Department of Education




PoliciesCorporate managementPolicy, accountability and evaluation ‹ Risk and Business Continuity Management

Risk and Business Continuity Management

6 Definitions

# | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z


Acceptable risk

An acceptable tolerance level, based on the level of risk after evaluating existing controls.

Back to top


Business Continuity Management

A process to ensure the timely resumption and delivery of essential business activities in the event of a major disruption by maintaining the key business resources required to support delivery of those services.

Business impact analysis

The process of assessing the potential consequences to an organisation of an outage to its key business activities over varying periods of time, and prioritising the timeframes in which these activities must be resumed following a disruptive event.

Back to top



A source of potential harm or situation with a potential to cause loss. This is also referred to as a hazard.


The outcome of an event or situation; being a loss, injury, disadvantage or gain. The consequence criteria scale is graduated in five levels from ‘insignificant’ through to ‘catastrophic’ measured against the following categories of context:

  • student achievement targets;
  • safety of people;
  • financial loss;
  • reputation and image to the Department and schools;
  • operational efficiency and governance; and
  • service interruption.

A risk may be connected to one or more of the above categories.

Control rating

A qualitative, common sense measure of the adequacy of controls in addressing a risk.

Back to top



A person who is currently employed under the School Education Act 1999 or the Public Sector Management Act 1994.

Back to top



A description of probability and frequency. The likelihood criteria scale contains five levels from ‘rare’ to ‘almost certain’. The likelihood assessment is the likelihood of the risk occurring with the existing controls in place and with the level of consequence identified.

Line manager

An employee responsible for a discrete area.

Back to top



The chance of something happening that will have an impact on objectives. It is measured in terms of consequences and likelihood.

Risk assessment

The process used to determine management priorities by evaluating and comparing the level of risk against predetermined standards.


RiskBase is an electronic web-based application developed by RiskCover and hosted by RiskCover on behalf of the Department.

The application contains the following information:

  • Risk descriptions along with causes and effects.
  • Properties of the risk such as status, risk owner, risk category, impact range, and review dates, etc.
  • Existing controls, controls rating and information regarding their effectiveness (controls assurance).
  • Consequence, likelihood and level of risk ratings.
  • Recommended and approved treatment action plans.
  • Risk acceptance decisions.
  • Notes and comments.

Risk control

A procedure, system, activity, policy or process that reduces the likelihood and/or consequences of a risk. A risk may have more than one control and a control may address more than one risk.

Risk identification

The process of determining what can happen, why and how.

Risk management

Risk Management is the culture, processes and structures that are directed towards the effective management of potential opportunities and adverse effects.

Risk review

Periodic assessment of risks to determine if there have been changes over time.

Risk treatment

A selective application of appropriate techniques and management principles to reduce either likelihood of an occurrence or its consequences, or both.

Back to top
Risk and Business Continuity Management

All contents copyright Government of Western Australia, unless otherwise stated.

Aboriginal and Torres Strait Islander people are advised that this site may contain images of people who are deceased.

Copyright material available on this website is licensed under a Creative Commons Attribution 4.0 International (CC BY 4.0) licence
Exclusions may apply: