The primary risks identified for the portfolio relate to the department demonstrating that it can effectively implement risk based regulatory regimes and that it follows through on the implementation of agreed recommendations from the large number of review activities it undertakes or are undertaken externally of it. Failure to implement agreed recommendations would result in a risk to the department’s ability to provide Parliament assurance that it is using its resources appropriately to manage regulatory risk.

The primary risk identified for the portfolio relates to effectiveness and compliance risks for the department’s whole-of-government regulatory frameworks, particularly with respect to the Protective Security Policy Framework (most notably in relation to cyber security risks), resulting in a risk of inappropriate security mitigation strategies across the sector.

The primary risk identified for the ATO relates to the return on investment for new policy funded compliance activities and its effectiveness when delivering programs with or for other agencies where the activity does not easily fit within its tax administration framework.

The primary risks identified for this portfolio relate to the oversight of government investments (particularly those relating to equity, concessional loans and guarantees) and the department demonstrating that it can effectively implement risk based regulatory regimes and that it follows through on the implementation of agreed recommendations from the large number of review activities it undertakes or are undertaken externally of it.

Cross-entity audits are performance audits of the same activity in a number of entities or the administration of a program by a number of entities.

The primary risks identified for the portfolio relate to Defence’s ability to: anticipate, prepare for and respond to threats to Australia’s interests; acquire and sustain capability while avoiding the emergence of capability gaps and meeting sovereign capability requirements (and managing optimism bias in reporting); recruit and mobilise a large, distributed and traditionally siloed workforce to effectively work as ‘One Defence’; and meet expectations of its ability to respond to environmental and other disasters.

The primary risks identified for the portfolio relate to managing the legislative changes to child care subsidy and ensuring the affordability of child care services. Specific risks in the Education portfolio relate to governance, service delivery and financial management.

The primary risk identified for the portfolio relates to the implementation of the new employment services model which is a major change in delivering key services to the community. Specific risks in the Employment and Workplace Relations portfolio relate to service delivery, regulation and financial management.

The primary risk identified for the portfolio relates to the department managing the effectiveness and compliance risks for its whole-of-government regulatory frameworks, particularly with respect to the proper use of resources under its procurement and grants frameworks.

The primary risk identified for the portfolio relates to the management and oversight of the distributed network of overseas posts. Coordinated operation is required for these posts to operate most effectively during international events such as responding to the COVID-19 pandemic.

The primary risks identified for the portfolio relate to the need to learn the lessons from the COVID-19 pandemic with respect to the importance of risk-based planning and the department’s management of service delivery through third parties, in order to ensure that the resources allocated achieve the outcomes that the government is seeking.

Portfolio risks predominantly relate to ensuring consistent compliance with governance frameworks including in exercising departmental and agency powers, contract and procurement management and critical infrastructure security. Inconsistent compliance can lead to a failure to deliver policy objectives.

The primary risks identified for the portfolio relate to the management of physical assets and the department’s responsibilities for the Business Grants Hub delivering grant program outcomes in a manner consistent with the Commonwealth Grants Rules and Guidelines (CGRGs), in order to ensure that the resources allocated achieve the outcomes that the government is seeking.

The primary risks identified for the portfolio relate to: the need for effective oversight of the 30 highly diverse companies and other entities; and the department undertaking procurement and grants activities so as to achieve desired outcomes in a manner consistent with the relevant rule frameworks in order to ensure that the resources allocated achieve the outcomes that the government is seeking.

The primary risk identified for the NDIA relates to scheme integrity and sustainability. Specific risks in the NDIA relate to governance, service delivery, procurement and financial management.

In the parliamentary departments, considerations are predominantly related to ensuring the safe, secure and efficient functioning of the Parliament and delivering effective support for parliamentarians. This will include risks relating to achieving value-for-money procurement, cyber resilience, effective security compliance and controls, asset management and sustainment, and information management.

The primary risk identified for the department is effective risk preparedness for whole of government crisis management. The primary risks identified for NIAA relate to demonstrating that the delivery of services to Aboriginal and Torres Strait Islander peoples is achieving desired outcomes and ensuring good governance of the corporate entities through which many services are delivered.

The primary risk identified for Services Australia relates to the implementation and management of new and existing ICT systems for service delivery, including ensuring effective cyber security. As the key payment delivery entity, this would ensure that effective ongoing services are provided to the community.

The primary risks identified for the portfolio relate to the department gaining assurance over services delivered for it by others (in particular Services Australia and through states and territories) and the department’s responsibilities for the Community Grants Hub delivering grant program outcomes in a manner consistent with the Commonwealth Grant Rules and Guidelines (CGRGs), in order to ensure that the resources allocated achieve the outcomes that the government is seeking.

The primary risks identified for the portfolio relate to the management of the Australian Government’s balance sheet, including debt and the increasing use of ‘alternative financing’ approaches.

The primary risk identified for the portfolio relates to DVA’s ability to provide efficient and effective support, services and information for its clients.