Risk Oversight and Management

We are committed to promoting and enhancing a culture of proactive risk management, supported by robust and transparent governance and oversight.


Our Risk Appetite Statement supports effective risk management and decision-making processes through clear articulation of the level of risk that we are willing to accept as an organisation. This supports our commitment to better practice risk management, in alignment with s.16 of the Public Governance, Performance and Accountability Act 2013 and the Commonwealth Risk Management Policy.


We take a continuous improvement approach towards risk management that aligns with better practice principles and is consistent with the International Standard ISO 31000:2018 Risk Management — Guidelines.

We embed risk management practices into our organisational frameworks through implementing our Risk Management Standard to identify and treat risks to within acceptable levels. Our day-to-day operational risks are managed in accordance with the risk management processes that are embedded into our organisational frameworks. These clearly articulate the accountability, responsibility, and delegation for managing risks within each risk domain.

We have also established appropriate and effective mechanisms to communicate, escalate and report risk information for management attention and decision-making. Our risk management approach comprises 3 layers of risk management activity as illustrated below.

The framework encompasses the risk governance structure across Airservices, the risk strategy and appetite, risk culture and behavioural expectations, and supporting framework and processes governing risk assessment, monitoring and reporting.


We perform an integral role in the Australian aviation industry and continue to operate in an inherently volatile, uncertain, and complex environment. While exposure to risk is an inherent part of our operations, effective risk management contributes to enhanced risk-based decision-making. We also acknowledge that there are strategic risks that we need to proactively manage in order to achieve our objectives. Our risk appetite reflects that need, particularly around embracing and investing in new and innovative services and solutions to meet community and industry changes. Our external risk considerations include climate change, evolving regulations, emerging technology trends, changes to the domestic and international economic environment, and our role in the broader aviation industry. Daily, we proactively manage a wide range of risks associated with our operational activities.

Responding to these diverse risks requires us to ensure the integrity of our safety and environment management systems and service delivery to maintain long-term sustainability. We continuously improve our operating systems, embrace innovation to unlock economic growth, and invest in new services, infrastructure and technologies to support the recovery of the aviation industry.


The Enterprise Governance, Risk and Compliance reporting to the Executive Committee draws together the pillars of good governance, risk intelligence, and compliance management across our lines of business, performance domains and transformation investment outcomes, supported by a range of assurance activities, internal insights and external trends. In addition, deep dives into enterprise risks are also presented periodically, driving risk transparency, constructive challenging and a positive risk culture from the executive level.

Quarterly reporting to the Board Audit and Risk Committee for review and oversight assists our leaders make decisions to address major threats and to seize opportunities in a timely manner.

In addition, we apply the 3 lines of assurance model to ensure our key controls are effective in managing risk. Assurance activities are layered across the 3 lines and embedded within our organisational frameworks. These assurance activities provide confidence to the leadership team, the Board Audit and Risk Committee and our stakeholders that risks are being managed, control deficiencies are being addressed, and compliance obligations are being met.