Compliance Framework
Western Sydney University’s compliance framework sets out the relationship between the strategic and operational components of its Compliance Management Program, its governing benchmarks, and its approach to compliance risk management. This Framework also covers The College.
Framework Foundations
The University’s Compliance Framework is informed by three key benchmarks:
- International Standard ISO 19600
- University strategy, as outlined in the Securing Success plan
- Good governance principles, including oversight by the Audit and Risk Committee (ARC), with the Compliance Program Unit (CPU) providing regular reporting and engagement through formal papers and via the General Counsel and University Secretary
The University’s compliance framework is based on three main benchmarks:
- International Standard of ISO 19600;
- University’s objectives as outlined in its Securing Success plan; and
- Good governance principles i.e. endorsement of the Program from its relevant governing body, the Audit and Risk Committee, where the Compliance Program Unit (“CPU”) regularly liaises with the Committee either through specific papers or a dotted reporting line through the University Secretary and General Counsel.
Three Lines of Responsibility
The Framework operates on a three lines of responsibility model.
Its effectiveness is dependent on clearly defined roles and accountabilities across the University, ensuring that compliance obligations are appropriately owned, implemented, and overseen.
Compliance Policy
The Compliance Policy establishes the University’s overarching principles and commitment to compliance. It is aligned with ISO 19600, endorsed by the ARC, and reflects the University’s values.
It operates alongside key conduct frameworks, including the University’s Code of Conduct.
Compliance Strategic Priorities
The Compliance Strategic Priorities set the three-year direction of the Compliance Program Unit.
They focus on maturing the Compliance Management Program across all 12 components of a mature compliance model, with the objective of achieving Level 5 – Embedded maturity.
- Download the 2023-2026 Strategic Priorities(current)
- Download the 2019-2022 Strategic Priorities
- Download the 2015-2018 Strategic Priorities
Annual Compliance Plans (in development)
Annual Compliance Plans (also referred to as compliance business plans) will set out the CPU’s annual objectives, deliverables, and performance measures.
They provide a practical roadmap for compliance activities across the next 12 months, including:
- key legislative obligations
- planned control activities
- priority risk mitigation initiatives
- measures of success
As part of the Framework, the CPU acts as a central consultative and assurance function, supporting both academic and professional units.
Policy and governance support
While the CPU owns the overarching Compliance Policy, operational compliance policies (e.g. privacy, conflicts of interest, conduct) are owned by relevant business units and address specific compliance risks.
The CPU provides advisory input to support the design and alignment of these policies within the broader framework.
Procedures, guidance and tools
The CPU partners with business units to develop:
- procedures and guidelines
- reporting and monitoring tools
- infographics, process maps, and flowcharts to support practical implementation
Training and capability
The CPU consults on Enterprise mandatory compliance training, including associated monitoring and reporting where required.
It also provides advisory support for targeted or specialised training to ensure:
- alignment with compliance obligations
- consistency with enterprise training frameworks
- effective capability uplift across the University