranet and external website and in our contract documents. Our management of fraud and implementing the fraud control plan is monitored by the Audit Committee. All employees with financial delegations are required to address their compliance with the Australian Government's fraud control guidelines and report any actual or potential fraud related occurrences through the compliance reproting process.

Fraud investigations

One incidence of fraud was identified in 2014–15. The incident involved a break-in to MDBA premises. The funds were recovered.

Business continuity and ICT disaster recovery plans

Our arrangements for recovering from a business disruption are outlined in the River Murray system emergency action plan, the MDBA business continuity plan and the ICT disaster recovery plan. In 2014–15 we updated our business continuity policy and business continuity plan based on an audit by the consultancy firm KPMG in 2013–14. Further work is being carried out to update the ICT disaster recovery plan in 2015–16.

Internal audit

In 2014–15 KPMG provided internal audit services. The internal audit plans are developed in light of the MDBA risk management plan and following consultation with senior managers. In 2014–15 there was a slightly greater concentration on performance audits than in the previous year. KPMG also assisted with the update of the MDBA risk management plan.

The following internal audit reports were finalised in 2014–15:

  • information management
  • South Australian Riverland Floodplains Integrated Infrastructure Program
  • conflict of interest.

No serious matters were raised in the reports.

Work commenced on internal audits of the sustainable diversion limits adjustment mechanism method, and project governance — the Basin Plan Implementation Committee.

Implementing internal audit report recommendations is monitored by the

Audit Committee.

Compliance reporting

Commonwealth entities and Commonwealth companies in the general government sector are required to provide an annual report on compliance (compliance report) within the Public Governance, Performance and Accountability Act 2013 (PGPA) framework.

The compliance report process is an important means of identifying and disclosing instances of non-compliance with the PGPA framework, as a basis for continuous improvement. It is provided to the Minister for Finance, through the Secretary of the Department of Finance, and to an entity's responsible minister, by 15 October each year, with the first report under the PGPA framework being provided for the 2014–15 financial year.

Compliance performance for the 2014–15 financial year was assessed against:

  • the Public Governance, Performance and Accountability Act 2013
  • the Public Governance, Performance and Accountability Rule 2014
  • government policy orders.

The new framework is a departure from the previous Certificate of Compliance under the Financial Management and Accountability Act 1997 in that it is framed more against principles rather than prescriptive provisions and rules.

With the introduction of the PGPA Act and the MDBA's transition to a corporate Commonwealth entity; the MDBA revised or updated all its internal financial policies, procedures and guidance. Training was provided to officials on the new MDBA Resource Management Framework and compliance requirements.

In addition to strengthened internal controls that limit the likelihood of non-compliance; the MDBA updated its Financial Management Compliance online system and surveyed all officials holding financial authorisation, including senior executives. During 2014–15, the MDBA identified one reportable breach, which represents a significant reduction on the previous financial year's results.

The one instance of non-compliance reported by the MDBA is considered very low and can be readily contrasted with the substantial number, scope and complexity of financial activities, with an annual expenditure of around $138 million and assets managed in excess of $2.6 billion.

Secretariat services

The Secretariat team provide support to the Authority and a range of committees established to support the MDBA in delivering our business. The team also supports the Murray–Darling Basin Ministerial Council and the Basin Officials Committee which were established under the Murray–Darling Basin Agreement, under which the joint programs operate, see Appendix A, page 186.

During 2014–15 the Secretariat provided support to over 56 committee meetings, four of which were Ministerial Council meetings. We also provided support to sub-committees, including working groups and technical panels across the MDBA.

Appendix A includes a summary of committee meetings.

External scrutiny

Auditor-General reports

The MDBA's financial statements are audited by the Auditor-General. No additional audits carried out by the Auditor-General specifically involved the MDBA in 2014–15.

The Audit Committee monitors the implementation of recommendations made by the Auditor-General in its audit of the financial statements and any other audits it undertakes involving the MDBA. The committee also reviews all cross-agency audit reports, better practice statements and guides issued by the Auditor-General, where these are relevant to MDBA operations.

Commonwealth Ombudsman

The Commonwealth Ombudsman made no formal reports relating to the MDBA during 2014–15.

Parliamentary committees

On 24 June 2015 the Senate resolved to establish the Select Committee on the Murray–Darling Basin Plan. The committee is to inquire on the positive and negative impacts of the Basin Plan on regional communities and provide a final report to the Senate on or before 26 February 2016.

Judicial decisions and tribunals

On 15 May 2015 the High Court rejected an application for special leave to appeal to the High Court in relation to a challenge to the constitutional validity of the Water Act 2007. The Commonwealth of Australia and the Murray–Darling Basin Authority were named as respondents. The Court also ordered the applicants to pay the costs of the Commonwealth of Australia and the Murray–Darling Basin Authority.

On 6 June 2015 Justice Jagot of the Federal Court made a consent determination recognising the Barkandji people's native title rights and interests in relation to an area of land and waters covering about 128,482 square kilometres in New South Wales. The application for a native title determination was made in 1997. The Murray–Darling Basin Authority was one of the named respondents.

Legal services

Our legal services are provided mainly through an in-house legal team. We also use legal services through the legal services multi-use list established by the Attorney-General's Department.

During 2014–15 internal demand for legal services included:

  • advising all MDBA divisions in relation to implementing the Basin Plan 2012
  • coordinating preparation of the MDBA's case in relation to a constitutional challenge to the validity of provisions of the Water Act 2007
  • contributing to the development of regulations under the Water Act 2007
  • providing advice and training to MDBA staff about program delivery and legislative obligations.


Privacy awareness week

The MDBA treats the personal information we handle in the course of our business functions in accordance with the Privacy Act 1988, including the Australian Privacy Principles which set out how the MDBA must collect, store, use or disclose, allow access to and correction of, personal information. Our Australian privacy principles notice is available on our website <>.

The MDBA registered with the Office of the Australian Information Commissioner as a partner in Privacy Awareness Week 2015, which ran from 3 to 9 May 2015, and which is the primary privacy and education event in the Asian Pacific region. The theme for 2015 was privacy every day. The theme emphasised the need for organisations to embed privacy practices into business as usual processes. Staff education and other activities were provided for staff to refresh their knowledge and application of the MDBA's privacy obligations.

Freedom of information

The Freedom of Information Act 1982 gives individuals the right to access copies of documents held by Australian Government ministers and agencies, with some exceptions.

During 2014–15 the MDBA received five freedom of information requests. Our freedom of information policy and procedures were updated in line with the Australian Information Commissioner's freedom of information guidelines.

Under the Freedom of Information Act, we must publish a range of information on our website as part of the Information Publication Scheme. This information includes our structure, what we do and how we do it, appointments, annual reports and consultation arrangements, as well as contact details for our freedom of information officer.

Details of how to obtain information released following freedom of information requests and information routinely provided to parliament are also published online. Our Information Publication Scheme agency plan outlines our approach to the scheme and what we include in our publication scheme entry and publish online, see <>.

Documents we hold

The MDBA holds the following types of documents:

  • working files, including correspondence, analysis and advice
  • internal administrative records, such as personnel files, staffing and financial records and office procedures
  • submissions and comments from the public and stakeholders
  • papers relating to new and amending legislation, drafting instructions and draft legislation
  • briefing papers and submissions prepared for the Australian Government minister responsible for water
  • documents relating to meetings and committees (such as agenda, minutes and reports)
  • copies of questions asked in parliament, together with related replies
  • tender documents
  • government (including agency) policy statements, communiqués, guidelines and media releases
  • contracts
  • educational materials
  • reports on research, water audits and MDBA activities.

How to lodge a freedom of information request

Your request must:

  • be in writing
  • state that the request is an application for the purposes of the Freedom of Information Act
  • provide information about the document(s) to assist us to process your request
  • provide an address for reply.

Please note charges may apply.

For more information, contact the MDBA's freedom of information officer:

FOI Officer
Murray–Darling Basin Authority
GPO Box 1801

Phone: 61+2 6279 0100

Directions under section 175 of the Water Act

No directions were given by the Commonwealth Minister under section 175 of the Water Act.

Ministerial and parliamentary business

The MDBA provides the minister and the parliamentary secretary with timely, evidence-based advice or information on key issues through written briefs and meetings. The preparation of responses to ministerial correspondence with information on the MDBA's policies and programs supports an important function of government. Attending the public hearings of the Senate estimates committees and responding to questions on notice is also an important part of providing information about the policies and programs administered by the MDBA.

Table 3.1 sets out the volume of advice provided during 2014–15 compared to previous years.

Table 3.1 Volume of ministerial and parliamentary advice 2010–11 to 2014–15

Type of advice






Ministerial briefs






Ministerial correspondence






Senate estimates questions on notice






Previous Page: 
Senior management committees
Next Page: 
Our people
Page type: 
Content Page
Updated: 10 Jul 2018