Compliance Framework
Western Sydney University’s compliance framework illustrates the relationship between the strategic and operational components of its compliance management program (opens in a new window), overarching benchmarks, and compliance risk management.
Please click on the diagram to enlarge image.
The University’s compliance framework is based on three main benchmarks:
- International Standard of ISO 19600;
- University’s objectives as outlined in its Securing Success plan; and
- Good governance principles i.e. endorsement of the Program from its relevant governing body, the Audit and Risk Committee, where the Compliance Program Unit (“CPU”) regularly liaises with the Committee either through specific papers or a dotted reporting line through the University Secretary and General Counsel.
Three lines of responsibility
The Framework and Program operates on the three lines of responsibility.
The success of a framework, and the Program therein, is contingent upon ensuring clear roles and responsibilities across the University.
Please click on the diagram to enlarge image.
The Compliance Policy (opens in a new window) establishes the overarching principles and commitment to action for the University to achieve compliance. It is also based on ISO 19600 principles, endorsed by the ARC, and is a genuine reflection of the values of the University. It has a strong relationship with other conduct policies, such as the University’s Code of Conduct.
The Compliance Strategic Priorities (currently 2023-2026) is the 3 year plan of the CPU that centres on maturing the Compliance Management Program (opens in a new window) to incorporate all 12 components of a mature compliance model to its highest (and desired) level - Level 5 - Embedded.
- Download the 2019-2022 Strategic Priorities (opens in a new window)
- Download the 2015-2018 Strategic Priorities (opens in a new window)
Annual Compliance Plans (not yet developed)
Annual compliance plans (also known a compliance business plans) intend to set out the objectives, tasks, and key performance measures of the CPU for the year. It essentially is the practical work plan for the CPU and/or specific operational units as it relates to legislation, operational compliance, and mitigating controls for the next 12 months, what it will do, why, and what success looks like.
Policies, training, tools
As part of the framework, the CPU acts as a consultant and business partner to business and academic units across the University in developing policies, procedures, guidelines, training, and other reporting and monitoring tools.
Unlike the overarching compliance policy, which is owned and authored by the CPU, operational compliance policies, such as those addressing privacy, conflicts of interest, behaviour etc, are designed to address specific compliance risks within the University, and owned throughout by different units.
As with operational compliance policies, the CPU also acts as a consultant and business partner on particular procedures, guidelines, and training, which provide detailed operational support to implementing an operational compliance policy. The CPU may also assist in creating clear infographics, diagrams, and flowcharts, to greatly enhance comprehension of a procedure and increase compliance.
While the CPU is primarily involved in mandatory or enterprise-wide training that apply to all staff, and the associated monitoring and reporting, the CPU is available to consult on more niche or targeted training to ensure compliance goals are being met and are linked to / consistent with the mandatory training where relevant.
Mobile options:
