2017–18 Annual Report - Part 4: Management and accountability

Enabling legislation

The Australian Radiation Protection and Nuclear Safety Act 1998 (the ARPANS Act) establishes the Office of the Chief Executive Officer (CEO) of ARPANSA. The Act also establishes ARPANSA, which is a non‑corporate Commonwealth entity under the Public Governance, Performance and Accountability Act 2013 (PGPA Act).

Corporate governance

The ARPANS Act and the PGPA Act are the foundation of ARPANSA’s governance practices.

Our corporate governance framework enables effective strategic planning, risk management and performance monitoring to support achievement of our strategic objectives. Our core governance structure includes three statutory advisory bodies and two senior committees that are supported by a number of management committees.

Advisory bodies

The ARPANS Act establishes the Radiation Health and Safety Advisory Council (Council), the Radiation Health Committee (RHC) and the Nuclear Safety Committee (NSC) to advise the CEO of ARPANSA.

Radiation Health and Safety Advisory Council

The role of Council in relation to radiation protection and nuclear safety is to identify emerging issues; examine matters of major concern to the community; consider the adoption of recommendations, policies, codes and standards; advise and report to the CEO, at the CEO’s request or as Council considers appropriate, on the above and any other matters. During 2017–18, the Council met on two occasions: 16–17 November 2017, and 6–7 March 2018.

Radiation Health Committee

The role of RHC in relation to radiation protection is to advise the CEO and the Council; develop policies and to prepare draft publications for the promotion of uniform national standards; formulate draft national policies, codes and standards for consideration by the Commonwealth, the states and the territories; from time to time, to review national policies, codes and standards to ensure that they continue to substantially reflect world best practice; and consult publicly in the development and review of such policies, codes and standards. During 2017–18, the RHC met on two occasions: 15 November 2017 and 14 March 2018.

Nuclear Safety Committee

The role of NSC in relation to nuclear safety and the safety of controlled facilities is to advise the CEO and the Council; review and assess the effectiveness of standards, codes, practices and procedures; develop detailed policies and prepare draft publications to promote uniform national standards. During 2017–18, the NSC met on three occasions: 20 October 2017, 16 March 2018 and 22 June 2018.

Senior committees

At the strategic level, the CEO is advised by two key committees:

Audit and Risk Committee

The PGPA Act requires Commonwealth entities to establish an audit committee. ARPANSA’s Audit and Risk Committee provides independent assurance and advice to the CEO on the agency’s financial reporting, performance reporting, system of risk oversight and management, and system of internal control.

The Audit and Risk Committee comprises four members, three of whom are independent external members (including the Chair) and one ARPANSA member. Representatives from the Australian National Audit Office (ANAO) and the agency’s internal auditor, RSM Australia Pty Ltd, also attend meetings. The CEO is an observer on the committee and other senior managers may attend meetings as observers when required to report on particular matters. The Audit and Risk Committee met five times in 2017–18.

Strategic Management Committee

The Strategic Management Committee (SMC) considers the threats and opportunities that may influence the strategic direction of the agency and contributes at key times throughout the year to ARPANSA’s planning and performance framework. The SMC met four
times in 2017–18 and comprises the CEO (Chair), branch and office heads, and two external members appointed by the CEO.

Management committees

ARPANSA has in place a number of management committees to ensure effective decision‑making, management and oversight of the agency’s operations and performance.

Executive Group

The Executive Group (EG) is ARPANSA’s operational management forum. The EG is responsible for monitoring the key tactics and activities used to implement agency business plans. The EG met ten times in 2017–18 and comprises the CEO (Chair), and branch and office heads.

Work Health and Safety Committee

The Work Health and Safety (WHS) Committee provides the agency with a consultative mechanism to enable management and worker contributions to WHS improvements across all operations. The WHS Committee comprises the CEO (Chair), Health and Safety Representatives, management representatives, and the WHS Advisor/Radiation Safety Officer. Other subject matter experts may participate in meetings as required. The WHS Committee met four times in 2017–18.

The Radiation Safety Committee

The Radiation Safety Committee operates as a sub-committee to the WHS Committee and is chaired by the Radiation Safety Officer and comprises of Radiation Protection Advisors from across the agency. The committee provides the agency with a mechanism to monitor, review and improve practices in relation to the safe management of radiation sources and associated activities. The Radiation Safety Committee met four times in 2017–18.

Agency Security Group

The Agency Security Group (ASG) oversees the development and implementation of a protective security program across ARPANSA to ensure our policies, procedures and practices comply with the Commonwealth’s Protective Security Policy Framework.

The ASG met six times in 2017–18, and comprises the Security Executive (Chair), the Agency Security Adviser, the Chief Information Officer, the IT Security Adviser, and the Facilities Manager. Other subject matter experts may participate in meetings as required.

International Coordination Group

In 2017–18 the International Coordination Group (ICG) was established to lead the implementation of ARPANSA’s International Engagement Strategy which aims to align the agency’s international engagement priorities with whole-of-government priorities, sharpening our capacity to shape the broader radiation protection and nuclear security and safety environment in which we operate. The ICG met four times in 2017–18.

Project Management Advisory Group

The Project Management Advisory Group (PMAG) provides a centralised coordination and support function to agency projects to achieve alignment of projects with ARPANSA’s strategic objectives and ensure consistent application of project management practices across the agency. The PMAG comprises the Director of Performance and Governance (Chair) and six staff with project management expertise. The PMAG met six times in 2017–18.

Staff Consultative Forum

ARPANSA’s enterprise agreement continues to provide for a Staff Consultative Forum (SCF) as the key employee consultative body. The SCF comprises the CEO, nine employees elected by staff and a representative from each of the unions supporting ARPANSA staff. The SCF met on six occasions in 2017–18 to discuss a range of issues relating to management of the agency.

Digital Transformation Advisory Group

The Digital Transformation Advisory Group (DTAG) is responsible for leading the investigation of digital transformation at ARPANSA. The DTAG has established focus area teams to research our user’s experience, innovative service delivery, productivity improvement and the building of our digital capability.

The DTAG comprises the Branch Head of Medical Radiation Services (Chair), Branch Head of Radiation Health Services, Chief of Staff, Head of Corporate Office and the Chief Information Officer. The DTAG met four times in 2017–18.

The highlight of the past year was a cross‑agency exercise run in March 2018, where staff from many areas were drawn together to consider innovative ways to use digital technology to improve agency outcomes. The exercise reinforced the benefit of using smart forms and workflow capabilities to not only provide improved service delivery for our customers, but also provide faster and more efficient internal services for multiple work groups within the agency.

The DTAG has engaged with the Digital Transformation Agency to exploit internal government resources to ensure all available resources are leveraged for an optimally efficient progression into the digital environment.

Accountability and risk management

Accountable authority

Under the PGPA Act the CEO of ARPANSA is the accountable authority. The CEO discharges their governance obligations through their involvement in ARPANSA’s planning, performance reporting and risk management activities.

Planning

ARPANSA has an integrated planning, budgeting and performance reporting process that is informed by risk. Our integrated annual planning cycle ensures alignment of our strategic priorities, operational activities, resource allocation and performance measures. This results in clear linkages between our key planning documents, including the corporate plan, portfolio budget statement and agency business plans.

The SMC oversees the planning process and preparation of the corporate plan. Progress against the measures and other commitments outlined in our key planning documents is monitored and reported to management and the Audit and Risk Committee.

Performance reporting

Our non-financial performance measures are detailed in both our corporate plan and portfolio budget statement. They include several measures that meet our performance reporting obligations under the Regulator Performance Framework. We produce quarterly internal reports on our non-financial performance. These reports are presented to management and the Audit and Risk Committee at the end of each quarter.

In 2017–18 ARPANSA undertook a comprehensive review of our non-financial performance measures, and we will continue to make incremental changes to our measures over the next 12 months, with the aim to embed best practice performance management, leading to more meaningful and reliable reporting on our achievements against our purpose.

Financial performance is reported separately through monthly internal financial reports to management, and to the Audit and Risk Committee at the end of each quarter. Our performance reporting culminates in the publication of our annual report, inclusive of the annual performance statement (at Part 3) and financial statements (at Part 5), and our Regulator Performance Framework externally‑validated self-assessment report available on the ARPANSA website. Several other mechanisms assist management to monitor performance in a wider context:

  • the Audit and Risk Committee requires management to regularly provide evidence of performance against the mandatory elements of the PGPA Act and other relevant legislation
  • ARPANSA’s internal audit program, informed by risk and overseen by the Audit and Risk Committee, is focused on compliance performance and systems of internal control
  • ARPANSA’s quality audit program, a crucial part of maintaining ISO/IEC 17025 certification for our laboratories, monitors operational performance against the requirements of the relevant standards captured in the documented management system.

Risk management

ARPANSA has a comprehensive Risk Management Framework that aligns responsibility and accountability for risk across the agency. Risk management is integrated into our business planning processes which enables effective identification and management of risks that could impact on the agency achieving its outcomes or otherwise cause it harm.

ARPANSA’s Risk Management Framework aligns with broader requirements such as the Commonwealth Risk Management Policy 2014 and the international standard on risk management (AS/NZS ISO 31000), and meets the requirements of Section 16 of the PGPA Act.

During this reporting period, ARPANSA implemented an enhanced risk management framework and risk management training program to ensure staff understand their roles and responsibilities under the PGPA Act. In 2017–18 ARPANSA achieved an ‘advanced’ level of maturity in the Comcover Risk Management Benchmarking Survey. This is a great achievement for ARPANSA as it indicates positive progress in building our risk management capability and it reflects how well the new fit-for-purpose framework has been implemented and embedded into business processes.

Audit and fraud control

External audits

National Association of Testing Authorities

ARPANSA has seven laboratories that maintain National Association of Testing Authorities (NATA) accreditation against the ISO/IEC 17025 standard. During 2017–18, NATA conducted two audits of the following services:

  • Personal Radiation Monitoring Service (PRMS)
  • Ionising Radiation Calibrations (IRC).

The audits monitored the continuing compliance of these services with the requirements for accreditation against ISO/IEC 17025, and included a review of the scope of services for both laboratories.

Of note, NATA assessed the new Optically Stimulated Luminescence (OSL) and Track Analysis System Ltd (TASL) dosimetry technology commissioned by PRMS in 2016–17. The new OSL-TASL system was deemed to meet the requirements of ISO/IEC 17025 and was certified by NATA as an accredited dosimetry service. With the new system in place, the previous thermoluminescent dosimeter technology has been phased out and will be decommissioned next financial year.

All audit findings were responded to, and deemed acceptable by NATA and accreditation of the PRMS and IRC services was continued.

Australian National Audit Office

During this reporting period, the ANAO conducted an audit of ARPANSA and five other agencies’ performance on Mitigating Insider Threats through Personnel Security. The audit findings identified two key recommendations for ARPANSA:

  • ARPANSA review their policies and procedures for eligibility waivers to ensure they are compliant with Protective Security Policy Framework (PSPF) mandatory controls.
  • ARPANSA implement the PSPF requirement to undertake an annual health check for clearance holders and their managers.

At the end of this reporting period ARPANSA had addressed the first recommendation. Work is continuing in order to address the second recommendation by the end of 2018. The full report findings including ARPANSA’s responses are available at https://www.anao.gov.au/ work/performance-audit/mitigating-insiderthreats- through-personnel-security.

Internal audits

Primary responsibility for internal audit arrangements within the agency rests with the Corporate Office under the broad direction of the agency’s Audit and Risk Committee. ARPANSA has a robust internal governance and control framework to establish and maintain appropriate systems and internal controls for the oversight and management of risk.

In 2017–18, ARPANSA’s internal auditors, RSM Australia Pty Ltd, completed four audits to assess the adequacy of processes and controls in place for the following areas:

  • risk management
  • privacy and freedom of information
  • compliance management
  • asset management.

The audit findings, which include opportunities to further strengthen ARPANSA’s internal systems and controls, have informed revision of our risk management framework and the implementation of a new compliance management framework.

Significant non-compliance issues

ARPANSA management acknowledges their responsibility for ensuring compliance with the provisions of the PGPA Act and requirements related to finance law.

ARPANSA has complied with the provisions and requirements of the:

  • PGPA Act 2013
  • Public Governance, Performance and Accountability Rule 2014 (PGPA Rule)
  • Appropriation Acts
  • other instruments defined as finance law including relevant ministerial directions.

ARPANSA did not identify any significant non-compliances with finance law during the reporting period.

All instances of non-compliance are reported to the Audit and Risk Committee. Where insignificant non-compliances were identified, they were managed in accordance with our policies and procedures.

Fraud minimisation strategies

During 2017–18, the agency continued a rolling program to assess fraud risks embedded in ARPANSA’s overarching risk management framework. Treatment strategies are developed and monitored as part of that process in compliance with section 10 of the PGPA Rule. Results of the fraud risk assessment process are used to inform the development of the internal audit schedule. No instances of fraud were identified during 2017–18.

Disability reporting mechanisms

Since 1994, non-corporate Commonwealth entities have reported on their performance as policy adviser, purchaser, employer, regulator and provider under the Commonwealth Disability Strategy. In 2007–08, reporting on the employer role was transferred to the Australian Public Service Commission’s State of the Service reports and the APS Statistical Bulletin. These reports are available at apsc.gov.au. From 2010–11, entities have no longer been required to report on these functions.

The Commonwealth Disability Strategy has been overtaken by the National Disability Strategy 2010–2020, which sets out a 10 year national policy framework to improve the lives of people with disability, promote participation and create a more inclusive society. A high-level, two-yearly report will track progress against each of the six outcome areas of the strategy and present a picture of how people with disability are faring. The first of these progress reports was published in 2014, and can be found at dss.gov.au.

Work health and safety

ARPANSA’s commitment to safety through protecting the Australian people and the environment from the harmful effect of radiation, is second to none and we are equally committed to utilising our expertise to develop a leading work health and safety (WHS) framework within the agency.

On 23 November 2017, ARPANSA was recognised as a SunSmart workplace for its commitment to protect staff from overexposure to ultraviolet (UV) radiation. As part of the SunSmart workplace initiative, ARPANSA has developed a procedure on UV radiation and provided
education and training to staff, contractors and visitors to ensure workers recognise the risks of UV radiation, and most importantly to ensure our workers stay safe in the sun.

Throughout 2017–18 ARPANSA completed the corrective actions associated with the Comcare audit of our safety management system. Actions implemented included enhancing our WHS procedures and delivering in-house WHS training courses for managers to enable them to understand their responsibilities under the Work Health and Safety Act 2011 (Cth) (WHS Act) and their role to improve WHS performance.

ARPANSA continues its program of regular WHS inspections and resulting improvements. During 2017–18 the agency completed all planned WHS inspections in accordance with the revised environmental and holistic safety inspection program.

Hazard and incident reporting

ARPANSA has a strong commitment to preventing work health and safety incidents occurring, understanding the importance of preventative measures and applying timely and appropriate corrective actions when incidents or hazards do arise.

During 2017–18 the agency continued to foster a positive safety reporting culture which saw an increase in the number of reported hazards. A total of 36 report cards were submitted for the 2017–18 period, which was more than twice the original target for the year.

In 2017–18 there was a total of 15 incidents reported, which included seven hazards, seven minor incidents and one incident notified to Comcare with respect to the agency’s statutory obligation under section 35 of the WHS Act.

Workers compensation

One workers compensation claim was made during the 2017–18 year. No lost time was reported.

Investigations or notices given

There were no investigations initiated or notices given in 2017–18.

Accountability

External scrutiny

Judicial review

During 2017–18, the agency was involved in one matter before the Federal Court and no matters before the Full Federal Court or the Administrative Appeals Tribunal.

Reports by the Auditor-General, Parliamentary Committees or Commonwealth Ombudsman

As at 30 June 2018, no reports were made by Parliamentary Committees regarding ARPANSA for the year 2017–18. During the reporting period ARPANSA was a selected agency reviewed in the Auditor-General’s Performance Audit: Mitigating Insider Threats through Personnel Security.

During 2017–18, there were no complaints made to the Commonwealth Ombudsman against the agency. There are no earlier complaints which remain open.

Freedom of Information

Agencies subject to the Freedom of Information Act 1982 (FOI Act) are required to publish information to the public as part of the Information Publication Scheme. This requirement is in Part II of the FOI Act and has replaced the former requirement to publish a section 8 statement in an annual report. Each agency must display on its website a plan showing what information it publishes in accordance with the Information Publication Scheme requirements.

ARPANSA, as an Australian Government agency, is subject to the FOI Act and is required to comply with the Information Publication Scheme provisions. ARPANSA has developed an agency plan describing ARPANSA’s compliance with Information Publication Scheme provisions as required by section 8(1) of the FOI Act.

Feedback on this plan can be provided by contacting the Freedom of Information (FOI) Coordinator at:

The FOI Coordinator ARPANSA
PO Box 655
MIRANDA NSW 1490
foiatarpansa.gov
(03) 9433 2211

Documents released by ARPANSA in response to FOI requests can be found on the Disclosure Log at arpansa.gov.au/disclosure.

Statistics

ARPANSA received ten FOI requests during the reporting period.