Responsibilities for management and reporting of non-compliance
All staff have a duty to report incidents of non-compliance to a designated responsible officer or their operational manager. Officers designated as responsible officers for specific compliance obligations have primary responsibility for the identification, management and reporting of any incidents of non-compliance relating to their obligation. Senior and operational managers are also responsible for compliance in their organisational areas, which includes the management and reporting of non-compliance.
Management of critical incidents of non-compliance
Non-compliant incidents posing an immediate critical risk to staff, students or infrastructure should be managed in accordance with the University's Emergency Procedure Manual (QUT Access only) . This may require urgent reporting of the incident to the Security Manager and/or the Associate Director, HR Health and Safety Advisory Services. The Registrar should also be immediately advised of all such incidents.
Management of major incidents of non-compliance
A major incident of non-compliance may be defined as one which:
- presents a high risk to the University community and/or infrastructure;
- is difficult to remedy without additional resources or considerable changes to existing processes;
- is likely to be recurrent;
- is likely to have a significant financial, reputational or operational impact on the organisational area or the University.
Major incidents of non-compliance are expected to be managed through existing division or faculty level processes, in particular the University's strategic planning and risk management processes in consultation with the relevant executive dean or head of division.
Management of minor incidents of non-compliance
A minor incident of non-compliance may be defined as one which:
- presents only a low risk to an organisational area or the University;
- can be remedied swiftly, conclusively and within existing processes and resources;
- is not recurrent; and
- has no lasting repercussions for the organisational area or the University.
Minor incidents of non-compliance are expected to be managed through existing operational-level processes. Remedial action will be determined in the context of usual management processes, and may include any of the following:
- review of processes and procedures to identify and remedy weaknesses;
- improvement of controls for activities or processes causing non-compliance;
- implementation of training sessions to inform relevant staff of their duties in administering compliance obligations;
- development or review of procedure manuals to ensure processes are adequate; and
- involvement of other sections of the University, for example, Assurance and Risk Management Services, Health and Safety Advisory Services or the Policy and Compliance Manager, to review processes and provide advice as required.
Reporting incidents of non-compliance
Responsible officers are required to identify and maintain records of all non-compliance incidents within their designated obligations. Formal reporting on non-compliance incidents and their management is done on an annual basis at the faculty or divisional level through the strategic planning and risk management processes.
Information received from responsible officers during this process is used to advise the University's Audit and Risk Management Committee of high risk non-compliance incidents or significant compliance trends. Actions may be taken on the basis of this reporting by Audit and Risk Management Committee or senior management to clarify any non-compliance incidents which have not been satisfactorily addressed by an organisational area.
A staff member who wishes to report any incident of non-compliance should approach either the relevant designated responsible officer if the incident relates to a specific obligation, or to their operational manager if the incident relates to an operational matter.
Further information and advice
Further information or advice on managing and reporting non-compliance can be obtained from the Policy and Compliance Manager on 3138 2902 or compliance@qut.edu.au.