(1) QUT is committed to the management of its compliance obligations as an integral and embedded part of all its activities. Effective management of QUT’s compliance obligations, through a risk-based approach, ensures that the University's strategic direction and corporate objectives are pursued in a lawful and sustainable manner. (2) Consistent with principles of good governance, QUT has a responsibility to identify and comply with all relevant laws, regulations and other externally imposed requirements, e.g. higher education standards or codes of relevant industry or regulatory bodies. QUT achieves this through the implementation of a University-wide compliance management system based on ISO 37301:2021: Compliance management systems. (3) The QUT Compliance Management System applies to all QUT activities to which external compliance obligations are relevant. (4) Key elements of QUT's Compliance Management System are the: (5) QUT's Compliance Management System (QUT staff access only) provides detailed information on the management of compliance obligations, the compliance risk management process, the roles and responsibilities of key stakeholders, and documentation and reporting requirements. (6) At the time of occurrence, all incidents of non-compliance must be assessed. Where a non-compliance incident is assessed as having a consequence that is higher than insignificant (as described in the Enterprise Risk Consequence Matrix), the issue must be reported to the primary responsible officer. This officer will determine if adjustments to compliance procedures and risk treatments are required, and whether a report should be made to Risk and Audit Committee. (7) The primary responsible officer is also required to oversee and monitor any remedial action or adjustments to compliance risk management activities (including policies, procedures and processes) which may be required in light of the non-compliance incident. (8) A summary of all incidents of non-compliance must be included in annual compliance return reporting. (9) Refer to Register of Authorities and Delegations (C004, VC001, VC002, VC003, VC148, VC189, VC190) (QUT staff access only).Compliance Policy
Section 1 - Purpose
Section 2 - Application
Section 3 - Roles and Responsibilities
Top of Page
Position
Responsibility
All staff
Comply with compliance obligations relevant to their position and duties, while undertaking their duties in a lawful and safe manner, in accordance with the QUT Code of Conduct - Staff, and the principal of respect for the law.
Vice-President (Administration) and University Registrar
Oversees the development and implementation of a compliance management system, and designates primary responsible officers for each compliance obligation.
Primary responsible officer
Secondary responsible officers
Develop and implement processes and procedures to address or mitigate compliance risks on a day-day basis, for a particular compliance obligation.
Director, QUT Governance
Reports annually to Risk and Audit Committee on the implementation of the Compliance Management System.
Risk and Audit Committee
Section 4 - Compliance Management System
Section 5 - Non-Compliance and Reporting
Section 6 - Definitions
Term
Definitions
Compliance Risk Management
Is the program of activities to address or mitigate compliance risk, including the establishment of culture, policy, procedures and processes.
Compliance Risk
Is the risk of exposure to legal or financial penalties or other material losses (including reputational damage) due to a failure to prevent, detect or reduce the undesired or unacceptable effects of non-compliance with external laws, regulations and other externally imposed requirements.
Primary Responsible Officer
Is the senior officer with accountability, responsibility and authority for co-ordination and oversight of compliance risk management activities for their particular compliance obligation.
Section 7 - Delegations
View Document
This is the current version of this document. To view historic versions, click the link in the document's navigation bar.
Raises awareness and understanding of their compliance obligation(s) and the development and implementation of compliance risk management activities (including training, processes and procedures).
Ensures that adequate resources are allocated to enable appropriate and effective management of the compliance risk, including the ongoing monitoring and review of the adequacy and effectiveness of compliance risk management activities.
Appoints secondary responsible officers (where appropriate).
Oversees continuous improvement activities, including remedial actions where necessary.Develops, approves and implements a program for the management of compliance risk at the University.
Provides support and collaborates with primary responsible officers to raise awareness of compliance obligations, and assists with the development and implementation of compliance risk management activities by responsible officers.
Monitors laws, regulations and other relevant requirements, including identification of new obligations or material changes to existing obligations.
Provides advice (including statutory interpretation) on new and existing compliance obligations.
Establishes and maintains a Register of Compliance Obligations and approves the entries in the Register.
Facilitates annual reporting on the management of compliance obligations and the development and implementation of compliance risk management activities.
Assesses the adequacy and effectiveness of the University’s internal controls, including the risk management and compliance frameworks in accordance with the Risk and Audit Committee Charter.
Receives on behalf of Council, an annual report and any additional reports prepared as required.
Identifies and requests follow up action on any issues of concern of non-compliance.